Compare commits
7 Commits
9375b3c2b2
...
581096257f
Author | SHA1 | Date |
---|---|---|
Aminda Suomalainen | 581096257f | |
Aminda Suomalainen | 41b88b5cb9 | |
Aminda Suomalainen | 44e22716f9 | |
Aminda Suomalainen | 18a04b1351 | |
Aminda Suomalainen | 55dcb2f2cd | |
Aminda Suomalainen | 35b99a6bc0 | |
Aminda Suomalainen | 5ab33c154e |
|
@ -1,3 +1,3 @@
|
|||
# Very Important Communication Programs, P2P, not expected to get sold
|
||||
exec --no-startup-id flatpak run --env=TZ=UTC net.jami.Jami
|
||||
exec --no-startup-id flatpak run org.briarproject.Briar//stable
|
||||
exec --no-startup-id /usr/local/bin/briar
|
||||
|
|
|
@ -1,2 +1,3 @@
|
|||
jauderho-nts.sources
|
||||
jauderho-nts-servers
|
||||
local-servers.sources
|
||||
|
|
|
@ -1,11 +0,0 @@
|
|||
# xleave probably won't be on local router
|
||||
#server LOCALMACHINE.local iburst auto_offline xleave prefer
|
||||
|
||||
# Or alternatively reciprocally TODO: how do `key` options work? This
|
||||
# apparently should only be done in trusted LAN.
|
||||
# xleave is probably best to be used with other local Chronys, I somehow
|
||||
# doubt potential router NTP might have it.
|
||||
# A lot of reading say that it's better to use "server" on both sides
|
||||
# rather than peer, I think even Chrony manual and that is where I took
|
||||
# trusted LAN
|
||||
#peer LOCALMACHINE.local auto_offline xleave prefer
|
|
@ -0,0 +1,20 @@
|
|||
# In my experience local routers are unlikely to support xleave
|
||||
# I don't remember if this does NTP, probably not, but auto_offline.
|
||||
server 192.168.8.1 iburst auto_offline prefer
|
||||
# Local router, MikroTik
|
||||
server 192.168.88.1 iburst auto_offline prefer
|
||||
|
||||
# Local machines/Chronys
|
||||
server sedric.local iburst auto_offline xleave prefer
|
||||
server lumina.local iburst auto_offline xleave prefer
|
||||
server rbtpzn.local iburst auto_offline xleave prefer
|
||||
server zaldaryn.local iburst auto_offline xleave prefer
|
||||
|
||||
# Or alternatively reciprocally TODO: how do `key` options work? This
|
||||
# apparently should only be done in trusted LAN.
|
||||
# xleave is probably best to be used with other local Chronys, I somehow
|
||||
# doubt potential router NTP might have it.
|
||||
# A lot of reading say that it's better to use "server" on both sides
|
||||
# rather than peer, I think even Chrony manual and that is where I took
|
||||
# trusted LAN
|
||||
#peer LOCALMACHINE.local auto_offline xleave prefer
|
|
@ -14,7 +14,8 @@
|
|||
"teams.microsoft.com",
|
||||
"bittimittari.fi",
|
||||
"pp-attester-turnstile.research.cloudflare.com",
|
||||
"keyoxide.org"
|
||||
"keyoxide.org",
|
||||
"one.one.one.one"
|
||||
],
|
||||
"learnInIncognito": true,
|
||||
"learnLocally": true,
|
||||
|
|
|
@ -13,7 +13,8 @@
|
|||
"teams.microsoft.com",
|
||||
"bittimittari.fi",
|
||||
"pp-attester-turnstile.research.cloudflare.com",
|
||||
"keyoxide.org"
|
||||
"keyoxide.org",
|
||||
"one.one.one.one"
|
||||
],
|
||||
"learnInIncognito": true,
|
||||
"learnLocally": true,
|
||||
|
|
|
@ -10,7 +10,8 @@
|
|||
"https://glowing-bear.org",
|
||||
"https://latest.glowing-bear.org",
|
||||
"https://bittimittari.fi",
|
||||
"pp-attester-turnstile.research.cloudflare.com",
|
||||
"keyoxide.org"
|
||||
"https://pp-attester-turnstile.research.cloudflare.com",
|
||||
"https://keyoxide.org",
|
||||
"https://one.one.one.one"
|
||||
]
|
||||
}
|
||||
|
|
|
@ -1 +1,2 @@
|
|||
dot-trex.conf
|
||||
10-dot-trex.conf
|
||||
99-lan-resolver.conf
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
# Being at the end of the English alphabet, this file will take priority
|
||||
# and override values of others with the unsets.
|
||||
# Being at the higher end of numbers, this file will take priority assuming
|
||||
# nothing else uses the prefix 99- and override values of others with the
|
||||
# unsets.
|
||||
[Resolve]
|
||||
DNSSEC=false
|
||||
DNSOverTLS=false
|
|
@ -0,0 +1,12 @@
|
|||
[Resolve]
|
||||
# These could be used in some business
|
||||
#DNS=10.0.0.1
|
||||
#DNS=172.16.0.1
|
||||
# Average router
|
||||
#DNS=192.168.0.1
|
||||
# Huawei?
|
||||
#DNS=192.168.8.1
|
||||
# Mikrotik
|
||||
#DNS=192.168.88.1
|
||||
|
||||
# vim: filetype=systemd
|
|
@ -32,9 +32,14 @@ sudo systemctl restart systemd-resolved
|
|||
should exist anyway as I don't trust systemd-resolved entirely. Anyway if
|
||||
there truly is no local resolver, systemd-resolved will detect that and act accordingly.)
|
||||
- To rephrase, this is to be used together with other files, especially
|
||||
some of those beginning with `dot-`.
|
||||
- `dot-*.conf` - configuration to use the DNS provider with DNS-over-TLS.
|
||||
some of those beginning with `10-dot-`.
|
||||
- `10-dot-*.conf` - configuration to use the DNS provider with DNS-over-TLS.
|
||||
At least one of these should be used in addition to `00-defaults.conf`
|
||||
- `98-local-resolver.conf` attempts to configure localhost resolver and
|
||||
disables unnecessary features for that scenario.
|
||||
- `99-lan-resolver.conf.sample` when renamed would allow enabling resolvers on
|
||||
LAN assuming they are trusted. Note that if used together with
|
||||
`98-local-resolver.conf`, DNSSEC would be disabled.
|
||||
- `README.md` - you are reading it right now.
|
||||
|
||||
## General commentary
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
dot-quad9.conf
|
|
@ -0,0 +1,5 @@
|
|||
[Desktop Entry]
|
||||
Name=BRIAR
|
||||
Exec=/usr/local/bin/briar
|
||||
Type=Application
|
||||
Icon=org.briarproject.Briar
|
Loading…
Reference in New Issue