|
.github
|
add GitHub funding metadata
|
2021-07-19 23:02:29 -04:00 |
|
certbot
|
set proper mail.grapheneos.org certbot hook
|
2023-07-06 18:54:48 -04:00 |
|
guide
|
add Samsung OPAL information
|
2023-07-08 01:15:09 -04:00 |
|
modprobe.d
|
blacklist virtio_console module
|
2023-07-17 02:21:12 -04:00 |
|
modules-load.d
|
disable loose TCP connection tracking
|
2022-07-03 03:50:53 -04:00 |
|
packages
|
add pv package
|
2023-07-28 23:24:40 -04:00 |
|
pacman.d
|
add directory structure for mirrorlist
|
2023-07-11 11:38:53 -04:00 |
|
ssh
|
ssh: switch to AES256-GCM to use AES-NI
|
2023-07-22 16:39:37 -04:00 |
|
sysconfig
|
enable chronyd seccomp filter
|
2023-05-07 00:02:51 -04:00 |
|
sysctl.d
|
add /etc/sysctl.d/local-reserved-ports.conf
|
2023-06-06 21:55:11 -04:00 |
|
systemd
|
use CAKE no-split-gso for release servers
|
2023-08-06 23:18:53 -04:00 |
|
.gitignore
|
add ovh-mitigation.txt to gitignore
|
2023-07-11 11:59:04 -04:00 |
|
certbot-ocsp-fetcher
|
update certbot-ocsp-fetcher
|
2023-07-09 18:16:59 -04:00 |
|
chrony.conf
|
chrony: mark traffic as EF
|
2023-08-04 17:20:25 -04:00 |
|
connection-stats
|
clean up stats scripts
|
2023-07-16 01:25:27 -04:00 |
|
count
|
add count script
|
2023-07-08 01:25:30 -04:00 |
|
crypttab
|
enable discard support for swapfile dm-crypt
|
2023-07-18 16:41:35 -04:00 |
|
dns-stats
|
add dns-stats script
|
2023-07-16 02:18:17 -04:00 |
|
environment
|
disable less history by default for login sessions
|
2022-10-26 04:35:23 -04:00 |
|
fetch-info
|
unified info fetching script
|
2023-07-10 23:35:56 -04:00 |
|
fstab
|
only discard swapfile at mount time
|
2023-07-18 16:41:39 -04:00 |
|
grub
|
add init_on_free=1 for non-hardened kernels
|
2023-01-23 21:34:33 -05:00 |
|
hosts
|
add subset of shared configuration files
|
2021-07-28 08:23:04 -04:00 |
|
hosts.sh
|
add buyvm and ovh hosts arrays
|
2023-07-24 21:31:24 -04:00 |
|
LICENSE
|
add certbot-ocsp-fetcher copyright notice
|
2023-07-09 19:19:29 -04:00 |
|
locale.conf
|
switch to C.UTF-8 locale
|
2023-01-10 14:09:06 -05:00 |
|
locale.gen
|
add locale configuration
|
2022-02-15 01:03:56 -05:00 |
|
nftables-attestation.conf
|
reorder network allowlists for consistency
|
2022-08-10 11:13:31 -04:00 |
|
nftables-discuss.conf
|
reorder network allowlists for consistency
|
2022-08-10 11:13:31 -04:00 |
|
nftables-mail.conf
|
prepare to move MTA-STS web server to mail server
|
2023-06-21 13:12:04 -04:00 |
|
nftables-matrix.conf
|
fix matrix.grapheneos.org loopback nftables rules
|
2022-12-25 19:03:41 -05:00 |
|
nftables-network.conf
|
nftables: drop unnecessary semicolons
|
2023-06-10 22:14:54 -04:00 |
|
nftables-ns1.conf
|
split out anycast DNS nftables configuration
|
2023-06-19 03:28:59 -04:00 |
|
nftables-ns2.conf
|
split out anycast DNS nftables configuration
|
2023-06-19 03:28:59 -04:00 |
|
nftables-social.conf
|
switch to unix domain sockets for mastodon
|
2023-02-17 16:24:35 -05:00 |
|
nftables-web.conf
|
baseline web server config doesn't use DNS
|
2023-02-11 03:26:25 -05:00 |
|
nginx-create-session-ticket-keys
|
add session ticket key management scripts
|
2023-07-09 18:04:17 -04:00 |
|
nginx-rotate-session-ticket-keys
|
add session ticket key management scripts
|
2023-07-09 18:04:17 -04:00 |
|
nginx-stats
|
clean up stats scripts
|
2023-07-16 01:25:27 -04:00 |
|
ovh-mitigation
|
rename OVH mitigation script
|
2023-07-03 18:35:43 -04:00 |
|
ovh-mitigation.py
|
rename OVH mitigation script
|
2023-07-03 18:35:43 -04:00 |
|
pacman.conf
|
disable unused multilib repository
|
2023-07-18 16:58:34 -04:00 |
|
pacreport.conf
|
drop local-reserved-ports.conf for mastodon
|
2023-07-15 13:16:06 -04:00 |
|
README.md
|
Fix readme
|
2021-12-16 12:43:34 -05:00 |
|
requirements.in
|
add OVH mitigation control script
|
2023-02-22 16:22:47 -05:00 |
|
requirements.txt
|
update python dependencies
|
2023-07-26 03:41:24 -04:00 |
|
resolv.conf
|
add resolv.conf
|
2022-07-03 09:05:41 -04:00 |
|
setup
|
specify python3 in setup script
|
2023-07-06 22:12:26 -04:00 |
|
unbound.conf
|
Additional unbound hardening
|
2023-07-09 18:46:33 -04:00 |
