Commit Graph

197 Commits

Author SHA1 Message Date
e80dbd29fe etc/nginx/host: enable http2 2016-01-13 12:05:35 +02:00
d903ba5985 sshd_config: no instead of No
Permitrootlogin had it for some reason and Jolla's sshd didn't like it.
2016-01-06 10:17:33 +02:00
f1817f4014 sources.list: I don't maintain devel 2015-12-28 14:50:21 +02:00
c0503fab51 sources.list/ubuntu: fix apt-key command 2015-12-28 14:48:31 +02:00
fb9961be7b unbound.d/logging.conf: I need verbosity 2
1 doesn't seem to tell me when things start randomly failing.
2015-12-18 11:37:47 +02:00
8804f7e9f6 etc/unbound/unbound.conf.d: logging.conf
Logging to systemd-journald (journalct) with verbosity 1.
2015-12-18 09:52:18 +02:00
a187ae584d profile: numlockx on 2015-12-15 20:06:23 +02:00
2dce923a56 etc/apt/sources.list: commented Ubuntu MATE 2015-12-15 18:11:50 +02:00
8342c97bc2 git rm 15.04 2015-12-15 18:07:34 +02:00
9431381b93 sources.list: add Ubuntu 16.04 2015-11-06 09:14:27 +02:00
f58977d151 unbound forwards.conf: add commented trex dns64 2015-10-26 08:58:36 +02:00
50d27ca7b6 etc/xdg/autostart: add clipit 2015-10-25 14:30:42 +02:00
4257dcfb37 etc/xdg/autostart/redshift: add comment on Kotka 2015-10-25 14:27:06 +02:00
2154ee9b01 etx/xdg/autostart: cleaning 2015-10-25 14:26:24 +02:00
a5ca47e88d nginx: X-Xss-Protectio & -Content-Type-Options
via https://securityheaders.io/ via znc/znc#1168
2015-10-25 09:18:34 +02:00
47eac3b6eb sources.list README: add wget method 2015-10-17 14:31:48 +03:00
650829aea9 nginx: add Upgrade Insecure Requests
http://caniuse.com/#feat=upgradeinsecurerequests
2015-09-23 17:50:11 +03:00
02f4f2f0d4 profile.d/mikaela.sh: set TZ to $(date +%Z)
Also remove the commented Steam thing as it's Antergos-only issue.
2015-09-13 10:46:38 +03:00
c42ae8eb43 ssh: also send EDITOR 2015-09-12 11:45:42 +03:00
fdf8255372 ssh: send/accept also TZ TERM 2015-09-12 11:42:44 +03:00
0f00443a7b sshd_config: mention the LC_ALL anyway
my config files are horrible, too many comments.
2015-09-06 18:42:36 +03:00
96ca38818f sshd_config: don't talk so much about locales 2015-09-06 18:40:02 +03:00
801e3e0941 sshd_config: AcceptEnv LANG, LANGUAGE LC_*
but not LC_ALL and there is no asterisk, the varibles are allowed
separately. It's very unlikely that someone invents a new locale type.
2015-09-06 18:36:48 +03:00
a3d5fbd9d7 sshd_config: http://serverfault.com/a/660325 2015-09-06 18:27:50 +03:00
a0352630fd sshd_config: verbose logging of sftp 2015-09-06 17:37:34 +03:00
8d55bc53db sshd_config: use internal sftp & fixes
thanks again @grawity
2015-09-06 17:20:12 +03:00
c82b706942 fix 7470403158
thanks @DarthGandalf and @grawity on #znc
2015-09-06 17:13:21 +03:00
7470403158 sshd_config: add Fedora & Gentoo sftp-server
thanks Conjuro and @DarthGandalf on #znc
2015-09-06 17:09:55 +03:00
774346c8d0 fix sshd_config 2015-09-06 08:42:29 +03:00
68c6da5aec ssh_config: fix comments 2015-09-06 08:15:17 +03:00
dc9f8b0ab5 sort sshd_config 2015-09-06 08:12:41 +03:00
c3f351d21f sshd_config: add commented AcceptEnv
and reason why it's commented, security, ShellShock worked with remotely
sent environent variables even with restricted accounts.
2015-09-06 07:33:32 +03:00
90c86466dd ssh_config: also sendenv LANGUAGE 2015-09-06 07:30:41 +03:00
6fc4b6a29b ssh_config: add missing dot 2015-09-05 23:50:31 +03:00
28c2f0b8d8 ssh_config: SendEnv LANG LC_* 2015-09-05 23:46:00 +03:00
c50516ced3 etc/xdg/autostart: add redshift-gtk 2015-09-05 22:57:45 +03:00
c2b93abe27 relevant systemd services: after network-online 2015-09-05 09:07:41 +03:00
bd3ee60e61 ssh_config: fix paste fail 2015-09-02 08:33:02 +03:00
66f604a6dd ssh_config: add UpdateHostKeys yes 2015-09-02 08:15:16 +03:00
c05b52354f sshd_config: restore Client*
I am sure I committed them already, but they have disappeared somewhere.
Maybe I accidentally overwrote them.
2015-09-01 17:37:33 +03:00
888686ef48 etc/ssh/copy: add verbosity 2015-09-01 17:32:56 +03:00
c2c0c4fa08 etc/ssh: add copy script 2015-09-01 17:31:42 +03:00
25bf96e30a ssh_config: my ssh key is not system-wide 2015-09-01 17:16:37 +03:00
96dfc06668 ssh_config: remove unrelated comments 2015-09-01 17:06:33 +03:00
defa0b9df1 etc/ssh: add ssh_config 2015-09-01 16:48:27 +03:00
4cdf8dfe71 sshd_config: add ClientAliveCountMax ClientAliveInterval 2015-09-01 16:40:56 +03:00
73e9e99d9c sshd_config: cleaning up 2015-08-30 16:54:21 +03:00
c922d0aa37 etc/ssh/sshd_config: fix banner 2015-08-28 19:25:26 +03:00
7e4bbfba5a sshd_config: also remove ecdsa keys 2015-08-28 14:29:34 +03:00
04df2e532b update sshd_config from Arch
OpenSSH 7.1p1-1

Note the sftp subsystem which differs between at least Debian and Arch.
2015-08-28 14:00:25 +03:00
f69a361ed1 sshd_config: deprecate dsa 2015-08-28 13:54:36 +03:00
ae6651cd47 systemd: add reflector.service 2015-08-25 14:13:44 +03:00
7ff510b42b add etc/install
Closes #74
2015-08-22 15:10:01 +03:00
bec7aced22 etc/systemd/system: README updates 2015-08-21 19:27:40 +03:00
76633ba61d add etc/unbound/dnscrypt-proxy.conf 2015-08-21 19:16:12 +03:00
18931c320a add dnscrypt proxy services
Thanks @Fusl

Fixes #63
2015-08-21 19:09:39 +03:00
dc5531dfcd cleaning etc/systemd/system 2015-08-21 19:06:11 +03:00
c4dcb39b8c nginx: remove the neverused vhost 2015-08-20 20:47:18 +03:00
3a32185433 etc/nginx/sites-availble: add X-Frame-Options 2015-08-20 20:36:32 +03:00
a06465d161 unbound: move forwards.conf under unbound.conf.d 2015-08-20 18:39:40 +03:00
2ab0601c8d systemd: remove dnscrypt-proxy & add miredo 2015-08-20 18:29:00 +03:00
3065c552da resolv.conf: add ::1 anyway 2015-08-20 15:24:57 +03:00
c8dcba24a3 major cleaning 2015-08-20 15:22:22 +03:00
baff3f7dd1 clean resolv.conf 2015-08-20 15:09:13 +03:00
e3b067cf5d etc/resolv.conf: swap Google DNS
I prefer them to be in order primary and seconary if I use both and as
IPv6 is above it should be the primary making IPv4 below secondary.
2015-08-16 12:07:59 +03:00
a55ab90ca3 resolv.conf: replace OpenDNS with Google
If both Google servers go down, there are still the others which unbound
that I run on all devices is using.
2015-08-16 12:05:50 +03:00
f6b562f517 comment on etc/resolv.conf 2015-08-16 11:30:06 +03:00
518a5c2a17 sources.list: add (Ubuntu) devel 2015-08-06 12:01:21 +03:00
93d775c3a5 fix etc/profile.d/mikaela.sh 2015-07-29 10:16:30 +03:00
632f2f2b6b sources.list: clean Ubuntu ones 2015-07-29 10:04:54 +03:00
741c6a8571 sources.list/ubuntu: add commented proposed
Closes #79
2015-07-28 19:23:48 +03:00
aeeed423df sources.list/ubuntu: coment ddebs 2015-07-28 19:09:26 +03:00
95dc6cfa17 sources.list: ubuntu: add ddebs.ubuntu.com
https://wiki.ubuntu.com/DebuggingProgramCrash
2015-07-28 19:06:38 +03:00
fa44f85e48 sources.list: chmod +x install* 2015-07-28 18:59:03 +03:00
6b527a87cb sources.list: 14.10 is EOL 2015-07-24 09:06:19 +03:00
2ba606cce6 nginx: HSTS: subdomains & preload 2015-07-22 12:55:51 +03:00
ff94369b6d sources.list/README: add missing rm 2015-07-12 11:52:28 +03:00
93e5eab3f5 sources.list: fix install scripts 2015-07-12 11:39:41 +03:00
b4f3ac370e sources.list/install: add missing shebang 2015-07-12 11:36:38 +03:00
87ffc8515e sources.list: improve README 2015-07-12 11:35:53 +03:00
8783d0d5b7 sources.list: add install scripts
Closes #78
2015-07-12 11:26:47 +03:00
2fd3c3986b sources.list: add README & touch scripts
ref: #78
2015-07-12 11:21:38 +03:00
60402c6999 sources.list: add forgotten stretch 2015-07-12 11:06:03 +03:00
abc4060a3a sources.list: add sid so both scripts work 2015-07-12 11:03:51 +03:00
6400fd909e sources.list: rename debian* to codenames
So they are compatible with the function which uses `lsb_release -sr`.
2015-07-12 10:51:19 +03:00
f98e2a4375 somewhat rewrite etc/oidentd.conf 2015-07-09 10:48:28 +03:00
cf13b0faaf sources.list/squeeze: add squeeze-lts 2015-07-07 17:10:43 +03:00
b16ae44601 Revert "services: remove unneeded pidfiles"
This reverts commit 98093edc99.

* * * * *

They aren't needed if systemd starts the service, but what if user
services are used together with cron and liching isn't allowed?
2015-07-07 10:10:10 +03:00
b6969cd7fe rm debianu as git didn't like it 2015-07-06 15:22:23 +03:00
0a8c630265 http.debian.net --> httpredir.debian.org
I was told that it moved and moving to debian.org means that it's now
officially supported :)
2015-07-06 15:18:25 +03:00
fe1890ea34 debianu --> sid & ln -s sid debianu
sid makes more sense and as it has static codename, why to not use it?
2015-07-06 15:08:42 +03:00
805f669954 sources.list: add supported Debians
also remove the top line and add debianu for unstable.
2015-07-06 15:05:31 +03:00
6cb22a6de2 sysctl/60-mikaela.conf: mention systemd-networkd 2015-06-24 16:09:05 +03:00
a5de194c6f fix sysctl.d/60-mikaela.conf
EUI-64, not SLAAC & privacy extensions for all
2015-06-24 15:12:11 +03:00
1f1d071e5e systemd/network: rename enp… eth0 & timesyncd 2015-06-07 19:12:15 +03:00
47b05e1bd9 fix aliendalvik-stopper.service 2015-05-27 12:09:31 +03:00
4391fb5c19 systemd: aliendalvik-stopper 2015-05-27 12:00:35 +03:00
bf03a22823 systemd/system: update README
https://wiki.freedesktop.org/www/Software/systemd/NetworkTarget/#cutthecraphowdoimakenetwork.targetworkforme
2015-05-23 11:29:18 +03:00
3370327db0 ydns-simple service & timer 2015-05-22 20:15:23 +03:00
9ac3c776d7 sysctl.d: net.ipv6.conf.default.use_tempaddr 2015-05-14 19:04:35 +03:00