Git-Mirrors/graphene-os-server-infrastructure
1
0
Fork 0
mirror of https://github.com/GrapheneOS/infrastructure.git synced 2024-07-06 11:02:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
268 Commits 1 Branch 0 Tags 1.7 MiB
b88d0d5c96
Commit Graph

268 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniel Micay
b88d0d5c96 raise ssh background traffic priority to af11 
The default cs1 is resulting traffic being completely dropped for some
routes with congestion.
 2023-08-14 23:32:00 -04:00
Daniel Micay
ae2fc9244b support drop-in configurations for ssh configs 2023-08-11 11:36:08 -04:00
Daniel Micay
894f150a62 use CAKE no-split-gso for release servers 2023-08-06 23:18:53 -04:00
Daniel Micay
4160e5a6b7 chrony: mark traffic as EF 2023-08-04 17:20:25 -04:00
Daniel Micay
2f56bae4a5 use consistent naming for system drop-in configs 2023-08-04 14:45:15 -04:00
Daniel Micay
e56add4330 run fstrim daily instead of weekly 2023-08-04 14:38:41 -04:00
Daniel Micay
b67d037a5e add xfs_fsr service run before fstrim service 2023-08-03 16:35:53 -04:00
Daniel Micay
124897ccba update systemd/system.conf 2023-08-01 18:06:28 -04:00
Daniel Micay
7a95f6bfb4 update systemd/networkd.conf 2023-08-01 18:05:17 -04:00
Daniel Micay
2703b7a378 add pv package 2023-07-28 23:24:40 -04:00
Daniel Micay
53b46f6166 set correct subnet mask for BuyVM main IP 2023-07-28 00:12:05 -04:00
Daniel Micay
5e07ae005b use idle scheduling for fstrim.service 2023-07-26 13:21:24 -04:00
Daniel Micay
0e37437f0c update python dependencies 2023-07-26 03:41:24 -04:00
Daniel Micay
39c15372a2 add ioping package 2023-07-26 03:40:57 -04:00
Daniel Micay
e3b8692914 add buyvm and ovh hosts arrays 2023-07-24 21:31:24 -04:00
Daniel Micay
1173060c25 ssh: switch to AES256-GCM to use AES-NI 2023-07-22 16:39:37 -04:00
Daniel Micay
a164ca80c7 disable unused multilib repository 2023-07-18 16:58:34 -04:00
Daniel Micay
13d4dcb39e only discard swapfile at mount time 2023-07-18 16:41:39 -04:00
Daniel Micay
6a8529e1a3 enable discard support for swapfile dm-crypt 2023-07-18 16:41:35 -04:00
Daniel Micay
f7402790d1 blacklist virtio_console module 2023-07-17 02:21:12 -04:00
Daniel Micay
20590d561a blacklist snd_intel8x0 module 2023-07-17 01:50:56 -04:00
Daniel Micay
8f4431582c blacklist sr_mod module 2023-07-17 01:47:44 -04:00
Daniel Micay
f3d7d763de add dns-stats script 2023-07-16 02:18:17 -04:00
Daniel Micay
6b0eec9218 clean up stats scripts 2023-07-16 01:25:27 -04:00
Daniel Micay
15302563f2 drop local-reserved-ports.conf for mastodon 2023-07-15 13:16:06 -04:00
Daniel Micay
4717854ec8 add subuid/subgid backup files to pacreport.conf 2023-07-15 13:14:59 -04:00
Daniel Micay
3dbf62e943 add gdk-pixbuf2 loaders cache to pacreport.conf 2023-07-15 13:14:48 -04:00
Daniel Micay
a973881a30 add sysstat unit configuration to pacreport.conf 2023-07-15 13:00:48 -04:00
Daniel Micay
0452ce51a1 update python dependencies 2023-07-15 12:54:19 -04:00
Daniel Micay
6595a2b05f rename eth0 to public 
This resolves a warning from systemd-networkd about using one of the
names reserved by the kernel.
 2023-07-15 00:33:35 -04:00
Daniel Micay
b245498612 disable unused DHCP IPv4 address for mail server 2023-07-13 21:39:12 -04:00
Daniel Micay
6736cdc36f use highest accuracy for sysstat-collect.timer 2023-07-13 18:51:39 -04:00
Daniel Micay
6567335b31 run sysstat-collect.service every minute 2023-07-13 18:51:28 -04:00
Daniel Micay
4e6c0b0ae1 reorder hosts 2023-07-13 16:23:33 -04:00
Daniel Micay
2e05e09f94 add sysstat package 2023-07-13 14:39:38 -04:00
Daniel Micay
8a1cab9071 add SSH client configuration 2023-07-13 11:41:59 -04:00
Daniel Micay
55dba2e7db add ovh-mitigation.txt to gitignore 2023-07-11 11:59:04 -04:00
Daniel Micay
616232e1ab add directory structure for mirrorlist 2023-07-11 11:38:53 -04:00
Daniel Micay
a957abd347 unified info fetching script 2023-07-10 23:35:56 -04:00
Daniel Micay
d49deb3db6 add certbot-ocsp-fetcher copyright notice 2023-07-09 19:19:29 -04:00
Daniel Micay
34a7874ec3 add license 2023-07-09 19:19:16 -04:00
Tommy
f90943d9e9 Additional unbound hardening 2023-07-09 18:46:33 -04:00
Daniel Micay
5f339efb2d update certbot-ocsp-fetcher 2023-07-09 18:16:59 -04:00
Daniel Micay
462bdc8599 add session ticket key management scripts 2023-07-09 18:04:17 -04:00
Daniel Micay
eb9a4ef2d1 drop git package from discuss.grapheneos.org 2023-07-09 14:48:41 -04:00
Daniel Micay
d6b4b21f9b add count script 2023-07-08 01:25:30 -04:00
Daniel Micay
9d35c7629f add Samsung OPAL information 2023-07-08 01:15:09 -04:00
Daniel Micay
1abf27d74e blacklist tls kernel module 
This gets autoloaded unnecessarily. If we ever start using KTLS, we can
remove this on the servers where we want it.
 2023-07-08 01:11:11 -04:00
Daniel Micay
2bc3eb4857 add information fetch scripts 2023-07-08 01:10:56 -04:00
Daniel Micay
bb2b23bec3 add 3.grapheneos.network package list 2023-07-08 01:03:38 -04:00