Commit Graph

884 Commits

Author SHA1 Message Date
738ddcbfaf
firefox policies: add EnableTrackingProtection 2024-02-01 19:43:03 +02:00
f0fe1a93b2
firefox policies: add DoH 2024-02-01 19:36:26 +02:00
2c67c85786
rm etc/librewolf: it's not read and overrides LibreWolf customizations 2024-02-01 19:07:40 +02:00
f37ec89f3f
etc/firefox/policies/policies.json: initial commit (just PrivacyBadger and LibreAwoo symlink so far) 2024-02-01 18:50:13 +02:00
b53f8f6f52
chroium policy: default_unpin fedora user agent 2024-01-31 18:49:16 +02:00
e1eae5dd48
chromium policies: throw in Dark Reader and Bitwarden 2024-01-31 14:28:14 +02:00
7cb754def8
chrome policies: force_enable HttpsOnlyMode 2024-01-31 14:12:21 +02:00
23bcc0e908
test managed chrome profilies 2024-01-31 13:43:10 +02:00
bc39daa2ed
unbound/insecure-domains: add norwegianwifi.com
while it's unlikely for me to run unbound on flight
2024-01-27 13:09:14 +02:00
57ac0a8c7a
systemd: add nordvpnd.service.d 2024-01-27 10:20:55 +02:00
7c9aaef375
systemd/service.d: add iwd.conf & network-online.conf 2024-01-27 10:19:08 +02:00
58bc1dd726
systemd-networkd/wlan: comments for when iwd doesn't manage network 2024-01-27 10:18:18 +02:00
e9b77cbc05
etc/iwd/main.conf: disable network configuration 2024-01-27 10:15:54 +02:00
73604ae80f
systmed-timesyncd: add {google,facebook}.conf commented 2024-01-26 10:47:18 +02:00
cc76eb7d5c
timesyncd.conf.d/finland: add ntp.miuku.net
It would have NTS and this is hoping for systemd-timesyncd to support it one day
2024-01-26 10:44:55 +02:00
e3381049b5
systemd-timesyncd/hetzner: replace with individual servers 2024-01-26 10:43:07 +02:00
3b3f1c5193
chrony/ntppool.sources: add zone links to comments 2024-01-25 09:40:34 +02:00
e2e130ea5d
chrony/sources.d/hetzner.sources: replace pool with individual servers 2024-01-24 20:32:23 +02:00
ff1bc7b3ba
nts-servers.sources: no preferring non-ISP servers 2024-01-24 20:00:22 +02:00
e246d21038
chrony/sources: add the ntppool.sources although commented 2024-01-24 18:04:15 +02:00
48976cacce
chrony/sources.d: prefer ISP and CF
The ISP should be closest server to sync to and Cloudflare is anycast with
potentially lower stratum than the other nts servers. 'nts' implies 'require'
and 'trust' already and other servers get picked over lower stratum although
higher distance.
2024-01-24 10:57:52 +02:00
8a93a2a9ac
unbound: another accidental rewrite of nordvpn.conf, now with IPv6 2024-01-23 09:20:13 +02:00
e5fb27a15e
nts-servers.sources: System76 is actually not an NTS pool 2024-01-22 12:56:20 +02:00
9e0333908d
nts-servers.sources: bring the uncommented Finnish server closer to top 2024-01-22 12:53:53 +02:00
9c90a36069
chrony/nts-servers.sources: update System76 entries, increase their line numbers 2024-01-22 12:52:44 +02:00
7a2b36864b
systemd-resolved/nordvpn.conf: add what appears to be their IPv6 2024-01-20 12:41:21 +02:00
62fc911835
systemd-resolved: accidentally rewrit nordvpn.conf
Now accounting for precense of unbound as a maybe fallback resolver
2024-01-20 12:35:23 +02:00
7ec7937d2f
chrony: add ntp.miuku.net 2024-01-17 13:16:37 +02:00
ddbd1acca0
ssh: disable RSA host key 2024-01-12 13:50:49 +02:00
53c78384e0
etc/apt/sources.list: rm ubuntu*
Seems pretty outdated and I cannot see the purpose.
2024-01-07 12:33:53 +02:00
2b4487fccb
etc/sources.list.d: add untested nordvpn.list for the only Debian around 2024-01-07 12:29:49 +02:00
7748d64ad7
systemd: deduplicate qbittorrent, add qbittorrent-nox@.service overrides 2024-01-06 12:34:44 +02:00
86575ddd37
etc/sudoers.d/lecture: rewrite comment including superuser & serverfault links 2024-01-05 13:17:22 +02:00
0f5dceed49
etc/sudoers.d: add nordvpn 2024-01-05 12:56:06 +02:00
39dffa8939
systemd service.d: move common explanations from never-fail.conf to README.md 2024-01-04 12:35:48 +02:00
d99566d26f
systemd/service.d: add nordvpn.conf 2024-01-04 12:31:11 +02:00
8a73d0fd63
unbound.conf.d: add nordvpn.conf 2024-01-04 12:28:38 +02:00
aa97b82e31
systemd-resolved: add nordvpn.conf 2024-01-04 12:25:53 +02:00
8771c98645
etc/yum.repos.d/brave-*: remove unknown option autorefresh 2024-01-04 07:45:11 +02:00
09b64835f7
etc/yum.repos.d/nordvpn.repo: initial commit
I don't want to use their curlbash and I am considering a Revolut plan that would include their standard plan as well
2024-01-03 16:54:59 +02:00
bb60cbe8e6
yum/repos.d/librewolf-repo.repo: correct repo name 2024-01-03 16:53:38 +02:00
e4c6ff7569
etc/sudoers.d: add lecture for always giving the first time lecture 2024-01-02 10:54:53 +02:00
9a0895e412
unbound: merge dot-quad9-ecs.conf into dot-quad9.conf 2023-12-31 16:38:05 +02:00
dba9d4c908
unbound/dot-dns0-*.conf: merge to dot-dns0.conf 2023-12-30 15:46:22 +02:00
a6dd953817
etc/dracut.conf.d/10-asahi.conf: workaround F40 kernel update failures 2023-12-29 13:26:25 +02:00
feef4cbba5
bluetooth.service.d: clarify comments on tested distros & ponder name 2023-12-28 21:30:26 +02:00
be618810c5
bluetooth.service.d: drop fedora- from experimental.conf 2023-12-28 21:28:27 +02:00
f31cb882a5
practically rewrite etc/resolv.conf 2023-12-26 10:51:30 +02:00
9d69584103
Revert "systemd/service.d: add for-network-online.conf so the service is enabled for that"
This reverts commit 0dc32a525a.
2023-12-25 21:26:10 +02:00
fc91247cd1
Revert "yggdrasil.service.d: also allow yggdrasil to start before network-online"
This reverts commit fbc82b81f4.
2023-12-25 21:25:44 +02:00
68fc6be7b9
Revert "unbound.service.d: add the for-network-online.conf"
This reverts commit 6ba99feb58.
2023-12-25 21:25:22 +02:00
85dbc413f0
systemd/system: write tlp-masker.bash instead of having symlinks to /dev/null 2023-12-25 17:27:30 +02:00
7d8fe8c1fa
systemd/system/README: attempt to fix formatting 2023-12-25 17:03:14 +02:00
0327162daa
systemd-resolved: double dnssec 2023-12-25 15:48:23 +02:00
f8f71d77a2
resolv.conf: add systemd-resolved default as a comment too 2023-12-25 15:40:41 +02:00
4286b4a22f
systemd: add start-unbound.service 2023-12-25 15:39:35 +02:00
fbc82b81f4
yggdrasil.service.d: also allow yggdrasil to start before network-online 2023-12-25 12:41:46 +02:00
214966ae54
unbound.service.d: rm WRONG fedora-network-pre.conf 2023-12-25 12:40:40 +02:00
6ba99feb58
unbound.service.d: add the for-network-online.conf 2023-12-25 12:39:58 +02:00
0dc32a525a
systemd/service.d: add for-network-online.conf so the service is enabled for that 2023-12-25 12:38:05 +02:00
5f6e07f353
etc/…/dnf.conf: note RPMCoW plugin in comment on delta RPMs 2023-12-18 09:00:49 +02:00
3f0557b1d0
move & update pipewire-media-session notes to wireplumber 2023-12-17 21:56:45 +02:00
2222ebd249
wireplumber: note package pipewire-codec-aptx 2023-12-17 21:48:57 +02:00
e9fe061b2c
etc/sudoers.d: add insults 2023-12-15 13:04:08 +02:00
dc1fa5e65d
wireplumber/61-more-codecs.lua: note that all disables HQ playback 2023-11-30 10:43:01 +02:00
b770e2f51d
etc/wireplumber: don't artificially restrict codecs 2023-11-30 10:38:06 +02:00
90556db965
bluetooth.service.d: add steamos-experimental.conf 2023-11-29 09:54:28 +02:00
88bfa88985
experimental wireplumber configuration 2023-11-29 09:44:35 +02:00
9853513f01
dnf: disable DeltaRPMs 2023-11-27 09:12:45 +02:00
91428c51af
systemd-resolved: git rm dot-nextdns.conf 2023-11-26 16:23:31 +02:00
1abfd94f01
systemd-resolved/dot-dns0: merge lines 2023-11-26 16:23:12 +02:00
b583b8a6d4
systemd-resolved/*.conf: add appliedprivacy DoTo443 as a comment 2023-11-26 16:19:55 +02:00
dee168e287
systemd-resolved: merge provider configs 2023-11-26 16:18:15 +02:00
fa3fc72afb
systemd-resolved: cleanup configs I don't recommend 2023-11-26 16:12:38 +02:00
16ddfd92e8
chrony/sources.d: rethink yggdrasil.sources 2023-11-22 11:28:21 +02:00
865e816384
chrony/finland.sources: enable xleave for the known Chrony 2023-11-22 10:17:32 +02:00
88f443911f
chrony/yggdrasil.sources: comment kincarron, unlikely to return in near future 2023-11-22 08:38:40 +02:00
b9bc665e07
chrony/nts-servers.sources: comment sources not in Finland 2023-11-22 08:38:12 +02:00
6918ac27d4
yum.repos.d: add mullvad.repo 2023-11-20 21:27:48 +02:00
da99ce785f
chrony/conf.d: add .FIXME suffix to ca-certificates.conf, clarifying comments 2023-11-16 20:19:39 +02:00
428802a4fd
unbound: rm mullvad configuration
It's wrong and I am not currently using it
2023-11-12 12:51:54 +02:00
e825c1dac3
systemd-resolved: dot-mullvad.conf: update domains, add commented other server options 2023-11-12 12:51:07 +02:00
60b3c620fb
systemd-resolved: rm dot-mullvad-adblock.conf 2023-11-12 12:46:35 +02:00
f64b94894c
resolv.tsv: update Mullvad addresses 2023-11-12 12:45:43 +02:00
4f2f41762c
etc/yum.repos.d: note LibreWolf upstream documentation 2023-11-11 18:27:55 +02:00
35b90b6d06
resolv.tsv: update/add/fix Mullvad offering 2023-11-10 15:14:42 +02:00
d2c6f99401
ssh_config: remove deprecated option useroaming
Even Debian Bookworm mentions it as deprecated in ssh -vvv and I seriously doubt I have such old SSH running anywhere
2023-10-28 22:27:06 +03:00
4f87dd6221
samba/playstation2.conf: specify hosts allow 2023-10-28 20:35:08 +03:00
ad59c45eb3
yum.repos.d/README.md: update Yggdrasil address 2023-10-28 18:12:51 +03:00
b6ecd1b173
systemd-resolved: keep DNSSEC enabled 2023-10-21 11:27:07 +03:00
7b4d791d07
flatpak-update.timer: increase frequency 2023-10-19 10:43:55 +03:00
94c23e2f7d
etc/nginx: fix line endings and indentation
UNTESTED! TODO WIP etc.?
2023-10-19 09:27:55 +03:00
90edac262a
resolved.conf.d: add dot-dns0-appliedprivacy.conf in style of quad9-ecs-appliedprivacy 2023-10-14 19:18:45 +03:00
79210446ed
local/share/applications: add SteamOS-kscreenlocker.desktop symlink 2023-10-09 12:54:34 +03:00
5419ff1bc7
move submodule to submodules/ 2023-10-09 12:50:52 +03:00
b8f1aa69dd
unbound/00-insecure-domains.conf: add router.asus.com 2023-10-07 13:10:07 +03:00
1eeef2f511
resolved: add dot-quad9-ecs-appliedprivacy.conf for Steam Deck purposes 2023-10-01 19:06:46 +03:00
5297140958
systemd/limnoria.service: place limit on memory, commented cpuquote 2023-10-01 10:47:06 +03:00
024fd40e87
git rm etc/hosts.append
https://gitea.blesmrt.net/mikaela/gist/src/branch/master/DNS/blocklist.txt
2023-09-30 17:39:47 +03:00
d7acebbe45
chrony/sources.d/yggdrasil: remove Teknologia Avoimeksi 2023-09-30 17:38:45 +03:00