Commit Graph

441 Commits

Author SHA1 Message Date
Daniel Micay
ed3824208d update mirrorlist 2021-12-12 18:57:48 -05:00
Daniel Micay
19d0e86112 add sshd_config.tmp to gitignore 2021-11-30 13:02:57 -05:00
Daniel Micay
f1005cf339 user-based whitelist for ssh access 2021-11-27 20:33:48 -05:00
Daniel Micay
9f82fe54bd use double brace for templates 2021-11-27 20:25:47 -05:00
Daniel Micay
693655f5bc blacklist unused intel_agp driver 2021-11-27 18:45:10 -05:00
Daniel Micay
6bbe5bc95a blacklist unused mouse/joystick drivers 2021-11-27 18:16:13 -05:00
Daniel Micay
47a765066c blacklist unused virtio_balloon driver 2021-11-27 18:16:09 -05:00
Daniel Micay
73a78746f1 hard-wire ext4 as the only initramfs filesystem 2021-11-27 17:11:38 -05:00
Daniel Micay
00c21469df add mkinitcpio.conf 2021-11-27 17:09:26 -05:00
Daniel Micay
7671f6b795 switch to a more consistent mirror 2021-11-26 18:08:17 -05:00
Daniel Micay
91c9fd275e update system-login 2021-11-21 22:38:36 -05:00
Daniel Micay
932b117824 blacklist useless floppy module too 2021-11-17 14:34:19 -05:00
Daniel Micay
96c77bf78a update mirrorlist 2021-11-14 09:43:30 -05:00
Daniel Micay
4a6474cb56 128k tcp_notsent_lowat to improve fairness/latency 2021-10-02 15:45:21 -04:00
Daniel Micay
35f539f237 only permit native system call architecture 2021-09-16 03:57:53 -04:00
Daniel Micay
87e8cdd144 blacklist useless pcspkr module 2021-09-15 00:33:38 -04:00
Daniel Micay
f5e61e0ca7 unbound: enable prefetch and prefetch-key 2021-09-14 23:58:14 -04:00
Daniel Micay
e4872fb5bb enable IP and IO accounting by default 2021-09-09 08:44:11 -04:00
Daniel Micay
64b3a1031d move units to systemd directory 2021-09-08 17:57:50 -04:00
Daniel Micay
fe9d4e0f5f add systemd directory 2021-09-08 17:53:20 -04:00
Daniel Micay
e5fdf74ce6 disable deprecated pam user_readenv feature 2021-09-08 17:12:34 -04:00
Daniel Micay
e8c34cb913 enable networkd speed meter 2021-09-08 04:38:26 -04:00
Daniel Micay
964473b6c2 add IPv6 DNS resolvers 2021-09-08 04:08:36 -04:00
Daniel Micay
98ca37290a grub configuration for legacy boot 2021-09-08 03:30:41 -04:00
Daniel Micay
5eead0ad5a disable unprivileged userns for regular kernels 2021-09-07 22:50:57 -04:00
Daniel Micay
87db85274a sshd: raise MaxStartups to 4096 2021-09-06 02:42:22 -04:00
Daniel Micay
c315170cd6 sshd: reduce MaxAuthTries to 2 2021-09-06 02:38:16 -04:00
Daniel Micay
f56f094c97 sshd: limit per-source max startups to 1 2021-09-06 02:38:08 -04:00
Daniel Micay
43681fa913 sshd: reduce LoginGraceTime to 15s 2021-09-06 02:38:06 -04:00
Daniel Micay
48f1d5627e add nginx logrotate configuration 2021-08-27 03:55:18 -04:00
Daniel Micay
b022108cc9 add systemd-journald configuration 2021-08-26 23:51:01 -04:00
Daniel Micay
50b8b50707 remove redundant service options 2021-08-23 11:54:37 -04:00
Daniel Micay
613251176d explicitly disable all standalone MACs (AEAD only) 2021-08-23 09:23:16 -04:00
Daniel Micay
566a7e2ccb update to OpenSSH 8.7 2021-08-23 02:37:28 -04:00
Daniel Micay
2064eb3bbd update mirrorlist 2021-08-22 11:54:01 -04:00
Daniel Micay
de1580294f drop redundant pid_max configuration 2021-08-17 19:23:49 -04:00
Daniel Micay
69effda0bc add CAKE configuration unit 2021-08-12 17:48:22 -04:00
Daniel Micay
03ebca7fda update mirrorlist 2021-08-08 19:55:43 -04:00
Daniel Micay
d24d24926a add subset of shared configuration files 2021-07-28 08:23:04 -04:00
Daniel Micay
7d70f11b0c add README with link to GrapheneOS servers article 2021-07-19 23:03:53 -04:00
Daniel Micay
b4ea75a628 add GitHub funding metadata 2021-07-19 23:02:29 -04:00