|
a17ff2903a
|
unbound/nordvpn-domains.conf: add comments/sources, fix duplicate zone, add missing domains
|
2024-04-25 15:07:37 +03:00 |
|
|
bbeb1d3e02
|
unbound/nordvpn: rename, send only their domains to them
|
2024-04-25 14:34:47 +03:00 |
|
|
046b9c5f1a
|
systemd: use more descriptive drop-in name unbound-wanted.conf instead of unbound.conf
|
2024-04-25 14:10:26 +03:00 |
|
|
82214710c1
|
update submodule jauderho-nts-servers
|
2024-04-25 14:03:03 +03:00 |
|
|
1ea9fff29a
|
chromium: declare more things as .badidea
|
2024-04-25 14:01:54 +03:00 |
|
|
f87c4899b6
|
chromium: add dns-over-https.json.badidea and declare it as a bad idea
|
2024-04-25 13:57:01 +03:00 |
|
|
861b35c25f
|
systemd-resolved: add the other applied-privacy.net port too
|
2024-04-25 13:47:18 +03:00 |
|
|
342e3116a6
|
systemd-resolved: another attempt at local resolvers
|
2024-04-25 13:45:37 +03:00 |
|
|
d17ad34650
|
unbound/dns-over-tls.conf: note Applied Privacy does no ECS, add 853, add Quad9 unfiltered (ECS commented)
|
2024-04-25 13:26:01 +03:00 |
|
|
52b0807fcb
|
systemd/yggdrasil.service.d: rename nordvpnd to restore-ipv6.conf
|
2024-04-25 12:52:30 +03:00 |
|
|
520470e3dd
|
systemd: add firewalld-icmpv6.conf as drop-in
|
2024-04-25 12:51:03 +03:00 |
|
|
5869247cc3
|
cron: add firewalld icmpv6 allowing
|
2024-04-25 12:46:17 +03:00 |
|
|
45cf5ecf61
|
opt/chromium/policies/managed: update documentation about working preferred over ECH enforced
|
2024-04-25 11:00:40 +03:00 |
|
|
32883d5c73
|
chromium: allow DoH downgrade to at least work. Breaks ECH :(
|
2024-04-25 08:15:28 +03:00 |
|
|
7c80e2c329
|
NetworkManager: paws-off-my-resolv.conf
|
2024-04-24 18:21:33 +03:00 |
|
|
38152ab152
|
etc/sudoers.d: add vim modelines just in case
I think it autodetected them correctly though
|
2024-04-24 18:16:42 +03:00 |
|
|
505c6ec74a
|
etc/hosts: add hosts.steamos
|
2024-04-24 18:15:50 +03:00 |
|
|
7113fda702
|
sudoers.d/nordvpnd: add restarting unbound & systemd-resolved
|
2024-04-24 18:00:00 +03:00 |
|
|
32c5da4422
|
etc/resolv.conf-generate.bash: also be verbose with chattr & chmod
|
2024-04-24 12:09:15 +03:00 |
|
|
9b01bc5260
|
etc/hosts/README.md: add forgotten blocklist and formatting
|
2024-04-24 11:55:35 +03:00 |
|
|
c00f750d96
|
etc/resolv.conf-generate.bash: simple resolv.conf writer the way I want
|
2024-04-24 11:06:35 +03:00 |
|
|
fa9da0901d
|
etc/hosts/blocklist: initial commit
|
2024-04-24 09:21:42 +03:00 |
|
|
b36ba70a70
|
systemd/service.d: add resolv.conf example with warnings
|
2024-04-24 07:31:10 +03:00 |
|
|
ba55b2c9e9
|
{bash,zsh}rc: specify LOCALDOMAIN & RES_OPTIONS
|
2024-04-23 19:26:33 +03:00 |
|
|
c48bd12974
|
sway/autostart-utilities.conf: start KDE6 policykit
|
2024-04-23 19:21:08 +03:00 |
|
|
bdcd7249c3
|
etc/resolv.conf: fix comment
|
2024-04-23 16:47:03 +03:00 |
|
|
95e17d0a49
|
resolv.conf: remove rotate comments, attempt to explain the logic behind timeout & attempts
|
2024-04-23 16:23:36 +03:00 |
|
|
425af3eabf
|
etc/resolv.conf: specify timeout 1 and attempts 5
|
2024-04-23 16:03:49 +03:00 |
|
|
70ed890742
|
dnf/protected.d: add README.md, aminda-{desktop,essentials}.conf
|
2024-04-23 07:51:29 +03:00 |
|
|
4dac26e46e
|
dnf: also protect unbound
|
2024-04-23 07:41:49 +03:00 |
|
|
b0f7876436
|
etc/dnf/protected.d: add systemd-{networkd,resolved}.conf
|
2024-04-23 07:29:18 +03:00 |
|
|
f41e80d66a
|
hosts/dns: comment where it begins and where it ends
|
2024-04-22 17:11:03 +03:00 |
|
|
97c2e74220
|
etc/hosts: attempt to perform the bad idea of well-known DNS servers here instead
|
2024-04-22 16:24:51 +03:00 |
|
|
4560e776df
|
systemd-{resolved,networkd}: just break things
|
2024-04-22 15:43:50 +03:00 |
|
|
886b8dbfbd
|
unbound.conf.d: well-known-dns.conf -> well-known-dns.conf.badidea
This will break DNSSEC and a lot of things.
|
2024-04-22 15:39:47 +03:00 |
|
|
4acd22dc37
|
systemd-networkd: add untested none (Yggdrasil) & wireguard configuration
|
2024-04-22 15:17:14 +03:00 |
|
|
6ea0a570dd
|
systemd-networkd: match systemd-resolved configuration
|
2024-04-22 15:12:07 +03:00 |
|
|
dea732d15b
|
systemd-resolved: attempt to simplify configuration
|
2024-04-22 15:08:03 +03:00 |
|
|
f976c9a530
|
etc/resolv.conf: comment rotate, remove bad search domain comment
|
2024-04-22 14:51:58 +03:00 |
|
|
895359ff67
|
etc/resolv.conf: add warning about mixing systemd-resolved & unbound
|
2024-04-22 14:50:37 +03:00 |
|
|
903e38f307
|
systemd-networkd: unset other DNS
|
2024-04-22 13:32:12 +03:00 |
|
|
7be1800002
|
systemd-networkd: disable DNSSEC/DNSOverTLS by default as localhost
|
2024-04-22 13:16:14 +03:00 |
|
|
3d58aee508
|
systemd-networkd/10-ether.network: mention unmanaged/NetworkManager
|
2024-04-22 13:09:28 +03:00 |
|
|
e56e5e1909
|
systemd-networkd: remove comment I don't stand behind
|
2024-04-22 13:05:58 +03:00 |
|
|
02c434b81b
|
systemd-networkd: list local DNS resolvers
|
2024-04-22 12:59:38 +03:00 |
|
|
44b6e5b618
|
systemd-networkd: add DNSSEC & DNSOverTLS & search domains
|
2024-04-22 12:25:25 +03:00 |
|
|
945ca0462d
|
Revert "systemd-networkd: attempt to deduplicate by cutting into 10-global.network"
This reverts commit 19b6fbef3c .
|
2024-04-22 12:21:56 +03:00 |
|
|
06787a38de
|
resolved/00-no-local-resolver.conf: comment local resolver since I break DNSSEC
|
2024-04-22 12:14:34 +03:00 |
|
|
19b6fbef3c
|
systemd-networkd: attempt to deduplicate by cutting into 10-global.network
|
2024-04-22 12:07:39 +03:00 |
|
|
aac3ccdec3
|
unbound/well-known-dns.conf: add CNAMEs one.one.one.one & dns.google.com
|
2024-04-22 11:26:46 +03:00 |
|