shell-things

mirror of https://gitea.blesmrt.net/mikaela/shell-things.git synced 2024-11-09 18:19:23 +01:00

Author	SHA1	Message	Date
Aminda Suomalainen	e56e5e1909	systemd-networkd: remove comment I don't stand behind	2024-04-22 13:05:58 +03:00
Aminda Suomalainen	02c434b81b	systemd-networkd: list local DNS resolvers	2024-04-22 12:59:38 +03:00
Aminda Suomalainen	44b6e5b618	systemd-networkd: add DNSSEC & DNSOverTLS & search domains	2024-04-22 12:25:25 +03:00
Aminda Suomalainen	945ca0462d	Revert "systemd-networkd: attempt to deduplicate by cutting into 10-global.network" This reverts commit `19b6fbef3c`.	2024-04-22 12:21:56 +03:00
Aminda Suomalainen	06787a38de	resolved/00-no-local-resolver.conf: comment local resolver since I break DNSSEC	2024-04-22 12:14:34 +03:00
Aminda Suomalainen	19b6fbef3c	systemd-networkd: attempt to deduplicate by cutting into 10-global.network	2024-04-22 12:07:39 +03:00
Aminda Suomalainen	aac3ccdec3	unbound/well-known-dns.conf: add CNAMEs one.one.one.one & dns.google.com	2024-04-22 11:26:46 +03:00
Aminda Suomalainen	dc6fc85174	chromium: exclude bittimittari.fi	2024-04-22 10:09:28 +03:00
Aminda Suomalainen	fe1970cfd9	chromium: add brave IPFS disabling policy IPFS is known for killing routers and having it on two machines while trying to VoIP with a lot of people, it gets a bit too heavy	2024-04-22 10:03:53 +03:00
Aminda Suomalainen	abd21e008a	well-known-dns.conf: typetransparent subdomains just in case Theoretically the higher level domain affects them too, but in practice I am unsure and I have previously only used always_reject for google-analytics & subdomains blocking. It at least isn't causing warnings or errors.	2024-04-22 07:42:53 +03:00
Aminda Suomalainen	579e98f27c	unbound/well-known-dns.conf: use typetransparent so non-local queries won't get NODATA	2024-04-22 07:28:55 +03:00
Aminda Suomalainen	623a9150fd	unbound: merge 00-insecure-domains.conf into blocklist.conf	2024-04-22 07:10:18 +03:00
Aminda Suomalainen	892feb3c1b	unbound/blocklist: add fritz.box.	2024-04-22 07:06:21 +03:00
Aminda Suomalainen	c90b551ac4	chromium: merge doh-forced to the doh files due to it being required anyway, update documentation, rename doh-allowed → doh-unlocked-unset	2024-04-21 14:00:39 +03:00
Aminda Suomalainen	4a47d14069	resolved.conf.d: add dot-trex.conf symlink and explaining comments like in unbound	2024-04-21 13:14:53 +03:00
Aminda Suomalainen	ce9159e756	unbound/dot-quad9.conf: prettier sorting	2024-04-21 13:13:41 +03:00
Aminda Suomalainen	7379241a20	chromium: add the rest of Quad9 & update README.md	2024-04-21 11:35:28 +03:00
Aminda Suomalainen	3540f2442e	chromium/doh-quad9*: add alternative port as Chromium allows multiple	2024-04-21 11:28:07 +03:00
Aminda Suomalainen	eb47fac4cb	systemd-resolved: add vim modelines	2024-04-21 10:58:45 +03:00
Aminda Suomalainen	f126e681a2	systemd-resolved: split applied-privacy#443 to its own file as resolved configs don't exclude each other	2024-04-21 10:57:25 +03:00
Aminda Suomalainen	a0ccd790ab	unbound & systemd-resolved: add Quad9 alternative port	2024-04-21 10:54:22 +03:00
Aminda Suomalainen	e64e4e7fd0	firefox: DisableEncryptedClientHello: false I am not sure if this does anything, I just saw a message in logs and it didn't trigger an error	2024-04-21 10:13:29 +03:00
Aminda Suomalainen	6a97040386	firefox: add IPvFoo*	2024-04-21 10:08:43 +03:00
Aminda Suomalainen	069da00a38	Chromium: add IPvFoo* and note that users should go through extensions	2024-04-21 09:58:30 +03:00
Aminda Suomalainen	e6bd2b13ad	unbound: add TREX upstream configuration	2024-04-20 20:25:48 +03:00
Aminda Suomalainen	a7cf718453	uncound/well-known-dns.conf: add DNS0 {Zero,Kids,Open}	2024-04-20 17:59:46 +03:00
Aminda Suomalainen	41c65344f1	chromium: add dot-dns0-{kids,open,zero}.json	2024-04-20 17:53:33 +03:00
Aminda Suomalainen	437ec3b49c	chromium/doh-dns0.json: add trailing / as Chromium requires it (or fails every DNS request)	2024-04-20 17:50:57 +03:00
Aminda Suomalainen	422ab0de4e	libreawoo, unbound & resolved: uncomment Quad9 default, comment ECS	2024-04-20 17:50:12 +03:00
Aminda Suomalainen	bec7f8bbaa	separate local/share/applications & etc/xdg/autostart	2024-04-20 12:14:02 +03:00
Aminda Suomalainen	ffc4c53615	sudoers/nordvpnd: allow chronyc online	2024-04-20 11:56:14 +03:00
Aminda Suomalainen	c9cad77caf	move etc/xdg/autostart to more descriptive location of local/share/applications	2024-04-20 11:18:33 +03:00
Aminda Suomalainen	9bd3a05d5b	clean up old desktop entries I cannot see myself using	2024-04-20 11:13:02 +03:00
Aminda Suomalainen	cebcec5792	add syncplay.desktop	2024-04-20 11:07:03 +03:00
Aminda Suomalainen	8e296b5a25	add mpv.desktop that avoids pseudo-gui	2024-04-20 11:04:30 +03:00
Aminda Suomalainen	24c9209cbe	add/fix desktop entries for wrappers firefox, steam, thunderbird	2024-04-20 10:58:09 +03:00
Aminda Suomalainen	4c841781b3	add/fix libreawoo & firefox desktop entries	2024-04-20 10:50:09 +03:00
Aminda Suomalainen	93c60b21b2	finish chromium desktop files?	2024-04-20 10:43:17 +03:00
Aminda Suomalainen	bbcb37c334	add libreawoo.desktop	2024-04-20 10:32:55 +03:00
Aminda Suomalainen	816157fc25	add initial desktop files for the scripts wrappers	2024-04-20 10:23:15 +03:00
Aminda Suomalainen	45f1c1078f	unbound/well-known-dns.conf: add Google DNS	2024-04-20 09:10:36 +03:00
Aminda Suomalainen	134622edad	unbound/well-known-dns.conf: add missing dots	2024-04-20 09:00:44 +03:00
Aminda Suomalainen	e319c8aacf	unbound: restore and update blocklist.conf This reverts commit `fe8ac1bbb7`.	2024-04-20 08:57:26 +03:00
Aminda Suomalainen	c7633838de	unbound: fill well-known-dns.conf some more	2024-04-20 08:52:49 +03:00
Aminda Suomalainen	dda5f2c110	chromium/enable-ech-ocsp.json: remove not strictly releated policies	2024-04-20 07:47:31 +03:00
Aminda Suomalainen	4a889dd9b4	sudoers.d/nordvpnd: add restarting of iwd & systemd-networkd	2024-04-20 07:42:40 +03:00
Aminda Suomalainen	6a87111f8b	unbound/well-known-dns.conf: initial commit	2024-04-19 19:58:23 +03:00
Aminda Suomalainen	1e22108950	unbound/00-insecure-domains.conf: qname minimization is not relevant here	2024-04-19 09:17:01 +03:00
Aminda Suomalainen	1a1bf9adb9	unbound/conf.d: add vim modelines/filetypes	2024-04-19 09:14:32 +03:00
Aminda Suomalainen	b3eb6e06e7	unbound: add symlink for the Fedora name as I keep tab failing	2024-04-19 09:09:36 +03:00
Aminda Suomalainen	47e51ee38b	firefox policy: use Quad9 ECS as TRR	2024-04-19 08:48:57 +03:00
Aminda Suomalainen	39f2eb4f0f	chromium: add doh-cloudflare-secure.json, ECH notes	2024-04-19 08:24:29 +03:00
Aminda Suomalainen	b248392e8a	systemd-resolved: think more on local resolvers or not	2024-04-18 14:31:56 +03:00
Aminda Suomalainen	4c4508ba36	unbound/dot-*quad9.conf: add DNS10 & DNS12 (commented), remove extra spaces	2024-04-18 11:16:20 +03:00
Aminda Suomalainen	9aa71de638	systemd-resolved/dot-quad9.conf: add commented DNS10 & DNS12	2024-04-18 11:08:23 +03:00
Aminda Suomalainen	5097076daf	unbound: also disable qname-minimization for DNSo53 forwarders	2024-04-17 16:03:23 +03:00
Aminda Suomalainen	363be56010	unbound: move to tls-ystem-cert from tls-cert-bundle & disable qname minimization for DoT forward-zones	2024-04-17 16:01:38 +03:00
Aminda Suomalainen	bbab2f335d	resolv.tsv: sort	2024-04-17 15:42:34 +03:00
Aminda Suomalainen	9ba083f81f	resolv.tsv: add Quad9 unfiltered variants	2024-04-17 15:42:08 +03:00
Aminda Suomalainen	c18fe92ad8	etc/resolv.tsv: add Quad9 Apple Mobileconfigs	2024-04-17 15:34:43 +03:00
Aminda Suomalainen	f10b151a3b	systemd: add firewalld.service.d/never-fail.conf due to failing to timeout on sedric	2024-04-17 11:38:43 +03:00
Aminda Suomalainen	75c39ddb0d	sudoers.d/nordvpnd: include nordvpnd.socket	2024-04-16 08:39:16 +03:00
Aminda Suomalainen	419805bc91	chromium/README: add forgotten files, fix description for those moved from recommended	2024-04-16 07:15:30 +03:00
Aminda Suomalainen	a0456269a1	chromium: move brave feature disabling from recommended to managed for actual effect	2024-04-16 07:11:55 +03:00
Aminda Suomalainen	36f433f35b	chromium/managed: add enable-labs.json I have decided that I want it anyway and unlike before, now it has its own file so I can decide to leave it alone on shared devices	2024-04-15 21:08:56 +03:00
Aminda Suomalainen	8c748dd2d6	unbound/dot-dns0-quad9.conf: fix duplicate forward zone	2024-04-14 14:23:58 +03:00
Aminda Suomalainen	ac922aea86	{firefox,chromium}: add Floccus bookmarks sync so I will remember its existence	2024-04-14 14:10:39 +03:00
Aminda Suomalainen	cd2ae2c852	etc/resolv.tsv: add Google DNS & DNS64 as they too are Android hard-coded for DoH3	2024-04-14 09:18:05 +03:00
Aminda Suomalainen	cc25967b22	etc/resolv.tsv: note Cloudflare being DoH3 on Android, add Cloudflare antimalware/family DoT addresses	2024-04-14 09:10:06 +03:00
Aminda Suomalainen	44c3168a39	chromium policy: strip DnsOverHttpsMode to two different files, rename automatic to allowed for clarity & update README.md on these	2024-04-13 18:38:26 +03:00
Aminda Suomalainen	46ac8aefd8	unbound: add dot-dns0-quad9.conf	2024-04-12 17:01:32 +03:00
Aminda Suomalainen	ab74e45a9f	chromium policy/brave-shields-disabled.json: add glowing-bear	2024-04-12 14:29:49 +03:00
Aminda Suomalainen	b9d8da4df4	chromium policy. add brave-shields-disabled.json based on Privacy Badger	2024-04-12 14:26:31 +03:00
Aminda Suomalainen	bf1fdc4cff	{firefox,chromium} policy: PB exclude Disroot Mvim, Microsoft {Teams,Learn}	2024-04-12 14:24:31 +03:00
Aminda Suomalainen	b1a0125674	unbound: add local-tlds.conf	2024-04-12 14:16:10 +03:00
Aminda Suomalainen	0d4c40ba16	systemd: mark systemd-resolved.conf to be conflicting with avahi-daemon	2024-04-12 10:58:15 +03:00
Aminda Suomalainen	73865c747d	root-auto-trust-anchor-file.conf -> debian-root-auto-trust-anchor-file.conf Let's not overwrite files accidentally	2024-04-12 10:56:51 +03:00
Aminda Suomalainen	0bac3a8ab0	chromium: add doh-quad9.json	2024-04-12 10:42:51 +03:00
Aminda Suomalainen	e88c2a8067	etc: attempt to enable mDNS/LLMNR for systemd-{networkd,resolved} & NetworkManager Some boolean fixing slipped in as well	2024-04-12 09:52:32 +03:00
Aminda Suomalainen	4d4dc026fd	unbound: ipv6.conf -> prefer-ipv6.conf more descriptive name	2024-04-12 09:19:02 +03:00
Aminda Suomalainen	a7bb2f5ec8	etc/iwd/main.conf: update comments on DNS	2024-04-11 10:16:21 +03:00
Aminda Suomalainen	80ac65acd1	systemd-resolved/README.md: enable doctoc	2024-04-11 10:06:18 +03:00
Aminda Suomalainen	cce932960e	systemd-resolved/README.md: mention nordvpn.conf	2024-04-11 10:05:18 +03:00
Aminda Suomalainen	a2e36f2a3b	systemd-resolved/README.md: remove EOL Ubuntu, fix booleans, note my actual DNS config	2024-04-11 10:03:53 +03:00
Aminda Suomalainen	da6eab8dfc	systemd-resolved: use true/false as booleans (not yes/no) & remove repeated localhost	2024-04-11 10:02:49 +03:00
Aminda Suomalainen	3009af55a6	resolved.conf.d/README.md: mention 00-defaults and dot-something being supposed to be used together	2024-04-10 15:09:31 +03:00
Aminda Suomalainen	9a210c4bba	systemd-resolved: further decrease repeating, comment DNS-Over-TLS since it's in 00-defaults.conf already (+ local resolver)	2024-04-10 15:06:14 +03:00
Aminda Suomalainen	f12d0ceb8a	systemd-resolved: don't repeat cache	2024-04-10 15:02:30 +03:00
Aminda Suomalainen	241405c776	systemd-resolved: merge unbound.conf into 00-defaults.conf	2024-04-10 11:59:36 +03:00
Aminda Suomalainen	f885dcd73a	chromium/recommended: disable Tor in Brave	2024-04-10 11:21:52 +03:00
Aminda Suomalainen	4cfd7ab75f	chromium: add recommendation of disabling Brave rewards & wallet	2024-04-10 11:18:42 +03:00
Aminda Suomalainen	2282429f94	brave: use boolean for disabling vpn	2024-04-10 11:16:55 +03:00
Aminda Suomalainen	149cadfa41	firefox & chromium: add IPFS Companion	2024-04-10 11:03:19 +03:00
Aminda Suomalainen	d7879eeb6b	chromium: update README with the two new files	2024-04-10 10:53:37 +03:00
Aminda Suomalainen	450aac4c32	chromium: add disable-brave-vpn.json	2024-04-10 10:51:38 +03:00
Aminda Suomalainen	35e1faaabc	chromium: add doh-quad9-ecs.json	2024-04-10 10:51:15 +03:00
Aminda Suomalainen	4a08068634	unbound/cache: serve-expired: yes I am unsure on whether this actually affects anything without setting the other expired options too	2024-04-07 19:44:10 +03:00
Aminda Suomalainen	b03218c78b	unbound/cache.conf: add prefetch & prefetch-key	2024-04-07 17:34:36 +03:00
Aminda Suomalainen	c034e016e8	firefox policy: add search engine suggestion urls	2024-04-05 14:04:14 +03:00
Aminda Suomalainen	99c63d25fe	{firefox,chromium} policy: add OpenDyslexic	2024-04-04 14:27:43 +03:00
Aminda Suomalainen	08ae59ed99	firefox policy: configure Homepage	2024-03-31 08:46:12 +03:00
Aminda Suomalainen	a581ee2dd5	rm etc/sysctl.d/99-enable-ipv6.conf Refer to crontab, yggdrasil.service.d and nordvpn.service.d	2024-03-29 08:57:35 +02:00
Aminda Suomalainen	323dde1545	{firefox, chromium}: force install privacy pass This is in hopes of reducing family member frustation with captchas should they happen	2024-03-29 08:32:44 +02:00
Aminda Suomalainen	1d05061bb4	hack nordvpnd to work with yggdrasil	2024-03-29 07:58:44 +02:00
Aminda Suomalainen	9fb90d4b30	chromium/README: mention fix-edge-search.json	2024-03-28 18:57:29 +02:00
Aminda Suomalainen	80df53aa6a	chromium: move edge policy from recommended searches to managed/fix-edge-search.json	2024-03-28 18:53:15 +02:00
Aminda Suomalainen	c5dd75077d	chromium: throw home enabling & search engines into recommended policy instead	2024-03-27 16:51:29 +02:00
Aminda Suomalainen	860970df78	etc/init-browser-policies.bash: note recommended policies	2024-03-27 16:43:17 +02:00
Aminda Suomalainen	58df0709f4	firefox policy README.md: note that search engines also work on nightly	2024-03-24 08:17:31 +02:00
Aminda Suomalainen	e823810723	firefox: add search engine aliases	2024-03-24 08:16:20 +02:00
Aminda Suomalainen	4bab0cbb6a	firefox: default to Brave Search	2024-03-24 08:15:43 +02:00
Aminda Suomalainen	7b80c2bbc2	chromium/aminda-extensions.json: remove DuckDuckGo Privacy Essentials	2024-03-23 12:46:49 +02:00
Aminda Suomalainen	d241993c0a	chromium/aminda-extensions.json: remove blank new tab	2024-03-23 12:40:23 +02:00
Aminda Suomalainen	4a2fc137db	chromium: handle Microsoft Edge new tab page Bing search	2024-03-23 12:36:30 +02:00
Aminda Suomalainen	3d038bf826	chromium policy README.md: add missing/renamed files	2024-03-23 12:15:21 +02:00
Aminda Suomalainen	b7acf2daaa	chromium policy: add brave-search.json	2024-03-23 12:08:07 +02:00
Aminda Suomalainen	c8ece6032a	chromium/duckduckgo.json: policy for using start.duckduckgo.com for searching	2024-03-23 11:55:06 +02:00
Aminda Suomalainen	405d407c2a	firefox: add Brave Search Goggles	2024-03-21 17:21:30 +02:00
Aminda Suomalainen	3e56346be0	firefox: add Brave Search	2024-03-20 18:53:18 +02:00
Aminda Suomalainen	cc6dbceaff	{firefox,chromium} policy: add UpdateSWH	2024-03-14 20:25:06 +02:00
Aminda Suomalainen	39b0f1d19a	{firefox,chromium} policy: disable PrivacyBadger on Element Web instances	2024-03-13 11:45:19 +02:00
Aminda Suomalainen	c2c7d401dd	sudoers.d: add teamviewerd	2024-03-13 09:07:25 +02:00
Aminda Suomalainen	a6c2c28727	etc/yum.repos.d: add teamviewer.repo	2024-03-13 09:02:40 +02:00
Aminda Suomalainen	0729b8b681	chromium policy: add Chrome Remote Desktop	2024-03-13 08:46:10 +02:00
Aminda Suomalainen	be8e2d655e	aminda-extensions.json: fix allowed_url paths (paths unsupported, must not contain /*	2024-03-13 08:45:30 +02:00
Aminda Suomalainen	7d48ac8a1a	sysctl.d/99-enable-ipv6.conf: workaround NordVPN	2024-03-12 17:55:32 +02:00
Aminda Suomalainen	5c1dce8d36	{firefox,chromium} policy: explicitly configure PrivacyBadger I think all of these default to true anyway, but explicit is better than implicit is what they say	2024-03-12 10:15:15 +02:00
Aminda Suomalainen	cfe02d26be	chromiun: allow wayback machine to function on archive.org by default	2024-03-10 07:59:27 +02:00
Aminda Suomalainen	e4304fd641	chromium: block uBlock Origin from Chrome/Edge stores to avoid conflict with AdNauseam force_install	2024-03-09 15:54:13 +02:00
Aminda Suomalainen	e35c477a71	firefox policy: block uBlock & uMatrix to avoid conflict with force_install AdNauseam	2024-03-09 15:45:02 +02:00
Aminda Suomalainen	685b14c2f6	firefox policy: block wayback machine	2024-03-09 15:41:39 +02:00
Aminda Suomalainen	26ecc69156	chromium policy: add doh-mullvad-base.json	2024-03-09 10:52:54 +02:00
Aminda Suomalainen	ee36e24997	Chromium policy: add blank new tab	2024-03-09 10:52:31 +02:00
Aminda Suomalainen	3eb921f212	chromium: adjust runtime_allowed_hosts for DDG as per Edge's behaviour	2024-03-09 10:30:22 +02:00
Aminda Suomalainen	d7244eefc5	aminda-extensions.json: click to run wbm	2024-03-08 11:19:07 +02:00
Aminda Suomalainen	5149b23598	browser policies: add wayback machine	2024-03-08 08:41:41 +02:00
Aminda Suomalainen	16d6a3df09	browser policies: install Bias Finder	2024-03-08 08:29:54 +02:00
Aminda Suomalainen	0f23d25647	firefox policy: add offline-qr-code-generator	2024-03-04 12:29:45 +02:00
Aminda Suomalainen	f2e8b86665	browser policies: remove AdNauseam advancedSettings	2024-03-02 16:26:47 +02:00
Aminda Suomalainen	6029869230	browsers: force_install Privacy Badger again While this isn't the recommended configuration, Privacy Badger has the widget replacements, automatic learning (enabled by default as per this policy), canvas protection etc. AdNauseam again can replace NoScript (that I previously removed from the policies for too aggressive for basic users) and fails to click ads for me anyway, so I think this is the best option for me.	2024-02-29 11:22:29 +02:00
Aminda Suomalainen	d242b05e76	browser policies: ship AdNauseam in filterAuthorMode	2024-02-29 08:56:59 +02:00
Aminda Suomalainen	e343e80858	Weaken protection for Ad Nauseam since I am already so unique/fingerprintable	2024-02-28 20:55:46 +02:00
Aminda Suomalainen	2d7539b0ed	browser policies: install AdNauseam	2024-02-28 20:04:08 +02:00
Aminda Suomalainen	2e4744bc90	Don't install NoScript on browsers automatically due to being a bit extreme on unsuspecting family members after self-reflection.	2024-02-27 09:44:28 +02:00
Aminda Suomalainen	5c3e5e29b3	browser policies: add Terms of Service;Didn't Read	2024-02-26 12:20:47 +02:00
Aminda Suomalainen	8b0e28f417	firefox policies: also keep sidebery installed	2024-02-24 11:08:48 +02:00
Aminda Suomalainen	2620f975fc	add etc/dnf/protected.d/ I am plotting switching to systemd-bootd in hopes of getting my kernel version unfrozen	2024-02-23 11:37:48 +02:00
Aminda Suomalainen	3498e0d830	firefox. fix peertube-companion ID	2024-02-23 08:59:50 +02:00
Aminda Suomalainen	4ff3705df0	firefox: force install peertube companion as a stronger stance against youtube centralization	2024-02-22 19:55:17 +02:00
Aminda Suomalainen	6afb099d1c	chromium: don't enable the labs button It has nothing that interesting and is just distraction.	2024-02-21 09:52:00 +02:00

1 2 3 4 5 ...

1127 Commits