Skip to content

Instantly share code, notes, and snippets.

View vqiu's full-sized avatar
🌴
On vacation

shuhui.qiu vqiu

🌴
On vacation
3 followers · 14 following
View GitHub Profile
@vqiu
vqiu / ashleyrich.com
Created May 22, 2016 11:33 — forked from A5hleyRich/ashleyrich.com
Hosting WordPress Yourself Part 7
fastcgi_cache_path /home/ashley/ashleyrich.com/cache levels=1:2 keys_zone=ashleyrich.com:100m inactive=60m;
fastcgi_cache_key “$scheme$request_method$host$request_uri”;
server {
listen 80;
server_name pluto.ashleyrich.com;
return 301 https://$server_name$request_uri;
}
@vqiu
vqiu / Dockerfile
Created December 12, 2016 12:50 — forked from rosskukulinski/Dockerfile
Docker etcd/confd configuration of nginx
FROM <private repo>
MAINTAINER Ross Kukulinski "[email protected]"
ADD nginx.toml /etc/confd/conf.d/nginx.toml
ADD templates/nginx.tmpl /etc/confd/templates/nginx.tmpl
ADD confd-watch /usr/local/bin/confd-watch
RUN chmod +x /usr/local/bin/confd-watch
@vqiu
vqiu / ectd 应用实例.md
Last active December 13, 2016 09:05
@vqiu
vqiu / kerberos_setup.md
Created August 9, 2017 06:17 — forked from ashrithr/kerberos_setup.md
Set up kerberos on Redhat/CentOS 7

Installing Kerberos on Redhat 7

This installation is going to require 2 servers one acts as kerberos KDC server and the other machine is going to be client. Lets assume the FQDN's are (here cw.com is the domain name, make a note of the domain name here):

  • Kerberos KDC Server: kdc.cw.com
  • Kerberos Client: kclient.cw.com

Important: Make sure that both systems have their hostnames properly set and both systems have the hostnames and IP addresses of both systems in

@vqiu
vqiu / consul.lua
Created September 15, 2017 15:56 — forked from gmr/consul.lua
Dynamic Nginx upstream nodes using Consul
module("resty.consul", package.seeall)
_VERSION = '0.1.0'
function service_nodes(service)
local http = require "resty.http"
local json = require "cjson"
local hc = http:new()
local upstream = ""
@vqiu
vqiu / setup-audit.sh
Created November 19, 2017 13:46 — forked from shichao-an/setup-audit.sh
#!/bin/bash
# Setup and enable auditd
# MUST REBOOT AFTER SETUP
#
# FUNCTIONALITIES:
#
# * Auditing user TTY
# aureport --tty
#
# * Auditing root commands (real uid)
@vqiu
vqiu / docker-compose-tick.yml
Created December 3, 2017 11:42 — forked from cdelaitre/docker-compose-tick.yml
Monitor Docker Swarm with the InfluxData TICK Stack
version: '3'
services:
# FRONT
chronograf:
# Full tag list: https://hub.docker.com/r/library/chronograf/tags/
image: chronograf
deploy:
replicas: 1
placement:
constraints:
@vqiu
vqiu / rdate.md
Created January 12, 2018 10:15
使用 rdate 替代ntp 功能

总有那么些蛋疼的机房,为了所谓的这安全,将NTP 服务器一刀切了。这时候时间同步就是一个问题,不过我们还可以使用 rdate 来解决。

yum -y install rdate
rdate -s time.nist.gov

cat > /etc/cron.daily/rdate << "EOF"
#!/bin/sh
rdate -s time.nist.gov
@vqiu
vqiu / ngx.access_by_lua.md
Created June 24, 2018 17:27 — forked from qrtt1/ngx.access_by_lua.md

本來打算試著用 ngx_lua 取代原本用 C 實作的 access control,可是看完了「基本語法」想要找一些相關會用到的 library 都找不太到,像 lua-aws 雖然有人寫,但看起來不太完整。這樣就不能透過 lua script 存取 aws service 取得認證的資訊。

不過,想了想它網頁上 access_by_lua 的例子也沒有直接寫在裡面,就以 deleagte 的形式問了其它 uri:

location / {
    deny    192.168.1.1;
    allow   192.168.1.0/24;
    allow   10.1.1.0/16;
    deny    all;
@vqiu
vqiu / OpenResty.md
Created June 24, 2018 17:41 — forked from JeOam/OpenResty.md
OpenResty Notes Navigation