03b37c2396
nordvpn.list: specify keyring location
2024-08-31 13:31:45 +03:00
03a0091828
apt/sources.list.d: add documentation links
2024-08-31 13:30:07 +03:00
46515474aa
iwd/main.conf: fix comment?
2024-08-30 11:44:33 +03:00
96e8aeaad4
sources.list.d: add fpf-apt-tools.list tor.list yggdrasil.list
2024-08-30 09:05:59 +03:00
d5060ef0c8
sources.list.d: add unstable.list (symlink)
2024-08-30 08:31:47 +03:00
437a1bdbe1
fstab: note btrfs being a thing for swapfiles
2024-08-28 14:47:47 +03:00
e1c3079fde
aminda-nocron-reboot.service.d/swapoff
2024-08-23 13:44:48 +03:00
2c6c664ccb
firefox & geoclue: point to api.beacondb.net for beacondb
...
Functionally identical without need to change, but pointed out for scaling up and routing traffic differently if necessary.
Ref: https://matrix.to/#/matrix.org/$nh0IGqWhdROr-xXAMD9hZxMqyUDgfy6DOabKzh6YPaQ?via=matrix.org&via=tchncs.de&via=nitro.chat
2024-08-19 18:43:37 +03:00
74e5d2f825
systemd/reflector: restart on failure
2024-08-18 09:39:38 +03:00
18c3a87459
unbound.conf: note Arch trusted key
2024-08-16 08:42:16 +03:00
b1a25ac3a2
aminda-nocron-reboot.service: apparently firewall-cmd needs home zone specified separately when NetworkManager is present
2024-08-15 09:01:38 +03:00
be0f664bcc
sudoers.d/nordvpnd: add NetworkManager restarting
2024-08-13 07:08:49 +03:00
a0419bda15
sudoers.d/password-feedback: fix the syntax error of missing capital D
...
Apparently it was my fault and not Fedora and Arch not shipping that module (like Fedora is missing insults, while that suspiciously isn't treated as a syntax error
2024-08-12 15:27:59 +03:00
7d548e20e6
sudoers.d: add modelines, remove prettier comment
2024-08-12 15:22:44 +03:00
060b48d9eb
sudoers.d/sudoers-group: I am looking at you not including this, Arch
2024-08-12 15:22:23 +03:00
9ef3faffaf
sudoers.d: add always-ask-password & password-feedback
2024-08-12 15:06:50 +03:00
61b9fb9e6a
etc/yum.repos.d: add dangerzone.repo
2024-08-12 14:56:59 +03:00
e2a1fd5070
Firefox & LibreAwoo: point to Codeberg
2024-08-12 10:01:42 +03:00
40dceee1b6
NetworkManager: comment no-mac-randomizing.conf to help prevent accidental enabling
2024-08-11 09:16:37 +03:00
5971eb9fd7
iwd & NetworkManager: clarify comments, note ManagementFrameProtection=1 being necessary for my home
2024-08-11 08:50:10 +03:00
63a762c200
NetworkManager: move keyfile from samples/, add rename=true
2024-08-11 08:46:27 +03:00
a66f30dc2e
NetworkManager: enable systemd-resolved DoT, use NM for iwd autoconnect
2024-08-11 08:31:45 +03:00
a4e527f6ec
dnf.conf: add debuglevel=10
2024-08-11 06:46:17 +03:00
ae144a1132
systemd-resolved: add the missing Domains rule
2024-08-10 12:22:42 +03:00
4c41a4cb56
systemd-resolved & unbound: add google dns for when everything is broken and you just want connected
2024-08-10 12:22:18 +03:00
8702c16ac0
adjust resolv.conf order in the generator scripts
2024-08-10 11:32:22 +03:00
e26e2cd92d
aminda-nocron-reboot.service: late load microcode update
2024-08-10 09:41:56 +03:00
c5a0a6f95f
pacman.conf: initial commit
2024-08-10 09:02:10 +03:00
0a0c8822af
systemd: note that reflector.service is due for removal, add reflector.service.d
2024-08-10 08:57:55 +03:00
9e676e52c1
etc: add symlink chrony.conf to chrony/chrony.conf
2024-08-10 08:40:19 +03:00
5103f93a22
dracut: operation btrfs convert failed
...
In the end I was unable to get the chrooted system bootable and I gave up deciding to reinstall, but apparently these changes were left here and I either need to commit them or stash and drop, and I generally think there may be value found in such of things later, so commit it is
2024-08-09 18:01:51 +03:00
cab85e4bf8
init-browser-policies.bash: use the capital X in setfacl here as well
2024-08-08 14:34:12 +03:00
d23c2a0ad3
pass capital X to setfacl in context of directories
2024-08-08 14:29:03 +03:00
880515f1f3
kgx-tmux.desktop: fix Debian compatibility
2024-08-08 09:25:56 +03:00
3a7f029252
90-cpuquota.conf: restrict CPUQuota further down to 90 %
...
My actual running configuration was 100 % while apparently this says 180 %
2024-08-08 08:46:14 +03:00
b859fc5ed5
firefox/policies.json: force instalkl new tab suspender, fix typo
2024-08-08 06:58:09 +03:00
9cdd99fdb1
firefox: disable telemetry over Anonym/'privacy preserving attribution'
...
Ref: mozilla/policy-templates#1130
2024-08-05 07:49:48 +03:00
9bca567950
{firefox,chromium}: add/restore New Tab Suspender, Dark Reader and OpenDyslexic
2024-08-02 15:30:32 +03:00
e1f6745439
Replace limits.d/00-cputime.conf with systemd/app.slice.d/90-cpulimit.conf
2024-08-02 13:40:09 +03:00
c47faaf25e
systemd-resolved: enforce DoT for files explicitly supporting it, demand DNSSEC from LAN resolver
2024-08-01 19:12:07 +03:00
b470649d3a
etc/security/limits.d/00-cputime.conf: initial commit
2024-07-31 23:28:38 +03:00
6a759bfd11
aminda-nocron-reboot.service: add systemd-oomd
2024-07-31 14:54:25 +03:00
84c0452463
systemd: finally add oomd configuration
2024-07-31 14:52:46 +03:00
f18a66faef
init-browser-policies.bash: let's be honest, there ln flags are far more memorable
2024-07-31 11:04:19 +03:00
45fb267570
etc/init-browser-policies.bash: add suspicion of another Google Chrome
2024-07-31 11:03:13 +03:00
62d52df660
init-browser-policies.bash: setfacl
2024-07-31 10:58:44 +03:00
70ae6b36a5
systemd-resolved & unbound: let's not pretend I am not using Quad9 ECS
2024-07-31 10:23:36 +03:00
aa03a16c49
DNS: fail fast when you inevitably fail
2024-07-30 20:43:33 +03:00
ff67c229b9
shut up goenv
2024-07-30 14:14:37 +03:00
8a52d849bc
systemd-networkd: clean up lines I always clean up anyway
2024-07-30 14:08:44 +03:00