shell-things

mirror of https://gitea.blesmrt.net/mikaela/shell-things.git synced 2024-10-04 10:28:47 +02:00

Author	SHA1	Message	Date
Aminda Suomalainen	1b1514f993	systemd: add masks required by tlp as a note to self	2023-05-25 07:48:22 +03:00
Aminda Suomalainen	8fb52ec8f2	add shfmt	2023-05-18 11:58:51 +03:00
Aminda Suomalainen	687a6433bb	add & run prettier-plugin-nginx	2023-05-18 11:35:13 +03:00
Aminda Suomalainen	e0dc070cd1	etc/nginx: append .nginx to file names in preparation of prettier-nginx	2023-05-18 11:17:24 +03:00
Aminda Suomalainen	ca2956b678	unbound/blocklist: note encrypted client hello	2023-05-13 17:17:20 +03:00
Aminda Suomalainen	603ac4a011	unbound/blocklist.conf: remove Mozilla Telemetry	2023-05-13 17:16:17 +03:00
Aminda Suomalainen	fdeab81c2b	unbound/blocklist.conf: add matrix.to as dared by !KMbEUhVQHLwZHmwzKX:matrix.org	2023-05-13 17:14:45 +03:00
Aminda Suomalainen	19f3a0b720	update submodule jauderho-nts-servers	2023-05-12 09:30:28 +03:00
Aminda Suomalainen	58ead9302c	etc/apt/sources.list: keep adding non-free-firmwares Fixes: `94d26e811a` Resolves: #159	2023-05-12 09:29:32 +03:00
Aminda Suomalainen	42f1c58fa0	etc/yum.repos.d: add vivaldi	2023-05-08 20:54:22 +03:00
Aminda Suomalainen	442a4fb89a	update submodules	2023-05-04 15:57:12 +03:00
Aminda Suomalainen	94d26e811a	etc/apt/sources.list: enable non-free-firmware for Debians Resolves: #159	2023-04-10 17:07:48 +03:00
Aminda Suomalainen	8309e9254e	ssh_config: StrictHostKeyChecking accept-new	2023-04-03 11:03:48 +03:00
Aminda Suomalainen	0a5e526cc5	systemd-networkd/eth0: don't require being up Resolves: #157	2023-03-31 13:33:27 +03:00
Aminda Suomalainen	5f6bddfe8a	systemd: add NetworkManager-wait-online.service & systemd-networkd-wait-online.service to refresh my memory	2023-03-25 18:32:23 +02:00
Aminda Suomalainen	bae5e38347	etc/samba/playstation2.conf: apparently both log level & syslog lines are needed	2023-03-25 12:12:57 +02:00
Aminda Suomalainen	3e9331c84f	etc/samba/playstation2.conf: move deadtime & keepalive to [global]	2023-03-25 12:05:43 +02:00
Aminda Suomalainen	4757f05060	etc/samba/playstation2.conf: fix logging?	2023-03-25 12:03:54 +02:00
Aminda Suomalainen	f43106f002	etc/samba/playstation2.conf: enable logging	2023-03-25 11:55:54 +02:00
Aminda Suomalainen	e491a114a1	etc/samba/playstation2.conf: disable deadtime, shorten keepalive	2023-03-25 11:46:33 +02:00
Aminda Suomalainen	7ea097c6fe	etc/resolv.conf: search for . Resolves: #156	2023-03-24 10:37:52 +02:00
Aminda Suomalainen	6333883dc3	etc/samba/playstation2.conf: document issues coming up with real hardware	2023-03-14 16:57:14 +02:00
Aminda Suomalainen	30684318aa	etc/resolv.tsv: test ECS support of some empty fields	2023-03-11 15:54:04 +02:00
Aminda Suomalainen	33301bb8e5	etc/chrony/sources.d: update submodule	2023-03-11 08:18:48 +02:00
Aminda Suomalainen	cc0e5514ab	etc/chrony/sources.d: update submodule, add license information, add German servers	2023-03-10 09:49:35 +02:00
Aminda Suomalainen	4f7d891f68	jauderho-nts-servers: update submodule	2023-03-09 11:45:58 +02:00
Aminda Suomalainen	1b113e0c3e	etc/systemd/network: add commented DHCP=yes	2023-03-07 15:02:13 +02:00
Aminda Suomalainen	514ed85374	etc/systemd/network: update samples and comments to reflect my current views	2023-03-07 14:46:28 +02:00
Aminda Suomalainen	d51d8e810a	update submodule, symlink	2023-03-07 12:08:53 +02:00
Aminda Suomalainen	a80342b82b	etc/samba/playstation2.conf: rename share to PS2SMB, update comments	2023-03-03 17:14:19 +02:00
Aminda Suomalainen	e265916ba1	etc/samba/playstation2.conf: initial commit	2023-03-03 09:54:02 +02:00
Aminda Suomalainen	e9998f4079	rm etc/unbound/unbound.conf.d/dns-over-tls.conf I think the file is inherently flawed due to different types of filtering/non-filtering resolvers, different locations, unknown ECS policies etc. Importantly I am not actively looking at this and just came across old version running in production	2023-02-26 09:15:19 +02:00
Aminda Suomalainen	5350804d41	etc/resolv.tsv: remove /fi/ from DNS0.eu ECS links	2023-02-25 14:33:52 +02:00
Aminda Suomalainen	e839c83f53	etc/resolv.tsv: add EDNS Client-Subnet support & sources	2023-02-25 14:12:39 +02:00
Aminda Suomalainen	e520e78c1a	etc/resolv.tsv: add/update AdGuard	2023-02-25 13:58:47 +02:00
Aminda Suomalainen	06f6f2f2a6	etc/resolv.conf: uncomment trust-ad less dd to press when actually applying this	2023-02-24 08:43:41 +02:00
Aminda Suomalainen	faf242d8ca	etc/yum.repos.d: add brave beta & nightly Yes, the upstream instructions say nightly and beta have the same key	2023-02-23 21:28:52 +02:00
Aminda Suomalainen	0cfb5859ad	dnsproxy: remove --user that doesn't apply anymore	2023-02-23 14:31:48 +02:00
Aminda Suomalainen	4761b94331	dnsproxy.service: convert to system service	2023-02-23 14:25:12 +02:00
Aminda Suomalainen	9bdc67dd29	unbound & systmed-resolved: add DNS0 open Ref: #153	2023-02-23 10:11:03 +02:00
Aminda Suomalainen	cc5e7b7225	unbound: add DNS0 & DNS0 zero DoT config Resolves: #153	2023-02-22 10:58:04 +02:00
Aminda Suomalainen	a2c3d9248d	fix ends of lines	2023-02-21 20:11:35 +02:00
Aminda Suomalainen	b39b5db0d4	run prettier on markdown again?	2023-02-21 19:33:31 +02:00
Aminda Suomalainen	2e6a03d402	sastisfy editorconfig check	2023-02-21 19:08:54 +02:00
Aminda Suomalainen	19994e3286	run prettier	2023-02-21 17:54:39 +02:00
Aminda Suomalainen	fcb57144c9	chmod -x *.desktop && add .pre-commit-config.yaml	2023-02-21 16:16:33 +02:00
Aminda Suomalainen	1706269308	etc/resolv.tsv: add dns0 open Resolves: #154	2023-02-21 12:57:55 +02:00
Aminda Suomalainen	1385bf6105	ssh_config: comment ProxyCommand I just keep disabling it anyway so it's more harm than good	2023-02-21 10:11:34 +02:00
Aminda Suomalainen	4a20f75d3c	etc/systemd/resolved.conf.d: add DNS0 DoT configs Their website already had the correct syntax for the entries Ref: #153	2023-02-20 11:49:31 +02:00
Aminda Suomalainen	8e3244f785	etc/resolv.tsv: add mobileconfig links This is just the official ones I found, I could link to encrypted-dns.party, but that is a task for later, I can find it without this file Resolves: #152	2023-02-20 11:43:32 +02:00
Aminda Suomalainen	5ee54038de	etc/ssh/ssh_config: retab	2023-02-17 17:29:45 +02:00
Aminda Suomalainen	ff524fec97	etc/yum.repos.d: add fedora-crystal.repo	2023-02-13 17:47:23 +02:00
Aminda Suomalainen	1b243c279d	resolv.tsv: fix formatting	2023-02-13 11:52:43 +02:00
Aminda Suomalainen	4257bf5341	etc: resolv.csv -> resolv.tsv	2023-02-13 11:44:36 +02:00
Aminda Suomalainen	8ab861d791	etc/iwd/main.conf: uncomment "AddressRandomizationRange=nic" and update comment	2023-02-10 22:04:12 +02:00
Aminda Suomalainen	421087e536	etc/resolv.csv: add DNS0.eu Resolves: #150	2023-02-09 11:56:09 +02:00
Aminda Suomalainen	47eaebeece	etc/chrony/sources.d: submodule the curated NTS server list gist for future discoverability This repository is random anyway and has files that don't belong such as resolv.csv	2023-02-06 10:43:46 +02:00
Aminda Suomalainen	36c2688cec	etc/systemd/system/unbound.service.d/never-fail.conf: unbound isn't allowed to fail either	2023-02-03 10:59:31 +02:00
Aminda Suomalainen	3439b284a7	etc/iwd/main.conf: note that AddressRandomizationRange=nic has 254 possible addresses	2023-01-28 18:37:43 +02:00
Aminda Suomalainen	6b2cb6575b	etc/iwd/main.conf: add a comment(ed/) on AddressRandomizationRange=nic	2023-01-27 13:21:32 +02:00
Aminda Suomalainen	ebc01c16eb	{etc,var/lib/}iwd/: read manual, adjust accordingly	2023-01-27 10:51:51 +02:00
Aminda Suomalainen	d2dc35b2d1	etc/iwd/main.conf: add egrep to the check/refresh command	2023-01-22 21:06:46 +02:00
Aminda Suomalainen	86b2bbabcb	etc/iwd/main.conf: fix comment typos, remove unnecessary section Channel ranking on Lumina was unrelated to 5 GHz not getting used.	2023-01-22 21:02:15 +02:00
Aminda Suomalainen	a92c1444c7	etc/iwd/main.conf: mention iw dev wlan0 scan	2023-01-22 17:43:47 +02:00
Aminda Suomalainen	da914331ea	etc/iwd/main.conf: update the comment on how I perceive Country to work	2023-01-22 17:13:54 +02:00
Aminda Suomalainen	825f2745de	etc/iwd/main.conf: request regdom/Country FI	2023-01-22 08:11:03 +02:00
Aminda Suomalainen	53dcbb1d28	etc/iwd: attempt to prefer 5&6 GHz over 2.4 GHz	2023-01-21 18:32:44 +02:00
Aminda Suomalainen	edadd1f453	etc/iwd/main.conf: initial commit	2023-01-06 14:50:14 +02:00
Aminda Suomalainen	3aa962024e	etc/NetworkManager/conf.d/iwd.conf: add wifi.iwd.autoconnect=true This seems to affect nothing though	2023-01-06 14:02:55 +02:00
Aminda Suomalainen	caa0d5e185	etc/ssh/ssh_config: add VisualHostKey yes	2022-12-19 19:42:10 +02:00
Aminda Suomalainen	c9251b5acd	chrony/conf.d: add require-nts.conf Resolves: #148	2022-12-06 14:47:45 +02:00
Aminda Suomalainen	6cf6426df6	etc/chrony/sources.d/dna-moi: turn to pool of 3	2022-12-05 13:21:52 +02:00
Aminda Suomalainen	28068278c4	chrony/sources.d/finland.sources: add mikes time{1,2,3}	2022-12-05 12:49:23 +02:00
Aminda Suomalainen	77dfbf59af	etc/dnf/dnf.conf: add a commented cachedir for zaldaryn	2022-11-30 17:56:17 +02:00
Aminda Suomalainen	0619d60340	etc/chrony/README.md: note GH cadusilva's check command Ref: #148	2022-11-26 12:30:24 +02:00
Aminda Suomalainen	b94e62b884	chrony/sources.d/nts: add System76 Paris & time.nl Ref: #148	2022-11-26 12:28:01 +02:00
Aminda Suomalainen	c484b20cb3	chrony/sources.d/finland: remove snopyta part of the NTP pool anyway	2022-11-26 12:13:18 +02:00
Aminda Suomalainen	b350e525e6	etc/ssh/ssh_config: torify ssh	2022-10-10 23:00:16 +03:00
Aminda Suomalainen	1de04a8367	unbound/00-insecure-domains.conf: add http.badssl.com, my captive portal trigger goto	2022-10-03 22:01:15 +03:00
Aminda Suomalainen	9ad97b4560	etc/default/grub.d: add cpufreq-powersave.cfg	2022-09-21 16:34:28 +03:00
Aminda Suomalainen	b16a6a428c	etc/tlp.d/lumina.conf: add powersave cpu governor	2022-09-21 16:32:12 +03:00
Aminda Suomalainen	903774fc10	dnf.conf: set commented timeout to 2, note not setting it lower Otherwise there is trouble with the default value of 'migrate' and too many working mirrors start failing	2022-09-17 21:51:13 +03:00
Aminda Suomalainen	037b57fe00	etc/dnf/dnf.conf: add commented timeout (30 -> 5 seconds) S3 seems down and I am not patient enough to wait for 30 seconds X times	2022-09-17 21:42:15 +03:00
Aminda Suomalainen	d2bbe52a21	etc/yum.repos.d: replace unstable protonvpn with stable	2022-09-17 20:20:55 +03:00
Aminda Suomalainen	b4c663db73	torrc-client: update hybridirc-onion	2022-09-02 13:25:23 +03:00
Aminda Suomalainen	d2aeabb1c9	etc/pki/ca-trust/source/anchors/README.md: add a note on installing CA certificates	2022-08-15 18:42:46 +03:00
Aminda Suomalainen	71cc6e18ef	etc/yum.repos.d: add brave-browser.repo I am not impressed by the upstream documentation.	2022-07-05 17:54:39 +03:00
Aminda Suomalainen	e9fcfbb1c3	sysctl.d/99-ssd-swappiness.conf: add reminder on earlyoom	2022-06-24 23:15:59 +03:00
Aminda Suomalainen	3c23a31d18	etc/sysctl.d: add 99-ssd-swappiness.conf (and .gitignore) The default 99-sysctl.conf doesn't have to be here, it's a symlink to top directory anyway.	2022-06-13 17:20:53 +03:00
Aminda Suomalainen	3e3added6c	etc/tlp.d: add lumina.conf	2022-06-04 14:17:22 +03:00
Aminda Suomalainen	1c86e28c67	etc/yum.repos.d/README.md: note `sudo fedora-third-party enable`	2022-04-21 09:13:44 +03:00
Aminda Suomalainen	e74d1b6eea	etc/tor: add torrc.d, README, http.conf	2022-04-12 15:10:45 +03:00
Aminda Suomalainen	bb7f283891	Revert "systemd/matterbridge.service: import parts of upstream" This reverts commit `35aea33043`. Ref: https://github.com/42wim/matterbridge/issues/1794	2022-04-04 09:50:46 +03:00
Aminda Suomalainen	35aea33043	systemd/matterbridge.service: import parts of upstream https://github.com/42wim/matterbridge/wiki/Service-files#systemd	2022-04-04 08:35:23 +03:00
Aminda Suomalainen	12db5c8841	torrc-client: uncomment 8118	2022-03-31 08:26:55 +03:00
Aminda Suomalainen	82ef806e9f	systemd-resolved README: add quickstart, remove extra h-levels	2022-03-28 20:43:03 +03:00
Aminda Suomalainen	17da76e484	systemd/resolved/README.md: add the ArchWiki DNSSEC issue links	2022-03-28 20:37:37 +03:00
Aminda Suomalainen	f55c00dae6	systemd/resolved/README.md: add missing word, improve formatting	2022-03-28 20:36:11 +03:00
Aminda Suomalainen	8c532e3ef8	etc…resolved…: add/clarify links in/to comments Courtesy of https://wiki.archlinux.org/title/Systemd-resolved#DNSSEC	2022-03-28 20:34:37 +03:00
Aminda Suomalainen	d47c374706	etc/ststemd/resolved…: aggressive cleanup/rewriting	2022-03-28 20:28:17 +03:00
Aminda Suomalainen	64bba542b1	systemd/matterbridge.service: remove -debug, mention /groupId	2022-03-18 10:44:25 +02:00
Aminda Suomalainen	76814f830f	etc/{i2pd,systemd}: modernise to less bad ideas The issue has been fixed last year and considering I2Pd can connect through Yggdrasil natively, tunneling Yggdrasil in is a bad idea and could lead into Yggdrasil over Yggdrasil loop situation.	2022-03-08 18:18:40 +02:00
Aminda Suomalainen	3513928492	etc/tor/torrc-client: add PirateIRC	2022-03-02 14:44:13 +02:00
Aminda Suomalainen	5613e1bd9a	etc/tor/…-client: add hybridirc onion	2022-02-26 21:07:39 +02:00
Aminda Suomalainen	d2e21e9b4e	etc/resolv.csv: add OpenDNS DoT with a question mark Ref: #127	2022-02-23 09:58:06 +02:00
Aminda Suomalainen	859bc2a28c	etc/sudoers.d: add restart-matterbridge Allows restarting matterbridge passwordlessly	2022-02-14 12:14:22 +02:00
Aminda Suomalainen	0778849f34	etc/sudoers.d: rm protonvpn TODO: figure out does the hibernate file have reason for existing, I have faint idea of the package being removed	2022-02-14 12:07:47 +02:00
Aminda Suomalainen	018f80e6fe	etc/pkcs11/modules: correct libcryptoki & README	2022-02-10 17:40:40 +02:00
Aminda Suomalainen	33950a762e	etc/pkcs11/modules: add README.md,libcryptoki.module	2022-02-10 16:33:49 +02:00
Aminda Suomalainen	82d2146706	etc/tor/client: remove PirateIRC and freenode PirateIRC with Ergo is yet to get onion setup and I imagine freenode destroyed their onion a long time ago. I haven't been using it though.	2022-01-17 17:31:33 +02:00
Aminda Suomalainen	df3e710c60	etc/tor/torrc-client: add MapAddress for OFTC	2022-01-17 17:30:39 +02:00
Aminda Suomalainen	f0029674e7	etc/apt/sources.list: also update debug.mirrors.debian.org onion Resolves: #124	2022-01-16 19:17:48 +02:00
Aminda Suomalainen	4c6cc2391f	etc/apt/sources.list: attempt to update to onionV3 Resolves: #124	2022-01-16 19:06:41 +02:00
Aminda Suomalainen	f58d0d7d01	ssh/user-permit-password: add example for multiple users	2022-01-16 15:15:09 +02:00
Mikaela Suomalainen	1356fccd20	systemd: add flatpak-update.{service,timer} Resolves: #121	2021-12-18 13:45:53 +02:00
Mikaela Suomalainen	1b4ac2b6d7	etc/systemd/system.conf.d: add log4shell.conf	2021-12-13 13:09:35 +02:00
Mikaela Suomalainen	5704353d55	systemd: copy matterbridge restarter into gitea one It used to stop working randomly without a good reason, but that is likely fixed upstream a long time ago and while I removed it from cron, these units exist so should the issue recur, I can throw these back in. The cron wasn't randomized though, but I don't think there is harm in this being a bit random.	2021-12-06 23:48:40 +02:00
Mikaela Suomalainen	8e69874534	matterbridge-restart.timer: fix language	2021-12-06 23:48:30 +02:00
Mikaela Suomalainen	8209a74c6b	etc: small xdg/autostarts updates: * pulseeffects -> easyeffects * wire -> deprecated/ * telegramdesktop.desktop: add workaround (and supposedly it didn't exist here, #42) Resolves: #42	2021-12-02 19:52:34 +02:00
Mikaela Suomalainen	bd91ef704d	systemd: matterbridge.timer -> matterbridge-restart.{service,timer} Resolves: #98	2021-11-22 09:56:56 +02:00
Mikaela Suomalainen	9ba056cfd3	matterbridge-cleanup.service: fix typo, ignore exit state	2021-11-21 17:15:12 +02:00
Mikaela Suomalainen	62573195d9	systemd: add matterbridge-cleanup.{service,timer} Resolves: #98	2021-11-21 17:11:44 +02:00
Mikaela Suomalainen	13278214d1	matterbridge.timer: OnBootSec=0 just in case Ref: #98	2021-11-21 16:59:05 +02:00
Mikaela Suomalainen	29f7cf6b98	systemd: first attempt at matterbridge restarter timer Ref: #98	2021-11-21 16:52:14 +02:00
Mikaela Suomalainen	4f50f4a367	systemd-resolved: don't DNSSEC with adblocking	2021-11-21 11:37:03 +02:00
Mikaela Suomalainen	12fe7a59a8	etc/systemd/resolved: add configuration for Mullvad DoT	2021-11-21 11:16:11 +02:00
Mikaela Suomalainen	d49b78680b	etc/resolv.csv: add CZ.NIC ODVR Ref: #110 Ref: #112	2021-11-07 18:59:16 +02:00
Mikaela Suomalainen	1e40420115	unbound: rm outdated yggdrasil-override Ref: #89	2021-10-05 12:38:16 +03:00
Mikaela Suomalainen	bfa51f500b	unbound/dns-over-tls.conf: stop advertising Debian 9	2021-10-05 12:34:10 +03:00
Mikaela Suomalainen	ee293669d9	unbound: add dot-flushable-cache.conf Resolves: #105	2021-10-05 12:33:40 +03:00
Mikaela Suomalainen	862808fe07	etc/yum.repos.d: partially rewrite README.md Main problem was "dnf still reads this repository apparently" where the word "repository" was wrong, and I couldn't fix it without changing everything :)	2021-10-05 12:18:42 +03:00
Mikaela Suomalainen	4b57b299cc	etc/yum.repos.d/*.repo: rename descriptively The fedora-dino.repo was unfriendly towards Windows (#106) and I noticed that the other renamed files contained Fedora, so I think they should be named appropiately. microsoft-edge-dev.repo mentioned generally yumrepos, so it seems to not be Fedora specific.	2021-10-05 12:13:11 +03:00
Mikaela Suomalainen	e49187f9dc	chrony/README: fix Windows doc	2021-10-05 10:59:53 +03:00
Mikaela Suomalainen	12127744b5	systemd: also keep trying Chrony	2021-10-03 09:58:59 +03:00
Mikaela Suomalainen	84e714b55e	systemd: keep retrying yggdrasil, don't sleep	2021-10-03 09:58:03 +03:00
Mikaela Suomalainen	38ef6e7314	chrony/sources/nts: add nts.netnod.se They appear to be the only bigger party hosting NTS in addition to Cloudflare and being in neighbouring country isn't too bad Via https://gist.github.com/jauderho/2ad0d441760fc5ed69d8d4e2d6b35f8d which encouraged me to look into them a bit more. Additionally having read chrony or chrony.conf manual on default behaviour implying NTS servers are "require trust" and when mixing them with NTP servers, NTP servers never get selected unless they agree with NTS servers.	2021-09-26 21:28:06 +03:00
Mikaela Suomalainen	61ad1e935b	00-ptrace-restricted.conf: set to 3 I cannot remember when I last needed it and this makes Edgium about:sandbox happy	2021-09-06 18:45:38 +03:00
Mikaela Suomalainen	575b68fe3a	etc/apt/sources.list/stable: update security name https://www.debian.org/releases/bullseye/amd64/release-notes/ch-information.en.html#security-archive	2021-08-15 00:42:58 +03:00
Mikaela Suomalainen	c8189a3aa6	chrony/yggdrasil.sources: update jolly-roger address	2021-08-08 00:07:01 +03:00
Mikaela Suomalainen	a7ea71ae38	chrony/conf.d: add cmd.conf Ref: #95 which this attempts to workaround and fails	2021-08-07 23:56:38 +03:00
Mikaela Suomalainen	a43478e430	chrony: add broken NTS configuration Ref: #94	2021-08-07 23:52:15 +03:00
Mikaela Suomalainen	a9f34a8d1c	sysctl/questionable: 99-nonlocalbind.conf Resolves: #55	2021-06-27 17:43:34 +03:00
Mikaela Suomalainen	8f09ff7d45	chrony/confdir: add fedora-sourcedir.conf Fedora doesn't specify non-DHCP sourcedir by default so I specify one here	2021-06-26 23:24:51 +03:00
Mikaela Suomalainen	0c5413171f	sysctl.d: add 00-max-ipv6-route.conf	2021-06-20 00:42:24 +03:00
Mikaela Suomalainen	1c0073920a	pipewire/README: more on pro-audio, alsamixer and not deafening	2021-06-19 23:45:19 +03:00
Mikaela Suomalainen	c73d7a3a0c	sysctl.d: 00-magicsysrq.conf -> 60-magicsysrq.conf Otherwise Fedora seems to overwrite it with priority 50 file	2021-06-19 15:49:27 +03:00
Mikaela Suomalainen	3b99675a34	etc/sysctl.d: go through, mkdir questionable/ Resolves: #93	2021-06-19 15:41:49 +03:00
Mikaela Suomalainen	9c7d0c6210	etc/ssh/config.d: add example.conf So I can stop having to dig this from manual every time I want to configure a new host, and a couple of options I haven't used previously, but could as they seem nice	2021-06-18 13:48:41 +03:00
Mikaela Suomalainen	a5836327c4	etc: pipewire & bluetooth: enable codes, battery reporting https://web.archive.org/web/20210614103423/https://www.redpill-linpro.com/techblog/2021/05/31/better-bluetooth-headset-audio-with-msbc.html	2021-06-14 13:36:34 +03:00
Mikaela Suomalainen	437a417697	etc/pipewire/…: say that using Pro-audio is enough fix	2021-06-14 12:13:57 +03:00
Mikaela Suomalainen	93823eabd6	sysctl.d: add 23-starts-unprivileged-ports.conf Self-explanatory within comments. Link list notes to selves contributing into this version: * https://kernelnewbies.org/Linux_4.11 * https://stackoverflow.com/a/51439516 * https://stackoverflow.com/questions/413807/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux#comment90027734_51439516 * https://developer.apple.com/forums/thread/674179 * https://news.ycombinator.com/item?id=18302380 * https://security.stackexchange.com/q/242859 * https://stackoverflow.com/questions/413807/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux#comment90027734_51439516	2021-06-12 21:52:39 +03:00
Mikaela Suomalainen	75731868e7	unbound/dns-over-tls.conf: allow non-Finnish anycast & note being used on servers	2021-06-11 19:39:57 +03:00
Mikaela Suomalainen	126918d98d	systemd/limnoria.service: add TZ env & RestartSec	2021-06-02 17:50:30 +03:00
Mikaela Suomalainen	30a308d29f	torrc-client: add MapAddress for palladium.libera.chat https://libera.chat/guides/connect#verifying-tor-tls-connections	2021-05-27 17:50:03 +03:00
Mikaela Suomalainen	6576e83901	etc/tor/torrc-client: add irc.ergo.chat	2021-05-27 02:52:30 +03:00
Mikaela Suomalainen	6f7016a596	torrc-client: add irc.liberta.casa	2021-05-22 13:16:26 +03:00
Mikaela Suomalainen	c1768cae67	systemd: "rewrite" supybot -> limnoria, move znc, rmdir irc/	2021-05-16 18:00:31 +03:00
Mikaela Suomalainen	306270c441	etc/systemd: rm cjdns & miredo, I am unlikely to use them again	2021-05-16 11:15:34 +03:00
Mikaela Suomalainen	49facd9d39	etc/dnf.conf: comment tor example	2021-05-05 20:43:52 +03:00
Mikaela Suomalainen	aa18d746db	etc/pipewire/README.md: cut a long line into two	2021-05-05 11:02:53 +03:00
Mikaela Suomalainen	4b445c2aaf	etc/pipewire: remove the ...example.donotuse I am quite sure that the config file has changed so much that the file wouldn't work anyway and I don't think I really need it with the important part being in the README.md	2021-05-05 11:01:50 +03:00
Mikaela Suomalainen	c6a75f0962	ssh/anoncvs.conf: fix typo	2021-05-04 16:18:31 +03:00
Mikaela Suomalainen	447e8192c2	etc/default/grub.d: add remember-previous.cfg	2021-04-30 20:05:22 +03:00
Mikaela Suomalainen	ad6ac7d45e	dnf.conf: double max_parallel_downloads	2021-04-28 12:32:58 +03:00
Mikaela Suomalainen	1ad289aa49	unbound/dot-mullvad-adblock.conf: add missing port number	2021-04-27 21:40:16 +03:00
Mikaela Suomalainen	41879fe5e8	unbound.conf.d: rm dns-mullvad, add dot-mullvad[-adblock]	2021-04-27 21:35:58 +03:00
Mikaela Suomalainen	61d19724fa	resolv.csv: add Mullvad	2021-04-27 21:30:46 +03:00
Mikaela Suomalainen	e4c9d168ba	yum.repos.d: add tor.repo	2021-03-28 09:41:15 +03:00
Mikaela Suomalainen	6f8c7de6af	unbound.conf.d: add 00-insecure-domains.conf (WiFi repeater config)	2021-03-14 21:00:32 +02:00
Mikaela Suomalainen	3b4847f447	yum.repos.d/protonvpn-unstable: remove unneeded expansions Fixes pkcon complaining	2021-03-13 18:29:30 +02:00
Mikaela Suomalainen	134999487f	yum.repos.d: add microsoft-edge-dev.repo	2021-03-07 16:46:47 +02:00
Mikaela Suomalainen	93b9bc5ba6	yum.repos.d: move Dino from README to .repo	2021-03-07 16:37:15 +02:00
Mikaela Suomalainen	267f68ae80	yum.repos.d: add microsoft-prod.repo	2021-03-07 16:36:04 +02:00
Mikaela Suomalainen	e5c259eda6	README.md: write about soft-mixer	2021-03-02 12:21:58 +02:00
Mikaela Suomalainen	85d97aec3e	apt/preferences.d/pulseaudio: pin priority -1 backports too	2021-03-01 19:08:18 +02:00
Mikaela Suomalainen	51b0b5dde5	sudoers.d/protonvpn: add more paths & potential legacy note	2021-02-27 09:02:10 +02:00
Mikaela Suomalainen	5903664cb7	yum.repos.d: add protonvpn-unstable.repo	2021-02-26 14:10:38 +02:00
Mikaela Suomalainen	f21e22e80f	etc/sudoers.d: fix name, make notes to README.md	2021-02-26 11:34:20 +02:00
Mikaela Suomalainen	267dd77604	im.riot.Riot.desktop: add missing word "run"	2021-02-19 14:27:16 +02:00
Mikaela Suomalainen	8463fa8f5c	local/share/applications: Riot -> Element Package name hasn't changed though so I imagine the icon is the same too	2021-02-19 13:59:27 +02:00
Mikaela Suomalainen	95a44d0be9	etc/pipewire: document the volume cutoff (pulseaudio style) workaround	2021-02-18 14:51:22 +02:00
Mikaela Suomalainen	c8e89a5817	systemd: add coredump.conf.d/biggercores.conf	2021-02-18 14:47:23 +02:00
Mikaela Suomalainen	8155bec959	sysctl.d: add 00-quic-go-udp-receive-buffer.conf So I will remember it's existence	2021-02-13 09:36:28 +02:00
Mikaela Suomalainen	a0c61231f4	systemd/resolved.conf.d: add snopyta-strict.conf While posting an example how I would do it I might as well put it here	2021-02-10 16:12:42 +02:00
Mikaela Suomalainen	288b010fe5	sshd: move mikaela-prohibit-password.conf to broken/ Apparently OpenSSH only allows PasswordAuthentication yes within a Match block.	2021-02-02 14:12:43 +02:00
Mikaela Suomalainen	1be2720861	sshd: explicitly "terminate" Match blocks by Match All https://unix.stackexchange.com/a/303982/17126 & man sshd_config	2021-02-02 13:58:35 +02:00
Mikaela Suomalainen	3260950712	sshd/anoncvs.conf: vcs users shouldn't ever be asked for a password even if the system would allow that.	2021-02-02 13:06:04 +02:00
Mikaela Suomalainen	2711c5975e	NetworkManager.conf.d: add no-search-domains.conf	2021-02-02 12:52:34 +02:00
Mikaela Suomalainen	7ad17f8087	sshd/user-permit-password.conf: note on how to allow specific user to use passwords	2021-02-01 17:11:06 +02:00
Mikaela Suomalainen	1503367c86	sshd_config & ….d/README: note min version & date	2021-01-31 13:51:06 +02:00
Mikaela Suomalainen	f75bc7bd07	sshd/basic-security.conf: remove deprecated option > /etc/ssh/sshd_config.d/basic-security.conf line 24: Deprecated option UsePrivilegeSeparation OpenSSH_8.4p1, OpenSSL 1.1.1i FIPS 8 Dec 2020	2021-01-31 13:39:51 +02:00
Mikaela Suomalainen	0151bee9b0	sshd/mikaela-prohibit-password.conf: add AuthenticationMethods publickey	2021-01-30 22:15:51 +02:00
Mikaela Suomalainen	f1ea1e17d9	etc/ssh: rm copy	2021-01-30 21:35:05 +02:00
Mikaela Suomalainen	0572613d99	etc/ssh: cut sshd_config into multiple .confs	2021-01-30 21:31:38 +02:00
Mikaela Suomalainen	c5fa3daf29	sshd_config.d: read Mozilla docs & adjust accordingly https://infosec.mozilla.org/guidelines/openssh	2021-01-30 21:18:41 +02:00
Mikaela Suomalainen	5211fb772c	sshd_config.d: add anoncvs.conf	2021-01-30 21:00:06 +02:00
Mikaela Suomalainen	de3a0739b4	sshd_config.d: add mikaela-prohibit-password.conf Resolves: #88	2021-01-30 20:50:21 +02:00
Mikaela Suomalainen	a7c643bb7a	etc/sshd_config.d: add basic-security.conf Ref: 88	2021-01-30 20:47:21 +02:00
Mikaela Suomalainen	8628ec28e0	yum.repos.d: add Dino	2021-01-30 11:01:17 +02:00
Mikaela Suomalainen	84ee7aeada	yum.repos.d: list Keybase too	2021-01-29 19:18:11 +02:00
Mikaela Suomalainen	27d1914424	etc: add dnf/dnf.conf & yum.repos.d/README.md	2021-01-29 19:15:08 +02:00
Mikaela Suomalainen	81296a241c	chrony: cut chrony.d/ into conf.d/ and sources.d/ I hope these are wider defaults than just Debian and allow me to not conflit with package manager, but regardless having a separate sources.d/ looks like a good idea for being able to `chronyc reload sources`	2021-01-29 12:56:38 +02:00
Mikaela Suomalainen	fc0730d7a5	sudoers.d/protonvpn.conf: add /usr/bin/protonvpn	2021-01-28 13:13:28 +02:00
Mikaela Suomalainen	16b19fb34d	torrc-client: add etro.mikaela.info	2021-01-26 19:42:25 +02:00
Mikaela Suomalainen	6216d8cda3	sudoers.d: add passwordless protonvpn-{tray,gui}	2021-01-16 20:40:21 +02:00
Mikaela Suomalainen	2df7aed162	chrony/yggdrasil: add comment & Kotka computers	2021-01-08 11:25:16 +02:00
Mikaela Suomalainen	0f94c59b81	chrony: add hetzner srevers	2020-12-19 13:03:54 +02:00
Mikaela Suomalainen	abb0c37ef2	unbound.conf.d: add yggdrasil-override.conf Begins #89 at a better time	2020-12-15 20:34:01 +02:00
Mikaela Suomalainen	b26c9f698d	chrony/yggdrasil: add Etro	2020-12-15 14:30:30 +02:00
Mikaela Suomalainen	b20f3367b1	systemd/yggdrasil: add mullvad-exclude (& fix chrony override typo)	2020-12-09 09:38:49 +02:00
Mikaela Suomalainen	36b6a99e85	chrony.d: local-servers: add notes + xleave to the first comment	2020-12-09 08:44:34 +02:00
Mikaela Suomalainen	40d535f2c0	systemd/chrony.service.d/mullvad-exclude: actually fix this	2020-12-08 18:36:34 +02:00
Mikaela Suomalainen	f92b8d8d05	chrony.d/yggdrasil.conf: add y.Jolly-Roger	2020-12-06 19:49:12 +02:00
Mikaela Suomalainen	e27e88efd8	chrony.d: add hwtimestamp.conf	2020-12-06 19:26:04 +02:00
Mikaela Suomalainen	4a25481db2	chrony/yggdrasil.conf: add Sedric	2020-12-06 18:36:23 +02:00
Mikaela Suomalainen	5e94147e81	chrony.d/yggdrasil.conf: initial commit	2020-12-06 18:02:43 +02:00
Mikaela Suomalainen	2a615d8241	chrony: note that confdir and NTS require 4.0	2020-12-03 10:52:47 +02:00
Mikaela Suomalainen	e9aefd711b	blocklist.conf: refuse blocked instead of nxdomain Only the Firefox DoH needs to be NXDOMAIN while REFUSE may be more accurate for the rest.	2020-11-21 12:13:55 +02:00
Mikaela Suomalainen	e7a6e00b83	unbound/dns-over-tls: comment Adguard & NextDNS for not being in FI	2020-11-15 09:46:50 +02:00
Mikaela Suomalainen	aadcc009a0	unbound/dns-over-tls.conf: add Adguard (unfiltered) & NextDNS	2020-11-12 16:12:18 +02:00
Mikaela Suomalainen	3289a812ee	unbound: add dns-mullvad.conf (not encrypted) Contains Mullvad Wireguard, OpenVPN and public addresses	2020-11-10 16:04:48 +02:00
Mikaela Suomalainen	9536101263	resolv.csv: add BlahDNS DoH CDNs Just doh1, because it and doh2 resolve into the same addresses for me and I don't want to add duplicate DoH field when only BlahDNS has two differnt addresses for the same thing.	2020-11-08 12:50:31 +02:00
Mikaela Suomalainen	49d969822b	etc/resolv.csv: add BlahDNS Resolves: #85	2020-11-04 12:56:48 +02:00
Mikaela Suomalainen	c302b10caf	chrony.d: restore log.conf	2020-11-01 11:57:57 +02:00
Mikaela Suomalainen	07e8c52f3b	chrony.d/local-servers: remove duplicate line it's in README.md	2020-11-01 11:36:30 +02:00
Mikaela Suomalainen	dced82b820	etc/chrony: break chrony.conf into README.md & chrony.d/	2020-11-01 11:23:59 +02:00
Mikaela Suomalainen	52458cc8aa	chrony.conf: add xleave for peer	2020-11-01 10:47:30 +02:00
Mikaela Suomalainen	84a669f51f	chrony.conf: add note for Windows on nettime	2020-10-31 18:10:25 +02:00
Mikaela Suomalainen	c55e6b97e8	chrony.conf: comments for nmap and VPNs	2020-10-31 14:34:47 +02:00
Mikaela Suomalainen	0c7038da14	systemd: systemd-resolved.service.d/unbound.conf: After unbound	2020-10-30 10:19:39 +02:00
Mikaela Suomalainen	fe83cbbb3a	systemd: add config for excluding Chrony from Mullvad	2020-10-30 08:04:58 +02:00
Mikaela Suomalainen	f878041e2e	unbound/dns-over-tls.conf: reverse order of providers It seems to have some (small?) relevance to where queries go to.	2020-10-29 16:24:52 +02:00
Mikaela Suomalainen	6e1f41533c	unbound/dns-over-tls.conf: comment the 443 appliedprivacy Thinking it a bit more, it's not useful to use their resources on devices that practically never encounter blocked port 853.	2020-10-29 13:22:19 +02:00
Mikaela Suomalainen	b03e00faaa	local/share/apps: add firejailed mirage (todo: test it)	2020-10-29 13:15:48 +02:00
Mikaela Suomalainen	c93034ba7f	unbound/dns-over-tls.conf: major cleanup	2020-10-29 13:15:23 +02:00
Mikaela Suomalainen	8b04c26065	chrony.conf: add a peer comment for LOCALMACHINE.local	2020-10-27 10:35:09 +02:00
Mikaela Suomalainen	dc2ac02412	begin depulseaudioing https://wiki.archlinux.org/index.php/PulseAudio/Troubleshooting#No_sound_below_a_volume_cutoff_or_Clipping_on_a_particular_output_device is too much for me. I expect to suffer this decision too though. * i3: bind audio buttons to amixer (TODO: there are still pulse-specific shortcuts and no shortcut for any kind of a mixer. $TERMINAL alsamixer?) * i3status: comment pulse to make it see alsa * apt: pin pulseaudio to negative priority	2020-10-26 17:21:39 +02:00
Mikaela Suomalainen	9b197cbaed	chrony.conf: add a local server example	2020-10-26 07:34:10 +02:00
Mikaela Suomalainen	258cf72ccb	chrony.conf: mark Cloudflare as a pool of 2	2020-10-25 19:46:36 +02:00
Mikaela Suomalainen	9ae9856c0a	chrony.conf: mark Snopyta & Telia as pools with maxsources 3	2020-10-25 18:54:53 +02:00
Mikaela Suomalainen	51080f52d8	chrony.conf: add comments on allowing lan access	2020-10-25 17:43:07 +02:00
Mikaela Suomalainen	b4ca31e6c6	chrony.conf: add DNA & Telia NTP servers Resolves: #83	2020-10-25 17:22:59 +02:00
Mikaela Suomalainen	4cebe7fbd5	chrony.conf: list NTP servers Ref: #83	2020-10-25 12:44:53 +02:00
Mikaela Suomalainen	993759577e	Bind systemd-resolved to Unbound	2020-10-25 09:05:07 +02:00
Mikaela Suomalainen	73f273f4bb	etc/chrony: add small chrony.conf notes	2020-10-24 11:32:07 +03:00
Mikaela Suomalainen	d3e00fb1a3	xdg-applications: add firejailed appimage of chatterino	2020-10-24 09:11:14 +03:00
Mikaela Suomalainen	1e70d7d4d7	etc/systemd-resolved&unbound: add Quad9 ECS configs Untested. The last time I saw the documentation, they didn't mention DoT.	2020-10-21 17:09:20 +03:00
Mikaela Suomalainen	1467454284	hosts.append: prepend empty line It makes it easier to see where this begins in the appended /etc/hosts	2020-10-21 15:18:03 +03:00
Mikaela Suomalainen	de7184794a	etc: add hosts.append for appending into hosts for systemd-resolved	2020-10-21 15:16:56 +03:00
Mikaela Suomalainen	ca4c85b7df	etc/resolv.csv: add Quad9 ECS The DoT address is guessed and verified to be open through nmap, as it's not documented, I don't know surely that it's what it should. DoH is mentioned in https://www.quad9.net/doh-quad9-dns-servers/ via https://gitlab.com/nitrohorse/ios14-encrypted-dns-mobileconfigs/-/issues/6	2020-10-18 11:11:27 +03:00
Mikaela Suomalainen	cb5781044c	resolv.conf: add OpenDNS Family	2020-10-03 14:56:52 +03:00
Mikaela Suomalainen	5f9cf10c68	resolv.csv: add Cleanbrowsing	2020-10-03 14:07:41 +03:00
Mikaela Suomalainen	531abc1f42	resolv.csv: fix Cloudflare DoT address	2020-10-03 13:49:04 +03:00
Mikaela Suomalainen	96d19d99cb	resolv.csv: add Cloudflare family, fill CF antimalware IPv6	2020-10-03 13:46:13 +03:00
Mikaela Suomalainen	8241d0e695	resolv.csv: add AdGuard Family	2020-10-03 13:42:05 +03:00
Mikaela Suomalainen	ae533261ab	etc/resolv.csv restore Firefox addresses	2020-10-03 13:38:31 +03:00
Mikaela Suomalainen	13a03812ba	resolv.conf: move resolvers to resolv.csv	2020-09-27 15:05:53 +03:00
Mikaela Suomalainen	31a15a9abc	systemd-resolved & unbound: update AdGuard IPs Resolves: #81	2020-09-27 14:34:54 +03:00
Mikaela Suomalainen	09d7a87dfb	fix zaldaryn-r8168?	2020-09-03 19:39:34 +03:00
Mikaela Suomalainen	6c2475676c	unbound.conf.d/dot-adguard.conf: fix SNI domain	2020-08-30 16:56:51 +03:00
Mikaela Suomalainen	edb259b1c8	unbound.conf.d: add dot-adguard.conf	2020-08-30 16:45:35 +03:00
Mikaela Suomalainen	cc965d4692	blocklist.conf: add empty line & incoming.telemetry.mozilla.org	2020-08-22 23:31:54 +03:00
Mikaela Suomalainen	263f828550	unbound blocklist: add ssl.google-analytics.com	2020-08-20 19:30:47 +03:00
Mikaela Suomalainen	94eace15e7	unbound/blocklist.conf: specify it's server clause Introduced by `e4d18d47c5`	2020-08-20 18:38:37 +03:00
Mikaela Suomalainen	cabf7c570d	blocklist.conf: add [www.]google-analytics.com.	2020-08-20 18:33:51 +03:00
Mikaela Suomalainen	b5cafdeb90	unbound: the mass file is not a good idea? cut it?	2020-08-16 12:18:07 +03:00
Mikaela Suomalainen	e4d18d47c5	etc/.../unbound.conf: update for 1.11.0-1+	2020-08-15 10:27:50 +03:00
Mikaela Suomalainen	cf8dc85ec0	systemd/timesyncd.conf.d: add cloudflare.conf	2020-08-09 10:51:36 +03:00
Mikaela Suomalainen	82cf5e7742	systemd/resolved.conf.d: add generic NextDNS confs	2020-08-09 00:07:06 +03:00
Mikaela Suomalainen	c3f9205610	resolv.conf: fix nextdns addresses	2020-08-09 00:03:13 +03:00
Mikaela Suomalainen	bbbe4a2f04	resolv.conf: add Firefox DoH resolvers Excluding Comcast	2020-08-08 20:06:39 +03:00
Mikaela Suomalainen	f58ba9424e	resolv.conf: more notes, hilight systemd-resolved, add DoH addresses	2020-08-08 19:44:08 +03:00
Mikaela Suomalainen	ca25fa1a66	sources.list: rm 16.04.archive.ubuntu.com I don't see enough difference compared to ubuntu. Resolves: #78	2020-08-07 15:58:54 +03:00
Mikaela Suomalainen	0be7388798	sources.list: add ubuntu Resolves: #77	2020-08-07 10:40:22 +03:00
Mikaela Suomalainen	73fb88e11d	systemd-resolved.conf.d: everywhere -> 00-everywhere	2020-07-24 12:16:31 +03:00
Mikaela Suomalainen	8af19aab5e	resolv.conf: link to Mullvad issue while at it	2020-07-23 23:28:14 +03:00
Mikaela Suomalainen	99cda3d7ed	resolv.conf: add a missing word	2020-07-23 23:27:37 +03:00
Mikaela Suomalainen	7da5babc43	resolv.conf: add missing empty line	2020-07-23 22:59:53 +03:00
Mikaela Suomalainen	d3e1aaee30	resolv.conf: more systemd-resolved info	2020-07-23 22:52:32 +03:00
Mikaela Suomalainen	6289837766	resolv.conf: note the systemd-resolved files	2020-07-23 22:43:04 +03:00
Mikaela Suomalainen	a8e9d7d81f	etc/resolv.conf: add option trust-ad	2020-07-20 23:11:55 +03:00
Mikaela Suomalainen	69f55cd724	systemd/resolved: adguard-strict -> adguard-dot	2020-07-18 14:05:36 +03:00
Mikaela Suomalainen	550b68d149	etc/systemd/resolved: add [adguard,cloudflare}-strict.conf I am not actually using either though and I am not sure if I will, but maybe they are nice to have as a backup here just in case.	2020-07-18 02:20:56 +03:00
Mikaela Suomalainen	b3cb953b9c	systemd/resolved: add a comment to everywhere.conf too as every other file explains who it is for, why not this	2020-07-04 19:09:26 +03:00
Mikaela Suomalainen	0ae22081a0	etc/systemd-resolved: rework all files more or less * explain things in README.md, don't duplicate comments * opportunistic-insecure.conf should be used everywhere by default, so thus it's now everywhere.conf. However I am yet to test it does what I expect, so this is bad case of testing in production or after committing it in general.	2020-07-04 19:06:18 +03:00
Mikaela Suomalainen	7a73088beb	systemd/resolved.conf.d/quad9*.conf: enable SNI	2020-06-26 12:22:09 +03:00
Mikaela Suomalainen	bce9af0edd	resolved.conf: add quad9-compat.conf	2020-06-26 12:22:09 +03:00
Mikaela Suomalainen	507b9b15c7	etc/containers: add registries.conf example linking to source, it seems to be enough to get started with podman	2020-05-27 11:01:08 +03:00
Mikaela Suomalainen	856085bd74	ssh_config: document ForwardAgent and ForwardX11... ...Previously they were no without explanation, but it never hurts to explicitly have comments on not doing that, I didn't quickly find anything nice for ForwardAgent, but I remember the Matrix.org people somehow avoiding hearing it and ForwardX11 first result was that StackExchange.	2020-05-22 14:36:26 +03:00
Mikaela Suomalainen	d8d48508bd	ssh_config: update comments, add Includes Resolves: #69	2020-05-22 14:29:37 +03:00
Mikaela Suomalainen	c2c27c8adb	local: add firejail-appimage-patchwork.desktop	2020-05-08 18:14:42 +03:00
Mikaela Suomalainen	5226399637	grub.d: add quiet.cfg to remind me to not remove it	2020-04-08 19:24:22 +03:00
Mikaela Suomalainen	1e08997ad5	etc/sources.list: add (Debian's) experimental	2020-03-30 18:12:16 +03:00
Mikaela Suomalainen	6f2f986d2f	etc/fahclient/config.xml: let the slider be MEDIUM	2020-03-30 09:16:32 +03:00
Mikaela Suomalainen	d1fc83913b	systemd/user: add ipfs, transmission-daemon (from system)	2020-03-30 08:42:06 +03:00
Mikaela Suomalainen	b2dac44a64	etc: add fahclient/config.xml	2020-03-30 08:35:56 +03:00
Mikaela Suomalainen	d39ec4ccfe	grub.d/oldifnames.cfg: update comment I seem to be using it in multiple systems so I cannot say I don't recommend it, when it's understood.	2020-03-29 15:12:00 +03:00
Mikaela Suomalainen	53944a0673	grub.d: add forcefsck.cfg	2020-03-29 15:11:48 +03:00
Mikaela Suomalainen	b217baaec9	systemd/system: update syncplay-server.service It never got the TLS flag apparently	2020-03-27 18:02:34 +02:00
Mikaela Suomalainen	d71357613f	apt/preferences.d/limit-unstable: add unstable-debug repo It may be unhelpful to have debug symbols getting pulled from Unstable while using packages from Testing or even Stable.	2020-03-21 16:40:00 +02:00
Mikaela Suomalainen	9d70aa8119	org.signal.Signal.desktop: rename to Signal Tray	2020-03-09 09:35:19 +02:00
Mikaela Suomalainen	8fc2d8905c	etc/nginx/README.md: add future warning	2020-03-07 21:08:57 +02:00
Mikaela Suomalainen	64d5fef6f3	ipfs.service: point to the new meta issue	2020-02-29 18:03:32 +02:00
Mikaela Suomalainen	b125fc1804	etc/systemd/resolved.conf.d: general.conf -> opportunistic-insecure.conf	2020-02-21 19:03:56 +02:00
Mikaela Suomalainen	60cac14929	etc: add multi-user.cfg	2020-02-18 01:42:27 +02:00
Mikaela Suomalainen	585266bc28	update pomotroid.desktop & add ipfs-desktop.desktop Pomotroid now stores data	2020-02-13 20:17:39 +02:00
Mikaela Suomalainen	a3d7b0af22	etc/default/grub.d/lockdown.cfg: notes + lockdown=integrity comment	2020-02-13 02:03:52 +02:00
Mikaela Suomalainen	b770e356cb	etc/default/grub.d: add lockdown.cfg	2020-02-13 01:17:39 +02:00
Mikaela Suomalainen	60899ca667	etc/sysctl.d: add kernel.yama.ptrace_scope = 1	2020-02-12 22:36:17 +02:00
Mikaela Suomalainen	3e325cca03	etc/sysctl.d: add 00-local-userns.conf with warnings/rant	2020-02-12 22:00:11 +02:00
Mikaela Suomalainen	bd6488e0ed	etc/default/grub.d: nouveau.cfg -> itwjyg.cfg + more modules	2020-02-10 17:54:47 +02:00
Mikaela Suomalainen	fafc6fad62	etc/xdg/autostart: add pomotroid.desktop Resolves: #50	2020-02-09 20:36:56 +02:00
Mikaela Suomalainen	1a8c6fcd24	merge local/share/applications & etc/xdg/autostart	2020-02-09 20:35:54 +02:00
Mikaela Suomalainen	ee0038c568	add /etc/network/interfaces.d/eth0	2020-02-09 14:53:56 +02:00
Mikaela Suomalainen	8472ffa7cd	NetworkManager: add manage-ifupdown.conf	2020-02-09 14:53:01 +02:00
Mikaela Suomalainen	9177966264	etc/default/grub.d: -supposedly & modprobe r8168	2020-02-09 14:50:43 +02:00
Mikaela Suomalainen	da2f090f56	logind.conf.d/lidclose.conf: mention systemd-rfkill, ref: #51	2020-02-03 22:41:47 +02:00
Mikaela Suomalainen	d54ec98f99	NM/iwd.conf: add missing line (enable --now iwd)	2020-02-03 21:40:11 +02:00
Mikaela Suomalainen	d8740f54e1	NetworkManager/conf.d: add iwd.conf for replacing wpa_supplicant	2020-02-03 21:15:35 +02:00
Mikaela Suomalainen	c0399054bb	etc/systemd/login.conf.d/lidclose.conf: ignore lid close	2020-02-03 19:36:05 +02:00
Mikaela Suomalainen	a82e3fd989	etc/NetworkManager: add no-mac-randomizing.conf	2020-01-28 23:12:54 +02:00
Mikaela Suomalainen	b04c724b5b	etc/default/grub.d: add flags to disable hibernating	2020-01-19 13:47:33 +02:00
Mikaela Suomalainen	2168bc47ed	apt/preferences.d: don't consider firefox/jami as badideas	2020-01-12 13:24:11 +02:00
Mikaela Suomalainen	86cb1a02dc	etc/xdg/autostart: add com.github.wwmm.pulseeffects.desktop	2020-01-11 22:25:33 +02:00
Mikaela Suomalainen	e47568e178	etc/xdg/autostart: add Nextcloud.desktop	2020-01-11 22:24:23 +02:00
Mikaela Suomalainen	5c6f66e5fc	etc/apt/preferences.d: add hacks/limit-buster	2020-01-11 22:11:25 +02:00
Mikaela Suomalainen	eabd12a26d	etc/apt/preferenced: move not-so-good-ideas to badideas/	2020-01-11 21:43:52 +02:00
Mikaela Suomalainen	31c53595f8	etc/apt/preferences.d: add limit-unstable from Wireguard	2020-01-11 21:41:09 +02:00
Mikaela Suomalainen	3011004856	NetworkManager/conf.d: add no-resolvconf.conf	2020-01-11 21:05:05 +02:00
Mikaela Suomalainen	346d726bb7	NetworkManager/unbound: note unbound-control-setup	2020-01-03 01:52:21 +02:00
Mikaela Suomalainen	2df7887dda	NetworkManager/conf.d: add unbound.conf For Unbound which I generally use, even while it requires dnssec-trigger	2020-01-02 15:32:50 +02:00
Mikaela Suomalainen	6ae87b6de8	etc/default/grub.d: add oldifnames.cfg see comments of the file for reason	2019-12-30 16:24:42 +02:00
Mikaela Suomalainen	05ffc40c7d	xdg/autostart: add Mullvad-VPN gui	2019-12-28 19:27:52 +02:00
Mikaela Suomalainen	a6c5902c08	etc/default/grub: add random.trust_cpu=on Possibly some help to boot time entropy exhaustion, but it may have been enabled by default already.	2019-12-27 19:46:30 +02:00
Mikaela Suomalainen	b1f7177d7f	etc/xdg/autostart: add dino & jami	2019-12-24 16:58:45 +02:00
Mikaela Suomalainen	4e640e3d50	etc/xdg/autostart: add Riot & -many to Telegram	2019-12-23 12:49:05 +02:00
Mikaela Suomalainen	bc46ad3119	torrc-client: add port 9119 for http	2019-12-23 12:48:33 +02:00
Mikaela Suomalainen	0c4bacc1ca	etc/xdg/autostart: add Gajim & Signal	2019-12-21 18:54:02 +02:00
Mikaela Suomalainen	7541d93206	dns-over-tls.conf: update BlahDNS-JP addresses	2019-12-01 12:48:02 +02:00
Mikaela Suomalainen	10b1b8ad86	unbound/dot: fix outdated comment	2019-11-03 00:49:19 +02:00
Mikaela Suomalainen	7b2c1568d1	unbound/dns-over-tls.conf: replace BlahDNS CH with FI Shutting down on December 31th https://blahdns.com/	2019-11-03 00:15:59 +02:00
Mikaela Suomalainen	4e93c66d67	systemd/resolved.conf.d/quad9: expand on versions	2019-11-02 18:37:12 +02:00
Mikaela Suomalainen	d062d6675c	unbound/blacklist.conf: Riot has fixed it's habits Integration manager and identity server can be configured in settings	2019-10-16 15:01:48 +03:00
Mikaela Suomalainen	5a1ed609ed	update etc/xdg/autostart/README.md	2019-10-12 19:02:45 +03:00
Mikaela Suomalainen	64934af736	etc/xdg/redshift: add icon & chmod +x	2019-10-12 19:02:27 +03:00
Mikaela Suomalainen	a79e9d3c21	etx/xdg/auostart: add com.wire.WireDesktop & telegramdesktop	2019-10-12 19:00:58 +03:00
Mikaela Suomalainen	a482390118	etc/xdg/autostart: deprecate unnecessary ones	2019-10-12 18:46:23 +03:00
Mikaela Suomalainen	1e636a65af	unbound/dns-over-tls.conf: enable BlahDNS over Yggdrasil	2019-10-08 20:52:41 +03:00
Mikaela Suomalainen	077b1a7679	etc/NetworkManager: move relevant parts to conf.d/ I have no idea when I have previously looked into those two files (git history would probably tell me), but I don't think they make much sense, while the important parts can be cut into conf.d/ and applied individually as needed.	2019-10-04 20:18:32 +03:00
Mikaela Suomalainen	16e66010a2	etc/NetworkManager: add conf.d and cp from Itwjyg Strangely Itwjyg is a special case system where I need systemd-resolved and its opportunistic DNSSEC/DoT. I also accidentally forgot dns-none.conf (then dns.conf) there, but systemd-resolved.conf appears to have overridden it, so it was fine and I have now removed the extra one.	2019-10-04 20:10:27 +03:00
Mikaela Suomalainen	cb79fa283a	apt/preferences.d/firefox: add l10n	2019-09-24 21:57:54 +03:00
Mikaela Suomalainen	f1b6101afd	apt/preferences.d: pin firefox[-esr] from sid	2019-09-24 21:46:13 +03:00
Mikaela Suomalainen	bda94cac72	etc/nginx: remove / from the proxies while I still remember	2019-09-18 17:40:00 +03:00
Mikaela Suomalainen	ee03a773c0	apt/preferences.d: add jami	2019-09-17 17:22:15 +03:00
Mikaela Suomalainen	bc9848185d	i2pd: increase tunnel lengths to 2 in hope of better NAT evading	2019-09-15 14:40:44 +03:00
Mikaela Suomalainen	b3dc6ced51	systemd: initial i2pd.service & .d/override.conf Begins #38	2019-09-15 13:52:57 +03:00
Mikaela Suomalainen	b614486427	etc/nginx: more modern working configs from Relpda	2019-09-13 16:32:01 +03:00
Mikaela Suomalainen	0ca2718569	unbound/blocklist.conf: use always_nxdomain, remove publicbt.com	2019-09-10 21:27:23 +03:00
Mikaela Suomalainen	01cd9e7b45	etc/fstab: notes on encryption, tmpfs, cleanup	2019-09-10 00:21:48 +03:00
Mikaela Suomalainen	541a4a4f15	etc/i2pd/tunnels.conf.d: add yggdrasil-in.conf	2019-09-09 14:40:09 +03:00
Mikaela Suomalainen	0c70f41afc	unbound/blocklist: uncomment vector.im, add use-application-dns.net * Vector.im is the identity server that gets restored by itself and I don't seem to ever have any business to Vector.im website, while the other domains I need to visit at times. * use-application-dns.net being NXDOMAIN tells Firefox to not send traffic to Cloudflare DoH. I thought of this when I saw the news and got courage to actually do this after seeing that DNSCrypt-proxy also does so.	2019-09-07 14:42:15 +03:00
Mikaela Suomalainen	91025d7129	etc/default/grub.d: merge mds.cfg into mitigations.cfg Ref: #33 Still missing documentation/comments	2019-09-06 12:38:42 +03:00
Mikaela Suomalainen	f4f8b3f529	grub.d/{mitigations,nosmt}.cfg: initial commit TODO: documents Ref: #34	2019-09-06 01:17:32 +03:00
Mikaela Suomalainen	47c7a3aca2	grub.d: add default-windows.cfg Resolves: #33	2019-09-04 12:00:57 +03:00
Mikaela Suomalainen	4b214b0e0f	etc/default/grub.d: add nouveau	2019-09-04 11:40:06 +03:00
Mikaela Suomalainen	c91b1b97a9	systemd/system: add unit file for etherpad-lite Closes: #27	2019-08-29 13:10:55 +03:00
Mikaela Suomalainen	319ae6c2bf	etc/modprobe.d/blacklist-hdmi-audio.conf: add source	2019-08-29 01:31:32 +03:00
Mikaela Suomalainen	9bb1dbb301	etc/modprobe.d: blacklist snd_hda_codec_hdmi	2019-08-29 01:27:40 +03:00
Mikaela Suomalainen	3f81f02bfd	etc/default/grub.d/sedric.cfg: acpi_backlight=vendor has no effect	2019-08-26 10:23:41 +03:00
Mikaela Suomalainen	06c56bbc78	etc/default/grub.d: add mds.conf for mitigating mds CPU vuln Ref: #22	2019-08-25 20:32:38 +03:00
Mikaela Suomalainen	066c42717c	torrc-client: enable ClientPreferIPv6ORPort as my IPv6 works	2019-08-25 18:39:12 +03:00
Mikaela Suomalainen	9bcd2d61c7	unbound/dns64: add Cloudflare	2019-08-25 18:27:11 +03:00
Mikaela Suomalainen	aa2c53349d	unbound/plain-dns64.conf: add Google DNS	2019-08-25 18:21:16 +03:00
Mikaela Suomalainen	31aa6066b5	unbound/dns-over-tls.conf: don't mention forwards.conf I renamed it.	2019-08-25 18:17:50 +03:00
Mikaela Suomalainen	41644a9b65	unbound: add dns64-over-tls.conf (broken for now)	2019-08-25 18:16:51 +03:00
Mikaela Suomalainen	6308c9af72	unbound: clean up plain-dns64.conf (only TREX for now)	2019-08-25 18:09:50 +03:00
Mikaela Suomalainen	04658408d4	unbound: rename forwards.conf -> plain-dns64.conf	2019-08-25 18:07:28 +03:00
Mikaela Suomalainen	3dc273fbe0	unbound: mention other files of interest in dot & add threads	2019-08-24 12:40:04 +03:00
Mikaela Suomalainen	6274ed8e13	unbound/dot: add nic.cz & nixnet	2019-08-24 12:02:26 +03:00
Mikaela Suomalainen	5462af3059	unbound/dot: add Lelux.fi	2019-08-24 11:57:42 +03:00
Mikaela Suomalainen	7afaa57882	unbound/dot: add Snopyta	2019-08-24 11:55:22 +03:00
Mikaela Suomalainen	4e4d19a765	unbound.conf.d/logging.conf: print statistics hourly	2019-08-20 18:05:19 +03:00
Mikaela Suomalainen	d7d252f98f	unbound/logging: add statistics printing	2019-08-20 17:41:43 +03:00
Mikaela Suomalainen	2c3fe4a5df	unbound: enable IPv6 preferring	2019-08-20 12:49:19 +03:00
Mikaela Suomalainen	be7c4185eb	etc/unbound/dns-over-tls: comment Cloudflare	2019-08-20 11:49:37 +03:00
Mikaela Suomalainen	56b5b905e2	fix github link, closes #16	2019-08-18 02:05:52 +03:00
Mikaela Suomalainen	26624bcd5d	unbound.conf.d: increase TTL to 15 mins from 5	2019-08-17 21:06:01 +03:00
Mikaela Suomalainen	d539237fbf	unbound/blocklist.conf: add source	2019-08-17 13:43:11 +03:00
Mikaela Suomalainen	057d42bafd	unbound/dns-over-tls.conf: fix typo	2019-08-17 13:40:39 +03:00
Mikaela Suomalainen	914fe1d26c	unbound/dot: finish adding providers Ref: #15	2019-08-17 13:37:02 +03:00
Mikaela Suomalainen	410a02a968	unbound/dot: add securedns (both), dnswarden (adblock)	2019-08-17 13:23:28 +03:00
Mikaela Suomalainen	a5ccd88e70	unbound/dns-over-tls.conf: add server locations Ref: #15	2019-08-17 12:34:03 +03:00
Mikaela Suomalainen	596c18c0e0	etc/unbound: add blocklist.conf Closes: #13	2019-08-17 12:16:53 +03:00
Mikaela Suomalainen	601bd3ac86	unbound dot: alphabetical order Ref: #15	2019-08-17 00:52:41 +03:00
Mikaela Suomalainen	39493f3bf9	unbound dot: move things around	2019-08-17 00:26:36 +03:00
Mikaela Suomalainen	b3a7266eb5	unbound.conf.d/dns-over-tls: remove Google	2019-08-17 00:14:41 +03:00
Mikaela Suomalainen	c78eecb547	unbound/dns-over-tls: add two port 443 resolvers	2019-08-17 00:10:32 +03:00
Mikaela Suomalainen	4de337722e	etc/apt/preferences.d: add testing-debug & rename stable.donotuse Resolves: #124 (see comment)	2019-07-30 01:08:09 +03:00
Mikaela Suomalainen	2112575a98	etc/apt/preferences.d: commit dark magic that shouldn't exist	2019-07-30 00:52:32 +03:00
Mikaela Suomalainen	a01e53171e	grub.d/sedric.cfg: comment that acpi_osi=Linux doesn't work	2019-07-28 10:45:04 +03:00
Mikaela Suomalainen	100d9a7433	dnscrypt-proxy.toml: move cache above & add comments & min cache TTL 300	2019-07-23 16:13:22 +03:00
Mikaela Suomalainen	55050ec0e5	cache.conf: increase NXDOMAIN cache size and set min TTL to 300	2019-07-23 15:09:34 +03:00
Mikaela Suomalainen	2b8a460b63	etc/unbound: add cache.conf	2019-07-23 12:30:53 +03:00
Mikaela Suomalainen	93fa7a003c	etc/default/grub.d: add beep.cfg & sedric.cfg beep.cfg is the default example on getting a beep on grub startup, sedric.cfg just contains `acpi_osi=` which fixes the hardware keys for some reason.	2019-07-22 18:56:38 +03:00
Mikaela Suomalainen	97006ddf9b	unbound.conf.d/logging.conf: quote the fine manual for unbound.conf	2019-07-22 17:18:53 +03:00
Mikaela Suomalainen	222a030cee	unbound/dns-over-tls: note version requirement 1.7.3 Debian 9 has 1.6.0 with which I am stuck for now. Debian 10 has 1.9.0	2019-07-22 16:52:07 +03:00
Mikaela Suomalainen	29eae6f89a	etc/dnscrypt-proxy: note I run Unbound in front of it	2019-07-22 16:25:21 +03:00
Mikaela Suomalainen	eb6315d92f	resolv.conf: add Quad9 and note I am not sure what it tries to be Public DNS resolver with easy address list for emergency?	2019-07-22 16:22:55 +03:00
Mikaela Suomalainen	430b9b7bfc	resolv.conf: note local resolver separately from dnscrypt-proxy	2019-07-22 16:17:27 +03:00
Mikaela Suomalainen	7b83f84633	unbound/dns-over-tls.conf: add AdGuard DNS I am surprised it actually works with DNSSEC validation enabled	2019-07-22 16:12:09 +03:00
Mikaela Suomalainen	ffbbe9e522	unbound: replace forwards.conf with dns-over-tls.conf Simultaneously rm puntcat, their DNS appears to be down at the moment and I didn't find their own homepage.	2019-07-22 16:05:05 +03:00
Mikaela Suomalainen	6ed44de3d1	unbound.conf.d: clarify logging.conf in a comment	2019-07-22 15:27:27 +03:00
Mikaela Suomalainen	bb14632b9a	unbound: add another Debian default	2019-07-22 15:16:34 +03:00
Mikaela Suomalainen	3b9acff361	etc/unbound add unbound.conf & unbound-control.conf copy-pastes from Debian & Arch Wiki, however unbound-control in status no as I guess it can be a hole most of time.	2019-07-22 15:14:11 +03:00
Mikaela Suomalainen	5569a1129c	unbound.conf.d/dnscrypt-proxy.conf: update for dnscrypt-proxy v2 Closes #121	2019-07-22 15:12:49 +03:00
Mikaela Suomalainen	fc5fb4d7bd	`b6a511d6a6`: add comments	2019-07-20 11:37:28 +03:00
Mikaela Suomalainen	b6a511d6a6	etc: backup some apt.conf.d & preferences.d files	2019-07-20 11:09:42 +03:00
Mikaela Suomalainen	41f44924be	dnscrypt-proxy.toml: note 2.0.24 fastest -> first	2019-07-14 18:36:31 +03:00
Mikaela Suomalainen	117801ec9d	dnscrypt-proxy: fix comments Resolves: #120	2019-07-14 18:15:35 +03:00
Mikaela Suomalainen	646956b4e0	dnscrypt-proxy.toml: restore Quad9 examples Rbtpzn was using them for some reason and was hitting less errors than Zaldaryn in as basic test as "apt update", so I guess it's worth having it included. I think I am mainly leaving it for family devices.	2019-07-14 13:30:29 +03:00
Mikaela Suomalainen	a5868f6395	etc/sources.list: update testing for bullseye & add note to stable for it > over the last years we had people getting confused over <suite>-updates > (recommended updates) and <suite>/updates (security updates). Starting > with Debian 11 "bullseye" we have therefore renamed the suite including > the security updates to <suite>-security. https://lists.debian.org/debian-devel-announce/2019/07/msg00004.html	2019-07-14 12:40:56 +03:00
Mikaela Suomalainen	2fe92afa26	etc/apt/sources.list: change keyserver Ref: #119 I am not sure I would advice running that even if it happened to exist.	2019-07-01 11:50:26 +03:00
Mikaela Suomalainen	128f1781f3	torrc-client: add MapAddress for PirateIRC & freenode Closes #118	2019-06-30 14:27:20 +03:00
Mikaela Suomalainen	a915db9f8a	etc/systemd: tor-services: add ExecReload I am running `systemctl restart tor-client` too often to be comfortable.	2019-06-30 14:11:34 +03:00
Mikaela Suomalainen	bf3b91d93a	torrc-client: update from running config Preparation to #118	2019-06-30 13:31:16 +03:00
Mikaela Suomalainen	5128e8646a	ipfs.service: use dht routing instead of dhtclient routing	2019-06-11 01:17:22 +03:00
Mikaela Suomalainen	85bd70f382	etc/systemd/system/ipfs: important notice for VPS/dedi/etc.	2019-06-11 01:12:28 +03:00
Mikaela Suomalainen	6ce553f84e	dnscrypt-proxy: fix cloudflare excluding	2019-06-02 22:30:49 +03:00
Mikaela Suomalainen	540798ed17	dnscrypt-proxy: use Socks Authentication	2019-05-22 12:01:34 +03:00
Mikaela Suomalainen	b96eb372d0	torrc-client: ensure IsolateSOCKSAuth & add HTTPTunnelPort	2019-05-22 11:58:05 +03:00
Mikaela Suomalainen	3eefbaf296	etc/tor/torrc-onehoponion: CookieAuthFile 0	2019-05-17 18:54:34 +03:00
Mikaela Suomalainen	7dbafe4a54	resolv.conf: more comments	2019-05-16 15:28:15 +03:00
Mikaela Suomalainen	21adba9a02	dnscrypt-proxy.toml: update ~~stories~~ comments	2019-05-15 10:48:11 +03:00
Mikaela Suomalainen	e972a47d4a	torrc-client: add SocksPorts and comment on two guards I need unisolated port for dnscrypt-proxy which I fear would otherwise generate too many circuits which wouldn't even be used and I guess there is no harm in sending Yggdrasil to a separate port that only has access to onions which is a port I may sometimes wish I have otherwise too.	2019-05-15 10:31:47 +03:00
Mikaela Suomalainen	95bcf095df	VerifyHostKeyByDNS is supposed to be yes fix previous commit, I imagine I changed it by accident.	2019-05-11 00:58:00 +03:00
Mikaela Suomalainen	e634ee8863	ssh_config: update comment for VerifyHostKeyDNS OpenSSH is evil and gives you three not-optimal options to this: A) trust DNSSEC and don't write known_hosts B) ask whether to trust DNS, but don't bother telling me if it's signed C) don't even check SSHFP I see A) as the least evil, but I wish known_hosts was written. Alternatively B) should tell me whether there is DNSSEC or not, not only "matching keys found from DNS" or whatever it says always.	2019-05-09 18:44:36 +03:00
Mikaela Suomalainen	9e03598e3f	etc/apt/sources.list: add missing tor+ for Debian	2019-05-09 14:05:54 +03:00
Mikaela Suomalainen	0ce3c5f47a	dnscrypt-proxy: adjust sources, add prefixes	2019-05-07 00:55:07 +03:00
Mikaela Suomalainen	f978853d11	dnscrypt-proxy.toml: add onion resolvers	2019-05-07 00:23:51 +03:00
Mikaela Suomalainen	d2bd2be652	systemd/zeronet.service: use Python 3 & always use Tor	2019-05-05 20:28:14 +03:00
Mikaela Suomalainen	d8ba42bdd1	etc/tor: disable control, document enabling for client	2019-05-04 20:41:18 +03:00
Mikaela Suomalainen	8e01a42c62	etc: systemd & tor: add tor-onehoponion (and torrc-relay)	2019-05-04 17:26:57 +03:00
Mikaela Suomalainen	c726daa62c	etc/tor/torrc-client: add comments	2019-05-04 16:55:08 +03:00
Mikaela Suomalainen	b0ef3a18f6	torrc-client: remove deprecated ClientPreferIPv6DirPort comment > The ClientPreferIPv6DirPort option is deprecated, and will most likely be removed in a future version of Tor. It has no effect on relays, and has had no effect on clients since 0.2.8. (If you think this is a mistake, please let us know!)	2019-05-04 16:28:58 +03:00
Mikaela Suomalainen	9c8cf613cd	etc/systemd: add tor-client.service & tor: add torrc-client	2019-05-03 12:31:33 +03:00
Mikaela Suomalainen	4c2b21bbfa	ipfs.service: add routing note	2019-05-01 23:30:12 +03:00
Mikaela Suomalainen	ce84c26bcd	ipfs.service: adapt lowpower profile & mention badgerds If the lowpower option uses values 40 and 20 which are a lot higher than mine were and considered suitable for laptops and smartphones, I guess they are the best for me to use and I find content faster.	2019-04-23 13:51:18 +03:00
Mikaela Suomalainen	6981481c77	ipfs.service: add options I forgot before	2019-03-26 22:26:25 +02:00
Mikaela Suomalainen	3ecfc2473d	ipfs.service: document my IPFS config Closes #111	2019-03-26 22:05:52 +02:00
Mikaela Suomalainen	a90243a55a	dnscrypt-proxy.toml: use Quad9 while waiting for disabled_server_names	2019-03-26 10:12:57 +02:00
Mikaela Suomalainen	466a7bc2c1	etc/systemd/resolved.conf.d: add some configs These aren't seeing real world usage though as the only host not running dnscrypt-proxy has too old systemd.	2019-03-25 13:41:23 +02:00
Mikaela Suomalainen	f336393db9	systemd preset: enable pcscd for FINEID	2019-02-28 13:00:42 +02:00
Mikaela Suomalainen	81fcfb539d	systemd preset: Zaldaryn additions	2019-02-28 12:17:07 +02:00
Mikaela Suomalainen	758d4302ac	systemd preset: remove cjdns, enable ssh.service	2019-02-28 12:10:14 +02:00
Mikaela Suomalainen	284a50288c	sysctl.d: document privacy extensions & use double # for comments	2019-02-26 20:32:08 +02:00
Mikaela Suomalainen	cc0f5db3bd	dnscrypt-proxy: use dns.watch#2 as fallback reslver 84.200.70.40	2019-02-25 11:06:49 +02:00
Mikaela Suomalainen	07ae3bbef6	etc/sudoers.d/hibernate: allow suspend & change group to plugdev It seemed like a suitable one from the default groups Debian creates.	2019-02-18 20:07:36 +02:00
Mikaela Suomalainen	d406334560	systemd preset: enable TTY & cups	2019-02-17 21:07:10 +02:00
Mikaela Suomalainen	5fe9477c55	etc/systemd: add ipfs.service & zeronet.service Closes #101	2019-02-12 20:32:40 +02:00
Mikaela Suomalainen	993d3f6994	systemd preset: enable yggdrasil-resume	2019-02-08 10:21:14 +02:00
Mikaela Suomalainen	0afc716ccf	Partially revert `f7fbf35109` That was just too evil, especially as the line has moved to my i3wm config where nothing else I have tried works.	2019-02-04 20:33:31 +02:00
Mikaela Suomalainen	518c9fcdaf	i3: add hibernation & sudoers.d: allow passwordless hibernate	2019-01-30 20:12:38 +02:00
Mikaela Suomalainen	f7fbf35109	update setxkbmap and hope no one else is using these files	2019-01-30 19:16:45 +02:00
Mikaela Suomalainen	d29a0532d2	Debian sources.list: disable http security, use https CDN & Tor	2019-01-23 10:18:35 +02:00
Mikaela Suomalainen	d27cc15888	add systemd-preset	2019-01-21 18:41:36 +02:00
Mikaela Suomalainen	3e5e55bf75	etc/apt/sources.list: enable Debian debugsym repos It seems that I am always going to enable it sooner or later anyway, so why woulnd't I have it enabled for quick installing when I do need it? Example: KDE Connect crashed on login, and asked me to report it, but the reporter app warned that there is no address to report it and debug information had one or two stars and said that it's likely bad quality and I think this is due to missing debug symbols which I then installed. Naturally after installing them, I am unable to reproduce the issue, but that is beside the point.	2018-12-19 11:48:32 +02:00
Mikaela Suomalainen	5c6c026226	hosts-mikaela.txt: alternative domain for Korsin	2018-12-15 20:57:43 +02:00
Mikaela Suomalainen	c80591d9a7	hosts-mikaela.txt: add Korsin	2018-12-15 16:56:36 +02:00
Mikaela Suomalainen	08bfdde7c8	etc/dnscrypt-proxy/hosts-mikaela: add two cwinfo servers	2018-12-10 12:10:41 +02:00
Mikaela Suomalainen	7695b26abf	etc/dnscrypt-proxy: update README.md The situation has changed a bit and I had forgotten to add links.	2018-12-03 12:22:58 +02:00
Mikaela Suomalainen	9be5b35b32	dnscrypt-proxy: use syslog, cert_refresh_delay I happened to wonder about reload times and think that this is nice to have visible here. Syslog is used by default and I am expecting it so it probably won't hurt being visible.	2018-11-29 11:30:28 +02:00
Mikaela Suomalainen	b7017d7c50	dnscrypt-proxy: update comments, lb_strategy = p2 Removed my weird comment and added refresh_delay to OpenNIC. I am using p2 instead of ph as per the wiki as apparently they don't consider balancing queries over multiple services as important as speed, so maybe I don't have to worry about that either.	2018-11-29 11:23:05 +02:00
Mikaela Suomalainen	b6bb15a198	dnscrypt-proxy.toml: add commented OpenNIC It's waiting for me to make up my mind about it and whether or not I support it. I have mixed feelings/thoughts about it and will need to read more.	2018-11-27 20:04:12 +02:00
Mikaela Suomalainen	2d3b324d9f	dnscrypt-proxy.toml: add mirrors of public-resolvers.md	2018-11-27 20:01:35 +02:00
Mikaela Suomalainen	8497d4fb84	dnscrypt-proxy.toml: enable require_nolog Learning that I don't have to specify servers there is a lot more variety even if I start requiring more things, as Sedric says to see 33 live servers, I guess dnscrypt servers in general respect privacy. However I guess I still have to trust on what the servers say as AFAIK dnscrypt-proxy is only that, a proxy, and won't start validating dnssec by itself.	2018-11-26 23:43:39 +02:00
Mikaela Suomalainen	32b1fd4a9a	dnscrypt-proxy.toml: disable logging & put it where it belongs	2018-11-26 17:01:30 +02:00
Mikaela Suomalainen	397821db0a	dnscrypt-proxy: -empty lines +cloaking_rules dn#	2018-11-26 16:53:47 +02:00
Mikaela Suomalainen	c8fb2b896a	dnscrypt-proxy.toml: sort the options and add/update/fix comments Now the options that I am more likely to care about or want to adjust are on the top.	2018-11-26 16:46:30 +02:00
Mikaela Suomalainen	eecb4a980d	dnscrypt-proxy: add commented not-socket	2018-11-26 16:12:02 +02:00
Mikaela Suomalainen	c3c8a41e43	dnscrypt-proxy.toml: comment server_names	2018-11-26 16:03:02 +02:00
Mikaela Suomalainen	c8c342ec68	hosts-mikaela.txt: add tezagm	2018-11-26 15:46:52 +02:00
Mikaela Suomalainen	4f99f6ebed	syncplay-server.service: ccxcz's endpoints ExecStart just in case	2018-11-24 20:36:17 +02:00
Mikaela Suomalainen	c57d5443ab	add systemd unit for syncplay-server	2018-11-23 17:23:38 +02:00
Mikaela Suomalainen	33db566a27	sources.list: Debian updates repo over Tor	2018-11-22 20:39:22 +02:00
Mikaela Suomalainen	a47018899d	sources.list: rewrite the Debian ones? Apparently I had been negleceting one important one, if not more.	2018-11-22 20:27:40 +02:00
Mikaela Suomalainen	6419ce29fb	sources.list: add Debian onion repos (commented)	2018-11-22 20:00:33 +02:00
Mikaela Suomalainen	f050ef9550	sources.list: add Debian debug repos (commented)	2018-11-22 19:34:11 +02:00
Mikaela Suomalainen	7983975ba8	etc/apt/sources.list: remove README & scripts They don't reflect what I am doing in reality and I think they possibly encouraged bad practices, so it's better that they don't exist here.	2018-11-22 19:14:42 +02:00
Mikaela Suomalainen	b0c6e5ffb2	hosts-mikaela.txt: add itwjyg	2018-11-15 11:54:49 +02:00
Mikaela Suomalainen	6e9af60c0f	hosts-mikaela: add ano & jasan, fix formatting?	2018-11-02 16:02:02 +02:00
Mikaela Suomalainen	fd8b734e56	hosts-mikaela: cleanup	2018-11-01 16:15:23 +02:00
Mikaela Suomalainen	a15ff2e5dc	more hosts-mikaela.txt updates * add invictus, it's not mine, but neither are roubaix (dnscrypt-proxy dislikes dashes?) and this file is meant for just my use, so does it matter what it contains?	2018-10-30 23:39:41 +02:00
Mikaela Suomalainen	f27ce8fd82	hosts-mikaela: add roubaix-fr	2018-10-30 16:19:26 +02:00
Mikaela Suomalainen	c7ffb18523	hosts-mikaela: add rbtpzn	2018-10-30 09:12:33 +02:00
Mikaela Suomalainen	e7d2b312ef	hosts-mikaela: add zaldaryn TODO: add to DNS	2018-10-29 21:40:31 +02:00
Mikaela Suomalainen	a83e8dce36	etc/resolv.conf: add dnscrypt-proxy & searches mikaela.internal that I have adopted and I have no idea if I am allowed to use TLDs here, but I am putting local there anyway.	2018-10-26 22:48:38 +03:00
Mikaela Suomalainen	859cc89436	dnscrypt/hosts: adopt .internal At the moment I am having problem with mikaela.info being in HSTS preload list and when I begun this list, I was hoping to use something conflict free and thought that mikaela.info would be the least bad choice while reading the reserver domains. Now I have searched on the issues more and encountered .internal TLD that seems to be what I am after and I hope it will become official. https://github.com/wkumari/draft-wkumari-dnsop-internal I think I can change these addresses safely as I am not using them anywhere as I worry about accidentally sending them to the internet and that opening new problems. This will mainly benefit me with web browsers, I hope. I will still have to link other people to direct IPv6 addresses that won't change with the platforms I use or mikaela.info will not be in the HSTS preload lists at time I need it. I wouldn't memorize IPv4 addresses though or start telling them someone in quick chat.	2018-10-26 22:38:59 +03:00
Mikaela Suomalainen	5ac7dc9670	hosts-mikaela: add y.silta.piraatit.fi	2018-10-23 11:32:20 +03:00
Mikaela Suomalainen	3d6dccbfc0	hosts-mikaela.txt: add y.vietnam.mikaela.info	2018-10-22 18:43:50 +03:00
Mikaela Suomalainen	87f4305e71	etc/dnscrypt-proxy: add hosts-mikaela.txt Closes #93	2018-10-18 19:57:00 +03:00

... 8 9 10 11 12 ...

1140 Commits