Lunitrixx lunitrixx

Openssl commands:

openssl genrsa -out self-ssl.key
openssl req -new -key self-ssl.key -out self-ssl.csr -config csr.conf
openssl x509 -req -days 365 -in self-ssl.csr -signkey self-ssl.key -out self-ssl.crt -extensions req_ext -extfile csr.conf

Sign from Root CA: openssl x509 -req -days 365 -extensions req_ext -extfile csr.conf -CA RootCA.crt -CAkey RootCA.key -in self-ssl.csr -out self-ssl.crt

Debian 13

To start, read the official release notes.

If your install fits into "vanilla Debian plus maybe a handful of 3rd-party repos", then this guide for a simple upgrade to Debian 13 "trixie" from Debian 12 "bookworm" can be helpful. 3rd-party repos are handled with a find command.

Note upgrade is only supported from Debian 12 to Debian 13. If you are on Debian 11, upgrade to Debian 12 first. Then once on Debian 12, you can upgrade to Debian 13.

This guide is only for the OS itself. Applications are as plentiful as sand on the beach, and they may all require additional steps. Plan for that.

Install dependencies

Run npm install -D prettier prettier-plugin-antlers prettier-plugin-blade prettier-plugin-tailwindcss in your terminal

Prettier

Configure prettier

Create a .prettierrc file with the following content

{
    "singleQuote": true,
    "printWidth": 140,

Better SSH Authorized Keys Management

A seemingly common problem that people encounter is how to handle all of your users authorized_keys file.

People struggle over management, ensuring that users only have specific keys in the authorized_keys file or even a method for expiring keys. A centralized key management system could help provide all of this functionality with a little scripting.

One piece of functionality overlooked in OpenSSH is the AuthorizedKeysCommand configuration keyword. This configuration allows you to specify a command that will run during login to retrieve a users public key file from a remote source and perform validation just as if the authorized_keys file was local.

Here is an example directory structure for a set of users with SSH public keys that can be shared out via a web server:

	class RepeatTableHeadersHandler extends Paged.Handler {
	constructor(chunker, polisher, caller) {
	super(chunker, polisher, caller)
	this.splitTablesRefs = []
	}

	afterPageLayout(pageElement, page, breakToken, chunker) {
	this.chunker = chunker
	this.splitTablesRefs = []

	apt-get remove -y --purge x11-common
	apt-get autoremove -y --purge
	apt-get install -y deborphan
	deborphan \| xargs dpkg -P # do this a bunch of times

	<?php

	/** @noinspection ? */

	// PhpUndefinedGotoLabelInspection Undefined goto label
	// PhpUndefinedVariableInspection Undefined variable
	// PhpUndefinedMethodInspection Undefined method
	// PhpUndefinedNamespaceInspection Undefined namespace
	// PhpUndefinedClassInspection Undefined class
	// PhpUndefinedFunctionInspection Undefined function

-<?php
-/**
- * WP-CLI command to delete all the thumbnails.
- *
- * Note: First do dry-run, verify log and then do actual run.
- *
- * @package delete-thumbnails
- */
-if ( defined( 'WP_CLI') && WP_CLI ) {

	// .stglobalignore

	// These prevent SyncThing from trying to sync data that's locked, constantly changing, going to be thrown out, unimportant, etc.
	// Lots of conflicts/issues disappeared using these ignores, but do check to prevent major disappointment!
	// .log and cache* are in there, just so you know.. but firefox' startupCache and offlineCache will be synced.
	// Ignores are case sensitive.
	// Put both .stignore and this .stglobalignore in the root of your sync folder(s) (where .stfolder resides)

	$RECYCLE.BIN
	$WINDOWS.~BT

	<?php
	/**
	* Plugin Name: Content Security Policy
	* Version: 1.0.0
	* Description: Adds a Content-Security-Policy header to all non-admin requests.
	* License: GNU General Public License v2
	* License URI: http://www.gnu.org/licenses/gpl-2.0.html
	* Original Inspiration: https://gist.github.com/westonruter/c8b49406391a8d86a5864fb41a523ae9
	*/