My random OpenVPN tricks

script-security 2
up /etc/openvpn/update-systemd-resolved/update-systemd-resolved
down /etc/openvpn/update-systemd-resolved/update …

stunnel transparent proxy to localhost

Just a quick tip on setting up stunnel in transparent proxy mode (ie. target service sees original source IP address) pointing at services running on localhost. (mostly based on sslh documentation)

Use the following iptables/sysctl rules:


set -e

# Set route_localnet = 1 on all interfaces so that ssl …

Buildroot cheatsheet

Just some of my notes...

I'll keep it updated with my notes when playing with buildroot.

How to properly store project-specific, non-mainline configs and such?

Use external tree.

How to add custom make target (eg. felboot)?

Put it in Common variables, such as $(BINARIES_DIR) are available there.

How to handle image configuration/customization …

How to use Let's Encrypt in local networks

A little solution for properly encrypted HTTP traffic in semi-public networks.

Let's Encrypt, as everyone knows, offers publicly-recognized SSL certificates. Pretty much the only downside is, that these are only issued with validity period of 90 days. Default ACME challenge scheme (http-01) requires some HTTP server to be publicly accessible …

How to force YouTube TV quality

localStorage['yt-player-quality'] = '{"data":"hd1080","expiration":1491996902137,"creation":1489404902137}'

(I dunno, for some reason it always stayed at 720p on Chromium)

How to accept Bitcoin in a vending

and also poke MDB with a raspi

How to make a modular digital sign

with Lua

How to use

Don't. Please.

Piotr Dobrowolski

Piotr Dobrowolski

Just a random guy from the internet.™