Skip to content

Instantly share code, notes, and snippets.

View tmthrgd's full-sized avatar

Tom Thorogood tmthrgd

116 followers · 233 following
View GitHub Profile
@jsha
jsha / gist:b1ee4682cfd96fcde15a
Created November 11, 2014 17:38
# mail.example.com should be one of the results of a `dig +short mx example.com`
# Note that your provider might block all port 25.
# If STARTTLS header is missing or mangled, but https://starttls.info/ shows example.com as supporting STARTTLS,
# there might be a downgrade going on.
(echo EHLO foo ; sleep 3) | nc mail.example.com 25
@sleevi
sleevi / ocsp-stapling.md
Last active July 24, 2024 14:50

On Twitter the other day, I was lamenting the state of OCSP stapling support on Linux servers, and got asked by several people to write-up what I think the requirements are for OCSP stapling support.

  1. Support for keeping a long-lived (disk) cache of OCSP responses.

    This should be fairly simple. Any restarting of the service shouldn't blow away previous responses that were obtained. This doesn't need to be disk, just stable - and disk is an easy stable storage for most server

@lmj0011
lmj0011 / gitCheck.md
Last active August 22, 2024 18:18 — forked from mzabriskie/README.md
Check git status of multiple repos

Usage:

gitCheck [directory]

This will run git status on each repo under the directory specified. If called with no directory provided it will default to the current directory.

Changes

@gimbo
gimbo / git-summary.sh
Last active August 11, 2021 18:30
git-summary.sh - summarise git repos in some folder
#!/bin/bash
# git-summary - summarise git repos at some path
#
# Adapted from https://gist.github.com/lmj0011/1a8dd1e376234ac7bf0fba2748ecdd0f
#
# Andy Gimblett, March 2017
usage() {
@sleevi
sleevi / for-servers.md
Created April 19, 2017 01:32
CT Best Practices (April 2017)

CT For Server (Developers)

Intro

Similar to my advice regarding OCSP Stapling for servers/server developers, based on questions I've received about "CT best practices," I wanted to write something similar for those writing server software. That is, this isn't targeted at server operators, but for those writing software like Apache, nginx, Caddy, etc.

At the most basic level, the deployment of Certificate Transparency to date has largely tried to focus the burden on CAs, rather than on server developers. If the CA is doing everything right,

@cliffrowley
cliffrowley / STREAMDECK_HID.md
Last active May 10, 2025 13:06
Notes on the Stream Deck HID protocol

Stream Deck Protocol

How to interface with a Stream Deck device.

Synopsis

The device uses the HID protocol to communicate with its software.

Configuration

@lizthegrey
lizthegrey / attributes.rb
Last active March 27, 2025 02:16
Hardening SSH with 2fa
default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam'
default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes'
default['sshd']['sshd_config']['PasswordAuthentication'] = 'no'
@mbleigh
mbleigh / README.md
Last active April 18, 2025 18:17
Firebase Hosting Fetch All Files

Fetch All Files from Firebase Hosting

This script fetches all of the files from the currently deployed version of a Firebase Hosting site. You must be signed in via the Firebase CLI and have "Site Viewer" permission on the site in question to be able to properly run the script.

Running via NPX

npx https://gist.github.com/mbleigh/9c8680cf319ace2f506f57380da66e7d <site_name>
@noraj
noraj / gulp-cjs-to-esm.md
Last active April 10, 2025 19:21
Moving gulpfile from CommonJS (CJS) to ECMAScript Modules (ESM)

Moving gulpfile from CommonJS (CJS) to ECMAScript Modules (ESM)

Context

del v7.0.0 moved to pure ESM (no dual support), which forced me to move my gulpfile to ESM to be able to continue to use del.

The author sindresorhus maintains a lot of npm packages and does not want to provides an upgrade guide for each package so he provided a generic guide. But this guide is a bit vague because it's generic and not helping for gulp, hence this guide.

Guide