Commit Graph

387 Commits

Author SHA1 Message Date
Ming Di Leom ab22ce905d
style: edit date 2022-02-12 03:56:44 +00:00
Ming Di Leom ab6dca6615
post(log4shell): cdk stack
- https://gitlab.com/curben/aws-scripts/-/tree/main/log4shell-stack
2022-02-12 03:56:20 +00:00
Ming Di Leom 9bbec7a51a
fix: codeblock tag plugin syntax 2022-01-08 21:43:03 +00:00
Ming Di Leom 83f4a6aad5
post(alpine-binaries): update to alpine:3.15 image 2022-01-08 05:27:30 +00:00
Ming Di Leom c45ed4566f
post: Installing Caddy plugins in NixOS 2021-12-27 05:33:45 +00:00
Ming Di Leom 2957b240f8
post(cloudflared-nixos): custom package 2021-12-27 04:26:34 +00:00
Ming Di Leom ce73b39d1e
post: Parsing NGINX log in Splunk 2021-12-25 07:26:09 +00:00
Ming Di Leom 13cb4353a2
post(log4shell): service unit needs to be unmasked
before starting it
2021-12-17 09:30:58 +00:00
Ming Di Leom 6921550557
post: Check Log4Shell vulnerability using Unbound DNS server 2021-12-17 09:28:37 +00:00
Ming Di Leom d78f5e4e2d
post(eepsite): clarify on deriving B32 from .dat 2021-12-09 06:31:34 +00:00
Ming Di Leom 8e37626802
fix(csp): allow web manifest
- this site does use it
  * https://gitlab.com/curben/blog/-/blob/master/source/site.webmanifest
2021-11-18 08:33:26 +00:00
Ming Di Leom ea92a6122c
post: cloud control 2021-10-08 10:20:24 +00:00
Ming Di Leom 7fade49ffa
post(microg): clarify microg installation options 2021-09-19 03:25:14 +00:00
Ming Di Leom f51f141e6a
post(microg): peril of OTA zip in A/B partition 2021-09-18 23:37:08 +00:00
Ming Di Leom a9dfb061d1
post(microg): microG installer using Magisk module 2021-09-18 02:56:26 +00:00
Ming Di Leom 68418203ea
post(aws-config): shorter title 2021-09-16 20:52:36 +00:00
Ming Di Leom c5594e4a3e
post(aws-waf): regional ACL
- style: standardise edit date
2021-09-01 09:19:38 +00:00
Ming Di Leom d5093b21f4
post(aws-waf): move usage guide to repo
- https://gitlab.com/curben/aws-scripts
2021-08-22 07:43:12 +00:00
Ming Di Leom 2a6f2ebd2a
feat(aws-config): support more rules
- consolidate into a script
2021-08-21 07:19:55 +00:00
Ming Di Leom 6545ab080e
post: aws config 2021-08-15 08:15:13 +00:00
Ming Di Leom b22baa1999
fix: move aws scripts to curben/aws-scripts repo 2021-08-15 08:06:18 +00:00
Ming Di Leom 671cafd086
fix(Caddyfile): http.reverse_proxy.upstream.host placeholder 2021-07-24 02:49:23 +00:00
Ming Di Leom bb1eed3b9e
post(caddy): remove more PII 2021-07-24 02:40:54 +00:00
Ming Di Leom 81df021f5d
post: Calculate Web ACL Capacity Unit (WCU) in AWS WAF 2021-07-23 08:00:02 +00:00
Ming Di Leom ff0dd91b8d
post(caddy): remove PII from error log
- "log" global option
- https://caddyserver.com/docs/caddyfile/options#log
- available in Caddy v2.4.0+
2021-07-16 09:16:10 +00:00
Ming Di Leom 588f65f6d4
fix: update duckduckgo v3 onion
https://teddit.net/r/duckduckgo/comments/oc07wj/news_duckduckgo_search_now_available_via_tor/
2021-07-07 11:32:52 +00:00
Ming Di Leom c59e036d12
post: remove harica file 2021-07-04 03:42:36 +00:00
Ming Di Leom 9b6993fc43
post: Get a ECDSA TLS certificate for your onion service 2021-07-04 03:39:22 +00:00
Ming Di Leom c3c8760977
post: Using custom package in a NixOS module 2021-07-02 22:51:58 +00:00
Ming Di Leom a61e612415
style: spacing 2021-06-27 07:56:44 +00:00
Ming Di Leom 54c63d1b7b
post: Convert AWS WAF ACLs to human-readable format 2021-06-27 07:53:55 +00:00
Ming Di Leom 4bc257c7e7
post(nixos): cloudflared replaced port forwarding & open inbound port 2021-06-20 07:02:48 +00:00
Ming Di Leom e7f1e1b2ff
post(free-apps): add Organic Maps, Catima, PDF Viewer
- remove defunct Yelp Store, Maps
2021-06-19 07:17:18 +00:00
Ming Di Leom 319ee042cd
post(microg): add Aurora Droid/Store, Organic Maps, Catima
- remove defunct Yelp Store, Maps
2021-06-19 07:06:02 +00:00
Ming Di Leom fff583c2b4
post(cloudflared): custom config location 2021-06-16 11:19:45 +00:00
Ming Di Leom 7c0d28e988
post(nixos): user must be assigned to a group
- otherwise the home folder will be created/assigned with "nogroup" group
2021-06-15 10:49:03 +00:00
Ming Di Leom 1e1223de2d
post: cf argo on nixos 2021-06-15 10:40:15 +00:00
Ming Di Leom 2bbe0cc629
post: nixos 21.05 upgrade note 2021-06-13 09:42:48 +00:00
Ming Di Leom 1d1bd91266
post(nixos): enable isSystemUser to disable shell 2021-06-13 09:22:57 +00:00
Ming Di Leom 365f937665
post(rsync-nixos): disable createHome to prevent reverting to chmod 700
- retain world-readable/chmod 755
2021-06-13 00:00:57 +00:00
Ming Di Leom 635ddd3f72
post(nixos): isNormalUser/isSystemUser must be set if uid is null
- https://search.nixos.org/options?channel=21.05&show=users.users.%3Cname%3E.isNormalUser&from=0&size=50&sort=relevance&query=isnormaluser
2021-06-12 08:10:26 +00:00
Ming Di Leom 8c2e000d8d
post(nixos): update syntax to 21.05
- https://nixos.org/manual/nixos/stable/release-notes.html#sec-release-21.05
2021-06-12 07:33:38 +00:00
Ming Di Leom ad4b53a5c3
fix(dedup-array): Object.fromEntries() to convert array to object 2021-06-06 07:51:33 +00:00
Ming Di Leom b714d9149a
post(python3-venv): mention virtualenv 2021-04-20 11:32:55 +00:00
Ming Di Leom 087efae9ac
post: python3 venv 2021-04-20 11:21:46 +00:00
Ming Di Leom c808b7ed89
post(gnu-busybox): minor correction on zip support 2021-04-20 08:46:07 +00:00
Ming Di Leom ccd0701586
post(gnu-busybox): limitation of gunzip 2021-04-19 10:32:44 +00:00
Ming Di Leom 8647a8e2c8
fix(http-headers): opt-out FLoC
- https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network
2021-04-16 05:54:38 +00:00
Ming Di Leom 776f16b0bc
fix(http-headers): Feature-Policy renamed to Permissions-Policy
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy
2021-04-14 08:54:00 +00:00
Ming Di Leom 732d467d97
post(snort-suricata): mention RPZ 2021-04-04 18:02:11 +00:00
Ming Di Leom 5256ade567
fix(markdown): ordered list's indent must have 4 spaces
- f8024eb24d/docs/demo/quickref.md (lists)
- fix table syntax
2021-04-04 17:54:45 +00:00
Ming Di Leom 4cea30e514
post(oracle-nixos): boot volume created from backup is not free 2021-04-04 17:42:51 +00:00
Ming Di Leom c4206b2f62
post: urlhaus-filter and phishing-filter available as Snort and Suricata rules 2021-03-20 03:38:35 +00:00
Ming Di Leom 0c569662a1
post(rsync-nixos): specify artifact between jobs 2021-03-15 22:51:56 +00:00
Ming Di Leom 1417d7d408
ci: after_script should only be used for cleanup
- in case of job failure
2021-03-15 11:12:54 +00:00
Ming Di Leom 28c702670f
post: "rsync is surprisingly simple to setup" 2021-03-15 07:01:43 +00:00
Ming Di Leom 77d29cec6c
post(nixos-oracle): mention NixOS-Infect
- https://github.com/elitak/nixos-infect
2021-03-15 03:02:08 +00:00
Ming Di Leom 64fd89a9b4
post(hsts): chromium 89 2021-03-11 04:50:28 +00:00
Ming Di Leom 4def850d59
post: Install NixOS on Oracle Cloud 2021-03-08 22:10:33 +00:00
Ming Di Leom ab5b2795d4
post(eepsite): mention reg.i2p 2021-03-07 12:23:19 +00:00
Ming Di Leom 08750be86b
post(caddy): should not add "Clear-Site-Data" header
- incompatible with cloudflare caching
2021-03-03 05:31:33 +00:00
Ming Di Leom bc3823248f
post(nixos-part-1): update to cloudflare pages 2021-02-22 03:17:13 +00:00
Ming Di Leom 097f3b5801
post(cf-pages): more readable paragraph 2021-02-21 10:50:24 +00:00
Ming Di Leom c136674136
post(caddy-v2): tls client auth 2021-02-16 00:55:12 +00:00
Ming Di Leom 457cee1eaf
docs: new backend/mirror curben.pages.dev 2021-02-15 09:13:57 +00:00
Ming Di Leom 305ca04029
post: Deploy Hexo to Cloudflare Pages 2021-02-15 09:12:21 +00:00
MDLeom e7449110c8
fix: update Statically API endpoint
- new endpoint seems easier to cache, especially when cloudflare is configured not to cache query string
  * https://support.cloudflare.com/hc/en-us/articles/218411427#summary-of-page-rules-settings
- Statically doesn't support resizing webp & gif yet
- screenshot API also doesn't support mobile version
  * it was previously working
2021-01-12 03:32:41 +00:00
MDLeom 23d5e3a2fc
post(caddy2-precompressed): minor grammar 2021-01-11 22:31:49 +00:00
MDLeom c7e7b1ce13
post(alpine-binaries): update to 3.12 2020-12-18 16:48:12 +00:00
MDLeom ca58b7901e
post(cloudflare-hsts): mdleom.com is now in preload list
- but not yet deploy to stable
2020-12-17 14:32:45 +00:00
MDLeom 4289211a09
post(caddy): add gitlab pages as alternative upstream 2020-12-12 10:05:16 +00:00
MDLeom ae363a7de0
post(hexo-gitlab): remove warning 2020-12-12 08:15:13 +00:00
MDLeom 23db552776
post(rhythmbox): add 'linux' tag 2020-12-07 03:06:21 +00:00
MDLeom c834bc2d8d
post(nixos-config): utilise malware-blocking dns
- https://1.1.1.1/family/
- add quad9, tls1.3 & enforce dnssec
2020-12-01 10:56:15 +00:00
MDLeom 0a725e9ecf
fix(redirects): update /files/ paths
- 1f70316713
2020-11-29 02:02:34 +00:00
MDLeom 1f70316713
feat(redirects): /files/ reverse proxy
- reduce 3rd-party links for eepsite compatibility
2020-11-29 01:58:26 +00:00
MDLeom 8c5939b5f1
post: Enabling HSTS preload in Cloudflare 2020-11-21 23:08:23 +00:00
MDLeom 3dd6d31b7e
post(tags): add 'cloudflare' 2020-11-21 10:21:24 +00:00
MDLeom 9a7e4c6a9c
post(cloudflare-caching): correction 2020-11-21 10:17:45 +00:00
MDLeom 9b74a5fce3
fix(img): '/img/' prefix is not required 2020-11-21 03:05:59 +00:00
MDLeom 71eb1fc347
post: Cloudflare does not cache html by default 2020-11-21 02:35:14 +00:00
MDLeom a5d41b429a
post(hexo-guide): mirror correction 2020-11-17 04:52:39 +00:00
MDLeom 4794ed5d7e
post(hexo-guide): add 'netlify' tag 2020-11-17 04:50:23 +00:00
MDLeom 996ea52384
post(hexo-guide): link hexo.io guides 2020-11-17 04:49:10 +00:00
MDLeom a0f37396f4
fix(header): remove Content-Language
- incorrect usage
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Language
2020-11-14 00:53:04 +00:00
MDLeom 775566136c
post(caddy-precompressed): warn about testing on browsers 2020-11-13 23:02:37 +00:00
MDLeom 56992697a7
post(caddy): xml/rss should not be cached for a week 2020-11-12 22:48:03 +00:00
MDLeom d50f580cc5
post(caddy): dedup config 2020-11-12 22:22:26 +00:00
MDLeom 572a716140
post: 'Serving pre-compressed files in Caddy 2' 2020-11-12 06:53:41 +00:00
MDLeom 153ccfe96a
post(nixos-caddy): fix caddyTwo.nix 2020-11-10 03:17:18 +00:00
MDLeom 259c0aa1b1
post(caddy): hsts header typo 2020-11-10 02:14:10 +00:00
MDLeom 53bdc4548e
post(nixos): attach complete configuration.nix 2020-11-09 01:08:18 +00:00
MDLeom a1c0b6b1d0
post(nixos-caddy): update to NixOS 20.09 & caddy 2.1 2020-11-09 00:55:42 +00:00
MDLeom c2d9914916
post(nixos): switch 'magic-wormhole' to 'wormhole-william' 2020-11-08 05:38:06 +00:00
MDLeom c5badae866
post(nixos): mention kernel is LTS 2020-11-08 04:53:57 +00:00
MDLeom 99ac6b142f
post(caddy): systemd start-rate-limit in 21.03
- https://github.com/NixOS/nixpkgs/pull/97512
2020-11-08 00:17:26 +00:00
MDLeom 3fd090b561
post(caddy): NixOS/nixpkgs#97512 is still in progress 2020-10-31 06:20:55 +00:00
MDLeom 64a5d20284
post(onion-location): fix title 2020-10-24 01:02:43 +00:00
MDLeom 62a7c02da2
post(busybox-aws): encrypt ssh key 2020-10-21 09:12:37 +00:00
MDLeom 92153f9189
post(busybox-aws): grammar 2020-10-21 09:04:22 +00:00