Yılmaz Uğurlu metoikos

Yubikey + GPG + Github + Keybase

The following guide are steps that can be used to generate GPG keys on a YubiKey, use the gpg keys to sign github commits, and publish the public gpg key to Keybase.

Why is this a good idea?

Generating and storing GPG keys on a YubiKey allows the private key to be protected and ported between physical machines.
Signing git commits adds an extra layer of verification that code changes originated from an trusted source.
Using a YubiKey + touch-to-sign requires a physical presence to use the GPG signing key.
GitHub supports restricting commits to a repo to only those that are signed.
Putting a physical stamp on your code commits invokes a feeling of pride.

Moved to git repository: https://github.com/denji/nginx-tuning

NGINX Tuning For Best Performance

For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx.

Generally, properly configured nginx can handle up to 400K to 500K requests per second (clustered), most what i saw is 50K to 80K (non-clustered) requests per second and 30% CPU load, course, this was 2 x Intel Xeon with HyperThreading enabled, but it can work without problem on slower machines.

You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers.

1. Overview

This is an example of using module tls in NodeJS to create a client securely connecting to a TLS server.

It is a modified version from documentation about TLS, in which:

The server is a simple echo one. Clients connect to it, get the same thing back if they send anything to the server.
The server is a TLS-based server.
Clients somehow get the server's public key and use it to work securely with the server

2. Preparation

Node.js TLS plain TLS sockets

This guide shows how to set up a bidirectional client/server authentication for plain TLS sockets.

Prepare certificates

Generate a Certificate Authority:

openssl req -new -x509 -days 9999 -keyout ca-key.pem -out ca-crt.pem

	name: Continuous deploy

	on:
	push:
	branches: [master]

	jobs:
	serverless-deploy:
	runs-on: ubuntu-latest

	#!/usr/bin/env bash

	set -Eeuo pipefail
	trap cleanup SIGINT SIGTERM ERR EXIT

	script_dir=$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd -P)

	usage() {
	cat <<EOF
	Usage: $(basename "${BASH_SOURCE[0]}") [-h] [-v] [-f] -p param_value arg1 [arg2...]

	import machine


	def deep_sleep(self, msecs):
	# configure RTC.ALARM0 to be able to wake the device
	rtc = machine.RTC()
	rtc.irq(trigger=rtc.ALARM0, wake=machine.DEEPSLEEP)
	# set RTC.ALARM0 to fire after Xmilliseconds, waking the device
	rtc.alarm(rtc.ALARM0, msecs)
	# put the device to sleep

	import os

	PATH = path/to/my/blueprints/directory
	BLUEPRINT = 'the_blueprint'

	def import_file(path, name=None):
	""" imports a file with given name and path """
	# use the imp module to do actual imports
	import imp
	name = name or os.path.split(path)[-1].replace(".", "_")

	@import url('https://fonts.googleapis.com/css?family=Fira+Sans:300');
	body {
	font-family: 'Fira Sans', sans-serif;
	line-height: 1.6;
	color: #222;
	max-width: 40rem;
	padding: 2rem;
	margin: auto;
	background: #fafafa;
	}

	const chunk = (arr: any, size: number) => Array.from({
	length: Math.ceil(arr.length, size)
	}, (v: any, i: any) => arr.slice(i * size, i * size + size))