Mikaela/shell-things
1
0
Fork 0
mirror of https://gitea.blesmrt.net/mikaela/shell-things.git synced 2025-07-03 20:47:28 +02:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: Mikaela:32c5da4422cf7b48ff4e3d93939bb4fd37261a49
Branches Tags
Mikaela:cxefa
..
compare: Mikaela:ba55b2c9e9468aa7cc48d7a75ac7e9fb0cea9fb3
Branches Tags
Mikaela:cxefa

No commits in common. "32c5da4422cf7b48ff4e3d93939bb4fd37261a49" and "ba55b2c9e9468aa7cc48d7a75ac7e9fb0cea9fb3" have entirely different histories.
32c5da4422 ... ba55b2c9e9

4 changed files with 2 additions and 60 deletions
Show Stats Expand all files Collapse all files

9
etc/hosts/README.md
View File

@ -8,8 +8,7 @@ This file is DNS before DNS and legacy remain which is still used.
<!-- START doctoc generated TOC please keep comment here to allow auto update --> <!-- START doctoc generated TOC please keep comment here to allow auto update -->
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE --> <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
- [`blocklist`](#blocklist) - [dns](#dns)
- [`dns`](#dns)
- [`hosts.fedora`](#hostsfedora) - [`hosts.fedora`](#hostsfedora)
- [`hosts.debian`](#hostsdebian) - [`hosts.debian`](#hostsdebian)
@ -18,11 +17,7 @@ This file is DNS before DNS and legacy remain which is still used.
<!-- prettier-ignore-end --> <!-- prettier-ignore-end -->
<!-- editorconfig-checker-enable --> <!-- editorconfig-checker-enable -->
## `blocklist` ## dns
Hosts that I dislike enough to mention in my `hosts` file.
## `dns`
This began from question why should I have DNS to have DNS, but having it This began from question why should I have DNS to have DNS, but having it
on DNS resolver level broke DNSSEC due to my weird mixing of systemd-resolved on DNS resolver level broke DNSSEC due to my weird mixing of systemd-resolved

12
etc/hosts/blocklist
View File

@ -1,12 +0,0 @@
##### BEGIN AMINDA BLOCKLIST #####
# Facebook API that a lot of things call, will break things for Facebook
# users, so don't apply on hosts those use
:: graph.facebook.com
0.0.0.0 graph.facebook.com
# Unnecessary service for Matrix rooms. I was dared to block it.
:: matrix.to www.matrix.to
0.0.0.0 matrix.to www.matrix.to
##### END AMINDA BLOCKLIST #####

31
etc/resolv.conf-generate.bash
View File

@ -1,31 +0,0 @@
#!/usr/bin/env bash
set -x
# Require root or exit
if [ "$(id -u)" != "0" ]; then
echo "This script requires root." 1>&2
exit 1
fi
# In case I am behind the /etc/resolv.conf, it's immutable and read-only,
# which won't allow it to be rewritten.
chattr -V -i /etc/resolv.conf
chmod -v +w /etc/resolv.conf
# Or it's a symlink to e.g. /run/systemd/resolve/stub-resolv.conf
rm -v /etc/resolv.conf
# Actual resolv.conf creation. OK, this could read resolv.conf in this
# directory, but I like this being self-contained.
# tee -p = operate in a more appropriate MODE with pipes.
printf 'nameserver ::1\nnameserver 127.0.0.1\nnameserver 127.0.0.53\noptions edns0 trust-ad timeout:1 attempts:5\nsearch .\n' | tee -p /etc/resolv.conf
# Remove all other permissions than everyone reading resolv.conf
chmod -v a=r /etc/resolv.conf
# Make resolv.conf immutable again so it's pretty sure nothing else edits it.
chattr -V +i /etc/resolv.conf
# Let's just see it's ok
ls -l /etc/resolv.conf
cat /etc/resolv.conf
set +x

10
etc/systemd/system/service.d/resolv.conf
View File

@ -1,10 +0,0 @@
# Unlike everything else(?), this can actually be placed to
# /etc/systemd/system/service.d if /etc/resolv.conf cannot be modified
# for some reason and specify the search and options options.
# I would just edit /etc/resolv.conf directly though, but this is just a
# note that this is possible.
[Service]
Environment=LOCALDOMAIN=.
Environment=RES_OPTIONS="edns0 trust-ad timeout:1 attempts:5"
# vim: filetype=systemd