A common and reliable pattern in service unit files is thus:
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict
ageis
/ systemd_service_hardening.md
Last active
April 29, 2026 14:26
Options for hardening systemd service units
yuvadm
/ spacemacs_for_sublime.MD
Last active
December 25, 2021 00:15
Spacemacs 101 for Sublime users
This is a quick tutorial on how to start using Spacemacs coming from Sublime Text.
After installing Spacemacs, boot it up:
$ emacsOpen up a file by hitting SPACE f f, you can then locate and open a file by path with tab completion and ending with ENTER
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # import config. | |
| # You can change the default config with `make cnf="config_special.env" build` | |
| cnf ?= config.env | |
| include $(cnf) | |
| export $(shell sed 's/=.*//' $(cnf)) | |
| # import deploy config | |
| # You can change the default deploy config with `make cnf="deploy_special.env" release` | |
| dpl ?= deploy.env | |
| include $(dpl) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { pkgs ? import <nixpkgs> {} }: | |
| with pkgs; | |
| let | |
| su_exec = pkgs.stdenv.mkDerivation { | |
| name = "su-exec-0.2"; | |
| src = fetchurl { | |
| url = https://github.com/ncopa/su-exec/archive/v0.2.tar.gz; | |
| sha256 = "09ayhm4w7ahvwk6wpjimvgv8lx89qx31znkywqmypkp6rpccnjpc"; |
davoclavo
/ spacemacs-cheatsheet.md
Last active
October 26, 2024 19:46
— forked from 526avijitgupta/spacemacs-cheatsheet.md
Spacemacs cheatsheet
emacs --daemon to run in the background.
emacsclient.emacs24 <filename/dirname> to open in terminal
NOTE: "M-m and SPC can be used interchangeably".
- Undo -
C-/ - Redo -
C-? - Change case: 1. Camel Case :
M-c2. Upper Case :M-u
- Lower Case :
M-l
WesleyE
/ extract.bat
Created
August 22, 2015 20:15
A good few years ago, this was my quick way of stitching an video with PTGUI and Hugin. Requires Hugin, a project file for one of the frames and FFMPEG.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ffmpeg -i GOPR0011.MP4 -f image2 GOPR0011/GOPR0011_%3d.jpg | |
| ffmpeg -i GOPR0012.MP4 -f image2 GOPR0012/GOPR0012_%3d.jpg | |
| ffmpeg -i GOPR0015.MP4 -f image2 GOPR0015/GOPR0015_%3d.jpg | |
| ffmpeg -i GOPR2943.MP4 -f image2 GOPR2943/GOPR2943_%3d.jpg | |
| ffmpeg -i GOPR8717.MP4 -f image2 GOPR8717/GOPR8717_%3d.jpg | |
| pause |
paulosuzart
/ currency-watcher.rkt
Last active
March 9, 2020 10:53
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #lang racket | |
| (require net/http-client) | |
| (require net/url) | |
| (require json) | |
| (require net/uri-codec) | |
| (require racket/cmdline) | |
| (define lg (make-logger 'currency-logger)) | |
| (current-logger lg) |
tl;dr We might need a standard build file to build a module from Git repository, especially for the ones using Module::Install or dzil.
When an author of CPAN module uses an authoring tool that generates build files when shipping them to CPAN, the git repository usually doesn't have enough files to build, test and install the module.
For example, if dzil (Dist::Zilla) is used, the repository only conatains dist.ini and there's no Makefile.PL or Build.PL so standard CPAN installers or Continuous Integration tools don't know how to run tests on it.
fredreichbier
/ gist:4399625
Last active
March 10, 2024 09:47
How to extract your private ssh key from gpg-agent
Problem: Lost private key file ~/.ssh/id_rsa, but could connect to remote hosts via pubkey auth anyway: gpg-agent cached the private key. How to get the private key?
Solution: Use gpg-protect-tool to get the key (you need to know the passphrase of course):
gpgsm --call-protect-tool --p12-export ~/.gnupg/private-keys-v1.d/your-keyfile.key >key.p12
Now you have a PKCS12 file and you can extract the private key like this:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ############################################################################### | |
| ## Monit control file | |
| ############################################################################### | |
| ## | |
| ## Comments begin with a '#' and extend through the end of the line. Keywords | |
| ## are case insensitive. All path's MUST BE FULLY QUALIFIED, starting with '/'. | |
| ## | |
| ## Below you will find examples of some frequently used statements. For | |
| ## information about the control file, a complete list of statements and | |
| ## options please have a look in the monit manual. |