Go to file
Daniel Micay f9bce64060 enable TCP window shrinking
The default is a potential denial of service issue via TCP memory
exhaustion.
2024-04-13 13:52:08 -04:00
.github add GitHub funding metadata 2021-07-19 23:02:29 -04:00
certbot certbot: add ns2 variant of staging authoritative DNS 2024-04-08 17:06:43 -04:00
guide add nftables dscp counter config to guide 2023-08-19 00:46:21 -04:00
logrotate.d replace certbot log rotation with logrotate 2024-02-13 12:38:14 -05:00
mkinitcpio.d disable mkinitcpio fallback image 2024-03-04 13:13:58 -05:00
modprobe.d blacklist virtio_console module 2023-07-17 02:21:12 -04:00
modules-load.d disable loose TCP connection tracking 2022-07-03 03:50:53 -04:00
nftables move nftables configuration to a directory 2024-04-12 21:33:35 -04:00
packages add python-pydantic package for matrix.grapheneos.org 2024-04-11 22:45:55 -04:00
pacman.d add directory structure for mirrorlist 2023-07-11 11:38:53 -04:00
ssh move IP-based SSH connection limits to nftables 2024-03-28 11:38:03 -04:00
sysconfig enable chronyd seccomp filter 2023-05-07 00:02:51 -04:00
sysctl.d enable TCP window shrinking 2024-04-13 13:52:08 -04:00
systemd set preferred source for static IPv6 configuration 2024-03-26 21:50:12 -04:00
.gitignore add authorized_keys to gitignore 2024-02-03 17:48:56 -05:00
certbot-ocsp-fetcher update certbot-ocsp-fetcher 2024-01-25 01:23:49 -05:00
chrony.conf chrony: raise minsources to 3 2024-03-31 14:03:16 -04:00
connection-stats clean up stats scripts 2023-07-16 01:25:27 -04:00
count count: drop 3rd gen Pixels 2024-02-24 19:19:59 -05:00
crypttab enable discard support for swapfile dm-crypt 2023-07-18 16:41:35 -04:00
deploy-initial lsof replaced with lsfd 2024-03-06 16:53:42 -05:00
deploy.sh explicit set XFS allocation group count 2024-02-24 10:28:10 -05:00
dns-stats dns-stats: show total TCP and UDP queries 2024-03-28 11:38:06 -04:00
environment disable less history by default for login sessions 2022-10-26 04:35:23 -04:00
fetch-info filter irrelevant module output 2024-01-03 10:18:15 -05:00
fstab only discard swapfile at mount time 2023-07-18 16:41:39 -04:00
grub disable sending console output to unused ttyS0 2024-02-01 16:39:33 -05:00
hosts add subset of shared configuration files 2021-07-28 08:23:04 -04:00
hosts.sh split grapheneos.org hosts array 2024-03-18 21:10:47 -04:00
inputrc add basic inputrc 2024-03-14 15:48:53 -04:00
LICENSE update copyright notice 2024-01-25 01:57:18 -05:00
locale.conf switch to C.UTF-8 locale 2023-01-10 14:09:06 -05:00
logrotate.conf use standard log rotation approach for wtmp/btmp 2024-03-20 23:43:48 -04:00
nginx-create-session-ticket-keys clean up session ticket rotation scripts 2024-03-20 22:55:40 -04:00
nginx-rotate-session-ticket-keys clean up session ticket rotation scripts 2024-03-20 22:55:40 -04:00
nginx-stats clean up stats scripts 2023-07-16 01:25:27 -04:00
ovh-mitigation rename OVH mitigation script 2023-07-03 18:35:43 -04:00
ovh-mitigation.py rename OVH mitigation script 2023-07-03 18:35:43 -04:00
pacman.conf disable unused multilib repository 2023-07-18 16:58:34 -04:00
pacreport.conf add updatedb drop-in unit to pacreport exclusions 2024-02-01 18:01:06 -05:00
README.md Fix readme 2021-12-16 12:43:34 -05:00
requirements.in add OVH mitigation control script 2023-02-22 16:22:47 -05:00
requirements.txt update python dependencies 2024-04-12 21:33:35 -04:00
resolv.conf add resolv.conf 2022-07-03 09:05:41 -04:00
setup specify python3 in setup script 2023-07-06 22:12:26 -04:00
unbound.conf unbound: block dns rebinding 2023-10-04 10:26:16 -04:00

Information about GrapheneOS servers is available in the GrapheneOS servers article on grapheneos.org.