ufw-rules.sh:
#!/usr/bin/env bash
# ufw-rules.sh — Minimal AWS-SG style UFW (IPv4)
# Usage: sudo ./ufw-rules.sh
set -euo pipefail
# --- safety -------------------------------------------------------------------
lnxph-devops-sareno
/ README.md
Created
April 2, 2025 04:54
AWS S3 IP whitelisting using Bucket Policy
There are cases where we need to restrict IPs from accessing S3 bucket. But we also know that it's not possible to use Security Groups in S3 buckets. Luckily, there's a Bucket Policy where we can add IP restrictions that will act as a Firewall.
{
"Version": "2012-10-17",
"Statement": [
lnxph-devops-sareno
/ Dockerfile
Created
March 20, 2025 04:22
— forked from shyd/Dockerfile
install locales inside a docker image
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM debian | |
| RUN apt-get update && \ | |
| apt-get install -y \ | |
| locales && \ | |
| rm -r /var/lib/apt/lists/* | |
| RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \ | |
| sed -i -e 's/# de_DE.UTF-8 UTF-8/de_DE.UTF-8 UTF-8/' /etc/locale.gen && \ | |
| dpkg-reconfigure --frontend=noninteractive locales |
lnxph-devops-sareno
/ README.md
Created
July 3, 2024 09:37
Instaling WordPress+Nginx on CentOS Stream 9
$ sudo -i
$ dnf update
$ dnf install tmux -y
# Fix known issue with CentOS/Redhat. Ref: https://stackoverflow.com/a/68841102/8724367
$ setsebool -P httpd_can_network_connect 1
# Add 4GB Swap. Ref https://www.digitalocean.com/community/tutorials/how-to-add-swap-on-centos-7#create-a-swap-file
$ dd if=/dev/zero of=/swapfile count=4096 bs=1MiB
lnxph-devops-sareno
/ README.md
Created
July 3, 2024 09:33
Instaling WordPress+Nginx on Ubuntu 22.04
$ sudo -i
$ whoami
root
$ cat /etc/os-release
PRETTY_NAME="Ubuntu 22.04.3 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.3 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
lnxph-devops-sareno
/ openssl_commands.md
Created
February 1, 2024 00:47
— forked from Hakky54/openssl_commands.md
Some list of openssl commands for check and verify your keys
lnxph-devops-sareno
/ README.md
Created
January 30, 2024 09:51
— forked from stokito/README.md
Cryptography GUI tools: OpenSSL GUI, keys management, PKI, PGP/GPG GUI
Windows Certificate Manager Tool (certmgr.msc)
Manage storage for x509 keys. No support for PGP/GPG. Can't sign or encode, can't generate a key. You can use IIS webserver managemnt console to generate a cert.Proprietary
GNOME Seahorse GUI for SSH keys, X509 certs, PGP/GPG. Linux only.
$ cat <<EOT > docker-compose.yaml
version: "3"
services:
runner:
image: gitlab/gitlab-runner
restart: unless-stopped
entrypoint:
- /bin/sh
- -c
lnxph-devops-sareno
/ README.md
Last active
September 29, 2023 08:33
Nginx config for Single Page Application (SPA)
$ cat <<EOF > nginx.conf
server {
listen 80;
listen [::]:80;
server_name _;
root /usr/share/nginx/html;
location / {NewerOlder