mirror of
https://gitea.blesmrt.net/mikaela/shell-things.git
synced 2024-11-25 12:49:26 +01:00
run prettier
This commit is contained in:
parent
314b0996af
commit
19994e3286
@ -12,6 +12,6 @@ authors:
|
|||||||
family-names: Suomalainen
|
family-names: Suomalainen
|
||||||
email: suomalainen+git@mikaela.info
|
email: suomalainen+git@mikaela.info
|
||||||
- given-names: git shortlog -sne
|
- given-names: git shortlog -sne
|
||||||
repository-code: 'https://gitea.blesmrt.net/Mikaela/shell-things'
|
repository-code: "https://gitea.blesmrt.net/Mikaela/shell-things"
|
||||||
abstract: dotfiles
|
abstract: dotfiles
|
||||||
license: BSD-3-Clause
|
license: BSD-3-Clause
|
||||||
|
15
README.md
15
README.md
@ -1,13 +1,12 @@
|
|||||||
Config files that I wish to have everywhere. You could probably call this
|
Config files that I wish to have everywhere. You could probably call this
|
||||||
repository as dotfiles, but historical reasons...
|
repository as dotfiles, but historical reasons...
|
||||||
|
|
||||||
Directories explained
|
# Directories explained
|
||||||
=====================
|
|
||||||
|
|
||||||
* .mikaela — files that most likely aren't suitable for places where other
|
- .mikaela — files that most likely aren't suitable for places where other
|
||||||
people than me have access too
|
people than me have access too
|
||||||
* Windows — files releated to Windows
|
- Windows — files releated to Windows
|
||||||
* conf — config files like .tmux.conf
|
- conf — config files like .tmux.conf
|
||||||
* etc — /etc/
|
- etc — /etc/
|
||||||
* gpg — GNU Privacy Guard config files, ~/.gnupg/
|
- gpg — GNU Privacy Guard config files, ~/.gnupg/
|
||||||
* rc — bashrc, zshrc, vimrc and apparently \*init files…
|
- rc — bashrc, zshrc, vimrc and apparently \*init files…
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
## WARNING
|
## WARNING
|
||||||
|
|
||||||
* READ FIRST: [Microsoft: Installing Windows 11 on devices that don't meet minimum system requirements](https://support.microsoft.com/windows/installing-windows-11-on-devices-that-don-t-meet-minimum-system-requirements-0b2dc4a2-5933-4ad4-9c09-ef0a331518f1)
|
- READ FIRST: [Microsoft: Installing Windows 11 on devices that don't meet minimum system requirements](https://support.microsoft.com/windows/installing-windows-11-on-devices-that-don-t-meet-minimum-system-requirements-0b2dc4a2-5933-4ad4-9c09-ef0a331518f1)
|
||||||
|
|
||||||
This is not supported by Microsoft, most of the methods listed here didn't
|
This is not supported by Microsoft, most of the methods listed here didn't
|
||||||
work for me on the first system I updated, Windows is not my primary operating
|
work for me on the first system I updated, Windows is not my primary operating
|
||||||
@ -14,19 +14,19 @@ affect me.
|
|||||||
Sedric, Tassu and Zaldaryn have no TPM or currently supported CPU, while
|
Sedric, Tassu and Zaldaryn have no TPM or currently supported CPU, while
|
||||||
the health check app says they are only two to six years old.
|
the health check app says they are only two to six years old.
|
||||||
|
|
||||||
* https://github.com/AveYo/MediaCreationTool.bat
|
- https://github.com/AveYo/MediaCreationTool.bat
|
||||||
|
|
||||||
## Registry files here
|
## Registry files here
|
||||||
|
|
||||||
I think the first method is likely the best, but I cannot rule these working
|
I think the first method is likely the best, but I cannot rule these working
|
||||||
on another system out yet. They didn't work on my first system tried.
|
on another system out yet. They didn't work on my first system tried.
|
||||||
|
|
||||||
* `00-AllowUpgradesWithUnsupportedTPMOrCPU.reg` - the official Microsoft
|
- `00-AllowUpgradesWithUnsupportedTPMOrCPU.reg` - the official Microsoft
|
||||||
recommendation and the only one that should be used. If after reboot
|
recommendation and the only one that should be used. If after reboot
|
||||||
nothing happens, maybe try the rest rebooting every failure.
|
nothing happens, maybe try the rest rebooting every failure.
|
||||||
* https://support.microsoft.com/windows/windows-11-n-asentaminen-e0edbbfb-cfc5-4011-868b-2ce77ac7c70e
|
- https://support.microsoft.com/windows/windows-11-n-asentaminen-e0edbbfb-cfc5-4011-868b-2ce77ac7c70e
|
||||||
* `01-LabConfig.reg` - widely reported to work
|
- `01-LabConfig.reg` - widely reported to work
|
||||||
* `01-Setup.reg` - ^
|
- `01-Setup.reg` - ^
|
||||||
* `02-DevRing.reg` - after joining the Insider program, this should enforce
|
- `02-DevRing.reg` - after joining the Insider program, this should enforce
|
||||||
joining to Dev ring which should offer Windows 11 instantly. It may be
|
joining to Dev ring which should offer Windows 11 instantly. It may be
|
||||||
advisable to leave after successful update.
|
advisable to leave after successful update.
|
||||||
|
@ -2,25 +2,25 @@
|
|||||||
|
|
||||||
Requires Windows 11.
|
Requires Windows 11.
|
||||||
|
|
||||||
* `GPO-EnforceDoH.reg` enables the group policy to require DoH. However it
|
- `GPO-EnforceDoH.reg` enables the group policy to require DoH. However it
|
||||||
didn't seem to work for me or it allowed me to set the DNS server to not
|
didn't seem to work for me or it allowed me to set the DNS server to not
|
||||||
use DoH.
|
use DoH.
|
||||||
|
|
||||||
* `DohWellKnownServers` adds DoH support for multiple IPv4 & IPv6 addresses
|
- `DohWellKnownServers` adds DoH support for multiple IPv4 & IPv6 addresses
|
||||||
that Windows 11 isn't shipping by default, currently:
|
that Windows 11 isn't shipping by default, currently:
|
||||||
* Adguard
|
- Adguard
|
||||||
* Cloudflare antimalware
|
- Cloudflare antimalware
|
||||||
* DNS0 (& Zero)
|
- DNS0 (& Zero)
|
||||||
* Mullvad
|
- Mullvad
|
||||||
* Mullvad Adblock
|
- Mullvad Adblock
|
||||||
* Quad9 ECS (Windows 11 defaults include Quad9 default)
|
- Quad9 ECS (Windows 11 defaults include Quad9 default)
|
||||||
|
|
||||||
## Configuration
|
## Configuration
|
||||||
|
|
||||||
Once Windows knows about the DoH servers (DohWellKnownServers.reg), DNS-over
|
Once Windows knows about the DoH servers (DohWellKnownServers.reg), DNS-over
|
||||||
HTTPS can be enabled for:
|
HTTPS can be enabled for:
|
||||||
|
|
||||||
* All networks: `Windows-I (Settings) -> Network & Internet -> Advanced network settings -> WLAN -> View additional properties -> DNS Server assignment -> Edit`
|
- All networks: `Windows-I (Settings) -> Network & Internet -> Advanced network settings -> WLAN -> View additional properties -> DNS Server assignment -> Edit`
|
||||||
* Same place for Ethernet etc.
|
- Same place for Ethernet etc.
|
||||||
* Specific network: `Windows-I (Settings) -> Network & Internet -> WiFi -> Connected SSID -> DNS server assignment -> Edit`
|
- Specific network: `Windows-I (Settings) -> Network & Internet -> WiFi -> Connected SSID -> DNS server assignment -> Edit`
|
||||||
* Note: if the all networks one is configured, there is a warning about it not being used.
|
- Note: if the all networks one is configured, there is a warning about it not being used.
|
||||||
|
@ -1,8 +1,8 @@
|
|||||||
Some kind of explaining for [IPv6.reg](IPv6.reg) like
|
Some kind of explaining for [IPv6.reg](IPv6.reg) like
|
||||||
[Windows.reg](Windows.reg) which includes this file has.
|
[Windows.reg](Windows.reg) which includes this file has.
|
||||||
|
|
||||||
* Resolve IPv6 even without native connectivity.
|
- Resolve IPv6 even without native connectivity.
|
||||||
* Enable Teredo
|
- Enable Teredo
|
||||||
* As EnterpriseClient so it also works when joined into domain.
|
- As EnterpriseClient so it also works when joined into domain.
|
||||||
* Use `teredo.trex.fi` as Teredo server. This should be replaced with
|
- Use `teredo.trex.fi` as Teredo server. This should be replaced with
|
||||||
something that is as near as possible.
|
something that is as near as possible.
|
||||||
|
@ -7,11 +7,11 @@ Windows Registry Editor Version 5.00
|
|||||||
"ConsentPromptBehaviorUser"=dword:00000001
|
"ConsentPromptBehaviorUser"=dword:00000001
|
||||||
```
|
```
|
||||||
|
|
||||||
* Make the file Windows Registry Editor script
|
- Make the file Windows Registry Editor script
|
||||||
* Ask admins for password/PIN in UAC
|
- Ask admins for password/PIN in UAC
|
||||||
* 2 would ask for yes or no, 0 disable entirely (don't do that).
|
- 2 would ask for yes or no, 0 disable entirely (don't do that).
|
||||||
* prompt standard users for username and password. 2021-12-19: I don't understand this or the line below.
|
- prompt standard users for username and password. 2021-12-19: I don't understand this or the line below.
|
||||||
* The other option (1) doesn't even give them UAC prompt so you must
|
- The other option (1) doesn't even give them UAC prompt so you must
|
||||||
always login as admin to do anything.
|
always login as admin to do anything.
|
||||||
|
|
||||||
```
|
```
|
||||||
@ -24,13 +24,13 @@ Windows Registry Editor Version 5.00
|
|||||||
"EnableFirstLogonAnimation"=dword:00000000
|
"EnableFirstLogonAnimation"=dword:00000000
|
||||||
```
|
```
|
||||||
|
|
||||||
* Display the user list.
|
- Display the user list.
|
||||||
* Allows shutdown without being logged in
|
- Allows shutdown without being logged in
|
||||||
* Allows undocking without logging in
|
- Allows undocking without logging in
|
||||||
* Shows verbose information on login (starting service...)
|
- Shows verbose information on login (starting service...)
|
||||||
* Shows output of startup scripts
|
- Shows output of startup scripts
|
||||||
* Shows output of shutdown scripts
|
- Shows output of shutdown scripts
|
||||||
* Disables the first logon animation on Windows 8 and newer
|
- Disables the first logon animation on Windows 8 and newer
|
||||||
|
|
||||||
```
|
```
|
||||||
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TimeZoneInformation]
|
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TimeZoneInformation]
|
||||||
@ -38,8 +38,8 @@ Windows Registry Editor Version 5.00
|
|||||||
"RealTimeIsUniversal"=qword:00000001
|
"RealTimeIsUniversal"=qword:00000001
|
||||||
```
|
```
|
||||||
|
|
||||||
* Sets hardware clock to UTC time (doesn't affect system clock!)
|
- Sets hardware clock to UTC time (doesn't affect system clock!)
|
||||||
* qword for 64-bit, dword for 32-bit systems. The actual reg file has
|
- qword for 64-bit, dword for 32-bit systems. The actual reg file has
|
||||||
only qword as I haven't seen 32-bit Windowses lately.
|
only qword as I haven't seen 32-bit Windowses lately.
|
||||||
|
|
||||||
```
|
```
|
||||||
@ -47,7 +47,7 @@ Windows Registry Editor Version 5.00
|
|||||||
"AddrConfigControl"=dword:00000000
|
"AddrConfigControl"=dword:00000000
|
||||||
```
|
```
|
||||||
|
|
||||||
* be able to resolve IPv6 even when connection isn't native.
|
- be able to resolve IPv6 even when connection isn't native.
|
||||||
|
|
||||||
```
|
```
|
||||||
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\TCPIP\v6Transition]
|
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\TCPIP\v6Transition]
|
||||||
@ -56,13 +56,13 @@ Windows Registry Editor Version 5.00
|
|||||||
"Teredo_ServerName"="teredo.trex.fi"
|
"Teredo_ServerName"="teredo.trex.fi"
|
||||||
```
|
```
|
||||||
|
|
||||||
* Enable Teredo
|
- Enable Teredo
|
||||||
* Enable Teredo even when joined to domain.
|
- Enable Teredo even when joined to domain.
|
||||||
* Use `teredo.trex.fi` as Teredo server as it's in Finland where I am.
|
- Use `teredo.trex.fi` as Teredo server as it's in Finland where I am.
|
||||||
|
|
||||||
```
|
```
|
||||||
[HKEY_USERS\.DEFAULT\Control Panel\Keyboard]
|
[HKEY_USERS\.DEFAULT\Control Panel\Keyboard]
|
||||||
"InitialKeyboardIndicators"="2147483650"
|
"InitialKeyboardIndicators"="2147483650"
|
||||||
```
|
```
|
||||||
|
|
||||||
* Enable numlock on boot.
|
- Enable numlock on boot.
|
||||||
|
@ -6,33 +6,32 @@ w32tm /resync
|
|||||||
w32tm /query /peers
|
w32tm /query /peers
|
||||||
```
|
```
|
||||||
|
|
||||||
* The list is space separated NTP servers, while I think Windows uses SNTP instead
|
- The list is space separated NTP servers, while I think Windows uses SNTP instead
|
||||||
of NTP.
|
of NTP.
|
||||||
* `/resync` may sync current time, but is also required for the GUI
|
- `/resync` may sync current time, but is also required for the GUI
|
||||||
(Windows + I, Date & time) and following command to get aware of peers.
|
(Windows + I, Date & time) and following command to get aware of peers.
|
||||||
* Shows where time is synced from and statistics.
|
- Shows where time is synced from and statistics.
|
||||||
* There is also `net time` to sync, I am unsure of the differences while
|
- There is also `net time` to sync, I am unsure of the differences while
|
||||||
that may be blocked while the second keeps working. It may also not
|
that may be blocked while the second keeps working. It may also not
|
||||||
show all the peers, just the primary one, while `w32tm` is more verbose
|
show all the peers, just the primary one, while `w32tm` is more verbose
|
||||||
and has all of them.
|
and has all of them.
|
||||||
* As Windows doesn't support NTS and probably won't in near future, there is
|
- As Windows doesn't support NTS and probably won't in near future, there is
|
||||||
no point in listing distant foreign servers.
|
no point in listing distant foreign servers.
|
||||||
|
|
||||||
|
|
||||||
## Variations
|
## Variations
|
||||||
|
|
||||||
Variations of the timeserver setting command to be kept at hand
|
Variations of the timeserver setting command to be kept at hand
|
||||||
|
|
||||||
### DNA
|
### DNA
|
||||||
|
|
||||||
*Including Moi*
|
_Including Moi_
|
||||||
|
|
||||||
```
|
```
|
||||||
w32tm /config /syncfromflags:manual /manualpeerlist:"time.cloudflare.com ntp.dnainternet.fi time.mikes.fi time1.mikes.fi time2.mikes.fi time3.mikes.fi pool.ntp.org"
|
w32tm /config /syncfromflags:manual /manualpeerlist:"time.cloudflare.com ntp.dnainternet.fi time.mikes.fi time1.mikes.fi time2.mikes.fi time3.mikes.fi pool.ntp.org"
|
||||||
```
|
```
|
||||||
|
|
||||||
* https://www.dna.fi/liikennerajoitukset
|
- https://www.dna.fi/liikennerajoitukset
|
||||||
* https://asiakaspalvelu.moi.fi/hc/fi/articles/360029789832-Mitk%C3%A4-ovat-Moin-palvelinosoitteet-
|
- https://asiakaspalvelu.moi.fi/hc/fi/articles/360029789832-Mitk%C3%A4-ovat-Moin-palvelinosoitteet-
|
||||||
|
|
||||||
### Elisa
|
### Elisa
|
||||||
|
|
||||||
@ -40,22 +39,22 @@ w32tm /config /syncfromflags:manual /manualpeerlist:"time.cloudflare.com ntp.dna
|
|||||||
w32tm /config /syncfromflags:manual /manualpeerlist:"time.cloudflare.com ntp1.kolumbus.fi ntp2.kolumbus.fi ntp.saunalahti.fi time.mikes.fi time1.mikes.fi time2.mikes.fi time3.mikes.fi pool.ntp.org"
|
w32tm /config /syncfromflags:manual /manualpeerlist:"time.cloudflare.com ntp1.kolumbus.fi ntp2.kolumbus.fi ntp.saunalahti.fi time.mikes.fi time1.mikes.fi time2.mikes.fi time3.mikes.fi pool.ntp.org"
|
||||||
```
|
```
|
||||||
|
|
||||||
* https://elisa.fi/asiakaspalvelu/ohje/tiedonsiirtoportit-porttiohjaukset-palvelimet/
|
- https://elisa.fi/asiakaspalvelu/ohje/tiedonsiirtoportit-porttiohjaukset-palvelimet/
|
||||||
|
|
||||||
## Information about servers
|
## Information about servers
|
||||||
|
|
||||||
* https://www.cloudflare.com/time/
|
- https://www.cloudflare.com/time/
|
||||||
* https://www.netnod.se/nts/network-time-security
|
- https://www.netnod.se/nts/network-time-security
|
||||||
* https://www.vttresearch.com/fi/palvelut/suomen-aika-ntp-palvelu#julkinen
|
- https://www.vttresearch.com/fi/palvelut/suomen-aika-ntp-palvelu#julkinen
|
||||||
* https://www.ntppool.org/use.html
|
- https://www.ntppool.org/use.html
|
||||||
* Also mentions the syntax for multiple servers, but considering this Elisa
|
- Also mentions the syntax for multiple servers, but considering this Elisa
|
||||||
list has so many servers I am only picking one pool address just in case
|
list has so many servers I am only picking one pool address just in case
|
||||||
the others somehow fail.
|
the others somehow fail.
|
||||||
|
|
||||||
## Additional reading
|
## Additional reading
|
||||||
|
|
||||||
* Above links
|
- Above links
|
||||||
* https://jasoncoltrin.com/2018/08/02/how-to-set-clock-time-on-ad-domain-controller-and-sync-windows-clients/
|
- https://jasoncoltrin.com/2018/08/02/how-to-set-clock-time-on-ad-domain-controller-and-sync-windows-clients/
|
||||||
* this file might not exist without this post, while it doesn't mention
|
- this file might not exist without this post, while it doesn't mention
|
||||||
multiple servers, uses `time.windows.com` and I am yet to actually touch
|
multiple servers, uses `time.windows.com` and I am yet to actually touch
|
||||||
NTP on Windows Server environment.
|
NTP on Windows Server environment.
|
||||||
|
@ -21,11 +21,11 @@ Apparently Adwaita must be set to dark theme in `gnome-control-center`
|
|||||||
Using the same apps and `gnome-tweaks` (as there are probably a lot of
|
Using the same apps and `gnome-tweaks` (as there are probably a lot of
|
||||||
methods setting fonts):
|
methods setting fonts):
|
||||||
|
|
||||||
* User-interface text: Noto Serif Regular 10
|
- User-interface text: Noto Serif Regular 10
|
||||||
* Document text: Noto Serif Regular 11
|
- Document text: Noto Serif Regular 11
|
||||||
* Monospace text: Noto Sans Mono Regular 10
|
- Monospace text: Noto Sans Mono Regular 10
|
||||||
* Legacy window title text: Noto Serif Bold 11
|
- Legacy window title text: Noto Serif Bold 11
|
||||||
* Apparently this means "apps that don't use client-side decorations"
|
- Apparently this means "apps that don't use client-side decorations"
|
||||||
|
|
||||||
The number behind is obviously the number and it's based on what were the
|
The number behind is obviously the number and it's based on what were the
|
||||||
defaults before I touched them so I am hoping GNOME knows what they are
|
defaults before I touched them so I am hoping GNOME knows what they are
|
||||||
@ -41,10 +41,10 @@ have trouble handling it, e.g. mpv (makes Ä and Ö and Å all Å) and Firefox
|
|||||||
|
|
||||||
Other font settings in GNOME-Tweak:
|
Other font settings in GNOME-Tweak:
|
||||||
|
|
||||||
* Hinting: *a bit*
|
- Hinting: _a bit_
|
||||||
* for no particular reason
|
- for no particular reason
|
||||||
* Antialiasing: *Subpixel (for LCD-displays)*
|
- Antialiasing: _Subpixel (for LCD-displays)_
|
||||||
* I have no idea where there are "standard grayscale" displays that aren't
|
- I have no idea where there are "standard grayscale" displays that aren't
|
||||||
LCD.
|
LCD.
|
||||||
|
|
||||||
### Screen mirroring
|
### Screen mirroring
|
||||||
@ -53,9 +53,9 @@ Other font settings in GNOME-Tweak:
|
|||||||
|
|
||||||
Workarounds:
|
Workarounds:
|
||||||
|
|
||||||
* Use VNC (see my Scripts repo [`bash/swaymirror.bash`](https://gitea.blesmrt.net/mikaela/scripts/src/branch/master/bash/swaymirror.bash))
|
- Use VNC (see my Scripts repo [`bash/swaymirror.bash`](https://gitea.blesmrt.net/mikaela/scripts/src/branch/master/bash/swaymirror.bash))
|
||||||
* Do something weird with OBS
|
- Do something weird with OBS
|
||||||
* Use a dedicated application that don't seem to be in Fedora repos, flatpak
|
- Use a dedicated application that don't seem to be in Fedora repos, flatpak
|
||||||
or snap.
|
or snap.
|
||||||
* [github.com/Ferdi265/wl-mirror](https://github.com/Ferdi265/wl-mirror)
|
- [github.com/Ferdi265/wl-mirror](https://github.com/Ferdi265/wl-mirror)
|
||||||
* [github.com/progandy/wdomirror](https://github.com/progandy/wdomirror)
|
- [github.com/progandy/wdomirror](https://github.com/progandy/wdomirror)
|
||||||
|
@ -4,24 +4,24 @@
|
|||||||
Thus this `README.md` is not read, even if I happened to carelessly
|
Thus this `README.md` is not read, even if I happened to carelessly
|
||||||
copy-paste it in.
|
copy-paste it in.
|
||||||
|
|
||||||
* `autostart-communication.conf` - chat/communication apps I am expected to have
|
- `autostart-communication.conf` - chat/communication apps I am expected to have
|
||||||
open or at least check at times
|
open or at least check at times
|
||||||
* `autostart-fineid.conf` - Finnish electric identity card, that I also use as SSH key
|
- `autostart-fineid.conf` - Finnish electric identity card, that I also use as SSH key
|
||||||
* `autostart-utilities.conf` - general utilities, like `nm-applet` or VPN etc.
|
- `autostart-utilities.conf` - general utilities, like `nm-applet` or VPN etc.
|
||||||
* `grimshot.conf` - screenshotting keybinds using `grimshot`
|
- `grimshot.conf` - screenshotting keybinds using `grimshot`
|
||||||
* `i3-selenized-dark.conf` - selenized dark colour scheme
|
- `i3-selenized-dark.conf` - selenized dark colour scheme
|
||||||
* `keyboard.conf` - keyboard configuration
|
- `keyboard.conf` - keyboard configuration
|
||||||
* `media.conf` - media key configuration and autostarts related to it
|
- `media.conf` - media key configuration and autostarts related to it
|
||||||
* `pointer-accel.conf` - pointer/mouse configuration, mainly setting acceleration
|
- `pointer-accel.conf` - pointer/mouse configuration, mainly setting acceleration
|
||||||
profile to `flat`
|
profile to `flat`
|
||||||
* `README.md` - you are currently reading this :wink:
|
- `README.md` - you are currently reading this :wink:
|
||||||
* `sedric.conf` - configuration specific to my laptop hostnamed `sedric`
|
- `sedric.conf` - configuration specific to my laptop hostnamed `sedric`
|
||||||
* `swaybar.conf` - `swaybar` configuration
|
- `swaybar.conf` - `swaybar` configuration
|
||||||
* `swayidle.conf` - `swayidle` configuration/autostart
|
- `swayidle.conf` - `swayidle` configuration/autostart
|
||||||
* `wlsunset-kotka.conf` - `wlsunset` configuration/autostart for my hometown for when
|
- `wlsunset-kotka.conf` - `wlsunset` configuration/autostart for my hometown for when
|
||||||
I happen to visit for longer period of time
|
I happen to visit for longer period of time
|
||||||
* `wlsunset-lauttasaari.conf` - `wlsunset` configuration for my home neighbourhood
|
- `wlsunset-lauttasaari.conf` - `wlsunset` configuration for my home neighbourhood
|
||||||
* `zz-floating.conf` - configures windows that should float. For some reason
|
- `zz-floating.conf` - configures windows that should float. For some reason
|
||||||
that is inherited from my `i3` config, it tells to put float rules above the
|
that is inherited from my `i3` config, it tells to put float rules above the
|
||||||
last line, so it should be read last and `z` is the last letter of English
|
last line, so it should be read last and `z` is the last letter of English
|
||||||
alphabet so it will hopefully be read last.
|
alphabet so it will hopefully be read last.
|
||||||
|
@ -2,7 +2,17 @@
|
|||||||
"layer": "top",
|
"layer": "top",
|
||||||
"position": "left",
|
"position": "left",
|
||||||
"modules-left": ["sway/workspaces", "sway/mode"],
|
"modules-left": ["sway/workspaces", "sway/mode"],
|
||||||
"modules-right": ["cpu", "memory", "battery", "pulseaudio", "sway/language", "network", "bluetooth", "tray", "clock"],
|
"modules-right": [
|
||||||
|
"cpu",
|
||||||
|
"memory",
|
||||||
|
"battery",
|
||||||
|
"pulseaudio",
|
||||||
|
"sway/language",
|
||||||
|
"network",
|
||||||
|
"bluetooth",
|
||||||
|
"tray",
|
||||||
|
"clock"
|
||||||
|
],
|
||||||
"sway/window": {
|
"sway/window": {
|
||||||
"max-length": 50
|
"max-length": 50
|
||||||
},
|
},
|
||||||
@ -12,7 +22,7 @@
|
|||||||
"memory": {
|
"memory": {
|
||||||
"format": "RAM {percentage}%"
|
"format": "RAM {percentage}%"
|
||||||
},
|
},
|
||||||
"bluetooth": {
|
"bluetooth": {
|
||||||
"format": "BT {status}",
|
"format": "BT {status}",
|
||||||
"format-connected": "BT {device_alias}",
|
"format-connected": "BT {device_alias}",
|
||||||
"format-connected-battery": "BT {device_alias} {device_battery_percentage}%"
|
"format-connected-battery": "BT {device_alias} {device_battery_percentage}%"
|
||||||
@ -33,7 +43,7 @@
|
|||||||
"format": "KBD {short} {variant}",
|
"format": "KBD {short} {variant}",
|
||||||
"on-click": "swaymsg input type:keyboard xkb_switch_layout next"
|
"on-click": "swaymsg input type:keyboard xkb_switch_layout next"
|
||||||
},
|
},
|
||||||
"network": {
|
"network": {
|
||||||
//"interface": "wlan0",
|
//"interface": "wlan0",
|
||||||
"format": "{ifname}",
|
"format": "{ifname}",
|
||||||
"format-wifi": "{frequency}G {signalStrength}% {essid}",
|
"format-wifi": "{frequency}G {signalStrength}% {essid}",
|
||||||
@ -44,7 +54,7 @@
|
|||||||
"tooltip-format-ethernet": "{ifname} up",
|
"tooltip-format-ethernet": "{ifname} up",
|
||||||
"tooltip-format-disconnected": "Disconnected",
|
"tooltip-format-disconnected": "Disconnected",
|
||||||
"max-length": 50
|
"max-length": 50
|
||||||
},
|
},
|
||||||
"clock": {
|
"clock": {
|
||||||
"format": "{:%a. %d.\n%b.\n%Y-%j\n%G-W%V-%u\n%F\n%H.%M.%S}"
|
"format": "{:%a. %d.\n%b.\n%Y-%j\n%G-W%V-%u\n%F\n%H.%M.%S}"
|
||||||
}
|
}
|
||||||
|
@ -30,11 +30,13 @@ tooltip label {
|
|||||||
}
|
}
|
||||||
|
|
||||||
#workspaces button.focused {
|
#workspaces button.focused {
|
||||||
background: #64727D;
|
background: #64727d;
|
||||||
border-bottom: 3px solid white;
|
border-bottom: 3px solid white;
|
||||||
}
|
}
|
||||||
|
|
||||||
#mode, #clock, #battery {
|
#mode,
|
||||||
|
#clock,
|
||||||
|
#battery {
|
||||||
padding: 0 10px;
|
padding: 0 10px;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -25,23 +25,22 @@ assume that means 2.
|
|||||||
Note: -N uses names specified in config instead of reverse name lookupping
|
Note: -N uses names specified in config instead of reverse name lookupping
|
||||||
then.
|
then.
|
||||||
|
|
||||||
* `chrony -N activity` - what sources are doing
|
- `chrony -N activity` - what sources are doing
|
||||||
* `chrony -N authdata` - can show that server uses NTS
|
- `chrony -N authdata` - can show that server uses NTS
|
||||||
* `chrony -N ntpdata` - a lot of data on the servers
|
- `chrony -N ntpdata` - a lot of data on the servers
|
||||||
* `chronyc offline` - offline mode
|
- `chronyc offline` - offline mode
|
||||||
* `chronyc online` - reconnects servers
|
- `chronyc online` - reconnects servers
|
||||||
* `chrony -N sources` - used timeservers and their statuses
|
- `chrony -N sources` - used timeservers and their statuses
|
||||||
* `chrony -N tracking` - local status (stratum and own clock etc.)
|
- `chrony -N tracking` - local status (stratum and own clock etc.)
|
||||||
|
|
||||||
|
|
||||||
### nmap
|
### nmap
|
||||||
|
|
||||||
|
|
||||||
Checking that something is an NTP server? Needs root:
|
Checking that something is an NTP server? Needs root:
|
||||||
|
|
||||||
```
|
```
|
||||||
nmap -sU -p 123 --script=ntp-info 192.168.0.1
|
nmap -sU -p 123 --script=ntp-info 192.168.0.1
|
||||||
```
|
```
|
||||||
|
|
||||||
Checking that something has NTS?
|
Checking that something has NTS?
|
||||||
|
|
||||||
```
|
```
|
||||||
|
@ -12,6 +12,6 @@ but that way you must trust DNSSEC, CloudFlare and wherever the CNAME
|
|||||||
points to who may not have DNSSEC. If you are using this file
|
points to who may not have DNSSEC. If you are using this file
|
||||||
(you shouldn't), you are already trusting me.
|
(you shouldn't), you are already trusting me.
|
||||||
|
|
||||||
[dnscrypt-proxy]:https://github.com/jedisct1/dnscrypt-proxy
|
[dnscrypt-proxy]: https://github.com/jedisct1/dnscrypt-proxy
|
||||||
[Hyperboria]:https://hyperboria.net/
|
[hyperboria]: https://hyperboria.net/
|
||||||
[Yggdrasil]:https://yggdrasil-network.github.io/
|
[yggdrasil]: https://yggdrasil-network.github.io/
|
||||||
|
@ -1,25 +1,24 @@
|
|||||||
Useful nginx files that I will probably need and which I will forget if I
|
Useful nginx files that I will probably need and which I will forget if I
|
||||||
cannot read them from here.
|
cannot read them from here.
|
||||||
|
|
||||||
* * * * *
|
---
|
||||||
|
|
||||||
## FUTURE WARNING
|
## FUTURE WARNING
|
||||||
|
|
||||||
These files may age badly, so here are some hopefully timeless pointers:
|
These files may age badly, so here are some hopefully timeless pointers:
|
||||||
|
|
||||||
* Generate the config file with https://ssl-config.mozilla.org/ (and if
|
- Generate the config file with https://ssl-config.mozilla.org/ (and if
|
||||||
time eats it, try https://github.com/mozilla/ssl-config-generator/ in
|
time eats it, try https://github.com/mozilla/ssl-config-generator/ in
|
||||||
hope of finding where it is now.
|
hope of finding where it is now. \* Name it 00-something so it will be the first file read and make
|
||||||
* Name it 00-something so it will be the first file read and make
|
|
||||||
everything a different file.
|
everything a different file.
|
||||||
* If using my acmesh-ssl.bash script, the files to fill should be like:
|
- If using my acmesh-ssl.bash script, the files to fill should be like:
|
||||||
|
|
||||||
(the script runs `$ACMESH --key-file $NGINXDIR/key.pem --fullchain-file $NGINXDIR/cert.pem --reloadcmd "$SYSTEMCTLRESTART nginx"`)
|
(the script runs `$ACMESH --key-file $NGINXDIR/key.pem --fullchain-file $NGINXDIR/cert.pem --reloadcmd "$SYSTEMCTLRESTART nginx"`)
|
||||||
|
|
||||||
* `ssl_certificate`, `ssl_trusted_certificate` are `cert.pem`
|
- `ssl_certificate`, `ssl_trusted_certificate` are `cert.pem`
|
||||||
* `ssl_certificate_key` is `key.pem`
|
- `ssl_certificate_key` is `key.pem`
|
||||||
|
|
||||||
The header syntax is following, ***THIS LIKELY WON'T TIME WELL, ESPECIALLY CSP***
|
The header syntax is following, **_THIS LIKELY WON'T TIME WELL, ESPECIALLY CSP_**
|
||||||
|
|
||||||
```
|
```
|
||||||
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always;
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always;
|
||||||
@ -33,12 +32,12 @@ The CSP comes from `HEAD "http://[::]:9000/#/chan-1"` to figure out what
|
|||||||
TheLounge would be setting without a reverse proxy in front of it. `HEAD` is
|
TheLounge would be setting without a reverse proxy in front of it. `HEAD` is
|
||||||
in Debian package `libwww-perl`
|
in Debian package `libwww-perl`
|
||||||
|
|
||||||
* Refer to tester tools to see if the configuration is fine:
|
- Refer to tester tools to see if the configuration is fine:
|
||||||
* https://observatory.mozilla.org/
|
- https://observatory.mozilla.org/
|
||||||
* https://securityheaders.com/
|
- https://securityheaders.com/
|
||||||
* https://www.ssllabs.com/ssltest/
|
- https://www.ssllabs.com/ssltest/
|
||||||
|
|
||||||
* * * * *
|
---
|
||||||
|
|
||||||
## Arch
|
## Arch
|
||||||
|
|
||||||
|
@ -7,11 +7,11 @@ marking the headset as "Pro-audio" in pavucontrol Settings tab and adjusting
|
|||||||
one from `alsamixer` is enough to fix it.
|
one from `alsamixer` is enough to fix it.
|
||||||
|
|
||||||
In `alsamixer` having it as pro-audio exposes the sound card in F6 known as
|
In `alsamixer` having it as pro-audio exposes the sound card in F6 known as
|
||||||
*Logitech USB Headset* and there I see two siliders, *Headphone* and *Mic*,
|
_Logitech USB Headset_ and there I see two siliders, _Headphone_ and _Mic_,
|
||||||
*Headphone* can apparently be 100 and *Mic* muted when not in use to avoid
|
_Headphone_ can apparently be 100 and _Mic_ muted when not in use to avoid
|
||||||
it echoing back.
|
it echoing back.
|
||||||
|
|
||||||
* * * * *
|
---
|
||||||
|
|
||||||
The old pulseaudio fix for less than 20 % volume being unhearable is editing
|
The old pulseaudio fix for less than 20 % volume being unhearable is editing
|
||||||
`alsa-monitor.conf` and uncommenting `api.alsa.ignore-dB = true`
|
`alsa-monitor.conf` and uncommenting `api.alsa.ignore-dB = true`
|
||||||
@ -32,10 +32,10 @@ don't exist by default anymore, they need to be copied and edited separately
|
|||||||
|
|
||||||
See also:
|
See also:
|
||||||
|
|
||||||
* https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/1220
|
- https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/1220
|
||||||
* marked as duplicate of: https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/207
|
- marked as duplicate of: https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/207
|
||||||
|
|
||||||
## Bluetooth
|
## Bluetooth
|
||||||
|
|
||||||
* https://www.redpill-linpro.com/techblog/2021/05/31/better-bluetooth-headset-audio-with-msbc.html
|
- https://www.redpill-linpro.com/techblog/2021/05/31/better-bluetooth-headset-audio-with-msbc.html
|
||||||
* https://web.archive.org/web/20210614103423/https://www.redpill-linpro.com/techblog/2021/05/31/better-bluetooth-headset-audio-with-msbc.html
|
- https://web.archive.org/web/20210614103423/https://www.redpill-linpro.com/techblog/2021/05/31/better-bluetooth-headset-audio-with-msbc.html
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
Central configuration for PKCS#11 plugin using software and smartcards.
|
Central configuration for PKCS#11 plugin using software and smartcards.
|
||||||
|
|
||||||
* https://digisaatio.fi/wiki/P11-kit
|
- https://digisaatio.fi/wiki/P11-kit
|
||||||
* https://www.systutorials.com/docs/linux/man/5-pkcs11.conf/
|
- https://www.systutorials.com/docs/linux/man/5-pkcs11.conf/
|
||||||
|
|
||||||
Remember also [my FINEID notes in the gist/ repo](https://gitea.blesmrt.net/mikaela/gist/src/branch/master/fineid)
|
Remember also [my FINEID notes in the gist/ repo](https://gitea.blesmrt.net/mikaela/gist/src/branch/master/fineid)
|
||||||
|
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
sshd_config should include something like
|
sshd_config should include something like
|
||||||
|
|
||||||
Include /etc/ssh/sshd_config.d/*.conf
|
Include /etc/ssh/sshd_config.d/\*.conf
|
||||||
|
|
||||||
NOTE: This became supported only at OpenSSHd 8.2 on 2020-02-14.
|
NOTE: This became supported only at OpenSSHd 8.2 on 2020-02-14.
|
||||||
https://www.openssh.com/txt/release-8.2
|
https://www.openssh.com/txt/release-8.2
|
||||||
|
@ -11,24 +11,24 @@ sudo systemctl restart systemd-resolved
|
|||||||
|
|
||||||
## Files explained
|
## Files explained
|
||||||
|
|
||||||
* `00-defaults.conf` - configuration not touching resolvers. Disables DNSSEC (as
|
- `00-defaults.conf` - configuration not touching resolvers. Disables DNSSEC (as
|
||||||
systemd-resolved doesn't handle it properly), enables opportunistic DoT and
|
systemd-resolved doesn't handle it properly), enables opportunistic DoT and
|
||||||
caching.
|
caching.
|
||||||
* `dot-*.conf` - configuration to use the DNS provider with DNS-over-TLS. If
|
- `dot-*.conf` - configuration to use the DNS provider with DNS-over-TLS. If
|
||||||
captive portals are a concern, `DNSOverTLS=no`.
|
captive portals are a concern, `DNSOverTLS=no`.
|
||||||
* `README.md` - you are reading it right now.
|
- `README.md` - you are reading it right now.
|
||||||
|
|
||||||
## General commentary
|
## General commentary
|
||||||
|
|
||||||
* Based on my test DNSOverTLS is not supported in Ubuntu 18.04.x LTS (however
|
- Based on my test DNSOverTLS is not supported in Ubuntu 18.04.x LTS (however
|
||||||
at the time of writing this README.md, the current version is Ubuntu 20.04.0)
|
at the time of writing this README.md, the current version is Ubuntu 20.04.0)
|
||||||
(systemd v237). DNSOverTLS became supported in v239, strict mode (yes) in
|
(systemd v237). DNSOverTLS became supported in v239, strict mode (yes) in
|
||||||
v243 (big improvements in v244).
|
v243 (big improvements in v244).
|
||||||
* TODO: find out when SNI became supported, I have just spotted it in the
|
- TODO: find out when SNI became supported, I have just spotted it in the
|
||||||
fine manual in 2020-06-??.
|
fine manual in 2020-06-??.
|
||||||
* Domains has to be `.~` for them to override DHCP. See https://www.internetsociety.org/blog/2018/12/dns-privacy-in-linux-systemd
|
- Domains has to be `.~` for them to override DHCP. See https://www.internetsociety.org/blog/2018/12/dns-privacy-in-linux-systemd
|
||||||
without which I wouldn't have got this right.
|
without which I wouldn't have got this right.
|
||||||
* DNSSEC may not work if the system is down for a long time and not updated.
|
- DNSSEC may not work if the system is down for a long time and not updated.
|
||||||
Thus `allow-downgrade` may be better for non-tech people, even with the
|
Thus `allow-downgrade` may be better for non-tech people, even with the
|
||||||
potential downgrade attack. There are also captive portals, affecting
|
potential downgrade attack. There are also captive portals, affecting
|
||||||
`DNSOverTLS`. Both take `yes` or `no` or their own special option,
|
`DNSOverTLS`. Both take `yes` or `no` or their own special option,
|
||||||
@ -36,7 +36,7 @@ sudo systemctl restart systemd-resolved
|
|||||||
|
|
||||||
Other links I have found important and my files are based on:
|
Other links I have found important and my files are based on:
|
||||||
|
|
||||||
* https://wiki.archlinux.org/index.php/Systemd-resolved
|
- https://wiki.archlinux.org/index.php/Systemd-resolved
|
||||||
* Also provides the serious issues systemd-resolved+DNSSEC issues, https://github.com/systemd/systemd/issues/10579 & https://github.com/systemd/systemd/issues/9867
|
- Also provides the serious issues systemd-resolved+DNSSEC issues, https://github.com/systemd/systemd/issues/10579 & https://github.com/systemd/systemd/issues/9867
|
||||||
* request for strict DOT: https://github.com/systemd/systemd/issues/10755
|
- request for strict DOT: https://github.com/systemd/systemd/issues/10755
|
||||||
* vulnerable to MITM: https://github.com/systemd/systemd/issues/9397
|
- vulnerable to MITM: https://github.com/systemd/systemd/issues/9397
|
||||||
|
@ -3,13 +3,13 @@ subdirectories. The sudirectories won't exist in the real
|
|||||||
`/etc/systemd/system` unless they end `.wants` or `.d` or something similar
|
`/etc/systemd/system` unless they end `.wants` or `.d` or something similar
|
||||||
and I forget to update this README file if that happens.
|
and I forget to update this README file if that happens.
|
||||||
|
|
||||||
* reflector.service is copied from https://wiki.archlinux.org/index.php/Reflector
|
- reflector.service is copied from https://wiki.archlinux.org/index.php/Reflector
|
||||||
but uses https instead of http, because there is no reason I would want
|
but uses https instead of http, because there is no reason I would want
|
||||||
someone to see what I download.
|
someone to see what I download.
|
||||||
|
|
||||||
## Worth reading
|
## Worth reading
|
||||||
|
|
||||||
* Waiting for network devices to have IP address (**I only use this for
|
- Waiting for network devices to have IP address (**I only use this for
|
||||||
cables**) https://wiki.freedesktop.org/www/Software/systemd/NetworkTarget/#cutthecraphowdoimakenetwork.targetworkforme
|
cables**) https://wiki.freedesktop.org/www/Software/systemd/NetworkTarget/#cutthecraphowdoimakenetwork.targetworkforme
|
||||||
* systemctl enable NetworkManager-wait-online.service
|
_ systemctl enable NetworkManager-wait-online.service
|
||||||
* systemctl enable systemd-networkd-wait-online.service
|
_ systemctl enable systemd-networkd-wait-online.service
|
||||||
|
@ -1,9 +1,8 @@
|
|||||||
The IPv6 files are copied from
|
The IPv6 files are copied from
|
||||||
https://www.reddit.com/r/raspberry_pi/comments/14vcpz/rpi_as_an_ipv6_router_using_a_sixxs_tunnel_and/
|
https://www.reddit.com/r/raspberry_pi/comments/14vcpz/rpi_as_an_ipv6_router_using_a_sixxs_tunnel_and/
|
||||||
and they are here because they were my biggest difficulty with having Arch
|
and they are here because they were my biggest difficulty with having Arch
|
||||||
on Pi as IPv6 router.
|
on Pi as IPv6 router. \* Also helpful
|
||||||
* Also helpful
|
https://wiki.archlinux.org/index.php/IPv6_tunnel_broker_setup
|
||||||
https://wiki.archlinux.org/index.php/IPv6_tunnel_broker_setup
|
|
||||||
|
|
||||||
Miredo.service again is edited from what Arch & Debian ship so it starts
|
Miredo.service again is edited from what Arch & Debian ship so it starts
|
||||||
after there is already network connectivity and Unbound is running
|
after there is already network connectivity and Unbound is running
|
||||||
|
@ -2,5 +2,5 @@ Services in this directory are meant for my Jolla Phone which runs
|
|||||||
Sailfish OS. It doesn't have cron, so I tried the nearest equivalent
|
Sailfish OS. It doesn't have cron, so I tried the nearest equivalent
|
||||||
that is there out-of-box, systemd timers.
|
that is there out-of-box, systemd timers.
|
||||||
|
|
||||||
* aliendalvik-stopper again stops android support hourly so it won't waste
|
- aliendalvik-stopper again stops android support hourly so it won't waste
|
||||||
battery.
|
battery.
|
||||||
|
@ -1,10 +1,9 @@
|
|||||||
System-wide autostart files
|
# System-wide autostart files
|
||||||
===========================
|
|
||||||
|
|
||||||
*Note: this directory is also being used as `~/.local/share/applications`
|
_Note: this directory is also being used as `~/.local/share/applications`
|
||||||
which populates the app menu, my autostart is thankfully not this
|
which populates the app menu, my autostart is thankfully not this
|
||||||
populated.*
|
populated._
|
||||||
|
|
||||||
* redshift - app that changes screen temperature along the sun
|
- redshift - app that changes screen temperature along the sun
|
||||||
* telegramdesktop - IM app, based on telegram-desktop package
|
- telegramdesktop - IM app, based on telegram-desktop package
|
||||||
* com.wire.WireDesktop - Wire flatpak based on the flatpak of the same name
|
- com.wire.WireDesktop - Wire flatpak based on the flatpak of the same name
|
||||||
|
@ -6,8 +6,8 @@ as the links below.
|
|||||||
|
|
||||||
## Additional repositories
|
## Additional repositories
|
||||||
|
|
||||||
* Begin by `sudo fedora-third-party enable`
|
- Begin by `sudo fedora-third-party enable`
|
||||||
* https://github.com/yggdrasil-network/yggdrasil-network.github.io/issues/127#issuecomment-766520311
|
- https://github.com/yggdrasil-network/yggdrasil-network.github.io/issues/127#issuecomment-766520311
|
||||||
* https://www.insynchq.com/
|
- https://www.insynchq.com/
|
||||||
* https://keybase.io/docs/the_app/install_linux
|
- https://keybase.io/docs/the_app/install_linux
|
||||||
* https://rpmfusion.org/Configuration
|
- https://rpmfusion.org/Configuration
|
||||||
|
@ -5,15 +5,15 @@ NetworkManager.
|
|||||||
|
|
||||||
Notes:
|
Notes:
|
||||||
|
|
||||||
* `git commit`ing the same SSID with different capitalisations breaks
|
- `git commit`ing the same SSID with different capitalisations breaks
|
||||||
Windows and more common macOS setups due to their filesystems being
|
Windows and more common macOS setups due to their filesystems being
|
||||||
case-insensitive.
|
case-insensitive.
|
||||||
* `Settings.AutoConnect=true` is unnecessary as it defaults to true
|
- `Settings.AutoConnect=true` is unnecessary as it defaults to true
|
||||||
according to `man iwd.network`.
|
according to `man iwd.network`.
|
||||||
* `IPv6.Enabled=true` defauls to true being also unnecessary.
|
- `IPv6.Enabled=true` defauls to true being also unnecessary.
|
||||||
* `private-home-sample.psk` has a comment on MAC address override and sends
|
- `private-home-sample.psk` has a comment on MAC address override and sends
|
||||||
hostname with IPv4 DHCP. `private-cafe-sample.psk` always randomizes MAC
|
hostname with IPv4 DHCP. `private-cafe-sample.psk` always randomizes MAC
|
||||||
address and doesn't send hostname.
|
address and doesn't send hostname.
|
||||||
* The `.open` networks always randomize MAC address too. If a network is
|
- The `.open` networks always randomize MAC address too. If a network is
|
||||||
private and needs MAC address for captive portal override or something,
|
private and needs MAC address for captive portal override or something,
|
||||||
`private-home-sample.psk` should be adjusted from.
|
`private-home-sample.psk` should be adjusted from.
|
||||||
|
Loading…
Reference in New Issue
Block a user