|
e5fb27a15e
|
nts-servers.sources: System76 is actually not an NTS pool
|
2024-01-22 12:56:20 +02:00 |
|
|
9e0333908d
|
nts-servers.sources: bring the uncommented Finnish server closer to top
|
2024-01-22 12:53:53 +02:00 |
|
|
9c90a36069
|
chrony/nts-servers.sources: update System76 entries, increase their line numbers
|
2024-01-22 12:52:44 +02:00 |
|
|
7a2b36864b
|
systemd-resolved/nordvpn.conf: add what appears to be their IPv6
|
2024-01-20 12:41:21 +02:00 |
|
|
62fc911835
|
systemd-resolved: accidentally rewrit nordvpn.conf
Now accounting for precense of unbound as a maybe fallback resolver
|
2024-01-20 12:35:23 +02:00 |
|
|
7ec7937d2f
|
chrony: add ntp.miuku.net
|
2024-01-17 13:16:37 +02:00 |
|
|
ddbd1acca0
|
ssh: disable RSA host key
|
2024-01-12 13:50:49 +02:00 |
|
|
53c78384e0
|
etc/apt/sources.list: rm ubuntu*
Seems pretty outdated and I cannot see the purpose.
|
2024-01-07 12:33:53 +02:00 |
|
|
2b4487fccb
|
etc/sources.list.d: add untested nordvpn.list for the only Debian around
|
2024-01-07 12:29:49 +02:00 |
|
|
7748d64ad7
|
systemd: deduplicate qbittorrent, add qbittorrent-nox@.service overrides
|
2024-01-06 12:34:44 +02:00 |
|
|
86575ddd37
|
etc/sudoers.d/lecture: rewrite comment including superuser & serverfault links
|
2024-01-05 13:17:22 +02:00 |
|
|
0f5dceed49
|
etc/sudoers.d: add nordvpn
|
2024-01-05 12:56:06 +02:00 |
|
|
39dffa8939
|
systemd service.d: move common explanations from never-fail.conf to README.md
|
2024-01-04 12:35:48 +02:00 |
|
|
d99566d26f
|
systemd/service.d: add nordvpn.conf
|
2024-01-04 12:31:11 +02:00 |
|
|
8a73d0fd63
|
unbound.conf.d: add nordvpn.conf
|
2024-01-04 12:28:38 +02:00 |
|
|
aa97b82e31
|
systemd-resolved: add nordvpn.conf
|
2024-01-04 12:25:53 +02:00 |
|
|
8771c98645
|
etc/yum.repos.d/brave-*: remove unknown option autorefresh
|
2024-01-04 07:45:11 +02:00 |
|
|
09b64835f7
|
etc/yum.repos.d/nordvpn.repo: initial commit
I don't want to use their curlbash and I am considering a Revolut plan that would include their standard plan as well
|
2024-01-03 16:54:59 +02:00 |
|
|
bb60cbe8e6
|
yum/repos.d/librewolf-repo.repo: correct repo name
|
2024-01-03 16:53:38 +02:00 |
|
|
e4c6ff7569
|
etc/sudoers.d: add lecture for always giving the first time lecture
|
2024-01-02 10:54:53 +02:00 |
|
|
9a0895e412
|
unbound: merge dot-quad9-ecs.conf into dot-quad9.conf
|
2023-12-31 16:38:05 +02:00 |
|
|
dba9d4c908
|
unbound/dot-dns0-*.conf: merge to dot-dns0.conf
|
2023-12-30 15:46:22 +02:00 |
|
|
a6dd953817
|
etc/dracut.conf.d/10-asahi.conf: workaround F40 kernel update failures
|
2023-12-29 13:26:25 +02:00 |
|
|
feef4cbba5
|
bluetooth.service.d: clarify comments on tested distros & ponder name
|
2023-12-28 21:30:26 +02:00 |
|
|
be618810c5
|
bluetooth.service.d: drop fedora- from experimental.conf
|
2023-12-28 21:28:27 +02:00 |
|
|
f31cb882a5
|
practically rewrite etc/resolv.conf
|
2023-12-26 10:51:30 +02:00 |
|
|
9d69584103
|
Revert "systemd/service.d: add for-network-online.conf so the service is enabled for that"
This reverts commit 0dc32a525a .
|
2023-12-25 21:26:10 +02:00 |
|
|
fc91247cd1
|
Revert "yggdrasil.service.d: also allow yggdrasil to start before network-online"
This reverts commit fbc82b81f4 .
|
2023-12-25 21:25:44 +02:00 |
|
|
68fc6be7b9
|
Revert "unbound.service.d: add the for-network-online.conf"
This reverts commit 6ba99feb58 .
|
2023-12-25 21:25:22 +02:00 |
|
|
85dbc413f0
|
systemd/system: write tlp-masker.bash instead of having symlinks to /dev/null
|
2023-12-25 17:27:30 +02:00 |
|
|
7d8fe8c1fa
|
systemd/system/README: attempt to fix formatting
|
2023-12-25 17:03:14 +02:00 |
|
|
0327162daa
|
systemd-resolved: double dnssec
|
2023-12-25 15:48:23 +02:00 |
|
|
f8f71d77a2
|
resolv.conf: add systemd-resolved default as a comment too
|
2023-12-25 15:40:41 +02:00 |
|
|
4286b4a22f
|
systemd: add start-unbound.service
|
2023-12-25 15:39:35 +02:00 |
|
|
fbc82b81f4
|
yggdrasil.service.d: also allow yggdrasil to start before network-online
|
2023-12-25 12:41:46 +02:00 |
|
|
214966ae54
|
unbound.service.d: rm WRONG fedora-network-pre.conf
|
2023-12-25 12:40:40 +02:00 |
|
|
6ba99feb58
|
unbound.service.d: add the for-network-online.conf
|
2023-12-25 12:39:58 +02:00 |
|
|
0dc32a525a
|
systemd/service.d: add for-network-online.conf so the service is enabled for that
|
2023-12-25 12:38:05 +02:00 |
|
|
5f6e07f353
|
etc/…/dnf.conf: note RPMCoW plugin in comment on delta RPMs
|
2023-12-18 09:00:49 +02:00 |
|
|
3f0557b1d0
|
move & update pipewire-media-session notes to wireplumber
|
2023-12-17 21:56:45 +02:00 |
|
|
2222ebd249
|
wireplumber: note package pipewire-codec-aptx
|
2023-12-17 21:48:57 +02:00 |
|
|
e9fe061b2c
|
etc/sudoers.d: add insults
|
2023-12-15 13:04:08 +02:00 |
|
|
dc1fa5e65d
|
wireplumber/61-more-codecs.lua: note that all disables HQ playback
|
2023-11-30 10:43:01 +02:00 |
|
|
b770e2f51d
|
etc/wireplumber: don't artificially restrict codecs
|
2023-11-30 10:38:06 +02:00 |
|
|
90556db965
|
bluetooth.service.d: add steamos-experimental.conf
|
2023-11-29 09:54:28 +02:00 |
|
|
88bfa88985
|
experimental wireplumber configuration
|
2023-11-29 09:44:35 +02:00 |
|
|
9853513f01
|
dnf: disable DeltaRPMs
|
2023-11-27 09:12:45 +02:00 |
|
|
91428c51af
|
systemd-resolved: git rm dot-nextdns.conf
|
2023-11-26 16:23:31 +02:00 |
|
|
1abfd94f01
|
systemd-resolved/dot-dns0: merge lines
|
2023-11-26 16:23:12 +02:00 |
|
|
b583b8a6d4
|
systemd-resolved/*.conf: add appliedprivacy DoTo443 as a comment
|
2023-11-26 16:19:55 +02:00 |
|
|
dee168e287
|
systemd-resolved: merge provider configs
|
2023-11-26 16:18:15 +02:00 |
|
|
fa3fc72afb
|
systemd-resolved: cleanup configs I don't recommend
|
2023-11-26 16:12:38 +02:00 |
|
|
16ddfd92e8
|
chrony/sources.d: rethink yggdrasil.sources
|
2023-11-22 11:28:21 +02:00 |
|
|
865e816384
|
chrony/finland.sources: enable xleave for the known Chrony
|
2023-11-22 10:17:32 +02:00 |
|
|
88f443911f
|
chrony/yggdrasil.sources: comment kincarron, unlikely to return in near future
|
2023-11-22 08:38:40 +02:00 |
|
|
b9bc665e07
|
chrony/nts-servers.sources: comment sources not in Finland
|
2023-11-22 08:38:12 +02:00 |
|
|
6918ac27d4
|
yum.repos.d: add mullvad.repo
|
2023-11-20 21:27:48 +02:00 |
|
|
da99ce785f
|
chrony/conf.d: add .FIXME suffix to ca-certificates.conf, clarifying comments
|
2023-11-16 20:19:39 +02:00 |
|
|
428802a4fd
|
unbound: rm mullvad configuration
It's wrong and I am not currently using it
|
2023-11-12 12:51:54 +02:00 |
|
|
e825c1dac3
|
systemd-resolved: dot-mullvad.conf: update domains, add commented other server options
|
2023-11-12 12:51:07 +02:00 |
|
|
60b3c620fb
|
systemd-resolved: rm dot-mullvad-adblock.conf
|
2023-11-12 12:46:35 +02:00 |
|
|
f64b94894c
|
resolv.tsv: update Mullvad addresses
|
2023-11-12 12:45:43 +02:00 |
|
|
4f2f41762c
|
etc/yum.repos.d: note LibreWolf upstream documentation
|
2023-11-11 18:27:55 +02:00 |
|
|
35b90b6d06
|
resolv.tsv: update/add/fix Mullvad offering
|
2023-11-10 15:14:42 +02:00 |
|
|
d2c6f99401
|
ssh_config: remove deprecated option useroaming
Even Debian Bookworm mentions it as deprecated in ssh -vvv and I seriously doubt I have such old SSH running anywhere
|
2023-10-28 22:27:06 +03:00 |
|
|
4f87dd6221
|
samba/playstation2.conf: specify hosts allow
|
2023-10-28 20:35:08 +03:00 |
|
|
ad59c45eb3
|
yum.repos.d/README.md: update Yggdrasil address
|
2023-10-28 18:12:51 +03:00 |
|
|
b6ecd1b173
|
systemd-resolved: keep DNSSEC enabled
|
2023-10-21 11:27:07 +03:00 |
|
|
7b4d791d07
|
flatpak-update.timer: increase frequency
|
2023-10-19 10:43:55 +03:00 |
|
|
94c23e2f7d
|
etc/nginx: fix line endings and indentation
UNTESTED! TODO WIP etc.?
|
2023-10-19 09:27:55 +03:00 |
|
|
90edac262a
|
resolved.conf.d: add dot-dns0-appliedprivacy.conf in style of quad9-ecs-appliedprivacy
|
2023-10-14 19:18:45 +03:00 |
|
|
79210446ed
|
local/share/applications: add SteamOS-kscreenlocker.desktop symlink
|
2023-10-09 12:54:34 +03:00 |
|
|
5419ff1bc7
|
move submodule to submodules/
|
2023-10-09 12:50:52 +03:00 |
|
|
b8f1aa69dd
|
unbound/00-insecure-domains.conf: add router.asus.com
|
2023-10-07 13:10:07 +03:00 |
|
|
1eeef2f511
|
resolved: add dot-quad9-ecs-appliedprivacy.conf for Steam Deck purposes
|
2023-10-01 19:06:46 +03:00 |
|
|
5297140958
|
systemd/limnoria.service: place limit on memory, commented cpuquote
|
2023-10-01 10:47:06 +03:00 |
|
|
024fd40e87
|
git rm etc/hosts.append
https://gitea.blesmrt.net/mikaela/gist/src/branch/master/DNS/blocklist.txt
|
2023-09-30 17:39:47 +03:00 |
|
|
d7acebbe45
|
chrony/sources.d/yggdrasil: remove Teknologia Avoimeksi
|
2023-09-30 17:38:45 +03:00 |
|
|
10a841acfe
|
systemd/journald.conf.d: add 00-journal-size.conf
|
2023-09-29 15:06:41 +03:00 |
|
|
c32910df57
|
systemd/syncplay-server.service: use venv
Resolves: #145
Thanks again @EchedeyLR
|
2023-09-29 10:57:06 +03:00 |
|
|
a4b7bdb51a
|
systemd/limnoria: use venv & update Ergo's name
Thanks @EchedeyLR (ref: mikaela/shell-things#145)
|
2023-09-29 10:39:44 +03:00 |
|
|
2c47aaae48
|
sshd_config.d/README.md: fix formatting, note priority
|
2023-09-28 14:35:21 +03:00 |
|
|
c0fcc82c4d
|
sshd_config: add 00- prefix to basic-security.conf as apparently first wins in ssh
|
2023-09-28 14:34:13 +03:00 |
|
|
f20e23df42
|
sshd_config.d: maybe keyed root login is fine in special case of SteamOS on Steam Deck?
|
2023-09-27 18:02:50 +03:00 |
|
|
71a8913d37
|
update submodule etc/chrony/sources.d/jauderho-nts-servers
|
2023-09-27 12:21:32 +03:00 |
|
|
dfcbc7e971
|
systemd/timesyncd.conf.d: sync sources from Chrony
This is for SteamOS, although without Yggdrasil (that I am not hacking in
yet) and NTS which systemd-timesyncd doesn't do to my knowledge
|
2023-09-27 12:16:55 +03:00 |
|
|
9429b48aaa
|
etc/iwd/main.conf: throw in comments on defaults
|
2023-09-26 17:33:12 +03:00 |
|
|
ce7ab5ea40
|
grub/forcefsck: add fsck.repair=yes
|
2023-09-24 17:26:40 +03:00 |
|
|
49d6dfc766
|
update submodule etc/chrony/sources.d/jauderho-nts-servers
|
2023-09-17 20:29:37 +03:00 |
|
|
24eb3890c2
|
systemd-resolved: prefer IPv6 over IPv4
|
2023-09-10 11:16:57 +03:00 |
|
|
1e3a7f8fa3
|
systemd-resolved/dns-over-tls.conf: drop appliedprivacy#443 to the bottom of the list
Apparently systemd-resolved wants to go in strict order and thus it's always sending my queries to distant Austria instead of neighbouring regions
|
2023-09-10 11:10:39 +03:00 |
|
|
e2829267d7
|
systemd: add debugging & symlinks for networkd, resolved, never-fail networkd
|
2023-09-10 11:07:11 +03:00 |
|
|
c7b5330dfb
|
systemd/resolved/dot: add missing bracket, remove extra ones
Apparently IPv6 must only be surrounded by brackets, otherwise it's invalid syntax
|
2023-09-10 09:52:59 +03:00 |
|
|
1d8e457f97
|
systemd-resolved: add dns-over-tls.conf mimicing unbound's equivalent
|
2023-09-10 09:31:35 +03:00 |
|
|
4d68dd7e7f
|
systemd: add journald.conf.d/.gitignore as a placeholder
|
2023-08-24 16:12:43 +03:00 |
|
|
27dacbf5f8
|
systemd-networkd: add commented RequiredFamilyForOnline= under [Link]
|
2023-08-23 14:40:18 +03:00 |
|
|
2e1a5cbfe1
|
chrony: add ca-certificates.conf to explicitly specify their location
|
2023-08-20 11:13:51 +03:00 |
|
|
5120a7aff8
|
update submodule jauderho-nts-servers
|
2023-08-20 11:13:28 +03:00 |
|
|
78bb0cdcc8
|
etc/resolv.tsv: add Applied Privacy
|
2023-08-05 12:36:20 +03:00 |
|
|
9fdeb56762
|
unbound.service.d: add fedora-network-pre.conf
|
2023-08-04 13:09:58 +03:00 |
|
|
34b4ffb8ac
|
unbound/dns-over-tls.conf: cut to 443 and private ECS capable non-filtering servers
|
2023-08-04 12:45:03 +03:00 |
|
|
d024ac1234
|
Revert "rm etc/unbound/unbound.conf.d/dns-over-tls.conf"
This reverts commit e9998f4079 .
|
2023-08-04 12:27:41 +03:00 |
|
|
db6bdd6222
|
unbound.service.d: override to require dnsproxy for starting
|
2023-08-03 12:43:10 +03:00 |
|
|
6fdfad9e93
|
dnsproxy.service: return to network-pre.target
|
2023-08-03 12:41:58 +03:00 |
|
|
5acec4c00e
|
dnsproxy.service: second-guess to start after network-noline.target and before unbound.service?
|
2023-08-03 12:15:24 +03:00 |
|
|
809d723293
|
systemd: fix symlinks to never-fail.conf
Technically they would still work through the yggdrasil symlink, but I don't like it
|
2023-08-03 11:54:01 +03:00 |
|
|
bbd7a02b60
|
dnsproxy.service: start before network management and hope it handles dynamic network conditions
|
2023-08-03 11:50:52 +03:00 |
|
|
918bdc2a97
|
systemd: move never-fail to more appropiate location
|
2023-08-03 11:50:12 +03:00 |
|
|
f3c9d1006b
|
update submodule etc/chrony/sources.d/jauderho-nts-servers
|
2023-07-29 21:31:46 +03:00 |
|
|
2738d239ce
|
etc/yum.repos.d: add librewolf-repo.repo
|
2023-07-13 12:24:14 +03:00 |
|
|
eab5c3b07e
|
systemd/network: add number prefixes as per man systemd.network
|
2023-07-05 10:57:03 +03:00 |
|
|
5749b2c0fa
|
update submodule etc/chrony/sources.d/jauderho-nts-servers
|
2023-07-04 11:46:33 +03:00 |
|
|
a13a0dd86b
|
systemd-networkd: match naming with types
|
2023-07-04 11:45:29 +03:00 |
|
|
8cc9353374
|
systemd-networkd: configure based on type rather than name, add a comment on MACAddress matching
Resolves: warnings on potentially unpredictable interface names.
|
2023-07-04 11:24:29 +03:00 |
|
|
d3c613bc41
|
etc/iwd/main.conf: add spacing, comment AddressRandomization=disabled for Realtek
|
2023-06-25 17:58:41 +03:00 |
|
|
30253761b3
|
systemd/network: enable IPv6 Privacy Extensions and link-local stable-privacy
|
2023-06-25 14:13:00 +03:00 |
|
|
cbdfc0f46d
|
systemd-networkd: unmanage wlan0
|
2023-06-25 10:36:29 +03:00 |
|
|
6159876f05
|
unbound/blocklist.conf: add {reddit,twitter}.com to support the protest
|
2023-06-11 18:53:16 +03:00 |
|
|
f61d8c3edb
|
systemd/dnsproxy.service: use the same DNS0 for bootstrap as DoH
|
2023-06-11 08:56:04 +03:00 |
|
|
c54a8c0a10
|
update submodule etc/chrony/sources.d/jauderho-nts-servers
|
2023-06-10 08:20:22 +03:00 |
|
|
7ac9b9a7cc
|
etc/unbound/blocklist: remove duplicates, add graph.facebook.com
`local-zone: "google-analytics.com." always_refuse` implies subdomains
|
2023-06-06 12:09:48 +03:00 |
|
|
5d00ccaf6b
|
unbound: add blocklist-tld.conf mainly for zip & mov
|
2023-05-28 10:36:52 +03:00 |
|
|
1b1514f993
|
systemd: add masks required by tlp as a note to self
|
2023-05-25 07:48:22 +03:00 |
|
|
8fb52ec8f2
|
add shfmt
|
2023-05-18 11:58:51 +03:00 |
|
|
687a6433bb
|
add & run prettier-plugin-nginx
|
2023-05-18 11:35:13 +03:00 |
|
|
e0dc070cd1
|
etc/nginx: append .nginx to file names
in preparation of prettier-nginx
|
2023-05-18 11:17:24 +03:00 |
|
|
ca2956b678
|
unbound/blocklist: note encrypted client hello
|
2023-05-13 17:17:20 +03:00 |
|
|
603ac4a011
|
unbound/blocklist.conf: remove Mozilla Telemetry
|
2023-05-13 17:16:17 +03:00 |
|
|
fdeab81c2b
|
unbound/blocklist.conf: add matrix.to as dared by !KMbEUhVQHLwZHmwzKX:matrix.org
|
2023-05-13 17:14:45 +03:00 |
|
|
19f3a0b720
|
update submodule jauderho-nts-servers
|
2023-05-12 09:30:28 +03:00 |
|
|
58ead9302c
|
etc/apt/sources.list: keep adding non-free-firmwares
Fixes: 94d26e811a
Resolves: #159
|
2023-05-12 09:29:32 +03:00 |
|
|
42f1c58fa0
|
etc/yum.repos.d: add vivaldi
|
2023-05-08 20:54:22 +03:00 |
|
|
442a4fb89a
|
update submodules
|
2023-05-04 15:57:12 +03:00 |
|
|
94d26e811a
|
etc/apt/sources.list: enable non-free-firmware for Debians
Resolves: #159
|
2023-04-10 17:07:48 +03:00 |
|
|
8309e9254e
|
ssh_config: StrictHostKeyChecking accept-new
|
2023-04-03 11:03:48 +03:00 |
|
|
0a5e526cc5
|
systemd-networkd/eth0: don't require being up
Resolves: #157
|
2023-03-31 13:33:27 +03:00 |
|
|
5f6bddfe8a
|
systemd: add NetworkManager-wait-online.service & systemd-networkd-wait-online.service to refresh my memory
|
2023-03-25 18:32:23 +02:00 |
|
|
bae5e38347
|
etc/samba/playstation2.conf: apparently both log level & syslog lines are needed
|
2023-03-25 12:12:57 +02:00 |
|
|
3e9331c84f
|
etc/samba/playstation2.conf: move deadtime & keepalive to [global]
|
2023-03-25 12:05:43 +02:00 |
|
|
4757f05060
|
etc/samba/playstation2.conf: fix logging?
|
2023-03-25 12:03:54 +02:00 |
|
|
f43106f002
|
etc/samba/playstation2.conf: enable logging
|
2023-03-25 11:55:54 +02:00 |
|
|
e491a114a1
|
etc/samba/playstation2.conf: disable deadtime, shorten keepalive
|
2023-03-25 11:46:33 +02:00 |
|
|
7ea097c6fe
|
etc/resolv.conf: search for .
Resolves: #156
|
2023-03-24 10:37:52 +02:00 |
|
|
6333883dc3
|
etc/samba/playstation2.conf: document issues coming up with real hardware
|
2023-03-14 16:57:14 +02:00 |
|
|
30684318aa
|
etc/resolv.tsv: test ECS support of some empty fields
|
2023-03-11 15:54:04 +02:00 |
|
|
33301bb8e5
|
etc/chrony/sources.d: update submodule
|
2023-03-11 08:18:48 +02:00 |
|
|
cc0e5514ab
|
etc/chrony/sources.d: update submodule, add license information, add German servers
|
2023-03-10 09:49:35 +02:00 |
|
|
4f7d891f68
|
jauderho-nts-servers: update submodule
|
2023-03-09 11:45:58 +02:00 |
|
|
1b113e0c3e
|
etc/systemd/network: add commented DHCP=yes
|
2023-03-07 15:02:13 +02:00 |
|
|
514ed85374
|
etc/systemd/network: update samples and comments to reflect my current views
|
2023-03-07 14:46:28 +02:00 |
|