Mikaela
/
shell-things
mirror of https://gitea.blesmrt.net/mikaela/shell-things.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
3,142 Commits 1 Branch 0 Tags 13 MiB
Commit Graph

166 Commits

Author SHA1 Message Date
Aminda Suomalainen afe50117fe
Stop pretending issues of ECS weight more than pros of it after GApple upgrades delayed my going to bed. 2024-05-14 11:06:01 +03:00
Aminda Suomalainen c81c1dd7d0
unbound: restore dot-dns0-quad9.conf with IPv4 for DNS0 & IPv6 for Quad9 ECS 
This partially reverts commit 422ab0de4e
 2024-05-09 20:02:23 +03:00
Aminda Suomalainen e4d691f2b1
unbound: prefer IPv4 with private ECS using DoT servers 2024-05-07 08:26:20 +03:00
Aminda Suomalainen afb0801430
unbound: add doh-local.sample 
Works otherwise, but self-signed cert didn't satisfy Chromium I wanted to point at it
 2024-05-06 18:55:00 +03:00
Aminda Suomalainen f5b76c1341
unbound: add .sample to threads.conf, comment to question it's necessity and usage 2024-05-05 11:08:52 +03:00
Aminda Suomalainen b18df5462c
unbound: add/rename/fix prefer-ip{4,6}.conf 2024-05-04 09:05:16 +03:00
Aminda Suomalainen 252f77ab0c
systemd-resolved & unbound: comment ECS servers again. 
This partially reverts 85c7fedcb2 and will be explained at https://aminda.eu/n/dns soon
 2024-05-03 18:07:51 +03:00
Aminda Suomalainen aa865106db
unbound: correct ecs.conf.sample 2024-05-03 17:35:15 +03:00
Aminda Suomalainen 85c7fedcb2
systemd-resolved, unbound: only ECS IPv6 2024-05-03 06:23:37 +03:00
Aminda Suomalainen 6cae19ba4f
unbound: more ecs.conf.sample experimentation 2024-05-02 21:32:39 +03:00
Aminda Suomalainen ba298f94a5
resolv: increase timeout to 2 (match unbound/RFC 8767), decrease attempts to 2, rotate 2024-05-01 09:54:07 +03:00
Aminda Suomalainen f6e9aa58da
unbound: add replace-systemd-resolved.conf.sample for listening on systemd-resolved ports 2024-04-30 20:30:15 +03:00
Aminda Suomalainen 72ea5ca51e
unbound: fix typo in (1)5 minutes cache, apparently a commit once removed the 1 2024-04-30 17:34:01 +03:00
Aminda Suomalainen 5d4e0e10dd
unbound/min-ttl-hour.conf: also print the stats hourly, not every 15 minutes 2024-04-30 17:26:14 +03:00
Aminda Suomalainen 437b69bd6e
unbound: apparently rename min-ttl.conf.sample to min-ttl-five-min.conf 2024-04-30 17:17:46 +03:00
Aminda Suomalainen 9671adf293
unbound: break statistics interval from logging.conf to min-ttl* 2024-04-30 17:11:32 +03:00
Aminda Suomalainen 819d6a782e
unbound: add mixed-case-queries.conf 2024-04-30 17:11:09 +03:00
Aminda Suomalainen 08de11b594
unbound/min-ttl-hour.conf: fix comment 2024-04-30 06:52:46 +03:00
Aminda Suomalainen 87bedac239
unbound: cut cache.conf.SAMPLE into more descriptive files 2024-04-30 06:45:53 +03:00
Aminda Suomalainen 531cdd82c5
unbound/cache.conf.SAMPLE: fix oversight, logging.conf: reducei nterval to quaterly 2024-04-29 20:48:51 +03:00
Aminda Suomalainen 0d0be5f9bc
unbound/cache.conf: rename to cache.conf.SAMPLE and add scary warnings there 2024-04-29 20:46:00 +03:00
Aminda Suomalainen a14446ed71
unbound/dns-over-tls.conf: add Cloudflare, Mullvad & Control D 
This is now practically https://www.privacyguides.org/en/dns/ plus Appliedprivacy
 2024-04-29 08:29:07 +03:00
Aminda Suomalainen 4081c974bb
unbound/cache.conf: make the min ttl an hour in my quest to break DNS 2024-04-28 19:15:42 +03:00
Aminda Suomalainen 23672028d5
unbound/ecs.conf: attempt to send larger subnets than default around 2024-04-28 18:02:18 +03:00
Aminda Suomalainen 9375b3c2b2
unbound: add dot-cloudflare.conf 2024-04-27 21:22:28 +03:00
Aminda Suomalainen 2aa221b77f
unbound/cache: take the cache-min-ttl: 3000 challenge 
It will not affect web browsers which are using DoH for ECH eliminating most of breakage and I am just curious on will anything outside of web browser suffer that.
 2024-04-27 18:35:22 +03:00
Aminda Suomalainen 652c11391f
unbound/cache.conf: explicitly set serve-expired-reply-ttl to 30 2024-04-27 16:52:39 +03:00
Aminda Suomalainen a083a9d704
unbound/cache: comment cache-min-ttl=900, add commented 3000 2024-04-27 15:42:29 +03:00
Aminda Suomalainen 30a27f980d
unbound/cache.conf: RFC 8767ish configuration 2024-04-27 15:00:12 +03:00
Aminda Suomalainen 1d7308e74e
unbound: explicitly enable ede and it's log 2024-04-26 13:53:50 +03:00
Aminda Suomalainen 17e0b68d20
unbound: add dot-mullvad.conf defalting on base 
I found myself missing this on an old family PC that has limited resources and as I didn't have this file at hand, I just went with AdGuard which will work too.
 2024-04-25 17:24:41 +03:00
Aminda Suomalainen a17ff2903a
unbound/nordvpn-domains.conf: add comments/sources, fix duplicate zone, add missing domains 2024-04-25 15:07:37 +03:00
Aminda Suomalainen bbeb1d3e02
unbound/nordvpn: rename, send only their domains to them 2024-04-25 14:34:47 +03:00
Aminda Suomalainen d17ad34650
unbound/dns-over-tls.conf: note Applied Privacy does no ECS, add 853, add Quad9 unfiltered (ECS commented) 2024-04-25 13:26:01 +03:00
Aminda Suomalainen 886b8dbfbd
unbound.conf.d: well-known-dns.conf -> well-known-dns.conf.badidea 
This will break DNSSEC and a lot of things.
 2024-04-22 15:39:47 +03:00
Aminda Suomalainen aac3ccdec3
unbound/well-known-dns.conf: add CNAMEs one.one.one.one & dns.google.com 2024-04-22 11:26:46 +03:00
Aminda Suomalainen abd21e008a
well-known-dns.conf: typetransparent subdomains just in case 
Theoretically the higher level domain affects them too, but in practice I am unsure and I have previously only used always_reject for google-analytics & subdomains blocking. It at least isn't causing warnings or errors.
 2024-04-22 07:42:53 +03:00
Aminda Suomalainen 579e98f27c
unbound/well-known-dns.conf: use typetransparent so non-local queries won't get NODATA 2024-04-22 07:28:55 +03:00
Aminda Suomalainen 623a9150fd
unbound: merge 00-insecure-domains.conf into blocklist.conf 2024-04-22 07:10:18 +03:00
Aminda Suomalainen 892feb3c1b
unbound/blocklist: add fritz.box. 2024-04-22 07:06:21 +03:00
Aminda Suomalainen ce9159e756
unbound/dot-quad9.conf: prettier sorting 2024-04-21 13:13:41 +03:00
Aminda Suomalainen a0ccd790ab
unbound & systemd-resolved: add Quad9 alternative port 2024-04-21 10:54:22 +03:00
Aminda Suomalainen e6bd2b13ad
unbound: add TREX upstream configuration 2024-04-20 20:25:48 +03:00
Aminda Suomalainen a7cf718453
uncound/well-known-dns.conf: add DNS0 {Zero,Kids,Open} 2024-04-20 17:59:46 +03:00
Aminda Suomalainen 422ab0de4e
libreawoo, unbound & resolved: uncomment Quad9 default, comment ECS 2024-04-20 17:50:12 +03:00
Aminda Suomalainen 45f1c1078f
unbound/well-known-dns.conf: add Google DNS 2024-04-20 09:10:36 +03:00
Aminda Suomalainen 134622edad
unbound/well-known-dns.conf: add missing dots 2024-04-20 09:00:44 +03:00
Aminda Suomalainen e319c8aacf
unbound: restore and update blocklist.conf 
This reverts commit fe8ac1bbb7.
 2024-04-20 08:57:26 +03:00
Aminda Suomalainen c7633838de
unbound: fill well-known-dns.conf some more 2024-04-20 08:52:49 +03:00
Aminda Suomalainen 6a87111f8b
unbound/well-known-dns.conf: initial commit 2024-04-19 19:58:23 +03:00