Someone built a list of all of Pelican's configuration settings and variables, and what they mean. Useful as a reference to the templating language.

A Github repo containing Docker Compose files for the ejabberd and Mongoose XMPP servers. Includes Nginx config files for proxying one of those servers.

How to configure later-generation nVidia drivers to do their own power management now that it's supported on some models.

Applicable to Turing GPUs and Coffee Lake CPUs. Windbringer does not have the former (the GTX 1050Ti is a Pascal architecture, not a Turing architecture). Still, there are options.

Edit your ~/.gitconfig file and add the following:

[alias]
    pushall = !git remote | xargs -L1 -P0 git push --all --follow-tags

To use it in a Git repository, git pushall after committing changes to your local copy.

Prefer using SSH over HTTP(S) for git.

In your ~/.gitconfig file:

[url "git@github.com:"]
    insteadOf = http://github.com/
    insteadOf = https://github.com/

Wants to be the "cryptographic right answers" document, but for SSH.

Archived.

Maybe have Glitch monitor it?

/etc/ssh/sshd_config:

Protocol 2
AuthenticationMethods publickey
PasswordAuthentication no
PermitEmptyPasswords no
X11Forwarding no
AllowAgentForwarding no

# The problem with having "MaxAuthTries 2" is, the more keys your
# SSH agent has, the more chances you'll have to get locked out.
# I set it to <my number of SSH keys> +2.
MaxAuthTries 10
MaxSessions 10
HostbasedAuthentication no
IgnoreRhosts yes
PermitRootLogin no

KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256

Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr

MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com

This guide arose out of the need for system administrators to have an updated, solid, well researched and thought-through guide for configuring SSL, PGP, SSH and other cryptographic tools in the post-Snowden age. Triggered by the NSA leaks in the summer of 2013, many system administrators and IT security officers saw the need to strengthen their encryption settings. This guide is specifically written for these system administrators.

The focus of this guide is merely to give current best practices for configuring complex cipher suites and related parameters in a copy & paste-able manner. The guide tries to stay as concise as is possible for such a complex topic as cryptography. Naturally, it can not be complete. There are many excellent guides (II & SYM, 2012) and best practice documents available when it comes to cryptography. However none of them focuses specifically on what an average system administrator needs for hardening his or her systems' crypto settings.

A boot selector for the Raspberry Pi. Interactively pick, download, and install multiple OSes for the RasPi to the same SD card. The selection can be changed later. Also lets you use USB drives for storing those OSes instead of an SD card. HDMI enabled.

Archived.

How to override CSS, develop your own, and install new themes for Shaarli.

Teaching the server tech you need for development and production. Eliminating the frustration of server configuration. Databases, configuration management, containers, proxies, security, PHP, and much more.

Secure your email server with STARTTLS Everywhere! Your email service can be insecure in numerous different ways. The service below performs a quick check of your email server's security configuration, including whether STARTTLS is supported, and whether it may qualify for the STARTTLS Policy List.

A perl script that can retrieve the config files of a variety of network devices for administrative or auditing purposes.

A list of the top 20 security practices for the NginX web server. Worth it for the SElinux and /etc/sysctl.conf modifications alone.

This is a configuration file maintained by the Python project which optimizes (g)vim for writing Python code. You don't have to replace your existing .vimrc with it; in fact, it has conditionals that only fire if vim detects that you're editing Python code so it shouldn't mess with anything else you work on. Here's how I use it:

0) Copy this file as ~/.vim/vimrc.python
1) Add the following line to ~/.vimrc:
source /home//.vim/vimrc.python

Uncomment automatic indentation at the end of the file, otherwise this file won't do much for you. I also uncommented syntax highlighting.

How to configure dnsmasq to return the same IP address for any A record a client might request. This feature was added for people constructing public access points.

How to configure dnsmasq to return the same IP address for any A record a client might request. This feature was added for people constructing public access points. The difference between this one and the other one is that this one is how to do it from the command line and not the configuration file.

How to configure Ejabberd so that every client that connects to a server immediately gets a buddy list containing every registered user on that server.

How to test an ejabberd.cfg file before restarting the server. Easier than it seems - why not make it a shell alias?

cat ejabberd.cfg | erl | grep syntax

If that command returns a syntax error line, you know there is a problem in the config file. If there is no output, ejabberd.cfg parses correctly.

How to configure AIDE so it works when somebody turned SElinux off on the machine and you can't turn it back on.