Skip to content

Instantly share code, notes, and snippets.

View c0m4r's full-sized avatar
🐧
noot noot

c0m4r

🐧
noot noot
10 followers · 9 following
View GitHub Profile
@c0m4r
c0m4r / spectacle_empty_videos.md
Created February 9, 2026 20:24
Spectacle produces empty videos Arch/NVIDIA/Wayland/VAAPI

Fix spectacle producing empty videos

Arch/NVIDIA/Wayland/VAAPI

Solution

TL;DR => try:

export LIBVA_DRIVER_NAME=""
@c0m4r
c0m4r / open_webui_ollama_api_wireguard_vpn.md
Last active February 8, 2026 03:21
Open WebUI and Ollama API via Wireguard VPN

Open WebUI and Ollama API via Wireguard VPN

Host Open WebUI on your VPS and connect it to your PC to use local LLMs.

As an alterantive to Open WebUI you can consider Kurczak, which is simplified, lightweight UI for Ollama I've made.

+ --------------------- +                                      + ---------------- +
|    Ollama API (PC)    | <====  WireGuard VPN tunnel  =====>  | Open WebUI (VPS) |
| http://10.0.0.2:11434 |            10.0.0.0/24               |     10.0.0.1     |
@c0m4r
c0m4r / tmp_ram_omnomnom.md
Created February 6, 2026 16:15
Disable /tmp being tmpfs and eating your RAM

Disable /tmp being tmpfs and eating your RAM

TL;DR

systemctl mask tmp.mount
reboot

I don't know who came up with this brilliant idea to put /tmp in RAM by default, allocating 50% of the memory to it.

@c0m4r
c0m4r / venv_specific_python_version.md
Created February 6, 2026 15:33
Create venv with specific version of Python

Create venv with specific version of Python

1. Create a new system user

useradd -m -d /home/example -s /bin/bash example
su - example

2. Install miniconda

@c0m4r
c0m4r / sshd_hardening.md
Last active January 30, 2026 23:33
sshd hardening with post-quantum algorithms

Modern(er) version of https://infosec.mozilla.org/guidelines/openssh configuration, including post-quantum algorithms.

Example usage:

./sshd_hardening.sh | tee /etc/ssh/sshd_config.d/sshd_hardening.conf
rc-service sshd restart || service sshd restart || systemctl restart sshd

Check the current runtime sshd config to make sure that the hardening is effective:

@c0m4r
c0m4r / arch_linux_cloud_image_installation_on_a_vm_via_rescue_env.md
Last active October 24, 2025 17:30
Arch Linux cloud image installation via VM Rescue

Arch Linux cloud image installation via VM Rescue

Using the Rescue environment, we can mount or partition the VM disk. Let's say the VM disk is "/dev/vda". It's recommended to wipe the disk before continuing with wipefs -a /dev/vda

Rescue environments usually have limited disk space, so we copy the disk image via SSH and use dd to directly write it to the VM disk.

The cloud image doesn't have a password set by default, which prevents us from logging in. Therefore, we must first prepare the image by mounting it locally and setting a password inside chroot.

@c0m4r
c0m4r / radxa_rock5c_lite.md
Last active February 13, 2026 05:25
Radxa ROCK 5C Lite - all you need to know in one place
@c0m4r
c0m4r / _malicious_hide_youtube_short_extension_in_google_chrome_web_store.md
Last active August 24, 2025 16:30
Malicious "Hide Youtube Shorts" extension in Google's Chrome Web Store

Malicious "Hide Youtube Shorts" extension in Google's Chrome Web Store

https://gist.githubusercontent.com/c0m4r/45e15fc1ec13c544393feafca30e74de/raw/6f5924b8e9c138cea35642b86c53b06011166ecc/hide_youtube_shorts_chrome_web_store.png

TL;DR: This extension for Chrome and Brave is malicious, do not use it.

(Update) A follow up story by Wladimir Palant: https://palant.info/2024/10/30/the-karma-connection-in-chrome-web-store/

(Update 2024-11-11) The extension has been removed from CWS and marked as violating Chrome Web Store policies (which is good, but odd, as it should be marked as malware)

@c0m4r
c0m4r / _nginx_ssl_php_fpm_certbot.md
Last active November 3, 2024 09:53
nginx ssl + ocsp + http/2 + quic + php-fpm + certbot

This setup allows restrictive chmods, which prevents users for reading the conents of each others directories and provides a layer of security against reading raw PHP code in case of FPM failure. You can set chmod 600 for all .php files and chmod 640/710 for any other static files/dirs.

certbot certonly -d example.com
useradd -m -d /home/example -s /bin/bash example
usermod -a -G nginx example
su - example -c "mkdir ~/www"
chmod 710 /home/example
chmod 710 /home/example/www
su - example -c "echo '' &gt; ~/www/index.php"
@c0m4r
c0m4r / _epic_free_games_email_notifications.md
Last active November 3, 2024 09:12
Email notifications with weekly Epic Store Free Games

Epic Store Free Games email notifications

OS Setup: Linux (any), Postfix as a forwarder

Depends on: nodejs + AuroPick/epic-free-games

It's best to run cron once every 2-3 days, so as not to miss the release time window. The script compares with the last run to avoid sending duplicate emails.

v2: JS only