Commit Graph

1267 Commits

Author SHA1 Message Date
4061d3daa2
.mikaela/keys/ssh: add Nokia1 key
goal: not have it on any other device and use it for emergency access on
my most used hosts.
2018-12-16 23:42:36 +02:00
5c6c026226
hosts-mikaela.txt: alternative domain for Korsin 2018-12-15 20:57:43 +02:00
c80591d9a7
hosts-mikaela.txt: add Korsin 2018-12-15 16:56:36 +02:00
08bfdde7c8
etc/dnscrypt-proxy/hosts-mikaela: add two cwinfo servers 2018-12-10 12:10:41 +02:00
7695b26abf
etc/dnscrypt-proxy: update README.md
The situation has changed a bit and I had forgotten to add links.
2018-12-03 12:22:58 +02:00
e0f1a39bac
bash|zshrc: don't alias pacman into wrapper
I think this may be teaching me bad habits and pacman directly on ALARM
seems lighter than yay.
2018-12-02 13:26:14 +02:00
9be5b35b32
dnscrypt-proxy: use syslog, cert_refresh_delay
I happened to wonder about reload times and think that this is nice to
have visible here.

Syslog is used by default and I am expecting it so it probably won't
hurt being visible.
2018-11-29 11:30:28 +02:00
b7017d7c50
dnscrypt-proxy: update comments, lb_strategy = p2
Removed my weird comment and added refresh_delay to OpenNIC. I am using
p2 instead of ph as per the wiki as apparently they don't consider
balancing queries over multiple services as important as speed, so maybe
I don't have to worry about that either.
2018-11-29 11:23:05 +02:00
b6bb15a198
dnscrypt-proxy.toml: add commented OpenNIC
It's waiting for me to make up my mind about it and whether or not I
support it. I have mixed feelings/thoughts about it and will need to
read more.
2018-11-27 20:04:12 +02:00
2d3b324d9f
dnscrypt-proxy.toml: add mirrors of public-resolvers.md 2018-11-27 20:01:35 +02:00
8497d4fb84
dnscrypt-proxy.toml: enable require_nolog
Learning that I don't have to specify servers there is a lot more
variety even if I start requiring more things, as Sedric says to
see 33 live servers, I guess dnscrypt servers in general respect
privacy. However I guess I still have to trust on what the servers
say as AFAIK dnscrypt-proxy is only that, a proxy, and won't start
validating dnssec by itself.
2018-11-26 23:43:39 +02:00
32b1fd4a9a
dnscrypt-proxy.toml: disable logging & put it where it belongs 2018-11-26 17:01:30 +02:00
397821db0a
dnscrypt-proxy: -empty lines +cloaking_rules
dn#
2018-11-26 16:53:47 +02:00
c8fb2b896a
dnscrypt-proxy.toml: sort the options and add/update/fix comments
Now the options that I am more likely to care about or want to adjust
are on the top.
2018-11-26 16:46:30 +02:00
eecb4a980d
dnscrypt-proxy: add commented not-socket 2018-11-26 16:12:02 +02:00
c3c8a41e43
dnscrypt-proxy.toml: comment server_names 2018-11-26 16:03:02 +02:00
c8c342ec68
hosts-mikaela.txt: add tezagm 2018-11-26 15:46:52 +02:00
d5b860737f
rc: s/pacaur/yay/g
Pacaur has been deprecated and I hope that yay which was suggested to
me at IRC does the same thing considering their README says:

> Yay is based on the design of yaourt, apacman and pacaur.
2018-11-26 14:43:14 +02:00
4f99f6ebed
syncplay-server.service: ccxcz's endpoints ExecStart just in case 2018-11-24 20:36:17 +02:00
c57d5443ab
add systemd unit for syncplay-server 2018-11-23 17:23:38 +02:00
33db566a27
sources.list: Debian updates repo over Tor 2018-11-22 20:39:22 +02:00
a47018899d
sources.list: rewrite the Debian ones?
Apparently I had been negleceting one important one, if not more.
2018-11-22 20:27:40 +02:00
6419ce29fb
sources.list: add Debian onion repos (commented) 2018-11-22 20:00:33 +02:00
f050ef9550
sources.list: add Debian debug repos (commented) 2018-11-22 19:34:11 +02:00
7983975ba8
etc/apt/sources.list: remove README & scripts
They don't reflect what I am doing in reality and I think they possibly
encouraged bad practices, so it's better that they don't exist here.
2018-11-22 19:14:42 +02:00
95660cd6ac
Windows.reg: RealTimeIsUniversal must be 1
Closes #94
2018-11-22 18:49:02 +02:00
b0c6e5ffb2
hosts-mikaela.txt: add itwjyg 2018-11-15 11:54:49 +02:00
6e9af60c0f
hosts-mikaela: add ano & jasan, fix formatting? 2018-11-02 16:02:02 +02:00
fd8b734e56
hosts-mikaela: cleanup 2018-11-01 16:15:23 +02:00
a15ff2e5dc
more hosts-mikaela.txt updates
* add invictus, it's not mine, but neither are roubaix (dnscrypt-proxy
dislikes dashes?) and this file is meant for just my use, so does it
matter what it contains?
2018-10-30 23:39:41 +02:00
f27ce8fd82
hosts-mikaela: add roubaix-fr 2018-10-30 16:19:26 +02:00
c7ffb18523
hosts-mikaela: add rbtpzn 2018-10-30 09:12:33 +02:00
e7d2b312ef
hosts-mikaela: add zaldaryn
TODO: add to DNS
2018-10-29 21:40:31 +02:00
a83e8dce36
etc/resolv.conf: add dnscrypt-proxy & searches
mikaela.internal that I have adopted and I have no idea if I am allowed
to use TLDs here, but I am putting local there anyway.
2018-10-26 22:48:38 +03:00
859cc89436
dnscrypt/hosts: adopt .internal
At the moment I am having problem with mikaela.info being in HSTS
preload list and when I begun this list, I was hoping to use something
conflict free and thought that mikaela.info would be the least bad
choice while reading the reserver domains.

Now I have searched on the issues more and encountered .internal TLD
that seems to be what I am after and I hope it will become official.

https://github.com/wkumari/draft-wkumari-dnsop-internal

I think I can change these addresses safely as I am not using them
anywhere as I worry about accidentally sending them to the internet and
that opening new problems. This will mainly benefit me with web
browsers, I hope.

I will still have to link other people to direct IPv6 addresses that
won't change with the platforms I use or mikaela.info will not be in the
HSTS preload lists at time I need it. I wouldn't memorize IPv4 addresses
though or start telling them someone in quick chat.
2018-10-26 22:38:59 +03:00
5ac7dc9670
hosts-mikaela: add y.silta.piraatit.fi 2018-10-23 11:32:20 +03:00
3d6dccbfc0
hosts-mikaela.txt: add y.vietnam.mikaela.info 2018-10-22 18:43:50 +03:00
87f4305e71
etc/dnscrypt-proxy: add hosts-mikaela.txt
Closes #93
2018-10-18 19:57:00 +03:00
9548e7a21b
Xresources: disable fading 2018-10-13 17:19:49 +03:00
534f34a5bc
add override.conf for tor.service for allowing binding to 80/443
It took me some time a few days ago to figure out this (and notice that
port 80 was already used by automatically installed Apache that was
doing nothing).

I have understood that ports 443 (Orport) and 80 (Dirport) are the best
for users behind strict firewalls especially if they aren't needed for
anything else on the system running Tor relay.
2018-10-12 23:10:48 +03:00
77261eb5a9
install: create the directory for sockets
Issue introduced by b8bda9cf49
2018-10-11 13:47:18 +03:00
492cac7158
Revert "ssh_config: controlpersist auto instead of on"
This reverts commit 330e8a80ad.

I got complaining about bad value
2018-10-11 13:45:31 +03:00
542c4109eb
Heavily touch vimrc, add init.vim for Neovim 2018-10-11 13:11:06 +03:00
b19551e8b4
zshrc: elite2 green for user, elite2 red for root 2018-10-11 12:56:34 +03:00
b4787fb7c0
Xresources: use Solarized colours
I don't think I like this very much, but it's supposed to be easier on
eyes and maybe I will get used to it especially after some migraine
light sensitivity attacks...
2018-10-11 12:30:54 +03:00
6f923c9175
Xresources: copy Linux color theme from Gentoo wiki 2018-10-11 12:07:05 +03:00
e795024570
tmux.conf: lower escape-delay to 300 for NVim's :checkhealth
I am not sure what it does, so I am not using their adviced 10, but
instead 300 which is the maximum the :checkhealth doesn't complain
about.
2018-10-11 11:24:46 +03:00
fa007ee830
dnscrypt-proxy: add quad9 nofilters, lb ph
See that #92
2018-10-09 14:08:38 +03:00
5d2b138b3e
dnscrypt-proxy: more thinking for #92
* Comment that the fastest server is automatically picked.
* Explicitly don't filter AAAA requests.
* Require provider to not do filtering
    * which is implied by DNSSEC which would get broken.
* Use Google DNS B as fallback resolver and explain what it does in
  comment.
* Add commented options for using Tor.
2018-10-08 20:43:30 +03:00
4e52673b7d
etc: rm -r polipo/
Polipo is no longer maintained and it seems that I am doing the same
thing with Privoxy except censoring accept-language which I need to
investigate. I think Privoxy warned about changing headers possibly
making ones fingerprint more unique and thus trackable? But aren't those
also going inside https so maybe there is no point?
2018-10-08 20:27:17 +03:00