Compare commits
12 Commits
901dbfe138
...
1d7308e74e
Author | SHA1 | Date |
---|---|---|
Aminda Suomalainen | 1d7308e74e | |
Aminda Suomalainen | ed21eb03cd | |
Aminda Suomalainen | 2f585209e7 | |
Aminda Suomalainen | 65f58dc224 | |
Aminda Suomalainen | c55b20a89a | |
Aminda Suomalainen | b36fe67bc3 | |
Aminda Suomalainen | b8f720fa7f | |
Aminda Suomalainen | 9e38fdf223 | |
Aminda Suomalainen | 90b64c9543 | |
Aminda Suomalainen | b0ec7cffde | |
Aminda Suomalainen | 16d2f74135 | |
Aminda Suomalainen | def77bc4c3 |
|
@ -130,8 +130,9 @@ repos:
|
|||
# ensure nothing breaks the rules.
|
||||
|
||||
# prettier, opinionated code formatter
|
||||
- repo: https://github.com/pre-commit/mirrors-prettier
|
||||
rev: "v4.0.0-alpha.8"
|
||||
#- repo: https://github.com/pre-commit/mirrors-prettier
|
||||
- repo: https://github.com/rbubley/mirrors-prettier
|
||||
rev: "v3.2.5"
|
||||
hooks:
|
||||
- id: prettier
|
||||
# These are handled by Black below or pretty-format-json above
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
user
|
|
@ -0,0 +1 @@
|
|||
../../etc/systemd/user
|
|
@ -297,7 +297,8 @@ their alternative port.
|
|||
|
||||
## `enable-ech-ocsp.json`
|
||||
|
||||
Enables encrypted client hello (ECH) and Online Certificate Status Protocol (OCSP) (or Certificate Revocation List (CRL)?) checks.
|
||||
Enables encrypted client hello (ECH) and Online Certificate Status Protocol
|
||||
(OCSP)/Certificate Revocation List (CRL) checks.
|
||||
|
||||
However ECH requires `"DnsOverHttpsMode": "secure"` which will break things
|
||||
(and thus my files don't enable it),
|
||||
|
|
|
@ -0,0 +1,31 @@
|
|||
[Unit]
|
||||
Description=Aminda's cronless boot tasks
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
TimeoutStartSec=infinity
|
||||
# - means it can fail, without failing those after it
|
||||
# I always want DNS.
|
||||
ExecStartPre=-/usr/bin/systemctl enable --now unbound.service
|
||||
ExecStartPre=-/usr/bin/systemctl enable --now systemd-resolved.service
|
||||
ExecStartPre=-/usr/sbin/sysctl net.ipv6.conf.all.disable_ipv6=0
|
||||
# These services are called here, so
|
||||
ExecStartPre=-/usr/bin/systemctl start firewalld.service
|
||||
# Ensure /etc/sysctl.d/ gets read
|
||||
ExecStart=-/usr/sbin/sysctl -p --system
|
||||
# Ensure we really allow ICMPv6 on FEDORA (or firewalld)
|
||||
ExecStart=-/usr/bin/firewall-cmd --add-protocol=ipv6-icmp
|
||||
# 3rd party Xbox controller initialization. See Mikaela/gist/gayming/
|
||||
#ExecStart=-/root/fixcontroller.py
|
||||
# This is actually in the delayed variant of this service, but anyway
|
||||
ExecStart=-/usr/bin/systemctl start yggdrasil.service
|
||||
# BTRFS deduplication
|
||||
#ExecStart=-/usr/sbin/duperemove -rdhq --hashfile=/root/home.hash /home
|
||||
#ExecStart=-/usr/sbin/duperemove -rdhq --hashfile=/root/flatpak.hash /var/lib/flatpak
|
||||
#ExecStart=-/usr/sbin/duperemove -rdhq --hashfile=/root/snap.hash /var/lib/snapd
|
||||
User=root
|
||||
StandardOutput=journal
|
||||
StandardError=journal
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -0,0 +1,13 @@
|
|||
[Unit]
|
||||
Description=Run Aminda's crontab boot tasks for when there is no cron
|
||||
|
||||
[Timer]
|
||||
OnBootSec=0
|
||||
# User services
|
||||
#OnStartupSec=5
|
||||
Persistent=true
|
||||
# There is no need to stay loaded after the boot and first run.
|
||||
RemainAfterElapse=false
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
|
@ -0,0 +1,16 @@
|
|||
[Unit]
|
||||
Description=Aminda's cronless tasks to do a bit after booting
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
TimeoutStartSec=infinity
|
||||
# - means it can fail, without failing those after it
|
||||
# Another attempt at ensuring Yggdrasil works with nordvpnd
|
||||
ExecStartPre=-/usr/sbin/sysctl net.ipv6.conf.all.disable_ipv6=0
|
||||
ExecStart=-/usr/bin/systemctl restart yggdrasil.service
|
||||
User=root
|
||||
StandardOutput=journal
|
||||
StandardError=journal
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -0,0 +1,14 @@
|
|||
[Unit]
|
||||
Description=Run Aminda's crontab delayed boot tasks for when there is no cron
|
||||
|
||||
[Timer]
|
||||
OnBootSec=3min
|
||||
RandomizedDelaySec=2min
|
||||
# User services
|
||||
#OnStartupSec=5min
|
||||
Persistent=true
|
||||
# There is no need to stay loaded after the boot and first run.
|
||||
RemainAfterElapse=false
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
|
@ -2,7 +2,7 @@
|
|||
Description=Run matterbridge cleanup every minute
|
||||
|
||||
[Timer]
|
||||
OnCalendar=*-*-* *:*:00
|
||||
OnCalendar=minutely
|
||||
OnBootSec=0
|
||||
Persistent=true
|
||||
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
[Unit]
|
||||
Description=Install user level flatpak updates and uninstall unused flatpaks
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/usr/bin/flatpak update --user --assumeyes --noninteractive
|
||||
ExecStartPost=/usr/bin/flatpak uninstall --user --unused --assumeyes --noninteractive
|
|
@ -0,0 +1,15 @@
|
|||
[Unit]
|
||||
Description=Install user level flatpak updates and uninstall unused flatpaks regularly
|
||||
|
||||
[Timer]
|
||||
#OnCalendar=*-*-* 19:00:00
|
||||
# Executed every 4 hours
|
||||
OnUnitActiveSec=4h
|
||||
# Executed 5 minutes from boot
|
||||
OnBootSec=300
|
||||
# Delay execution by something between 0 seconds and 3 hours
|
||||
RandomizedDelaySec=3h
|
||||
Persistent=true
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
|
@ -23,5 +23,8 @@ server:
|
|||
# Allow expired results to be served if they are in cache. The cache will
|
||||
# get updated the next time.
|
||||
serve-expired: yes
|
||||
# DNSSEC errors for valid and expired records
|
||||
ede: yes
|
||||
ede-serve-expired: yes
|
||||
|
||||
# vim: filetype=unbound.conf
|
||||
|
|
|
@ -6,6 +6,9 @@ server:
|
|||
# gives query level information, output per query. Level 4 gives
|
||||
# algorithm level information.
|
||||
verbosity: 2
|
||||
# Gives validation EDEs more comprehensive human-readable errors
|
||||
# https://blog.nlnetlabs.nl/extended-dns-error-support-for-unbound/
|
||||
val-log-level: 2
|
||||
# Print statistics to the log hourly
|
||||
statistics-interval: 3600
|
||||
|
||||
|
|
Loading…
Reference in New Issue