Julius Thyssen jult
🏠
jult
/ https_only
Last active
December 16, 2019 12:23
[NGINX] Redirect all hostnames and requests from http to https serverwide
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # To have port 80 requests go to their 443 equivalents for an entire webserver, put this file in /etc/nginx/conf.d/ | |
| # Note that to specify the catch-all name or default server you | |
| # need to use the *listen* directive, not the server_name directive! | |
| # See also https://nginx.org/en/docs/http/request_processing.html | |
| # | |
| # - $host catches subdomain names. | |
| # - 307 and 308 include both POST and GET request URIs. | |
| # - 307 is Temporary, change to the Permanent 308 after thorough testing: # return 308 https://$host$request_uri; | |
| server { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Being unsatisfied with the look of mc in console/terminal windows, I made this for my own use. | |
| # Version 3.7, subject to change over the years.. <[email protected]> | |
| # I N S T A L L | |
| # Put this file (jult.ini) in either of these skin-directories: | |
| # /etc/mc/skins/ | |
| # /usr/share/mc/skins/ | |
| # ~/.local/share/mc/skins/ |
jult
/ %userprofile%\AppData\Roaming\youtube-dl\config.txt
Last active
January 21, 2023 05:42
[ youtube-dl ] My most succesful config for all-round best codecs and quality
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --no-mtime | |
| --no-call-home | |
| # --ignore-errors | |
| -f "bestvideo[height>=1080]+251/bestvideo[height>=1080]+bestaudio/bestvideo[height>=720]+251/bestvideo[height>=720]+bestaudio/137+bestaudio/136+bestaudio/bestvideo+bestaudio" | |
| # Note that I output to an MKV container, despite the fact that shitty devices will not play some files | |
| # or still don't support Opus, it *is* the highest quality available: http://opus-codec.org/comparison/ | |
| --merge-output-format mkv | |
| # If you need Mac compatible MP4 uncomment the following two lines instead of the ones above. It's usually a step under max quality, but this yields true mp4 files: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Put this file under /etc/spamassassin/ and run an sa-update or reload amavis etc. | |
| # | |
| #-------------------------------------------------- | |
| # The only RBL I trust, UCEPROTECT1 (single IP, not IP-ranges or entire ISPs) http://uceprotect.net | |
| #-------------------------------------------------- | |
| header RCVD_IN_UCEPROTECT1 eval:check_rbl_txt('uceprotect1', 'dnsbl-1.uceprotect.net') | |
| describe RCVD_IN_UCEPROTECT1 Listed in dnsbl-1.uceprotect.net | |
| tflags RCVD_IN_UCEPROTECT1 net | |
| score RCVD_IN_UCEPROTECT1 1.8 |
jult
/ certbot_cloudflare_dns.sh
Last active
August 23, 2021 08:49
script to install latest certbot with cloudflare dns-01 challenge plugin (for debian 9/stretch)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # Check if user has root privileges | |
| if [[ $EUID -ne 0 ]]; then | |
| echo "You must run the script as root or using sudo" | |
| exit 1 | |
| fi | |
| ## Reconfigure Dash | |
| echo "dash dash/sh boolean false" | debconf-set-selections |
jult
/ sysctl.conf
Last active
June 17, 2025 13:38
[Debian 12 update!] sysctl config for linux server with 32 GB DDR RAM or more, SSD and 1Gbe (or faster) NIC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # IPv6 Configuration | |
| # -> note that I have disabled ip6 for our internet-connection (wan/eth0) because | |
| # -> my upstream/ISP (still) does not do IPv6. The rest, even localhost, does ip6 stuff. | |
| net.ipv6.conf.all.disable_ipv6 = 0 | |
| net.ipv6.conf.default.disable_ipv6 = 0 | |
| net.ipv6.conf.lo.disable_ipv6 = 0 | |
| net.ipv6.conf.eth0.disable_ipv6 = 1 | |
| net.ipv6.conf.wan.disable_ipv6 = 1 | |
| # Packet Forwarding |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| protocols = imap pop3 | |
| auth_mechanisms = plain login | |
| auth_cache_size = 24 M | |
| auth_cache_ttl = 18 hours | |
| disable_plaintext_auth = no | |
| listen = *,[::] | |
| log_timestamp = "%Y-%m-%d %H:%M:%S " | |
| log_path = /var/log/dovecot.log | |
| login_greeting = encrypted ready. | |
| postmaster_address = [email protected] |
jult
/ install_core_for_deb9.sh
Last active
March 31, 2018 14:04
Base install over debian 9 x64 minimal server, with certbot, webmin, csf&lfd and fail2ban
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ## Filesystem ext4 | |
| ## Run as root | |
| # Check if user has root privileges | |
| if [[ $EUID -ne 0 ]]; then | |
| echo "You must run the script as root or using sudo" | |
| exit 1 | |
| fi |
jult
/ install_ispcfg_for_deb9.sh
Last active
August 14, 2018 14:51
— forked from jniltinho/install_ispconfig_nginx_debian.sh
ISPconfig 3.x install with NGINX 1.13.x + PHP 7.1 on Debian 9 x64 (Stretch) server
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ## Install ISPConfig + NGINX + PHP 7.1 on Debian 9 x64 (Stretch) | |
| ## Filesystem ext4 | |
| ## Run as root | |
| ## Based on: https://www.howtoforge.com/tutorial/perfect-server-debian-jessie-nginx-bind-dovecot-ispconfig-3.1/ | |
| ## and: https://www.howtoforge.com/tutorial/perfect-server-debian-9-stretch-apache-bind-dovecot-ispconfig-3-1/ | |
| ## ! For Postfix config see https://www.howtoforge.com/tutorial/perfect-server-debian-9-stretch-apache-bind-dovecot-ispconfig-3-1/ | |
| # Check if user has root privileges |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| echo never > /sys/kernel/mm/transparent_hugepage/enabled | |
| echo noop > /sys/block/vda/queue/scheduler | |
| echo 0 > /sys/block/vda/queue/rotational | |
| echo 0 > /sys/block/vda/queue/rq_affinity | |
| echo 9000 > /proc/sys/vm/dirty_expire_centisecs | |
| echo 9000 > /proc/sys/vm/dirty_writeback_centisecs | |
| ethtool --offload ens3 tx-checksum-ip-generic off |