Skip to content

Instantly share code, notes, and snippets.

View vermaslal's full-sized avatar

Shambhu Lal Verma vermaslal

3 followers · 11 following
View GitHub Profile
@vermaslal
vermaslal / amqplib-delayed-message.js
Created March 28, 2017 10:10 — forked from materkel/amqplib-delayed-message.js
Scheduling messages with RabbitMQ, using the rabbitmq_delayed_message_exchange plugin and amqplib in NodeJS
/**
* Install and enable the rabbitmq_delayed_message_exchange plugin as described by Alvaro Videla in this blogpost:
* https://www.rabbitmq.com/blog/2015/04/16/scheduling-messages-with-rabbitmq/
*/
const amqp = require('amqplib');
const exchange = 'yourExchangeName';
const queue = 'yourQueueName';
const queueBinding = 'yourQueueBindingName';
// Message consumer
@vermaslal
vermaslal / nodejs-ubuntu-bind-port-80.md
Created April 2, 2017 18:07 — forked from drawveloper/nodejs-ubuntu-bind-port-80.md
Allow Node.js to bind to privileged ports without root access on Ubuntu

How to: Allow Node to bind to port 80 without sudo

TL;DR

Only do this if you understand the consequences: all node programs will be able to bind on ports < 1024

sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/node

Important: your node location may vary. Use which node to find it, or use it directly in the command:

@vermaslal
vermaslal / README.MD
Last active October 1, 2021 02:38
Drop Root Privileges in Node.js when using port <1024

A common use for Node.js is to build web applications. Usually, we want these applications to listen on port 80. As a security precaution, most OS’s require root privileges for this to happen (e.g. OS X, Linux, BSD). To run a Node application this way, we need to do the following:

sudo node server.js

Then, the application runs as root for the rest of the session. There are potential security risks to this, though. What if there is a vulnerability in your application and a hacker starts controlling your app and doing naughty things with it? Thankfully, we can drop the user account running our process to a less secured user, such as our normal account. There are two methods on the process global which can handle this for us, .setgid() and .setuid().

Here’s a working example of this in action. We want to run this code AFTER we bind to port 80, so we run the code in a callback:

@vermaslal
vermaslal / test.js
Created September 14, 2017 11:07 — forked from jmyrland/test.js
Socket-io load test?
/**
* Modify the parts you need to get it working.
*/
var should = require('should');
var request = require('../node_modules/request');
var io = require('socket.io-client');
var serverUrl = 'http://localhost';
@vermaslal
vermaslal / sysctl.conf
Created September 20, 2017 18:14
Linux configuration for handling large concurrent connections
The new tweaks, placed in /etc/sysctl.conf (CentOS) and then reload with “sysctl -p” :
net.core.rmem_max = 33554432
net.core.wmem_max = 33554432
net.ipv4.tcp_rmem = 4096 16384 33554432
net.ipv4.tcp_wmem = 4096 16384 33554432
net.ipv4.tcp_mem = 786432 1048576 26777216
net.ipv4.tcp_max_tw_buckets = 360000
net.core.netdev_max_backlog = 2500
vm.min_free_kbytes = 65536