Daniel Micay
|
01f9274fc4
|
nftables: implement output filtering for loopback
|
2022-06-30 06:41:52 -04:00 |
|
Daniel Micay
|
fea9197ace
|
disable unused chrony command port
|
2022-06-30 03:08:28 -04:00 |
|
Daniel Micay
|
e0ab41c4f4
|
nftables: friendlier output traffic filtering
|
2022-06-29 21:27:01 -04:00 |
|
Daniel Micay
|
3ca0c347c6
|
add baseline nftables configurations
|
2022-06-29 10:53:07 -04:00 |
|
Daniel Micay
|
52d67a3085
|
add chrony configuration
|
2022-06-29 10:51:41 -04:00 |
|
Daniel Micay
|
f6435cae74
|
reduce tcp retransmission attempts
|
2022-06-29 03:58:53 -04:00 |
|
Daniel Micay
|
905ff4d433
|
update mirrorlist
|
2022-06-06 12:18:19 -04:00 |
|
Daniel Micay
|
e73dab2375
|
update systemd/system.conf
|
2022-05-22 15:57:02 -04:00 |
|
Daniel Micay
|
8c81a44d6d
|
update mirrorlist and switch to NA pkgbuild.com
|
2022-05-02 00:56:41 -04:00 |
|
Daniel Micay
|
4a732879f3
|
update grub configuration
|
2022-03-16 22:56:06 -04:00 |
|
Daniel Micay
|
962270c183
|
update system.conf
|
2022-03-14 15:08:14 -04:00 |
|
Daniel Micay
|
adb1ab92b3
|
update mirrorlist
|
2022-03-12 12:06:17 -05:00 |
|
Daniel Micay
|
72937c922f
|
add new file limit configuration for sshd
|
2022-02-25 19:31:35 -05:00 |
|
Daniel Micay
|
8ad991e8c5
|
add locale configuration
|
2022-02-15 01:03:56 -05:00 |
|
Void
|
151a761d2b
|
Fix readme
|
2021-12-16 12:43:34 -05:00 |
|
Daniel Micay
|
ed3824208d
|
update mirrorlist
|
2021-12-12 18:57:48 -05:00 |
|
Daniel Micay
|
19d0e86112
|
add sshd_config.tmp to gitignore
|
2021-11-30 13:02:57 -05:00 |
|
Daniel Micay
|
f1005cf339
|
user-based whitelist for ssh access
|
2021-11-27 20:33:48 -05:00 |
|
Daniel Micay
|
9f82fe54bd
|
use double brace for templates
|
2021-11-27 20:25:47 -05:00 |
|
Daniel Micay
|
693655f5bc
|
blacklist unused intel_agp driver
|
2021-11-27 18:45:10 -05:00 |
|
Daniel Micay
|
6bbe5bc95a
|
blacklist unused mouse/joystick drivers
|
2021-11-27 18:16:13 -05:00 |
|
Daniel Micay
|
47a765066c
|
blacklist unused virtio_balloon driver
|
2021-11-27 18:16:09 -05:00 |
|
Daniel Micay
|
73a78746f1
|
hard-wire ext4 as the only initramfs filesystem
|
2021-11-27 17:11:38 -05:00 |
|
Daniel Micay
|
00c21469df
|
add mkinitcpio.conf
|
2021-11-27 17:09:26 -05:00 |
|
Daniel Micay
|
7671f6b795
|
switch to a more consistent mirror
|
2021-11-26 18:08:17 -05:00 |
|
Daniel Micay
|
91c9fd275e
|
update system-login
|
2021-11-21 22:38:36 -05:00 |
|
Daniel Micay
|
932b117824
|
blacklist useless floppy module too
|
2021-11-17 14:34:19 -05:00 |
|
Daniel Micay
|
96c77bf78a
|
update mirrorlist
|
2021-11-14 09:43:30 -05:00 |
|
Daniel Micay
|
4a6474cb56
|
128k tcp_notsent_lowat to improve fairness/latency
|
2021-10-02 15:45:21 -04:00 |
|
Daniel Micay
|
35f539f237
|
only permit native system call architecture
|
2021-09-16 03:57:53 -04:00 |
|
Daniel Micay
|
87e8cdd144
|
blacklist useless pcspkr module
|
2021-09-15 00:33:38 -04:00 |
|
Daniel Micay
|
f5e61e0ca7
|
unbound: enable prefetch and prefetch-key
|
2021-09-14 23:58:14 -04:00 |
|
Daniel Micay
|
e4872fb5bb
|
enable IP and IO accounting by default
|
2021-09-09 08:44:11 -04:00 |
|
Daniel Micay
|
64b3a1031d
|
move units to systemd directory
|
2021-09-08 17:57:50 -04:00 |
|
Daniel Micay
|
fe9d4e0f5f
|
add systemd directory
|
2021-09-08 17:53:20 -04:00 |
|
Daniel Micay
|
e5fdf74ce6
|
disable deprecated pam user_readenv feature
|
2021-09-08 17:12:34 -04:00 |
|
Daniel Micay
|
e8c34cb913
|
enable networkd speed meter
|
2021-09-08 04:38:26 -04:00 |
|
Daniel Micay
|
964473b6c2
|
add IPv6 DNS resolvers
|
2021-09-08 04:08:36 -04:00 |
|
Daniel Micay
|
98ca37290a
|
grub configuration for legacy boot
|
2021-09-08 03:30:41 -04:00 |
|
Daniel Micay
|
5eead0ad5a
|
disable unprivileged userns for regular kernels
|
2021-09-07 22:50:57 -04:00 |
|
Daniel Micay
|
87db85274a
|
sshd: raise MaxStartups to 4096
|
2021-09-06 02:42:22 -04:00 |
|
Daniel Micay
|
c315170cd6
|
sshd: reduce MaxAuthTries to 2
|
2021-09-06 02:38:16 -04:00 |
|
Daniel Micay
|
f56f094c97
|
sshd: limit per-source max startups to 1
|
2021-09-06 02:38:08 -04:00 |
|
Daniel Micay
|
43681fa913
|
sshd: reduce LoginGraceTime to 15s
|
2021-09-06 02:38:06 -04:00 |
|
Daniel Micay
|
48f1d5627e
|
add nginx logrotate configuration
|
2021-08-27 03:55:18 -04:00 |
|
Daniel Micay
|
b022108cc9
|
add systemd-journald configuration
|
2021-08-26 23:51:01 -04:00 |
|
Daniel Micay
|
50b8b50707
|
remove redundant service options
|
2021-08-23 11:54:37 -04:00 |
|
Daniel Micay
|
613251176d
|
explicitly disable all standalone MACs (AEAD only)
|
2021-08-23 09:23:16 -04:00 |
|
Daniel Micay
|
566a7e2ccb
|
update to OpenSSH 8.7
|
2021-08-23 02:37:28 -04:00 |
|
Daniel Micay
|
2064eb3bbd
|
update mirrorlist
|
2021-08-22 11:54:01 -04:00 |
|