|
.github
|
add GitHub funding metadata
|
2021-07-19 23:02:29 +07:00 |
|
certbot
|
add certbot commands
|
2023-05-22 18:44:50 +07:00 |
|
modprobe.d
|
blacklist legacy ip_tables module
|
2022-08-31 05:19:40 +07:00 |
|
modules-load.d
|
disable loose TCP connection tracking
|
2022-07-03 03:50:53 +07:00 |
|
packages
|
mark php explicitly installed for forum
|
2023-04-10 02:22:20 +07:00 |
|
sysconfig
|
enable chronyd seccomp filter
|
2023-05-07 00:02:51 +07:00 |
|
sysctl.d
|
reboot immediately on kernel panic
|
2023-01-09 14:18:30 +07:00 |
|
systemd
|
update systemd/system.conf
|
2023-03-30 03:17:00 +07:00 |
|
.gitignore
|
more precise gitignore rules
|
2023-04-16 16:09:20 +07:00 |
|
README.md
|
Fix readme
|
2021-12-16 12:43:34 +07:00 |
|
certbot-ocsp-fetcher
|
add subset of shared configuration files
|
2021-07-28 08:23:04 +07:00 |
|
chrony.conf
|
use production time.nl hostname
|
2022-08-30 14:51:44 +07:00 |
|
crypttab
|
use optimized dm-crypt configuration for swap
|
2023-01-03 02:27:23 +07:00 |
|
environment
|
disable less history by default for login sessions
|
2022-10-26 04:35:23 +07:00 |
|
fstab
|
add encrypted swapfile configuration
|
2022-09-26 23:01:44 +07:00 |
|
grub
|
add init_on_free=1 for non-hardened kernels
|
2023-01-23 21:34:33 +07:00 |
|
hosts
|
add subset of shared configuration files
|
2021-07-28 08:23:04 +07:00 |
|
locale.conf
|
switch to C.UTF-8 locale
|
2023-01-10 14:09:06 +07:00 |
|
locale.gen
|
add locale configuration
|
2022-02-15 01:03:56 +07:00 |
|
mirrorlist
|
simplify mirrorlist
|
2022-09-15 23:13:28 +07:00 |
|
mitigation
|
add OVH mitigation control script
|
2023-02-22 16:22:47 +07:00 |
|
mitigation.py
|
add OVH mitigation control script
|
2023-02-22 16:22:47 +07:00 |
|
nftables-attestation.conf
|
reorder network allowlists for consistency
|
2022-08-10 11:13:31 +07:00 |
|
nftables-discuss.conf
|
reorder network allowlists for consistency
|
2022-08-10 11:13:31 +07:00 |
|
nftables-dns.conf
|
allow PowerDNS webserver on loopback for root
|
2023-02-14 01:19:19 +07:00 |
|
nftables-mail.conf
|
reorder network allowlists for consistency
|
2022-08-10 11:13:31 +07:00 |
|
nftables-matrix.conf
|
fix matrix.grapheneos.org loopback nftables rules
|
2022-12-25 19:03:41 +07:00 |
|
nftables-network.conf
|
allow NTP requests to network servers
|
2023-05-05 10:44:43 +07:00 |
|
nftables-social.conf
|
switch to unix domain sockets for mastodon
|
2023-02-17 16:24:35 +07:00 |
|
nftables-web.conf
|
baseline web server config doesn't use DNS
|
2023-02-11 03:26:25 +07:00 |
|
pacman.conf
|
update pacman.conf to match standard one
|
2023-05-22 19:26:21 +07:00 |
|
pacreport.conf
|
add credstore to pacreport configuration
|
2023-04-05 22:44:35 +07:00 |
|
requirements.in
|
add OVH mitigation control script
|
2023-02-22 16:22:47 +07:00 |
|
requirements.txt
|
regenerate requirements.txt
|
2023-05-31 19:04:12 +07:00 |
|
resolv.conf
|
add resolv.conf
|
2022-07-03 09:05:41 +07:00 |
|
setup
|
add OVH mitigation control script
|
2023-02-22 16:22:47 +07:00 |
|
sshd_config
|
sshd: switch to SSH protocol keep alive
|
2023-02-10 11:20:54 +07:00 |
|
unbound.conf
|
switch to unix domain sockets for mastodon
|
2023-02-17 16:24:35 +07:00 |
4e12323e27