Mikaela/shell-things
1
0
Fork 0
mirror of https://gitea.blesmrt.net/mikaela/shell-things.git synced 2025-08-19 20:57:39 +02:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: Mikaela:901dbfe1385e32bf9c07957819148e69449745ec
Branches Tags
Mikaela:cxefa
..
compare: Mikaela:82214710c17954d441b77e758e23ec3ec56fbe82
Branches Tags
Mikaela:cxefa

No commits in common. "901dbfe1385e32bf9c07957819148e69449745ec" and "82214710c17954d441b77e758e23ec3ec56fbe82" have entirely different histories.
901dbfe138 ... 82214710c1

23 changed files with 50 additions and 155 deletions
Show Stats Expand all files Collapse all files

19
chmod
View File

@ -4,29 +4,28 @@
# access. # access.
set -x set -x
# You don't want to make this verbose. chmod g-rwx,o-rwx $HOME -R
chmod g-rwx,o-rwx "$HOME" -R
touch ~/.oidentd.conf touch ~/.oidentd.conf
chmod -v u+rw,g-wx+r,o-wx+r ~/.oidentd.conf chmod u+rw,g-wx+r,o-wx+r ~/.oidentd.conf
touch ~/.ICEauthority touch ~/.ICEauthority
chmod -v o-rw+x,g-rw+x ~ chmod o-rw+x,g-rw+x ~
mkdir -p ~/public_html/ mkdir -p ~/public_html/
chmod -v -R 755 ~/public_html/ chmod -R 755 ~/public_html/
touch ~/.face touch ~/.face
touch ~/.forward touch ~/.forward
touch ~/.netrc touch ~/.netrc
chmod -v a+r-wx,u+rw ~/.face chmod a+r-wx,u+rw ~/.face
chmod -v a+r-wx,u+rw ~/.forward chmod a+r-wx,u+rw ~/.forward
chmod -v 600 ~/.netrc chmod 600 ~/.netrc
mkdir -p ~/.ssh mkdir -p ~/.ssh
chmod -v 700 ~/.ssh chmod 700 ~/.ssh
touch ~/.ssh/authorized_keys touch ~/.ssh/authorized_keys
chmod -v 600 ~/.ssh/authorized_keys chmod 600 ~/.ssh/authorized_keys
set +x set +x

2
etc/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
brave
firefox-esr

1
etc/brave Symbolic link
View File

@ -0,0 +1 @@
chromium

1
etc/chromium/policies/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
managed

1
etc/chromium/policies/README.md Normal file
View File

@ -0,0 +1 @@
This directory/managed is read by Vivaldi

1
etc/chromium/policies/managed Symbolic link
View File

@ -0,0 +1 @@
../../opt/chromium/policies/managed

1
etc/firefox-esr Symbolic link
View File

@ -0,0 +1 @@
firefox

25
etc/hosts/README.md
View File

@ -10,7 +10,6 @@ This file is DNS before DNS and legacy remain which is still used.
- [`blocklist`](#blocklist) - [`blocklist`](#blocklist)
- [`dns`](#dns) - [`dns`](#dns)
- [`hostname`](#hostname)
- [`hosts.arch`](#hostsarch) - [`hosts.arch`](#hostsarch)
- [`hosts.fedora`](#hostsfedora) - [`hosts.fedora`](#hostsfedora)
- [`hosts.debian`](#hostsdebian) - [`hosts.debian`](#hostsdebian)
@ -33,30 +32,6 @@ and Unbound, so now it's something I can attempt to `/etc/hosts`.
**_EXCERCISE CAUTION!_** **_EXCERCISE CAUTION!_**
## `hostname`
As can be seen in `hosts.debian`, Debian specifies hostname in format
such as:
```
::1 localhost
::1 FQDN UQDN
127.0.0.1 localhost
127.0.1.1 FQDN UQDN
```
where FQDN means _Fully Qualified Domain Name_ and UQDN _Unqualified Domain
Name_ (although I don't know if anyone else calls it like that) and I find
that a good practice. Additionally I have observed my systems querying their
own hostname from global DNS which seems unnecessary and not a great behaviour
to me, while this file appended to `/etc/hosts` can tell it immediately all
applications and make `resolvectl query hostname.localdomain` find it
instantly.
The `0200:0000:0000:0000:0000:0000:0000:0000`? Replace it with your Yggdrasil
address from `yggdrasilctl getself`.
## `hosts.arch` ## `hosts.arch`
For now this is a symlink to `hosts.steamos` as I am pretty sure they haven't For now this is a symlink to `hosts.steamos` as I am pretty sure they haven't

2
etc/hosts/blocklist
View File

@ -1,4 +1,3 @@
#
##### BEGIN AMINDA BLOCKLIST ##### ##### BEGIN AMINDA BLOCKLIST #####
# Facebook API that a lot of things call, will break things for Facebook # Facebook API that a lot of things call, will break things for Facebook
@ -11,4 +10,3 @@
0.0.0.0 matrix.to www.matrix.to 0.0.0.0 matrix.to www.matrix.to
##### END AMINDA BLOCKLIST ##### ##### END AMINDA BLOCKLIST #####
#

2
etc/hosts/dns
View File

@ -1,4 +1,3 @@
#
##### BEGIN DNS RESOLVER LIST ##### ##### BEGIN DNS RESOLVER LIST #####
# Well known DNS servers to be appended to /etc/hosts # Well known DNS servers to be appended to /etc/hosts
@ -83,4 +82,3 @@
2001:4860:4860::64 dns64.dns.google 2001:4860:4860::64 dns64.dns.google
##### END DNS RESOLVER LIST ##### ##### END DNS RESOLVER LIST #####
#

9
etc/hosts/hostname
View File

@ -1,9 +0,0 @@
#
##### BEGIN HOSTNAME #####
::1 fully.qualified.hostname.example.net friendlyhostname
127.0.1.1 fully.qualified.hostname.example.net friendlyhostname
#0200:0000:0000:0000:0000:0000:0000:0000 y.friendlyhostname.example.net
##### END HOSTNAME #####
#

2
etc/opt/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
chrome
edge

1
etc/opt/chrome Symbolic link
View File

@ -0,0 +1 @@
chromium

1
etc/opt/edge Symbolic link
View File

@ -0,0 +1 @@
chromium

4
etc/systemd/resolved.conf.d/dot-mullvad.conf
View File

@ -1,7 +1,7 @@
[Resolve] [Resolve]
#DNS=2a07:e340::2#dns.mullvad.net 194.242.2.2#dns.mullvad.net DNS=2a07:e340::2#dns.mullvad.net 194.242.2.2#dns.mullvad.net
#DNS=194.242.2.3#adblock.dns.mullvad.net 2a07:e340::3#adblock.dns.mullvad.net #DNS=194.242.2.3#adblock.dns.mullvad.net 2a07:e340::3#adblock.dns.mullvad.net
DNS=2a07:e340::4#base.dns.mullvad.net 194.242.2.4#base.dns.mullvad.net #DNS=2a07:e340::4#base.dns.mullvad.net 194.242.2.4#base.dns.mullvad.net
#DNS=2a07:e340::5#extended.dns.mullvad.net 194.242.2.5#extended.dns.mullvad.net #DNS=2a07:e340::5#extended.dns.mullvad.net 194.242.2.5#extended.dns.mullvad.net
#DNS=2a07:e340::9#all.dns.mullvad.net 194.242.2.9#all.dns.mullvad.net #DNS=2a07:e340::9#all.dns.mullvad.net 194.242.2.9#all.dns.mullvad.net
#DNSOverTLS=true #DNSOverTLS=true

1
etc/systemd/system/systemd-resolved.service.d/.gitignore vendored
View File

@ -1 +0,0 @@
unbound-wanted.conf

1
etc/systemd/system/systemd-resolved.service.d/unbound-wanted.conf
View File

@ -1 +0,0 @@
../service.d/unbound-wanted.conf

1
etc/systemd/system/service.d/unbound-wanted.conf → etc/systemd/system/systemd-resolved.service.d/unbound.conf
View File

@ -1,3 +1,2 @@
[Unit] [Unit]
Wants=unbound.service
After=unbound.service After=unbound.service

34
etc/unbound/unbound.conf.d/dot-mullvad.conf
View File

@ -1,34 +0,0 @@
server:
# Debian ca-certificates location
#tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
# ctrl.blog says this is the Fedora location
#tls-cert-bundle: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
# Use system certificates no matter where they are
tls-system-cert: yes
# Quad9 says pointless performance impact on forwarders.
# https://docs.quad9.net/Quad9_For_Organizations/DNS_Forwarder_Best_Practices/#disable-qname-minimization
qname-minimisation: no
forward-zone:
name: "."
forward-tls-upstream: yes
# Unfiltered
#forward-addr: 194.242.2.2@853#dns.mullvad.net
#forward-addr: 2a07:e340::2@853#dns.mullvad.net
# Adblock and tracking protection
#forward-addr: 194.242.2.3@853#adblock.dns.mullvad.net
#forward-addr: 2a07:e340::3@853#adblock.dns.mullvad.net
# Above + malware protection
forward-addr: 194.242.2.4@853#base.dns.mullvad.net
forward-addr: 2a07:e340::4@853#base.dns.mullvad.net
# Above + social media blocking
#forward-addr: 194.242.2.5@853#extended.dns.mullvad.net
#forward-addr: 2a07:e340::5@853#extended.dns.mullvad.net
# Blocking for ads, trackers, malware, adult, gambling
#forward-addr: 194.242.2.6@853#family.dns.mullvad.net
#forward-addr: 2a07:e340::6@853#family.dns.mullvad.net
# Blocking all of the above
#forward-addr: 194.242.2.9@853#all.dns.mullvad.net
#forward-addr: 2a07:e340::9@853#all.dns.mullvad.net
# vim: filetype=unbound.conf

60
etc/unbound/unbound.conf.d/nordvpn-domains.conf
View File

@ -1,60 +0,0 @@
server:
# Quad9 says pointless performance impact on forwarders.
# https://docs.quad9.net/Quad9_For_Organizations/DNS_Forwarder_Best_Practices/#disable-qname-minimization
qname-minimisation: no
# The app needs this, also SOCKS https://support.nordvpn.com/hc/en-us/articles/20195967385745-NordVPN-proxy-setup-for-qBittorrent
forward-zone:
name: "nordhold.net."
forward-tls-upstream: no
forward-addr: 2400:bb40:4444::103
forward-addr: 2400:bb40:8888::103
forward-addr: 103.86.96.100
forward-addr: 103.86.99.100
# Main homepage
forward-zone:
name: "nordvpn.com."
forward-tls-upstream: no
forward-addr: 2400:bb40:4444::103
forward-addr: 2400:bb40:8888::103
forward-addr: 103.86.96.100
forward-addr: 103.86.99.100
# Seen in NoScript on their homepage
forward-zone:
name: "nordcdn.com."
forward-tls-upstream: no
forward-addr: 2400:bb40:4444::103
forward-addr: 2400:bb40:8888::103
forward-addr: 103.86.96.100
forward-addr: 103.86.99.100
# Listed in documentation, https://support.nordvpn.com/hc/en-us/articles/19685519701905-NordVPN-imitation-scams
forward-zone:
name: "nordvpn.org."
forward-tls-upstream: no
forward-addr: 2400:bb40:4444::103
forward-addr: 2400:bb40:8888::103
forward-addr: 103.86.96.100
forward-addr: 103.86.99.100
# Listed in documentation, https://support.nordvpn.com/hc/en-us/articles/19685519701905-NordVPN-imitation-scams
forward-zone:
name: "nordvpnmedia.com."
forward-tls-upstream: no
forward-addr: 2400:bb40:4444::103
forward-addr: 2400:bb40:8888::103
forward-addr: 103.86.96.100
forward-addr: 103.86.99.100
# Listed in documentation, https://support.nordvpn.com/hc/en-us/articles/19685519701905-NordVPN-imitation-scams
forward-zone:
name: "nordsec.com."
forward-tls-upstream: no
forward-addr: 2400:bb40:4444::103
forward-addr: 2400:bb40:8888::103
forward-addr: 103.86.96.100
forward-addr: 103.86.99.100
# vim: filetype=unbound.conf

20
etc/unbound/unbound.conf.d/nordvpn.conf Normal file
View File

@ -0,0 +1,20 @@
server:
# Quad9 says pointless performance impact on forwarders.
# https://docs.quad9.net/Quad9_For_Organizations/DNS_Forwarder_Best_Practices/#disable-qname-minimization
qname-minimisation: no
forward-zone:
name: "."
forward-tls-upstream: no
forward-addr: 2400:bb40:4444::103
forward-addr: 2400:bb40:8888::103
forward-addr: 103.86.96.100
forward-addr: 103.86.99.100
# DNS0.eu/open since I am unsure of whether the above works outside of NordVPN
# connection and I seem to have issues with automatic connection.
forward-addr: 2a0f:fc80::ffff
forward-addr: 2a0f:fc81::ffff
forward-addr: 193.110.81.254
forward-addr: 185.253.5.254
# vim: filetype=unbound.conf

8
rc/bashrc
View File

@ -416,8 +416,8 @@ alias defaulttarget="systemctl enable "
alias cwho="who -H -w -u" alias cwho="who -H -w -u"
# inxi - https://smxi.org/docs/inxi.htm # inxi - https://smxi.org/docs/inxi.htm
#alias inxi-install="mkdir -p ~/.local/bin && cd ~/.local/bin && \wget -Nc https://github.com/smxi/inxi/raw/master/inxi && \chmod -v +x inxi && cd" #alias inxi-install="mkdir -p ~/.local/bin && cd ~/.local/bin && \wget -Nc https://github.com/smxi/inxi/raw/master/inxi && chmod +x inxi && cd"
#alias inxi-install-root="cd /usr/local/bin;\wget -Nc https://github.com/smxi/inxi/raw/master/inxi;\chmod -v +x inxi;./inxi -U;cd" #alias inxi-install-root="cd /usr/local/bin;\wget -Nc https://github.com/smxi/inxi/raw/master/inxi;chmod +x inxi;./inxi -U;cd"
#alias inxi-update="inxi -U" #alias inxi-update="inxi -U"
# FINEID to ssh-agent # FINEID to ssh-agent
@ -425,9 +425,9 @@ alias fineid="ssh-add -s /usr/lib64/libcryptoki.so"
# Homebrew # Homebrew
#alias homebrew-install="cd ~;git clone https://github.com/Homebrew/homebrew.git --depth=1;mkdir -p .local;rsync -aP homebrew/* .local;rsync -aP homebrew/.* .local;rm -rf homebrew" #alias homebrew-install="cd ~;git clone https://github.com/Homebrew/homebrew.git --depth=1;mkdir -p .local;rsync -aP homebrew/* .local;rsync -aP homebrew/.* .local;rm -rf homebrew"
#alias homebrew-install-root="cd /usr;git clone https://github.com/Homebrew/homebrew.git --depth=1;mkdir -p local;rsync -aP homebrew/* local;rsync -aP homebrew/.* local/;\chmod -v -R 755 local;chown -R root:wheel local;rm -rf homebrew" #alias homebrew-install-root="cd /usr;git clone https://github.com/Homebrew/homebrew.git --depth=1;mkdir -p local;rsync -aP homebrew/* local;rsync -aP homebrew/.* local/;chmod -R 755 local;chown -R root:wheel local;rm -rf homebrew"
#alias linuxbrew-install="cd ~;git clone https://github.com/Homebrew/linuxbrew.git --depth=1;mkdir -p .local;rsync -aP linuxbrew/* .local;rsync -aP linuxbrew/.* .local;rm -rf linuxbrew" #alias linuxbrew-install="cd ~;git clone https://github.com/Homebrew/linuxbrew.git --depth=1;mkdir -p .local;rsync -aP linuxbrew/* .local;rsync -aP linuxbrew/.* .local;rm -rf linuxbrew"
#alias linuxbrew-install-root="cd /usr;git clone https://github.com/Homebrew/linuxbrew.git --depth=1;mkdir -p local;rsync -aP linuxbrew/* local;rsync -aP linuxbrew/.* local/;\chmod -v -R 755 local;chown -R root:wheel local;rm -rf linuxbrew" #alias linuxbrew-install-root="cd /usr;git clone https://github.com/Homebrew/linuxbrew.git --depth=1;mkdir -p local;rsync -aP linuxbrew/* local;rsync -aP linuxbrew/.* local/;chmod -R 755 local;chown -R root:wheel local;rm -rf linuxbrew"
#export HOMEBREW_LOGS=$HOME/.cache/Homebrew/Logs #export HOMEBREW_LOGS=$HOME/.cache/Homebrew/Logs
# OS X # OS X

8
rc/zshrc
View File

@ -396,8 +396,8 @@ alias suu="su -"
alias cwho="who -H -w -u" alias cwho="who -H -w -u"
# inxi - https://smxi.org/docs/inxi.htm # inxi - https://smxi.org/docs/inxi.htm
#alias inxi-install="mkdir -p ~/.local/bin && cd ~/.local/bin && \wget -Nc https://github.com/smxi/inxi/raw/master/inxi && \chmod -v +x inxi && cd" #alias inxi-install="mkdir -p ~/.local/bin && cd ~/.local/bin && \wget -Nc https://github.com/smxi/inxi/raw/master/inxi && chmod +x inxi && cd"
#alias inxi-install-root="cd /usr/local/bin;\wget -Nc https://github.com/smxi/inxi/raw/master/inxi;\chmod -v +x inxi;./inxi -U;cd" #alias inxi-install-root="cd /usr/local/bin;\wget -Nc https://github.com/smxi/inxi/raw/master/inxi;chmod +x inxi;./inxi -U;cd"
#alias inxi-update="inxi -U" #alias inxi-update="inxi -U"
# FINEID to ssh-agent # FINEID to ssh-agent
@ -405,9 +405,9 @@ alias fineid="ssh-add -s /usr/lib64/libcryptoki.so"
# Homebrew # Homebrew
#alias homebrew-install="cd ~;git clone https://github.com/Homebrew/homebrew.git --depth=1;mkdir -p .local;rsync -aP homebrew/* .local;rsync -aP homebrew/.* .local;rm -rf homebrew" #alias homebrew-install="cd ~;git clone https://github.com/Homebrew/homebrew.git --depth=1;mkdir -p .local;rsync -aP homebrew/* .local;rsync -aP homebrew/.* .local;rm -rf homebrew"
#alias homebrew-install-root="cd /usr;git clone https://github.com/Homebrew/homebrew.git --depth=1;mkdir -p local;rsync -aP homebrew/* local;rsync -aP homebrew/.* local/;chmod -v -R 755 local;chown -R root:wheel local;rm -rf homebrew" #alias homebrew-install-root="cd /usr;git clone https://github.com/Homebrew/homebrew.git --depth=1;mkdir -p local;rsync -aP homebrew/* local;rsync -aP homebrew/.* local/;chmod -R 755 local;chown -R root:wheel local;rm -rf homebrew"
#alias linuxbrew-install="cd ~;git clone https://github.com/Homebrew/linuxbrew.git --depth=1;mkdir -p .local;rsync -aP linuxbrew/* .local;rsync -aP linuxbrew/.* .local;rm -rf linuxbrew" #alias linuxbrew-install="cd ~;git clone https://github.com/Homebrew/linuxbrew.git --depth=1;mkdir -p .local;rsync -aP linuxbrew/* .local;rsync -aP linuxbrew/.* .local;rm -rf linuxbrew"
#alias linuxbrew-install-root="cd /usr;git clone https://github.com/Homebrew/linuxbrew.git --depth=1;mkdir -p local;rsync -aP linuxbrew/* local;rsync -aP linuxbrew/.* local/;chmod -v -R 755 local;chown -R root:wheel local;rm -rf linuxbrew" #alias linuxbrew-install-root="cd /usr;git clone https://github.com/Homebrew/linuxbrew.git --depth=1;mkdir -p local;rsync -aP linuxbrew/* local;rsync -aP linuxbrew/.* local/;chmod -R 755 local;chown -R root:wheel local;rm -rf linuxbrew"
#export HOMEBREW_LOGS=$HOME/.cache/Homebrew/Logs #export HOMEBREW_LOGS=$HOME/.cache/Homebrew/Logs
# OS X # OS X