mirror of
https://github.com/tommytran732/Linux-Setup-Scripts
synced 2024-11-21 17:11:33 -05:00
Compare commits
2 Commits
6c1de621c5
...
6fa3abe492
Author | SHA1 | Date | |
---|---|---|---|
6fa3abe492 | |||
37a66b8b12 |
@ -226,7 +226,7 @@ sudo systemctl restart fwupd
|
||||
# UFW Snap is strictly confined, unlike its .deb counterpart
|
||||
sudo apt purge -y ufw
|
||||
sudo snap install ufw
|
||||
sudo ufw enable
|
||||
sudo ufw enable -y
|
||||
|
||||
unpriv curl https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/NetworkManager/conf.d/00-macrandomize.conf | sudo tee /etc/NetworkManager/conf.d/00-macrandomize.conf
|
||||
sudo chmod 644 /etc/NetworkManager/conf.d/00-macrandomize.conf
|
||||
|
@ -134,7 +134,11 @@ fi
|
||||
|
||||
# Setup unbound
|
||||
|
||||
sudo apt install -y unbound
|
||||
sudo apt install -y unbound unbound-anchor
|
||||
sudo mkdir -p /usr/share/dns
|
||||
sudo chmod 755 /usr/share/dns
|
||||
sudo unbound-anchor
|
||||
sudo chmod 644 /usr/share/dns/root.key
|
||||
|
||||
echo 'server:
|
||||
trust-anchor-signaling: yes
|
||||
@ -171,6 +175,8 @@ forward-zone:
|
||||
|
||||
sudo chmod 644 /etc/unbound/unbound.conf.d/custom.conf
|
||||
|
||||
sudo sed -i 's#/var/lib/unbound#/usr/share/dns#g' /etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf
|
||||
|
||||
mkdir -p /etc/systemd/system/unbound.service.d
|
||||
echo $'[Service]
|
||||
CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_SYS_RESOURCE CAP_NET_RAW
|
||||
@ -214,7 +220,7 @@ sudo systemctl disable systemd-resolved
|
||||
# UFW Snap is strictly confined, unlike its .deb counterpart
|
||||
sudo apt purge -y ufw
|
||||
sudo snap install ufw
|
||||
sudo ufw enable
|
||||
sudo ufw enable -y
|
||||
sudo ufw allow SSH
|
||||
|
||||
sudo reboot
|
||||
|
Loading…
Reference in New Issue
Block a user