Timothe manchot0
manchot0
/ gist:5bc3e9872360ba46abd3bd2c0f607ec8
Last active
April 8, 2016 10:02
Ansible Doc & Exemple
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-ansible-on-ubuntu-14-04 | |
| https://www.digitalocean.com/community/tutorials/how-to-create-ansible-playbooks-to-automate-system-configuration-on-ubuntu | |
| https://www.digitalocean.com/community/tutorials/how-to-configure-apache-using-ansible-on-ubuntu-14-04 | |
| https://www.digitalocean.com/community/tutorials/configuration-management-101-writing-ansible-playbooks | |
| https://www.digitalocean.com/community/tutorials/how-to-use-ansible-and-tinc-vpn-to-secure-your-server-infrastructure | |
| https://www.digitalocean.com/community/tutorials/how-to-automate-installing-wordpress-on-ubuntu-14-04-using-ansible |
manchot0
/ gist:8cd36c7ff3b922e32ccb39d8bfd3a310
Last active
June 16, 2017 09:16
Ansible simple exemle
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Lauch playbook : | |
| ansible-playbook /etc/ansible/play/xxx.yml [--ask-become-pass] [--ask-vault-pass] | |
| - hosts: PROD | |
| remote_user: xxxxxxx | |
| become: yes | |
| become_method: sudo | |
| tasks: |
manchot0
/ gist:537934a1bbd124aec4d98bd37dfcd772
Created
May 1, 2017 11:12
Tomcat cluster with Nginx load balancer and caching
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://nginx.org/en/docs/http/load_balancing.html | |
| https://www.linode.com/docs/uptime/loadbalancing/use-nginx-as-a-front-end-proxy-and-software-load-balancer/ | |
| http://blog.martinfjordvald.com/2011/02/nginx-primer-2-from-apache-to-nginx/ | |
| http://www.ramkitech.com/2012/11/tomcat-clustering-series-part-3-session.html | |
| http://www.ramkitech.com/2012/10/tomcat-clustering-series-simple-load.html | |
| https://www.foulquier.info/tutoriaux/mise-en-place-dun-cluster-heartbeat-apache | |
| https://www.nginx.com/resources/admin-guide/content-caching/ | |
| https://www.digitalocean.com/community/tutorials/understanding-nginx-http-proxying-load-balancing-buffering-and-caching | |
| https://www.digitalocean.com/community/tutorials/how-to-use-floating-ips-on-digitalocean#how-to-implement-an-ha-setup | |
| https://www.nginx.com/resources/deployment-guides/load-balance-apache-tomcat/ |
manchot0
/ gist:b161d09cb2f8cd3dae3052d6ae82e72b
Created
May 1, 2017 11:13
ansible role and packer on github
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://github.com/jnv/ansible-role-unattended-upgrades | |
| https://github.com/geerlingguy/ansible-role-firewall | |
| https://github.com/geerlingguy/ansible-role-apache | |
| https://github.com/geerlingguy/ansible-role-backup | |
| https://github.com/geerlingguy/ansible-role-kibana | |
| https://github.com/geerlingguy/ansible-role-postfix | |
| https://github.com/geerlingguy/ansible-role-pimpmylog | |
| https://github.com/geerlingguy/ansible-role-ansible | |
| https://github.com/geerlingguy/ansible-newrelic |
manchot0
/ gist:354c2df17ec4afd1ffae9642bf2273cc
Last active
May 15, 2025 10:00
DDOS protection with iptable
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| IPtables DDOS protection : | |
| In my config i assume the server is not a router and already profit from some filtering by the hosting company on shitty | |
| networks. | |
| I have tested this on ubuntu server 18.04 with the kernel 4.15.0-36-generic. | |
| Protect from malformed packet, ACK FIN RST attack and SYN-flood. | |
| Flood which profit of TCP-KEEPALIVE (so there a no SYN packet) should be handled by the web server (rate-limit in nginx for | |
| exemple). Connlimit can also be helpfull to limit the number of connexion per ip. |
manchot0
/ letsencrypt wildcard with ovh domain verification
Last active
January 31, 2022 07:11
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://www.nginx.com/blog/free-certificates-lets-encrypt-and-nginx/ | |
| http://matthieukeller.com/2016/12/lets-encrypt-certificate-for-offline-servers-with-ovh-dns.html | |
| https://ungeek.fr/letsencrypt-api-ovh/ | |
| https://certbot.eff.org/docs/using.html#certbot-command-line-options | |
| https://github.com/certbot/certbot | |
| https://github.com/antoiner77/letsencrypt.sh-ovh | |
| /etc/letsencrypt/configs/\*.domain.xxx.conf | |
| --------------------------------------------------------------------------------------------------- |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #template to construct the path where to save the logs received | |
| #/srv/log/192.168.xx.xx/year-month/day/$.logpath | |
| #$.logpath is set in the "RemoteLogProcess" ruleset | |
| template(name="RemoteLogSavePath" type="list") { | |
| constant(value="/srv/log/") | |
| property(name="fromhost-ip") | |
| constant(value="/") | |
| property(name="timegenerated" dateFormat="year") | |
| constant(value="-") | |
| property(name="timegenerated" dateFormat="month") |
manchot0
/ gist:18504776c0057b73df6799f918b63ab3
Created
July 25, 2019 10:11
simple python requestBin server
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from http.server import HTTPServer, BaseHTTPRequestHandler | |
| from io import BytesIO | |
| from json import dumps | |
| """ The HTTP request handler """ | |
| class RequestHandler(BaseHTTPRequestHandler): | |
| def _send_cors_headers(self): | |
| """ Sets headers required for CORS """ | |
| self.send_header("Access-Control-Allow-Origin", "*") |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://www.base64decode.org/ | |
| https://cryptii.com/pipes/base64-to-hex | |
| https://www.url-encode-decode.com/ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| User= | |
| Group= | |
| UMask= | |
| RuntimeDirectory= | |
| RuntimeDirectoryMode= | |
| CPUQuota=100% | |
| PrivateTmp=true |