.github
add GitHub funding metadata
2021-07-19 23:02:29 -04:00
certbot
drop legacy connectivity check subdomain
2023-07-03 17:03:17 -04:00
guide
document DANE TLSA commands
2023-06-09 01:09:47 -04:00
modprobe.d
blacklist legacy ip_tables module
2022-08-31 05:19:40 -04:00
modules-load.d
disable loose TCP connection tracking
2022-07-03 03:50:53 -04:00
packages
add 3.grapheneos.org package list
2023-07-03 21:35:48 -04:00
ssh
move ssh configuration to subdirectory
2023-06-06 15:18:19 -04:00
sysconfig
enable chronyd seccomp filter
2023-05-07 00:02:51 -04:00
sysctl.d
add /etc/sysctl.d/local-reserved-ports.conf
2023-06-06 21:55:11 -04:00
systemd
allow nginx master process to use CAP_CHOWN
2023-07-06 05:30:35 -04:00
.gitignore
rename OVH mitigation script
2023-07-03 18:35:43 -04:00
certbot-ocsp-fetcher
add subset of shared configuration files
2021-07-28 08:23:04 -04:00
chrony.conf
use production time.nl hostname
2022-08-30 14:51:44 -04:00
crypttab
use optimized dm-crypt configuration for swap
2023-01-03 02:27:23 -05:00
environment
disable less history by default for login sessions
2022-10-26 04:35:23 -04:00
fstab
add encrypted swapfile configuration
2022-09-26 23:01:44 -04:00
grub
add init_on_free=1 for non-hardened kernels
2023-01-23 21:34:33 -05:00
hosts
add subset of shared configuration files
2021-07-28 08:23:04 -04:00
locale.conf
switch to C.UTF-8 locale
2023-01-10 14:09:06 -05:00
locale.gen
add locale configuration
2022-02-15 01:03:56 -05:00
mirrorlist
simplify mirrorlist
2022-09-15 23:13:28 -04:00
nftables-attestation.conf
reorder network allowlists for consistency
2022-08-10 11:13:31 -04:00
nftables-discuss.conf
reorder network allowlists for consistency
2022-08-10 11:13:31 -04:00
nftables-mail.conf
prepare to move MTA-STS web server to mail server
2023-06-21 13:12:04 -04:00
nftables-matrix.conf
fix matrix.grapheneos.org loopback nftables rules
2022-12-25 19:03:41 -05:00
nftables-network.conf
nftables: drop unnecessary semicolons
2023-06-10 22:14:54 -04:00
nftables-ns1.conf
split out anycast DNS nftables configuration
2023-06-19 03:28:59 -04:00
nftables-ns2.conf
split out anycast DNS nftables configuration
2023-06-19 03:28:59 -04:00
nftables-social.conf
switch to unix domain sockets for mastodon
2023-02-17 16:24:35 -05:00
nftables-web.conf
baseline web server config doesn't use DNS
2023-02-11 03:26:25 -05:00
ovh-mitigation
rename OVH mitigation script
2023-07-03 18:35:43 -04:00
ovh-mitigation.py
rename OVH mitigation script
2023-07-03 18:35:43 -04:00
pacman.conf
update pacman.conf to match standard one
2023-05-22 19:26:21 -04:00
pacreport.conf
exclude /etc/sysconfig in pacreport.conf
2023-06-06 17:05:58 -04:00
README.md
Fix readme
2021-12-16 12:43:34 -05:00
requirements.in
add OVH mitigation control script
2023-02-22 16:22:47 -05:00
requirements.txt
update python dependencies
2023-06-30 10:53:45 -04:00
resolv.conf
add resolv.conf
2022-07-03 09:05:41 -04:00
setup
add OVH mitigation control script
2023-02-22 16:22:47 -05:00
unbound.conf
switch to unix domain sockets for mastodon
2023-02-17 16:24:35 -05:00