shell-things

mirror of https://gitea.blesmrt.net/mikaela/shell-things.git synced 2024-11-11 02:59:23 +01:00

Author	SHA1	Message	Date
Aminda Suomalainen	55dcb2f2cd	systemd-resolved/98-local-resolver.conf: fix comment talking about alphabet while everything is now numerals	2024-04-28 09:17:07 +03:00
Aminda Suomalainen	35b99a6bc0	systemd-resolved: add 99-lan-resolver.conf.sample for trusted LANs	2024-04-28 09:13:46 +03:00
Aminda Suomalainen	5ab33c154e	systemd-resolved: rename conf files to have a number prefix	2024-04-28 09:13:20 +03:00
Aminda Suomalainen	9375b3c2b2	unbound: add dot-cloudflare.conf	2024-04-27 21:22:28 +03:00
Aminda Suomalainen	2aa221b77f	unbound/cache: take the cache-min-ttl: 3000 challenge It will not affect web browsers which are using DoH for ECH eliminating most of breakage and I am just curious on will anything outside of web browser suffer that.	2024-04-27 18:35:22 +03:00
Aminda Suomalainen	652c11391f	unbound/cache.conf: explicitly set serve-expired-reply-ttl to 30	2024-04-27 16:52:39 +03:00
Aminda Suomalainen	d3773468fa	chromium/policies: add doh-{disabled,google}.json	2024-04-27 16:18:40 +03:00
Aminda Suomalainen	a083a9d704	unbound/cache: comment cache-min-ttl=900, add commented 3000	2024-04-27 15:42:29 +03:00
Aminda Suomalainen	30a27f980d	unbound/cache.conf: RFC 8767ish configuration	2024-04-27 15:00:12 +03:00
Aminda Suomalainen	813878a4de	systemd/{iwd,systemd-networkd}.service.d: add appropiate symlinks	2024-04-27 12:25:00 +03:00
Aminda Suomalainen	c59fe1ae53	sudoers.d/nordvpnd: also allow restarting tor-client.service I have a suspicion I am adding it to the script sooner or later	2024-04-27 12:21:07 +03:00
Aminda Suomalainen	ef9c4acfc3	sudoers.d/nordvpnd: also allow restarting Tor	2024-04-27 12:10:15 +03:00
Aminda Suomalainen	955e52f5af	yum.repos.d: add google-Chrome.repo to workaround their crontab disliking my system	2024-04-27 10:21:20 +03:00
Aminda Suomalainen	8fe7ff55e6	chromium: add managed black-theme-colour & recommended apps-as-homepage, disable-default-browser-check	2024-04-27 10:08:43 +03:00
Aminda Suomalainen	b76b7cac5c	systemd/user: review vpn wants, rm transmission-daemon copy-paste	2024-04-27 08:34:46 +03:00
Aminda Suomalainen	2113b593e7	Chromium & Firefox: force Bitwarden (for passkeys)	2024-04-27 08:32:39 +03:00
Aminda Suomalainen	da85d0d9c7	firefox & chromium: allow PrivacyPass attestor & Keyoxide.org	2024-04-27 08:31:05 +03:00
Aminda Suomalainen	61dc3706ab	systemd/{chrony,i2pd,yggdrasil}.service.d/mullvad-exclude.conf: fix mistakes and Requires=	2024-04-26 17:43:37 +03:00
Aminda Suomalainen	1b64bc5e13	systemd/service.d: fix typo & use Requires= where appropiate	2024-04-26 17:38:33 +03:00
Aminda Suomalainen	db7de1c3e4	systemd/service.d/unbound-wanted.conf: break circular skipping by removing After=	2024-04-26 17:35:31 +03:00
Aminda Suomalainen	7f410148e3	aminda-nocron-rebootish.service: repeat that dns should be running	2024-04-26 16:13:39 +03:00
Aminda Suomalainen	1d7308e74e	unbound: explicitly enable ede and it's log	2024-04-26 13:53:50 +03:00
Aminda Suomalainen	2f585209e7	matterbridge-cleanup.timer: use more human friendly term minutely on OnCalendar=	2024-04-26 13:21:20 +03:00
Aminda Suomalainen	65f58dc224	systemd: aminda-nocron-rebootish.{service,timer} is a delayed variant of -ish	2024-04-26 13:16:33 +03:00
Aminda Suomalainen	c55b20a89a	move systemd user units from conf/systemd/user to etc/systemd/user symlink remains to show what is the correct location	2024-04-26 13:05:08 +03:00
Aminda Suomalainen	b36fe67bc3	systemd/user: attempt to flatpak-update-user.{service,timer}	2024-04-26 13:03:05 +03:00
Aminda Suomalainen	b8f720fa7f	aminda-nocron-reboot.timer: fix typo in comment	2024-04-26 12:48:47 +03:00
Aminda Suomalainen	9e38fdf223	aminda-nocron-reboot.timer: add RemainAfterElapse=false	2024-04-26 12:37:55 +03:00
Aminda Suomalainen	90b64c9543	systemd: rename aminda-nocron -> aminda-nocron-reboot for clarity also opens up aminda-nocron-hourly etc.	2024-04-26 12:30:58 +03:00
Aminda Suomalainen	b0ec7cffde	chromium/README: EnableOnlineRevocationChecks does also enable CRL	2024-04-26 11:27:11 +03:00
Aminda Suomalainen	16d2f74135	systemd/aminda-nocron.service: explicitly start DNS too	2024-04-26 11:08:15 +03:00
Aminda Suomalainen	def77bc4c3	systemd: add aminmda-nocron.{service,timer} for my @reboot crontabs for cronless systems (SteamOS)	2024-04-26 10:43:08 +03:00
Aminda Suomalainen	901dbfe138	etc/hosts: attempt to increase legibility by adding leading and trailing #	2024-04-25 19:45:11 +03:00
Aminda Suomalainen	21b59adfd2	etc/hosts/hostname: copy Debian behaviour as a good practice	2024-04-25 19:40:56 +03:00
Aminda Suomalainen	fb65f717fc	etc: cleanup symlinks/files handled by init-browser-policies.bash They brought no value to me, just confused me in git forges by clicktrapping me and not following the symlinks	2024-04-25 17:31:09 +03:00
Aminda Suomalainen	6375d55b8f	systemd-resolved/mullvad: default to base for consistency with unbound	2024-04-25 17:27:55 +03:00
Aminda Suomalainen	17e0b68d20	unbound: add dot-mullvad.conf defalting on base I found myself missing this on an old family PC that has limited resources and as I didn't have this file at hand, I just went with AdGuard which will work too.	2024-04-25 17:24:41 +03:00
Aminda Suomalainen	a17ff2903a	unbound/nordvpn-domains.conf: add comments/sources, fix duplicate zone, add missing domains	2024-04-25 15:07:37 +03:00
Aminda Suomalainen	bbeb1d3e02	unbound/nordvpn: rename, send only their domains to them	2024-04-25 14:34:47 +03:00
Aminda Suomalainen	046b9c5f1a	systemd: use more descriptive drop-in name unbound-wanted.conf instead of unbound.conf	2024-04-25 14:10:26 +03:00
Aminda Suomalainen	1ea9fff29a	chromium: declare more things as .badidea	2024-04-25 14:01:54 +03:00
Aminda Suomalainen	f87c4899b6	chromium: add dns-over-https.json.badidea and declare it as a bad idea	2024-04-25 13:57:01 +03:00
Aminda Suomalainen	861b35c25f	systemd-resolved: add the other applied-privacy.net port too	2024-04-25 13:47:18 +03:00
Aminda Suomalainen	342e3116a6	systemd-resolved: another attempt at local resolvers	2024-04-25 13:45:37 +03:00
Aminda Suomalainen	d17ad34650	unbound/dns-over-tls.conf: note Applied Privacy does no ECS, add 853, add Quad9 unfiltered (ECS commented)	2024-04-25 13:26:01 +03:00
Aminda Suomalainen	52b0807fcb	systemd/yggdrasil.service.d: rename nordvpnd to restore-ipv6.conf	2024-04-25 12:52:30 +03:00
Aminda Suomalainen	520470e3dd	systemd: add firewalld-icmpv6.conf as drop-in	2024-04-25 12:51:03 +03:00
Aminda Suomalainen	45cf5ecf61	opt/chromium/policies/managed: update documentation about working preferred over ECH enforced	2024-04-25 11:00:40 +03:00
Aminda Suomalainen	32883d5c73	chromium: allow DoH downgrade to at least work. Breaks ECH :(	2024-04-25 08:15:28 +03:00
Aminda Suomalainen	7c80e2c329	NetworkManager: paws-off-my-resolv.conf	2024-04-24 18:21:33 +03:00
Aminda Suomalainen	38152ab152	etc/sudoers.d: add vim modelines just in case I think it autodetected them correctly though	2024-04-24 18:16:42 +03:00
Aminda Suomalainen	505c6ec74a	etc/hosts: add hosts.steamos	2024-04-24 18:15:50 +03:00
Aminda Suomalainen	7113fda702	sudoers.d/nordvpnd: add restarting unbound & systemd-resolved	2024-04-24 18:00:00 +03:00
Aminda Suomalainen	32c5da4422	etc/resolv.conf-generate.bash: also be verbose with chattr & chmod	2024-04-24 12:09:15 +03:00
Aminda Suomalainen	9b01bc5260	etc/hosts/README.md: add forgotten blocklist and formatting	2024-04-24 11:55:35 +03:00
Aminda Suomalainen	c00f750d96	etc/resolv.conf-generate.bash: simple resolv.conf writer the way I want	2024-04-24 11:06:35 +03:00
Aminda Suomalainen	fa9da0901d	etc/hosts/blocklist: initial commit	2024-04-24 09:21:42 +03:00
Aminda Suomalainen	b36ba70a70	systemd/service.d: add resolv.conf example with warnings	2024-04-24 07:31:10 +03:00
Aminda Suomalainen	bdcd7249c3	etc/resolv.conf: fix comment	2024-04-23 16:47:03 +03:00
Aminda Suomalainen	95e17d0a49	resolv.conf: remove rotate comments, attempt to explain the logic behind timeout & attempts	2024-04-23 16:23:36 +03:00
Aminda Suomalainen	425af3eabf	etc/resolv.conf: specify timeout 1 and attempts 5	2024-04-23 16:03:49 +03:00
Aminda Suomalainen	70ed890742	dnf/protected.d: add README.md, aminda-{desktop,essentials}.conf	2024-04-23 07:51:29 +03:00
Aminda Suomalainen	4dac26e46e	dnf: also protect unbound	2024-04-23 07:41:49 +03:00
Aminda Suomalainen	b0f7876436	etc/dnf/protected.d: add systemd-{networkd,resolved}.conf	2024-04-23 07:29:18 +03:00
Aminda Suomalainen	f41e80d66a	hosts/dns: comment where it begins and where it ends	2024-04-22 17:11:03 +03:00
Aminda Suomalainen	97c2e74220	etc/hosts: attempt to perform the bad idea of well-known DNS servers here instead	2024-04-22 16:24:51 +03:00
Aminda Suomalainen	4560e776df	systemd-{resolved,networkd}: just break things	2024-04-22 15:43:50 +03:00
Aminda Suomalainen	886b8dbfbd	unbound.conf.d: well-known-dns.conf -> well-known-dns.conf.badidea This will break DNSSEC and a lot of things.	2024-04-22 15:39:47 +03:00
Aminda Suomalainen	4acd22dc37	systemd-networkd: add untested none (Yggdrasil) & wireguard configuration	2024-04-22 15:17:14 +03:00
Aminda Suomalainen	6ea0a570dd	systemd-networkd: match systemd-resolved configuration	2024-04-22 15:12:07 +03:00
Aminda Suomalainen	dea732d15b	systemd-resolved: attempt to simplify configuration	2024-04-22 15:08:03 +03:00
Aminda Suomalainen	f976c9a530	etc/resolv.conf: comment rotate, remove bad search domain comment	2024-04-22 14:51:58 +03:00
Aminda Suomalainen	895359ff67	etc/resolv.conf: add warning about mixing systemd-resolved & unbound	2024-04-22 14:50:37 +03:00
Aminda Suomalainen	903e38f307	systemd-networkd: unset other DNS	2024-04-22 13:32:12 +03:00
Aminda Suomalainen	7be1800002	systemd-networkd: disable DNSSEC/DNSOverTLS by default as localhost	2024-04-22 13:16:14 +03:00
Aminda Suomalainen	3d58aee508	systemd-networkd/10-ether.network: mention unmanaged/NetworkManager	2024-04-22 13:09:28 +03:00
Aminda Suomalainen	e56e5e1909	systemd-networkd: remove comment I don't stand behind	2024-04-22 13:05:58 +03:00
Aminda Suomalainen	02c434b81b	systemd-networkd: list local DNS resolvers	2024-04-22 12:59:38 +03:00
Aminda Suomalainen	44b6e5b618	systemd-networkd: add DNSSEC & DNSOverTLS & search domains	2024-04-22 12:25:25 +03:00
Aminda Suomalainen	945ca0462d	Revert "systemd-networkd: attempt to deduplicate by cutting into 10-global.network" This reverts commit `19b6fbef3c`.	2024-04-22 12:21:56 +03:00
Aminda Suomalainen	06787a38de	resolved/00-no-local-resolver.conf: comment local resolver since I break DNSSEC	2024-04-22 12:14:34 +03:00
Aminda Suomalainen	19b6fbef3c	systemd-networkd: attempt to deduplicate by cutting into 10-global.network	2024-04-22 12:07:39 +03:00
Aminda Suomalainen	aac3ccdec3	unbound/well-known-dns.conf: add CNAMEs one.one.one.one & dns.google.com	2024-04-22 11:26:46 +03:00
Aminda Suomalainen	dc6fc85174	chromium: exclude bittimittari.fi	2024-04-22 10:09:28 +03:00
Aminda Suomalainen	fe1970cfd9	chromium: add brave IPFS disabling policy IPFS is known for killing routers and having it on two machines while trying to VoIP with a lot of people, it gets a bit too heavy	2024-04-22 10:03:53 +03:00
Aminda Suomalainen	abd21e008a	well-known-dns.conf: typetransparent subdomains just in case Theoretically the higher level domain affects them too, but in practice I am unsure and I have previously only used always_reject for google-analytics & subdomains blocking. It at least isn't causing warnings or errors.	2024-04-22 07:42:53 +03:00
Aminda Suomalainen	579e98f27c	unbound/well-known-dns.conf: use typetransparent so non-local queries won't get NODATA	2024-04-22 07:28:55 +03:00
Aminda Suomalainen	623a9150fd	unbound: merge 00-insecure-domains.conf into blocklist.conf	2024-04-22 07:10:18 +03:00
Aminda Suomalainen	892feb3c1b	unbound/blocklist: add fritz.box.	2024-04-22 07:06:21 +03:00
Aminda Suomalainen	c90b551ac4	chromium: merge doh-forced to the doh files due to it being required anyway, update documentation, rename doh-allowed → doh-unlocked-unset	2024-04-21 14:00:39 +03:00
Aminda Suomalainen	4a47d14069	resolved.conf.d: add dot-trex.conf symlink and explaining comments like in unbound	2024-04-21 13:14:53 +03:00
Aminda Suomalainen	ce9159e756	unbound/dot-quad9.conf: prettier sorting	2024-04-21 13:13:41 +03:00
Aminda Suomalainen	7379241a20	chromium: add the rest of Quad9 & update README.md	2024-04-21 11:35:28 +03:00
Aminda Suomalainen	3540f2442e	chromium/doh-quad9*: add alternative port as Chromium allows multiple	2024-04-21 11:28:07 +03:00
Aminda Suomalainen	eb47fac4cb	systemd-resolved: add vim modelines	2024-04-21 10:58:45 +03:00
Aminda Suomalainen	f126e681a2	systemd-resolved: split applied-privacy#443 to its own file as resolved configs don't exclude each other	2024-04-21 10:57:25 +03:00
Aminda Suomalainen	a0ccd790ab	unbound & systemd-resolved: add Quad9 alternative port	2024-04-21 10:54:22 +03:00
Aminda Suomalainen	e64e4e7fd0	firefox: DisableEncryptedClientHello: false I am not sure if this does anything, I just saw a message in logs and it didn't trigger an error	2024-04-21 10:13:29 +03:00
Aminda Suomalainen	6a97040386	firefox: add IPvFoo*	2024-04-21 10:08:43 +03:00
Aminda Suomalainen	069da00a38	Chromium: add IPvFoo* and note that users should go through extensions	2024-04-21 09:58:30 +03:00

1 2 3 4 5 ...

1153 Commits