• Posts
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
/etc/shadow and Creating yescrypt, MD5, SHA-256, and SHA-512 Password Hashes
15 Rules of Channels and Their Implementation
5 DevSecOps open source projects to know
6 YAML Features most programmers don't know
6首國際最強公認催眠曲
[Community] Cisco UCS CIMC series
[Golang] Use build tags for different build configs
[Juniper Firewall] command
[Kubernetes] Service Overview
[Notes] Build an Ubuntu remote desktop environment on GCP
[Share] Keychain - Pendant from a Type 57 rifle bayonet scabbard
[Translated] Go inline strategy and limitations
A Brief Look at Go Iterators
A Concise Go embed Tutorial
A fast and powerful log viewer and processor that converts JSON logs or logfmt logs into a clear human-readable format.
A python script that allows your terminal to snow.
A10
Abount Ansible Hosts
Add SFTP user and share directory
Advanced macOS Command-Line Tools
Advanced Shell Scripting Techniques: Automating Complex Tasks with Bash
Aliyun CDN Cache Rules
An easy way to identify virtualization technology
An introduction to hacker tools: the tip of the iceberg
Ancient Time Units
Ansible Introduction
ansible.builtin.slurp - read file content
Applying HTTPS Certificates for CDN
Argo CD ApplicationSet Controller: The World Turns for Me!
Arp notes
Articles
Avalon (The Resistance: Avalon)
Avoiding the Top 10 NGINX Configuration Mistakes - NGINX
Back up databases with mydumper
Backup FortiOS config with Ansible - with RestAPI
Bash Bitwise Operators
Basic kubeadm usage notes (by request)
Best Practices for Writing Bash Scripts
Best V2Ray One-Click Install & Management Script
Bind JSON with jsoniter in Gin
BIRD and BGP: a beginner's kickoff
Black Hat Go
Build a Lightweight Docker Image for Your Go App? | IT Man
Build a Private Object Storage with Traefik v3 and MinIO in Docker
Bypass X-Frame-Options with Nginx
Cannot set command timeout per task with network_cli
Cloudflare Traffic sequence
Cloudflare Tunnel
Cloudflare Zero Trust
Common GitBook plugins
Common shell scripting tips
Configuring SSH Keys for Multiple GitHub Accounts
Container security fundamentals
Containers from scratch
Containers From Scratch by Golang (feat. Liz Rice)
Convert a List to a List of Dicts
Convert Cloudflare WARP to an HTTP Proxy
Convert Command Output to an Image
Convert your codebase into a single LLM prompt.
Create macOS DMG and Bootable ISO
CS Visualized: Useful Git Commands
Data Center Notes
Database Fundamentals
datavizproject
Day 19 BGP Protocol (1)
Day 28 - Introduction to Useful Third-Party Kubernetes Tools
Dedicated Server CPU Frequency Maximization Guide
Deploying OpenVPN with AD domain authentication
Do you understand the Nginx request processing flow?
Docker Containers Can't Access the Internet? NAT Configuration Guide for nftables
Docker Introduction
Docker Security Best Practices: Cheat Sheet
Docker Tips: Using Docker Config
docker-compose yaml problem
Dockertest: A Fast Way to Set Up Integration Test Environments
Draw Diagrams With Markdown
Elasticsearch Study Notes
Emoji Regular expression
Enable GitLab project integration: Mattermost slash commands
Everyone Needs an HTTP Proxy to Debug
Everything About MTU and MSS
Excessive Errors from `sentry.lang.javascript.processor: SoftTimeLimitExceeded()`
Expose your local web server to the internet with a public URL.
Faster Multi-Platform Builds: Dockerfile Cross-Compilation Guide
Fetch GraphQL schema information
Fighting DDoS: nginx, iptables, and fail2ban
Fighting ISP Cache Hijacking Again with iptables
Firewall Update
Fix Nginx 500 errors (too many open files, connection)
Fixing Disk Space Not Freed on Linux
Force file download with Nginx
Fortigate Management Interface in HA Mode
Getting Started with GitHub Actions
Gin documentation (Chinese)
Git force push
GitLab CI Can Automatically Check Code Quality! How to Use SonarQube for Code Quality Checks?
Gitlab-CI Introduction
Gluetun: Route Docker Containers Through a VPN, Disconnect on No Network
Go 1.21 GA PGO Optimization You Can't Grasp in One Read — A Try on WebP Server Go
Go AES Encryption and Decryption in Three Modes (CBC/ECB/CFB)
Go Articles
Go code refactoring : the 23x performance hunt
Go Generics Beginner Notes
Go High-Performance Programming Handbook (Long Read)
Go leetcode
Go Modules workflow for private Git repositories
Go Patterns
Go pprof in Practice
Go Practical Guide: Execute Lua Scripts with go-redis
Go Protobuf: The New Opaque API
Go string format
Go Style Decisions - Pass values
Go Tool Trace
go-mysql-elasticsearch-benchmarking
go-synctest
Golang benchmarks
Golang os/exec usage (notes)
Golang Service Exceeded File Handle Limit (too many open files)
Golang Tips
Google Cloud Platform(GCP): Access Linux Server using GUI running in GCP instance using Windows Remote Desktop Connection.
Google Infra
Google Search Operators: The Complete List (44 Advanced Operators)
GraphQL Introspection Query
HA command
Harden a Server with Fail2Ban + nftables
Hide Within Cloudflare's Global Network
High Performance Go Workshop
How Core Git Developers Configure Git
How Does Nginx Defend Against DDoS?
How Go Reads a 16GB File in 25 Seconds
How I configure my Git identities
How Nginx Hides Upstream Errors
How Terminals Work
How to automatically resize virtual box disk with vagrant
How to capture web pages and long screenshots with Chrome DevTools?
How to Choose a Go File Reading Approach
How to configure time zone and NTP on RHEL7/CentOS7
How to Create Temporary Files in Bash: mktemp and trap
How to deal with a 50GB large csv file in r language?
How to Delete Files With Names That Contain Non-printable Characters
How to deploy on remote Docker hosts with docker-compose
How to Detect RAID Information in Linux
How to Enable SNMP on a Switch
How to Install Fedora Linux on Surface Go 2 to Boost Entry-Level Tablet Performance
How to Make an iPhone Ringtone: Turn an MP3 into a Ringtone or Alarm
How to Make Output Overwrite the Same Line in a Terminal
How to use a here documents to write data to a file in bash script
How to Use which on an Aliased Command
htop explained
I can feel the speed — optimize zsh and oh my zsh cold start
I Replaced Redis with PostgreSQL (And It's Faster)
I use Zip Bombs to Protect my Server
Illustrating How Data Alignment Affects Memory Usage in Go
In 2020, use the latest NGINX ngx_http_geoip2 module to block IPs by country or region
Inspecting Web Views in macOS
Install Chrome OS
Install Font Libraries and Chinese Fonts on Linux CentOS 7
Install PowerDNS and PowerDNS-Admin on Ubuntu 22.04|20.04|18.04
Introduction to Git internals
Is there a regular expression to detect a valid regular expression?
iTerm2 features I find useful
Jinja docx template, avoiding new line in nested for
Juniper notes
Kubernetes Runtime Explained in Plain Language
Kubernetes Without kube-proxy
Let Zsh read macOS system proxy settings and set env vars
Lightweight Linux Distributions For Older PCs
Linkerd 2.8 - Build a Simple and Secure Multi-Cluster Kubernetes Architecture
Links
Little Git Tricks: Use .mailmap to Merge Different Authors
llamafile - Distribute and run LLMs with a single file.
LLM Visualization
LLMs Hackmd Docs
Load Balancing with iptables and ip rule
LocalStorage vs. IndexedDB vs. Cookies vs. OPFS vs. WASM-SQLite
LVM - lvg and lvol
Mac Niche App Recommendations and Workflow Share (2024)
macOS Tips & Tricks
Makefiles for Web Projects: Manage Your Environment Workflow
Marp教學：Markdown搭配VS Code做簡報，快速輸出為PPTX或PDF，提昇做簡報效率
Misspelling, missing collection, or incorrect module path for fortios_system_config_backup_restore
Monitoring HTTP Requests on a Network Interface in Real Time
More Powerful Go Execution Tracing
Mosdns-X
Mount a Synology NAS folder on CentOS 7
Mount AWS S3 Bucket On Amazon EC2
My Productivity Mac Settings and Apps
Netcat (Linux nc) Practical Examples for Network Admins
New LibSSH Connection Plugin for Ansible Network Replaces Paramiko, Adds FIPS Mode Enablement
Nginx HTTPS with Basic Auth reverse proxy for VMware ESXi 6.5 fixed VMRC /screen
Nginx if 避坑指南
NGINX Native ACME Support: Rethinking TLS Automation from the Ground Up
Nginx notes
Nginx request_time and upstream_response_time explained
Nginx SSL/TLS configuration with TLSv1.2 and TLSv1.3 - ECDHE and strong ciphers suite (Openssl 1.1.1)
nginx 添加第三方nginx_upstream_check_module 模块实现健康状态检测
Objective-See: An Open Source Project Org for Apple Privacy and Security
OIDC(OpenID Connect) 简介
On High Availability Systems
onion-mirror
OpenResty + Redis: Block High-Frequency IPs
parqeye
Parse Command Line Arguments in Bash
Percona config
Pitfalls When Parsing Binary Data in Go
Pokemon Legends: Arceus - Two Playthroughs Completed
Printing ASCII Art in the Shell
Privacy Badger: A Free EFF Browser Extension to Block Online Tracking
Prometheus relabeling and linux metrics
Provisioning a Windows Server Vagrant box with IIS, .NET 4.5 and Octopus Deploy
Python install module issues
Python Numbers Every Programmer Should Know
Python Telegram Bot
Python's many command-line utilities
Quagga Routing - Install, Configure and setup BGP
RAID10 Total Failure: Mirror Drives in the Same Group Failed Together
Rainman Engineering Culture: Eight Interview Questions to Spot Excellence
Record Millisecond Precision in Nginx Access Logs
Reduce the Chance of Home Web Services Being Reported
Regex for Markdown Syntax
Relay V2Ray Traffic via Cloudflare
Replace Watchtower with WUD: Build a Controlled Docker Auto-Update Plan
Representative HTTP Status Codes
Route notes
Rules that terminal programs follow
Run llama3
Running GitHub Actions for Certain Commit Messages
Rust Easy! Modern Cross-platform Command Line Tools to Supercharge Your Terminal
Selectively Disabling HTTP/1.0 and HTTP/1.1
Sentry Source Code Development Notes
Set interface IP with netplan on Ubuntu 18.04
Set SSLKEYLOGFILE on MacBook to decrypt HTTPS traffic
Setting up JWT Authentication
Sharpen the Axe Before Cutting Wood: My Home Network Setup
Shell Script Best Practices
Shell Script Study Notes
Sign git commits with GPG
Simple A/B Testing with Nginx split_clients
Simulate Network Anomalies with TC and Netem
Smarter than 'Ctrl+F': Linking Directly to Web Page Content
Some Jenkinsfile examples
Some Software Design Principles
Speeding up the Rust edit-build-run cycle
SQL Join types explained visually
SQL queries don't start with SELECT
SSH certificate login guide
SSH failing with Error : fatal: daemon() failed: No such device
string field was converted to True (type string)
Struct Tricks Every Gopher Should Know
Style PowerShell with oh-my-posh
Super easy! Build a beautiful and handy zsh terminal
Supply chain attack
Surprisingly, you can view images in the Linux CLI?
Switch Firmware Update
Switch notes
Synology: Your NAS RAM Details at a Glance
Systemd Tutorial: Practical Part
Taide - training data
TaigiTube - Taiwanese Hokkien YouTube
Taiwanese Minnan Input Method App Launched: Mobile Devices Can Now Type Taiwanese
Take Screenshots with Selenium in Go
Tcpdump Usage Summary
Terraform Getting Started Notes
Terraform Provider Development Notes
Test Whether a Server Is Vulnerable to Shellshock Bug
The Art of Command Line
The One Billion Row Challenge in Go: from 1m45s to 3.4s in nine solutions
TIL: timeout in Bash scripts
Tools
Top 25 Nginx Tips and Tricks From Practical Experience
Tracking SQLite Database Changes in Git
Trellis Ansible Bad Interpreter Error
Tuning EMQX to Scale to One Million Concurrent Connection on Kubernetes
Tuning EMQX to Scale to One Million Concurrent Connection on Kubernetes
Uncle Joe teaches Elastic - 30 - Elasticsearch optimization tips (4/4) - Shard optimization management
Understand the crypto trio: Encode, Encrypt, and Hash
Understanding Cilium Series (1): Introduction to Cilium
Upgrade database failed after ugrade to Zabbix 5...
Use Go Fuzzing to Write More Complete Unit Tests
Use LinuxServer.io Docker Images to Turn Desktop Apps into Web Apps
Use Nginx and mod_pagespeed to Convert Images to WebP on the Fly
Use terminal and SSH to remote host
Using Python for multimedia: video, audio, and images
Using Vagrant to Deploy Multiple VMs on vSphere
Using Vim as a Diff Tool
Vagrantfile and Provider
vagrant筆記
Vim Tips - Edit Remote Files With Vim On Linux
vimrc Configuration Guide
VSCode Integration with DevSpace for Debugging!
WebP Cloud uses Cloudflare Workers to fetch content from the origin server in order to protect the origin server and start providing origin fetch time information.
What does `< <(command args)` mean in the shell?
What Happened To WebAssembly
What happens after you type a URL in the browser and press Enter?
What is the SHA256 that comes on the sshd entry in auth.log?
What the f*ck Python! 🐍
What to Do With Long Strings in YAML?
Why are QR Codes with capital letters smaller than QR codes with lower-case letters?
Why do browser user-agent strings always include Mozilla/5.0?
Why is this running?
Windows SSH Setup
WSL 2 .wslconfig configuration explained
Yongling Foundation AI Forum: How AI Shapes the Future of Humanity
Zsh Config Files and Priority
Zsh tab-completion not working
一張圖學會【拼音輸入法】
朋友旅行防止絕交檢查表
設定 Haproxy 以防止 DDOS 攻擊

Fix Nginx 500 errors (too many open files, connection)

Fix Nginx 500 errors (too many open files, connection) Nginx 500 errors only show up in logs. Two common cases: socket() failed (24: Too many open files) while connecting to upstream $ sudo su - www-data $ ulimit -n # check current limit (ulimit -a shows all params) 1024 # vim /etc/security/limits.conf # set nofile (max number of open files) # add/modify the following two lines * soft nofile 655360 * hard nofile 655360 ulimit -n # log out and log back in to see the new value 655360 # If ulimit -n is not 655360, run ulimit -n 655360 to force set it # Then verify with ulimit -n or ulimit -Sn (soft) and ulimit -Hn (hard) (or ulimit -a). # Calculate and set from system level lsof | wc -l # count open files sudo vim /etc/sysctl.conf fs.file-max = 3268890 sudo sysctl -p 512 worker_connections are not enough while connecting to upstream # /etc/nginx/nginx.conf worker_connections 10240; # Refer to Nginx CoreModule # worker_processes 2; # worker_rlimit_nofile 10240; # events { # # worker_connections 10240; # } # Increasing Nginx connections can slow down overall speed because php-cgi is not enough. # Adjust as follows. # php-cgi was started with phpfcgid_children="10" and phpfcgid_requests="500" # ab was run on another server, connect via a switch using GBit ethernet # http://till.klampaeckel.de/blog/archives/30-PHP-performance-III-Running-nginx.html # vim /etc/nginx/nginx.conf worker_connections 10240; worker_rlimit_nofile # vim /etc/init.d/php-fcgi PHP_FCGI_CHILDREN=15 PHP_FCGI_MAX_REQUESTS=1000 change to PHP_FCGI_CHILDREN=512 # or 150 and increase gradually, watch MySQL connections PHP_FCGI_MAX_REQUESTS=10240 # The article's phpfcgid_stop() function is good and can be used if needed. # phpfcgid_stop() { # echo "Stopping $name." # pids=`pgrep php-cgi` # pkill php-cgi # wait_for_pids $pids # }

Saturday, October 9, 2021 Read

Super easy! Build a beautiful and handy zsh terminal

Super easy! Build a beautiful and handy zsh terminal Make your terminal stylish and fast with zsh + zim + powerlevel10k Build a 10X Engineer shell environment

Thursday, October 7, 2021 Read

Sign git commits with GPG

Sign git commits with GPG

Tuesday, October 5, 2021 Read

Gitlab-CI Introduction

Gitlab CI Concept Gitlab DevOps GitOps Workflow code push -> pipeline -> stage -> job Design plan -> code -> build -> test -> release -> deploy -> operate -> monitor -> plan Runner Executors Shell VirtualBox Docker Docker Machine Kubernetes Else… References Gitlab CI/CD Gitlab Runner .gitlab-ci.yaml Runner Register gitlab-runner register After register concurrent = 1 check_interval = 0 [session_server] session_timeout = 1800 [[runners]] name = "public-shell" url = "https://gitlab.go2cloudten.com/" token = "-mdH9OAOzG5yPsf_AVnW" executor = "shell" [[runners]] name = "public-docker" url = "https://gitlab.go2cloudten.com/" token = "AcEGPPKTS1uuQ_A_qpWy" executor = "docker" [runners.docker] dns = ["192.168.185.5", "192.168.185.6"] tls_verify = false image = "registry.go2cloudten.com/it/office_sop/node:12.13.0" privileged = true disable_entrypoint_overwrite = false oom_kill_disable = false disable_cache = false shm_size = 0 pull_policy = "if-not-present" volumes = ["/cache"] Repository .gitlab-ci.yaml stages: - domain check-icp: stage: domain image: registry.go2cloudten.com/it/office_sop/icp tags: - docker script: - domains=$(awk -F '|' '{if($6 ~ "Y" && ($7 ~ "West" || $7 ~ "Yuqu")) print $3}' domains-info.md | sed 's/ //g' | sort | uniq) - if [[ "${domains}" == "" ]]; then telegram.sh 'There is no domain in list' ; else telegram.sh 'Start checking ICP.' ; fi - for i in ${domains}; do result=$(checkicp ${i}); if [[ "${result}" == "未备案" ]];then telegram.sh "${i} 未备案"; sleep 1 ;fi;done - telegram.sh 'ICP check completed.' only: - schedules

Friday, September 24, 2021 Read

Common shell scripting tips

Common shell scripting tips Shell scripting built-in commands Shell scripting special symbols

Wednesday, September 22, 2021 Read

Docker Introduction

Docker Concept VM vs Container VM - Base on OS Container - Base on Application (Linux Kernel: Namespace and Cgroup) Client to Server Docker daemon - containerd, docker-containerd-shim, docker-runc Docker client - cli command docker cli -> docker daemon -> containerd -> runc -> namespace & cgroup Image Snapshots Container Read-Only processes on image Hub / Registry Store images References Docker —— 從入門到實踐 docker docs Docker commands Dockerfile ARG dist="/tmp/password" ARG projectDir="/password" FROM golang:1.16-alpine3.14 AS builder RUN apk add build-base upx ARG dist ARG projectDir WORKDIR ${projectDir} COPY . . RUN go build -trimpath -o main cmd/main.go RUN upx -9 -o ${dist} main FROM scratch ARG dist ENV TZ=Asia/Taipei COPY --from=builder ${dist} /usr/local/bin/password Dockerfile1 FROM alpine CMD ["nc","-l","12345"] Dockerfile2 FROM alpine CMD ["echo","DOCKER"] docker build command docker build . -t program docker build . -f Dockerfile -t test_mysql docker build . -t hello:v1.1 --build-arg dist=/tmp/hello --build-arg projectDir=/hello docker build . docker/status echo -e "${GREEN}Before build${RESET}" docker image ls docker build . -f docker/Dockerfile1 -t test1 docker build . -f docker/Dockerfile2 -t test2 docker image . docker/status echo -e "${GREEN}After build${RESET}" docker image ls docker run AND rm . docker/status echo -e "${GREEN}Run container1${RESET}" docker run -d --name container1 test1 echo -e "${GREEN}Run container2${RESET}" docker run -d --name container2 test2 echo -e "${GREEN}List alive containers${RESET}" docker ps echo -e "${GREEN}List all containers${RESET}" docker ps -a echo -e "${GREEN}Remove alive container${RESET}" docker rm -f container1 echo -e "${GREEN}List all containers${RESET}" docker ps -a echo -e "${GREEN}Remove exit container${RESET}" docker rm container2 echo -e "${GREEN}List all containers${RESET}" docker ps -a docker pull AND rmi . docker/status echo -e "${GREEN}List all image${RESET}" docker image ls echo -e "${GREEN}Pull alpine image${RESET}" docker pull alpine echo -e "${GREEN}List all image${RESET}" docker image ls docker rmi . docker/status echo -e "${GREEN}Remove alpine image${RESET}" docker rmi alpine echo -e "${GREEN}List all image${RESET}" docker image ls prune docker system prune -f --volumes docker history . docker/status echo -e "${GREEN}History of test1${RESET}" docker history test1 echo -e "${GREEN}History of mysql:8${RESET}" docker history mysql:8 Docker remote Edit service file # /lib/systemd/system/docker.service ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -H tcp://0.0.0.0:2375 Restart service systemctl daemon-reload systemctl restart docker Specify DOCKER_HOST . docker/status echo -e "${GREEN}List images on 192.168.185.9${RESET}" DOCKER_HOST=192.168.185.9:2375 docker images Docker-compose version: "3" services: svn: image: zeyanlin/svn environment: - LDAP_HOSTS=${LDAP_HOSTS} - LDAP_BASE_DN=${LDAP_BASE_DN} - LDAP_BIND_DN=${LDAP_BIND_DN} - LDAP_ADMIN_PASS=${LDAP_ADMIN_PASS} ports: - 8000:80 - 3690:3690 depends_on: - ldap ldap: image: zeyanlin/openldap environment: - LDAP_DOMAIN=${LDAP_DOMAIN} - LDAP_ADMIN_PASS=${LDAP_ADMIN_PASS} ports: - 389:389 - 636:636 php: image: zeyanlin/phpldapadmin environment: - LDAP_HOSTS=${LDAP_HOSTS} ports: - 80:80 depends_on: - ldap Env LDAP_HOSTS=ldap LDAP_DOMAIN="knowhow.fun" LDAP_BASE_DN="dc=knowhow,dc=fun" LDAP_BIND_DN="cn=admin" LDAP_ADMIN_PASS="123qwe"

Friday, September 17, 2021 Read

Golang benchmarks

Golang benchmarks Basics Benchmarks are used for performance testing. Functions should import the testing package and define functions that start with Benchmark. The parameter type is testing.B, and the target function is called repeatedly inside the benchmark loop. ➜ go test -bench=. -run=none goos: darwin goarch: amd64 pkg: pkg06 cpu: Intel(R) Core(TM) i7-8850H CPU @ 2.60GHz BenchmarkFib-12 250 4682682 ns/op PASS ok pkg06 1.875s ➜ go test -bench=. -benchmem -run=none goos: darwin goarch: amd64 pkg: pkg06 cpu: Intel(R) Core(TM) i7-8850H CPU @ 2.60GHz BenchmarkFib-12 249 4686452 ns/op 0 B/op 0 allocs/op PASS ok pkg06 1.854s How bench works The benchmark function keeps running until b.N is no longer valid; it is the number of iterations. b.N starts at 1. If the benchmark completes within 1 second (default), b.N increases and the benchmark runs again. b.N increases in the sequence 1,2,5,10,20,50,... and the benchmark reruns. The result above means it ran 250 times in 1 second, with each run taking 4682682 ns. The -12 suffix relates to GOMAXPROCS. The default value is the number of CPUs visible to the Go process at startup. You can change it with -cpu, and pass multiple values to run multiple benchmarks. Run with multiple CPU counts ➜ go test -bench=. -cpu=1,2,4 -benchmem -run=none goos: darwin goarch: amd64 pkg: pkg06 cpu: Intel(R) Core(TM) i7-8850H CPU @ 2.60GHz BenchmarkFib 244 4694667 ns/op 0 B/op 0 allocs/op BenchmarkFib-2 255 4721201 ns/op 0 B/op 0 allocs/op BenchmarkFib-4 256 4756392 ns/op 0 B/op 0 allocs/op PASS ok pkg06 5.826s Run benchmarks multiple times with count Due to CPU throttling, memory locality, background work, GC activity, etc., a single run may be noisy. It is common to run benchmarks multiple times.

Thursday, September 2, 2021 Read

Back up databases with mydumper

Back up databases with mydumper MyDumper

Wednesday, September 1, 2021 Read

Docker Security Best Practices: Cheat Sheet

Docker Security Best Practices: Cheat Sheet Image Security Use Trusted Images Unprivileged User FROM base_image RUN addgroup -S appgroup && adduser -S appuser -G appgroup USER appuser User ID Namespace Segregate namespaces to prevent container privilege escalation from affecting the host. To mitigate this risk, configure your host and the Docker daemon to use a separate namespace with the --userns-remap option. Container Runtime Security Forbid New Privileges For enhanced security, it is recommended to explicitly forbid the addition of new privileges after container creation using this option: --security-opt=no-new-privileges.

Friday, August 20, 2021 Read

[Translated] Go inline strategy and limitations

[Translated] Go inline strategy and limitations Go: Inlining Strategy & Limitation Visualizing memory management in Golang Understanding Allocations in Go package main import "fmt" func main() { n := []float32{120.4, -46.7, 32.50, 34.65, -67.45} fmt.Printf("The total is %.02f\n", sum(n)) } func sum(s []float32) float32 { var t float32 for _, v := range s { if t < 0 { t = add(t, v) } else { t = sub(t, v) } } return t } func add(a, b float32) float32 { return a + b } func sub(a, b float32) float32 { return a - b } Run with -gflags="-m" to show which functions are inlined.

Saturday, August 14, 2021 Read

SQL Join types explained visually

SQL Join types explained visually

Friday, August 13, 2021 Read

Little Git Tricks: Use .mailmap to Merge Different Authors

Little Git Tricks: Use .mailmap to Merge Different Authors .mailmap file ==> Name you want to keep <email> Name you no longer want <email> John Doe John Doe John Doe John Doe John Doe john doe Max Example Max before $ git shortlog -se 1 John Doe <John@Doe.org> 1 John Doe <John@doe.org> 2 John Doe <john@doe.org> 1 Max <max@test.co.uk> 3 Max Example <hi@test.com> 1 john doe <john@doe.org> after $ git shortlog -se 5 John Doe <john@doe.org> 4 Max Example <hi@test.com>

Thursday, August 5, 2021 Read

• ««
• «
• 14
• 15
• 16
• 17
• 18
• »
• »»