• Posts
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
/etc/shadow and Creating yescrypt, MD5, SHA-256, and SHA-512 Password Hashes
15 Rules of Channels and Their Implementation
5 DevSecOps open source projects to know
6 YAML Features most programmers don't know
6首國際最強公認催眠曲
[Community] Cisco UCS CIMC series
[Golang] Use build tags for different build configs
[Juniper Firewall] command
[Kubernetes] Service Overview
[Notes] Build an Ubuntu remote desktop environment on GCP
[Share] Keychain - Pendant from a Type 57 rifle bayonet scabbard
[Translated] Go inline strategy and limitations
A Brief Look at Go Iterators
A Concise Go embed Tutorial
A fast and powerful log viewer and processor that converts JSON logs or logfmt logs into a clear human-readable format.
A python script that allows your terminal to snow.
A10
Abount Ansible Hosts
Add SFTP user and share directory
Advanced macOS Command-Line Tools
Advanced Shell Scripting Techniques: Automating Complex Tasks with Bash
Aliyun CDN Cache Rules
An easy way to identify virtualization technology
An introduction to hacker tools: the tip of the iceberg
Ancient Time Units
Ansible Introduction
ansible.builtin.slurp - read file content
Applying HTTPS Certificates for CDN
Argo CD ApplicationSet Controller: The World Turns for Me!
Arp notes
Avalon (The Resistance: Avalon)
Avoiding the Top 10 NGINX Configuration Mistakes - NGINX
Back up databases with mydumper
Backup FortiOS config with Ansible - with RestAPI
Bash Bitwise Operators
Basic kubeadm usage notes (by request)
Best Practices for Writing Bash Scripts
Best V2Ray One-Click Install & Management Script
Bind JSON with jsoniter in Gin
BIRD and BGP: a beginner's kickoff
Black Hat Go
Build a Lightweight Docker Image for Your Go App? | IT Man
Build a Private Object Storage with Traefik v3 and MinIO in Docker
Bypass X-Frame-Options with Nginx
Cannot set command timeout per task with network_cli
Cloudflare Traffic sequence
Cloudflare Tunnel
Cloudflare Zero Trust
Common GitBook plugins
Common shell scripting tips
Configuring SSH Keys for Multiple GitHub Accounts
Container security fundamentals
Containers from scratch
Containers From Scratch by Golang (feat. Liz Rice)
Convert a List to a List of Dicts
Convert Cloudflare WARP to an HTTP Proxy
Convert Command Output to an Image
Convert your codebase into a single LLM prompt.
Create macOS DMG and Bootable ISO
CS Visualized: Useful Git Commands
Data Center Notes
Database Fundamentals
datavizproject
Day 19 BGP Protocol (1)
Day 28 - Introduction to Useful Third-Party Kubernetes Tools
Dedicated Server CPU Frequency Maximization Guide
Deploying OpenVPN with AD domain authentication
Do you understand the Nginx request processing flow?
Docker Containers Can't Access the Internet? NAT Configuration Guide for nftables
Docker Introduction
Docker Security Best Practices: Cheat Sheet
Docker Tips: Using Docker Config
docker-compose yaml problem
Dockertest: A Fast Way to Set Up Integration Test Environments
Draw Diagrams With Markdown
Elasticsearch Study Notes
Emoji Regular expression
Enable GitLab project integration: Mattermost slash commands
Everyone Needs an HTTP Proxy to Debug
Everything About MTU and MSS
Excessive Errors from `sentry.lang.javascript.processor: SoftTimeLimitExceeded()`
Expose your local web server to the internet with a public URL.
Faster Multi-Platform Builds: Dockerfile Cross-Compilation Guide
Fetch GraphQL schema information
Fighting DDoS: nginx, iptables, and fail2ban
Fighting ISP Cache Hijacking Again with iptables
Firewall Update
Fix Nginx 500 errors (too many open files, connection)
Fixing Disk Space Not Freed on Linux
Force file download with Nginx
Fortigate Management Interface in HA Mode
Getting Started with GitHub Actions
Gin documentation (Chinese)
Git force push
GitLab CI Can Automatically Check Code Quality! How to Use SonarQube for Code Quality Checks?
Gitlab-CI Introduction
Gluetun: Route Docker Containers Through a VPN, Disconnect on No Network
Go 1.21 GA PGO Optimization You Can't Grasp in One Read — A Try on WebP Server Go
Go AES Encryption and Decryption in Three Modes (CBC/ECB/CFB)
Go Articles
Go code refactoring : the 23x performance hunt
Go Generics Beginner Notes
Go High-Performance Programming Handbook (Long Read)
Go leetcode
Go Modules workflow for private Git repositories
Go Patterns
Go pprof in Practice
Go Practical Guide: Execute Lua Scripts with go-redis
Go Protobuf: The New Opaque API
Go string format
Go Style Decisions - Pass values
Go Tool Trace
go-mysql-elasticsearch-benchmarking
go-synctest
Golang benchmarks
Golang os/exec usage (notes)
Golang Service Exceeded File Handle Limit (too many open files)
Golang Tips
Google Cloud Platform(GCP): Access Linux Server using GUI running in GCP instance using Windows Remote Desktop Connection.
Google Infra
Google Search Operators: The Complete List (44 Advanced Operators)
GraphQL Introspection Query
HA command
Harden a Server with Fail2Ban + nftables
Hide Within Cloudflare's Global Network
High Performance Go Workshop
How Core Git Developers Configure Git
How Does Nginx Defend Against DDoS?
How Go Reads a 16GB File in 25 Seconds
How I configure my Git identities
How Nginx Hides Upstream Errors
How Terminals Work
How to automatically resize virtual box disk with vagrant
How to capture web pages and long screenshots with Chrome DevTools?
How to Choose a Go File Reading Approach
How to configure time zone and NTP on RHEL7/CentOS7
How to Create Temporary Files in Bash: mktemp and trap
How to deal with a 50GB large csv file in r language?
How to Delete Files With Names That Contain Non-printable Characters
How to deploy on remote Docker hosts with docker-compose
How to Detect RAID Information in Linux
How to Enable SNMP on a Switch
How to Install Fedora Linux on Surface Go 2 to Boost Entry-Level Tablet Performance
How to Make an iPhone Ringtone: Turn an MP3 into a Ringtone or Alarm
How to Make Output Overwrite the Same Line in a Terminal
How to use a here documents to write data to a file in bash script
How to Use which on an Aliased Command
htop explained
I can feel the speed — optimize zsh and oh my zsh cold start
I Replaced Redis with PostgreSQL (And It's Faster)
I use Zip Bombs to Protect my Server
Illustrating How Data Alignment Affects Memory Usage in Go
In 2020, use the latest NGINX ngx_http_geoip2 module to block IPs by country or region
Inspecting Web Views in macOS
Install Chrome OS
Install Font Libraries and Chinese Fonts on Linux CentOS 7
Install PowerDNS and PowerDNS-Admin on Ubuntu 22.04|20.04|18.04
Introduction to Git internals
Is there a regular expression to detect a valid regular expression?
iTerm2 features I find useful
Jinja docx template, avoiding new line in nested for
Juniper notes
Kubernetes Runtime Explained in Plain Language
Kubernetes Without kube-proxy
Let Zsh read macOS system proxy settings and set env vars
Lightweight Linux Distributions For Older PCs
Linkerd 2.8 - Build a Simple and Secure Multi-Cluster Kubernetes Architecture
Little Git Tricks: Use .mailmap to Merge Different Authors
llamafile - Distribute and run LLMs with a single file.
LLM Visualization
LLMs Hackmd Docs
Load Balancing with iptables and ip rule
LocalStorage vs. IndexedDB vs. Cookies vs. OPFS vs. WASM-SQLite
LVM - lvg and lvol
Mac Niche App Recommendations and Workflow Share (2024)
macOS Tips & Tricks
Makefiles for Web Projects: Manage Your Environment Workflow
Marp教學：Markdown搭配VS Code做簡報，快速輸出為PPTX或PDF，提昇做簡報效率
Misspelling, missing collection, or incorrect module path for fortios_system_config_backup_restore
Monitoring HTTP Requests on a Network Interface in Real Time
More Powerful Go Execution Tracing
Mosdns-X
Mount a Synology NAS folder on CentOS 7
Mount AWS S3 Bucket On Amazon EC2
My Productivity Mac Settings and Apps
Netcat (Linux nc) Practical Examples for Network Admins
New LibSSH Connection Plugin for Ansible Network Replaces Paramiko, Adds FIPS Mode Enablement
Nginx HTTPS with Basic Auth reverse proxy for VMware ESXi 6.5 fixed VMRC /screen
Nginx if 避坑指南
NGINX Native ACME Support: Rethinking TLS Automation from the Ground Up
Nginx notes
Nginx request_time and upstream_response_time explained
Nginx SSL/TLS configuration with TLSv1.2 and TLSv1.3 - ECDHE and strong ciphers suite (Openssl 1.1.1)
nginx 添加第三方nginx_upstream_check_module 模块实现健康状态检测
Objective-See: An Open Source Project Org for Apple Privacy and Security
OIDC(OpenID Connect) 简介
On High Availability Systems
onion-mirror
OpenResty + Redis: Block High-Frequency IPs
parqeye
Parse Command Line Arguments in Bash
Percona config
Pitfalls When Parsing Binary Data in Go
Pokemon Legends: Arceus - Two Playthroughs Completed
Printing ASCII Art in the Shell
Privacy Badger: A Free EFF Browser Extension to Block Online Tracking
Prometheus relabeling and linux metrics
Provisioning a Windows Server Vagrant box with IIS, .NET 4.5 and Octopus Deploy
Python install module issues
Python Numbers Every Programmer Should Know
Python Telegram Bot
Python's many command-line utilities
Quagga Routing - Install, Configure and setup BGP
RAID10 Total Failure: Mirror Drives in the Same Group Failed Together
Rainman Engineering Culture: Eight Interview Questions to Spot Excellence
Record Millisecond Precision in Nginx Access Logs
Reduce the Chance of Home Web Services Being Reported
Regex for Markdown Syntax
Relay V2Ray Traffic via Cloudflare
Replace Watchtower with WUD: Build a Controlled Docker Auto-Update Plan
Representative HTTP Status Codes
Route notes
Rules that terminal programs follow
Run llama3
Running GitHub Actions for Certain Commit Messages
Rust Easy! Modern Cross-platform Command Line Tools to Supercharge Your Terminal
Selectively Disabling HTTP/1.0 and HTTP/1.1
Sentry Source Code Development Notes
Set interface IP with netplan on Ubuntu 18.04
Set SSLKEYLOGFILE on MacBook to decrypt HTTPS traffic
Setting up JWT Authentication
Sharpen the Axe Before Cutting Wood: My Home Network Setup
Shell Script Best Practices
Shell Script Study Notes
Sign git commits with GPG
Simple A/B Testing with Nginx split_clients
Simulate Network Anomalies with TC and Netem
Smarter than 'Ctrl+F': Linking Directly to Web Page Content
Some Jenkinsfile examples
Some Software Design Principles
Speeding up the Rust edit-build-run cycle
SQL Join types explained visually
SQL queries don't start with SELECT
SSH certificate login guide
SSH failing with Error : fatal: daemon() failed: No such device
string field was converted to True (type string)
Struct Tricks Every Gopher Should Know
Style PowerShell with oh-my-posh
Super easy! Build a beautiful and handy zsh terminal
Supply chain attack
Surprisingly, you can view images in the Linux CLI?
Switch Firmware Update
Switch notes
Synology: Your NAS RAM Details at a Glance
Systemd Tutorial: Practical Part
Taide - training data
TaigiTube - Taiwanese Hokkien YouTube
Taiwanese Minnan Input Method App Launched: Mobile Devices Can Now Type Taiwanese
Take Screenshots with Selenium in Go
Tcpdump Usage Summary
Terraform Getting Started Notes
Terraform Provider Development Notes
Test Whether a Server Is Vulnerable to Shellshock Bug
The Art of Command Line
The One Billion Row Challenge in Go: from 1m45s to 3.4s in nine solutions
TIL: timeout in Bash scripts
Top 25 Nginx Tips and Tricks From Practical Experience
Tracking SQLite Database Changes in Git
Trellis Ansible Bad Interpreter Error
Tuning EMQX to Scale to One Million Concurrent Connection on Kubernetes
Tuning EMQX to Scale to One Million Concurrent Connection on Kubernetes
Uncle Joe teaches Elastic - 30 - Elasticsearch optimization tips (4/4) - Shard optimization management
Understand the crypto trio: Encode, Encrypt, and Hash
Understanding Cilium Series (1): Introduction to Cilium
Upgrade database failed after ugrade to Zabbix 5...
Use Go Fuzzing to Write More Complete Unit Tests
Use LinuxServer.io Docker Images to Turn Desktop Apps into Web Apps
Use Nginx and mod_pagespeed to Convert Images to WebP on the Fly
Use terminal and SSH to remote host
Using Python for multimedia: video, audio, and images
Using Vagrant to Deploy Multiple VMs on vSphere
Using Vim as a Diff Tool
Vagrantfile and Provider
vagrant筆記
Vim Tips - Edit Remote Files With Vim On Linux
vimrc Configuration Guide
VSCode Integration with DevSpace for Debugging!
WebP Cloud uses Cloudflare Workers to fetch content from the origin server in order to protect the origin server and start providing origin fetch time information.
What does `< <(command args)` mean in the shell?
What Happened To WebAssembly
What happens after you type a URL in the browser and press Enter?
What is the SHA256 that comes on the sshd entry in auth.log?
What the f*ck Python! 🐍
What to Do With Long Strings in YAML?
Why are QR Codes with capital letters smaller than QR codes with lower-case letters?
Why do browser user-agent strings always include Mozilla/5.0?
Why is this running?
Windows SSH Setup
WSL 2 .wslconfig configuration explained
Yongling Foundation AI Forum: How AI Shapes the Future of Humanity
Zsh Config Files and Priority
Zsh tab-completion not working
一張圖學會【拼音輸入法】
朋友旅行防止絕交檢查表
設定 Haproxy 以防止 DDOS 攻擊

How Nginx Hides Upstream Errors

How Nginx Hides Upstream Errors Nginx allows enabling next upstream for the following seven retryable error codes 403 Forbidden 404 Not Found 429 Too Many Requests 500 Internal Server Error 502 Bad Gateway 503 Server Unavailable 504 Gateway Timeout When upstream returns 404, return a 200 response with a not-found image You can use proxy_intercept_errors to achieve this.\n> When proxy_intercept_errors is enabled, requests with upstream response codes >= 300 can be further handled via the error_page directive.

Monday, December 27, 2021 Read

Argo CD ApplicationSet Controller: The World Turns for Me!

Argo CD ApplicationSet Controller: The World Turns for Me! Argo CD # Install kind; see the official docs for other platforms # Run a lightweight k8s cluster locally ~$ brew install kind # Install kubectx; see the official docs for other platforms # Use it to switch between k8s contexts ~$ brew install kubectx # Install helm; see the official docs for other platforms # K8s package manager ~$ brew install helm # Install kubectl; see the official docs for other platforms # Communicate with the k8s cluster API server ~$ brew install kubectl # Install argocd cli; see the official docs for other platforms # Communicate with Argo CD ~$ brew install argocd

Monday, December 27, 2021 Read

Go AES Encryption and Decryption in Three Modes (CBC/ECB/CFB)

Go AES Encryption and Decryption in Three Modes (CBC/ECB/CFB) How to encrypt a file using Go

Wednesday, December 22, 2021 Read

Understanding Cilium Series (1): Introduction to Cilium

Understanding Cilium Series (1): Introduction to Cilium Current status of k8s Service load balancing implementations Before Cilium, Services were implemented by kube-proxy in three modes: userspace, iptables, and ipvs. Userspace In this mode, kube-proxy acts as a reverse proxy and listens on random ports. It redirects traffic to the proxy port via iptables rules, and kube-proxy forwards the traffic to backend pods. Service requests go from user space into kernel iptables and then back to user space, which is costly and has poor performance.

Tuesday, December 21, 2021 Read

Kubernetes Without kube-proxy

Kubernetes Without kube-proxy Quick-Start kubeadm init --skip-phases=addon/kube-proxy # Setup Helm repository helm repo add cilium https://helm.cilium.io/ helm install cilium cilium/cilium --version 1.9.18 \ --namespace kube-system \ --set kubeProxyReplacement=strict \ --set k8sServiceHost=REPLACE_WITH_API_SERVER_IP \ --set k8sServicePort=REPLACE_WITH_API_SERVER_PORT

Monday, December 20, 2021 Read

Zsh tab-completion not working

Zsh tab-completion not working Question Although I’ve used Oh-My-Zsh in the past, I decided this time around (i.e. setting up a new computer) I’d try to avoid installing it to keep things a bit leaner. Right now I’m trying to cherry-pick Oh-My-Zsh’s insensitive tab-completion feature. Digging around its source repo, I found the following line: zstyle ':completion:*' matcher-list 'm:{a-zA-Z}={A-Za-z}' 'r:|=*' 'l:|=* r:|=*' I’m fairly confident this is the line Oh-My-Zsh executes to do what I want, so I tried adding it to my .zshrc. Restarted my terminal. Typed cd desk, then hit [tab]. No dice – I didn’t get cd Desktop/.

Friday, December 10, 2021 Read

Linkerd 2.8 - Build a Simple and Secure Multi-Cluster Kubernetes Architecture

Linkerd 2.8 - Build a Simple and Secure Multi-Cluster Kubernetes Architecture

Thursday, December 9, 2021 Read

Best Practices for Writing Bash Scripts

Best Practices for Writing Bash Scripts Shell Scripting - Best Practices #!/usr/bin/env bash # Bash3 Boilerplate. Copyright (c) 2014, kvz.io set -o errexit set -o pipefail set -o nounset # set -o xtrace # Set magic variables for current file & dir __dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" __file="${__dir}/$(basename "${BASH_SOURCE[0]}")" __base="$(basename ${__file} .sh)" __root="$(cd "$(dirname "${__dir}")" && pwd)" # <-- change this as it depends on your app arg1="${1:-}" Use shift to read function arguments This makes it easier to reorder arguments, if you change your mind later.

Monday, December 6, 2021 Read

Day 28 - Introduction to Useful Third-Party Kubernetes Tools

Day 28 - Introduction to Useful Third-Party Kubernetes Tools $ kubectl get pods NAME READY STATUS RESTARTS AGE ithome-6564f65698-947rv 1/1 Running 0 84s ithome-6564f65698-fglr9 1/1 Running 0 84s ithome-6564f65698-k5wtg 1/1 Running 0 84s ithome-6564f65698-rrvk4 1/1 Running 0 84s ithome-6564f65698-zhwlj 1/1 Running 0 84s Stern/Kail The names of created pods often contain some unreadable random strings. If you use kubectl to observe logs for individual pods, you need to switch between different pods. There are many tools for this, such as Stern, Kube-tail, and Kail.

Thursday, December 2, 2021 Read

5 DevSecOps open source projects to know

5 DevSecOps open source projects to know Clair Sigstore KubeLinter Open Policy Agent and Gatekeeper Falco

Tuesday, November 30, 2021 Read

[Kubernetes] Service Overview

[Kubernetes] Service Overview Define Service With selector Since you need Pods before you define a Service, assume there are Pods in the cluster (exposing TCP port 9376) with the label app=MyApp. You can define a Service as an abstraction layer in front of those pods and provide the service through a domain name. kind: Service apiVersion: v1 metadata: name: my-service spec: # type has four options (ClusterIP, NodePort, LoadBalancer, ExternalName) # default is ClusterIP type: ClusterIP # select pods with "app=MyApp" selector: app: MyApp # Service port configuration ports: - protocol: TCP port: 80 # This is the port number exposed by the Pod targetPort: 9376 Pod <---> Endpoint(tcp:9376) <---> Service(tcp:80, with VIP)

Wednesday, November 24, 2021 Read

How Go Reads a 16GB File in 25 Seconds

How Go Reads a 16GB File in 25 Seconds Reading 16GB File in Seconds, Golang After opening the file, we have two options: Read the file line by line, which reduces memory pressure but takes more time. Read the entire file into memory and process it, which uses more memory but significantly reduces time. Because the file is too large (16 GB), we cannot load the entire file into memory. But the first option is also not feasible for us because we want to process the file within seconds.

Monday, November 22, 2021 Read

• ««
• «
• 12
• 13
• 14
• 15
• 16
• »
• »»