Ming Di Leom
|
ab22ce905d
|
style: edit date
|
2022-02-12 03:56:44 +00:00 |
Ming Di Leom
|
ab6dca6615
|
post(log4shell): cdk stack
- https://gitlab.com/curben/aws-scripts/-/tree/main/log4shell-stack
|
2022-02-12 03:56:20 +00:00 |
Ming Di Leom
|
9bbec7a51a
|
fix: codeblock tag plugin syntax
|
2022-01-08 21:43:03 +00:00 |
Ming Di Leom
|
83f4a6aad5
|
post(alpine-binaries): update to alpine:3.15 image
|
2022-01-08 05:27:30 +00:00 |
Ming Di Leom
|
c45ed4566f
|
post: Installing Caddy plugins in NixOS
|
2021-12-27 05:33:45 +00:00 |
Ming Di Leom
|
2957b240f8
|
post(cloudflared-nixos): custom package
|
2021-12-27 04:26:34 +00:00 |
Ming Di Leom
|
ce73b39d1e
|
post: Parsing NGINX log in Splunk
|
2021-12-25 07:26:09 +00:00 |
Ming Di Leom
|
13cb4353a2
|
post(log4shell): service unit needs to be unmasked
before starting it
|
2021-12-17 09:30:58 +00:00 |
Ming Di Leom
|
6921550557
|
post: Check Log4Shell vulnerability using Unbound DNS server
|
2021-12-17 09:28:37 +00:00 |
Ming Di Leom
|
d78f5e4e2d
|
post(eepsite): clarify on deriving B32 from .dat
|
2021-12-09 06:31:34 +00:00 |
Ming Di Leom
|
8e37626802
|
fix(csp): allow web manifest
- this site does use it
* https://gitlab.com/curben/blog/-/blob/master/source/site.webmanifest
|
2021-11-18 08:33:26 +00:00 |
Ming Di Leom
|
ea92a6122c
|
post: cloud control
|
2021-10-08 10:20:24 +00:00 |
Ming Di Leom
|
7fade49ffa
|
post(microg): clarify microg installation options
|
2021-09-19 03:25:14 +00:00 |
Ming Di Leom
|
f51f141e6a
|
post(microg): peril of OTA zip in A/B partition
|
2021-09-18 23:37:08 +00:00 |
Ming Di Leom
|
a9dfb061d1
|
post(microg): microG installer using Magisk module
|
2021-09-18 02:56:26 +00:00 |
Ming Di Leom
|
68418203ea
|
post(aws-config): shorter title
|
2021-09-16 20:52:36 +00:00 |
Ming Di Leom
|
c5594e4a3e
|
post(aws-waf): regional ACL
- style: standardise edit date
|
2021-09-01 09:19:38 +00:00 |
Ming Di Leom
|
d5093b21f4
|
post(aws-waf): move usage guide to repo
- https://gitlab.com/curben/aws-scripts
|
2021-08-22 07:43:12 +00:00 |
Ming Di Leom
|
2a6f2ebd2a
|
feat(aws-config): support more rules
- consolidate into a script
|
2021-08-21 07:19:55 +00:00 |
Ming Di Leom
|
6545ab080e
|
post: aws config
|
2021-08-15 08:15:13 +00:00 |
Ming Di Leom
|
b22baa1999
|
fix: move aws scripts to curben/aws-scripts repo
|
2021-08-15 08:06:18 +00:00 |
Ming Di Leom
|
671cafd086
|
fix(Caddyfile): http.reverse_proxy.upstream.host placeholder
|
2021-07-24 02:49:23 +00:00 |
Ming Di Leom
|
bb1eed3b9e
|
post(caddy): remove more PII
|
2021-07-24 02:40:54 +00:00 |
Ming Di Leom
|
81df021f5d
|
post: Calculate Web ACL Capacity Unit (WCU) in AWS WAF
|
2021-07-23 08:00:02 +00:00 |
Ming Di Leom
|
ff0dd91b8d
|
post(caddy): remove PII from error log
- "log" global option
- https://caddyserver.com/docs/caddyfile/options#log
- available in Caddy v2.4.0+
|
2021-07-16 09:16:10 +00:00 |
Ming Di Leom
|
588f65f6d4
|
fix: update duckduckgo v3 onion
https://teddit.net/r/duckduckgo/comments/oc07wj/news_duckduckgo_search_now_available_via_tor/
|
2021-07-07 11:32:52 +00:00 |
Ming Di Leom
|
c59e036d12
|
post: remove harica file
|
2021-07-04 03:42:36 +00:00 |
Ming Di Leom
|
9b6993fc43
|
post: Get a ECDSA TLS certificate for your onion service
|
2021-07-04 03:39:22 +00:00 |
Ming Di Leom
|
c3c8760977
|
post: Using custom package in a NixOS module
|
2021-07-02 22:51:58 +00:00 |
Ming Di Leom
|
a61e612415
|
style: spacing
|
2021-06-27 07:56:44 +00:00 |
Ming Di Leom
|
54c63d1b7b
|
post: Convert AWS WAF ACLs to human-readable format
|
2021-06-27 07:53:55 +00:00 |
Ming Di Leom
|
4bc257c7e7
|
post(nixos): cloudflared replaced port forwarding & open inbound port
|
2021-06-20 07:02:48 +00:00 |
Ming Di Leom
|
e7f1e1b2ff
|
post(free-apps): add Organic Maps, Catima, PDF Viewer
- remove defunct Yelp Store, Maps
|
2021-06-19 07:17:18 +00:00 |
Ming Di Leom
|
319ee042cd
|
post(microg): add Aurora Droid/Store, Organic Maps, Catima
- remove defunct Yelp Store, Maps
|
2021-06-19 07:06:02 +00:00 |
Ming Di Leom
|
fff583c2b4
|
post(cloudflared): custom config location
|
2021-06-16 11:19:45 +00:00 |
Ming Di Leom
|
7c0d28e988
|
post(nixos): user must be assigned to a group
- otherwise the home folder will be created/assigned with "nogroup" group
|
2021-06-15 10:49:03 +00:00 |
Ming Di Leom
|
1e1223de2d
|
post: cf argo on nixos
|
2021-06-15 10:40:15 +00:00 |
Ming Di Leom
|
2bbe0cc629
|
post: nixos 21.05 upgrade note
|
2021-06-13 09:42:48 +00:00 |
Ming Di Leom
|
1d1bd91266
|
post(nixos): enable isSystemUser to disable shell
|
2021-06-13 09:22:57 +00:00 |
Ming Di Leom
|
365f937665
|
post(rsync-nixos): disable createHome to prevent reverting to chmod 700
- retain world-readable/chmod 755
|
2021-06-13 00:00:57 +00:00 |
Ming Di Leom
|
635ddd3f72
|
post(nixos): isNormalUser/isSystemUser must be set if uid is null
- https://search.nixos.org/options?channel=21.05&show=users.users.%3Cname%3E.isNormalUser&from=0&size=50&sort=relevance&query=isnormaluser
|
2021-06-12 08:10:26 +00:00 |
Ming Di Leom
|
8c2e000d8d
|
post(nixos): update syntax to 21.05
- https://nixos.org/manual/nixos/stable/release-notes.html#sec-release-21.05
|
2021-06-12 07:33:38 +00:00 |
Ming Di Leom
|
ad4b53a5c3
|
fix(dedup-array): Object.fromEntries() to convert array to object
|
2021-06-06 07:51:33 +00:00 |
Ming Di Leom
|
b714d9149a
|
post(python3-venv): mention virtualenv
|
2021-04-20 11:32:55 +00:00 |
Ming Di Leom
|
087efae9ac
|
post: python3 venv
|
2021-04-20 11:21:46 +00:00 |
Ming Di Leom
|
c808b7ed89
|
post(gnu-busybox): minor correction on zip support
|
2021-04-20 08:46:07 +00:00 |
Ming Di Leom
|
ccd0701586
|
post(gnu-busybox): limitation of gunzip
|
2021-04-19 10:32:44 +00:00 |
Ming Di Leom
|
8647a8e2c8
|
fix(http-headers): opt-out FLoC
- https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network
|
2021-04-16 05:54:38 +00:00 |
Ming Di Leom
|
776f16b0bc
|
fix(http-headers): Feature-Policy renamed to Permissions-Policy
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy
|
2021-04-14 08:54:00 +00:00 |
Ming Di Leom
|
732d467d97
|
post(snort-suricata): mention RPZ
|
2021-04-04 18:02:11 +00:00 |
Ming Di Leom
|
5256ade567
|
fix(markdown): ordered list's indent must have 4 spaces
- f8024eb24d/docs/demo/quickref.md (lists)
- fix table syntax
|
2021-04-04 17:54:45 +00:00 |
Ming Di Leom
|
4cea30e514
|
post(oracle-nixos): boot volume created from backup is not free
|
2021-04-04 17:42:51 +00:00 |
Ming Di Leom
|
c4206b2f62
|
post: urlhaus-filter and phishing-filter available as Snort and Suricata rules
|
2021-03-20 03:38:35 +00:00 |
Ming Di Leom
|
0c569662a1
|
post(rsync-nixos): specify artifact between jobs
|
2021-03-15 22:51:56 +00:00 |
Ming Di Leom
|
1417d7d408
|
ci: after_script should only be used for cleanup
- in case of job failure
|
2021-03-15 11:12:54 +00:00 |
Ming Di Leom
|
28c702670f
|
post: "rsync is surprisingly simple to setup"
|
2021-03-15 07:01:43 +00:00 |
Ming Di Leom
|
77d29cec6c
|
post(nixos-oracle): mention NixOS-Infect
- https://github.com/elitak/nixos-infect
|
2021-03-15 03:02:08 +00:00 |
Ming Di Leom
|
64fd89a9b4
|
post(hsts): chromium 89
|
2021-03-11 04:50:28 +00:00 |
Ming Di Leom
|
4def850d59
|
post: Install NixOS on Oracle Cloud
|
2021-03-08 22:10:33 +00:00 |
Ming Di Leom
|
ab5b2795d4
|
post(eepsite): mention reg.i2p
|
2021-03-07 12:23:19 +00:00 |
Ming Di Leom
|
08750be86b
|
post(caddy): should not add "Clear-Site-Data" header
- incompatible with cloudflare caching
|
2021-03-03 05:31:33 +00:00 |
Ming Di Leom
|
bc3823248f
|
post(nixos-part-1): update to cloudflare pages
|
2021-02-22 03:17:13 +00:00 |
Ming Di Leom
|
097f3b5801
|
post(cf-pages): more readable paragraph
|
2021-02-21 10:50:24 +00:00 |
Ming Di Leom
|
c136674136
|
post(caddy-v2): tls client auth
|
2021-02-16 00:55:12 +00:00 |
Ming Di Leom
|
457cee1eaf
|
docs: new backend/mirror curben.pages.dev
|
2021-02-15 09:13:57 +00:00 |
Ming Di Leom
|
305ca04029
|
post: Deploy Hexo to Cloudflare Pages
|
2021-02-15 09:12:21 +00:00 |
MDLeom
|
e7449110c8
|
fix: update Statically API endpoint
- new endpoint seems easier to cache, especially when cloudflare is configured not to cache query string
* https://support.cloudflare.com/hc/en-us/articles/218411427#summary-of-page-rules-settings
- Statically doesn't support resizing webp & gif yet
- screenshot API also doesn't support mobile version
* it was previously working
|
2021-01-12 03:32:41 +00:00 |
MDLeom
|
23d5e3a2fc
|
post(caddy2-precompressed): minor grammar
|
2021-01-11 22:31:49 +00:00 |
MDLeom
|
c7e7b1ce13
|
post(alpine-binaries): update to 3.12
|
2020-12-18 16:48:12 +00:00 |
MDLeom
|
ca58b7901e
|
post(cloudflare-hsts): mdleom.com is now in preload list
- but not yet deploy to stable
|
2020-12-17 14:32:45 +00:00 |
MDLeom
|
4289211a09
|
post(caddy): add gitlab pages as alternative upstream
|
2020-12-12 10:05:16 +00:00 |
MDLeom
|
ae363a7de0
|
post(hexo-gitlab): remove warning
|
2020-12-12 08:15:13 +00:00 |
MDLeom
|
23db552776
|
post(rhythmbox): add 'linux' tag
|
2020-12-07 03:06:21 +00:00 |
MDLeom
|
c834bc2d8d
|
post(nixos-config): utilise malware-blocking dns
- https://1.1.1.1/family/
- add quad9, tls1.3 & enforce dnssec
|
2020-12-01 10:56:15 +00:00 |
MDLeom
|
0a725e9ecf
|
fix(redirects): update /files/ paths
- 1f70316713
|
2020-11-29 02:02:34 +00:00 |
MDLeom
|
1f70316713
|
feat(redirects): /files/ reverse proxy
- reduce 3rd-party links for eepsite compatibility
|
2020-11-29 01:58:26 +00:00 |
MDLeom
|
8c5939b5f1
|
post: Enabling HSTS preload in Cloudflare
|
2020-11-21 23:08:23 +00:00 |
MDLeom
|
3dd6d31b7e
|
post(tags): add 'cloudflare'
|
2020-11-21 10:21:24 +00:00 |
MDLeom
|
9a7e4c6a9c
|
post(cloudflare-caching): correction
|
2020-11-21 10:17:45 +00:00 |
MDLeom
|
9b74a5fce3
|
fix(img): '/img/' prefix is not required
|
2020-11-21 03:05:59 +00:00 |
MDLeom
|
71eb1fc347
|
post: Cloudflare does not cache html by default
|
2020-11-21 02:35:14 +00:00 |
MDLeom
|
a5d41b429a
|
post(hexo-guide): mirror correction
|
2020-11-17 04:52:39 +00:00 |
MDLeom
|
4794ed5d7e
|
post(hexo-guide): add 'netlify' tag
|
2020-11-17 04:50:23 +00:00 |
MDLeom
|
996ea52384
|
post(hexo-guide): link hexo.io guides
|
2020-11-17 04:49:10 +00:00 |
MDLeom
|
a0f37396f4
|
fix(header): remove Content-Language
- incorrect usage
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Language
|
2020-11-14 00:53:04 +00:00 |
MDLeom
|
775566136c
|
post(caddy-precompressed): warn about testing on browsers
|
2020-11-13 23:02:37 +00:00 |
MDLeom
|
56992697a7
|
post(caddy): xml/rss should not be cached for a week
|
2020-11-12 22:48:03 +00:00 |
MDLeom
|
d50f580cc5
|
post(caddy): dedup config
|
2020-11-12 22:22:26 +00:00 |
MDLeom
|
572a716140
|
post: 'Serving pre-compressed files in Caddy 2'
|
2020-11-12 06:53:41 +00:00 |
MDLeom
|
153ccfe96a
|
post(nixos-caddy): fix caddyTwo.nix
|
2020-11-10 03:17:18 +00:00 |
MDLeom
|
259c0aa1b1
|
post(caddy): hsts header typo
|
2020-11-10 02:14:10 +00:00 |
MDLeom
|
53bdc4548e
|
post(nixos): attach complete configuration.nix
|
2020-11-09 01:08:18 +00:00 |
MDLeom
|
a1c0b6b1d0
|
post(nixos-caddy): update to NixOS 20.09 & caddy 2.1
|
2020-11-09 00:55:42 +00:00 |
MDLeom
|
c2d9914916
|
post(nixos): switch 'magic-wormhole' to 'wormhole-william'
|
2020-11-08 05:38:06 +00:00 |
MDLeom
|
c5badae866
|
post(nixos): mention kernel is LTS
|
2020-11-08 04:53:57 +00:00 |
MDLeom
|
99ac6b142f
|
post(caddy): systemd start-rate-limit in 21.03
- https://github.com/NixOS/nixpkgs/pull/97512
|
2020-11-08 00:17:26 +00:00 |
MDLeom
|
3fd090b561
|
post(caddy): NixOS/nixpkgs#97512 is still in progress
|
2020-10-31 06:20:55 +00:00 |
MDLeom
|
64a5d20284
|
post(onion-location): fix title
|
2020-10-24 01:02:43 +00:00 |
MDLeom
|
62a7c02da2
|
post(busybox-aws): encrypt ssh key
|
2020-10-21 09:12:37 +00:00 |
MDLeom
|
92153f9189
|
post(busybox-aws): grammar
|
2020-10-21 09:04:22 +00:00 |