Matrix-Mirrors/matrix.grapheneos.org
1
0
Fork 0
mirror of https://github.com/GrapheneOS/matrix.grapheneos.org.git synced 2024-10-01 04:45:34 -04:00
Code Issues Packages Projects Releases Wiki Activity
139 Commits 1 Branch 0 Tags 383 KiB
3ff77f472d
Commit Graph

139 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniel Micay
3ff77f472d add remote backup files to deploy script 2023-02-10 07:46:01 -05:00
Daniel Micay
66b973a3b6 allow resources system calls for remote backup 2023-02-10 07:46:01 -05:00
Daniel Micay
38f344595f reduce client body / header timeouts to 15s 2023-02-09 18:42:51 -05:00
Daniel Micay
270cd2ba3f avoid unnecessary redirects for ACME challenge 2023-02-09 09:53:16 -05:00
Daniel Micay
b85be6c2bb use default HTTP/2 input buffer size 2023-02-09 05:14:25 -05:00
Daniel Micay
ff4984b21c simplify nginx status path 2023-01-31 21:51:25 -05:00
Daniel Micay
17c7ba5fd6 upgrade python dependencies 2023-01-31 02:01:28 -05:00
Daniel Micay
4b4c155337 update postgresql.conf for postgresql 15.1 2023-01-29 21:29:48 -05:00
Daniel Micay
cd5d78c485 rebase onto current nginx mime.types 2023-01-17 14:00:48 -05:00
Daniel Micay
fc8c4a6a57 add build environment setup script 2023-01-17 00:09:44 -05:00
Daniel Micay
5417e37062 require hashes and binary wheels for pip 2023-01-10 13:53:33 -05:00
Daniel Micay
7d9379972f freeze hashes of python dependencies 2023-01-10 13:02:53 -05:00
Daniel Micay
0e574a4ee9 add postgresql.conf 2022-12-04 04:35:35 -05:00
Daniel Micay
5fe0978ef2 brotli keeps source files by default 2022-11-01 00:20:47 -04:00
Daniel Micay
d5ed786d2a add minimal Permissions Policy as a starting point 2022-10-17 22:27:09 -04:00
Daniel Micay
4f1aa5bceb increase resolver timeout 2022-10-12 16:30:25 -04:00
Daniel Micay
a1997d89c4 rename conn limit memory zone 2022-10-01 12:56:03 -04:00
Daniel Micay
9fbcc9587d update Element web app configuration 2022-09-28 12:00:55 -04:00
Daniel Micay
06cd80873f use custom format for access log again 2022-09-27 10:27:36 -04:00
Daniel Micay
0e16b5798b reduce HTTP/2 chunk size to match TLS record size 2022-09-26 13:14:40 -04:00
Daniel Micay
9ed069073c use syslog (journald) for nginx access log 2022-09-25 14:18:13 -04:00
Daniel Micay
7b8a505d17 reduce keepalive requests 2022-09-24 11:53:02 -04:00
Daniel Micay
9cdf30c08c reduce connection limit to 128 2022-09-24 11:27:15 -04:00
Daniel Micay
0bcd3cdca3 reduce HTTP/2 concurrent streams to 16 2022-09-24 11:22:11 -04:00
Daniel Micay
46ca28258f reduce max client header buffer size 2022-09-24 11:11:01 -04:00
Daniel Micay
913cde9ff2 send X-Robots-Tag on errors too 2022-08-18 18:11:08 -04:00
Daniel Micay
e7885e1b87 fix backup timestamps 2022-08-11 18:17:24 -04:00
Daniel Micay
a5c257d8a5 remove legacy Expect-CT header 2022-08-11 17:29:34 -04:00
Daniel Micay
ff010aa945 add initial hardening to remote backup service 2022-08-11 17:29:31 -04:00
Daniel Micay
db209e53b4 move systemd units to subdirectory 2022-08-11 17:29:24 -04:00
Daniel Micay
36d1b69e6b move systemd units to subdirectory 2022-08-11 13:05:24 -04:00
Daniel Micay
5a4b71ed29 extend matterbridge service hardening 2022-08-09 07:42:11 -04:00
Daniel Micay
28c063bdc2 add RemoveIPC=true since systemd lints for it 
This isn't useful due to PrivateIPC=true but there's no harm in
including it to satisfy the security linter.
 2022-08-09 05:01:28 -04:00
Daniel Micay
84cfdcfe4d strip path prefix from backup tarballs 2022-08-07 08:10:45 -04:00
Daniel Micay
be7a6c9187 use modern option style for tar 2022-08-07 08:09:46 -04:00
Daniel Micay
fa61606984 add Origin-Agent-Cluster header 2022-07-30 20:13:28 -04:00
Daniel Micay
53f0d30d1b add cloud-archive-password.txt to gitignore 2022-07-22 17:05:18 -04:00
Daniel Micay
8a1b9cdb63 use batch CPU scheduling policy for backups 2022-07-22 02:16:36 -04:00
Daniel Micay
7054e7c09f add backup scripts and systemd units 2022-07-22 00:40:20 -04:00
Daniel Micay
989ed9718c add backup directory and keys to gitignore 2022-07-21 23:43:17 -04:00
Daniel Micay
7c45014149 drop unused PATH setup 2022-07-18 18:19:25 -04:00
Daniel Micay
bb45adb3f7 freeze python dependency versions 2022-07-18 17:26:47 -04:00
Daniel Micay
0a81e35a23 activate venv automatically 2022-07-18 17:24:00 -04:00
Daniel Micay
d724296a89 add venv to gitignore 2022-07-18 17:00:30 -04:00
Daniel Micay
90d542e2f4 stop setting CORP header for synapse API for now 2022-07-13 13:04:46 -04:00
Daniel Micay
9b19b811ac only AF_INET6 is required for mjolnir 2022-07-11 19:50:21 -04:00
Daniel Micay
6835a0bffb set NODE_ENV=production for mjolnir 2022-07-10 17:37:39 -04:00
Daniel Micay
69b0ff7bb3 move nginx status API to socket 2022-07-02 12:38:33 -04:00
Daniel Micay
bac4280478 add gixy to deploy script 2022-06-28 00:03:13 -04:00
Daniel Micay
11579e87ca reduce proxy send timeout 2022-06-27 23:58:50 -04:00