Skip to content

Instantly share code, notes, and snippets.

@meanevo
meanevo / check_shadowsocks.sh
Last active August 18, 2018 19:39
Scripts for OpenWrt to bypass the gfw in mainland china, using ipset for gfwlist and geoip for ips outside specified region. (two ss-redir instances)
# FILE_LOCATION: /usr/bin/check_shadowsocks.sh
# DESCRIPTION: Script for checking whether shadowsocks-libev is running, and if not, restart it.
# <!-- ORIGINAL_CONTENTS_BELOW -->
#!/bin/sh
ss_pid_path="/var/run/ss-redir.pid"
ss_port={SS1_PORT}
ss2_pid_path="/var/run/ss-redir-whitelist.pid"
ss2_port={SS2_PORT}
if [ -f $ss_pid_path ] && [ -f $ss2_pid_path ]; then
@meanevo
meanevo / ipset.service
Last active November 20, 2023 07:21
IPSet settings persistence
#
# reference: http://namsep.blogspot.com/2015/12/yad-centos-7-iptables-ipset-and-fail2ban.html
# reference: http://pkgs.fedoraproject.org/cgit/ipset.git/tree/ipset.service
# file location: /etc/systemd/system/ipset.service
#
# systemctl enable ipset.service
# mkdir /etc/ipset
# touch /etc/ipset/ipset
# ...do something with ipset...
# ipset save > /etc/ipset/ipset
@meanevo
meanevo / nginx.conf
Last active June 29, 2021 01:23
Nginx dynamic matching document root by host(accessing domain name) /*USE AT YOUR OWN RISK*/
server {
listen 0.0.0.0:80 default_server;
listen [::]:80 default_server;
server_name _;
server_tokens off;
## Document root
set $base_path "/usr/share/nginx";
set $domain_path "${host}";
@meanevo
meanevo / haproxy.cfg
Last active June 22, 2024 07:49
HAProxy without SSL Termination
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 2048
user haproxy
@meanevo
meanevo / haproxy.cfg
Last active July 25, 2019 16:51
H2, HTTP/1.1 traffic balance/routing with HAProxy 1.7 (with SSL-Termination) and Nginx 1.10.2
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
daemon
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 2048
user haproxy
group haproxy
@meanevo
meanevo / compile-openssl_102.sh
Last active March 14, 2023 11:41
Compile OpenSSL 1.0.2* from source on CentOS 7
# Make sure you have these installed
yum install -y make gcc perl pcre-devel zlib-devel
# Download/Extract source
wget -O /tmp/openssl.tgz https://www.openssl.org/source/openssl-1.0.2-latest.tar.gz
tar -zxf /tmp/openssl.tgz -C /tmp
cd /tmp/openssl-*
# Optional: Patch chacha20
# https://github.com/cloudflare/sslconfig/tree/master/patches
wget https://raw.githubusercontent.com/cloudflare/sslconfig/master/patches/openssl__chacha20_poly1305_draft_and_rfc_ossl102j.patch
patch -p1 < openssl__chacha20_poly1305_draft_and_rfc_ossl102j.patch
@meanevo
meanevo / compile-haproxy.sh
Last active October 25, 2022 07:42 — forked from ryzy/a.sh
Compile HAProxy from source on CentOS 7
# Make sure you have these installed
yum install -y make gcc perl pcre-devel zlib-devel
# Download/Extract source
wget -O /tmp/haproxy.tgz http://www.haproxy.org/download/1.7/src/haproxy-1.7.2.tar.gz
tar -zxvf /tmp/haproxy.tgz -C /tmp
cd /tmp/haproxy-*
# Compile HAProxy
# https://github.com/haproxy/haproxy/blob/master/README
make \
TARGET=linux2628 USE_LINUX_TPROXY=1 USE_ZLIB=1 USE_REGPARM=1 USE_PCRE=1 USE_PCRE_JIT=1 \
@meanevo
meanevo / nginx.conf
Last active May 3, 2024 06:27
Nginx dynamic matching .dev, subdomain to directory name for developing.
server {
listen 127.0.0.1:5002;
listen [::1]:5002;
server_name .dev;
## Set dev's base path in order to appending L1 name
set $base_path "/Library/WebServer/Documents";
## Start domain regex match
set $domain $host;