Git-Mirrors
/
graphene-os-server-infrastructure
mirror of https://github.com/GrapheneOS/infrastructure.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
436 Commits 1 Branch 0 Tags 1.5 MiB
Commit Graph

436 Commits

Author SHA1 Message Date
Daniel Micay a10afab253 update Python dependencies 2023-10-24 14:16:54 -04:00
Orazio 9aba6192e7 unbound: block dns rebinding 
Blocking RFC 1918 addresses too is unlikely to be useful on your setup, but may be in case you add something like a VPC in the future.
 2023-10-04 10:26:16 -04:00
Daniel Micay cb0007f816 update python dependencies 2023-10-03 11:39:02 -04:00
Daniel Micay a4af9e2faf add ephemeral-trees directory to pacreport 2023-10-01 09:04:41 -04:00
Daniel Micay c29206dff6 update python dependencies 2023-10-01 08:41:06 -04:00
Daniel Micay ffff417df9 mastodon package now declares proper dependencies 2023-09-24 22:21:09 -04:00
Daniel Micay 1f7ea042fe expand host variable declarations 2023-09-18 03:29:23 -04:00
Daniel Micay 15f1cbcd02 nginx: drop ExecStart override 2023-09-18 02:41:59 -04:00
Daniel Micay 90411f367c update OCSP cache path for certbot-renew.service 2023-09-02 15:07:28 -04:00
Daniel Micay 067b42213f update ocsp cache path for certbot deploy hook 2023-08-21 03:20:50 -04:00
Daniel Micay adec4b9bda certbot: drop absolute path for deploy hook 2023-08-21 03:19:47 -04:00
Daniel Micay a92156528a add nftables dscp counter config to guide 2023-08-19 00:46:21 -04:00
Daniel Micay 104c1857d9 add vconsole.conf to pacreport.conf 2023-08-19 00:37:54 -04:00
Daniel Micay 14da5949f2 add fstrim/xfs_fsr configuration to pacreport.conf 2023-08-19 00:37:00 -04:00
Daniel Micay 5a86b91909 update pip-compile command 2023-08-19 00:27:56 -04:00
Daniel Micay 9419af1bd6 use af21 for unbound DoT traffic 2023-08-19 00:20:21 -04:00
Daniel Micay e1af23a478 add attestation service config for email 2023-08-18 23:57:44 -04:00
Daniel Micay 343d1fdb2f add mtr package 2023-08-16 22:55:53 -04:00
Daniel Micay b88d0d5c96 raise ssh background traffic priority to af11 
The default cs1 is resulting traffic being completely dropped for some
routes with congestion.
 2023-08-14 23:32:00 -04:00
Daniel Micay ae2fc9244b support drop-in configurations for ssh configs 2023-08-11 11:36:08 -04:00
Daniel Micay 894f150a62 use CAKE no-split-gso for release servers 2023-08-06 23:18:53 -04:00
Daniel Micay 4160e5a6b7 chrony: mark traffic as EF 2023-08-04 17:20:25 -04:00
Daniel Micay 2f56bae4a5 use consistent naming for system drop-in configs 2023-08-04 14:45:15 -04:00
Daniel Micay e56add4330 run fstrim daily instead of weekly 2023-08-04 14:38:41 -04:00
Daniel Micay b67d037a5e add xfs_fsr service run before fstrim service 2023-08-03 16:35:53 -04:00
Daniel Micay 124897ccba update systemd/system.conf 2023-08-01 18:06:28 -04:00
Daniel Micay 7a95f6bfb4 update systemd/networkd.conf 2023-08-01 18:05:17 -04:00
Daniel Micay 2703b7a378 add pv package 2023-07-28 23:24:40 -04:00
Daniel Micay 53b46f6166 set correct subnet mask for BuyVM main IP 2023-07-28 00:12:05 -04:00
Daniel Micay 5e07ae005b use idle scheduling for fstrim.service 2023-07-26 13:21:24 -04:00
Daniel Micay 0e37437f0c update python dependencies 2023-07-26 03:41:24 -04:00
Daniel Micay 39c15372a2 add ioping package 2023-07-26 03:40:57 -04:00
Daniel Micay e3b8692914 add buyvm and ovh hosts arrays 2023-07-24 21:31:24 -04:00
Daniel Micay 1173060c25 ssh: switch to AES256-GCM to use AES-NI 2023-07-22 16:39:37 -04:00
Daniel Micay a164ca80c7 disable unused multilib repository 2023-07-18 16:58:34 -04:00
Daniel Micay 13d4dcb39e only discard swapfile at mount time 2023-07-18 16:41:39 -04:00
Daniel Micay 6a8529e1a3 enable discard support for swapfile dm-crypt 2023-07-18 16:41:35 -04:00
Daniel Micay f7402790d1 blacklist virtio_console module 2023-07-17 02:21:12 -04:00
Daniel Micay 20590d561a blacklist snd_intel8x0 module 2023-07-17 01:50:56 -04:00
Daniel Micay 8f4431582c blacklist sr_mod module 2023-07-17 01:47:44 -04:00
Daniel Micay f3d7d763de add dns-stats script 2023-07-16 02:18:17 -04:00
Daniel Micay 6b0eec9218 clean up stats scripts 2023-07-16 01:25:27 -04:00
Daniel Micay 15302563f2 drop local-reserved-ports.conf for mastodon 2023-07-15 13:16:06 -04:00
Daniel Micay 4717854ec8 add subuid/subgid backup files to pacreport.conf 2023-07-15 13:14:59 -04:00
Daniel Micay 3dbf62e943 add gdk-pixbuf2 loaders cache to pacreport.conf 2023-07-15 13:14:48 -04:00
Daniel Micay a973881a30 add sysstat unit configuration to pacreport.conf 2023-07-15 13:00:48 -04:00
Daniel Micay 0452ce51a1 update python dependencies 2023-07-15 12:54:19 -04:00
Daniel Micay 6595a2b05f rename eth0 to public 
This resolves a warning from systemd-networkd about using one of the
names reserved by the kernel.
 2023-07-15 00:33:35 -04:00
Daniel Micay b245498612 disable unused DHCP IPv4 address for mail server 2023-07-13 21:39:12 -04:00
Daniel Micay 6736cdc36f use highest accuracy for sysstat-collect.timer 2023-07-13 18:51:39 -04:00