Compare commits
4 Commits
ea94ebfdb9
...
b248392e8a
Author | SHA1 | Date |
---|---|---|
Aminda Suomalainen | b248392e8a | |
Aminda Suomalainen | 4c4508ba36 | |
Aminda Suomalainen | 9aa71de638 | |
Aminda Suomalainen | 855630579d |
|
@ -44,5 +44,6 @@ set -g escape-time 300
|
|||
# Or for tmux >= 2.6
|
||||
set -sg escape-time 300
|
||||
|
||||
# Turn the clock red. It's the least bad colour especially at night.
|
||||
setw -g clock-mode-colour red
|
||||
# Turn the clock yellow. Red would be better at night, but I am used to
|
||||
# looking at amber in my terminals and thus yellow is less distracting.
|
||||
setw -g clock-mode-colour yellow
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
[Resolve]
|
||||
# Use this together with other files other than 00-only-unbound.conf!
|
||||
# https://github.com/systemd/systemd/issues/10579 & https://github.com/systemd/systemd/issues/9867
|
||||
#DNSSEC=allow-downgrade
|
||||
# Regardless of the above DNS breaking issues when DNSSEC is
|
|
@ -0,0 +1,12 @@
|
|||
[Resolve]
|
||||
# All this is done by Unbound. Don't use other files together with this one.
|
||||
DNSSEC=false
|
||||
DNSOverTLS=false
|
||||
Cache=false
|
||||
DNS=127.0.0.1
|
||||
DNS=::1
|
||||
Domains=~.
|
||||
# .local domains
|
||||
MulticastDNS=true
|
||||
# Microsoft Windows compatibility?
|
||||
LLMNR=true
|
|
@ -26,9 +26,15 @@ sudo systemctl restart systemd-resolved
|
|||
|
||||
## Files explained
|
||||
|
||||
- `00-defaults.conf` - configuration that should be used everywhere.
|
||||
- `00-no-local-resolver.conf` - configuration that should be used everywhere.
|
||||
Enables DNSSEC (regardless of systemd-resolved not handling it properly),
|
||||
enables opportunistic DoT, caching and local DNS servers.
|
||||
enables opportunistic DoT, caching and local DNS servers (because they
|
||||
should exist anyway as I don't trust systemd-resolved entirely. Anyway if
|
||||
there truly is no local resolver, systemd-resolved will detect that and act accordingly.)
|
||||
- To rephrase, this is sto be used together with other files, especially
|
||||
some of those beginning with `dot-`.
|
||||
- `00-only-local-resolver.conf` - for when there is known local resolver.
|
||||
**_Don't combine this with the other files._**
|
||||
- `dot-*.conf` - configuration to use the DNS provider with DNS-over-TLS. If
|
||||
captive portals are a concern, `DNSOverTLS=opportunistic`. At least one of these
|
||||
should be used in addition to `00-defaults.conf`
|
||||
|
|
|
@ -1,7 +1,12 @@
|
|||
[Resolve]
|
||||
# Secure
|
||||
#DNS=2620:fe::9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 9.9.9.9#dns.quad9.net
|
||||
# ECS
|
||||
# No Threat Blocking
|
||||
#DNS=2620:fe::10#dns10.quad9.net 149.112.112.10#dns10.quad9.net 2620:fe::fe:10#dns10.quad9.net 9.9.9.10#dns10.quad9.net
|
||||
# Secure + ECS
|
||||
DNS=2620:fe::11#dns11.quad9.net 149.112.112.11#dns11.quad9.net 2620:fe::fe:11#dns11.quad9.net 9.9.9.11#dns11.quad9.net
|
||||
# No Threat Blocking + ECS
|
||||
#DNS=9.9.9.12#dns12.quad9.net 149.112.112.12#dns12.quad9.net 2620:fe::12#dns12.quad9.net 2620:fe::fe:12#dns12.quad9.net
|
||||
# Uncomment for port 443 resolver
|
||||
#DNS=[2a02:1b8:10:234::2]:443#dot1.applied-privacy.net 146.255.56.98:443#dot1.applied-privacy.net
|
||||
#DNSOverTLS=true
|
||||
|
|
|
@ -25,25 +25,34 @@ forward-zone:
|
|||
forward-addr: 193.110.81.0@853#dns0.eu
|
||||
forward-addr: 2a0f:fc81::@853#dns0.eu
|
||||
forward-addr: 185.253.5.0@853#dns0.eu
|
||||
# # Unfiltered
|
||||
# forward-addr: 193.110.81.254@853#open.dns0.eu
|
||||
# forward-addr: 185.253.5.254@853#open.dns0.eu
|
||||
# forward-addr: 2a0f:fc80::ffff@853#open.dns0.eu
|
||||
# forward-addr: 2a0f:fc81::ffff@853#open.dns0.eu
|
||||
# # Heavier filtering
|
||||
# forward-addr: 2a0f:fc80::9@853#zero.dns0.eu
|
||||
# forward-addr: 193.110.81.9@853#zero.dns0.eu
|
||||
# forward-addr: 2a0f:fc81::9@853#zero.dns0.eu
|
||||
# forward-addr: 185.253.5.9@853#zero.dns0.eu
|
||||
|
||||
## Unfiltered
|
||||
#forward-addr: 193.110.81.254@853#open.dns0.eu
|
||||
#forward-addr: 185.253.5.254@853#open.dns0.eu
|
||||
#forward-addr: 2a0f:fc80::ffff@853#open.dns0.eu
|
||||
#forward-addr: 2a0f:fc81::ffff@853#open.dns0.eu
|
||||
## Heavier filtering
|
||||
#forward-addr: 2a0f:fc80::9@853#zero.dns0.eu
|
||||
#forward-addr: 193.110.81.9@853#zero.dns0.eu
|
||||
#forward-addr: 2a0f:fc81::9@853#zero.dns0.eu
|
||||
#forward-addr: 185.253.5.9@853#zero.dns0.eu
|
||||
## Quad9
|
||||
## Default
|
||||
# forward-addr: 2620:fe::fe@853#dns.quad9.net
|
||||
# forward-addr: 9.9.9.9@853#dns.quad9.net
|
||||
# forward-addr: 2620:fe::9@853#dns.quad9.net
|
||||
# forward-addr: 149.112.112.112@853#dns.quad9.net
|
||||
## ECS
|
||||
## Secure
|
||||
#forward-addr: 2620:fe::fe@853#dns.quad9.net
|
||||
#forward-addr: 9.9.9.9@853#dns.quad9.net
|
||||
#forward-addr: 2620:fe::9@853#dns.quad9.net
|
||||
#forward-addr: 149.112.112.112@853#dns.quad9.net
|
||||
## No Threat Blocking
|
||||
#forward-addr: 2620:fe::fe:10@853#dns10.quad9.net
|
||||
#forward-addr: 149.112.112.10@853#dns10.quad9.net
|
||||
#forward-addr: 2620:fe::10@853#dns10.quad9.net
|
||||
#forward-addr: 9.9.9.10@853#dns10.quad9.net
|
||||
## Secure + ECS
|
||||
forward-addr: 2620:fe::fe:11@853#dns11.quad9.net
|
||||
forward-addr: 9.9.9.11@853#dns11.quad9.net
|
||||
forward-addr: 2620:fe::11@853#dns11.quad9.net
|
||||
forward-addr: 149.112.112.11@853#dns11.quad9.net
|
||||
## No Threat Blocking + ECS
|
||||
#forward-addr: 2620:fe::fe:12@853#dns12.quad9.net
|
||||
#forward-addr: 9.9.9.12@853#dns12.quad9.net
|
||||
#forward-addr: 2620:fe::12@853#dns12.quad9.net
|
||||
#forward-addr: 149.112.112.12@853#dns12.quad9.net
|
||||
|
|
|
@ -12,13 +12,23 @@ server:
|
|||
forward-zone:
|
||||
name: "."
|
||||
forward-tls-upstream: yes
|
||||
## Default
|
||||
# forward-addr: 2620:fe::fe@853#dns.quad9.net
|
||||
# forward-addr: 9.9.9.9@853#dns.quad9.net
|
||||
# forward-addr: 2620:fe::9@853#dns.quad9.net
|
||||
# forward-addr: 149.112.112.112@853#dns.quad9.net
|
||||
## ECS
|
||||
## Secure
|
||||
#forward-addr: 2620:fe::fe@853#dns.quad9.net
|
||||
#forward-addr: 9.9.9.9@853#dns.quad9.net
|
||||
#forward-addr: 2620:fe::9@853#dns.quad9.net
|
||||
#forward-addr: 149.112.112.112@853#dns.quad9.net
|
||||
## No Threat Blocking
|
||||
#forward-addr: 2620:fe::fe:10@853#dns10.quad9.net
|
||||
#forward-addr: 149.112.112.10@853#dns10.quad9.net
|
||||
#forward-addr: 2620:fe::10@853#dns10.quad9.net
|
||||
#forward-addr: 9.9.9.10@853#dns10.quad9.net
|
||||
## Secure + ECS
|
||||
forward-addr: 2620:fe::fe:11@853#dns11.quad9.net
|
||||
forward-addr: 9.9.9.11@853#dns11.quad9.net
|
||||
forward-addr: 2620:fe::11@853#dns11.quad9.net
|
||||
forward-addr: 149.112.112.11@853#dns11.quad9.net
|
||||
## No Threat Blocking + ECS
|
||||
#forward-addr: 2620:fe::fe:12@853#dns12.quad9.net
|
||||
#forward-addr: 9.9.9.12@853#dns12.quad9.net
|
||||
#forward-addr: 2620:fe::12@853#dns12.quad9.net
|
||||
#forward-addr: 149.112.112.12@853#dns12.quad9.net
|
||||
|
|
Loading…
Reference in New Issue