I don't think I like this very much, but it's supposed to be easier on
eyes and maybe I will get used to it especially after some migraine
light sensitivity attacks...
* Comment that the fastest server is automatically picked.
* Explicitly don't filter AAAA requests.
* Require provider to not do filtering
* which is implied by DNSSEC which would get broken.
* Use Google DNS B as fallback resolver and explain what it does in
comment.
* Add commented options for using Tor.
Polipo is no longer maintained and it seems that I am doing the same
thing with Privoxy except censoring accept-language which I need to
investigate. I think Privoxy warned about changing headers possibly
making ones fingerprint more unique and thus trackable? But aren't those
also going inside https so maybe there is no point?
Dnscrypt-proxy appears to handle multiple servers by itself nowadays and
does it in the config file. The servers listed may also be down.
Ref: #92 where I remembered these files still being here.
It appears that I have been doing locales wrong for years and only now
something has decided to not accept the incorrect versions?
Alternatively Debian has decided to stasrt doing it somehow different
from others, but I don't think so.
keyserver is not needed with GPGv2, I have no idea what some of those
options do and thus have suspect that they make my GPG more insecure and
I have used MATE for years and don't have eog available.
I have no idea why I even have this file :(
I guess the number four has something to do with Windows as resolv.conf
actually doesn't take more than three, am I preparing for situation
where there is no network, but ISP DNS is down or something? Why? When has
that actually happened?
I think apt has fixed it and this has started being more problem than
solution.
This just breaks my nice gpg signed streak :(
Signed-off-by: Mikaela Suomalainen <mikaela+git@mikaela.info>
Nowadays I am mainly on laptop which the 11px is very small and
uncomfortable to look at. I don't know if it's just that or that I have
gotten older (hah).
I hope that this doesn't look bad in other environments.
The most important things when dealing with Windows.
* Don't say "Windows is doing something, don't power off computer", say
what Windows is doing.
* Don't hide scripts that are ran on boot/login, show their output
* Same for Shutdown
* And don't show the annoying animation with its blinking colours on
first login!
to make it a Windows Registry Editor script.
I noticed it missing when I was creating new script (to be added)
and copied parts of it and regedit refused to take it for it not being a
Windows Registry Editor script.
I want DNSMasq to behave a little differently from the NetworkManager
defaults.
The default cache size of 150/400 seems a little small and 10 000 probably
won't be full soon and I am sure modern systems at least at home where I
am using dnsmasq again won't suffer from it.
By default dnsmasq started by NEtworkManager only listens on 127.0.0.1
while ::1 also exists, I want it to be also listened on in case anything
decides to try querying with it.
DNSSEC is not checked by default while I want that behaviour, but as I
am using OpenDNS I cannot make it verify unsigned zones are unsigned :(
Also add symlink to trust-anchors.conf that should ship with DNSSEC to
avoid having to deal with it manually. It should work as a reminder that
it's also needed.
It fails on laptops thanks to not being able to do DNS resolution thanks
to network connection not existing during boot.
Now it fails to `Download snap "ubuntu-core" (423) from channel "stable"
(cannot authenticate to snap store: Provided email/password is not
correct.)` which is process and appears to not be my issue.
Only oidentd.socket and miredo.service were copied instead of being
units that exist in the system and they don't need to do anything
else than fix the issue I have with the stock units.
* oidentd.socket is IPv6-only on my systems unless is BindIPv6Only=both.
because of net.ipv6.bindv6only=1
* miredo.service is here because it starts before there is network
connection (network-online.target) and there is never network
connection with laptops before they are connected to WLAN even if
NetworkManager might be up seeking/connecting to network.