bin/kafka-topics.sh --zookeeper localhost:2181 --list
bin/kafka-topics.sh --zookeeper localhost:2181 --describe --topic mytopic
bin/kafka-topics.sh --zookeeper localhost:2181 --alter --topic mytopic --config retention.ms=1000
... wait a minute ...
Matt Goodall atomatt
ursuad
/ kafka-cheat-sheet.md
Last active
June 17, 2025 10:00
Quick command reference for Apache Kafka
atoponce
/ gist:07d8d4c833873be2f68c34f9afc5a78a
Last active
November 23, 2025 22:45
— forked from tqbf/gist:be58d2d39690c3b366ad
Cryptographic Best Practices
Putting cryptographic primitives together is a lot like putting a jigsaw puzzle together, where all the pieces are cut exactly the same way, but there is only one correct solution. Thankfully, there are some projects out there that are working hard to make sure developers are getting it right.
The following advice comes from years of research from leading security researchers, developers, and cryptographers. This Gist was [forked from Thomas Ptacek's Gist][1] to be more readable. Additions have been added from
bloodearnest
/ setup-lxd-profile.sh
Last active
May 10, 2025 14:31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -eu | |
| _UID=$(id -u) | |
| GID=$(id -g) | |
| # give lxd permission to map your user/group id through | |
| grep root:$_UID:1 /etc/subuid -qs || sudo usermod --add-subuids ${_UID}-${_UID} --add-subgids ${GID}-${GID} root | |
| # set up a separate key to make sure we can log in automatically via ssh | |
| # with $HOME mounted |
rnewson
/ haproxy.cfg
Last active
November 18, 2021 22:12
haproxy.cfg stanzas to enable Perfect Forward Secrecy and HTTP Strict Transport Security. Requires OpenSSL 1.0.1g or so.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Bind SSL port with PFS-enabling cipher suite | |
| bind :443 ssl crt path_to_certificate no-tls-tickets ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-GCM-SHA384:AES128-SHA256:AES128-SHA:AES256-SHA256:AES256-SHA:!MD5:!aNULL:!DH:!RC4 | |
| # Distinguish between secure and insecure requests | |
| acl secure dst_port eq 443 | |
| # Mark all cookies as secure if sent over SSL | |
| rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure | |
| # Add the HSTS header with a 1 year max-age |