Skip to content

Instantly share code, notes, and snippets.

View sathed's full-sized avatar

Clint sathed

2 followers · 2 following
View GitHub Profile
@dojoe
dojoe / dkms-module-signing.md
Last active October 21, 2024 07:28
Make DKMS sign kernel modules on installation, with full script support and somewhat distro independent

On systems with UEFI Secure Boot enabled, recent Linux kernels will only load signed modules, so it's about time DKMS grew the capability to sign modules it's building.

These scripts are extended and scriptified variants of https://computerlinguist.org/make-dkms-sign-kernel-modules-for-secure-boot-on-ubuntu-1604.html and https://askubuntu.com/questions/760671/could-not-load-vboxdrv-after-upgrade-to-ubuntu-16-04-and-i-want-to-keep-secur/768310#768310 and add some error checking, a passphrase around your signing key, and support for compressed modules.

dkms-sign-module is a wrapper for the more generic sign-modules which can also be used outside of DKMS.

Installation

  1. Create a directory under /root, say /root/module-signing, put the three scripts below in there and make them executable: chmod u+x one-time-setup sign-modules dkms-sign-module
@lmakarov
lmakarov / lambda-basic-auth.js
Created August 30, 2017 19:15
Basic HTTP Authentication for CloudFront with Lambda@Edge
'use strict';
exports.handler = (event, context, callback) => {
// Get request and request headers
const request = event.Records[0].cf.request;
const headers = request.headers;
// Configure authentication
const authUser = 'user';
const authPass = 'pass';
@mlafeldt
mlafeldt / postmortem.md
Last active October 10, 2024 04:08
Example Postmortem from SRE book, pp. 487-491

Shakespeare Sonnet++ Postmortem (incident #465)

Date

2015-10-21

Authors

  • jennifer
  • martym
@subfuzion
subfuzion / curl.md
Last active April 30, 2025 20:39
curl POST examples

Common Options

-#, --progress-bar Make curl display a simple progress bar instead of the more informational standard meter.

-b, --cookie <name=data> Supply cookie with request. If no =, then specifies the cookie file to use (see -c).

-c, --cookie-jar <file name> File to save response cookies to.

@CMCDragonkai
CMCDragonkai / curl_custom_dns.sh
Last active April 30, 2025 00:46
cURL: Selecting a custom DNS server to resolve domain names
#!/usr/bin/env bash
# this can be useful when developing against a custom DNS server, or
# for example, if you made a change to the DNS settings of a domain, and you
# know the authoritative nameserver IP address for a domain, you could use this
# to bypass the intermediate DNS cache, and apply an HTTP request using the new
# DNS settings supplied by your specified (authoritative) nameserver
curl --dns-servers <DNSIP,DNSIP> url.com
@joewiz
joewiz / post-mortem.md
Last active October 16, 2024 07:39
Recovery from nginx "Too many open files" error on Amazon AWS Linux

On Tue Oct 27, 2015, history.state.gov began buckling under load, intermittently issuing 500 errors. Nginx's error log was sprinkled with the following errors:

2015/10/27 21:48:36 [crit] 2475#0: accept4() failed (24: Too many open files)

2015/10/27 21:48:36 [alert] 2475#0: *7163915 socket() failed (24: Too many open files) while connecting to upstream...

An article at http://www.cyberciti.biz/faq/linux-unix-nginx-too-many-open-files/ provided directions that mostly worked. Below are the steps we followed. The steps that diverged from the article's directions are marked with an *.

  1. * Instead of using su to run ulimit on the nginx account, use ps aux | grep nginx to locate nginx's process IDs. Then query each process's file handle limits using cat /proc/pid/limits (where pid is the process id retrieved from ps). (Note: sudo may be necessary on your system for the cat command here, depending on your system.)
  2. Added fs.file-max = 70000 to /etc/sysctl.conf
@pkuczynski
pkuczynski / LICENSE
Last active March 14, 2025 14:12
Read YAML file from Bash script
MIT License
Copyright (c) 2014 Piotr Kuczynski
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWAR
@Thermionix
Thermionix / auth-basic.conf
Last active November 4, 2021 00:56
nginx reverse proxy for sickbeard, couchpotato etc.
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/htpasswd;