1
0
mirror of https://github.com/tommytran732/Linux-Setup-Scripts synced 2024-11-21 17:11:33 -05:00

Compare commits

...

2 Commits

Author SHA1 Message Date
6fa3abe492
Work around Debian's very broken paclaging
Signed-off-by: Tommy <contact@tommytran.io>
2024-06-18 00:07:40 -07:00
37a66b8b12
Add -y to ufw enable
Signed-off-by: Tommy <contact@tommytran.io>
2024-06-17 23:39:25 -07:00
2 changed files with 9 additions and 3 deletions

View File

@ -226,7 +226,7 @@ sudo systemctl restart fwupd
# UFW Snap is strictly confined, unlike its .deb counterpart
sudo apt purge -y ufw
sudo snap install ufw
sudo ufw enable
sudo ufw enable -y
unpriv curl https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/NetworkManager/conf.d/00-macrandomize.conf | sudo tee /etc/NetworkManager/conf.d/00-macrandomize.conf
sudo chmod 644 /etc/NetworkManager/conf.d/00-macrandomize.conf

View File

@ -134,7 +134,11 @@ fi
# Setup unbound
sudo apt install -y unbound
sudo apt install -y unbound unbound-anchor
sudo mkdir -p /usr/share/dns
sudo chmod 755 /usr/share/dns
sudo unbound-anchor
sudo chmod 644 /usr/share/dns/root.key
echo 'server:
trust-anchor-signaling: yes
@ -171,6 +175,8 @@ forward-zone:
sudo chmod 644 /etc/unbound/unbound.conf.d/custom.conf
sudo sed -i 's#/var/lib/unbound#/usr/share/dns#g' /etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf
mkdir -p /etc/systemd/system/unbound.service.d
echo $'[Service]
CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_SYS_RESOURCE CAP_NET_RAW
@ -214,7 +220,7 @@ sudo systemctl disable systemd-resolved
# UFW Snap is strictly confined, unlike its .deb counterpart
sudo apt purge -y ufw
sudo snap install ufw
sudo ufw enable
sudo ufw enable -y
sudo ufw allow SSH
sudo reboot