Mikaela
/
shell-things
mirror of https://gitea.blesmrt.net/mikaela/shell-things.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
3,019 Commits 1 Branch 0 Tags 5.9 MiB
Commit Graph

154 Commits

Author SHA1 Message Date
Aminda Suomalainen 428802a4fd
unbound: rm mullvad configuration 
It's wrong and I am not currently using it
 2023-11-12 12:51:54 +02:00
Aminda Suomalainen b8f1aa69dd
unbound/00-insecure-domains.conf: add router.asus.com 2023-10-07 13:10:07 +03:00
Aminda Suomalainen 34b4ffb8ac
unbound/dns-over-tls.conf: cut to 443 and private ECS capable non-filtering servers 2023-08-04 12:45:03 +03:00
Aminda Suomalainen d024ac1234
Revert "rm etc/unbound/unbound.conf.d/dns-over-tls.conf" 
This reverts commit e9998f4079.
 2023-08-04 12:27:41 +03:00
Aminda Suomalainen 6159876f05
unbound/blocklist.conf: add {reddit,twitter}.com to support the protest 2023-06-11 18:53:16 +03:00
Aminda Suomalainen 7ac9b9a7cc
etc/unbound/blocklist: remove duplicates, add graph.facebook.com 
`local-zone: "google-analytics.com." always_refuse` implies subdomains
 2023-06-06 12:09:48 +03:00
Aminda Suomalainen 5d00ccaf6b
unbound: add blocklist-tld.conf mainly for zip & mov 2023-05-28 10:36:52 +03:00
Aminda Suomalainen ca2956b678
unbound/blocklist: note encrypted client hello 2023-05-13 17:17:20 +03:00
Aminda Suomalainen 603ac4a011
unbound/blocklist.conf: remove Mozilla Telemetry 2023-05-13 17:16:17 +03:00
Aminda Suomalainen fdeab81c2b
unbound/blocklist.conf: add matrix.to as dared by !KMbEUhVQHLwZHmwzKX:matrix.org 2023-05-13 17:14:45 +03:00
Aminda Suomalainen e9998f4079
rm etc/unbound/unbound.conf.d/dns-over-tls.conf 
I think the file is inherently flawed due to different types of filtering/non-filtering resolvers, different locations, unknown ECS policies etc. Importantly I am not actively looking at this and just came across old version running in production
 2023-02-26 09:15:19 +02:00
Aminda Suomalainen 9bdc67dd29
unbound & systmed-resolved: add DNS0 open 
Ref: #153
 2023-02-23 10:11:03 +02:00
Aminda Suomalainen cc5e7b7225
unbound: add DNS0 & DNS0 zero DoT config 
Resolves: #153
 2023-02-22 10:58:04 +02:00
Aminda Suomalainen 2e6a03d402
sastisfy editorconfig check 2023-02-21 19:08:54 +02:00
Aminda Suomalainen 1de04a8367
unbound/00-insecure-domains.conf: add http.badssl.com, my captive portal trigger goto 2022-10-03 22:01:15 +03:00
Aminda Suomalainen 1e40420115
unbound: rm outdated yggdrasil-override 
Ref: #89
 2021-10-05 12:38:16 +03:00
Aminda Suomalainen bfa51f500b
unbound/dns-over-tls.conf: stop advertising Debian 9 2021-10-05 12:34:10 +03:00
Aminda Suomalainen ee293669d9
unbound: add dot-flushable-cache.conf 
Resolves: #105
 2021-10-05 12:33:40 +03:00
Aminda Suomalainen 75731868e7
unbound/dns-over-tls.conf: allow non-Finnish anycast & note being used on servers 2021-06-11 19:39:57 +03:00
Aminda Suomalainen 1ad289aa49
unbound/dot-mullvad-adblock.conf: add missing port number 2021-04-27 21:40:16 +03:00
Aminda Suomalainen 41879fe5e8
unbound.conf.d: rm dns-mullvad, add dot-mullvad[-adblock] 2021-04-27 21:35:58 +03:00
Aminda Suomalainen 6f8c7de6af
unbound.conf.d: add 00-insecure-domains.conf (WiFi repeater config) 2021-03-14 21:00:32 +02:00
Aminda Suomalainen abb0c37ef2
unbound.conf.d: add yggdrasil-override.conf 
Begins #89 at a better time
 2020-12-15 20:34:01 +02:00
Aminda Suomalainen e9aefd711b
blocklist.conf: refuse blocked instead of nxdomain 
Only the Firefox DoH needs to be NXDOMAIN while REFUSE may be more
accurate for the rest.
 2020-11-21 12:13:55 +02:00
Aminda Suomalainen e7a6e00b83
unbound/dns-over-tls: comment Adguard & NextDNS for not being in FI 2020-11-15 09:46:50 +02:00
Aminda Suomalainen aadcc009a0
unbound/dns-over-tls.conf: add Adguard (unfiltered) & NextDNS 2020-11-12 16:12:18 +02:00
Aminda Suomalainen 3289a812ee
unbound: add dns-mullvad.conf (not encrypted) 
Contains Mullvad Wireguard, OpenVPN and public addresses
 2020-11-10 16:04:48 +02:00
Aminda Suomalainen f878041e2e
unbound/dns-over-tls.conf: reverse order of providers 
It seems to have some (small?) relevance to where queries go to.
 2020-10-29 16:24:52 +02:00
Aminda Suomalainen 6e1f41533c
unbound/dns-over-tls.conf: comment the 443 appliedprivacy 
Thinking it a bit more, it's not useful to use their resources on
devices that practically never encounter blocked port 853.
 2020-10-29 13:22:19 +02:00
Aminda Suomalainen c93034ba7f
unbound/dns-over-tls.conf: major cleanup 2020-10-29 13:15:23 +02:00
Aminda Suomalainen 1e70d7d4d7
etc/systemd-resolved&unbound: add Quad9 ECS configs 
Untested. The last time I saw the documentation, they didn't mention
DoT.
 2020-10-21 17:09:20 +03:00
Aminda Suomalainen 31a15a9abc
systemd-resolved & unbound: update AdGuard IPs 
Resolves: #81
 2020-09-27 14:34:54 +03:00
Aminda Suomalainen 6c2475676c
unbound.conf.d/dot-adguard.conf: fix SNI domain 2020-08-30 16:56:51 +03:00
Aminda Suomalainen edb259b1c8
unbound.conf.d: add dot-adguard.conf 2020-08-30 16:45:35 +03:00
Aminda Suomalainen cc965d4692
blocklist.conf: add empty line & incoming.telemetry.mozilla.org 2020-08-22 23:31:54 +03:00
Aminda Suomalainen 263f828550
unbound blocklist: add ssl.google-analytics.com 2020-08-20 19:30:47 +03:00
Aminda Suomalainen 94eace15e7
unbound/blocklist.conf: specify it's server clause 
Introduced by e4d18d47c5
 2020-08-20 18:38:37 +03:00
Aminda Suomalainen cabf7c570d
blocklist.conf: add [www.]google-analytics.com. 2020-08-20 18:33:51 +03:00
Aminda Suomalainen b5cafdeb90
unbound: the mass file is not a good idea? cut it? 2020-08-16 12:18:07 +03:00
Aminda Suomalainen e4d18d47c5
etc/.../unbound.conf: update for 1.11.0-1+ 2020-08-15 10:27:50 +03:00
Aminda Suomalainen 7541d93206
dns-over-tls.conf: update BlahDNS-JP addresses 2019-12-01 12:48:02 +02:00
Aminda Suomalainen 10b1b8ad86
unbound/dot: fix outdated comment 2019-11-03 00:49:19 +02:00
Aminda Suomalainen 7b2c1568d1
unbound/dns-over-tls.conf: replace BlahDNS CH with FI 
Shutting down on December 31th https://blahdns.com/
 2019-11-03 00:15:59 +02:00
Aminda Suomalainen d062d6675c
unbound/blacklist.conf: Riot has fixed it's habits 
Integration manager and identity server can be configured in settings
 2019-10-16 15:01:48 +03:00
Aminda Suomalainen 1e636a65af
unbound/dns-over-tls.conf: enable BlahDNS over Yggdrasil 2019-10-08 20:52:41 +03:00
Aminda Suomalainen 0ca2718569
unbound/blocklist.conf: use always_nxdomain, remove publicbt.com 2019-09-10 21:27:23 +03:00
Aminda Suomalainen 0c70f41afc
unbound/blocklist: uncomment vector.im, add use-application-dns.net 
* Vector.im is the identity server that gets restored by itself and I
  don't seem to ever have any business to Vector.im website, while
  the other domains I need to visit at times.
* use-application-dns.net being NXDOMAIN tells Firefox to not send
  traffic to Cloudflare DoH. I thought of this when I saw the news and
  got courage to actually do this after seeing that DNSCrypt-proxy also
  does so.
 2019-09-07 14:42:15 +03:00
Aminda Suomalainen 9bcd2d61c7
unbound/*dns64*: add Cloudflare 2019-08-25 18:27:11 +03:00
Aminda Suomalainen aa2c53349d
unbound/plain-dns64.conf: add Google DNS 2019-08-25 18:21:16 +03:00
Aminda Suomalainen 31aa6066b5
unbound/dns-over-tls.conf: don't mention forwards.conf 
I renamed it.
 2019-08-25 18:17:50 +03:00
Aminda Suomalainen 41644a9b65
unbound: add dns64-over-tls.conf (broken for now) 2019-08-25 18:16:51 +03:00
Aminda Suomalainen 6308c9af72
unbound: clean up plain-dns64.conf (only TREX for now) 2019-08-25 18:09:50 +03:00
Aminda Suomalainen 04658408d4
unbound: rename forwards.conf -> plain-dns64.conf 2019-08-25 18:07:28 +03:00
Aminda Suomalainen 3dc273fbe0
unbound: mention other files of interest in dot & add threads 2019-08-24 12:40:04 +03:00
Aminda Suomalainen 6274ed8e13
unbound/dot: add nic.cz & nixnet 2019-08-24 12:02:26 +03:00
Aminda Suomalainen 5462af3059
unbound/dot: add Lelux.fi 2019-08-24 11:57:42 +03:00
Aminda Suomalainen 7afaa57882
unbound/dot: add Snopyta 2019-08-24 11:55:22 +03:00
Aminda Suomalainen 4e4d19a765
unbound.conf.d/logging.conf: print statistics hourly 2019-08-20 18:05:19 +03:00
Aminda Suomalainen d7d252f98f
unbound/logging: add statistics printing 2019-08-20 17:41:43 +03:00
Aminda Suomalainen 2c3fe4a5df
unbound: enable IPv6 preferring 2019-08-20 12:49:19 +03:00
Aminda Suomalainen be7c4185eb
etc/unbound/dns-over-tls: comment Cloudflare 2019-08-20 11:49:37 +03:00
Aminda Suomalainen 26624bcd5d
unbound.conf.d: increase TTL to 15 mins from 5 2019-08-17 21:06:01 +03:00
Aminda Suomalainen d539237fbf
unbound/blocklist.conf: add source 2019-08-17 13:43:11 +03:00
Aminda Suomalainen 057d42bafd
unbound/dns-over-tls.conf: fix typo 2019-08-17 13:40:39 +03:00
Aminda Suomalainen 914fe1d26c
unbound/dot: finish adding providers 
Ref: #15
 2019-08-17 13:37:02 +03:00
Aminda Suomalainen 410a02a968
unbound/dot: add securedns (both), dnswarden (adblock) 2019-08-17 13:23:28 +03:00
Aminda Suomalainen a5ccd88e70
unbound/dns-over-tls.conf: add server locations 
Ref: #15
 2019-08-17 12:34:03 +03:00
Aminda Suomalainen 596c18c0e0
etc/unbound: add blocklist.conf 
Closes: #13
 2019-08-17 12:16:53 +03:00
Aminda Suomalainen 601bd3ac86
unbound dot: alphabetical order 
Ref: #15
 2019-08-17 00:52:41 +03:00
Aminda Suomalainen 39493f3bf9
unbound dot: move things around 2019-08-17 00:26:36 +03:00
Aminda Suomalainen b3a7266eb5
unbound.conf.d/dns-over-tls: remove Google 2019-08-17 00:14:41 +03:00
Aminda Suomalainen c78eecb547
unbound/dns-over-tls: add two port 443 resolvers 2019-08-17 00:10:32 +03:00
Aminda Suomalainen 55050ec0e5
cache.conf: increase NXDOMAIN cache size and set min TTL to 300 2019-07-23 15:09:34 +03:00
Aminda Suomalainen 2b8a460b63
etc/unbound: add cache.conf 2019-07-23 12:30:53 +03:00
Aminda Suomalainen 97006ddf9b
unbound.conf.d/logging.conf: quote the fine manual for unbound.conf 2019-07-22 17:18:53 +03:00
Aminda Suomalainen 222a030cee
unbound/dns-over-tls: note version requirement 1.7.3 
Debian 9 has 1.6.0 with which I am stuck for now. Debian 10 has 1.9.0
 2019-07-22 16:52:07 +03:00
Aminda Suomalainen 7b83f84633
unbound/dns-over-tls.conf: add AdGuard DNS 
I am surprised it actually works with DNSSEC validation enabled
 2019-07-22 16:12:09 +03:00
Aminda Suomalainen ffbbe9e522
unbound: replace forwards.conf with dns-over-tls.conf 
Simultaneously rm puntcat, their DNS appears to be down at the moment
and I didn't find their own homepage.
 2019-07-22 16:05:05 +03:00
Aminda Suomalainen 6ed44de3d1
unbound.conf.d: clarify logging.conf in a comment 2019-07-22 15:27:27 +03:00
Aminda Suomalainen bb14632b9a
unbound: add another Debian default 2019-07-22 15:16:34 +03:00
Aminda Suomalainen 3b9acff361
etc/unbound add unbound.conf & unbound-control.conf 
copy-pastes from Debian & Arch Wiki, however unbound-control in status
no as I guess it can be a hole most of time.
 2019-07-22 15:14:11 +03:00
Aminda Suomalainen 5569a1129c
unbound.conf.d/dnscrypt-proxy.conf: update for dnscrypt-proxy v2 
Closes #121
 2019-07-22 15:12:49 +03:00
Aminda Suomalainen fb9961be7b unbound.d/logging.conf: I need verbosity 2 
1 doesn't seem to tell me when things start randomly failing.
 2015-12-18 11:37:47 +02:00
Aminda Suomalainen 8804f7e9f6 etc/unbound/unbound.conf.d: logging.conf 
Logging to systemd-journald (journalct) with verbosity 1.
 2015-12-18 09:52:18 +02:00
Aminda Suomalainen f58977d151 unbound forwards.conf: add commented trex dns64 2015-10-26 08:58:36 +02:00
Aminda Suomalainen 76633ba61d add etc/unbound/dnscrypt-proxy.conf 2015-08-21 19:16:12 +03:00
Aminda Suomalainen a06465d161 unbound: move forwards.conf under unbound.conf.d 2015-08-20 18:39:40 +03:00
Aminda Suomalainen c8dcba24a3 major cleaning 2015-08-20 15:22:22 +03:00
Aminda Suomalainen a9eaecf61c unbound: add dns.watch & puntcat 2015-05-01 17:05:58 +03:00
Aminda Suomalainen 0510858a0d etc/unbound: remove non-DNSSEC resolvers 2015-05-01 15:10:49 +03:00
Aminda Suomalainen 3d54d51c24 rm dnsmasq & fedora 
I am not using either. The only Fedora here was Pidora and it has died
some time ago and the project is a little slow.

I am currently wondering whether to start learning FreeBSD by putting it
on the Pi.
 2015-04-22 22:50:54 +03:00
Aminda Suomalainen f74a76250b Rename Manjaro --> Arch 
I didn't ever try Manjaro outside of Virtualbox and I have learned that
Manjaro is not good. I am currently using Antergos which is Arch + one
custom repo, so I feel I can rename to Arch.
 2015-04-22 22:42:01 +03:00
Aminda Suomalainen b1e1581fe3 unbound: add manjaro 
closes #69
 2015-03-13 15:08:19 +02:00
Aminda Suomalainen 6457bc4361 unbound: add config for Pidora 
ref: #69
 2015-03-12 11:46:37 +02:00
Aminda Suomalainen 6820fa23d7 fix unbound config files 2015-03-12 11:44:03 +02:00
Aminda Suomalainen d2e8d49ec2 unbound: disable OpenDNS 
Missing DNSSEC causes my Pidora to SERVFAIL. Now checking if this is
cause of #69...
 2015-03-12 11:33:52 +02:00
Aminda Suomalainen de26949c16 unbound: uncomment the dnssec line 
it seems that I am accidentally removing the trust anchor includer file…
 2015-02-19 18:43:08 +02:00
Aminda Suomalainen fc35481c8d unbound: fix access-control.conf 
* .conf was missing from the end
* comment access allowing
* fix wrong CIDR
 2015-02-12 08:22:02 +02:00
Mikaela Suomalainen a45d82b0b0 unbound: rm dnsmasq.conf 2014-12-29 16:04:24 +02:00
Mikaela Suomalainen 04ccc1ba14 unbound: fix interfaces 2014-12-29 12:55:37 +02:00