If you're self-hosting your services and having trouble getting your emails through Gmail and infuriated by Google's non-existent support, you're not the only one. I'd like to share my experiences trying to get it sorted out.
I'm the author of the post above. You can tell how arrogant Google employees are from all the previous posts he made in the past.
This (and related gists) captures how i created my docker swarm architecture. This is intended mostly for my own notes incase i need to re-creeate anything later! As such expect some typos and possibly even an error...
Each major task has its own gist, this is to help with maitainability long term.
You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
| {% if certificate and certificate_id > 0 -%} | |
| {% if ssl_forced == 1 or ssl_forced == true %} | |
| {% if hsts_enabled == 1 or hsts_enabled == true %} | |
| # HSTS (ngx_http_headers_module is required) (63072000 seconds = 2 years) | |
| add_header Strict-Transport-Security "max-age=63072000;{% if hsts_subdomains == 1 or hsts_subdomains == true -%} includeSubDomains;{% endif %} preload" always; | |
| add_header Referrer-Policy strict-origin-when-cross-origin; | |
| add_header X-Content-Type-Options nosniff; | |
| add_header X-XSS-Protection "1; mode=block"; | |
| add_header X-Frame-Options SAMEORIGIN; | |
| add_header Content-Security-Policy upgrade-insecure-requests; |
| # 2>NUL & @CLS & PUSHD "%~dp0" & "%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe" -nol -nop -ep bypass "[IO.File]::ReadAllText('%~f0')|iex" & POPD & EXIT /B | |
| <# | |
| @ | |
| Stops a command from echoing to the console host. | |
| # 2>NUL & @CLS | |
| This allows us to comment out the batch wrapper part from the powershell script and eats the cmd.exe error since # is not a command or control character. | |
| PUSHD "%~dp0" |
NOTE: Content below is written by Adrian Mace. Click here for an updated version.
Below are the key settings that I apply on any unifi installation for optimal performance.
Enable Advanced Features is enabled
| # Docker compose to set up containers for all services you need: | |
| # VPN | |
| # Sonarr, Radarr, Lidarr, Qbittorrent | |
| # Non-VPN | |
| # Plex, get_iplayer | |
| # Before running docker-compose, you should pre-create all of the following folders. | |
| # Folders for Docker State: | |
| # /volume1/dockerdata. - root where this docker-compose.yml should live | |
| # /volume1/dockerdata/plex - Plex config and DB | |
| # /volume1/dockerdata/sonarr - Sonarr config and DB |
(especially while expanding)
Warning: The exact commands may not match for your particular linux OS / Synology(NAS) device. I had to customize the commands after exploring my particular system's setup.
If you're new to linux, or this is a new piece of hardware / a new synology device, jump down to the section called "Inspecting a setup"
| # install sysbench | |
| $ apt-get install sysbench | |
| # CPU benchmark, 1 thread | |
| $ sysbench --test=cpu --cpu-max-prime=20000 run | |
| # CPU benchmark, 64 threads | |
| $ sysbench --test=cpu --cpu-max-prime=20000 --num-threads=64 run | |
| # Disk benchmark, random read. See .fio files in this gist |
People
 :bowtie: |
π :smile: |
π :laughing: |
|---|---|---|
π :blush: |
π :smiley: |
:relaxed: |
π :smirk: |
π :heart_eyes: |
π :kissing_heart: |
π :kissing_closed_eyes: |
π³ :flushed: |
π :relieved: |
π :satisfied: |
π :grin: |
π :wink: |
π :stuck_out_tongue_winking_eye: |
π :stuck_out_tongue_closed_eyes: |
π :grinning: |
π :kissing: |
π :kissing_smiling_eyes: |
π :stuck_out_tongue: |