shell-things

mirror of https://gitea.blesmrt.net/mikaela/shell-things.git synced 2024-10-03 18:08:48 +02:00

Author	SHA1	Message	Date
Aminda Suomalainen	037b57fe00	etc/dnf/dnf.conf: add commented timeout (30 -> 5 seconds) S3 seems down and I am not patient enough to wait for 30 seconds X times	2022-09-17 21:42:15 +03:00
Aminda Suomalainen	d2bbe52a21	etc/yum.repos.d: replace unstable protonvpn with stable	2022-09-17 20:20:55 +03:00
Aminda Suomalainen	b4c663db73	torrc-client: update hybridirc-onion	2022-09-02 13:25:23 +03:00
Aminda Suomalainen	d2aeabb1c9	etc/pki/ca-trust/source/anchors/README.md: add a note on installing CA certificates	2022-08-15 18:42:46 +03:00
Aminda Suomalainen	71cc6e18ef	etc/yum.repos.d: add brave-browser.repo I am not impressed by the upstream documentation.	2022-07-05 17:54:39 +03:00
Aminda Suomalainen	e9fcfbb1c3	sysctl.d/99-ssd-swappiness.conf: add reminder on earlyoom	2022-06-24 23:15:59 +03:00
Aminda Suomalainen	3c23a31d18	etc/sysctl.d: add 99-ssd-swappiness.conf (and .gitignore) The default 99-sysctl.conf doesn't have to be here, it's a symlink to top directory anyway.	2022-06-13 17:20:53 +03:00
Aminda Suomalainen	3e3added6c	etc/tlp.d: add lumina.conf	2022-06-04 14:17:22 +03:00
Aminda Suomalainen	1c86e28c67	etc/yum.repos.d/README.md: note `sudo fedora-third-party enable`	2022-04-21 09:13:44 +03:00
Aminda Suomalainen	e74d1b6eea	etc/tor: add torrc.d, README, http.conf	2022-04-12 15:10:45 +03:00
Aminda Suomalainen	bb7f283891	Revert "systemd/matterbridge.service: import parts of upstream" This reverts commit `35aea33043`. Ref: https://github.com/42wim/matterbridge/issues/1794	2022-04-04 09:50:46 +03:00
Aminda Suomalainen	35aea33043	systemd/matterbridge.service: import parts of upstream https://github.com/42wim/matterbridge/wiki/Service-files#systemd	2022-04-04 08:35:23 +03:00
Aminda Suomalainen	12db5c8841	torrc-client: uncomment 8118	2022-03-31 08:26:55 +03:00
Aminda Suomalainen	82ef806e9f	systemd-resolved README: add quickstart, remove extra h-levels	2022-03-28 20:43:03 +03:00
Aminda Suomalainen	17da76e484	systemd/resolved/README.md: add the ArchWiki DNSSEC issue links	2022-03-28 20:37:37 +03:00
Aminda Suomalainen	f55c00dae6	systemd/resolved/README.md: add missing word, improve formatting	2022-03-28 20:36:11 +03:00
Aminda Suomalainen	8c532e3ef8	etc…resolved…: add/clarify links in/to comments Courtesy of https://wiki.archlinux.org/title/Systemd-resolved#DNSSEC	2022-03-28 20:34:37 +03:00
Aminda Suomalainen	d47c374706	etc/ststemd/resolved…: aggressive cleanup/rewriting	2022-03-28 20:28:17 +03:00
Aminda Suomalainen	64bba542b1	systemd/matterbridge.service: remove -debug, mention /groupId	2022-03-18 10:44:25 +02:00
Aminda Suomalainen	76814f830f	etc/{i2pd,systemd}: modernise to less bad ideas The issue has been fixed last year and considering I2Pd can connect through Yggdrasil natively, tunneling Yggdrasil in is a bad idea and could lead into Yggdrasil over Yggdrasil loop situation.	2022-03-08 18:18:40 +02:00
Aminda Suomalainen	3513928492	etc/tor/torrc-client: add PirateIRC	2022-03-02 14:44:13 +02:00
Aminda Suomalainen	5613e1bd9a	etc/tor/…-client: add hybridirc onion	2022-02-26 21:07:39 +02:00
Aminda Suomalainen	d2e21e9b4e	etc/resolv.csv: add OpenDNS DoT with a question mark Ref: #127	2022-02-23 09:58:06 +02:00
Aminda Suomalainen	859bc2a28c	etc/sudoers.d: add restart-matterbridge Allows restarting matterbridge passwordlessly	2022-02-14 12:14:22 +02:00
Aminda Suomalainen	0778849f34	etc/sudoers.d: rm protonvpn TODO: figure out does the hibernate file have reason for existing, I have faint idea of the package being removed	2022-02-14 12:07:47 +02:00
Aminda Suomalainen	018f80e6fe	etc/pkcs11/modules: correct libcryptoki & README	2022-02-10 17:40:40 +02:00
Aminda Suomalainen	33950a762e	etc/pkcs11/modules: add README.md,libcryptoki.module	2022-02-10 16:33:49 +02:00
Aminda Suomalainen	82d2146706	etc/tor/client: remove PirateIRC and freenode PirateIRC with Ergo is yet to get onion setup and I imagine freenode destroyed their onion a long time ago. I haven't been using it though.	2022-01-17 17:31:33 +02:00
Aminda Suomalainen	df3e710c60	etc/tor/torrc-client: add MapAddress for OFTC	2022-01-17 17:30:39 +02:00
Aminda Suomalainen	f0029674e7	etc/apt/sources.list: also update debug.mirrors.debian.org onion Resolves: #124	2022-01-16 19:17:48 +02:00
Aminda Suomalainen	4c6cc2391f	etc/apt/sources.list: attempt to update to onionV3 Resolves: #124	2022-01-16 19:06:41 +02:00
Aminda Suomalainen	f58d0d7d01	ssh/user-permit-password: add example for multiple users	2022-01-16 15:15:09 +02:00
Mikaela Suomalainen	1356fccd20	systemd: add flatpak-update.{service,timer} Resolves: #121	2021-12-18 13:45:53 +02:00
Mikaela Suomalainen	1b4ac2b6d7	etc/systemd/system.conf.d: add log4shell.conf	2021-12-13 13:09:35 +02:00
Mikaela Suomalainen	5704353d55	systemd: copy matterbridge restarter into gitea one It used to stop working randomly without a good reason, but that is likely fixed upstream a long time ago and while I removed it from cron, these units exist so should the issue recur, I can throw these back in. The cron wasn't randomized though, but I don't think there is harm in this being a bit random.	2021-12-06 23:48:40 +02:00
Mikaela Suomalainen	8e69874534	matterbridge-restart.timer: fix language	2021-12-06 23:48:30 +02:00
Mikaela Suomalainen	8209a74c6b	etc: small xdg/autostarts updates: * pulseeffects -> easyeffects * wire -> deprecated/ * telegramdesktop.desktop: add workaround (and supposedly it didn't exist here, #42) Resolves: #42	2021-12-02 19:52:34 +02:00
Mikaela Suomalainen	bd91ef704d	systemd: matterbridge.timer -> matterbridge-restart.{service,timer} Resolves: #98	2021-11-22 09:56:56 +02:00
Mikaela Suomalainen	9ba056cfd3	matterbridge-cleanup.service: fix typo, ignore exit state	2021-11-21 17:15:12 +02:00
Mikaela Suomalainen	62573195d9	systemd: add matterbridge-cleanup.{service,timer} Resolves: #98	2021-11-21 17:11:44 +02:00
Mikaela Suomalainen	13278214d1	matterbridge.timer: OnBootSec=0 just in case Ref: #98	2021-11-21 16:59:05 +02:00
Mikaela Suomalainen	29f7cf6b98	systemd: first attempt at matterbridge restarter timer Ref: #98	2021-11-21 16:52:14 +02:00
Mikaela Suomalainen	4f50f4a367	systemd-resolved: don't DNSSEC with adblocking	2021-11-21 11:37:03 +02:00
Mikaela Suomalainen	12fe7a59a8	etc/systemd/resolved: add configuration for Mullvad DoT	2021-11-21 11:16:11 +02:00
Mikaela Suomalainen	d49b78680b	etc/resolv.csv: add CZ.NIC ODVR Ref: #110 Ref: #112	2021-11-07 18:59:16 +02:00
Mikaela Suomalainen	1e40420115	unbound: rm outdated yggdrasil-override Ref: #89	2021-10-05 12:38:16 +03:00
Mikaela Suomalainen	bfa51f500b	unbound/dns-over-tls.conf: stop advertising Debian 9	2021-10-05 12:34:10 +03:00
Mikaela Suomalainen	ee293669d9	unbound: add dot-flushable-cache.conf Resolves: #105	2021-10-05 12:33:40 +03:00
Mikaela Suomalainen	862808fe07	etc/yum.repos.d: partially rewrite README.md Main problem was "dnf still reads this repository apparently" where the word "repository" was wrong, and I couldn't fix it without changing everything :)	2021-10-05 12:18:42 +03:00
Mikaela Suomalainen	4b57b299cc	etc/yum.repos.d/*.repo: rename descriptively The fedora-dino.repo was unfriendly towards Windows (#106) and I noticed that the other renamed files contained Fedora, so I think they should be named appropiately. microsoft-edge-dev.repo mentioned generally yumrepos, so it seems to not be Fedora specific.	2021-10-05 12:13:11 +03:00
Mikaela Suomalainen	e49187f9dc	chrony/README: fix Windows doc	2021-10-05 10:59:53 +03:00
Mikaela Suomalainen	12127744b5	systemd: also keep trying Chrony	2021-10-03 09:58:59 +03:00
Mikaela Suomalainen	84e714b55e	systemd: keep retrying yggdrasil, don't sleep	2021-10-03 09:58:03 +03:00
Mikaela Suomalainen	38ef6e7314	chrony/sources/nts: add nts.netnod.se They appear to be the only bigger party hosting NTS in addition to Cloudflare and being in neighbouring country isn't too bad Via https://gist.github.com/jauderho/2ad0d441760fc5ed69d8d4e2d6b35f8d which encouraged me to look into them a bit more. Additionally having read chrony or chrony.conf manual on default behaviour implying NTS servers are "require trust" and when mixing them with NTP servers, NTP servers never get selected unless they agree with NTS servers.	2021-09-26 21:28:06 +03:00
Mikaela Suomalainen	61ad1e935b	00-ptrace-restricted.conf: set to 3 I cannot remember when I last needed it and this makes Edgium about:sandbox happy	2021-09-06 18:45:38 +03:00
Mikaela Suomalainen	575b68fe3a	etc/apt/sources.list/stable: update security name https://www.debian.org/releases/bullseye/amd64/release-notes/ch-information.en.html#security-archive	2021-08-15 00:42:58 +03:00
Mikaela Suomalainen	c8189a3aa6	chrony/yggdrasil.sources: update jolly-roger address	2021-08-08 00:07:01 +03:00
Mikaela Suomalainen	a7ea71ae38	chrony/conf.d: add cmd.conf Ref: #95 which this attempts to workaround and fails	2021-08-07 23:56:38 +03:00
Mikaela Suomalainen	a43478e430	chrony: add broken NTS configuration Ref: #94	2021-08-07 23:52:15 +03:00
Mikaela Suomalainen	a9f34a8d1c	sysctl/questionable: 99-nonlocalbind.conf Resolves: #55	2021-06-27 17:43:34 +03:00
Mikaela Suomalainen	8f09ff7d45	chrony/confdir: add fedora-sourcedir.conf Fedora doesn't specify non-DHCP sourcedir by default so I specify one here	2021-06-26 23:24:51 +03:00
Mikaela Suomalainen	0c5413171f	sysctl.d: add 00-max-ipv6-route.conf	2021-06-20 00:42:24 +03:00
Mikaela Suomalainen	1c0073920a	pipewire/README: more on pro-audio, alsamixer and not deafening	2021-06-19 23:45:19 +03:00
Mikaela Suomalainen	c73d7a3a0c	sysctl.d: 00-magicsysrq.conf -> 60-magicsysrq.conf Otherwise Fedora seems to overwrite it with priority 50 file	2021-06-19 15:49:27 +03:00
Mikaela Suomalainen	3b99675a34	etc/sysctl.d: go through, mkdir questionable/ Resolves: #93	2021-06-19 15:41:49 +03:00
Mikaela Suomalainen	9c7d0c6210	etc/ssh/config.d: add example.conf So I can stop having to dig this from manual every time I want to configure a new host, and a couple of options I haven't used previously, but could as they seem nice	2021-06-18 13:48:41 +03:00
Mikaela Suomalainen	a5836327c4	etc: pipewire & bluetooth: enable codes, battery reporting https://web.archive.org/web/20210614103423/https://www.redpill-linpro.com/techblog/2021/05/31/better-bluetooth-headset-audio-with-msbc.html	2021-06-14 13:36:34 +03:00
Mikaela Suomalainen	437a417697	etc/pipewire/…: say that using Pro-audio is enough fix	2021-06-14 12:13:57 +03:00
Mikaela Suomalainen	93823eabd6	sysctl.d: add 23-starts-unprivileged-ports.conf Self-explanatory within comments. Link list notes to selves contributing into this version: * https://kernelnewbies.org/Linux_4.11 * https://stackoverflow.com/a/51439516 * https://stackoverflow.com/questions/413807/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux#comment90027734_51439516 * https://developer.apple.com/forums/thread/674179 * https://news.ycombinator.com/item?id=18302380 * https://security.stackexchange.com/q/242859 * https://stackoverflow.com/questions/413807/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux#comment90027734_51439516	2021-06-12 21:52:39 +03:00
Mikaela Suomalainen	75731868e7	unbound/dns-over-tls.conf: allow non-Finnish anycast & note being used on servers	2021-06-11 19:39:57 +03:00
Mikaela Suomalainen	126918d98d	systemd/limnoria.service: add TZ env & RestartSec	2021-06-02 17:50:30 +03:00
Mikaela Suomalainen	30a308d29f	torrc-client: add MapAddress for palladium.libera.chat https://libera.chat/guides/connect#verifying-tor-tls-connections	2021-05-27 17:50:03 +03:00
Mikaela Suomalainen	6576e83901	etc/tor/torrc-client: add irc.ergo.chat	2021-05-27 02:52:30 +03:00
Mikaela Suomalainen	6f7016a596	torrc-client: add irc.liberta.casa	2021-05-22 13:16:26 +03:00
Mikaela Suomalainen	c1768cae67	systemd: "rewrite" supybot -> limnoria, move znc, rmdir irc/	2021-05-16 18:00:31 +03:00
Mikaela Suomalainen	306270c441	etc/systemd: rm cjdns & miredo, I am unlikely to use them again	2021-05-16 11:15:34 +03:00
Mikaela Suomalainen	49facd9d39	etc/dnf.conf: comment tor example	2021-05-05 20:43:52 +03:00
Mikaela Suomalainen	aa18d746db	etc/pipewire/README.md: cut a long line into two	2021-05-05 11:02:53 +03:00
Mikaela Suomalainen	4b445c2aaf	etc/pipewire: remove the ...example.donotuse I am quite sure that the config file has changed so much that the file wouldn't work anyway and I don't think I really need it with the important part being in the README.md	2021-05-05 11:01:50 +03:00
Mikaela Suomalainen	c6a75f0962	ssh/anoncvs.conf: fix typo	2021-05-04 16:18:31 +03:00
Mikaela Suomalainen	447e8192c2	etc/default/grub.d: add remember-previous.cfg	2021-04-30 20:05:22 +03:00
Mikaela Suomalainen	ad6ac7d45e	dnf.conf: double max_parallel_downloads	2021-04-28 12:32:58 +03:00
Mikaela Suomalainen	1ad289aa49	unbound/dot-mullvad-adblock.conf: add missing port number	2021-04-27 21:40:16 +03:00
Mikaela Suomalainen	41879fe5e8	unbound.conf.d: rm dns-mullvad, add dot-mullvad[-adblock]	2021-04-27 21:35:58 +03:00
Mikaela Suomalainen	61d19724fa	resolv.csv: add Mullvad	2021-04-27 21:30:46 +03:00
Mikaela Suomalainen	e4c9d168ba	yum.repos.d: add tor.repo	2021-03-28 09:41:15 +03:00
Mikaela Suomalainen	6f8c7de6af	unbound.conf.d: add 00-insecure-domains.conf (WiFi repeater config)	2021-03-14 21:00:32 +02:00
Mikaela Suomalainen	3b4847f447	yum.repos.d/protonvpn-unstable: remove unneeded expansions Fixes pkcon complaining	2021-03-13 18:29:30 +02:00
Mikaela Suomalainen	134999487f	yum.repos.d: add microsoft-edge-dev.repo	2021-03-07 16:46:47 +02:00
Mikaela Suomalainen	93b9bc5ba6	yum.repos.d: move Dino from README to .repo	2021-03-07 16:37:15 +02:00
Mikaela Suomalainen	267f68ae80	yum.repos.d: add microsoft-prod.repo	2021-03-07 16:36:04 +02:00
Mikaela Suomalainen	e5c259eda6	README.md: write about soft-mixer	2021-03-02 12:21:58 +02:00
Mikaela Suomalainen	85d97aec3e	apt/preferences.d/pulseaudio: pin priority -1 backports too	2021-03-01 19:08:18 +02:00
Mikaela Suomalainen	51b0b5dde5	sudoers.d/protonvpn: add more paths & potential legacy note	2021-02-27 09:02:10 +02:00
Mikaela Suomalainen	5903664cb7	yum.repos.d: add protonvpn-unstable.repo	2021-02-26 14:10:38 +02:00
Mikaela Suomalainen	f21e22e80f	etc/sudoers.d: fix name, make notes to README.md	2021-02-26 11:34:20 +02:00
Mikaela Suomalainen	267dd77604	im.riot.Riot.desktop: add missing word "run"	2021-02-19 14:27:16 +02:00
Mikaela Suomalainen	8463fa8f5c	local/share/applications: Riot -> Element Package name hasn't changed though so I imagine the icon is the same too	2021-02-19 13:59:27 +02:00
Mikaela Suomalainen	95a44d0be9	etc/pipewire: document the volume cutoff (pulseaudio style) workaround	2021-02-18 14:51:22 +02:00
Mikaela Suomalainen	c8e89a5817	systemd: add coredump.conf.d/biggercores.conf	2021-02-18 14:47:23 +02:00
Mikaela Suomalainen	8155bec959	sysctl.d: add 00-quic-go-udp-receive-buffer.conf So I will remember it's existence	2021-02-13 09:36:28 +02:00
Mikaela Suomalainen	a0c61231f4	systemd/resolved.conf.d: add snopyta-strict.conf While posting an example how I would do it I might as well put it here	2021-02-10 16:12:42 +02:00
Mikaela Suomalainen	288b010fe5	sshd: move mikaela-prohibit-password.conf to broken/ Apparently OpenSSH only allows PasswordAuthentication yes within a Match block.	2021-02-02 14:12:43 +02:00
Mikaela Suomalainen	1be2720861	sshd: explicitly "terminate" Match blocks by Match All https://unix.stackexchange.com/a/303982/17126 & man sshd_config	2021-02-02 13:58:35 +02:00
Mikaela Suomalainen	3260950712	sshd/anoncvs.conf: vcs users shouldn't ever be asked for a password even if the system would allow that.	2021-02-02 13:06:04 +02:00
Mikaela Suomalainen	2711c5975e	NetworkManager.conf.d: add no-search-domains.conf	2021-02-02 12:52:34 +02:00
Mikaela Suomalainen	7ad17f8087	sshd/user-permit-password.conf: note on how to allow specific user to use passwords	2021-02-01 17:11:06 +02:00
Mikaela Suomalainen	1503367c86	sshd_config & ….d/README: note min version & date	2021-01-31 13:51:06 +02:00
Mikaela Suomalainen	f75bc7bd07	sshd/basic-security.conf: remove deprecated option > /etc/ssh/sshd_config.d/basic-security.conf line 24: Deprecated option UsePrivilegeSeparation OpenSSH_8.4p1, OpenSSL 1.1.1i FIPS 8 Dec 2020	2021-01-31 13:39:51 +02:00
Mikaela Suomalainen	0151bee9b0	sshd/mikaela-prohibit-password.conf: add AuthenticationMethods publickey	2021-01-30 22:15:51 +02:00
Mikaela Suomalainen	f1ea1e17d9	etc/ssh: rm copy	2021-01-30 21:35:05 +02:00
Mikaela Suomalainen	0572613d99	etc/ssh: cut sshd_config into multiple .confs	2021-01-30 21:31:38 +02:00
Mikaela Suomalainen	c5fa3daf29	sshd_config.d: read Mozilla docs & adjust accordingly https://infosec.mozilla.org/guidelines/openssh	2021-01-30 21:18:41 +02:00
Mikaela Suomalainen	5211fb772c	sshd_config.d: add anoncvs.conf	2021-01-30 21:00:06 +02:00
Mikaela Suomalainen	de3a0739b4	sshd_config.d: add mikaela-prohibit-password.conf Resolves: #88	2021-01-30 20:50:21 +02:00
Mikaela Suomalainen	a7c643bb7a	etc/sshd_config.d: add basic-security.conf Ref: 88	2021-01-30 20:47:21 +02:00
Mikaela Suomalainen	8628ec28e0	yum.repos.d: add Dino	2021-01-30 11:01:17 +02:00
Mikaela Suomalainen	84ee7aeada	yum.repos.d: list Keybase too	2021-01-29 19:18:11 +02:00
Mikaela Suomalainen	27d1914424	etc: add dnf/dnf.conf & yum.repos.d/README.md	2021-01-29 19:15:08 +02:00
Mikaela Suomalainen	81296a241c	chrony: cut chrony.d/ into conf.d/ and sources.d/ I hope these are wider defaults than just Debian and allow me to not conflit with package manager, but regardless having a separate sources.d/ looks like a good idea for being able to `chronyc reload sources`	2021-01-29 12:56:38 +02:00
Mikaela Suomalainen	fc0730d7a5	sudoers.d/protonvpn.conf: add /usr/bin/protonvpn	2021-01-28 13:13:28 +02:00
Mikaela Suomalainen	16b19fb34d	torrc-client: add etro.mikaela.info	2021-01-26 19:42:25 +02:00
Mikaela Suomalainen	6216d8cda3	sudoers.d: add passwordless protonvpn-{tray,gui}	2021-01-16 20:40:21 +02:00
Mikaela Suomalainen	2df7aed162	chrony/yggdrasil: add comment & Kotka computers	2021-01-08 11:25:16 +02:00
Mikaela Suomalainen	0f94c59b81	chrony: add hetzner srevers	2020-12-19 13:03:54 +02:00
Mikaela Suomalainen	abb0c37ef2	unbound.conf.d: add yggdrasil-override.conf Begins #89 at a better time	2020-12-15 20:34:01 +02:00
Mikaela Suomalainen	b26c9f698d	chrony/yggdrasil: add Etro	2020-12-15 14:30:30 +02:00
Mikaela Suomalainen	b20f3367b1	systemd/yggdrasil: add mullvad-exclude (& fix chrony override typo)	2020-12-09 09:38:49 +02:00
Mikaela Suomalainen	36b6a99e85	chrony.d: local-servers: add notes + xleave to the first comment	2020-12-09 08:44:34 +02:00
Mikaela Suomalainen	40d535f2c0	systemd/chrony.service.d/mullvad-exclude: actually fix this	2020-12-08 18:36:34 +02:00
Mikaela Suomalainen	f92b8d8d05	chrony.d/yggdrasil.conf: add y.Jolly-Roger	2020-12-06 19:49:12 +02:00
Mikaela Suomalainen	e27e88efd8	chrony.d: add hwtimestamp.conf	2020-12-06 19:26:04 +02:00
Mikaela Suomalainen	4a25481db2	chrony/yggdrasil.conf: add Sedric	2020-12-06 18:36:23 +02:00
Mikaela Suomalainen	5e94147e81	chrony.d/yggdrasil.conf: initial commit	2020-12-06 18:02:43 +02:00
Mikaela Suomalainen	2a615d8241	chrony: note that confdir and NTS require 4.0	2020-12-03 10:52:47 +02:00
Mikaela Suomalainen	e9aefd711b	blocklist.conf: refuse blocked instead of nxdomain Only the Firefox DoH needs to be NXDOMAIN while REFUSE may be more accurate for the rest.	2020-11-21 12:13:55 +02:00
Mikaela Suomalainen	e7a6e00b83	unbound/dns-over-tls: comment Adguard & NextDNS for not being in FI	2020-11-15 09:46:50 +02:00
Mikaela Suomalainen	aadcc009a0	unbound/dns-over-tls.conf: add Adguard (unfiltered) & NextDNS	2020-11-12 16:12:18 +02:00
Mikaela Suomalainen	3289a812ee	unbound: add dns-mullvad.conf (not encrypted) Contains Mullvad Wireguard, OpenVPN and public addresses	2020-11-10 16:04:48 +02:00
Mikaela Suomalainen	9536101263	resolv.csv: add BlahDNS DoH CDNs Just doh1, because it and doh2 resolve into the same addresses for me and I don't want to add duplicate DoH field when only BlahDNS has two differnt addresses for the same thing.	2020-11-08 12:50:31 +02:00
Mikaela Suomalainen	49d969822b	etc/resolv.csv: add BlahDNS Resolves: #85	2020-11-04 12:56:48 +02:00
Mikaela Suomalainen	c302b10caf	chrony.d: restore log.conf	2020-11-01 11:57:57 +02:00
Mikaela Suomalainen	07e8c52f3b	chrony.d/local-servers: remove duplicate line it's in README.md	2020-11-01 11:36:30 +02:00
Mikaela Suomalainen	dced82b820	etc/chrony: break chrony.conf into README.md & chrony.d/	2020-11-01 11:23:59 +02:00
Mikaela Suomalainen	52458cc8aa	chrony.conf: add xleave for peer	2020-11-01 10:47:30 +02:00
Mikaela Suomalainen	84a669f51f	chrony.conf: add note for Windows on nettime	2020-10-31 18:10:25 +02:00
Mikaela Suomalainen	c55e6b97e8	chrony.conf: comments for nmap and VPNs	2020-10-31 14:34:47 +02:00
Mikaela Suomalainen	0c7038da14	systemd: systemd-resolved.service.d/unbound.conf: After unbound	2020-10-30 10:19:39 +02:00
Mikaela Suomalainen	fe83cbbb3a	systemd: add config for excluding Chrony from Mullvad	2020-10-30 08:04:58 +02:00
Mikaela Suomalainen	f878041e2e	unbound/dns-over-tls.conf: reverse order of providers It seems to have some (small?) relevance to where queries go to.	2020-10-29 16:24:52 +02:00
Mikaela Suomalainen	6e1f41533c	unbound/dns-over-tls.conf: comment the 443 appliedprivacy Thinking it a bit more, it's not useful to use their resources on devices that practically never encounter blocked port 853.	2020-10-29 13:22:19 +02:00
Mikaela Suomalainen	b03e00faaa	local/share/apps: add firejailed mirage (todo: test it)	2020-10-29 13:15:48 +02:00
Mikaela Suomalainen	c93034ba7f	unbound/dns-over-tls.conf: major cleanup	2020-10-29 13:15:23 +02:00
Mikaela Suomalainen	8b04c26065	chrony.conf: add a peer comment for LOCALMACHINE.local	2020-10-27 10:35:09 +02:00
Mikaela Suomalainen	dc2ac02412	begin depulseaudioing https://wiki.archlinux.org/index.php/PulseAudio/Troubleshooting#No_sound_below_a_volume_cutoff_or_Clipping_on_a_particular_output_device is too much for me. I expect to suffer this decision too though. * i3: bind audio buttons to amixer (TODO: there are still pulse-specific shortcuts and no shortcut for any kind of a mixer. $TERMINAL alsamixer?) * i3status: comment pulse to make it see alsa * apt: pin pulseaudio to negative priority	2020-10-26 17:21:39 +02:00
Mikaela Suomalainen	9b197cbaed	chrony.conf: add a local server example	2020-10-26 07:34:10 +02:00
Mikaela Suomalainen	258cf72ccb	chrony.conf: mark Cloudflare as a pool of 2	2020-10-25 19:46:36 +02:00
Mikaela Suomalainen	9ae9856c0a	chrony.conf: mark Snopyta & Telia as pools with maxsources 3	2020-10-25 18:54:53 +02:00
Mikaela Suomalainen	51080f52d8	chrony.conf: add comments on allowing lan access	2020-10-25 17:43:07 +02:00
Mikaela Suomalainen	b4ca31e6c6	chrony.conf: add DNA & Telia NTP servers Resolves: #83	2020-10-25 17:22:59 +02:00
Mikaela Suomalainen	4cebe7fbd5	chrony.conf: list NTP servers Ref: #83	2020-10-25 12:44:53 +02:00
Mikaela Suomalainen	993759577e	Bind systemd-resolved to Unbound	2020-10-25 09:05:07 +02:00
Mikaela Suomalainen	73f273f4bb	etc/chrony: add small chrony.conf notes	2020-10-24 11:32:07 +03:00
Mikaela Suomalainen	d3e00fb1a3	xdg-applications: add firejailed appimage of chatterino	2020-10-24 09:11:14 +03:00
Mikaela Suomalainen	1e70d7d4d7	etc/systemd-resolved&unbound: add Quad9 ECS configs Untested. The last time I saw the documentation, they didn't mention DoT.	2020-10-21 17:09:20 +03:00
Mikaela Suomalainen	1467454284	hosts.append: prepend empty line It makes it easier to see where this begins in the appended /etc/hosts	2020-10-21 15:18:03 +03:00
Mikaela Suomalainen	de7184794a	etc: add hosts.append for appending into hosts for systemd-resolved	2020-10-21 15:16:56 +03:00
Mikaela Suomalainen	ca4c85b7df	etc/resolv.csv: add Quad9 ECS The DoT address is guessed and verified to be open through nmap, as it's not documented, I don't know surely that it's what it should. DoH is mentioned in https://www.quad9.net/doh-quad9-dns-servers/ via https://gitlab.com/nitrohorse/ios14-encrypted-dns-mobileconfigs/-/issues/6	2020-10-18 11:11:27 +03:00
Mikaela Suomalainen	cb5781044c	resolv.conf: add OpenDNS Family	2020-10-03 14:56:52 +03:00
Mikaela Suomalainen	5f9cf10c68	resolv.csv: add Cleanbrowsing	2020-10-03 14:07:41 +03:00
Mikaela Suomalainen	531abc1f42	resolv.csv: fix Cloudflare DoT address	2020-10-03 13:49:04 +03:00
Mikaela Suomalainen	96d19d99cb	resolv.csv: add Cloudflare family, fill CF antimalware IPv6	2020-10-03 13:46:13 +03:00
Mikaela Suomalainen	8241d0e695	resolv.csv: add AdGuard Family	2020-10-03 13:42:05 +03:00
Mikaela Suomalainen	ae533261ab	etc/resolv.csv restore Firefox addresses	2020-10-03 13:38:31 +03:00
Mikaela Suomalainen	13a03812ba	resolv.conf: move resolvers to resolv.csv	2020-09-27 15:05:53 +03:00
Mikaela Suomalainen	31a15a9abc	systemd-resolved & unbound: update AdGuard IPs Resolves: #81	2020-09-27 14:34:54 +03:00
Mikaela Suomalainen	09d7a87dfb	fix zaldaryn-r8168?	2020-09-03 19:39:34 +03:00
Mikaela Suomalainen	6c2475676c	unbound.conf.d/dot-adguard.conf: fix SNI domain	2020-08-30 16:56:51 +03:00
Mikaela Suomalainen	edb259b1c8	unbound.conf.d: add dot-adguard.conf	2020-08-30 16:45:35 +03:00
Mikaela Suomalainen	cc965d4692	blocklist.conf: add empty line & incoming.telemetry.mozilla.org	2020-08-22 23:31:54 +03:00
Mikaela Suomalainen	263f828550	unbound blocklist: add ssl.google-analytics.com	2020-08-20 19:30:47 +03:00
Mikaela Suomalainen	94eace15e7	unbound/blocklist.conf: specify it's server clause Introduced by `e4d18d47c5`	2020-08-20 18:38:37 +03:00
Mikaela Suomalainen	cabf7c570d	blocklist.conf: add [www.]google-analytics.com.	2020-08-20 18:33:51 +03:00
Mikaela Suomalainen	b5cafdeb90	unbound: the mass file is not a good idea? cut it?	2020-08-16 12:18:07 +03:00
Mikaela Suomalainen	e4d18d47c5	etc/.../unbound.conf: update for 1.11.0-1+	2020-08-15 10:27:50 +03:00
Mikaela Suomalainen	cf8dc85ec0	systemd/timesyncd.conf.d: add cloudflare.conf	2020-08-09 10:51:36 +03:00
Mikaela Suomalainen	82cf5e7742	systemd/resolved.conf.d: add generic NextDNS confs	2020-08-09 00:07:06 +03:00
Mikaela Suomalainen	c3f9205610	resolv.conf: fix nextdns addresses	2020-08-09 00:03:13 +03:00
Mikaela Suomalainen	bbbe4a2f04	resolv.conf: add Firefox DoH resolvers Excluding Comcast	2020-08-08 20:06:39 +03:00
Mikaela Suomalainen	f58ba9424e	resolv.conf: more notes, hilight systemd-resolved, add DoH addresses	2020-08-08 19:44:08 +03:00
Mikaela Suomalainen	ca25fa1a66	sources.list: rm 16.04.archive.ubuntu.com I don't see enough difference compared to ubuntu. Resolves: #78	2020-08-07 15:58:54 +03:00
Mikaela Suomalainen	0be7388798	sources.list: add ubuntu Resolves: #77	2020-08-07 10:40:22 +03:00
Mikaela Suomalainen	73fb88e11d	systemd-resolved.conf.d: everywhere -> 00-everywhere	2020-07-24 12:16:31 +03:00
Mikaela Suomalainen	8af19aab5e	resolv.conf: link to Mullvad issue while at it	2020-07-23 23:28:14 +03:00
Mikaela Suomalainen	99cda3d7ed	resolv.conf: add a missing word	2020-07-23 23:27:37 +03:00
Mikaela Suomalainen	7da5babc43	resolv.conf: add missing empty line	2020-07-23 22:59:53 +03:00
Mikaela Suomalainen	d3e1aaee30	resolv.conf: more systemd-resolved info	2020-07-23 22:52:32 +03:00
Mikaela Suomalainen	6289837766	resolv.conf: note the systemd-resolved files	2020-07-23 22:43:04 +03:00
Mikaela Suomalainen	a8e9d7d81f	etc/resolv.conf: add option trust-ad	2020-07-20 23:11:55 +03:00
Mikaela Suomalainen	69f55cd724	systemd/resolved: adguard-strict -> adguard-dot	2020-07-18 14:05:36 +03:00
Mikaela Suomalainen	550b68d149	etc/systemd/resolved: add [adguard,cloudflare}-strict.conf I am not actually using either though and I am not sure if I will, but maybe they are nice to have as a backup here just in case.	2020-07-18 02:20:56 +03:00
Mikaela Suomalainen	b3cb953b9c	systemd/resolved: add a comment to everywhere.conf too as every other file explains who it is for, why not this	2020-07-04 19:09:26 +03:00
Mikaela Suomalainen	0ae22081a0	etc/systemd-resolved: rework all files more or less * explain things in README.md, don't duplicate comments * opportunistic-insecure.conf should be used everywhere by default, so thus it's now everywhere.conf. However I am yet to test it does what I expect, so this is bad case of testing in production or after committing it in general.	2020-07-04 19:06:18 +03:00
Mikaela Suomalainen	7a73088beb	systemd/resolved.conf.d/quad9*.conf: enable SNI	2020-06-26 12:22:09 +03:00
Mikaela Suomalainen	bce9af0edd	resolved.conf: add quad9-compat.conf	2020-06-26 12:22:09 +03:00
Mikaela Suomalainen	507b9b15c7	etc/containers: add registries.conf example linking to source, it seems to be enough to get started with podman	2020-05-27 11:01:08 +03:00
Mikaela Suomalainen	856085bd74	ssh_config: document ForwardAgent and ForwardX11... ...Previously they were no without explanation, but it never hurts to explicitly have comments on not doing that, I didn't quickly find anything nice for ForwardAgent, but I remember the Matrix.org people somehow avoiding hearing it and ForwardX11 first result was that StackExchange.	2020-05-22 14:36:26 +03:00
Mikaela Suomalainen	d8d48508bd	ssh_config: update comments, add Includes Resolves: #69	2020-05-22 14:29:37 +03:00
Mikaela Suomalainen	c2c27c8adb	local: add firejail-appimage-patchwork.desktop	2020-05-08 18:14:42 +03:00
Mikaela Suomalainen	5226399637	grub.d: add quiet.cfg to remind me to not remove it	2020-04-08 19:24:22 +03:00
Mikaela Suomalainen	1e08997ad5	etc/sources.list: add (Debian's) experimental	2020-03-30 18:12:16 +03:00
Mikaela Suomalainen	6f2f986d2f	etc/fahclient/config.xml: let the slider be MEDIUM	2020-03-30 09:16:32 +03:00
Mikaela Suomalainen	d1fc83913b	systemd/user: add ipfs, transmission-daemon (from system)	2020-03-30 08:42:06 +03:00
Mikaela Suomalainen	b2dac44a64	etc: add fahclient/config.xml	2020-03-30 08:35:56 +03:00
Mikaela Suomalainen	d39ec4ccfe	grub.d/oldifnames.cfg: update comment I seem to be using it in multiple systems so I cannot say I don't recommend it, when it's understood.	2020-03-29 15:12:00 +03:00
Mikaela Suomalainen	53944a0673	grub.d: add forcefsck.cfg	2020-03-29 15:11:48 +03:00
Mikaela Suomalainen	b217baaec9	systemd/system: update syncplay-server.service It never got the TLS flag apparently	2020-03-27 18:02:34 +02:00
Mikaela Suomalainen	d71357613f	apt/preferences.d/limit-unstable: add unstable-debug repo It may be unhelpful to have debug symbols getting pulled from Unstable while using packages from Testing or even Stable.	2020-03-21 16:40:00 +02:00
Mikaela Suomalainen	9d70aa8119	org.signal.Signal.desktop: rename to Signal Tray	2020-03-09 09:35:19 +02:00
Mikaela Suomalainen	8fc2d8905c	etc/nginx/README.md: add future warning	2020-03-07 21:08:57 +02:00
Mikaela Suomalainen	64d5fef6f3	ipfs.service: point to the new meta issue	2020-02-29 18:03:32 +02:00
Mikaela Suomalainen	b125fc1804	etc/systemd/resolved.conf.d: general.conf -> opportunistic-insecure.conf	2020-02-21 19:03:56 +02:00
Mikaela Suomalainen	60cac14929	etc: add multi-user.cfg	2020-02-18 01:42:27 +02:00
Mikaela Suomalainen	585266bc28	update pomotroid.desktop & add ipfs-desktop.desktop Pomotroid now stores data	2020-02-13 20:17:39 +02:00
Mikaela Suomalainen	a3d7b0af22	etc/default/grub.d/lockdown.cfg: notes + lockdown=integrity comment	2020-02-13 02:03:52 +02:00
Mikaela Suomalainen	b770e356cb	etc/default/grub.d: add lockdown.cfg	2020-02-13 01:17:39 +02:00
Mikaela Suomalainen	60899ca667	etc/sysctl.d: add kernel.yama.ptrace_scope = 1	2020-02-12 22:36:17 +02:00
Mikaela Suomalainen	3e325cca03	etc/sysctl.d: add 00-local-userns.conf with warnings/rant	2020-02-12 22:00:11 +02:00
Mikaela Suomalainen	bd6488e0ed	etc/default/grub.d: nouveau.cfg -> itwjyg.cfg + more modules	2020-02-10 17:54:47 +02:00
Mikaela Suomalainen	fafc6fad62	etc/xdg/autostart: add pomotroid.desktop Resolves: #50	2020-02-09 20:36:56 +02:00
Mikaela Suomalainen	1a8c6fcd24	merge local/share/applications & etc/xdg/autostart	2020-02-09 20:35:54 +02:00
Mikaela Suomalainen	ee0038c568	add /etc/network/interfaces.d/eth0	2020-02-09 14:53:56 +02:00
Mikaela Suomalainen	8472ffa7cd	NetworkManager: add manage-ifupdown.conf	2020-02-09 14:53:01 +02:00
Mikaela Suomalainen	9177966264	etc/default/grub.d: -supposedly & modprobe r8168	2020-02-09 14:50:43 +02:00
Mikaela Suomalainen	da2f090f56	logind.conf.d/lidclose.conf: mention systemd-rfkill, ref: #51	2020-02-03 22:41:47 +02:00
Mikaela Suomalainen	d54ec98f99	NM/iwd.conf: add missing line (enable --now iwd)	2020-02-03 21:40:11 +02:00
Mikaela Suomalainen	d8740f54e1	NetworkManager/conf.d: add iwd.conf for replacing wpa_supplicant	2020-02-03 21:15:35 +02:00
Mikaela Suomalainen	c0399054bb	etc/systemd/login.conf.d/lidclose.conf: ignore lid close	2020-02-03 19:36:05 +02:00
Mikaela Suomalainen	a82e3fd989	etc/NetworkManager: add no-mac-randomizing.conf	2020-01-28 23:12:54 +02:00
Mikaela Suomalainen	b04c724b5b	etc/default/grub.d: add flags to disable hibernating	2020-01-19 13:47:33 +02:00
Mikaela Suomalainen	2168bc47ed	apt/preferences.d: don't consider firefox/jami as badideas	2020-01-12 13:24:11 +02:00
Mikaela Suomalainen	86cb1a02dc	etc/xdg/autostart: add com.github.wwmm.pulseeffects.desktop	2020-01-11 22:25:33 +02:00
Mikaela Suomalainen	e47568e178	etc/xdg/autostart: add Nextcloud.desktop	2020-01-11 22:24:23 +02:00
Mikaela Suomalainen	5c6f66e5fc	etc/apt/preferences.d: add hacks/limit-buster	2020-01-11 22:11:25 +02:00
Mikaela Suomalainen	eabd12a26d	etc/apt/preferenced: move not-so-good-ideas to badideas/	2020-01-11 21:43:52 +02:00
Mikaela Suomalainen	31c53595f8	etc/apt/preferences.d: add limit-unstable from Wireguard	2020-01-11 21:41:09 +02:00
Mikaela Suomalainen	3011004856	NetworkManager/conf.d: add no-resolvconf.conf	2020-01-11 21:05:05 +02:00
Mikaela Suomalainen	346d726bb7	NetworkManager/unbound: note unbound-control-setup	2020-01-03 01:52:21 +02:00
Mikaela Suomalainen	2df7887dda	NetworkManager/conf.d: add unbound.conf For Unbound which I generally use, even while it requires dnssec-trigger	2020-01-02 15:32:50 +02:00
Mikaela Suomalainen	6ae87b6de8	etc/default/grub.d: add oldifnames.cfg see comments of the file for reason	2019-12-30 16:24:42 +02:00

... 3 4 5 6 7 ...

808 Commits