Skip to content

Instantly share code, notes, and snippets.

View mholt's full-sized avatar
💪
I write code with my bare hands

Matt Holt mholt

💪
I write code with my bare hands
View GitHub Profile
@mholt
mholt / keypairs.js
Created June 25, 2021 20:07
Generate key pairs and PEM-encode them using vanilla JS and browser Crypto API
//
// Convert an ArrayBuffer into a string.
// From https://developers.google.com/web/updates/2012/06/How-to-convert-ArrayBuffer-to-and-from-String
function arrayBufToString(buf) {
return String.fromCharCode.apply(null, new Uint8Array(buf));
}
function pemEncode(label, data) {
const base64encoded = window.btoa(data);
@mholt
mholt / caddy-migrate-assets.go
Created February 22, 2021 22:37
Unsupported, ad-hoc program that migrates assets from Caddy v1 to Caddy v2
// Copyright 2021 Matthew Holt and The Caddy Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
@mholt
mholt / for-servers.md
Created October 18, 2019 02:50 — forked from sleevi/for-servers.md
CT Best Practices (April 2017)

CT For Server (Developers)

Intro

Similar to my advice regarding OCSP Stapling for servers/server developers, based on questions I've received about "CT best practices," I wanted to write something similar for those writing server software. That is, this isn't targeted at server operators, but for those writing software like Apache, nginx, Caddy, etc.

At the most basic level, the deployment of Certificate Transparency to date has largely tried to focus the burden on CAs, rather than on server developers. If the CA is doing everything right,

@mholt
mholt / gen.go
Created August 16, 2019 06:12 — forked from caesaneer/gen.go
// Handler that calls generate
func ok(w http.ResponseWriter, r *http.Request) {
// res := make([]int64, 0, 100000)
var res [100000]int64
fibonacci.Generate(&res)
// fmt.Println(suc)
// fmt.Printf("%T", res)
// fmt.Println(res[50])
fmt.Fprintf(w, "OK")
@mholt
mholt / config_poll.md
Last active July 9, 2019 18:00
How do you like your handler configs?

Caddy 2 HTTP handlers come in two flavors: middleware and responders.

  • Middleware are in the middle of a request chain; i.e. they have a next handler to invoke.
  • Responders are content origins, at the end of a request chain; i.e. there is no next handler. Any handlers defined after it would not be invoked.

Caveat: Sometimes a handler's role is ambiguous. For example, a caching handler would be middleware on a cache miss (it needs to invoke the upstream handlers for a response, then cache it), but on a cache hit it would be a responder, since no further handlers would be invoked (it would simply write the response).

@mholt
mholt / main.go
Created October 16, 2018 14:25 — forked from KatelynHaworth/main.go
Example of run an interactive process on the current user from system service on windows (Golang)
package main
import (
"github.com/kardianos/service"
"log"
"flag"
)
type Service struct {}
@mholt
mholt / passwordpwned.go
Created August 12, 2018 19:27
Use Go to check if a password has been pwned
// checkPasswordPwned checks if the password is "pwned" according
// to the API offered by https://haveibeenpwned.com/. (The password
// is not sent to their servers to do the check.)
//
// This function returns the number of times the password appears in
// their data set. A password is pwned, or compromised, if the return
// value is greater than 0.
//
// API Docs: https://haveibeenpwned.com/API/v2#SearchingPwnedPasswordsByRange
//
@mholt
mholt / macapp.go
Last active November 8, 2024 20:51
Distribute your Go program (or any single binary) as a native macOS application
// Package main is a sample macOS-app-bundling program to demonstrate how to
// automate the process described in this tutorial:
//
// https://medium.com/@mattholt/packaging-a-go-application-for-macos-f7084b00f6b5
//
// Bundling the .app is the first thing it does, and creating the DMG is the
// second. Making the DMG is optional, and is only done if you provide
// the template DMG file, which you have to create beforehand.
//
// Example use:
@mholt
mholt / apply-license.bash
Created March 27, 2018 04:01
Apply the Apache 2.0 license to all your .go files
#!/bin/bash
FILES=$(find . -name "*.go" -not -path "./vendor/*" -type f)
for f in $FILES
do
echo "processing: $f"
ed -s $f << EOF
0a
// Copyright YEAR YOU
//
@mholt
mholt / example.Caddyfile
Created June 21, 2017 21:31
restic plugin for Caddy
example.com
# specifying an empty root is not strictly necessary but not a bad
# idea if all you are serving on this site is the backups
root empty_www/
# authentication is required when using the Caddy plugin;
# this line assumes all requests are protected
basicauth / user pass