Git-Mirrors/graphene-os-server-infrastructure
1
0
Fork 0
mirror of https://github.com/GrapheneOS/infrastructure.git synced 2025-08-23 13:35:04 -04:00
Code Issues Projects Releases Packages Wiki Activity
Shared server infrastructure - https://grapheneos.org/articles/grapheneos-servers
621 commits 1 branch 0 tags 2.5 MiB
Find a file
Daniel Micay 39b5148808 switch back to CUBIC from BBRv1 and keep ECN off 
BBRv1 significantly improves throughput in some cases but it also
significantly reduces it in others. We've run into too many network
conditions it handles quite poorly. There's also a bad interaction
between BBR and synproxy where it will cripple the initial throughput
for connections established via synproxy. This means a basic SYN flood
attack could cripple initial TCP throughput for most connections.

Android doesn't enable ECN for outbound connections yet and we don't
want to deviate from that so it mainly only gets activated for macOS
and iOS clients. Linux kernel approach to ECN hasn't been modernized and
there are fierce debates about how it should work. It can cause issues
and it seems best to avoid it until Android enables it.
2025-04-25 13:34:33 -04:00
.github add GitHub funding metadata 2021-07-19 23:02:29 -04:00
boot/loader add systemd-boot configuration 2025-04-11 13:44:37 -04:00
certbot add nominatim.grapheneos.org subdomain for network server 2024-11-20 02:40:40 -05:00
etc switch back to CUBIC from BBRv1 and keep ECN off 2025-04-25 13:34:33 -04:00
guide add nftables dscp counter config to guide 2023-08-19 00:46:21 -04:00
home/.config fish: add vi keybinding setup 2024-11-29 14:03:58 -05:00
packages use 4.releases.grapheneos.org as primary instance 2025-04-25 00:47:28 -04:00
.gitignore add authorized_keys configuration 2025-04-10 15:14:25 -04:00
certbot-ocsp-fetcher Update certbot-ocsp-fetcher to match upstream 2024-07-01 21:37:10 -04:00
connection-stats clean up stats scripts 2023-07-16 01:25:27 -04:00
count count: handle optimized factory image downloads 2025-01-02 23:39:25 -05:00
deploy-initial reorganize configurations into etc directory 2025-04-15 12:53:49 -04:00
disconnect add disconnect script 2024-09-25 17:44:13 -04:00
dns-stats dns-stats: show total TCP and UDP queries 2024-03-28 11:38:06 -04:00
fetch-info extend info fetching to sysctl values 2024-07-24 16:58:11 -04:00
for add batch command script 2024-11-17 10:38:51 -05:00
hosts.sh use 4.releases.grapheneos.org as primary instance 2025-04-25 00:47:28 -04:00
LICENSE update copyright notice 2025-02-05 04:40:50 -05:00
nginx-create-session-ticket-keys move umask to systemd unit configuration 2024-10-14 06:11:32 -04:00
nginx-rotate-session-ticket-keys move umask to systemd unit configuration 2024-10-14 06:11:32 -04:00
nginx-stats clean up stats scripts 2023-07-16 01:25:27 -04:00
ovh-mitigation rename OVH mitigation script 2023-07-03 18:35:43 -04:00
ovh-mitigation.py ovh-mitigation: add checking/toggling firewall 2024-07-05 00:40:20 -04:00
README.md Fix readme 2021-12-16 12:43:34 -05:00
reboot improve reboot script confirmation message 2024-12-12 15:27:57 -05:00
requirements.in add OVH mitigation control script 2023-02-22 16:22:47 -05:00
requirements.txt update python dependencies 2025-04-17 10:32:41 -04:00
setup specify python3 in setup script 2023-07-06 22:12:26 -04:00

README.md

Information about GrapheneOS servers is available in the GrapheneOS servers article on grapheneos.org.