Go to file
2023-07-26 03:41:24 -04:00
.github add GitHub funding metadata 2021-07-19 23:02:29 -04:00
certbot set proper mail.grapheneos.org certbot hook 2023-07-06 18:54:48 -04:00
guide add Samsung OPAL information 2023-07-08 01:15:09 -04:00
modprobe.d blacklist virtio_console module 2023-07-17 02:21:12 -04:00
modules-load.d disable loose TCP connection tracking 2022-07-03 03:50:53 -04:00
packages add ioping package 2023-07-26 03:40:57 -04:00
pacman.d add directory structure for mirrorlist 2023-07-11 11:38:53 -04:00
ssh ssh: switch to AES256-GCM to use AES-NI 2023-07-22 16:39:37 -04:00
sysconfig enable chronyd seccomp filter 2023-05-07 00:02:51 -04:00
sysctl.d add /etc/sysctl.d/local-reserved-ports.conf 2023-06-06 21:55:11 -04:00
systemd rename eth0 to public 2023-07-15 00:33:35 -04:00
.gitignore add ovh-mitigation.txt to gitignore 2023-07-11 11:59:04 -04:00
certbot-ocsp-fetcher update certbot-ocsp-fetcher 2023-07-09 18:16:59 -04:00
chrony.conf use production time.nl hostname 2022-08-30 14:51:44 -04:00
connection-stats clean up stats scripts 2023-07-16 01:25:27 -04:00
count add count script 2023-07-08 01:25:30 -04:00
crypttab enable discard support for swapfile dm-crypt 2023-07-18 16:41:35 -04:00
dns-stats add dns-stats script 2023-07-16 02:18:17 -04:00
environment disable less history by default for login sessions 2022-10-26 04:35:23 -04:00
fetch-info unified info fetching script 2023-07-10 23:35:56 -04:00
fstab only discard swapfile at mount time 2023-07-18 16:41:39 -04:00
grub add init_on_free=1 for non-hardened kernels 2023-01-23 21:34:33 -05:00
hosts add subset of shared configuration files 2021-07-28 08:23:04 -04:00
hosts.sh add buyvm and ovh hosts arrays 2023-07-24 21:31:24 -04:00
LICENSE add certbot-ocsp-fetcher copyright notice 2023-07-09 19:19:29 -04:00
locale.conf switch to C.UTF-8 locale 2023-01-10 14:09:06 -05:00
locale.gen add locale configuration 2022-02-15 01:03:56 -05:00
nftables-attestation.conf reorder network allowlists for consistency 2022-08-10 11:13:31 -04:00
nftables-discuss.conf reorder network allowlists for consistency 2022-08-10 11:13:31 -04:00
nftables-mail.conf prepare to move MTA-STS web server to mail server 2023-06-21 13:12:04 -04:00
nftables-matrix.conf fix matrix.grapheneos.org loopback nftables rules 2022-12-25 19:03:41 -05:00
nftables-network.conf nftables: drop unnecessary semicolons 2023-06-10 22:14:54 -04:00
nftables-ns1.conf split out anycast DNS nftables configuration 2023-06-19 03:28:59 -04:00
nftables-ns2.conf split out anycast DNS nftables configuration 2023-06-19 03:28:59 -04:00
nftables-social.conf switch to unix domain sockets for mastodon 2023-02-17 16:24:35 -05:00
nftables-web.conf baseline web server config doesn't use DNS 2023-02-11 03:26:25 -05:00
nginx-create-session-ticket-keys add session ticket key management scripts 2023-07-09 18:04:17 -04:00
nginx-rotate-session-ticket-keys add session ticket key management scripts 2023-07-09 18:04:17 -04:00
nginx-stats clean up stats scripts 2023-07-16 01:25:27 -04:00
ovh-mitigation rename OVH mitigation script 2023-07-03 18:35:43 -04:00
ovh-mitigation.py rename OVH mitigation script 2023-07-03 18:35:43 -04:00
pacman.conf disable unused multilib repository 2023-07-18 16:58:34 -04:00
pacreport.conf drop local-reserved-ports.conf for mastodon 2023-07-15 13:16:06 -04:00
README.md Fix readme 2021-12-16 12:43:34 -05:00
requirements.in add OVH mitigation control script 2023-02-22 16:22:47 -05:00
requirements.txt update python dependencies 2023-07-26 03:41:24 -04:00
resolv.conf add resolv.conf 2022-07-03 09:05:41 -04:00
setup specify python3 in setup script 2023-07-06 22:12:26 -04:00
unbound.conf Additional unbound hardening 2023-07-09 18:46:33 -04:00

Information about GrapheneOS servers is available in the GrapheneOS servers article on grapheneos.org.