b0ec7cffde
chromium/README: EnableOnlineRevocationChecks does also enable CRL
2024-04-26 11:27:11 +03:00
16d2f74135
systemd/aminda-nocron.service: explicitly start DNS too
2024-04-26 11:08:15 +03:00
def77bc4c3
systemd: add aminmda-nocron.{service,timer} for my @reboot crontabs for cronless systems (SteamOS)
2024-04-26 10:43:08 +03:00
901dbfe138
etc/hosts: attempt to increase legibility by adding leading and trailing #
2024-04-25 19:45:11 +03:00
21b59adfd2
etc/hosts/hostname: copy Debian behaviour as a good practice
2024-04-25 19:40:56 +03:00
7c3da50491
{bash,zshrc}: prepare for alias
2024-04-25 17:39:20 +03:00
daae569442
chmod: fix SC quoting, add verbosity for less dangerous things
2024-04-25 17:37:26 +03:00
fb65f717fc
etc: cleanup symlinks/files handled by init-browser-policies.bash
...
They brought no value to me, just confused me in git forges by clicktrapping me and not following the symlinks
2024-04-25 17:31:09 +03:00
6375d55b8f
systemd-resolved/mullvad: default to base for consistency with unbound
2024-04-25 17:27:55 +03:00
17e0b68d20
unbound: add dot-mullvad.conf defalting on base
...
I found myself missing this on an old family PC that has limited resources and as I didn't have this file at hand, I just went with AdGuard which will work too.
2024-04-25 17:24:41 +03:00
a17ff2903a
unbound/nordvpn-domains.conf: add comments/sources, fix duplicate zone, add missing domains
2024-04-25 15:07:37 +03:00
bbeb1d3e02
unbound/nordvpn: rename, send only their domains to them
2024-04-25 14:34:47 +03:00
046b9c5f1a
systemd: use more descriptive drop-in name unbound-wanted.conf instead of unbound.conf
2024-04-25 14:10:26 +03:00
82214710c1
update submodule jauderho-nts-servers
2024-04-25 14:03:03 +03:00
1ea9fff29a
chromium: declare more things as .badidea
2024-04-25 14:01:54 +03:00
f87c4899b6
chromium: add dns-over-https.json.badidea and declare it as a bad idea
2024-04-25 13:57:01 +03:00
861b35c25f
systemd-resolved: add the other applied-privacy.net port too
2024-04-25 13:47:18 +03:00
342e3116a6
systemd-resolved: another attempt at local resolvers
2024-04-25 13:45:37 +03:00
d17ad34650
unbound/dns-over-tls.conf: note Applied Privacy does no ECS, add 853, add Quad9 unfiltered (ECS commented)
2024-04-25 13:26:01 +03:00
52b0807fcb
systemd/yggdrasil.service.d: rename nordvpnd to restore-ipv6.conf
2024-04-25 12:52:30 +03:00
520470e3dd
systemd: add firewalld-icmpv6.conf as drop-in
2024-04-25 12:51:03 +03:00
5869247cc3
cron: add firewalld icmpv6 allowing
2024-04-25 12:46:17 +03:00
45cf5ecf61
opt/chromium/policies/managed: update documentation about working preferred over ECH enforced
2024-04-25 11:00:40 +03:00
32883d5c73
chromium: allow DoH downgrade to at least work. Breaks ECH :(
2024-04-25 08:15:28 +03:00
7c80e2c329
NetworkManager: paws-off-my-resolv.conf
2024-04-24 18:21:33 +03:00
38152ab152
etc/sudoers.d: add vim modelines just in case
...
I think it autodetected them correctly though
2024-04-24 18:16:42 +03:00
505c6ec74a
etc/hosts: add hosts.steamos
2024-04-24 18:15:50 +03:00
7113fda702
sudoers.d/nordvpnd: add restarting unbound & systemd-resolved
2024-04-24 18:00:00 +03:00
32c5da4422
etc/resolv.conf-generate.bash: also be verbose with chattr & chmod
2024-04-24 12:09:15 +03:00
9b01bc5260
etc/hosts/README.md: add forgotten blocklist and formatting
2024-04-24 11:55:35 +03:00
c00f750d96
etc/resolv.conf-generate.bash: simple resolv.conf writer the way I want
2024-04-24 11:06:35 +03:00
fa9da0901d
etc/hosts/blocklist: initial commit
2024-04-24 09:21:42 +03:00
b36ba70a70
systemd/service.d: add resolv.conf example with warnings
2024-04-24 07:31:10 +03:00
ba55b2c9e9
{bash,zsh}rc: specify LOCALDOMAIN & RES_OPTIONS
2024-04-23 19:26:33 +03:00
c48bd12974
sway/autostart-utilities.conf: start KDE6 policykit
2024-04-23 19:21:08 +03:00
bdcd7249c3
etc/resolv.conf: fix comment
2024-04-23 16:47:03 +03:00
95e17d0a49
resolv.conf: remove rotate comments, attempt to explain the logic behind timeout & attempts
2024-04-23 16:23:36 +03:00
425af3eabf
etc/resolv.conf: specify timeout 1 and attempts 5
2024-04-23 16:03:49 +03:00
70ed890742
dnf/protected.d: add README.md, aminda-{desktop,essentials}.conf
2024-04-23 07:51:29 +03:00
4dac26e46e
dnf: also protect unbound
2024-04-23 07:41:49 +03:00
b0f7876436
etc/dnf/protected.d: add systemd-{networkd,resolved}.conf
2024-04-23 07:29:18 +03:00
f41e80d66a
hosts/dns: comment where it begins and where it ends
2024-04-22 17:11:03 +03:00
97c2e74220
etc/hosts: attempt to perform the bad idea of well-known DNS servers here instead
2024-04-22 16:24:51 +03:00
4560e776df
systemd-{resolved,networkd}: just break things
2024-04-22 15:43:50 +03:00
886b8dbfbd
unbound.conf.d: well-known-dns.conf -> well-known-dns.conf.badidea
...
This will break DNSSEC and a lot of things.
2024-04-22 15:39:47 +03:00
4acd22dc37
systemd-networkd: add untested none (Yggdrasil) & wireguard configuration
2024-04-22 15:17:14 +03:00
6ea0a570dd
systemd-networkd: match systemd-resolved configuration
2024-04-22 15:12:07 +03:00
dea732d15b
systemd-resolved: attempt to simplify configuration
2024-04-22 15:08:03 +03:00
f976c9a530
etc/resolv.conf: comment rotate, remove bad search domain comment
2024-04-22 14:51:58 +03:00
895359ff67
etc/resolv.conf: add warning about mixing systemd-resolved & unbound
2024-04-22 14:50:37 +03:00