Skip to content

Instantly share code, notes, and snippets.

View liwsakilive's full-sized avatar
💭
I'm Happy

Liwsaki Live liwsakilive

💭
I'm Happy
5 followers · 21 following
View GitHub Profile
@liwsakilive
liwsakilive / sysctl-proxmox-tune.conf
Created June 18, 2022 20:39 — forked from sergey-dryabzhinsky/sysctl-proxmox-tune.conf
Most popular speedup sysctl options for Proxmox. Put in /etc/sysctl.d/
###
# Proxmox or other server kernel params cheap tune and secure.
# Try it if you have heavy load on server - network or memory / disk.
# No harm assumed but keep your eyes open.
#
# @updated: 2020-02-06 - more params used, adjust some params values, more comments on params
#
### NETWORK ###
@liwsakilive
liwsakilive / gist:63f50af41a5b00d236a02ae44d2987fb
Created January 25, 2022 18:41 — forked from lovellfelix/gist:7aa7edfc45605650913c
Convert p2v vmware vmdk to kvm
#Convert vmware image to raw format image file
qemu-img convert -f vmdk -p -O raw machine.name.vmdk /opt/machine-name.img
#DD image into logical volume
dd if=machine-name.img of=/dev/vg_vmstore/lv_001-prod-machine-name-win001
#Use create virtual machine with existing disk
@liwsakilive
liwsakilive / nginx-tuning.md
Created August 17, 2019 17:58 — forked from denji/nginx-tuning.md
NGINX tuning for best performance

Moved to git repository: https://github.com/denji/nginx-tuning

NGINX Tuning For Best Performance

For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx.

Generally, properly configured nginx can handle up to 400K to 500K requests per second (clustered), most what i saw is 50K to 80K (non-clustered) requests per second and 30% CPU load, course, this was 2 x Intel Xeon with HyperThreading enabled, but it can work without problem on slower machines.

You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers.

@liwsakilive
liwsakilive / 60-zercle.conf
Created August 15, 2019 19:15 — forked from bouroo/60-sysctl.conf
Kernel tuning for dedicated linux server. /etc/sysctl.d/60-zercle.conf
# Kernel sysctl configuration file for Linux
# https://www.kernel.org/doc/Documentation/sysctl/
#
# Original by Michiel Klaver <https://klaver.it/linux/sysctl.conf>
# Modify by Kawin Viriyaprasopsook <[email protected]>
#
# The following is suitable for dedicated web server, mail, file server, KVM server etc.
# place file in /etc/sysctl.d/60-zercle.conf
# and run sysctl --system
@liwsakilive
liwsakilive / ddos.conf
Last active August 13, 2019 08:07 — forked from mattia-beta/ddos.conf
IPtables DDoS Protection
### 1: Drop invalid packets ###
/sbin/iptables -t mangle -A PREROUTING -m conntrack --ctstate INVALID -j DROP
### 2: Drop TCP packets that are new and are not SYN ###
/sbin/iptables -t mangle -A PREROUTING -p tcp ! --syn -m conntrack --ctstate NEW -j DROP
### 3: Drop SYN packets with suspicious MSS value ###
/sbin/iptables -t mangle -A PREROUTING -p tcp -m conntrack --ctstate NEW -m tcpmss ! --mss 536:65535 -j DROP
### 4: Block packets with bogus TCP flags ###
@liwsakilive
liwsakilive / iptables-udp-flood.txt
Created April 13, 2019 19:42 — forked from thoward/iptables-udp-flood.txt
Prevent UDP flood
# Outbound UDP Flood protection in a user defined chain.
iptables -N udp-flood
iptables -A OUTPUT -p udp -j udp-flood
iptables -A udp-flood -p udp -m limit --limit 50/s -j RETURN
iptables -A udp-flood -j LOG --log-level 4 --log-prefix 'UDP-flood attempt: '
iptables -A udp-flood -j DROP
@liwsakilive
liwsakilive / nginx-magento.conf
Last active July 24, 2018 06:55 — forked from peerapach/nginx-magento.conf
proxy_buffering on;
proxy_cache_path /var/nginx/cache levels=1:2 keys_zone=STATIC:10m inactive=24h max_size=1g;
limit_req_zone $binary_remote_addr zone=five_per_second:10m rate=5r/s;
limit_req_zone $binary_remote_addr zone=ten_per_one_minute:10m rate=10r/m;
server {
listen 80;
server_name www.yourdomain.com;