Bogdan Kondratov kondratovbr
mtigas
/ onion-svc-v3-client-auth.sh
Last active
March 1, 2025 03:50
experiments with using v3 onions with client auth (as of tor 0.3.5.X)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # needs openssl 1.1+ | |
| # needs `basez` https://manpages.debian.org/testing/basez/base32hex.1.en.html | |
| # (but something else that decodes the base64 and re-encodes the raw key bytes | |
| # to base32 is probably fine too) | |
| ##### generate a key | |
| openssl genpkey -algorithm x25519 -out /tmp/k1.prv.pem |
jumanjiman
/ harden.sh
Last active
April 27, 2025 15:00
hardening script for an alpine docker container
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # Copyright 2020 Paul Morgan | |
| # License: GPLv2 (https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html) | |
| set -x | |
| set -e | |
| # | |
| # Docker build calls this script to harden the image during build. | |
| # | |
| # NOTE: To build on CircleCI, you must take care to keep the `find` | |
| # command out of the /proc filesystem to avoid errors like: |
plentz
/ nginx.conf
Last active
May 3, 2025 05:27
Best nginx configuration for improved security(and performance)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # to generate your dhparam.pem file, run in the terminal | |
| openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| location /resize { | |
| alias /tmp/nginx/resize; | |
| set $width 150; | |
| set $height 100; | |
| set $dimens ""; | |
| if ($uri ~* "^/resize_(\d+)x(\d+)/(.*)" ) { | |
| set $width $1; | |
| set $height $2; | |
| set $image_path $3; |