2.4 KiB
title | date |
---|---|
Projects | 2022-09-02 |
PrivSec.dev
PrivSec.dev is a website made by me and a couple of friends. The goal is to provide practical privacy and security advice for the end user. You can think of it as a shared blog focusing on this topic.
We focus on in-depth system configuration, security analysis, and software/hardware recommendations. Our site is based on technical merits, not ideologies and politics.
ArcticFoxes.net
ArcticFoxes.net is a group of self hosted and federated services run by me. It consists of:
- A Matrix server using my hardened docker image. I also have a web client and TURN server as accessories for the Matrix server.
- A OpenVPN to ONC converter. This is a simpel fork of thomkeh/ovpn2onc with a dark theme.
Most of the configurations and deployment files are available on GitHub.
Linux Setup Scripts
These are setup scripts I run on my Linux systems, and serve as the basis for my other setups. You can adapt them to deploy yours.
Features include, but are not limited to:
- Removal of unnecessary packages
- Hardened boot parameters
- Hardened sysctl settings
- Kernel module blacklist from Whonix's security-misc
- Mac Address randomization for desktop installations
- SSH client and server hardening
- Installation of Hardened Malloc on Red Hat systems
- Installation and configuration of Microsoft Edge policies for desktop installations
- NTS setup
- Firewall setup
Fedora CoreOS Ignition Files
These are sample Butane/Ingition configuration files that you can adapt to quickly deploy a Fedora CoreOS server with the containers of your choice. They share the same hardening as the Linux Setup Scripts.
On Fedora CoreOS, I have also included systemd services to:
- Install and update gVisor at boot
- Update containers in a Docker Compose stack once a week.