Commit Graph

912 Commits

Author SHA1 Message Date
e5fb27a15e
nts-servers.sources: System76 is actually not an NTS pool 2024-01-22 12:56:20 +02:00
9e0333908d
nts-servers.sources: bring the uncommented Finnish server closer to top 2024-01-22 12:53:53 +02:00
9c90a36069
chrony/nts-servers.sources: update System76 entries, increase their line numbers 2024-01-22 12:52:44 +02:00
7a2b36864b
systemd-resolved/nordvpn.conf: add what appears to be their IPv6 2024-01-20 12:41:21 +02:00
62fc911835
systemd-resolved: accidentally rewrit nordvpn.conf
Now accounting for precense of unbound as a maybe fallback resolver
2024-01-20 12:35:23 +02:00
7ec7937d2f
chrony: add ntp.miuku.net 2024-01-17 13:16:37 +02:00
ddbd1acca0
ssh: disable RSA host key 2024-01-12 13:50:49 +02:00
53c78384e0
etc/apt/sources.list: rm ubuntu*
Seems pretty outdated and I cannot see the purpose.
2024-01-07 12:33:53 +02:00
2b4487fccb
etc/sources.list.d: add untested nordvpn.list for the only Debian around 2024-01-07 12:29:49 +02:00
7748d64ad7
systemd: deduplicate qbittorrent, add qbittorrent-nox@.service overrides 2024-01-06 12:34:44 +02:00
86575ddd37
etc/sudoers.d/lecture: rewrite comment including superuser & serverfault links 2024-01-05 13:17:22 +02:00
0f5dceed49
etc/sudoers.d: add nordvpn 2024-01-05 12:56:06 +02:00
39dffa8939
systemd service.d: move common explanations from never-fail.conf to README.md 2024-01-04 12:35:48 +02:00
d99566d26f
systemd/service.d: add nordvpn.conf 2024-01-04 12:31:11 +02:00
8a73d0fd63
unbound.conf.d: add nordvpn.conf 2024-01-04 12:28:38 +02:00
aa97b82e31
systemd-resolved: add nordvpn.conf 2024-01-04 12:25:53 +02:00
8771c98645
etc/yum.repos.d/brave-*: remove unknown option autorefresh 2024-01-04 07:45:11 +02:00
09b64835f7
etc/yum.repos.d/nordvpn.repo: initial commit
I don't want to use their curlbash and I am considering a Revolut plan that would include their standard plan as well
2024-01-03 16:54:59 +02:00
bb60cbe8e6
yum/repos.d/librewolf-repo.repo: correct repo name 2024-01-03 16:53:38 +02:00
e4c6ff7569
etc/sudoers.d: add lecture for always giving the first time lecture 2024-01-02 10:54:53 +02:00
9a0895e412
unbound: merge dot-quad9-ecs.conf into dot-quad9.conf 2023-12-31 16:38:05 +02:00
dba9d4c908
unbound/dot-dns0-*.conf: merge to dot-dns0.conf 2023-12-30 15:46:22 +02:00
a6dd953817
etc/dracut.conf.d/10-asahi.conf: workaround F40 kernel update failures 2023-12-29 13:26:25 +02:00
feef4cbba5
bluetooth.service.d: clarify comments on tested distros & ponder name 2023-12-28 21:30:26 +02:00
be618810c5
bluetooth.service.d: drop fedora- from experimental.conf 2023-12-28 21:28:27 +02:00
f31cb882a5
practically rewrite etc/resolv.conf 2023-12-26 10:51:30 +02:00
9d69584103
Revert "systemd/service.d: add for-network-online.conf so the service is enabled for that"
This reverts commit 0dc32a525a.
2023-12-25 21:26:10 +02:00
fc91247cd1
Revert "yggdrasil.service.d: also allow yggdrasil to start before network-online"
This reverts commit fbc82b81f4.
2023-12-25 21:25:44 +02:00
68fc6be7b9
Revert "unbound.service.d: add the for-network-online.conf"
This reverts commit 6ba99feb58.
2023-12-25 21:25:22 +02:00
85dbc413f0
systemd/system: write tlp-masker.bash instead of having symlinks to /dev/null 2023-12-25 17:27:30 +02:00
7d8fe8c1fa
systemd/system/README: attempt to fix formatting 2023-12-25 17:03:14 +02:00
0327162daa
systemd-resolved: double dnssec 2023-12-25 15:48:23 +02:00
f8f71d77a2
resolv.conf: add systemd-resolved default as a comment too 2023-12-25 15:40:41 +02:00
4286b4a22f
systemd: add start-unbound.service 2023-12-25 15:39:35 +02:00
fbc82b81f4
yggdrasil.service.d: also allow yggdrasil to start before network-online 2023-12-25 12:41:46 +02:00
214966ae54
unbound.service.d: rm WRONG fedora-network-pre.conf 2023-12-25 12:40:40 +02:00
6ba99feb58
unbound.service.d: add the for-network-online.conf 2023-12-25 12:39:58 +02:00
0dc32a525a
systemd/service.d: add for-network-online.conf so the service is enabled for that 2023-12-25 12:38:05 +02:00
5f6e07f353
etc/…/dnf.conf: note RPMCoW plugin in comment on delta RPMs 2023-12-18 09:00:49 +02:00
3f0557b1d0
move & update pipewire-media-session notes to wireplumber 2023-12-17 21:56:45 +02:00
2222ebd249
wireplumber: note package pipewire-codec-aptx 2023-12-17 21:48:57 +02:00
e9fe061b2c
etc/sudoers.d: add insults 2023-12-15 13:04:08 +02:00
dc1fa5e65d
wireplumber/61-more-codecs.lua: note that all disables HQ playback 2023-11-30 10:43:01 +02:00
b770e2f51d
etc/wireplumber: don't artificially restrict codecs 2023-11-30 10:38:06 +02:00
90556db965
bluetooth.service.d: add steamos-experimental.conf 2023-11-29 09:54:28 +02:00
88bfa88985
experimental wireplumber configuration 2023-11-29 09:44:35 +02:00
9853513f01
dnf: disable DeltaRPMs 2023-11-27 09:12:45 +02:00
91428c51af
systemd-resolved: git rm dot-nextdns.conf 2023-11-26 16:23:31 +02:00
1abfd94f01
systemd-resolved/dot-dns0: merge lines 2023-11-26 16:23:12 +02:00
b583b8a6d4
systemd-resolved/*.conf: add appliedprivacy DoTo443 as a comment 2023-11-26 16:19:55 +02:00
dee168e287
systemd-resolved: merge provider configs 2023-11-26 16:18:15 +02:00
fa3fc72afb
systemd-resolved: cleanup configs I don't recommend 2023-11-26 16:12:38 +02:00
16ddfd92e8
chrony/sources.d: rethink yggdrasil.sources 2023-11-22 11:28:21 +02:00
865e816384
chrony/finland.sources: enable xleave for the known Chrony 2023-11-22 10:17:32 +02:00
88f443911f
chrony/yggdrasil.sources: comment kincarron, unlikely to return in near future 2023-11-22 08:38:40 +02:00
b9bc665e07
chrony/nts-servers.sources: comment sources not in Finland 2023-11-22 08:38:12 +02:00
6918ac27d4
yum.repos.d: add mullvad.repo 2023-11-20 21:27:48 +02:00
da99ce785f
chrony/conf.d: add .FIXME suffix to ca-certificates.conf, clarifying comments 2023-11-16 20:19:39 +02:00
428802a4fd
unbound: rm mullvad configuration
It's wrong and I am not currently using it
2023-11-12 12:51:54 +02:00
e825c1dac3
systemd-resolved: dot-mullvad.conf: update domains, add commented other server options 2023-11-12 12:51:07 +02:00
60b3c620fb
systemd-resolved: rm dot-mullvad-adblock.conf 2023-11-12 12:46:35 +02:00
f64b94894c
resolv.tsv: update Mullvad addresses 2023-11-12 12:45:43 +02:00
4f2f41762c
etc/yum.repos.d: note LibreWolf upstream documentation 2023-11-11 18:27:55 +02:00
35b90b6d06
resolv.tsv: update/add/fix Mullvad offering 2023-11-10 15:14:42 +02:00
d2c6f99401
ssh_config: remove deprecated option useroaming
Even Debian Bookworm mentions it as deprecated in ssh -vvv and I seriously doubt I have such old SSH running anywhere
2023-10-28 22:27:06 +03:00
4f87dd6221
samba/playstation2.conf: specify hosts allow 2023-10-28 20:35:08 +03:00
ad59c45eb3
yum.repos.d/README.md: update Yggdrasil address 2023-10-28 18:12:51 +03:00
b6ecd1b173
systemd-resolved: keep DNSSEC enabled 2023-10-21 11:27:07 +03:00
7b4d791d07
flatpak-update.timer: increase frequency 2023-10-19 10:43:55 +03:00
94c23e2f7d
etc/nginx: fix line endings and indentation
UNTESTED! TODO WIP etc.?
2023-10-19 09:27:55 +03:00
90edac262a
resolved.conf.d: add dot-dns0-appliedprivacy.conf in style of quad9-ecs-appliedprivacy 2023-10-14 19:18:45 +03:00
79210446ed
local/share/applications: add SteamOS-kscreenlocker.desktop symlink 2023-10-09 12:54:34 +03:00
5419ff1bc7
move submodule to submodules/ 2023-10-09 12:50:52 +03:00
b8f1aa69dd
unbound/00-insecure-domains.conf: add router.asus.com 2023-10-07 13:10:07 +03:00
1eeef2f511
resolved: add dot-quad9-ecs-appliedprivacy.conf for Steam Deck purposes 2023-10-01 19:06:46 +03:00
5297140958
systemd/limnoria.service: place limit on memory, commented cpuquote 2023-10-01 10:47:06 +03:00
024fd40e87
git rm etc/hosts.append
https://gitea.blesmrt.net/mikaela/gist/src/branch/master/DNS/blocklist.txt
2023-09-30 17:39:47 +03:00
d7acebbe45
chrony/sources.d/yggdrasil: remove Teknologia Avoimeksi 2023-09-30 17:38:45 +03:00
10a841acfe
systemd/journald.conf.d: add 00-journal-size.conf 2023-09-29 15:06:41 +03:00
c32910df57
systemd/syncplay-server.service: use venv
Resolves: #145

Thanks again @EchedeyLR
2023-09-29 10:57:06 +03:00
a4b7bdb51a
systemd/limnoria: use venv & update Ergo's name
Thanks @EchedeyLR (ref: mikaela/shell-things#145)
2023-09-29 10:39:44 +03:00
2c47aaae48
sshd_config.d/README.md: fix formatting, note priority 2023-09-28 14:35:21 +03:00
c0fcc82c4d
sshd_config: add 00- prefix to basic-security.conf as apparently first wins in ssh 2023-09-28 14:34:13 +03:00
f20e23df42
sshd_config.d: maybe keyed root login is fine in special case of SteamOS on Steam Deck? 2023-09-27 18:02:50 +03:00
71a8913d37
update submodule etc/chrony/sources.d/jauderho-nts-servers 2023-09-27 12:21:32 +03:00
dfcbc7e971
systemd/timesyncd.conf.d: sync sources from Chrony
This is for SteamOS, although without Yggdrasil (that I am not hacking in
yet) and NTS which systemd-timesyncd doesn't do to my knowledge
2023-09-27 12:16:55 +03:00
9429b48aaa
etc/iwd/main.conf: throw in comments on defaults 2023-09-26 17:33:12 +03:00
ce7ab5ea40
grub/forcefsck: add fsck.repair=yes 2023-09-24 17:26:40 +03:00
49d6dfc766
update submodule etc/chrony/sources.d/jauderho-nts-servers 2023-09-17 20:29:37 +03:00
24eb3890c2
systemd-resolved: prefer IPv6 over IPv4 2023-09-10 11:16:57 +03:00
1e3a7f8fa3
systemd-resolved/dns-over-tls.conf: drop appliedprivacy#443 to the bottom of the list
Apparently systemd-resolved wants to go in strict order and thus it's always sending my queries to distant Austria instead of neighbouring regions
2023-09-10 11:10:39 +03:00
e2829267d7
systemd: add debugging & symlinks for networkd, resolved, never-fail networkd 2023-09-10 11:07:11 +03:00
c7b5330dfb
systemd/resolved/dot: add missing bracket, remove extra ones
Apparently IPv6 must only be surrounded by brackets, otherwise it's invalid syntax
2023-09-10 09:52:59 +03:00
1d8e457f97
systemd-resolved: add dns-over-tls.conf mimicing unbound's equivalent 2023-09-10 09:31:35 +03:00
4d68dd7e7f
systemd: add journald.conf.d/.gitignore as a placeholder 2023-08-24 16:12:43 +03:00
27dacbf5f8
systemd-networkd: add commented RequiredFamilyForOnline= under [Link] 2023-08-23 14:40:18 +03:00
2e1a5cbfe1
chrony: add ca-certificates.conf to explicitly specify their location 2023-08-20 11:13:51 +03:00
5120a7aff8
update submodule jauderho-nts-servers 2023-08-20 11:13:28 +03:00
78bb0cdcc8
etc/resolv.tsv: add Applied Privacy 2023-08-05 12:36:20 +03:00
9fdeb56762
unbound.service.d: add fedora-network-pre.conf 2023-08-04 13:09:58 +03:00
34b4ffb8ac
unbound/dns-over-tls.conf: cut to 443 and private ECS capable non-filtering servers 2023-08-04 12:45:03 +03:00
d024ac1234
Revert "rm etc/unbound/unbound.conf.d/dns-over-tls.conf"
This reverts commit e9998f4079.
2023-08-04 12:27:41 +03:00
db6bdd6222
unbound.service.d: override to require dnsproxy for starting 2023-08-03 12:43:10 +03:00
6fdfad9e93
dnsproxy.service: return to network-pre.target 2023-08-03 12:41:58 +03:00
5acec4c00e
dnsproxy.service: second-guess to start after network-noline.target and before unbound.service? 2023-08-03 12:15:24 +03:00
809d723293
systemd: fix symlinks to never-fail.conf
Technically they would still work through the yggdrasil symlink, but I don't like it
2023-08-03 11:54:01 +03:00
bbd7a02b60
dnsproxy.service: start before network management and hope it handles dynamic network conditions 2023-08-03 11:50:52 +03:00
918bdc2a97
systemd: move never-fail to more appropiate location 2023-08-03 11:50:12 +03:00
f3c9d1006b
update submodule etc/chrony/sources.d/jauderho-nts-servers 2023-07-29 21:31:46 +03:00
2738d239ce
etc/yum.repos.d: add librewolf-repo.repo 2023-07-13 12:24:14 +03:00
eab5c3b07e
systemd/network: add number prefixes as per man systemd.network 2023-07-05 10:57:03 +03:00
5749b2c0fa
update submodule etc/chrony/sources.d/jauderho-nts-servers 2023-07-04 11:46:33 +03:00
a13a0dd86b
systemd-networkd: match naming with types 2023-07-04 11:45:29 +03:00
8cc9353374
systemd-networkd: configure based on type rather than name, add a comment on MACAddress matching
Resolves: warnings on potentially unpredictable interface names.
2023-07-04 11:24:29 +03:00
d3c613bc41
etc/iwd/main.conf: add spacing, comment AddressRandomization=disabled for Realtek 2023-06-25 17:58:41 +03:00
30253761b3
systemd/network: enable IPv6 Privacy Extensions and link-local stable-privacy 2023-06-25 14:13:00 +03:00
cbdfc0f46d
systemd-networkd: unmanage wlan0 2023-06-25 10:36:29 +03:00
6159876f05
unbound/blocklist.conf: add {reddit,twitter}.com to support the protest 2023-06-11 18:53:16 +03:00
f61d8c3edb
systemd/dnsproxy.service: use the same DNS0 for bootstrap as DoH 2023-06-11 08:56:04 +03:00
c54a8c0a10
update submodule etc/chrony/sources.d/jauderho-nts-servers 2023-06-10 08:20:22 +03:00
7ac9b9a7cc
etc/unbound/blocklist: remove duplicates, add graph.facebook.com
`local-zone: "google-analytics.com." always_refuse` implies subdomains
2023-06-06 12:09:48 +03:00
5d00ccaf6b
unbound: add blocklist-tld.conf mainly for zip & mov 2023-05-28 10:36:52 +03:00
1b1514f993
systemd: add masks required by tlp as a note to self 2023-05-25 07:48:22 +03:00
8fb52ec8f2
add shfmt 2023-05-18 11:58:51 +03:00
687a6433bb
add & run prettier-plugin-nginx 2023-05-18 11:35:13 +03:00
e0dc070cd1
etc/nginx: append .nginx to file names
in preparation of prettier-nginx
2023-05-18 11:17:24 +03:00
ca2956b678
unbound/blocklist: note encrypted client hello 2023-05-13 17:17:20 +03:00
603ac4a011
unbound/blocklist.conf: remove Mozilla Telemetry 2023-05-13 17:16:17 +03:00
fdeab81c2b
unbound/blocklist.conf: add matrix.to as dared by !KMbEUhVQHLwZHmwzKX:matrix.org 2023-05-13 17:14:45 +03:00
19f3a0b720
update submodule jauderho-nts-servers 2023-05-12 09:30:28 +03:00
58ead9302c
etc/apt/sources.list: keep adding non-free-firmwares
Fixes: 94d26e811a
Resolves: #159
2023-05-12 09:29:32 +03:00
42f1c58fa0
etc/yum.repos.d: add vivaldi 2023-05-08 20:54:22 +03:00
442a4fb89a
update submodules 2023-05-04 15:57:12 +03:00
94d26e811a
etc/apt/sources.list: enable non-free-firmware for Debians
Resolves: #159
2023-04-10 17:07:48 +03:00
8309e9254e
ssh_config: StrictHostKeyChecking accept-new 2023-04-03 11:03:48 +03:00
0a5e526cc5
systemd-networkd/eth0: don't require being up
Resolves: #157
2023-03-31 13:33:27 +03:00
5f6bddfe8a
systemd: add NetworkManager-wait-online.service & systemd-networkd-wait-online.service to refresh my memory 2023-03-25 18:32:23 +02:00
bae5e38347
etc/samba/playstation2.conf: apparently both log level & syslog lines are needed 2023-03-25 12:12:57 +02:00
3e9331c84f
etc/samba/playstation2.conf: move deadtime & keepalive to [global] 2023-03-25 12:05:43 +02:00
4757f05060
etc/samba/playstation2.conf: fix logging? 2023-03-25 12:03:54 +02:00
f43106f002
etc/samba/playstation2.conf: enable logging 2023-03-25 11:55:54 +02:00
e491a114a1
etc/samba/playstation2.conf: disable deadtime, shorten keepalive 2023-03-25 11:46:33 +02:00
7ea097c6fe
etc/resolv.conf: search for .
Resolves: #156
2023-03-24 10:37:52 +02:00
6333883dc3
etc/samba/playstation2.conf: document issues coming up with real hardware 2023-03-14 16:57:14 +02:00
30684318aa
etc/resolv.tsv: test ECS support of some empty fields 2023-03-11 15:54:04 +02:00
33301bb8e5
etc/chrony/sources.d: update submodule 2023-03-11 08:18:48 +02:00
cc0e5514ab
etc/chrony/sources.d: update submodule, add license information, add German servers 2023-03-10 09:49:35 +02:00
4f7d891f68
jauderho-nts-servers: update submodule 2023-03-09 11:45:58 +02:00
1b113e0c3e
etc/systemd/network: add commented DHCP=yes 2023-03-07 15:02:13 +02:00
514ed85374
etc/systemd/network: update samples and comments to reflect my current views 2023-03-07 14:46:28 +02:00