Commit Graph

554 Commits

Author SHA1 Message Date
61ad1e935b
00-ptrace-restricted.conf: set to 3
I cannot remember when I last needed it and this makes Edgium
about:sandbox happy
2021-09-06 18:45:38 +03:00
575b68fe3a
etc/apt/sources.list/stable: update security name
https://www.debian.org/releases/bullseye/amd64/release-notes/ch-information.en.html#security-archive
2021-08-15 00:42:58 +03:00
c8189a3aa6
chrony/yggdrasil.sources: update jolly-roger address 2021-08-08 00:07:01 +03:00
a7ea71ae38
chrony/conf.d: add cmd.conf
Ref: #95

which this attempts to workaround and fails
2021-08-07 23:56:38 +03:00
a43478e430
chrony: add broken NTS configuration
Ref: #94
2021-08-07 23:52:15 +03:00
a9f34a8d1c
sysctl/questionable: 99-nonlocalbind.conf
Resolves: #55
2021-06-27 17:43:34 +03:00
8f09ff7d45
chrony/confdir: add fedora-sourcedir.conf
Fedora doesn't specify non-DHCP sourcedir by default so I specify one
here
2021-06-26 23:24:51 +03:00
0c5413171f
sysctl.d: add 00-max-ipv6-route.conf 2021-06-20 00:42:24 +03:00
1c0073920a
pipewire/README: more on pro-audio, alsamixer and not deafening 2021-06-19 23:45:19 +03:00
c73d7a3a0c
sysctl.d: 00-magicsysrq.conf -> 60-magicsysrq.conf
Otherwise Fedora seems to overwrite it with priority 50 file
2021-06-19 15:49:27 +03:00
3b99675a34
etc/sysctl.d: go through, mkdir questionable/
Resolves: #93
2021-06-19 15:41:49 +03:00
9c7d0c6210
etc/ssh/config.d: add example.conf
So I can stop having to dig this from manual every time I want to
configure a new host, and a couple of options I haven't used previously,
but could as they seem nice
2021-06-18 13:48:41 +03:00
a5836327c4
etc: pipewire & bluetooth: enable codes, battery reporting
https://web.archive.org/web/20210614103423/https://www.redpill-linpro.com/techblog/2021/05/31/better-bluetooth-headset-audio-with-msbc.html
2021-06-14 13:36:34 +03:00
437a417697
etc/pipewire/…: say that using Pro-audio is enough fix 2021-06-14 12:13:57 +03:00
93823eabd6
sysctl.d: add 23-starts-unprivileged-ports.conf
Self-explanatory within comments. Link list notes to selves contributing
into this version:

* https://kernelnewbies.org/Linux_4.11
* https://stackoverflow.com/a/51439516
* https://stackoverflow.com/questions/413807/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux#comment90027734_51439516
* https://developer.apple.com/forums/thread/674179
* https://news.ycombinator.com/item?id=18302380
* https://security.stackexchange.com/q/242859
* https://stackoverflow.com/questions/413807/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux#comment90027734_51439516
2021-06-12 21:52:39 +03:00
75731868e7
unbound/dns-over-tls.conf: allow non-Finnish anycast & note being used on servers 2021-06-11 19:39:57 +03:00
126918d98d
systemd/limnoria.service: add TZ env & RestartSec 2021-06-02 17:50:30 +03:00
30a308d29f
torrc-client: add MapAddress for palladium.libera.chat
https://libera.chat/guides/connect#verifying-tor-tls-connections
2021-05-27 17:50:03 +03:00
6576e83901
etc/tor/torrc-client: add irc.ergo.chat 2021-05-27 02:52:30 +03:00
6f7016a596
torrc-client: add irc.liberta.casa 2021-05-22 13:16:26 +03:00
c1768cae67
systemd: "rewrite" supybot -> limnoria, move znc, rmdir irc/ 2021-05-16 18:00:31 +03:00
306270c441
etc/systemd: rm cjdns & miredo, I am unlikely to use them again 2021-05-16 11:15:34 +03:00
49facd9d39
etc/dnf.conf: comment tor example 2021-05-05 20:43:52 +03:00
aa18d746db
etc/pipewire/README.md: cut a long line into two 2021-05-05 11:02:53 +03:00
4b445c2aaf
etc/pipewire: remove the ...example.donotuse
I am quite sure that the config file has changed so much that the file
wouldn't work anyway and I don't think I really need it with the
important part being in the README.md
2021-05-05 11:01:50 +03:00
c6a75f0962
ssh/anoncvs.conf: fix typo 2021-05-04 16:18:31 +03:00
447e8192c2
etc/default/grub.d: add remember-previous.cfg 2021-04-30 20:05:22 +03:00
ad6ac7d45e
dnf.conf: double max_parallel_downloads 2021-04-28 12:32:58 +03:00
1ad289aa49
unbound/dot-mullvad-adblock.conf: add missing port number 2021-04-27 21:40:16 +03:00
41879fe5e8
unbound.conf.d: rm dns-mullvad, add dot-mullvad[-adblock] 2021-04-27 21:35:58 +03:00
61d19724fa
resolv.csv: add Mullvad 2021-04-27 21:30:46 +03:00
e4c9d168ba
yum.repos.d: add tor.repo 2021-03-28 09:41:15 +03:00
6f8c7de6af
unbound.conf.d: add 00-insecure-domains.conf (WiFi repeater config) 2021-03-14 21:00:32 +02:00
3b4847f447
yum.repos.d/protonvpn-unstable: remove unneeded expansions
Fixes pkcon complaining
2021-03-13 18:29:30 +02:00
134999487f
yum.repos.d: add microsoft-edge-dev.repo 2021-03-07 16:46:47 +02:00
93b9bc5ba6
yum.repos.d: move Dino from README to .repo 2021-03-07 16:37:15 +02:00
267f68ae80
yum.repos.d: add microsoft-prod.repo 2021-03-07 16:36:04 +02:00
e5c259eda6
README.md: write about soft-mixer 2021-03-02 12:21:58 +02:00
85d97aec3e
apt/preferences.d/pulseaudio: pin priority -1 backports too 2021-03-01 19:08:18 +02:00
51b0b5dde5
sudoers.d/protonvpn: add more paths & potential legacy note 2021-02-27 09:02:10 +02:00
5903664cb7
yum.repos.d: add protonvpn-unstable.repo 2021-02-26 14:10:38 +02:00
f21e22e80f
etc/sudoers.d: fix name, make notes to README.md 2021-02-26 11:34:20 +02:00
267dd77604
im.riot.Riot.desktop: add missing word "run" 2021-02-19 14:27:16 +02:00
8463fa8f5c
local/share/applications: Riot -> Element
Package name hasn't changed though so I imagine the icon is the same too
2021-02-19 13:59:27 +02:00
95a44d0be9
etc/pipewire: document the volume cutoff (pulseaudio style) workaround 2021-02-18 14:51:22 +02:00
c8e89a5817
systemd: add coredump.conf.d/biggercores.conf 2021-02-18 14:47:23 +02:00
8155bec959
sysctl.d: add 00-quic-go-udp-receive-buffer.conf
So I will remember it's existence
2021-02-13 09:36:28 +02:00
a0c61231f4
systemd/resolved.conf.d: add snopyta-strict.conf
While posting an example how I would do it I might as well put it here
2021-02-10 16:12:42 +02:00
288b010fe5
sshd: move mikaela-prohibit-password.conf to broken/
Apparently OpenSSH only allows PasswordAuthentication yes within a Match
block.
2021-02-02 14:12:43 +02:00
1be2720861
sshd: explicitly "terminate" Match blocks by Match All
https://unix.stackexchange.com/a/303982/17126 & man sshd_config
2021-02-02 13:58:35 +02:00