Commit Graph

1513 Commits

Author SHA1 Message Date
7b83f84633
unbound/dns-over-tls.conf: add AdGuard DNS
I am surprised it actually works with DNSSEC validation enabled
2019-07-22 16:12:09 +03:00
ffbbe9e522
unbound: replace forwards.conf with dns-over-tls.conf
Simultaneously rm puntcat, their DNS appears to be down at the moment
and I didn't find their own homepage.
2019-07-22 16:05:05 +03:00
6ed44de3d1
unbound.conf.d: clarify logging.conf in a comment 2019-07-22 15:27:27 +03:00
bb14632b9a
unbound: add another Debian default 2019-07-22 15:16:34 +03:00
3b9acff361
etc/unbound add unbound.conf & unbound-control.conf
copy-pastes from Debian & Arch Wiki, however unbound-control in status
no as I guess it can be a hole most of time.
2019-07-22 15:14:11 +03:00
5569a1129c
unbound.conf.d/dnscrypt-proxy.conf: update for dnscrypt-proxy v2
Closes #121
2019-07-22 15:12:49 +03:00
fc5fb4d7bd
b6a511d6a6: add comments 2019-07-20 11:37:28 +03:00
b6a511d6a6
etc: backup some apt.conf.d & preferences.d files 2019-07-20 11:09:42 +03:00
9ae1da52ac
tmux.conf: comment line making new version unhappy 2019-07-18 20:13:14 +03:00
41f44924be
dnscrypt-proxy.toml: note 2.0.24 fastest -> first 2019-07-14 18:36:31 +03:00
117801ec9d
dnscrypt-proxy: fix comments
Resolves: #120
2019-07-14 18:15:35 +03:00
646956b4e0
dnscrypt-proxy.toml: restore Quad9 examples
Rbtpzn was using them for some reason and was hitting less errors than
Zaldaryn in as basic test as "apt update", so I guess it's worth having
it included. I think I am mainly leaving it for family devices.
2019-07-14 13:30:29 +03:00
a5868f6395
etc/sources.list: update testing for bullseye & add note to stable for it
> over the last years we had people getting confused over <suite>-updates
> (recommended updates) and <suite>/updates (security updates).  Starting
> with Debian 11 "bullseye" we have therefore renamed the suite including
> the security updates to <suite>-security.

https://lists.debian.org/debian-devel-announce/2019/07/msg00004.html
2019-07-14 12:40:56 +03:00
fa0478d82b
update the PGP key
ref: #119
2019-07-01 11:57:58 +03:00
2fe92afa26
etc/apt/sources.list: change keyserver
Ref: #119

I am not sure I would advice running that even if it happened to exist.
2019-07-01 11:50:26 +03:00
a7b1880469
gpg: use keys.openpgp.org
Closes #119
2019-07-01 11:47:27 +03:00
128f1781f3
torrc-client: add MapAddress for PirateIRC & freenode
Closes #118
2019-06-30 14:27:20 +03:00
a915db9f8a
etc/systemd: tor-services: add ExecReload
I am running `systemctl restart tor-client` too often to be comfortable.
2019-06-30 14:11:34 +03:00
bf3b91d93a
torrc-client: update from running config
Preparation to #118
2019-06-30 13:31:16 +03:00
758e8dbd06
bash&zshrc: comment especially dangerous gpg alias
I am not sure I would encourage running that and I think the package
maintainers are better updaters than I am.

Ref: #119
2019-06-29 22:33:50 +03:00
4c9ba8e108
conf/tmux: humanize time format
Humans find space cleaner than T and Finns use a . instead of ;.
2019-06-29 09:51:59 +03:00
28794133b3
i3status: use %avail instead of %free
Resolves: #116
2019-06-28 11:00:03 +03:00
2f178f2d2e
i3: add shortcuts for pavucontrol & Mumble
Resolves #117
2019-06-27 20:12:22 +03:00
21539b40c5
i3: kdockerize $TERMINAL without minimizing
I thested this earlier and am committing it in case I encounter Zaldaryn
sooner than anticipated and forget to copy the change and then start
doing conflicting changes there.
2019-06-19 23:00:54 +03:00
41576b7786
i3: restore Keybase (which is now on trial period)
Is it going to be in tray kindly or will I distract myself by starting
to click and read on it? It's the only autostarting app that I cannot
configure to hide or be more unsuitable for bigger chats.
2019-06-17 10:57:30 +03:00
61a8302024
config: disable Dino & Keybase from autostart
It turns out that having apps full of distractions starting
automatically is not good for focusing. This leaves three instant
messengers:

* Wire - family and other small groups
* Signal - some friends, unsuitable for large groups
* Gajim - polycule and small friend groups visibly autojoined,
  everything else joined as minimized so it doesn't distract me unless
  something notifies me
2019-06-16 18:44:38 +03:00
dfb63479fd
i3: give dino more time to start in kdocker 2019-06-14 13:00:40 +03:00
dc02709832
i3: kdocker-ize dino 2019-06-13 22:51:59 +03:00
ec1b7e6806
i3: move to Dino OBS package 2019-06-13 20:12:52 +03:00
72fa6ff2d0
i3: add comments & Dino
Added comments: one missing ELECTRON! warning, where to install Keybase
and a link to GitHub comment where I install the Dino flatpak.
2019-06-13 15:29:01 +03:00
5128e8646a
ipfs.service: use dht routing instead of dhtclient routing 2019-06-11 01:17:22 +03:00
85bd70f382
etc/systemd/system/ipfs: important notice for VPS/dedi/etc. 2019-06-11 01:12:28 +03:00
4630927800
LICENCE.md: attempt to make GitHub detect this
There are no actual license changes (or at least I tried to avoid them
by reading the `git diff`) and I added the lines missing from GitHub
selector, even if I have no idea where they originate from (the two last
ones).
2019-06-07 12:27:45 +03:00
71731970c4
i3: swap hibernate & suspend, also put WS1 to HDMI-1
Maybe three electrons not working with hibernate is another reason for
it to go out of fashion, I wonder if I should also add warning to myself
about quitting all electrons before either operation.
2019-06-04 19:29:25 +03:00
6ce553f84e
dnscrypt-proxy: fix cloudflare excluding 2019-06-02 22:30:49 +03:00
c15610a3c2
i3: move from Snap Signal to Flatpak Signal
When I previously tried them, Snap worked better and Flatpak was
misbehaving, but now the situation seems to have turned around with Snap
unable to use some features such as tray icons (which is attributed to
an uptream issue with Electron builder).
2019-05-31 20:00:18 +03:00
20d3453f2b
i3: SOS! Add the third electron! HELPME! It's a monster! 2019-05-29 17:20:55 +03:00
4f57171b83
i3: add Wire to autostart 2019-05-24 23:24:30 +03:00
540798ed17
dnscrypt-proxy: use Socks Authentication 2019-05-22 12:01:34 +03:00
b96eb372d0
torrc-client: ensure IsolateSOCKSAuth & add HTTPTunnelPort 2019-05-22 11:58:05 +03:00
9101b72784
i3: sort autostarts & add Keybase
* expected packages now also contains keybase
* Keybase's tray popup is now floating
* autostarting Flatpaks are separated from normal apps and below them
* Gajim has --quiet, even if it probably doesn't affect anything here
2019-05-21 00:00:43 +03:00
fa43667840
i3: add caffeine indicator 2019-05-18 14:57:07 +03:00
3eefbaf296
etc/tor/torrc-onehoponion: CookieAuthFile 0 2019-05-17 18:54:34 +03:00
7dbafe4a54
resolv.conf: more comments 2019-05-16 15:28:15 +03:00
7a7fefa9ce
i3: autostart de.haeckerfelix.gradio 2019-05-15 19:15:38 +03:00
21adba9a02
dnscrypt-proxy.toml: update ~~stories~~ comments 2019-05-15 10:48:11 +03:00
e972a47d4a
torrc-client: add SocksPorts and comment on two guards
I need unisolated port for dnscrypt-proxy which I fear would otherwise
generate too many circuits which wouldn't even be used and I guess
there is no harm in sending Yggdrasil to a separate port that only has
access to onions which is a port I may sometimes wish I have otherwise
too.
2019-05-15 10:31:47 +03:00
95bcf095df
VerifyHostKeyByDNS is supposed to be yes
fix previous commit, I imagine I changed it by accident.
2019-05-11 00:58:00 +03:00
e634ee8863
ssh_config: update comment for VerifyHostKeyDNS
OpenSSH is evil and gives you three not-optimal options to this:

A) trust DNSSEC and don't write known_hosts
B) ask whether to trust DNS, but don't bother telling me if it's signed
C) don't even check SSHFP

I see A) as the least evil, but I wish known_hosts was written.
Alternatively B) should tell me whether there is DNSSEC or not, not
only "matching keys found from DNS" or whatever it says always.
2019-05-09 18:44:36 +03:00
9e03598e3f
etc/apt/sources.list: add missing tor+ for Debian 2019-05-09 14:05:54 +03:00