Daniel Micay
|
19d0e86112
|
add sshd_config.tmp to gitignore
|
2021-11-30 13:02:57 -05:00 |
|
Daniel Micay
|
f1005cf339
|
user-based whitelist for ssh access
|
2021-11-27 20:33:48 -05:00 |
|
Daniel Micay
|
9f82fe54bd
|
use double brace for templates
|
2021-11-27 20:25:47 -05:00 |
|
Daniel Micay
|
693655f5bc
|
blacklist unused intel_agp driver
|
2021-11-27 18:45:10 -05:00 |
|
Daniel Micay
|
6bbe5bc95a
|
blacklist unused mouse/joystick drivers
|
2021-11-27 18:16:13 -05:00 |
|
Daniel Micay
|
47a765066c
|
blacklist unused virtio_balloon driver
|
2021-11-27 18:16:09 -05:00 |
|
Daniel Micay
|
73a78746f1
|
hard-wire ext4 as the only initramfs filesystem
|
2021-11-27 17:11:38 -05:00 |
|
Daniel Micay
|
00c21469df
|
add mkinitcpio.conf
|
2021-11-27 17:09:26 -05:00 |
|
Daniel Micay
|
7671f6b795
|
switch to a more consistent mirror
|
2021-11-26 18:08:17 -05:00 |
|
Daniel Micay
|
91c9fd275e
|
update system-login
|
2021-11-21 22:38:36 -05:00 |
|
Daniel Micay
|
932b117824
|
blacklist useless floppy module too
|
2021-11-17 14:34:19 -05:00 |
|
Daniel Micay
|
96c77bf78a
|
update mirrorlist
|
2021-11-14 09:43:30 -05:00 |
|
Daniel Micay
|
4a6474cb56
|
128k tcp_notsent_lowat to improve fairness/latency
|
2021-10-02 15:45:21 -04:00 |
|
Daniel Micay
|
35f539f237
|
only permit native system call architecture
|
2021-09-16 03:57:53 -04:00 |
|
Daniel Micay
|
87e8cdd144
|
blacklist useless pcspkr module
|
2021-09-15 00:33:38 -04:00 |
|
Daniel Micay
|
f5e61e0ca7
|
unbound: enable prefetch and prefetch-key
|
2021-09-14 23:58:14 -04:00 |
|
Daniel Micay
|
e4872fb5bb
|
enable IP and IO accounting by default
|
2021-09-09 08:44:11 -04:00 |
|
Daniel Micay
|
64b3a1031d
|
move units to systemd directory
|
2021-09-08 17:57:50 -04:00 |
|
Daniel Micay
|
fe9d4e0f5f
|
add systemd directory
|
2021-09-08 17:53:20 -04:00 |
|
Daniel Micay
|
e5fdf74ce6
|
disable deprecated pam user_readenv feature
|
2021-09-08 17:12:34 -04:00 |
|
Daniel Micay
|
e8c34cb913
|
enable networkd speed meter
|
2021-09-08 04:38:26 -04:00 |
|
Daniel Micay
|
964473b6c2
|
add IPv6 DNS resolvers
|
2021-09-08 04:08:36 -04:00 |
|
Daniel Micay
|
98ca37290a
|
grub configuration for legacy boot
|
2021-09-08 03:30:41 -04:00 |
|
Daniel Micay
|
5eead0ad5a
|
disable unprivileged userns for regular kernels
|
2021-09-07 22:50:57 -04:00 |
|
Daniel Micay
|
87db85274a
|
sshd: raise MaxStartups to 4096
|
2021-09-06 02:42:22 -04:00 |
|
Daniel Micay
|
c315170cd6
|
sshd: reduce MaxAuthTries to 2
|
2021-09-06 02:38:16 -04:00 |
|
Daniel Micay
|
f56f094c97
|
sshd: limit per-source max startups to 1
|
2021-09-06 02:38:08 -04:00 |
|
Daniel Micay
|
43681fa913
|
sshd: reduce LoginGraceTime to 15s
|
2021-09-06 02:38:06 -04:00 |
|
Daniel Micay
|
48f1d5627e
|
add nginx logrotate configuration
|
2021-08-27 03:55:18 -04:00 |
|
Daniel Micay
|
b022108cc9
|
add systemd-journald configuration
|
2021-08-26 23:51:01 -04:00 |
|
Daniel Micay
|
50b8b50707
|
remove redundant service options
|
2021-08-23 11:54:37 -04:00 |
|
Daniel Micay
|
613251176d
|
explicitly disable all standalone MACs (AEAD only)
|
2021-08-23 09:23:16 -04:00 |
|
Daniel Micay
|
566a7e2ccb
|
update to OpenSSH 8.7
|
2021-08-23 02:37:28 -04:00 |
|
Daniel Micay
|
2064eb3bbd
|
update mirrorlist
|
2021-08-22 11:54:01 -04:00 |
|
Daniel Micay
|
de1580294f
|
drop redundant pid_max configuration
|
2021-08-17 19:23:49 -04:00 |
|
Daniel Micay
|
69effda0bc
|
add CAKE configuration unit
|
2021-08-12 17:48:22 -04:00 |
|
Daniel Micay
|
03ebca7fda
|
update mirrorlist
|
2021-08-08 19:55:43 -04:00 |
|
Daniel Micay
|
d24d24926a
|
add subset of shared configuration files
|
2021-07-28 08:23:04 -04:00 |
|
Daniel Micay
|
7d70f11b0c
|
add README with link to GrapheneOS servers article
|
2021-07-19 23:03:53 -04:00 |
|
Daniel Micay
|
b4ea75a628
|
add GitHub funding metadata
|
2021-07-19 23:02:29 -04:00 |
|