Chun-Sheng, Li peter279k

README

Services declared as oneshot are expected to take some action and exit immediatelly (thus, they are not really services, no running processes remain). A common pattern for these type of service is to be defined by a setup and a teardown action.

Let's create a example foo service that when started creates a file, and when stopped it deletes it.

Define setup/teardown actions

Create executable file /opt/foo/setup-foo.sh:

WeWork WiFi on Linux

When using nmcli device wifi connect 'WeWorkWiFi' password '...', you'll get something like:

Error: Failed to add/activate new connection: Failed to determine AP security information

To actually use it, you need to create a connection first and configure it:

Activating HTTP Public Key Pinning (HPKP) on Let's Encrypt

Source: https://lilleengen.io/blog/index.php/posts/activating-http-public-key-pinning-hpkp-on-lets-encrypt

Disclaimer: This might break your website, don't preceded if you don't know what you're doing.

Since the letsencrypt seems to create a new private key every time the certificate is renewed and Let's Encrypt requires you to renew you certificate once every ~80 days pinning using your certificate's SPKI is probably not the way to go. So, what should we pin then? Let's Encrypt is currently issuing from Authority X3, and using Authority X4 as a backup, so these two is a great place to start. We should also include the ISRG Root so this might support new Authorities with other SPKIs as well.

Generate HASH of Private Keys

To generate the hash of the SPKI of these certificates run the following commands

This Version Allow run as `nobody` AND ports below 1024

/etc/systemd/system/frps.service

Systems that has `AmbientCapabilities` support (usually kernel >= linux4.3)

[Unit]
Description=FRP Server Daemon

	FROM ubuntu
	RUN apt update \
	&& apt install -y firefox \
	openssh-server \
	xauth \
	&& mkdir /var/run/sshd \
	&& mkdir /root/.ssh \
	&& chmod 700 /root/.ssh \
	&& ssh-keygen -A \
	&& sed -i "s/^.PasswordAuthentication.$/PasswordAuthentication no/" /etc/ssh/sshd_config \

	# Copyright 2019-2022 Jonathan S. Katz
	#
	# MIT License
	#
	# Permission is hereby granted, free of charge, to any person obtaining a copy
	# of this software and associated documentation files (the "Software"), to deal
	# in the Software without restriction, including without limitation the rights
	# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
	# copies of the Software, and to permit persons to whom the Software is
	# furnished to do so, subject to the following conditions:

	Key-Type: 1
	Key-Length: 2048
	Subkey-Type: 1
	Subkey-Length: 2048
	Name-Real: Root Superuser
	Name-Email: [email protected]
	Expire-Date: 0

	import requests
	from tqdm import tqdm


	def download(url: str, fname: str, chunk_size=1024):
	resp = requests.get(url, stream=True)
	total = int(resp.headers.get('content-length', 0))
	with open(fname, 'wb') as file, tqdm(
	desc=fname,
	total=total,

	name: build

	on: [ push, pull_request ]

	jobs:
	run:
	runs-on: ${{ matrix.operating-system }}
	strategy:
	matrix:
	operating-system: [ ubuntu-latest ]

	<?php
	file_put_contents( 'progress.txt', '' );

	$targetFile = fopen( 'testfile.iso', 'w' );

	$ch = curl_init( 'http://ftp.free.org/mirrors/releases.ubuntu-fr.org/11.04/ubuntu-11.04-desktop-i386-fr.iso' );
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
	curl_setopt( $ch, CURLOPT_NOPROGRESS, false );
	curl_setopt( $ch, CURLOPT_PROGRESSFUNCTION, 'progressCallback' );
	curl_setopt( $ch, CURLOPT_FILE, $targetFile );