shell-things

mirror of https://gitea.blesmrt.net/mikaela/shell-things.git synced 2024-11-06 17:39:22 +01:00

Author	SHA1	Message	Date
Aminda Suomalainen	ddbd1acca0	ssh: disable RSA host key	2024-01-12 13:50:49 +02:00
Aminda Suomalainen	53c78384e0	etc/apt/sources.list: rm ubuntu* Seems pretty outdated and I cannot see the purpose.	2024-01-07 12:33:53 +02:00
Aminda Suomalainen	2b4487fccb	etc/sources.list.d: add untested nordvpn.list for the only Debian around	2024-01-07 12:29:49 +02:00
Aminda Suomalainen	7748d64ad7	systemd: deduplicate qbittorrent, add qbittorrent-nox@.service overrides	2024-01-06 12:34:44 +02:00
Aminda Suomalainen	86575ddd37	etc/sudoers.d/lecture: rewrite comment including superuser & serverfault links	2024-01-05 13:17:22 +02:00
Aminda Suomalainen	0f5dceed49	etc/sudoers.d: add nordvpn	2024-01-05 12:56:06 +02:00
Aminda Suomalainen	39dffa8939	systemd service.d: move common explanations from never-fail.conf to README.md	2024-01-04 12:35:48 +02:00
Aminda Suomalainen	d99566d26f	systemd/service.d: add nordvpn.conf	2024-01-04 12:31:11 +02:00
Aminda Suomalainen	8a73d0fd63	unbound.conf.d: add nordvpn.conf	2024-01-04 12:28:38 +02:00
Aminda Suomalainen	aa97b82e31	systemd-resolved: add nordvpn.conf	2024-01-04 12:25:53 +02:00
Aminda Suomalainen	8771c98645	etc/yum.repos.d/brave-*: remove unknown option autorefresh	2024-01-04 07:45:11 +02:00
Aminda Suomalainen	09b64835f7	etc/yum.repos.d/nordvpn.repo: initial commit I don't want to use their curlbash and I am considering a Revolut plan that would include their standard plan as well	2024-01-03 16:54:59 +02:00
Aminda Suomalainen	bb60cbe8e6	yum/repos.d/librewolf-repo.repo: correct repo name	2024-01-03 16:53:38 +02:00
Aminda Suomalainen	e4c6ff7569	etc/sudoers.d: add lecture for always giving the first time lecture	2024-01-02 10:54:53 +02:00
Aminda Suomalainen	9a0895e412	unbound: merge dot-quad9-ecs.conf into dot-quad9.conf	2023-12-31 16:38:05 +02:00
Aminda Suomalainen	dba9d4c908	unbound/dot-dns0-*.conf: merge to dot-dns0.conf	2023-12-30 15:46:22 +02:00
Aminda Suomalainen	a6dd953817	etc/dracut.conf.d/10-asahi.conf: workaround F40 kernel update failures	2023-12-29 13:26:25 +02:00
Aminda Suomalainen	feef4cbba5	bluetooth.service.d: clarify comments on tested distros & ponder name	2023-12-28 21:30:26 +02:00
Aminda Suomalainen	be618810c5	bluetooth.service.d: drop fedora- from experimental.conf	2023-12-28 21:28:27 +02:00
Aminda Suomalainen	f31cb882a5	practically rewrite etc/resolv.conf	2023-12-26 10:51:30 +02:00
Aminda Suomalainen	9d69584103	Revert "systemd/service.d: add for-network-online.conf so the service is enabled for that" This reverts commit `0dc32a525a`.	2023-12-25 21:26:10 +02:00
Aminda Suomalainen	fc91247cd1	Revert "yggdrasil.service.d: also allow yggdrasil to start before network-online" This reverts commit `fbc82b81f4`.	2023-12-25 21:25:44 +02:00
Aminda Suomalainen	68fc6be7b9	Revert "unbound.service.d: add the for-network-online.conf" This reverts commit `6ba99feb58`.	2023-12-25 21:25:22 +02:00
Aminda Suomalainen	85dbc413f0	systemd/system: write tlp-masker.bash instead of having symlinks to /dev/null	2023-12-25 17:27:30 +02:00
Aminda Suomalainen	7d8fe8c1fa	systemd/system/README: attempt to fix formatting	2023-12-25 17:03:14 +02:00
Aminda Suomalainen	0327162daa	systemd-resolved: double dnssec	2023-12-25 15:48:23 +02:00
Aminda Suomalainen	f8f71d77a2	resolv.conf: add systemd-resolved default as a comment too	2023-12-25 15:40:41 +02:00
Aminda Suomalainen	4286b4a22f	systemd: add start-unbound.service	2023-12-25 15:39:35 +02:00
Aminda Suomalainen	fbc82b81f4	yggdrasil.service.d: also allow yggdrasil to start before network-online	2023-12-25 12:41:46 +02:00
Aminda Suomalainen	214966ae54	unbound.service.d: rm WRONG fedora-network-pre.conf	2023-12-25 12:40:40 +02:00
Aminda Suomalainen	6ba99feb58	unbound.service.d: add the for-network-online.conf	2023-12-25 12:39:58 +02:00
Aminda Suomalainen	0dc32a525a	systemd/service.d: add for-network-online.conf so the service is enabled for that	2023-12-25 12:38:05 +02:00
Aminda Suomalainen	5f6e07f353	etc/…/dnf.conf: note RPMCoW plugin in comment on delta RPMs	2023-12-18 09:00:49 +02:00
Aminda Suomalainen	3f0557b1d0	move & update pipewire-media-session notes to wireplumber	2023-12-17 21:56:45 +02:00
Aminda Suomalainen	2222ebd249	wireplumber: note package pipewire-codec-aptx	2023-12-17 21:48:57 +02:00
Aminda Suomalainen	e9fe061b2c	etc/sudoers.d: add insults	2023-12-15 13:04:08 +02:00
Aminda Suomalainen	dc1fa5e65d	wireplumber/61-more-codecs.lua: note that all disables HQ playback	2023-11-30 10:43:01 +02:00
Aminda Suomalainen	b770e2f51d	etc/wireplumber: don't artificially restrict codecs	2023-11-30 10:38:06 +02:00
Aminda Suomalainen	90556db965	bluetooth.service.d: add steamos-experimental.conf	2023-11-29 09:54:28 +02:00
Aminda Suomalainen	88bfa88985	experimental wireplumber configuration	2023-11-29 09:44:35 +02:00
Aminda Suomalainen	9853513f01	dnf: disable DeltaRPMs	2023-11-27 09:12:45 +02:00
Aminda Suomalainen	91428c51af	systemd-resolved: git rm dot-nextdns.conf	2023-11-26 16:23:31 +02:00
Aminda Suomalainen	1abfd94f01	systemd-resolved/dot-dns0: merge lines	2023-11-26 16:23:12 +02:00
Aminda Suomalainen	b583b8a6d4	systemd-resolved/*.conf: add appliedprivacy DoTo443 as a comment	2023-11-26 16:19:55 +02:00
Aminda Suomalainen	dee168e287	systemd-resolved: merge provider configs	2023-11-26 16:18:15 +02:00
Aminda Suomalainen	fa3fc72afb	systemd-resolved: cleanup configs I don't recommend	2023-11-26 16:12:38 +02:00
Aminda Suomalainen	16ddfd92e8	chrony/sources.d: rethink yggdrasil.sources	2023-11-22 11:28:21 +02:00
Aminda Suomalainen	865e816384	chrony/finland.sources: enable xleave for the known Chrony	2023-11-22 10:17:32 +02:00
Aminda Suomalainen	88f443911f	chrony/yggdrasil.sources: comment kincarron, unlikely to return in near future	2023-11-22 08:38:40 +02:00
Aminda Suomalainen	b9bc665e07	chrony/nts-servers.sources: comment sources not in Finland	2023-11-22 08:38:12 +02:00
Aminda Suomalainen	6918ac27d4	yum.repos.d: add mullvad.repo	2023-11-20 21:27:48 +02:00
Aminda Suomalainen	da99ce785f	chrony/conf.d: add .FIXME suffix to ca-certificates.conf, clarifying comments	2023-11-16 20:19:39 +02:00
Aminda Suomalainen	428802a4fd	unbound: rm mullvad configuration It's wrong and I am not currently using it	2023-11-12 12:51:54 +02:00
Aminda Suomalainen	e825c1dac3	systemd-resolved: dot-mullvad.conf: update domains, add commented other server options	2023-11-12 12:51:07 +02:00
Aminda Suomalainen	60b3c620fb	systemd-resolved: rm dot-mullvad-adblock.conf	2023-11-12 12:46:35 +02:00
Aminda Suomalainen	f64b94894c	resolv.tsv: update Mullvad addresses	2023-11-12 12:45:43 +02:00
Aminda Suomalainen	4f2f41762c	etc/yum.repos.d: note LibreWolf upstream documentation	2023-11-11 18:27:55 +02:00
Aminda Suomalainen	35b90b6d06	resolv.tsv: update/add/fix Mullvad offering	2023-11-10 15:14:42 +02:00
Aminda Suomalainen	d2c6f99401	ssh_config: remove deprecated option useroaming Even Debian Bookworm mentions it as deprecated in ssh -vvv and I seriously doubt I have such old SSH running anywhere	2023-10-28 22:27:06 +03:00
Aminda Suomalainen	4f87dd6221	samba/playstation2.conf: specify hosts allow	2023-10-28 20:35:08 +03:00
Aminda Suomalainen	ad59c45eb3	yum.repos.d/README.md: update Yggdrasil address	2023-10-28 18:12:51 +03:00
Aminda Suomalainen	b6ecd1b173	systemd-resolved: keep DNSSEC enabled	2023-10-21 11:27:07 +03:00
Aminda Suomalainen	7b4d791d07	flatpak-update.timer: increase frequency	2023-10-19 10:43:55 +03:00
Aminda Suomalainen	94c23e2f7d	etc/nginx: fix line endings and indentation UNTESTED! TODO WIP etc.?	2023-10-19 09:27:55 +03:00
Aminda Suomalainen	90edac262a	resolved.conf.d: add dot-dns0-appliedprivacy.conf in style of quad9-ecs-appliedprivacy	2023-10-14 19:18:45 +03:00
Aminda Suomalainen	79210446ed	local/share/applications: add SteamOS-kscreenlocker.desktop symlink	2023-10-09 12:54:34 +03:00
Aminda Suomalainen	5419ff1bc7	move submodule to submodules/	2023-10-09 12:50:52 +03:00
Aminda Suomalainen	b8f1aa69dd	unbound/00-insecure-domains.conf: add router.asus.com	2023-10-07 13:10:07 +03:00
Aminda Suomalainen	1eeef2f511	resolved: add dot-quad9-ecs-appliedprivacy.conf for Steam Deck purposes	2023-10-01 19:06:46 +03:00
Aminda Suomalainen	5297140958	systemd/limnoria.service: place limit on memory, commented cpuquote	2023-10-01 10:47:06 +03:00
Aminda Suomalainen	024fd40e87	git rm etc/hosts.append https://gitea.blesmrt.net/mikaela/gist/src/branch/master/DNS/blocklist.txt	2023-09-30 17:39:47 +03:00
Aminda Suomalainen	d7acebbe45	chrony/sources.d/yggdrasil: remove Teknologia Avoimeksi	2023-09-30 17:38:45 +03:00
Aminda Suomalainen	10a841acfe	systemd/journald.conf.d: add 00-journal-size.conf	2023-09-29 15:06:41 +03:00
Aminda Suomalainen	c32910df57	systemd/syncplay-server.service: use venv Resolves: #145 Thanks again @EchedeyLR	2023-09-29 10:57:06 +03:00
Aminda Suomalainen	a4b7bdb51a	systemd/limnoria: use venv & update Ergo's name Thanks @EchedeyLR (ref: mikaela/shell-things#145)	2023-09-29 10:39:44 +03:00
Aminda Suomalainen	2c47aaae48	sshd_config.d/README.md: fix formatting, note priority	2023-09-28 14:35:21 +03:00
Aminda Suomalainen	c0fcc82c4d	sshd_config: add 00- prefix to basic-security.conf as apparently first wins in ssh	2023-09-28 14:34:13 +03:00
Aminda Suomalainen	f20e23df42	sshd_config.d: maybe keyed root login is fine in special case of SteamOS on Steam Deck?	2023-09-27 18:02:50 +03:00
Aminda Suomalainen	71a8913d37	update submodule etc/chrony/sources.d/jauderho-nts-servers	2023-09-27 12:21:32 +03:00
Aminda Suomalainen	dfcbc7e971	systemd/timesyncd.conf.d: sync sources from Chrony This is for SteamOS, although without Yggdrasil (that I am not hacking in yet) and NTS which systemd-timesyncd doesn't do to my knowledge	2023-09-27 12:16:55 +03:00
Aminda Suomalainen	9429b48aaa	etc/iwd/main.conf: throw in comments on defaults	2023-09-26 17:33:12 +03:00
Aminda Suomalainen	ce7ab5ea40	grub/forcefsck: add fsck.repair=yes	2023-09-24 17:26:40 +03:00
Aminda Suomalainen	49d6dfc766	update submodule etc/chrony/sources.d/jauderho-nts-servers	2023-09-17 20:29:37 +03:00
Aminda Suomalainen	24eb3890c2	systemd-resolved: prefer IPv6 over IPv4	2023-09-10 11:16:57 +03:00
Aminda Suomalainen	1e3a7f8fa3	systemd-resolved/dns-over-tls.conf: drop appliedprivacy#443 to the bottom of the list Apparently systemd-resolved wants to go in strict order and thus it's always sending my queries to distant Austria instead of neighbouring regions	2023-09-10 11:10:39 +03:00
Aminda Suomalainen	e2829267d7	systemd: add debugging & symlinks for networkd, resolved, never-fail networkd	2023-09-10 11:07:11 +03:00
Aminda Suomalainen	c7b5330dfb	systemd/resolved/dot: add missing bracket, remove extra ones Apparently IPv6 must only be surrounded by brackets, otherwise it's invalid syntax	2023-09-10 09:52:59 +03:00
Aminda Suomalainen	1d8e457f97	systemd-resolved: add dns-over-tls.conf mimicing unbound's equivalent	2023-09-10 09:31:35 +03:00
Aminda Suomalainen	4d68dd7e7f	systemd: add journald.conf.d/.gitignore as a placeholder	2023-08-24 16:12:43 +03:00
Aminda Suomalainen	27dacbf5f8	systemd-networkd: add commented RequiredFamilyForOnline= under [Link]	2023-08-23 14:40:18 +03:00
Aminda Suomalainen	2e1a5cbfe1	chrony: add ca-certificates.conf to explicitly specify their location	2023-08-20 11:13:51 +03:00
Aminda Suomalainen	5120a7aff8	update submodule jauderho-nts-servers	2023-08-20 11:13:28 +03:00
Aminda Suomalainen	78bb0cdcc8	etc/resolv.tsv: add Applied Privacy	2023-08-05 12:36:20 +03:00
Aminda Suomalainen	9fdeb56762	unbound.service.d: add fedora-network-pre.conf	2023-08-04 13:09:58 +03:00
Aminda Suomalainen	34b4ffb8ac	unbound/dns-over-tls.conf: cut to 443 and private ECS capable non-filtering servers	2023-08-04 12:45:03 +03:00
Aminda Suomalainen	d024ac1234	Revert "rm etc/unbound/unbound.conf.d/dns-over-tls.conf" This reverts commit `e9998f4079`.	2023-08-04 12:27:41 +03:00
Aminda Suomalainen	db6bdd6222	unbound.service.d: override to require dnsproxy for starting	2023-08-03 12:43:10 +03:00
Aminda Suomalainen	6fdfad9e93	dnsproxy.service: return to network-pre.target	2023-08-03 12:41:58 +03:00
Aminda Suomalainen	5acec4c00e	dnsproxy.service: second-guess to start after network-noline.target and before unbound.service?	2023-08-03 12:15:24 +03:00
Aminda Suomalainen	809d723293	systemd: fix symlinks to never-fail.conf Technically they would still work through the yggdrasil symlink, but I don't like it	2023-08-03 11:54:01 +03:00
Aminda Suomalainen	bbd7a02b60	dnsproxy.service: start before network management and hope it handles dynamic network conditions	2023-08-03 11:50:52 +03:00
Aminda Suomalainen	918bdc2a97	systemd: move never-fail to more appropiate location	2023-08-03 11:50:12 +03:00
Aminda Suomalainen	f3c9d1006b	update submodule etc/chrony/sources.d/jauderho-nts-servers	2023-07-29 21:31:46 +03:00
Aminda Suomalainen	2738d239ce	etc/yum.repos.d: add librewolf-repo.repo	2023-07-13 12:24:14 +03:00
Aminda Suomalainen	eab5c3b07e	systemd/network: add number prefixes as per man systemd.network	2023-07-05 10:57:03 +03:00
Aminda Suomalainen	5749b2c0fa	update submodule etc/chrony/sources.d/jauderho-nts-servers	2023-07-04 11:46:33 +03:00
Aminda Suomalainen	a13a0dd86b	systemd-networkd: match naming with types	2023-07-04 11:45:29 +03:00
Aminda Suomalainen	8cc9353374	systemd-networkd: configure based on type rather than name, add a comment on MACAddress matching Resolves: warnings on potentially unpredictable interface names.	2023-07-04 11:24:29 +03:00
Aminda Suomalainen	d3c613bc41	etc/iwd/main.conf: add spacing, comment AddressRandomization=disabled for Realtek	2023-06-25 17:58:41 +03:00
Aminda Suomalainen	30253761b3	systemd/network: enable IPv6 Privacy Extensions and link-local stable-privacy	2023-06-25 14:13:00 +03:00
Aminda Suomalainen	cbdfc0f46d	systemd-networkd: unmanage wlan0	2023-06-25 10:36:29 +03:00
Aminda Suomalainen	6159876f05	unbound/blocklist.conf: add {reddit,twitter}.com to support the protest	2023-06-11 18:53:16 +03:00
Aminda Suomalainen	f61d8c3edb	systemd/dnsproxy.service: use the same DNS0 for bootstrap as DoH	2023-06-11 08:56:04 +03:00
Aminda Suomalainen	c54a8c0a10	update submodule etc/chrony/sources.d/jauderho-nts-servers	2023-06-10 08:20:22 +03:00
Aminda Suomalainen	7ac9b9a7cc	etc/unbound/blocklist: remove duplicates, add graph.facebook.com `local-zone: "google-analytics.com." always_refuse` implies subdomains	2023-06-06 12:09:48 +03:00
Aminda Suomalainen	5d00ccaf6b	unbound: add blocklist-tld.conf mainly for zip & mov	2023-05-28 10:36:52 +03:00
Aminda Suomalainen	1b1514f993	systemd: add masks required by tlp as a note to self	2023-05-25 07:48:22 +03:00
Aminda Suomalainen	8fb52ec8f2	add shfmt	2023-05-18 11:58:51 +03:00
Aminda Suomalainen	687a6433bb	add & run prettier-plugin-nginx	2023-05-18 11:35:13 +03:00
Aminda Suomalainen	e0dc070cd1	etc/nginx: append .nginx to file names in preparation of prettier-nginx	2023-05-18 11:17:24 +03:00
Aminda Suomalainen	ca2956b678	unbound/blocklist: note encrypted client hello	2023-05-13 17:17:20 +03:00
Aminda Suomalainen	603ac4a011	unbound/blocklist.conf: remove Mozilla Telemetry	2023-05-13 17:16:17 +03:00
Aminda Suomalainen	fdeab81c2b	unbound/blocklist.conf: add matrix.to as dared by !KMbEUhVQHLwZHmwzKX:matrix.org	2023-05-13 17:14:45 +03:00
Aminda Suomalainen	19f3a0b720	update submodule jauderho-nts-servers	2023-05-12 09:30:28 +03:00
Aminda Suomalainen	58ead9302c	etc/apt/sources.list: keep adding non-free-firmwares Fixes: `94d26e811a` Resolves: #159	2023-05-12 09:29:32 +03:00
Aminda Suomalainen	42f1c58fa0	etc/yum.repos.d: add vivaldi	2023-05-08 20:54:22 +03:00
Aminda Suomalainen	442a4fb89a	update submodules	2023-05-04 15:57:12 +03:00
Aminda Suomalainen	94d26e811a	etc/apt/sources.list: enable non-free-firmware for Debians Resolves: #159	2023-04-10 17:07:48 +03:00
Aminda Suomalainen	8309e9254e	ssh_config: StrictHostKeyChecking accept-new	2023-04-03 11:03:48 +03:00
Aminda Suomalainen	0a5e526cc5	systemd-networkd/eth0: don't require being up Resolves: #157	2023-03-31 13:33:27 +03:00
Aminda Suomalainen	5f6bddfe8a	systemd: add NetworkManager-wait-online.service & systemd-networkd-wait-online.service to refresh my memory	2023-03-25 18:32:23 +02:00
Aminda Suomalainen	bae5e38347	etc/samba/playstation2.conf: apparently both log level & syslog lines are needed	2023-03-25 12:12:57 +02:00
Aminda Suomalainen	3e9331c84f	etc/samba/playstation2.conf: move deadtime & keepalive to [global]	2023-03-25 12:05:43 +02:00
Aminda Suomalainen	4757f05060	etc/samba/playstation2.conf: fix logging?	2023-03-25 12:03:54 +02:00
Aminda Suomalainen	f43106f002	etc/samba/playstation2.conf: enable logging	2023-03-25 11:55:54 +02:00
Aminda Suomalainen	e491a114a1	etc/samba/playstation2.conf: disable deadtime, shorten keepalive	2023-03-25 11:46:33 +02:00
Aminda Suomalainen	7ea097c6fe	etc/resolv.conf: search for . Resolves: #156	2023-03-24 10:37:52 +02:00
Aminda Suomalainen	6333883dc3	etc/samba/playstation2.conf: document issues coming up with real hardware	2023-03-14 16:57:14 +02:00
Aminda Suomalainen	30684318aa	etc/resolv.tsv: test ECS support of some empty fields	2023-03-11 15:54:04 +02:00
Aminda Suomalainen	33301bb8e5	etc/chrony/sources.d: update submodule	2023-03-11 08:18:48 +02:00
Aminda Suomalainen	cc0e5514ab	etc/chrony/sources.d: update submodule, add license information, add German servers	2023-03-10 09:49:35 +02:00
Aminda Suomalainen	4f7d891f68	jauderho-nts-servers: update submodule	2023-03-09 11:45:58 +02:00
Aminda Suomalainen	1b113e0c3e	etc/systemd/network: add commented DHCP=yes	2023-03-07 15:02:13 +02:00
Aminda Suomalainen	514ed85374	etc/systemd/network: update samples and comments to reflect my current views	2023-03-07 14:46:28 +02:00
Aminda Suomalainen	d51d8e810a	update submodule, symlink	2023-03-07 12:08:53 +02:00
Aminda Suomalainen	a80342b82b	etc/samba/playstation2.conf: rename share to PS2SMB, update comments	2023-03-03 17:14:19 +02:00
Aminda Suomalainen	e265916ba1	etc/samba/playstation2.conf: initial commit	2023-03-03 09:54:02 +02:00
Aminda Suomalainen	e9998f4079	rm etc/unbound/unbound.conf.d/dns-over-tls.conf I think the file is inherently flawed due to different types of filtering/non-filtering resolvers, different locations, unknown ECS policies etc. Importantly I am not actively looking at this and just came across old version running in production	2023-02-26 09:15:19 +02:00
Aminda Suomalainen	5350804d41	etc/resolv.tsv: remove /fi/ from DNS0.eu ECS links	2023-02-25 14:33:52 +02:00
Aminda Suomalainen	e839c83f53	etc/resolv.tsv: add EDNS Client-Subnet support & sources	2023-02-25 14:12:39 +02:00
Aminda Suomalainen	e520e78c1a	etc/resolv.tsv: add/update AdGuard	2023-02-25 13:58:47 +02:00
Aminda Suomalainen	06f6f2f2a6	etc/resolv.conf: uncomment trust-ad less dd to press when actually applying this	2023-02-24 08:43:41 +02:00
Aminda Suomalainen	faf242d8ca	etc/yum.repos.d: add brave beta & nightly Yes, the upstream instructions say nightly and beta have the same key	2023-02-23 21:28:52 +02:00
Aminda Suomalainen	0cfb5859ad	dnsproxy: remove --user that doesn't apply anymore	2023-02-23 14:31:48 +02:00
Aminda Suomalainen	4761b94331	dnsproxy.service: convert to system service	2023-02-23 14:25:12 +02:00
Aminda Suomalainen	9bdc67dd29	unbound & systmed-resolved: add DNS0 open Ref: #153	2023-02-23 10:11:03 +02:00
Aminda Suomalainen	cc5e7b7225	unbound: add DNS0 & DNS0 zero DoT config Resolves: #153	2023-02-22 10:58:04 +02:00
Aminda Suomalainen	a2c3d9248d	fix ends of lines	2023-02-21 20:11:35 +02:00
Aminda Suomalainen	b39b5db0d4	run prettier on markdown again?	2023-02-21 19:33:31 +02:00
Aminda Suomalainen	2e6a03d402	sastisfy editorconfig check	2023-02-21 19:08:54 +02:00
Aminda Suomalainen	19994e3286	run prettier	2023-02-21 17:54:39 +02:00
Aminda Suomalainen	fcb57144c9	chmod -x *.desktop && add .pre-commit-config.yaml	2023-02-21 16:16:33 +02:00
Aminda Suomalainen	1706269308	etc/resolv.tsv: add dns0 open Resolves: #154	2023-02-21 12:57:55 +02:00
Aminda Suomalainen	1385bf6105	ssh_config: comment ProxyCommand I just keep disabling it anyway so it's more harm than good	2023-02-21 10:11:34 +02:00
Aminda Suomalainen	4a20f75d3c	etc/systemd/resolved.conf.d: add DNS0 DoT configs Their website already had the correct syntax for the entries Ref: #153	2023-02-20 11:49:31 +02:00
Aminda Suomalainen	8e3244f785	etc/resolv.tsv: add mobileconfig links This is just the official ones I found, I could link to encrypted-dns.party, but that is a task for later, I can find it without this file Resolves: #152	2023-02-20 11:43:32 +02:00
Aminda Suomalainen	5ee54038de	etc/ssh/ssh_config: retab	2023-02-17 17:29:45 +02:00
Aminda Suomalainen	ff524fec97	etc/yum.repos.d: add fedora-crystal.repo	2023-02-13 17:47:23 +02:00
Aminda Suomalainen	1b243c279d	resolv.tsv: fix formatting	2023-02-13 11:52:43 +02:00
Aminda Suomalainen	4257bf5341	etc: resolv.csv -> resolv.tsv	2023-02-13 11:44:36 +02:00
Aminda Suomalainen	8ab861d791	etc/iwd/main.conf: uncomment "AddressRandomizationRange=nic" and update comment	2023-02-10 22:04:12 +02:00
Aminda Suomalainen	421087e536	etc/resolv.csv: add DNS0.eu Resolves: #150	2023-02-09 11:56:09 +02:00
Aminda Suomalainen	47eaebeece	etc/chrony/sources.d: submodule the curated NTS server list gist for future discoverability This repository is random anyway and has files that don't belong such as resolv.csv	2023-02-06 10:43:46 +02:00
Aminda Suomalainen	36c2688cec	etc/systemd/system/unbound.service.d/never-fail.conf: unbound isn't allowed to fail either	2023-02-03 10:59:31 +02:00
Aminda Suomalainen	3439b284a7	etc/iwd/main.conf: note that AddressRandomizationRange=nic has 254 possible addresses	2023-01-28 18:37:43 +02:00
Aminda Suomalainen	6b2cb6575b	etc/iwd/main.conf: add a comment(ed/) on AddressRandomizationRange=nic	2023-01-27 13:21:32 +02:00
Aminda Suomalainen	ebc01c16eb	{etc,var/lib/}iwd/: read manual, adjust accordingly	2023-01-27 10:51:51 +02:00
Aminda Suomalainen	d2dc35b2d1	etc/iwd/main.conf: add egrep to the check/refresh command	2023-01-22 21:06:46 +02:00
Aminda Suomalainen	86b2bbabcb	etc/iwd/main.conf: fix comment typos, remove unnecessary section Channel ranking on Lumina was unrelated to 5 GHz not getting used.	2023-01-22 21:02:15 +02:00
Aminda Suomalainen	a92c1444c7	etc/iwd/main.conf: mention iw dev wlan0 scan	2023-01-22 17:43:47 +02:00
Aminda Suomalainen	da914331ea	etc/iwd/main.conf: update the comment on how I perceive Country to work	2023-01-22 17:13:54 +02:00
Aminda Suomalainen	825f2745de	etc/iwd/main.conf: request regdom/Country FI	2023-01-22 08:11:03 +02:00
Aminda Suomalainen	53dcbb1d28	etc/iwd: attempt to prefer 5&6 GHz over 2.4 GHz	2023-01-21 18:32:44 +02:00
Aminda Suomalainen	edadd1f453	etc/iwd/main.conf: initial commit	2023-01-06 14:50:14 +02:00
Aminda Suomalainen	3aa962024e	etc/NetworkManager/conf.d/iwd.conf: add wifi.iwd.autoconnect=true This seems to affect nothing though	2023-01-06 14:02:55 +02:00
Aminda Suomalainen	caa0d5e185	etc/ssh/ssh_config: add VisualHostKey yes	2022-12-19 19:42:10 +02:00
Aminda Suomalainen	c9251b5acd	chrony/conf.d: add require-nts.conf Resolves: #148	2022-12-06 14:47:45 +02:00
Aminda Suomalainen	6cf6426df6	etc/chrony/sources.d/dna-moi: turn to pool of 3	2022-12-05 13:21:52 +02:00
Aminda Suomalainen	28068278c4	chrony/sources.d/finland.sources: add mikes time{1,2,3}	2022-12-05 12:49:23 +02:00
Aminda Suomalainen	77dfbf59af	etc/dnf/dnf.conf: add a commented cachedir for zaldaryn	2022-11-30 17:56:17 +02:00
Aminda Suomalainen	0619d60340	etc/chrony/README.md: note GH cadusilva's check command Ref: #148	2022-11-26 12:30:24 +02:00
Aminda Suomalainen	b94e62b884	chrony/sources.d/nts: add System76 Paris & time.nl Ref: #148	2022-11-26 12:28:01 +02:00
Aminda Suomalainen	c484b20cb3	chrony/sources.d/finland: remove snopyta part of the NTP pool anyway	2022-11-26 12:13:18 +02:00
Aminda Suomalainen	b350e525e6	etc/ssh/ssh_config: torify ssh	2022-10-10 23:00:16 +03:00
Aminda Suomalainen	1de04a8367	unbound/00-insecure-domains.conf: add http.badssl.com, my captive portal trigger goto	2022-10-03 22:01:15 +03:00
Aminda Suomalainen	9ad97b4560	etc/default/grub.d: add cpufreq-powersave.cfg	2022-09-21 16:34:28 +03:00
Aminda Suomalainen	b16a6a428c	etc/tlp.d/lumina.conf: add powersave cpu governor	2022-09-21 16:32:12 +03:00
Aminda Suomalainen	903774fc10	dnf.conf: set commented timeout to 2, note not setting it lower Otherwise there is trouble with the default value of 'migrate' and too many working mirrors start failing	2022-09-17 21:51:13 +03:00
Aminda Suomalainen	037b57fe00	etc/dnf/dnf.conf: add commented timeout (30 -> 5 seconds) S3 seems down and I am not patient enough to wait for 30 seconds X times	2022-09-17 21:42:15 +03:00
Aminda Suomalainen	d2bbe52a21	etc/yum.repos.d: replace unstable protonvpn with stable	2022-09-17 20:20:55 +03:00
Aminda Suomalainen	b4c663db73	torrc-client: update hybridirc-onion	2022-09-02 13:25:23 +03:00
Aminda Suomalainen	d2aeabb1c9	etc/pki/ca-trust/source/anchors/README.md: add a note on installing CA certificates	2022-08-15 18:42:46 +03:00
Aminda Suomalainen	71cc6e18ef	etc/yum.repos.d: add brave-browser.repo I am not impressed by the upstream documentation.	2022-07-05 17:54:39 +03:00
Aminda Suomalainen	e9fcfbb1c3	sysctl.d/99-ssd-swappiness.conf: add reminder on earlyoom	2022-06-24 23:15:59 +03:00
Aminda Suomalainen	3c23a31d18	etc/sysctl.d: add 99-ssd-swappiness.conf (and .gitignore) The default 99-sysctl.conf doesn't have to be here, it's a symlink to top directory anyway.	2022-06-13 17:20:53 +03:00
Aminda Suomalainen	3e3added6c	etc/tlp.d: add lumina.conf	2022-06-04 14:17:22 +03:00
Aminda Suomalainen	1c86e28c67	etc/yum.repos.d/README.md: note `sudo fedora-third-party enable`	2022-04-21 09:13:44 +03:00
Aminda Suomalainen	e74d1b6eea	etc/tor: add torrc.d, README, http.conf	2022-04-12 15:10:45 +03:00
Aminda Suomalainen	bb7f283891	Revert "systemd/matterbridge.service: import parts of upstream" This reverts commit `35aea33043`. Ref: https://github.com/42wim/matterbridge/issues/1794	2022-04-04 09:50:46 +03:00
Aminda Suomalainen	35aea33043	systemd/matterbridge.service: import parts of upstream https://github.com/42wim/matterbridge/wiki/Service-files#systemd	2022-04-04 08:35:23 +03:00
Aminda Suomalainen	12db5c8841	torrc-client: uncomment 8118	2022-03-31 08:26:55 +03:00
Aminda Suomalainen	82ef806e9f	systemd-resolved README: add quickstart, remove extra h-levels	2022-03-28 20:43:03 +03:00
Aminda Suomalainen	17da76e484	systemd/resolved/README.md: add the ArchWiki DNSSEC issue links	2022-03-28 20:37:37 +03:00
Aminda Suomalainen	f55c00dae6	systemd/resolved/README.md: add missing word, improve formatting	2022-03-28 20:36:11 +03:00
Aminda Suomalainen	8c532e3ef8	etc…resolved…: add/clarify links in/to comments Courtesy of https://wiki.archlinux.org/title/Systemd-resolved#DNSSEC	2022-03-28 20:34:37 +03:00
Aminda Suomalainen	d47c374706	etc/ststemd/resolved…: aggressive cleanup/rewriting	2022-03-28 20:28:17 +03:00
Aminda Suomalainen	64bba542b1	systemd/matterbridge.service: remove -debug, mention /groupId	2022-03-18 10:44:25 +02:00
Aminda Suomalainen	76814f830f	etc/{i2pd,systemd}: modernise to less bad ideas The issue has been fixed last year and considering I2Pd can connect through Yggdrasil natively, tunneling Yggdrasil in is a bad idea and could lead into Yggdrasil over Yggdrasil loop situation.	2022-03-08 18:18:40 +02:00
Aminda Suomalainen	3513928492	etc/tor/torrc-client: add PirateIRC	2022-03-02 14:44:13 +02:00
Aminda Suomalainen	5613e1bd9a	etc/tor/…-client: add hybridirc onion	2022-02-26 21:07:39 +02:00
Aminda Suomalainen	d2e21e9b4e	etc/resolv.csv: add OpenDNS DoT with a question mark Ref: #127	2022-02-23 09:58:06 +02:00
Aminda Suomalainen	859bc2a28c	etc/sudoers.d: add restart-matterbridge Allows restarting matterbridge passwordlessly	2022-02-14 12:14:22 +02:00
Aminda Suomalainen	0778849f34	etc/sudoers.d: rm protonvpn TODO: figure out does the hibernate file have reason for existing, I have faint idea of the package being removed	2022-02-14 12:07:47 +02:00
Aminda Suomalainen	018f80e6fe	etc/pkcs11/modules: correct libcryptoki & README	2022-02-10 17:40:40 +02:00
Aminda Suomalainen	33950a762e	etc/pkcs11/modules: add README.md,libcryptoki.module	2022-02-10 16:33:49 +02:00
Aminda Suomalainen	82d2146706	etc/tor/client: remove PirateIRC and freenode PirateIRC with Ergo is yet to get onion setup and I imagine freenode destroyed their onion a long time ago. I haven't been using it though.	2022-01-17 17:31:33 +02:00
Aminda Suomalainen	df3e710c60	etc/tor/torrc-client: add MapAddress for OFTC	2022-01-17 17:30:39 +02:00
Aminda Suomalainen	f0029674e7	etc/apt/sources.list: also update debug.mirrors.debian.org onion Resolves: #124	2022-01-16 19:17:48 +02:00
Aminda Suomalainen	4c6cc2391f	etc/apt/sources.list: attempt to update to onionV3 Resolves: #124	2022-01-16 19:06:41 +02:00
Aminda Suomalainen	f58d0d7d01	ssh/user-permit-password: add example for multiple users	2022-01-16 15:15:09 +02:00
Mikaela Suomalainen	1356fccd20	systemd: add flatpak-update.{service,timer} Resolves: #121	2021-12-18 13:45:53 +02:00
Mikaela Suomalainen	1b4ac2b6d7	etc/systemd/system.conf.d: add log4shell.conf	2021-12-13 13:09:35 +02:00
Mikaela Suomalainen	5704353d55	systemd: copy matterbridge restarter into gitea one It used to stop working randomly without a good reason, but that is likely fixed upstream a long time ago and while I removed it from cron, these units exist so should the issue recur, I can throw these back in. The cron wasn't randomized though, but I don't think there is harm in this being a bit random.	2021-12-06 23:48:40 +02:00
Mikaela Suomalainen	8e69874534	matterbridge-restart.timer: fix language	2021-12-06 23:48:30 +02:00
Mikaela Suomalainen	8209a74c6b	etc: small xdg/autostarts updates: * pulseeffects -> easyeffects * wire -> deprecated/ * telegramdesktop.desktop: add workaround (and supposedly it didn't exist here, #42) Resolves: #42	2021-12-02 19:52:34 +02:00
Mikaela Suomalainen	bd91ef704d	systemd: matterbridge.timer -> matterbridge-restart.{service,timer} Resolves: #98	2021-11-22 09:56:56 +02:00
Mikaela Suomalainen	9ba056cfd3	matterbridge-cleanup.service: fix typo, ignore exit state	2021-11-21 17:15:12 +02:00
Mikaela Suomalainen	62573195d9	systemd: add matterbridge-cleanup.{service,timer} Resolves: #98	2021-11-21 17:11:44 +02:00
Mikaela Suomalainen	13278214d1	matterbridge.timer: OnBootSec=0 just in case Ref: #98	2021-11-21 16:59:05 +02:00
Mikaela Suomalainen	29f7cf6b98	systemd: first attempt at matterbridge restarter timer Ref: #98	2021-11-21 16:52:14 +02:00
Mikaela Suomalainen	4f50f4a367	systemd-resolved: don't DNSSEC with adblocking	2021-11-21 11:37:03 +02:00
Mikaela Suomalainen	12fe7a59a8	etc/systemd/resolved: add configuration for Mullvad DoT	2021-11-21 11:16:11 +02:00
Mikaela Suomalainen	d49b78680b	etc/resolv.csv: add CZ.NIC ODVR Ref: #110 Ref: #112	2021-11-07 18:59:16 +02:00
Mikaela Suomalainen	1e40420115	unbound: rm outdated yggdrasil-override Ref: #89	2021-10-05 12:38:16 +03:00
Mikaela Suomalainen	bfa51f500b	unbound/dns-over-tls.conf: stop advertising Debian 9	2021-10-05 12:34:10 +03:00
Mikaela Suomalainen	ee293669d9	unbound: add dot-flushable-cache.conf Resolves: #105	2021-10-05 12:33:40 +03:00
Mikaela Suomalainen	862808fe07	etc/yum.repos.d: partially rewrite README.md Main problem was "dnf still reads this repository apparently" where the word "repository" was wrong, and I couldn't fix it without changing everything :)	2021-10-05 12:18:42 +03:00
Mikaela Suomalainen	4b57b299cc	etc/yum.repos.d/*.repo: rename descriptively The fedora-dino.repo was unfriendly towards Windows (#106) and I noticed that the other renamed files contained Fedora, so I think they should be named appropiately. microsoft-edge-dev.repo mentioned generally yumrepos, so it seems to not be Fedora specific.	2021-10-05 12:13:11 +03:00
Mikaela Suomalainen	e49187f9dc	chrony/README: fix Windows doc	2021-10-05 10:59:53 +03:00
Mikaela Suomalainen	12127744b5	systemd: also keep trying Chrony	2021-10-03 09:58:59 +03:00
Mikaela Suomalainen	84e714b55e	systemd: keep retrying yggdrasil, don't sleep	2021-10-03 09:58:03 +03:00
Mikaela Suomalainen	38ef6e7314	chrony/sources/nts: add nts.netnod.se They appear to be the only bigger party hosting NTS in addition to Cloudflare and being in neighbouring country isn't too bad Via https://gist.github.com/jauderho/2ad0d441760fc5ed69d8d4e2d6b35f8d which encouraged me to look into them a bit more. Additionally having read chrony or chrony.conf manual on default behaviour implying NTS servers are "require trust" and when mixing them with NTP servers, NTP servers never get selected unless they agree with NTS servers.	2021-09-26 21:28:06 +03:00
Mikaela Suomalainen	61ad1e935b	00-ptrace-restricted.conf: set to 3 I cannot remember when I last needed it and this makes Edgium about:sandbox happy	2021-09-06 18:45:38 +03:00
Mikaela Suomalainen	575b68fe3a	etc/apt/sources.list/stable: update security name https://www.debian.org/releases/bullseye/amd64/release-notes/ch-information.en.html#security-archive	2021-08-15 00:42:58 +03:00
Mikaela Suomalainen	c8189a3aa6	chrony/yggdrasil.sources: update jolly-roger address	2021-08-08 00:07:01 +03:00
Mikaela Suomalainen	a7ea71ae38	chrony/conf.d: add cmd.conf Ref: #95 which this attempts to workaround and fails	2021-08-07 23:56:38 +03:00
Mikaela Suomalainen	a43478e430	chrony: add broken NTS configuration Ref: #94	2021-08-07 23:52:15 +03:00
Mikaela Suomalainen	a9f34a8d1c	sysctl/questionable: 99-nonlocalbind.conf Resolves: #55	2021-06-27 17:43:34 +03:00
Mikaela Suomalainen	8f09ff7d45	chrony/confdir: add fedora-sourcedir.conf Fedora doesn't specify non-DHCP sourcedir by default so I specify one here	2021-06-26 23:24:51 +03:00
Mikaela Suomalainen	0c5413171f	sysctl.d: add 00-max-ipv6-route.conf	2021-06-20 00:42:24 +03:00
Mikaela Suomalainen	1c0073920a	pipewire/README: more on pro-audio, alsamixer and not deafening	2021-06-19 23:45:19 +03:00
Mikaela Suomalainen	c73d7a3a0c	sysctl.d: 00-magicsysrq.conf -> 60-magicsysrq.conf Otherwise Fedora seems to overwrite it with priority 50 file	2021-06-19 15:49:27 +03:00
Mikaela Suomalainen	3b99675a34	etc/sysctl.d: go through, mkdir questionable/ Resolves: #93	2021-06-19 15:41:49 +03:00
Mikaela Suomalainen	9c7d0c6210	etc/ssh/config.d: add example.conf So I can stop having to dig this from manual every time I want to configure a new host, and a couple of options I haven't used previously, but could as they seem nice	2021-06-18 13:48:41 +03:00
Mikaela Suomalainen	a5836327c4	etc: pipewire & bluetooth: enable codes, battery reporting https://web.archive.org/web/20210614103423/https://www.redpill-linpro.com/techblog/2021/05/31/better-bluetooth-headset-audio-with-msbc.html	2021-06-14 13:36:34 +03:00
Mikaela Suomalainen	437a417697	etc/pipewire/…: say that using Pro-audio is enough fix	2021-06-14 12:13:57 +03:00
Mikaela Suomalainen	93823eabd6	sysctl.d: add 23-starts-unprivileged-ports.conf Self-explanatory within comments. Link list notes to selves contributing into this version: * https://kernelnewbies.org/Linux_4.11 * https://stackoverflow.com/a/51439516 * https://stackoverflow.com/questions/413807/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux#comment90027734_51439516 * https://developer.apple.com/forums/thread/674179 * https://news.ycombinator.com/item?id=18302380 * https://security.stackexchange.com/q/242859 * https://stackoverflow.com/questions/413807/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux#comment90027734_51439516	2021-06-12 21:52:39 +03:00
Mikaela Suomalainen	75731868e7	unbound/dns-over-tls.conf: allow non-Finnish anycast & note being used on servers	2021-06-11 19:39:57 +03:00
Mikaela Suomalainen	126918d98d	systemd/limnoria.service: add TZ env & RestartSec	2021-06-02 17:50:30 +03:00
Mikaela Suomalainen	30a308d29f	torrc-client: add MapAddress for palladium.libera.chat https://libera.chat/guides/connect#verifying-tor-tls-connections	2021-05-27 17:50:03 +03:00
Mikaela Suomalainen	6576e83901	etc/tor/torrc-client: add irc.ergo.chat	2021-05-27 02:52:30 +03:00
Mikaela Suomalainen	6f7016a596	torrc-client: add irc.liberta.casa	2021-05-22 13:16:26 +03:00
Mikaela Suomalainen	c1768cae67	systemd: "rewrite" supybot -> limnoria, move znc, rmdir irc/	2021-05-16 18:00:31 +03:00
Mikaela Suomalainen	306270c441	etc/systemd: rm cjdns & miredo, I am unlikely to use them again	2021-05-16 11:15:34 +03:00
Mikaela Suomalainen	49facd9d39	etc/dnf.conf: comment tor example	2021-05-05 20:43:52 +03:00
Mikaela Suomalainen	aa18d746db	etc/pipewire/README.md: cut a long line into two	2021-05-05 11:02:53 +03:00
Mikaela Suomalainen	4b445c2aaf	etc/pipewire: remove the ...example.donotuse I am quite sure that the config file has changed so much that the file wouldn't work anyway and I don't think I really need it with the important part being in the README.md	2021-05-05 11:01:50 +03:00
Mikaela Suomalainen	c6a75f0962	ssh/anoncvs.conf: fix typo	2021-05-04 16:18:31 +03:00
Mikaela Suomalainen	447e8192c2	etc/default/grub.d: add remember-previous.cfg	2021-04-30 20:05:22 +03:00
Mikaela Suomalainen	ad6ac7d45e	dnf.conf: double max_parallel_downloads	2021-04-28 12:32:58 +03:00
Mikaela Suomalainen	1ad289aa49	unbound/dot-mullvad-adblock.conf: add missing port number	2021-04-27 21:40:16 +03:00
Mikaela Suomalainen	41879fe5e8	unbound.conf.d: rm dns-mullvad, add dot-mullvad[-adblock]	2021-04-27 21:35:58 +03:00
Mikaela Suomalainen	61d19724fa	resolv.csv: add Mullvad	2021-04-27 21:30:46 +03:00
Mikaela Suomalainen	e4c9d168ba	yum.repos.d: add tor.repo	2021-03-28 09:41:15 +03:00
Mikaela Suomalainen	6f8c7de6af	unbound.conf.d: add 00-insecure-domains.conf (WiFi repeater config)	2021-03-14 21:00:32 +02:00
Mikaela Suomalainen	3b4847f447	yum.repos.d/protonvpn-unstable: remove unneeded expansions Fixes pkcon complaining	2021-03-13 18:29:30 +02:00
Mikaela Suomalainen	134999487f	yum.repos.d: add microsoft-edge-dev.repo	2021-03-07 16:46:47 +02:00
Mikaela Suomalainen	93b9bc5ba6	yum.repos.d: move Dino from README to .repo	2021-03-07 16:37:15 +02:00
Mikaela Suomalainen	267f68ae80	yum.repos.d: add microsoft-prod.repo	2021-03-07 16:36:04 +02:00
Mikaela Suomalainen	e5c259eda6	README.md: write about soft-mixer	2021-03-02 12:21:58 +02:00
Mikaela Suomalainen	85d97aec3e	apt/preferences.d/pulseaudio: pin priority -1 backports too	2021-03-01 19:08:18 +02:00
Mikaela Suomalainen	51b0b5dde5	sudoers.d/protonvpn: add more paths & potential legacy note	2021-02-27 09:02:10 +02:00
Mikaela Suomalainen	5903664cb7	yum.repos.d: add protonvpn-unstable.repo	2021-02-26 14:10:38 +02:00
Mikaela Suomalainen	f21e22e80f	etc/sudoers.d: fix name, make notes to README.md	2021-02-26 11:34:20 +02:00
Mikaela Suomalainen	267dd77604	im.riot.Riot.desktop: add missing word "run"	2021-02-19 14:27:16 +02:00
Mikaela Suomalainen	8463fa8f5c	local/share/applications: Riot -> Element Package name hasn't changed though so I imagine the icon is the same too	2021-02-19 13:59:27 +02:00
Mikaela Suomalainen	95a44d0be9	etc/pipewire: document the volume cutoff (pulseaudio style) workaround	2021-02-18 14:51:22 +02:00
Mikaela Suomalainen	c8e89a5817	systemd: add coredump.conf.d/biggercores.conf	2021-02-18 14:47:23 +02:00
Mikaela Suomalainen	8155bec959	sysctl.d: add 00-quic-go-udp-receive-buffer.conf So I will remember it's existence	2021-02-13 09:36:28 +02:00
Mikaela Suomalainen	a0c61231f4	systemd/resolved.conf.d: add snopyta-strict.conf While posting an example how I would do it I might as well put it here	2021-02-10 16:12:42 +02:00
Mikaela Suomalainen	288b010fe5	sshd: move mikaela-prohibit-password.conf to broken/ Apparently OpenSSH only allows PasswordAuthentication yes within a Match block.	2021-02-02 14:12:43 +02:00
Mikaela Suomalainen	1be2720861	sshd: explicitly "terminate" Match blocks by Match All https://unix.stackexchange.com/a/303982/17126 & man sshd_config	2021-02-02 13:58:35 +02:00
Mikaela Suomalainen	3260950712	sshd/anoncvs.conf: vcs users shouldn't ever be asked for a password even if the system would allow that.	2021-02-02 13:06:04 +02:00
Mikaela Suomalainen	2711c5975e	NetworkManager.conf.d: add no-search-domains.conf	2021-02-02 12:52:34 +02:00
Mikaela Suomalainen	7ad17f8087	sshd/user-permit-password.conf: note on how to allow specific user to use passwords	2021-02-01 17:11:06 +02:00
Mikaela Suomalainen	1503367c86	sshd_config & ….d/README: note min version & date	2021-01-31 13:51:06 +02:00
Mikaela Suomalainen	f75bc7bd07	sshd/basic-security.conf: remove deprecated option > /etc/ssh/sshd_config.d/basic-security.conf line 24: Deprecated option UsePrivilegeSeparation OpenSSH_8.4p1, OpenSSL 1.1.1i FIPS 8 Dec 2020	2021-01-31 13:39:51 +02:00
Mikaela Suomalainen	0151bee9b0	sshd/mikaela-prohibit-password.conf: add AuthenticationMethods publickey	2021-01-30 22:15:51 +02:00
Mikaela Suomalainen	f1ea1e17d9	etc/ssh: rm copy	2021-01-30 21:35:05 +02:00
Mikaela Suomalainen	0572613d99	etc/ssh: cut sshd_config into multiple .confs	2021-01-30 21:31:38 +02:00
Mikaela Suomalainen	c5fa3daf29	sshd_config.d: read Mozilla docs & adjust accordingly https://infosec.mozilla.org/guidelines/openssh	2021-01-30 21:18:41 +02:00
Mikaela Suomalainen	5211fb772c	sshd_config.d: add anoncvs.conf	2021-01-30 21:00:06 +02:00
Mikaela Suomalainen	de3a0739b4	sshd_config.d: add mikaela-prohibit-password.conf Resolves: #88	2021-01-30 20:50:21 +02:00
Mikaela Suomalainen	a7c643bb7a	etc/sshd_config.d: add basic-security.conf Ref: 88	2021-01-30 20:47:21 +02:00
Mikaela Suomalainen	8628ec28e0	yum.repos.d: add Dino	2021-01-30 11:01:17 +02:00
Mikaela Suomalainen	84ee7aeada	yum.repos.d: list Keybase too	2021-01-29 19:18:11 +02:00
Mikaela Suomalainen	27d1914424	etc: add dnf/dnf.conf & yum.repos.d/README.md	2021-01-29 19:15:08 +02:00
Mikaela Suomalainen	81296a241c	chrony: cut chrony.d/ into conf.d/ and sources.d/ I hope these are wider defaults than just Debian and allow me to not conflit with package manager, but regardless having a separate sources.d/ looks like a good idea for being able to `chronyc reload sources`	2021-01-29 12:56:38 +02:00
Mikaela Suomalainen	fc0730d7a5	sudoers.d/protonvpn.conf: add /usr/bin/protonvpn	2021-01-28 13:13:28 +02:00
Mikaela Suomalainen	16b19fb34d	torrc-client: add etro.mikaela.info	2021-01-26 19:42:25 +02:00
Mikaela Suomalainen	6216d8cda3	sudoers.d: add passwordless protonvpn-{tray,gui}	2021-01-16 20:40:21 +02:00
Mikaela Suomalainen	2df7aed162	chrony/yggdrasil: add comment & Kotka computers	2021-01-08 11:25:16 +02:00
Mikaela Suomalainen	0f94c59b81	chrony: add hetzner srevers	2020-12-19 13:03:54 +02:00
Mikaela Suomalainen	abb0c37ef2	unbound.conf.d: add yggdrasil-override.conf Begins #89 at a better time	2020-12-15 20:34:01 +02:00
Mikaela Suomalainen	b26c9f698d	chrony/yggdrasil: add Etro	2020-12-15 14:30:30 +02:00
Mikaela Suomalainen	b20f3367b1	systemd/yggdrasil: add mullvad-exclude (& fix chrony override typo)	2020-12-09 09:38:49 +02:00
Mikaela Suomalainen	36b6a99e85	chrony.d: local-servers: add notes + xleave to the first comment	2020-12-09 08:44:34 +02:00
Mikaela Suomalainen	40d535f2c0	systemd/chrony.service.d/mullvad-exclude: actually fix this	2020-12-08 18:36:34 +02:00
Mikaela Suomalainen	f92b8d8d05	chrony.d/yggdrasil.conf: add y.Jolly-Roger	2020-12-06 19:49:12 +02:00
Mikaela Suomalainen	e27e88efd8	chrony.d: add hwtimestamp.conf	2020-12-06 19:26:04 +02:00
Mikaela Suomalainen	4a25481db2	chrony/yggdrasil.conf: add Sedric	2020-12-06 18:36:23 +02:00
Mikaela Suomalainen	5e94147e81	chrony.d/yggdrasil.conf: initial commit	2020-12-06 18:02:43 +02:00
Mikaela Suomalainen	2a615d8241	chrony: note that confdir and NTS require 4.0	2020-12-03 10:52:47 +02:00
Mikaela Suomalainen	e9aefd711b	blocklist.conf: refuse blocked instead of nxdomain Only the Firefox DoH needs to be NXDOMAIN while REFUSE may be more accurate for the rest.	2020-11-21 12:13:55 +02:00
Mikaela Suomalainen	e7a6e00b83	unbound/dns-over-tls: comment Adguard & NextDNS for not being in FI	2020-11-15 09:46:50 +02:00
Mikaela Suomalainen	aadcc009a0	unbound/dns-over-tls.conf: add Adguard (unfiltered) & NextDNS	2020-11-12 16:12:18 +02:00
Mikaela Suomalainen	3289a812ee	unbound: add dns-mullvad.conf (not encrypted) Contains Mullvad Wireguard, OpenVPN and public addresses	2020-11-10 16:04:48 +02:00
Mikaela Suomalainen	9536101263	resolv.csv: add BlahDNS DoH CDNs Just doh1, because it and doh2 resolve into the same addresses for me and I don't want to add duplicate DoH field when only BlahDNS has two differnt addresses for the same thing.	2020-11-08 12:50:31 +02:00
Mikaela Suomalainen	49d969822b	etc/resolv.csv: add BlahDNS Resolves: #85	2020-11-04 12:56:48 +02:00
Mikaela Suomalainen	c302b10caf	chrony.d: restore log.conf	2020-11-01 11:57:57 +02:00
Mikaela Suomalainen	07e8c52f3b	chrony.d/local-servers: remove duplicate line it's in README.md	2020-11-01 11:36:30 +02:00
Mikaela Suomalainen	dced82b820	etc/chrony: break chrony.conf into README.md & chrony.d/	2020-11-01 11:23:59 +02:00
Mikaela Suomalainen	52458cc8aa	chrony.conf: add xleave for peer	2020-11-01 10:47:30 +02:00
Mikaela Suomalainen	84a669f51f	chrony.conf: add note for Windows on nettime	2020-10-31 18:10:25 +02:00
Mikaela Suomalainen	c55e6b97e8	chrony.conf: comments for nmap and VPNs	2020-10-31 14:34:47 +02:00
Mikaela Suomalainen	0c7038da14	systemd: systemd-resolved.service.d/unbound.conf: After unbound	2020-10-30 10:19:39 +02:00
Mikaela Suomalainen	fe83cbbb3a	systemd: add config for excluding Chrony from Mullvad	2020-10-30 08:04:58 +02:00
Mikaela Suomalainen	f878041e2e	unbound/dns-over-tls.conf: reverse order of providers It seems to have some (small?) relevance to where queries go to.	2020-10-29 16:24:52 +02:00
Mikaela Suomalainen	6e1f41533c	unbound/dns-over-tls.conf: comment the 443 appliedprivacy Thinking it a bit more, it's not useful to use their resources on devices that practically never encounter blocked port 853.	2020-10-29 13:22:19 +02:00
Mikaela Suomalainen	b03e00faaa	local/share/apps: add firejailed mirage (todo: test it)	2020-10-29 13:15:48 +02:00
Mikaela Suomalainen	c93034ba7f	unbound/dns-over-tls.conf: major cleanup	2020-10-29 13:15:23 +02:00
Mikaela Suomalainen	8b04c26065	chrony.conf: add a peer comment for LOCALMACHINE.local	2020-10-27 10:35:09 +02:00
Mikaela Suomalainen	dc2ac02412	begin depulseaudioing https://wiki.archlinux.org/index.php/PulseAudio/Troubleshooting#No_sound_below_a_volume_cutoff_or_Clipping_on_a_particular_output_device is too much for me. I expect to suffer this decision too though. * i3: bind audio buttons to amixer (TODO: there are still pulse-specific shortcuts and no shortcut for any kind of a mixer. $TERMINAL alsamixer?) * i3status: comment pulse to make it see alsa * apt: pin pulseaudio to negative priority	2020-10-26 17:21:39 +02:00
Mikaela Suomalainen	9b197cbaed	chrony.conf: add a local server example	2020-10-26 07:34:10 +02:00
Mikaela Suomalainen	258cf72ccb	chrony.conf: mark Cloudflare as a pool of 2	2020-10-25 19:46:36 +02:00
Mikaela Suomalainen	9ae9856c0a	chrony.conf: mark Snopyta & Telia as pools with maxsources 3	2020-10-25 18:54:53 +02:00
Mikaela Suomalainen	51080f52d8	chrony.conf: add comments on allowing lan access	2020-10-25 17:43:07 +02:00
Mikaela Suomalainen	b4ca31e6c6	chrony.conf: add DNA & Telia NTP servers Resolves: #83	2020-10-25 17:22:59 +02:00
Mikaela Suomalainen	4cebe7fbd5	chrony.conf: list NTP servers Ref: #83	2020-10-25 12:44:53 +02:00
Mikaela Suomalainen	993759577e	Bind systemd-resolved to Unbound	2020-10-25 09:05:07 +02:00
Mikaela Suomalainen	73f273f4bb	etc/chrony: add small chrony.conf notes	2020-10-24 11:32:07 +03:00
Mikaela Suomalainen	d3e00fb1a3	xdg-applications: add firejailed appimage of chatterino	2020-10-24 09:11:14 +03:00
Mikaela Suomalainen	1e70d7d4d7	etc/systemd-resolved&unbound: add Quad9 ECS configs Untested. The last time I saw the documentation, they didn't mention DoT.	2020-10-21 17:09:20 +03:00
Mikaela Suomalainen	1467454284	hosts.append: prepend empty line It makes it easier to see where this begins in the appended /etc/hosts	2020-10-21 15:18:03 +03:00
Mikaela Suomalainen	de7184794a	etc: add hosts.append for appending into hosts for systemd-resolved	2020-10-21 15:16:56 +03:00
Mikaela Suomalainen	ca4c85b7df	etc/resolv.csv: add Quad9 ECS The DoT address is guessed and verified to be open through nmap, as it's not documented, I don't know surely that it's what it should. DoH is mentioned in https://www.quad9.net/doh-quad9-dns-servers/ via https://gitlab.com/nitrohorse/ios14-encrypted-dns-mobileconfigs/-/issues/6	2020-10-18 11:11:27 +03:00
Mikaela Suomalainen	cb5781044c	resolv.conf: add OpenDNS Family	2020-10-03 14:56:52 +03:00
Mikaela Suomalainen	5f9cf10c68	resolv.csv: add Cleanbrowsing	2020-10-03 14:07:41 +03:00
Mikaela Suomalainen	531abc1f42	resolv.csv: fix Cloudflare DoT address	2020-10-03 13:49:04 +03:00
Mikaela Suomalainen	96d19d99cb	resolv.csv: add Cloudflare family, fill CF antimalware IPv6	2020-10-03 13:46:13 +03:00
Mikaela Suomalainen	8241d0e695	resolv.csv: add AdGuard Family	2020-10-03 13:42:05 +03:00
Mikaela Suomalainen	ae533261ab	etc/resolv.csv restore Firefox addresses	2020-10-03 13:38:31 +03:00
Mikaela Suomalainen	13a03812ba	resolv.conf: move resolvers to resolv.csv	2020-09-27 15:05:53 +03:00
Mikaela Suomalainen	31a15a9abc	systemd-resolved & unbound: update AdGuard IPs Resolves: #81	2020-09-27 14:34:54 +03:00
Mikaela Suomalainen	09d7a87dfb	fix zaldaryn-r8168?	2020-09-03 19:39:34 +03:00
Mikaela Suomalainen	6c2475676c	unbound.conf.d/dot-adguard.conf: fix SNI domain	2020-08-30 16:56:51 +03:00
Mikaela Suomalainen	edb259b1c8	unbound.conf.d: add dot-adguard.conf	2020-08-30 16:45:35 +03:00
Mikaela Suomalainen	cc965d4692	blocklist.conf: add empty line & incoming.telemetry.mozilla.org	2020-08-22 23:31:54 +03:00
Mikaela Suomalainen	263f828550	unbound blocklist: add ssl.google-analytics.com	2020-08-20 19:30:47 +03:00
Mikaela Suomalainen	94eace15e7	unbound/blocklist.conf: specify it's server clause Introduced by `e4d18d47c5`	2020-08-20 18:38:37 +03:00
Mikaela Suomalainen	cabf7c570d	blocklist.conf: add [www.]google-analytics.com.	2020-08-20 18:33:51 +03:00
Mikaela Suomalainen	b5cafdeb90	unbound: the mass file is not a good idea? cut it?	2020-08-16 12:18:07 +03:00
Mikaela Suomalainen	e4d18d47c5	etc/.../unbound.conf: update for 1.11.0-1+	2020-08-15 10:27:50 +03:00
Mikaela Suomalainen	cf8dc85ec0	systemd/timesyncd.conf.d: add cloudflare.conf	2020-08-09 10:51:36 +03:00
Mikaela Suomalainen	82cf5e7742	systemd/resolved.conf.d: add generic NextDNS confs	2020-08-09 00:07:06 +03:00
Mikaela Suomalainen	c3f9205610	resolv.conf: fix nextdns addresses	2020-08-09 00:03:13 +03:00
Mikaela Suomalainen	bbbe4a2f04	resolv.conf: add Firefox DoH resolvers Excluding Comcast	2020-08-08 20:06:39 +03:00
Mikaela Suomalainen	f58ba9424e	resolv.conf: more notes, hilight systemd-resolved, add DoH addresses	2020-08-08 19:44:08 +03:00
Mikaela Suomalainen	ca25fa1a66	sources.list: rm 16.04.archive.ubuntu.com I don't see enough difference compared to ubuntu. Resolves: #78	2020-08-07 15:58:54 +03:00
Mikaela Suomalainen	0be7388798	sources.list: add ubuntu Resolves: #77	2020-08-07 10:40:22 +03:00
Mikaela Suomalainen	73fb88e11d	systemd-resolved.conf.d: everywhere -> 00-everywhere	2020-07-24 12:16:31 +03:00
Mikaela Suomalainen	8af19aab5e	resolv.conf: link to Mullvad issue while at it	2020-07-23 23:28:14 +03:00
Mikaela Suomalainen	99cda3d7ed	resolv.conf: add a missing word	2020-07-23 23:27:37 +03:00
Mikaela Suomalainen	7da5babc43	resolv.conf: add missing empty line	2020-07-23 22:59:53 +03:00
Mikaela Suomalainen	d3e1aaee30	resolv.conf: more systemd-resolved info	2020-07-23 22:52:32 +03:00
Mikaela Suomalainen	6289837766	resolv.conf: note the systemd-resolved files	2020-07-23 22:43:04 +03:00
Mikaela Suomalainen	a8e9d7d81f	etc/resolv.conf: add option trust-ad	2020-07-20 23:11:55 +03:00
Mikaela Suomalainen	69f55cd724	systemd/resolved: adguard-strict -> adguard-dot	2020-07-18 14:05:36 +03:00
Mikaela Suomalainen	550b68d149	etc/systemd/resolved: add [adguard,cloudflare}-strict.conf I am not actually using either though and I am not sure if I will, but maybe they are nice to have as a backup here just in case.	2020-07-18 02:20:56 +03:00
Mikaela Suomalainen	b3cb953b9c	systemd/resolved: add a comment to everywhere.conf too as every other file explains who it is for, why not this	2020-07-04 19:09:26 +03:00
Mikaela Suomalainen	0ae22081a0	etc/systemd-resolved: rework all files more or less * explain things in README.md, don't duplicate comments * opportunistic-insecure.conf should be used everywhere by default, so thus it's now everywhere.conf. However I am yet to test it does what I expect, so this is bad case of testing in production or after committing it in general.	2020-07-04 19:06:18 +03:00
Mikaela Suomalainen	7a73088beb	systemd/resolved.conf.d/quad9*.conf: enable SNI	2020-06-26 12:22:09 +03:00
Mikaela Suomalainen	bce9af0edd	resolved.conf: add quad9-compat.conf	2020-06-26 12:22:09 +03:00
Mikaela Suomalainen	507b9b15c7	etc/containers: add registries.conf example linking to source, it seems to be enough to get started with podman	2020-05-27 11:01:08 +03:00
Mikaela Suomalainen	856085bd74	ssh_config: document ForwardAgent and ForwardX11... ...Previously they were no without explanation, but it never hurts to explicitly have comments on not doing that, I didn't quickly find anything nice for ForwardAgent, but I remember the Matrix.org people somehow avoiding hearing it and ForwardX11 first result was that StackExchange.	2020-05-22 14:36:26 +03:00
Mikaela Suomalainen	d8d48508bd	ssh_config: update comments, add Includes Resolves: #69	2020-05-22 14:29:37 +03:00
Mikaela Suomalainen	c2c27c8adb	local: add firejail-appimage-patchwork.desktop	2020-05-08 18:14:42 +03:00
Mikaela Suomalainen	5226399637	grub.d: add quiet.cfg to remind me to not remove it	2020-04-08 19:24:22 +03:00
Mikaela Suomalainen	1e08997ad5	etc/sources.list: add (Debian's) experimental	2020-03-30 18:12:16 +03:00
Mikaela Suomalainen	6f2f986d2f	etc/fahclient/config.xml: let the slider be MEDIUM	2020-03-30 09:16:32 +03:00
Mikaela Suomalainen	d1fc83913b	systemd/user: add ipfs, transmission-daemon (from system)	2020-03-30 08:42:06 +03:00
Mikaela Suomalainen	b2dac44a64	etc: add fahclient/config.xml	2020-03-30 08:35:56 +03:00
Mikaela Suomalainen	d39ec4ccfe	grub.d/oldifnames.cfg: update comment I seem to be using it in multiple systems so I cannot say I don't recommend it, when it's understood.	2020-03-29 15:12:00 +03:00
Mikaela Suomalainen	53944a0673	grub.d: add forcefsck.cfg	2020-03-29 15:11:48 +03:00
Mikaela Suomalainen	b217baaec9	systemd/system: update syncplay-server.service It never got the TLS flag apparently	2020-03-27 18:02:34 +02:00
Mikaela Suomalainen	d71357613f	apt/preferences.d/limit-unstable: add unstable-debug repo It may be unhelpful to have debug symbols getting pulled from Unstable while using packages from Testing or even Stable.	2020-03-21 16:40:00 +02:00
Mikaela Suomalainen	9d70aa8119	org.signal.Signal.desktop: rename to Signal Tray	2020-03-09 09:35:19 +02:00
Mikaela Suomalainen	8fc2d8905c	etc/nginx/README.md: add future warning	2020-03-07 21:08:57 +02:00
Mikaela Suomalainen	64d5fef6f3	ipfs.service: point to the new meta issue	2020-02-29 18:03:32 +02:00
Mikaela Suomalainen	b125fc1804	etc/systemd/resolved.conf.d: general.conf -> opportunistic-insecure.conf	2020-02-21 19:03:56 +02:00
Mikaela Suomalainen	60cac14929	etc: add multi-user.cfg	2020-02-18 01:42:27 +02:00
Mikaela Suomalainen	585266bc28	update pomotroid.desktop & add ipfs-desktop.desktop Pomotroid now stores data	2020-02-13 20:17:39 +02:00
Mikaela Suomalainen	a3d7b0af22	etc/default/grub.d/lockdown.cfg: notes + lockdown=integrity comment	2020-02-13 02:03:52 +02:00
Mikaela Suomalainen	b770e356cb	etc/default/grub.d: add lockdown.cfg	2020-02-13 01:17:39 +02:00
Mikaela Suomalainen	60899ca667	etc/sysctl.d: add kernel.yama.ptrace_scope = 1	2020-02-12 22:36:17 +02:00
Mikaela Suomalainen	3e325cca03	etc/sysctl.d: add 00-local-userns.conf with warnings/rant	2020-02-12 22:00:11 +02:00
Mikaela Suomalainen	bd6488e0ed	etc/default/grub.d: nouveau.cfg -> itwjyg.cfg + more modules	2020-02-10 17:54:47 +02:00
Mikaela Suomalainen	fafc6fad62	etc/xdg/autostart: add pomotroid.desktop Resolves: #50	2020-02-09 20:36:56 +02:00
Mikaela Suomalainen	1a8c6fcd24	merge local/share/applications & etc/xdg/autostart	2020-02-09 20:35:54 +02:00
Mikaela Suomalainen	ee0038c568	add /etc/network/interfaces.d/eth0	2020-02-09 14:53:56 +02:00
Mikaela Suomalainen	8472ffa7cd	NetworkManager: add manage-ifupdown.conf	2020-02-09 14:53:01 +02:00
Mikaela Suomalainen	9177966264	etc/default/grub.d: -supposedly & modprobe r8168	2020-02-09 14:50:43 +02:00
Mikaela Suomalainen	da2f090f56	logind.conf.d/lidclose.conf: mention systemd-rfkill, ref: #51	2020-02-03 22:41:47 +02:00
Mikaela Suomalainen	d54ec98f99	NM/iwd.conf: add missing line (enable --now iwd)	2020-02-03 21:40:11 +02:00
Mikaela Suomalainen	d8740f54e1	NetworkManager/conf.d: add iwd.conf for replacing wpa_supplicant	2020-02-03 21:15:35 +02:00
Mikaela Suomalainen	c0399054bb	etc/systemd/login.conf.d/lidclose.conf: ignore lid close	2020-02-03 19:36:05 +02:00
Mikaela Suomalainen	a82e3fd989	etc/NetworkManager: add no-mac-randomizing.conf	2020-01-28 23:12:54 +02:00
Mikaela Suomalainen	b04c724b5b	etc/default/grub.d: add flags to disable hibernating	2020-01-19 13:47:33 +02:00
Mikaela Suomalainen	2168bc47ed	apt/preferences.d: don't consider firefox/jami as badideas	2020-01-12 13:24:11 +02:00
Mikaela Suomalainen	86cb1a02dc	etc/xdg/autostart: add com.github.wwmm.pulseeffects.desktop	2020-01-11 22:25:33 +02:00
Mikaela Suomalainen	e47568e178	etc/xdg/autostart: add Nextcloud.desktop	2020-01-11 22:24:23 +02:00
Mikaela Suomalainen	5c6f66e5fc	etc/apt/preferences.d: add hacks/limit-buster	2020-01-11 22:11:25 +02:00
Mikaela Suomalainen	eabd12a26d	etc/apt/preferenced: move not-so-good-ideas to badideas/	2020-01-11 21:43:52 +02:00
Mikaela Suomalainen	31c53595f8	etc/apt/preferences.d: add limit-unstable from Wireguard	2020-01-11 21:41:09 +02:00
Mikaela Suomalainen	3011004856	NetworkManager/conf.d: add no-resolvconf.conf	2020-01-11 21:05:05 +02:00
Mikaela Suomalainen	346d726bb7	NetworkManager/unbound: note unbound-control-setup	2020-01-03 01:52:21 +02:00
Mikaela Suomalainen	2df7887dda	NetworkManager/conf.d: add unbound.conf For Unbound which I generally use, even while it requires dnssec-trigger	2020-01-02 15:32:50 +02:00
Mikaela Suomalainen	6ae87b6de8	etc/default/grub.d: add oldifnames.cfg see comments of the file for reason	2019-12-30 16:24:42 +02:00
Mikaela Suomalainen	05ffc40c7d	xdg/autostart: add Mullvad-VPN gui	2019-12-28 19:27:52 +02:00
Mikaela Suomalainen	a6c5902c08	etc/default/grub: add random.trust_cpu=on Possibly some help to boot time entropy exhaustion, but it may have been enabled by default already.	2019-12-27 19:46:30 +02:00
Mikaela Suomalainen	b1f7177d7f	etc/xdg/autostart: add dino & jami	2019-12-24 16:58:45 +02:00
Mikaela Suomalainen	4e640e3d50	etc/xdg/autostart: add Riot & -many to Telegram	2019-12-23 12:49:05 +02:00
Mikaela Suomalainen	bc46ad3119	torrc-client: add port 9119 for http	2019-12-23 12:48:33 +02:00
Mikaela Suomalainen	0c4bacc1ca	etc/xdg/autostart: add Gajim & Signal	2019-12-21 18:54:02 +02:00
Mikaela Suomalainen	7541d93206	dns-over-tls.conf: update BlahDNS-JP addresses	2019-12-01 12:48:02 +02:00
Mikaela Suomalainen	10b1b8ad86	unbound/dot: fix outdated comment	2019-11-03 00:49:19 +02:00
Mikaela Suomalainen	7b2c1568d1	unbound/dns-over-tls.conf: replace BlahDNS CH with FI Shutting down on December 31th https://blahdns.com/	2019-11-03 00:15:59 +02:00
Mikaela Suomalainen	4e93c66d67	systemd/resolved.conf.d/quad9: expand on versions	2019-11-02 18:37:12 +02:00
Mikaela Suomalainen	d062d6675c	unbound/blacklist.conf: Riot has fixed it's habits Integration manager and identity server can be configured in settings	2019-10-16 15:01:48 +03:00
Mikaela Suomalainen	5a1ed609ed	update etc/xdg/autostart/README.md	2019-10-12 19:02:45 +03:00
Mikaela Suomalainen	64934af736	etc/xdg/redshift: add icon & chmod +x	2019-10-12 19:02:27 +03:00
Mikaela Suomalainen	a79e9d3c21	etx/xdg/auostart: add com.wire.WireDesktop & telegramdesktop	2019-10-12 19:00:58 +03:00
Mikaela Suomalainen	a482390118	etc/xdg/autostart: deprecate unnecessary ones	2019-10-12 18:46:23 +03:00
Mikaela Suomalainen	1e636a65af	unbound/dns-over-tls.conf: enable BlahDNS over Yggdrasil	2019-10-08 20:52:41 +03:00
Mikaela Suomalainen	077b1a7679	etc/NetworkManager: move relevant parts to conf.d/ I have no idea when I have previously looked into those two files (git history would probably tell me), but I don't think they make much sense, while the important parts can be cut into conf.d/ and applied individually as needed.	2019-10-04 20:18:32 +03:00
Mikaela Suomalainen	16e66010a2	etc/NetworkManager: add conf.d and cp from Itwjyg Strangely Itwjyg is a special case system where I need systemd-resolved and its opportunistic DNSSEC/DoT. I also accidentally forgot dns-none.conf (then dns.conf) there, but systemd-resolved.conf appears to have overridden it, so it was fine and I have now removed the extra one.	2019-10-04 20:10:27 +03:00
Mikaela Suomalainen	cb79fa283a	apt/preferences.d/firefox: add l10n	2019-09-24 21:57:54 +03:00
Mikaela Suomalainen	f1b6101afd	apt/preferences.d: pin firefox[-esr] from sid	2019-09-24 21:46:13 +03:00
Mikaela Suomalainen	bda94cac72	etc/nginx: remove / from the proxies while I still remember	2019-09-18 17:40:00 +03:00
Mikaela Suomalainen	ee03a773c0	apt/preferences.d: add jami	2019-09-17 17:22:15 +03:00
Mikaela Suomalainen	bc9848185d	i2pd: increase tunnel lengths to 2 in hope of better NAT evading	2019-09-15 14:40:44 +03:00
Mikaela Suomalainen	b3dc6ced51	systemd: initial i2pd.service & .d/override.conf Begins #38	2019-09-15 13:52:57 +03:00
Mikaela Suomalainen	b614486427	etc/nginx: more modern working configs from Relpda	2019-09-13 16:32:01 +03:00
Mikaela Suomalainen	0ca2718569	unbound/blocklist.conf: use always_nxdomain, remove publicbt.com	2019-09-10 21:27:23 +03:00
Mikaela Suomalainen	01cd9e7b45	etc/fstab: notes on encryption, tmpfs, cleanup	2019-09-10 00:21:48 +03:00
Mikaela Suomalainen	541a4a4f15	etc/i2pd/tunnels.conf.d: add yggdrasil-in.conf	2019-09-09 14:40:09 +03:00
Mikaela Suomalainen	0c70f41afc	unbound/blocklist: uncomment vector.im, add use-application-dns.net * Vector.im is the identity server that gets restored by itself and I don't seem to ever have any business to Vector.im website, while the other domains I need to visit at times. * use-application-dns.net being NXDOMAIN tells Firefox to not send traffic to Cloudflare DoH. I thought of this when I saw the news and got courage to actually do this after seeing that DNSCrypt-proxy also does so.	2019-09-07 14:42:15 +03:00
Mikaela Suomalainen	91025d7129	etc/default/grub.d: merge mds.cfg into mitigations.cfg Ref: #33 Still missing documentation/comments	2019-09-06 12:38:42 +03:00
Mikaela Suomalainen	f4f8b3f529	grub.d/{mitigations,nosmt}.cfg: initial commit TODO: documents Ref: #34	2019-09-06 01:17:32 +03:00
Mikaela Suomalainen	47c7a3aca2	grub.d: add default-windows.cfg Resolves: #33	2019-09-04 12:00:57 +03:00
Mikaela Suomalainen	4b214b0e0f	etc/default/grub.d: add nouveau	2019-09-04 11:40:06 +03:00
Mikaela Suomalainen	c91b1b97a9	systemd/system: add unit file for etherpad-lite Closes: #27	2019-08-29 13:10:55 +03:00
Mikaela Suomalainen	319ae6c2bf	etc/modprobe.d/blacklist-hdmi-audio.conf: add source	2019-08-29 01:31:32 +03:00
Mikaela Suomalainen	9bb1dbb301	etc/modprobe.d: blacklist snd_hda_codec_hdmi	2019-08-29 01:27:40 +03:00
Mikaela Suomalainen	3f81f02bfd	etc/default/grub.d/sedric.cfg: acpi_backlight=vendor has no effect	2019-08-26 10:23:41 +03:00
Mikaela Suomalainen	06c56bbc78	etc/default/grub.d: add mds.conf for mitigating mds CPU vuln Ref: #22	2019-08-25 20:32:38 +03:00
Mikaela Suomalainen	066c42717c	torrc-client: enable ClientPreferIPv6ORPort as my IPv6 works	2019-08-25 18:39:12 +03:00
Mikaela Suomalainen	9bcd2d61c7	unbound/dns64: add Cloudflare	2019-08-25 18:27:11 +03:00
Mikaela Suomalainen	aa2c53349d	unbound/plain-dns64.conf: add Google DNS	2019-08-25 18:21:16 +03:00
Mikaela Suomalainen	31aa6066b5	unbound/dns-over-tls.conf: don't mention forwards.conf I renamed it.	2019-08-25 18:17:50 +03:00
Mikaela Suomalainen	41644a9b65	unbound: add dns64-over-tls.conf (broken for now)	2019-08-25 18:16:51 +03:00
Mikaela Suomalainen	6308c9af72	unbound: clean up plain-dns64.conf (only TREX for now)	2019-08-25 18:09:50 +03:00
Mikaela Suomalainen	04658408d4	unbound: rename forwards.conf -> plain-dns64.conf	2019-08-25 18:07:28 +03:00
Mikaela Suomalainen	3dc273fbe0	unbound: mention other files of interest in dot & add threads	2019-08-24 12:40:04 +03:00
Mikaela Suomalainen	6274ed8e13	unbound/dot: add nic.cz & nixnet	2019-08-24 12:02:26 +03:00
Mikaela Suomalainen	5462af3059	unbound/dot: add Lelux.fi	2019-08-24 11:57:42 +03:00
Mikaela Suomalainen	7afaa57882	unbound/dot: add Snopyta	2019-08-24 11:55:22 +03:00
Mikaela Suomalainen	4e4d19a765	unbound.conf.d/logging.conf: print statistics hourly	2019-08-20 18:05:19 +03:00
Mikaela Suomalainen	d7d252f98f	unbound/logging: add statistics printing	2019-08-20 17:41:43 +03:00
Mikaela Suomalainen	2c3fe4a5df	unbound: enable IPv6 preferring	2019-08-20 12:49:19 +03:00
Mikaela Suomalainen	be7c4185eb	etc/unbound/dns-over-tls: comment Cloudflare	2019-08-20 11:49:37 +03:00
Mikaela Suomalainen	56b5b905e2	fix github link, closes #16	2019-08-18 02:05:52 +03:00
Mikaela Suomalainen	26624bcd5d	unbound.conf.d: increase TTL to 15 mins from 5	2019-08-17 21:06:01 +03:00
Mikaela Suomalainen	d539237fbf	unbound/blocklist.conf: add source	2019-08-17 13:43:11 +03:00
Mikaela Suomalainen	057d42bafd	unbound/dns-over-tls.conf: fix typo	2019-08-17 13:40:39 +03:00
Mikaela Suomalainen	914fe1d26c	unbound/dot: finish adding providers Ref: #15	2019-08-17 13:37:02 +03:00
Mikaela Suomalainen	410a02a968	unbound/dot: add securedns (both), dnswarden (adblock)	2019-08-17 13:23:28 +03:00
Mikaela Suomalainen	a5ccd88e70	unbound/dns-over-tls.conf: add server locations Ref: #15	2019-08-17 12:34:03 +03:00
Mikaela Suomalainen	596c18c0e0	etc/unbound: add blocklist.conf Closes: #13	2019-08-17 12:16:53 +03:00
Mikaela Suomalainen	601bd3ac86	unbound dot: alphabetical order Ref: #15	2019-08-17 00:52:41 +03:00
Mikaela Suomalainen	39493f3bf9	unbound dot: move things around	2019-08-17 00:26:36 +03:00
Mikaela Suomalainen	b3a7266eb5	unbound.conf.d/dns-over-tls: remove Google	2019-08-17 00:14:41 +03:00
Mikaela Suomalainen	c78eecb547	unbound/dns-over-tls: add two port 443 resolvers	2019-08-17 00:10:32 +03:00
Mikaela Suomalainen	4de337722e	etc/apt/preferences.d: add testing-debug & rename stable.donotuse Resolves: #124 (see comment)	2019-07-30 01:08:09 +03:00
Mikaela Suomalainen	2112575a98	etc/apt/preferences.d: commit dark magic that shouldn't exist	2019-07-30 00:52:32 +03:00
Mikaela Suomalainen	a01e53171e	grub.d/sedric.cfg: comment that acpi_osi=Linux doesn't work	2019-07-28 10:45:04 +03:00
Mikaela Suomalainen	100d9a7433	dnscrypt-proxy.toml: move cache above & add comments & min cache TTL 300	2019-07-23 16:13:22 +03:00
Mikaela Suomalainen	55050ec0e5	cache.conf: increase NXDOMAIN cache size and set min TTL to 300	2019-07-23 15:09:34 +03:00
Mikaela Suomalainen	2b8a460b63	etc/unbound: add cache.conf	2019-07-23 12:30:53 +03:00
Mikaela Suomalainen	93fa7a003c	etc/default/grub.d: add beep.cfg & sedric.cfg beep.cfg is the default example on getting a beep on grub startup, sedric.cfg just contains `acpi_osi=` which fixes the hardware keys for some reason.	2019-07-22 18:56:38 +03:00
Mikaela Suomalainen	97006ddf9b	unbound.conf.d/logging.conf: quote the fine manual for unbound.conf	2019-07-22 17:18:53 +03:00
Mikaela Suomalainen	222a030cee	unbound/dns-over-tls: note version requirement 1.7.3 Debian 9 has 1.6.0 with which I am stuck for now. Debian 10 has 1.9.0	2019-07-22 16:52:07 +03:00
Mikaela Suomalainen	29eae6f89a	etc/dnscrypt-proxy: note I run Unbound in front of it	2019-07-22 16:25:21 +03:00
Mikaela Suomalainen	eb6315d92f	resolv.conf: add Quad9 and note I am not sure what it tries to be Public DNS resolver with easy address list for emergency?	2019-07-22 16:22:55 +03:00
Mikaela Suomalainen	430b9b7bfc	resolv.conf: note local resolver separately from dnscrypt-proxy	2019-07-22 16:17:27 +03:00
Mikaela Suomalainen	7b83f84633	unbound/dns-over-tls.conf: add AdGuard DNS I am surprised it actually works with DNSSEC validation enabled	2019-07-22 16:12:09 +03:00
Mikaela Suomalainen	ffbbe9e522	unbound: replace forwards.conf with dns-over-tls.conf Simultaneously rm puntcat, their DNS appears to be down at the moment and I didn't find their own homepage.	2019-07-22 16:05:05 +03:00
Mikaela Suomalainen	6ed44de3d1	unbound.conf.d: clarify logging.conf in a comment	2019-07-22 15:27:27 +03:00
Mikaela Suomalainen	bb14632b9a	unbound: add another Debian default	2019-07-22 15:16:34 +03:00
Mikaela Suomalainen	3b9acff361	etc/unbound add unbound.conf & unbound-control.conf copy-pastes from Debian & Arch Wiki, however unbound-control in status no as I guess it can be a hole most of time.	2019-07-22 15:14:11 +03:00
Mikaela Suomalainen	5569a1129c	unbound.conf.d/dnscrypt-proxy.conf: update for dnscrypt-proxy v2 Closes #121	2019-07-22 15:12:49 +03:00
Mikaela Suomalainen	fc5fb4d7bd	`b6a511d6a6`: add comments	2019-07-20 11:37:28 +03:00
Mikaela Suomalainen	b6a511d6a6	etc: backup some apt.conf.d & preferences.d files	2019-07-20 11:09:42 +03:00
Mikaela Suomalainen	41f44924be	dnscrypt-proxy.toml: note 2.0.24 fastest -> first	2019-07-14 18:36:31 +03:00
Mikaela Suomalainen	117801ec9d	dnscrypt-proxy: fix comments Resolves: #120	2019-07-14 18:15:35 +03:00
Mikaela Suomalainen	646956b4e0	dnscrypt-proxy.toml: restore Quad9 examples Rbtpzn was using them for some reason and was hitting less errors than Zaldaryn in as basic test as "apt update", so I guess it's worth having it included. I think I am mainly leaving it for family devices.	2019-07-14 13:30:29 +03:00
Mikaela Suomalainen	a5868f6395	etc/sources.list: update testing for bullseye & add note to stable for it > over the last years we had people getting confused over <suite>-updates > (recommended updates) and <suite>/updates (security updates). Starting > with Debian 11 "bullseye" we have therefore renamed the suite including > the security updates to <suite>-security. https://lists.debian.org/debian-devel-announce/2019/07/msg00004.html	2019-07-14 12:40:56 +03:00
Mikaela Suomalainen	2fe92afa26	etc/apt/sources.list: change keyserver Ref: #119 I am not sure I would advice running that even if it happened to exist.	2019-07-01 11:50:26 +03:00
Mikaela Suomalainen	128f1781f3	torrc-client: add MapAddress for PirateIRC & freenode Closes #118	2019-06-30 14:27:20 +03:00
Mikaela Suomalainen	a915db9f8a	etc/systemd: tor-services: add ExecReload I am running `systemctl restart tor-client` too often to be comfortable.	2019-06-30 14:11:34 +03:00
Mikaela Suomalainen	bf3b91d93a	torrc-client: update from running config Preparation to #118	2019-06-30 13:31:16 +03:00
Mikaela Suomalainen	5128e8646a	ipfs.service: use dht routing instead of dhtclient routing	2019-06-11 01:17:22 +03:00
Mikaela Suomalainen	85bd70f382	etc/systemd/system/ipfs: important notice for VPS/dedi/etc.	2019-06-11 01:12:28 +03:00
Mikaela Suomalainen	6ce553f84e	dnscrypt-proxy: fix cloudflare excluding	2019-06-02 22:30:49 +03:00
Mikaela Suomalainen	540798ed17	dnscrypt-proxy: use Socks Authentication	2019-05-22 12:01:34 +03:00
Mikaela Suomalainen	b96eb372d0	torrc-client: ensure IsolateSOCKSAuth & add HTTPTunnelPort	2019-05-22 11:58:05 +03:00
Mikaela Suomalainen	3eefbaf296	etc/tor/torrc-onehoponion: CookieAuthFile 0	2019-05-17 18:54:34 +03:00
Mikaela Suomalainen	7dbafe4a54	resolv.conf: more comments	2019-05-16 15:28:15 +03:00
Mikaela Suomalainen	21adba9a02	dnscrypt-proxy.toml: update ~~stories~~ comments	2019-05-15 10:48:11 +03:00
Mikaela Suomalainen	e972a47d4a	torrc-client: add SocksPorts and comment on two guards I need unisolated port for dnscrypt-proxy which I fear would otherwise generate too many circuits which wouldn't even be used and I guess there is no harm in sending Yggdrasil to a separate port that only has access to onions which is a port I may sometimes wish I have otherwise too.	2019-05-15 10:31:47 +03:00
Mikaela Suomalainen	95bcf095df	VerifyHostKeyByDNS is supposed to be yes fix previous commit, I imagine I changed it by accident.	2019-05-11 00:58:00 +03:00
Mikaela Suomalainen	e634ee8863	ssh_config: update comment for VerifyHostKeyDNS OpenSSH is evil and gives you three not-optimal options to this: A) trust DNSSEC and don't write known_hosts B) ask whether to trust DNS, but don't bother telling me if it's signed C) don't even check SSHFP I see A) as the least evil, but I wish known_hosts was written. Alternatively B) should tell me whether there is DNSSEC or not, not only "matching keys found from DNS" or whatever it says always.	2019-05-09 18:44:36 +03:00
Mikaela Suomalainen	9e03598e3f	etc/apt/sources.list: add missing tor+ for Debian	2019-05-09 14:05:54 +03:00
Mikaela Suomalainen	0ce3c5f47a	dnscrypt-proxy: adjust sources, add prefixes	2019-05-07 00:55:07 +03:00
Mikaela Suomalainen	f978853d11	dnscrypt-proxy.toml: add onion resolvers	2019-05-07 00:23:51 +03:00
Mikaela Suomalainen	d2bd2be652	systemd/zeronet.service: use Python 3 & always use Tor	2019-05-05 20:28:14 +03:00
Mikaela Suomalainen	d8ba42bdd1	etc/tor: disable control, document enabling for client	2019-05-04 20:41:18 +03:00
Mikaela Suomalainen	8e01a42c62	etc: systemd & tor: add tor-onehoponion (and torrc-relay)	2019-05-04 17:26:57 +03:00
Mikaela Suomalainen	c726daa62c	etc/tor/torrc-client: add comments	2019-05-04 16:55:08 +03:00
Mikaela Suomalainen	b0ef3a18f6	torrc-client: remove deprecated ClientPreferIPv6DirPort comment > The ClientPreferIPv6DirPort option is deprecated, and will most likely be removed in a future version of Tor. It has no effect on relays, and has had no effect on clients since 0.2.8. (If you think this is a mistake, please let us know!)	2019-05-04 16:28:58 +03:00
Mikaela Suomalainen	9c8cf613cd	etc/systemd: add tor-client.service & tor: add torrc-client	2019-05-03 12:31:33 +03:00
Mikaela Suomalainen	4c2b21bbfa	ipfs.service: add routing note	2019-05-01 23:30:12 +03:00
Mikaela Suomalainen	ce84c26bcd	ipfs.service: adapt lowpower profile & mention badgerds If the lowpower option uses values 40 and 20 which are a lot higher than mine were and considered suitable for laptops and smartphones, I guess they are the best for me to use and I find content faster.	2019-04-23 13:51:18 +03:00
Mikaela Suomalainen	6981481c77	ipfs.service: add options I forgot before	2019-03-26 22:26:25 +02:00
Mikaela Suomalainen	3ecfc2473d	ipfs.service: document my IPFS config Closes #111	2019-03-26 22:05:52 +02:00
Mikaela Suomalainen	a90243a55a	dnscrypt-proxy.toml: use Quad9 while waiting for disabled_server_names	2019-03-26 10:12:57 +02:00
Mikaela Suomalainen	466a7bc2c1	etc/systemd/resolved.conf.d: add some configs These aren't seeing real world usage though as the only host not running dnscrypt-proxy has too old systemd.	2019-03-25 13:41:23 +02:00
Mikaela Suomalainen	f336393db9	systemd preset: enable pcscd for FINEID	2019-02-28 13:00:42 +02:00
Mikaela Suomalainen	81fcfb539d	systemd preset: Zaldaryn additions	2019-02-28 12:17:07 +02:00
Mikaela Suomalainen	758d4302ac	systemd preset: remove cjdns, enable ssh.service	2019-02-28 12:10:14 +02:00
Mikaela Suomalainen	284a50288c	sysctl.d: document privacy extensions & use double # for comments	2019-02-26 20:32:08 +02:00
Mikaela Suomalainen	cc0f5db3bd	dnscrypt-proxy: use dns.watch#2 as fallback reslver 84.200.70.40	2019-02-25 11:06:49 +02:00
Mikaela Suomalainen	07ae3bbef6	etc/sudoers.d/hibernate: allow suspend & change group to plugdev It seemed like a suitable one from the default groups Debian creates.	2019-02-18 20:07:36 +02:00
Mikaela Suomalainen	d406334560	systemd preset: enable TTY & cups	2019-02-17 21:07:10 +02:00
Mikaela Suomalainen	5fe9477c55	etc/systemd: add ipfs.service & zeronet.service Closes #101	2019-02-12 20:32:40 +02:00
Mikaela Suomalainen	993d3f6994	systemd preset: enable yggdrasil-resume	2019-02-08 10:21:14 +02:00
Mikaela Suomalainen	0afc716ccf	Partially revert `f7fbf35109` That was just too evil, especially as the line has moved to my i3wm config where nothing else I have tried works.	2019-02-04 20:33:31 +02:00
Mikaela Suomalainen	518c9fcdaf	i3: add hibernation & sudoers.d: allow passwordless hibernate	2019-01-30 20:12:38 +02:00
Mikaela Suomalainen	f7fbf35109	update setxkbmap and hope no one else is using these files	2019-01-30 19:16:45 +02:00
Mikaela Suomalainen	d29a0532d2	Debian sources.list: disable http security, use https CDN & Tor	2019-01-23 10:18:35 +02:00
Mikaela Suomalainen	d27cc15888	add systemd-preset	2019-01-21 18:41:36 +02:00
Mikaela Suomalainen	3e5e55bf75	etc/apt/sources.list: enable Debian debugsym repos It seems that I am always going to enable it sooner or later anyway, so why woulnd't I have it enabled for quick installing when I do need it? Example: KDE Connect crashed on login, and asked me to report it, but the reporter app warned that there is no address to report it and debug information had one or two stars and said that it's likely bad quality and I think this is due to missing debug symbols which I then installed. Naturally after installing them, I am unable to reproduce the issue, but that is beside the point.	2018-12-19 11:48:32 +02:00
Mikaela Suomalainen	5c6c026226	hosts-mikaela.txt: alternative domain for Korsin	2018-12-15 20:57:43 +02:00
Mikaela Suomalainen	c80591d9a7	hosts-mikaela.txt: add Korsin	2018-12-15 16:56:36 +02:00
Mikaela Suomalainen	08bfdde7c8	etc/dnscrypt-proxy/hosts-mikaela: add two cwinfo servers	2018-12-10 12:10:41 +02:00
Mikaela Suomalainen	7695b26abf	etc/dnscrypt-proxy: update README.md The situation has changed a bit and I had forgotten to add links.	2018-12-03 12:22:58 +02:00
Mikaela Suomalainen	9be5b35b32	dnscrypt-proxy: use syslog, cert_refresh_delay I happened to wonder about reload times and think that this is nice to have visible here. Syslog is used by default and I am expecting it so it probably won't hurt being visible.	2018-11-29 11:30:28 +02:00
Mikaela Suomalainen	b7017d7c50	dnscrypt-proxy: update comments, lb_strategy = p2 Removed my weird comment and added refresh_delay to OpenNIC. I am using p2 instead of ph as per the wiki as apparently they don't consider balancing queries over multiple services as important as speed, so maybe I don't have to worry about that either.	2018-11-29 11:23:05 +02:00
Mikaela Suomalainen	b6bb15a198	dnscrypt-proxy.toml: add commented OpenNIC It's waiting for me to make up my mind about it and whether or not I support it. I have mixed feelings/thoughts about it and will need to read more.	2018-11-27 20:04:12 +02:00
Mikaela Suomalainen	2d3b324d9f	dnscrypt-proxy.toml: add mirrors of public-resolvers.md	2018-11-27 20:01:35 +02:00
Mikaela Suomalainen	8497d4fb84	dnscrypt-proxy.toml: enable require_nolog Learning that I don't have to specify servers there is a lot more variety even if I start requiring more things, as Sedric says to see 33 live servers, I guess dnscrypt servers in general respect privacy. However I guess I still have to trust on what the servers say as AFAIK dnscrypt-proxy is only that, a proxy, and won't start validating dnssec by itself.	2018-11-26 23:43:39 +02:00
Mikaela Suomalainen	32b1fd4a9a	dnscrypt-proxy.toml: disable logging & put it where it belongs	2018-11-26 17:01:30 +02:00
Mikaela Suomalainen	397821db0a	dnscrypt-proxy: -empty lines +cloaking_rules dn#	2018-11-26 16:53:47 +02:00
Mikaela Suomalainen	c8fb2b896a	dnscrypt-proxy.toml: sort the options and add/update/fix comments Now the options that I am more likely to care about or want to adjust are on the top.	2018-11-26 16:46:30 +02:00
Mikaela Suomalainen	eecb4a980d	dnscrypt-proxy: add commented not-socket	2018-11-26 16:12:02 +02:00
Mikaela Suomalainen	c3c8a41e43	dnscrypt-proxy.toml: comment server_names	2018-11-26 16:03:02 +02:00
Mikaela Suomalainen	c8c342ec68	hosts-mikaela.txt: add tezagm	2018-11-26 15:46:52 +02:00
Mikaela Suomalainen	4f99f6ebed	syncplay-server.service: ccxcz's endpoints ExecStart just in case	2018-11-24 20:36:17 +02:00
Mikaela Suomalainen	c57d5443ab	add systemd unit for syncplay-server	2018-11-23 17:23:38 +02:00
Mikaela Suomalainen	33db566a27	sources.list: Debian updates repo over Tor	2018-11-22 20:39:22 +02:00
Mikaela Suomalainen	a47018899d	sources.list: rewrite the Debian ones? Apparently I had been negleceting one important one, if not more.	2018-11-22 20:27:40 +02:00
Mikaela Suomalainen	6419ce29fb	sources.list: add Debian onion repos (commented)	2018-11-22 20:00:33 +02:00
Mikaela Suomalainen	f050ef9550	sources.list: add Debian debug repos (commented)	2018-11-22 19:34:11 +02:00
Mikaela Suomalainen	7983975ba8	etc/apt/sources.list: remove README & scripts They don't reflect what I am doing in reality and I think they possibly encouraged bad practices, so it's better that they don't exist here.	2018-11-22 19:14:42 +02:00
Mikaela Suomalainen	b0c6e5ffb2	hosts-mikaela.txt: add itwjyg	2018-11-15 11:54:49 +02:00
Mikaela Suomalainen	6e9af60c0f	hosts-mikaela: add ano & jasan, fix formatting?	2018-11-02 16:02:02 +02:00
Mikaela Suomalainen	fd8b734e56	hosts-mikaela: cleanup	2018-11-01 16:15:23 +02:00
Mikaela Suomalainen	a15ff2e5dc	more hosts-mikaela.txt updates * add invictus, it's not mine, but neither are roubaix (dnscrypt-proxy dislikes dashes?) and this file is meant for just my use, so does it matter what it contains?	2018-10-30 23:39:41 +02:00
Mikaela Suomalainen	f27ce8fd82	hosts-mikaela: add roubaix-fr	2018-10-30 16:19:26 +02:00
Mikaela Suomalainen	c7ffb18523	hosts-mikaela: add rbtpzn	2018-10-30 09:12:33 +02:00
Mikaela Suomalainen	e7d2b312ef	hosts-mikaela: add zaldaryn TODO: add to DNS	2018-10-29 21:40:31 +02:00
Mikaela Suomalainen	a83e8dce36	etc/resolv.conf: add dnscrypt-proxy & searches mikaela.internal that I have adopted and I have no idea if I am allowed to use TLDs here, but I am putting local there anyway.	2018-10-26 22:48:38 +03:00
Mikaela Suomalainen	859cc89436	dnscrypt/hosts: adopt .internal At the moment I am having problem with mikaela.info being in HSTS preload list and when I begun this list, I was hoping to use something conflict free and thought that mikaela.info would be the least bad choice while reading the reserver domains. Now I have searched on the issues more and encountered .internal TLD that seems to be what I am after and I hope it will become official. https://github.com/wkumari/draft-wkumari-dnsop-internal I think I can change these addresses safely as I am not using them anywhere as I worry about accidentally sending them to the internet and that opening new problems. This will mainly benefit me with web browsers, I hope. I will still have to link other people to direct IPv6 addresses that won't change with the platforms I use or mikaela.info will not be in the HSTS preload lists at time I need it. I wouldn't memorize IPv4 addresses though or start telling them someone in quick chat.	2018-10-26 22:38:59 +03:00
Mikaela Suomalainen	5ac7dc9670	hosts-mikaela: add y.silta.piraatit.fi	2018-10-23 11:32:20 +03:00
Mikaela Suomalainen	3d6dccbfc0	hosts-mikaela.txt: add y.vietnam.mikaela.info	2018-10-22 18:43:50 +03:00
Mikaela Suomalainen	87f4305e71	etc/dnscrypt-proxy: add hosts-mikaela.txt Closes #93	2018-10-18 19:57:00 +03:00
Mikaela Suomalainen	534f34a5bc	add override.conf for tor.service for allowing binding to 80/443 It took me some time a few days ago to figure out this (and notice that port 80 was already used by automatically installed Apache that was doing nothing). I have understood that ports 443 (Orport) and 80 (Dirport) are the best for users behind strict firewalls especially if they aren't needed for anything else on the system running Tor relay.	2018-10-12 23:10:48 +03:00
Mikaela Suomalainen	492cac7158	Revert "ssh_config: controlpersist auto instead of on" This reverts commit `330e8a80ad`. I got complaining about bad value	2018-10-11 13:45:31 +03:00
Mikaela Suomalainen	fa007ee830	dnscrypt-proxy: add quad9 nofilters, lb ph See that #92	2018-10-09 14:08:38 +03:00
Mikaela Suomalainen	5d2b138b3e	dnscrypt-proxy: more thinking for #92 * Comment that the fastest server is automatically picked. * Explicitly don't filter AAAA requests. * Require provider to not do filtering * which is implied by DNSSEC which would get broken. * Use Google DNS B as fallback resolver and explain what it does in comment. * Add commented options for using Tor.	2018-10-08 20:43:30 +03:00
Mikaela Suomalainen	4e52673b7d	etc: rm -r polipo/ Polipo is no longer maintained and it seems that I am doing the same thing with Privoxy except censoring accept-language which I need to investigate. I think Privoxy warned about changing headers possibly making ones fingerprint more unique and thus trackable? But aren't those also going inside https so maybe there is no point?	2018-10-08 20:27:17 +03:00
Mikaela Suomalainen	d1151aaf8c	etc/systemd: rm -r dnscrypt/ Dnscrypt-proxy appears to handle multiple servers by itself nowadays and does it in the config file. The servers listed may also be down. Ref: #92 where I remembered these files still being here.	2018-10-08 20:25:09 +03:00
Mikaela Suomalainen	44cbf89582	etc/dnscrypt-proxy: prefer CF-v6, add G, fallback OpenDNS This still needs more thinking... #92	2018-10-08 20:18:48 +03:00
Mikaela Suomalainen	44ac6ff573	resolv.conf: add single-request-reopen to options It's in dnscrypt-proxy documentation for putting into resolv.conf	2018-10-07 21:20:41 +03:00
Mikaela Suomalainen	330e8a80ad	ssh_config: controlpersist auto instead of on just in case that would be used for tracking and hoping that SSH is clever enough.	2018-10-07 21:12:08 +03:00
Mikaela Suomalainen	b8bda9cf49	ssh_config: use more private ControlPath	2018-10-07 20:54:41 +03:00
Mikaela Suomalainen	ae04839807	add etc/dnscrypt-proxy.toml (WIP!)	2018-10-07 13:45:45 +03:00
Mikaela Suomalainen	63027a97a7	etc/privoxy/config: example to Torify everything	2018-10-06 16:41:20 +03:00
Mikaela Suomalainen	06d5ff55d0	etc/systemd/system: add cjdns/	2018-10-05 13:27:35 +03:00
Mikaela Suomalainen	35f12ae35c	etc/privoxy/config: toggle 0, buffer-limit 51200	2018-10-03 16:18:27 +03:00
Mikaela Suomalainen	c2fda6d7fc	etc/privoxy: add minimalistic config	2018-10-03 13:37:52 +03:00
Mikaela Suomalainen	930be20983	etc/sources.list/: use https://deb.debian.org Apparently they have deprecated httpredir while I wasn't looking.	2018-09-20 13:39:51 +03:00
Mikaela Suomalainen	55018ef7ef	etc/sources.list: remove Debian codenames	2018-09-20 13:37:32 +03:00
Mikaela Suomalainen	b2f590f357	etc/sources.list: rm EOL distributions	2018-09-20 13:35:59 +03:00
Mikaela Suomalainen	4877b2e45b	etc/resolv.conf: add notes for nm-connection-editor	2018-08-10 17:18:33 +03:00
Mikaela Suomalainen	9f13a96513	sources.list: add 18.04 (copy from 16.04)	2018-04-30 17:25:48 +03:00
Mikaela Suomalainen	446c5c14ab	sysctl: don't touch vm.swappiness I think my distribution is more capable of choosing a reasonable value and I am not confident in understanding it enough.	2018-04-20 12:32:46 +03:00
Mikaela Suomalainen	537fc06dd7	etc/resolv.conf: update based on note to self I have no idea why I even have this file :( I guess the number four has something to do with Windows as resolv.conf actually doesn't take more than three, am I preparing for situation where there is no network, but ISP DNS is down or something? Why? When has that actually happened?	2018-04-19 14:46:25 +03:00
Mikaela Suomalainen	73d3d51377	move compose key to menu (from lwin) Closes #90	2017-09-18 22:06:11 +03:00
Mikaela Suomalainen	36b1544606	dnsmasq: I don't care about breaking OpenDNS OpenDNS should care about breaking me.	2017-01-12 12:54:52 +02:00
Mikaela Suomalainen	61296f1cea	NetworkManager: mess .conf more, add .conf.arch	2016-12-14 12:04:35 +02:00
Mikaela Suomalainen	d17a1d936b	NetworkManager: add dnsmasq.d/mikaela.conf I want DNSMasq to behave a little differently from the NetworkManager defaults. The default cache size of 150/400 seems a little small and 10 000 probably won't be full soon and I am sure modern systems at least at home where I am using dnsmasq again won't suffer from it. By default dnsmasq started by NEtworkManager only listens on 127.0.0.1 while ::1 also exists, I want it to be also listened on in case anything decides to try querying with it. DNSSEC is not checked by default while I want that behaviour, but as I am using OpenDNS I cannot make it verify unsigned zones are unsigned :( Also add symlink to trust-anchors.conf that should ship with DNSSEC to avoid having to deal with it manually. It should work as a reminder that it's also needed.	2016-12-14 11:54:48 +02:00
Mikaela Suomalainen	1ba8dd4137	systemd: snapd.refresh.service override It fails on laptops thanks to not being able to do DNS resolution thanks to network connection not existing during boot. Now it fails to `Download snap "ubuntu-core" (423) from channel "stable" (cannot authenticate to snap store: Provided email/password is not correct.)` which is process and appears to not be my issue.	2016-12-13 19:30:32 +02:00
Mikaela Suomalainen	56de53ee30	systemd: only override issues with stock units Only oidentd.socket and miredo.service were copied instead of being units that exist in the system and they don't need to do anything else than fix the issue I have with the stock units. * oidentd.socket is IPv6-only on my systems unless is BindIPv6Only=both. because of net.ipv6.bindv6only=1 * miredo.service is here because it starts before there is network connection (network-online.target) and there is never network connection with laptops before they are connected to WLAN even if NetworkManager might be up seeking/connecting to network.	2016-12-13 19:22:26 +02:00
Mikaela Suomalainen	0925e0d23e	somewhat rewrite etc/resolv.conf	2016-12-08 11:13:22 +02:00
Mikaela Suomalainen	2151d9b602	etc/resolv.conf: add commented OpenDNS just in case And possibly helpful comments, I wish they started doing DNSSEC.	2016-11-29 10:44:25 +02:00
Mikaela Suomalainen	314a03ee24	sysctl: increase vm.swappiness to 10	2016-07-25 17:01:12 +03:00
Mikaela Suomalainen	299b5ce108	redshift: use coordinates of Lauttasaari	2016-05-17 21:28:43 +03:00
Mikaela Suomalainen	6b6cefb9cd	export XCURSOR_DISCOVER=1 Workarounds invisible cursor issue and I think it doesn't hurt even when that issue isn't encountered.	2016-04-15 21:15:06 +03:00
Mikaela Suomalainen	e99cffb130	sources.list: 16.04.archive.ubuntu.com This shouldn't be used, but this is the only working way through "hash sum mismatch".	2016-04-14 09:05:38 +03:00
Mikaela Suomalainen	f91e9c6a2b	ydns-simple --> ydns6	2016-04-11 15:34:28 +03:00
Mikaela Suomalainen	bdc742b728	NetworkManager.conf: add captive portal check	2016-03-31 15:41:37 +03:00
Mikaela Suomalainen	070f879946	etc/xdg/autostart: add chromium & chrome	2016-03-15 11:13:23 +02:00
Mikaela Suomalainen	36b99e8679	sysctl: enable Magic SysRq key	2016-03-03 16:12:33 +02:00
Mikaela Suomalainen	f2451906ce	etc/NetworkManaer/NetworkManager.conf	2016-02-04 12:00:25 +02:00
Mikaela Suomalainen	c772dd308f	sysctl.d: 40-ipv6.conf	2016-02-04 11:45:03 +02:00
Mikaela Suomalainen	9a662594d2	Fix #87 (explain ssh_config UseRoaming no)	2016-01-14 20:37:51 +02:00
Mikaela Suomalainen	bbfb63dabd	unify the two ssh_config files (fix typos)	2016-01-14 16:59:18 +02:00
Mikaela Suomalainen	9d5db7ee3c	ssh_config: add "UseRoaming no" https://twitter.com/msfriedl/status/687635945642967040	2016-01-14 16:47:30 +02:00
Mikaela Suomalainen	e80dbd29fe	etc/nginx/host: enable http2	2016-01-13 12:05:35 +02:00
Mikaela Suomalainen	d903ba5985	sshd_config: no instead of No Permitrootlogin had it for some reason and Jolla's sshd didn't like it.	2016-01-06 10:17:33 +02:00
Mikaela Suomalainen	f1817f4014	sources.list: I don't maintain devel	2015-12-28 14:50:21 +02:00
Mikaela Suomalainen	c0503fab51	sources.list/ubuntu: fix apt-key command	2015-12-28 14:48:31 +02:00
Mikaela Suomalainen	fb9961be7b	unbound.d/logging.conf: I need verbosity 2 1 doesn't seem to tell me when things start randomly failing.	2015-12-18 11:37:47 +02:00
Mikaela Suomalainen	8804f7e9f6	etc/unbound/unbound.conf.d: logging.conf Logging to systemd-journald (journalct) with verbosity 1.	2015-12-18 09:52:18 +02:00
Mikaela Suomalainen	a187ae584d	profile: numlockx on	2015-12-15 20:06:23 +02:00
Mikaela Suomalainen	2dce923a56	etc/apt/sources.list: commented Ubuntu MATE	2015-12-15 18:11:50 +02:00
Mikaela Suomalainen	8342c97bc2	git rm 15.04	2015-12-15 18:07:34 +02:00
Mikaela Suomalainen	9431381b93	sources.list: add Ubuntu 16.04	2015-11-06 09:14:27 +02:00
Mikaela Suomalainen	f58977d151	unbound forwards.conf: add commented trex dns64	2015-10-26 08:58:36 +02:00
Mikaela Suomalainen	50d27ca7b6	etc/xdg/autostart: add clipit	2015-10-25 14:30:42 +02:00
Mikaela Suomalainen	4257dcfb37	etc/xdg/autostart/redshift: add comment on Kotka	2015-10-25 14:27:06 +02:00
Mikaela Suomalainen	2154ee9b01	etx/xdg/autostart: cleaning	2015-10-25 14:26:24 +02:00
Mikaela Suomalainen	a5ca47e88d	nginx: X-Xss-Protectio & -Content-Type-Options via https://securityheaders.io/ via znc/znc#1168	2015-10-25 09:18:34 +02:00
Mikaela Suomalainen	47eac3b6eb	sources.list README: add wget method	2015-10-17 14:31:48 +03:00
Mikaela Suomalainen	650829aea9	nginx: add Upgrade Insecure Requests http://caniuse.com/#feat=upgradeinsecurerequests	2015-09-23 17:50:11 +03:00
Mikaela Suomalainen	02f4f2f0d4	profile.d/mikaela.sh: set TZ to $(date +%Z) Also remove the commented Steam thing as it's Antergos-only issue.	2015-09-13 10:46:38 +03:00
Mikaela Suomalainen	c42ae8eb43	ssh: also send EDITOR	2015-09-12 11:45:42 +03:00
Mikaela Suomalainen	fdf8255372	ssh: send/accept also TZ TERM	2015-09-12 11:42:44 +03:00
Mikaela Suomalainen	0f00443a7b	sshd_config: mention the LC_ALL anyway my config files are horrible, too many comments.	2015-09-06 18:42:36 +03:00
Mikaela Suomalainen	96ca38818f	sshd_config: don't talk so much about locales	2015-09-06 18:40:02 +03:00
Mikaela Suomalainen	801e3e0941	sshd_config: AcceptEnv LANG, LANGUAGE LC_* but not LC_ALL and there is no asterisk, the varibles are allowed separately. It's very unlikely that someone invents a new locale type.	2015-09-06 18:36:48 +03:00
Mikaela Suomalainen	a3d5fbd9d7	sshd_config: http://serverfault.com/a/660325	2015-09-06 18:27:50 +03:00
Mikaela Suomalainen	a0352630fd	sshd_config: verbose logging of sftp	2015-09-06 17:37:34 +03:00
Mikaela Suomalainen	8d55bc53db	sshd_config: use internal sftp & fixes thanks again @grawity	2015-09-06 17:20:12 +03:00
Mikaela Suomalainen	c82b706942	fix `7470403158` thanks @DarthGandalf and @grawity on #znc	2015-09-06 17:13:21 +03:00
Mikaela Suomalainen	7470403158	sshd_config: add Fedora & Gentoo sftp-server thanks Conjuro and @DarthGandalf on #znc	2015-09-06 17:09:55 +03:00
Mikaela Suomalainen	774346c8d0	fix sshd_config	2015-09-06 08:42:29 +03:00
Mikaela Suomalainen	68c6da5aec	ssh_config: fix comments	2015-09-06 08:15:17 +03:00
Mikaela Suomalainen	dc9f8b0ab5	sort sshd_config	2015-09-06 08:12:41 +03:00
Mikaela Suomalainen	c3f351d21f	sshd_config: add commented AcceptEnv and reason why it's commented, security, ShellShock worked with remotely sent environent variables even with restricted accounts.	2015-09-06 07:33:32 +03:00
Mikaela Suomalainen	90c86466dd	ssh_config: also sendenv LANGUAGE	2015-09-06 07:30:41 +03:00
Mikaela Suomalainen	6fc4b6a29b	ssh_config: add missing dot	2015-09-05 23:50:31 +03:00
Mikaela Suomalainen	28c2f0b8d8	ssh_config: SendEnv LANG LC_*	2015-09-05 23:46:00 +03:00
Mikaela Suomalainen	c50516ced3	etc/xdg/autostart: add redshift-gtk	2015-09-05 22:57:45 +03:00
Mikaela Suomalainen	c2b93abe27	relevant systemd services: after network-online	2015-09-05 09:07:41 +03:00
Mikaela Suomalainen	bd3ee60e61	ssh_config: fix paste fail	2015-09-02 08:33:02 +03:00
Mikaela Suomalainen	66f604a6dd	ssh_config: add UpdateHostKeys yes	2015-09-02 08:15:16 +03:00
Mikaela Suomalainen	c05b52354f	sshd_config: restore Client* I am sure I committed them already, but they have disappeared somewhere. Maybe I accidentally overwrote them.	2015-09-01 17:37:33 +03:00
Mikaela Suomalainen	888686ef48	etc/ssh/copy: add verbosity	2015-09-01 17:32:56 +03:00
Mikaela Suomalainen	c2c0c4fa08	etc/ssh: add copy script	2015-09-01 17:31:42 +03:00
Mikaela Suomalainen	25bf96e30a	ssh_config: my ssh key is not system-wide	2015-09-01 17:16:37 +03:00
Mikaela Suomalainen	96dfc06668	ssh_config: remove unrelated comments	2015-09-01 17:06:33 +03:00
Mikaela Suomalainen	defa0b9df1	etc/ssh: add ssh_config	2015-09-01 16:48:27 +03:00
Mikaela Suomalainen	4cdf8dfe71	sshd_config: add ClientAliveCountMax ClientAliveInterval	2015-09-01 16:40:56 +03:00
Mikaela Suomalainen	73e9e99d9c	sshd_config: cleaning up	2015-08-30 16:54:21 +03:00
Mikaela Suomalainen	c922d0aa37	etc/ssh/sshd_config: fix banner	2015-08-28 19:25:26 +03:00
Mikaela Suomalainen	7e4bbfba5a	sshd_config: also remove ecdsa keys	2015-08-28 14:29:34 +03:00
Mikaela Suomalainen	04df2e532b	update sshd_config from Arch OpenSSH 7.1p1-1 Note the sftp subsystem which differs between at least Debian and Arch.	2015-08-28 14:00:25 +03:00
Mikaela Suomalainen	f69a361ed1	sshd_config: deprecate dsa	2015-08-28 13:54:36 +03:00
Mikaela Suomalainen	ae6651cd47	systemd: add reflector.service	2015-08-25 14:13:44 +03:00
Mikaela Suomalainen	7ff510b42b	add etc/install Closes #74	2015-08-22 15:10:01 +03:00
Mikaela Suomalainen	bec7aced22	etc/systemd/system: README updates	2015-08-21 19:27:40 +03:00
Mikaela Suomalainen	76633ba61d	add etc/unbound/dnscrypt-proxy.conf	2015-08-21 19:16:12 +03:00
Mikaela Suomalainen	18931c320a	add dnscrypt proxy services Thanks @Fusl Fixes #63	2015-08-21 19:09:39 +03:00
Mikaela Suomalainen	dc5531dfcd	cleaning etc/systemd/system	2015-08-21 19:06:11 +03:00
Mikaela Suomalainen	c4dcb39b8c	nginx: remove the neverused vhost	2015-08-20 20:47:18 +03:00
Mikaela Suomalainen	3a32185433	etc/nginx/sites-availble: add X-Frame-Options	2015-08-20 20:36:32 +03:00
Mikaela Suomalainen	a06465d161	unbound: move forwards.conf under unbound.conf.d	2015-08-20 18:39:40 +03:00
Mikaela Suomalainen	2ab0601c8d	systemd: remove dnscrypt-proxy & add miredo	2015-08-20 18:29:00 +03:00
Mikaela Suomalainen	3065c552da	resolv.conf: add ::1 anyway	2015-08-20 15:24:57 +03:00
Mikaela Suomalainen	c8dcba24a3	major cleaning	2015-08-20 15:22:22 +03:00
Mikaela Suomalainen	baff3f7dd1	clean resolv.conf	2015-08-20 15:09:13 +03:00
Mikaela Suomalainen	e3b067cf5d	etc/resolv.conf: swap Google DNS I prefer them to be in order primary and seconary if I use both and as IPv6 is above it should be the primary making IPv4 below secondary.	2015-08-16 12:07:59 +03:00
Mikaela Suomalainen	a55ab90ca3	resolv.conf: replace OpenDNS with Google If both Google servers go down, there are still the others which unbound that I run on all devices is using.	2015-08-16 12:05:50 +03:00
Mikaela Suomalainen	f6b562f517	comment on etc/resolv.conf	2015-08-16 11:30:06 +03:00
Mikaela Suomalainen	518a5c2a17	sources.list: add (Ubuntu) devel	2015-08-06 12:01:21 +03:00
Mikaela Suomalainen	93d775c3a5	fix etc/profile.d/mikaela.sh	2015-07-29 10:16:30 +03:00
Mikaela Suomalainen	632f2f2b6b	sources.list: clean Ubuntu ones	2015-07-29 10:04:54 +03:00
Mikaela Suomalainen	741c6a8571	sources.list/ubuntu: add commented proposed Closes #79	2015-07-28 19:23:48 +03:00
Mikaela Suomalainen	aeeed423df	sources.list/ubuntu: coment ddebs	2015-07-28 19:09:26 +03:00
Mikaela Suomalainen	95dc6cfa17	sources.list: ubuntu: add ddebs.ubuntu.com https://wiki.ubuntu.com/DebuggingProgramCrash	2015-07-28 19:06:38 +03:00
Mikaela Suomalainen	fa44f85e48	sources.list: chmod +x install*	2015-07-28 18:59:03 +03:00
Mikaela Suomalainen	6b527a87cb	sources.list: 14.10 is EOL	2015-07-24 09:06:19 +03:00
Mikaela Suomalainen	2ba606cce6	nginx: HSTS: subdomains & preload	2015-07-22 12:55:51 +03:00
Mikaela Suomalainen	ff94369b6d	sources.list/README: add missing rm	2015-07-12 11:52:28 +03:00
Mikaela Suomalainen	93e5eab3f5	sources.list: fix install scripts	2015-07-12 11:39:41 +03:00
Mikaela Suomalainen	b4f3ac370e	sources.list/install: add missing shebang	2015-07-12 11:36:38 +03:00
Mikaela Suomalainen	87ffc8515e	sources.list: improve README	2015-07-12 11:35:53 +03:00
Mikaela Suomalainen	8783d0d5b7	sources.list: add install scripts Closes #78	2015-07-12 11:26:47 +03:00
Mikaela Suomalainen	2fd3c3986b	sources.list: add README & touch scripts ref: #78	2015-07-12 11:21:38 +03:00
Mikaela Suomalainen	60402c6999	sources.list: add forgotten stretch	2015-07-12 11:06:03 +03:00
Mikaela Suomalainen	abc4060a3a	sources.list: add sid so both scripts work	2015-07-12 11:03:51 +03:00
Mikaela Suomalainen	6400fd909e	sources.list: rename debian* to codenames So they are compatible with the function which uses `lsb_release -sr`.	2015-07-12 10:51:19 +03:00
Mikaela Suomalainen	f98e2a4375	somewhat rewrite etc/oidentd.conf	2015-07-09 10:48:28 +03:00
Mikaela Suomalainen	cf13b0faaf	sources.list/squeeze: add squeeze-lts	2015-07-07 17:10:43 +03:00
Mikaela Suomalainen	b16ae44601	Revert "services: remove unneeded pidfiles" This reverts commit `98093edc99`. * * * * * They aren't needed if systemd starts the service, but what if user services are used together with cron and liching isn't allowed?	2015-07-07 10:10:10 +03:00
Mikaela Suomalainen	b6969cd7fe	rm debianu as git didn't like it	2015-07-06 15:22:23 +03:00
Mikaela Suomalainen	0a8c630265	http.debian.net --> httpredir.debian.org I was told that it moved and moving to debian.org means that it's now officially supported :)	2015-07-06 15:18:25 +03:00
Mikaela Suomalainen	fe1890ea34	debianu --> sid & ln -s sid debianu sid makes more sense and as it has static codename, why to not use it?	2015-07-06 15:08:42 +03:00
Mikaela Suomalainen	805f669954	sources.list: add supported Debians also remove the top line and add debianu for unstable.	2015-07-06 15:05:31 +03:00
Mikaela Suomalainen	6cb22a6de2	sysctl/60-mikaela.conf: mention systemd-networkd	2015-06-24 16:09:05 +03:00
Mikaela Suomalainen	a5de194c6f	fix sysctl.d/60-mikaela.conf EUI-64, not SLAAC & privacy extensions for all	2015-06-24 15:12:11 +03:00
Mikaela Suomalainen	1f1d071e5e	systemd/network: rename enp… eth0 & timesyncd	2015-06-07 19:12:15 +03:00
Mikaela Suomalainen	47b05e1bd9	fix aliendalvik-stopper.service	2015-05-27 12:09:31 +03:00
Mikaela Suomalainen	4391fb5c19	systemd: aliendalvik-stopper	2015-05-27 12:00:35 +03:00
Mikaela Suomalainen	bf03a22823	systemd/system: update README https://wiki.freedesktop.org/www/Software/systemd/NetworkTarget/#cutthecraphowdoimakenetwork.targetworkforme	2015-05-23 11:29:18 +03:00
Mikaela Suomalainen	3370327db0	ydns-simple service & timer	2015-05-22 20:15:23 +03:00
Mikaela Suomalainen	9ac3c776d7	sysctl.d: net.ipv6.conf.default.use_tempaddr	2015-05-14 19:04:35 +03:00
Mikaela Suomalainen	e512759368	fix resolv.conf	2015-05-14 00:16:49 +03:00
Mikaela Suomalainen	e660ec9b21	resolv.conf: use IPv4 localhost because of the other files I added maybe in previous commit	2015-05-13 22:27:22 +03:00
Mikaela Suomalainen	17b5596d80	etc: dnscrypt	2015-05-13 22:20:28 +03:00
Mikaela Suomalainen	8e952350e7	etc/resolv.conf: don't be so verbose	2015-05-13 20:52:48 +03:00
Mikaela Suomalainen	b761f8f5ed	add etc/resolv.conf	2015-05-13 20:49:35 +03:00
Mikaela Suomalainen	cbbd9dcf2c	nginx/host: enable HSTS	2015-05-12 18:41:24 +03:00
Mikaela Suomalainen	8e433e3660	etc/xdg/autostart: README, linphone, redshift§	2015-05-08 09:08:30 +03:00
Mikaela Suomalainen	43af7aef52	sources.list: rm ubuntu	2015-05-05 07:56:39 +03:00
Mikaela Suomalainen	adb361bc0e	sources.list: 15.10	2015-05-05 07:56:11 +03:00
Mikaela Suomalainen	a9eaecf61c	unbound: add dns.watch & puntcat	2015-05-01 17:05:58 +03:00
Mikaela Suomalainen	0510858a0d	etc/unbound: remove non-DNSSEC resolvers	2015-05-01 15:10:49 +03:00
Mikaela Suomalainen	e9ad27c7ff	etc/systemd/network: add enp0s18.network from Rbtpzn	2015-04-29 10:41:42 +03:00
Mikaela Suomalainen	9e37b3b2d8	etc: nsswitch.conf, not fully	2015-04-28 13:14:25 +03:00
Mikaela Suomalainen	27d24a81b1	copy ipv6 services	2015-04-23 22:38:30 +03:00
Mikaela Suomalainen	3d54d51c24	rm dnsmasq & fedora I am not using either. The only Fedora here was Pidora and it has died some time ago and the project is a little slow. I am currently wondering whether to start learning FreeBSD by putting it on the Pi.	2015-04-22 22:50:54 +03:00
Mikaela Suomalainen	f74a76250b	Rename Manjaro --> Arch I didn't ever try Manjaro outside of Virtualbox and I have learned that Manjaro is not good. I am currently using Antergos which is Arch + one custom repo, so I feel I can rename to Arch.	2015-04-22 22:42:01 +03:00
Mikaela Suomalainen	146738e147	etc: add oidentd.conf This file is not shipped on Arch.	2015-04-22 22:27:24 +03:00
Mikaela Suomalainen	3b976e3cd4	move sysctl from \*rc functions to etc/sysctl.p/	2015-04-22 22:20:30 +03:00
Mikaela Suomalainen	9d5721899e	systemd units: add oidentd.socket With my sysctl config oidentd is IPv6 only unless `BindIPv6Only=both` is added.	2015-04-22 22:12:06 +03:00
Mikaela Suomalainen	bb8d854150	NO MORE UNBREAKABLE SPACE! :D (Serious commit messages™)	2015-04-10 18:36:06 +03:00
Mikaela Suomalainen	55e4921e64	etc/profile.d: copy from Antergos just in case	2015-04-08 20:08:07 +03:00
Mikaela Suomalainen	a5c9156eb4	sources.list/15.04: drop extras.ubuntu.com It's dead https://bugs.launchpad.net/ubuntu/+source/apt-setup/+bug/1409555	2015-04-05 23:21:44 +03:00
Mikaela Suomalainen	ca7f295036	map compose to left super	2015-03-23 09:17:02 +02:00
Mikaela Suomalainen	a2712ca422	etc: add x keyboard	2015-03-23 09:15:52 +02:00
Mikaela Suomalainen	8729f1cb37	Ubuntu 14.10 sources.list: fix Ubuntu MATE PPA Ubuntu MATE decided to change their PPA and the install image most likely will be missing this change, so I must add it here. https://ubuntu-mate.org/blog/ubuntu-mate-utopic-ppa/	2015-03-19 21:54:35 +02:00
Mikaela Suomalainen	bf5409616a	etc/nginx readme: add manjaro other than php	2015-03-13 15:40:24 +02:00
Mikaela Suomalainen	b1e1581fe3	unbound: add manjaro closes #69	2015-03-13 15:08:19 +02:00
Mikaela Suomalainen	6457bc4361	unbound: add config for Pidora ref: #69	2015-03-12 11:46:37 +02:00
Mikaela Suomalainen	6820fa23d7	fix unbound config files	2015-03-12 11:44:03 +02:00
Mikaela Suomalainen	d2e8d49ec2	unbound: disable OpenDNS Missing DNSSEC causes my Pidora to SERVFAIL. Now checking if this is cause of #69...	2015-03-12 11:33:52 +02:00
Mikaela Suomalainen	73ffff658c	mysql: fix unicode.cnf https://mathiasbynens.be/notes/mysql-utf8mb4	2015-02-27 11:12:04 +02:00
Mikaela Suomalainen	c391357cf7	sources.list: add security.ubuntu.com & rm MATE For some reason I had thought that the default installation uses local mirror instead of the main repo so I used that. I also removed MATE now as it causes dupliate warnings with Ubuntu MATE and it's not needed starting from 15.04. It's also not difficult to find.	2015-02-27 10:10:58 +02:00
Mikaela Suomalainen	de26949c16	unbound: uncomment the dnssec line it seems that I am accidentally removing the trust anchor includer file…	2015-02-19 18:43:08 +02:00
Mikaela Suomalainen	98093edc99	services: remove unneeded pidfiles	2015-02-19 14:30:49 +02:00
Mikaela Suomalainen	ca71eef52e	fix supybot.service ref: #63	2015-02-19 14:16:15 +02:00
Mikaela Suomalainen	766a756914	add untested supybot.service	2015-02-19 14:06:53 +02:00
Mikaela Suomalainen	f54bc8d573	add znc.service Ref: #63 - based on the included unit file and znc/znc#647	2015-02-19 12:42:45 +02:00
Mikaela Suomalainen	44b2b2ada9	etc: import mariadb conf.d	2015-02-16 13:58:37 +02:00
Mikaela Suomalainen	fc35481c8d	unbound: fix access-control.conf * .conf was missing from the end * comment access allowing * fix wrong CIDR	2015-02-12 08:22:02 +02:00
Mikaela Suomalainen	6c06e01f0f	etc/resolv.conf.d/head: remove commented DNS servers they are in etc/unbound/unbound.conf.d/forwards.conf	2014-12-31 16:55:26 +02:00
Mikaela Suomalainen	a45d82b0b0	unbound: rm dnsmasq.conf	2014-12-29 16:04:24 +02:00

... 14 15 16 17 18 ...

1556 Commits