rooty / autovpn.py

Created March 12, 2019 01:54 — forked from domenkozar/autovpn.py

AutoVPN for NetworkManager

	#!/usr/bin/env python
	"""
	Copyright 2011 Domen Kozar. All rights reserved.

	Redistribution and use in source and binary forms, with or without modification, are
	permitted provided that the following conditions are met:

	1. Redistributions of source code must retain the above copyright notice, this list of
	conditions and the following disclaimer.

rooty / LetsEncrypt+certbot+UFW+postfix+dovecot.md

Created December 23, 2018 08:13 — forked from mrothNET/LetsEncrypt+certbot+UFW+postfix+dovecot.md

Let's Encrypt / Dovecot / Postfix / UFW firewall / Certbot

This tutorial describes how to install TLS to a mail server consisting of Postfix and/or Dovecot by using Let's Encrypt certificates with automatic renewing and firewall management.

The system used for this tutorial was:

$ lsb_release -idrc
Distributor ID: Ubuntu

rooty / nginx.conf

Created December 11, 2018 03:43 — forked from plentz/nginx.conf

Best nginx configuration for improved security(and performance). Complete blog post here http://tautt.com/best-nginx-configuration-for-security/

	# to generate your dhparam.pem file, run in the terminal
	openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048

rooty / unbound_ext.conf

Created May 30, 2018 12:02

unbound версии 1.7.1

	server:
	tls-cert-bundle: "/etc/pki/tls/certs/ca-bundle.crt"
	forward-zone:
	name: "."
	forward-addr: 1.1.1.1#cloudflare-dns.com
	forward-addr: 1.0.0.1#cloudflare-dns.com
	forward-addr: 2606:4700:4700::1111#cloudflare-dns.com
	forward-addr: 2606:4700:4700::1001#cloudflare-dns.com
	forward-tls-upstream: yes

rooty / paramiko-using-ssh-config.py

Created May 1, 2018 22:22 — forked from acdha/paramiko-using-ssh-config.py

Connecting with paramiko using the user's OpenSSH config

	client = paramiko.SSHClient()
	client._policy = paramiko.WarningPolicy()
	client.set_missing_host_key_policy(paramiko.AutoAddPolicy())

	ssh_config = paramiko.SSHConfig()
	user_config_file = os.path.expanduser("~/.ssh/config")
	if os.path.exists(user_config_file):
	with open(user_config_file) as f:
	ssh_config.parse(f)

rooty / cpu_thro

Created April 15, 2018 13:18

https://wiki.archlinux.org/index.php/CPU_frequency_scaling_(Русский)

	for CPUFREQ in /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor;
	do
	[ -f $CPUFREQ ] \|\| continue
	echo -n performance > $CPUFREQ
	done

	https://www.kernel.org/doc/Documentation/cpu-freq/governors.txt

rooty / logrotate

Created March 23, 2018 09:21

Manipulate date

	/var/log/myproject/celery.log {
	size 1
	su myuser myuser
	copytruncate
	create
	rotate 10
	missingok
	postrotate
	timeext=`date -d '1 day ago' "+%Y-%m-%d"` # daily
	# timeext=$(date +%Y-%m-%d_%H) # hourly

rooty / find-https-debian-archives.py

Last active February 22, 2018 23:17 — forked from eighthave/find-https-debian-archives.py

Script to find official Debian mirrors that support HTTPS

	#!/usr/bin/env python3

	import urllib.request
	import re
	import ssl
	import sys

	# # find generic mirrors
	mirrors = urllib.request.urlopen('http://www.debian.org/mirror/list')
	https = []

rooty / nginx.conf

Created February 15, 2018 22:44 — forked from nrollr/nginx.conf

NGINX config for SSL with Let's Encrypt certs

	# Advanced config for NGINX
	server_tokens off;
	add_header X-XSS-Protection "1; mode=block";
	add_header X-Content-Type-Options nosniff;

	# Redirect all HTTP traffic to HTTPS
	server {
	listen 80;
	server_name www.domain.com domain.com;
	return 301 https://$host$request_uri;

rooty / install.sh

Created February 2, 2018 16:00

Hetzner install debian 8

installimage -n app-11.example.com -b grub -r yes -l 1 -p /boot:ext2:512M,swap:swap:4G,/:ext4:all -d sda,sdb -s en -t yes -K https://gist.githubusercontent.com/username/4973306c6d7ff53c1/raw/0322d9f18b7979f997a959e8ec4b1980723346f4/id_rsa.pub -i /root/.oldroot/nfs/install/../images/Debian-89-jessie-64-minimal.tar.gz -a

Vitalii Mikhnevych rooty

Let's Encrypt / Dovecot / Postfix / UFW firewall / Certbot