summaryrefslogtreecommitdiff
path: root/etc
AgeCommit message (Collapse)Author
22 hoursmetaHEADmasterXiao Pan
11 daysmetaXiao Pan
11 daysno need mimic on enp3s0 nowXiao Pan
14 dayswg to ba then swgp forward to ib or caXiao Pan
2025-07-31I need ethernet for wired_two_computer connectionXiao Pan
I want wired_two_computer connection and wif both on. Also I mostly use wifi nowadays. But note after `nmcli radio wifi off`, bluetooth seems still work.
2025-07-31metaXiao Pan
2025-07-31nm add two wired ethernet connect configsXiao Pan
2025-07-30metaXiao Pan
2025-07-30add mimic configXiao Pan
2025-07-30enable mimic on ethernetXiao Pan
2025-07-30metaXiao Pan
2025-07-30remove phantun, add mimic, add distccd-alarm-armv8Xiao Pan
2025-07-30remove phantun, because I switched to mimicXiao Pan
2025-07-30add distccd port and accept that in nft so pp distcc can connectXiao Pan
2025-07-30distccd config change to pp wg ip, and change portXiao Pan
Change to wg ip because stricter, safer. Also change to a port no one use.
2025-07-30add defaultXiao Pan
2025-07-25metaXiao Pan
2025-07-25add and enable phantun_client serviceXiao Pan
2025-07-25metaXiao Pan
2025-07-25swgp go through phantun, more see vc notesXiao Pan
2025-07-15comment replace empty line with # to represent those comments are all ↵Xiao Pan
related to next several lines of code
2025-07-15sshd allow from localhostXiao Pan
2025-07-15sshd config add comment about AllowUsers CIDR ip should be consistentXiao Pan
2025-07-15sshd config restrict only from wg ip to insp gitolite userXiao Pan
2025-07-14monero@.service more commentXiao Pan
2025-07-14nft only allow monerod-p2p port to wg_* network interfacesXiao Pan
Note I think this will not prevent monerod download things from public internet without wireguard tunnel. But a little more limit is still better, maybe upload will limit a little bit to wg_* network interfaces.
2025-07-14monerod@.service add more notes about using ↵Xiao Pan
sys-subsystem-net-devices-wg_ba.device
2025-07-14metaXiao Pan
2025-07-14run monerod only when all network thru wireguardXiao Pan
wg_ba network interface tunnels all network through wireguard to ba. I would like to only run monerod when this happened due to various reasons see comments in monerod@.service. Some measures I take are: systemd unit bind to wg_ba, networkmanager dispatcher stop monerod service pre wg_ba down, and vpn script kill monerod process before wg_ba down. The former two measures are in this commit. For bitmonero.conf, I also limit upload rate, reason see comment. I also enabled ipv6. I also try bind ip, which seems does not work, but I put there anyway.
2025-07-11remove ssh-isp portXiao Pan
2025-07-10nft allow ssh from wg_* iifname, because I will let cfgs to pushXiao Pan
2025-07-10metaXiao Pan
2025-07-10I move studio website to ca so I will remove studio so ssh port config for ↵Xiao Pan
studio is not needed any more
2025-07-10add sshd config because I will enable sshdXiao Pan
2025-07-08sudoers pacdiffXiao Pan
related upstream PR and commit: https://github.com/sudo-project/sudo/pull/427 https://github.com/sudo-project/sudo/commit/7c121ff8340c6fa551ba4997dde9d450cf74e40c
2025-07-03change timezone because I movedXiao Pan
2025-06-22pacdiffXiao Pan
2025-04-02pacdiffXiao Pan
2025-03-30metaXiao Pan
2025-03-30merge two swgp config into oneXiao Pan
2025-03-29metaXiao Pan
2025-03-29aa swgp wg to ib instead of caXiao Pan
2025-03-04pacdiffXiao Pan
2025-01-08add french locale, maybe usefulXiao Pan
2025-01-08remove searxngXiao Pan
2025-01-08metaXiao Pan
2025-01-08remove searxng, because it always breakXiao Pan
2025-01-03qg for qemu guix no need any moreXiao Pan
2024-12-28metaXiao Pan
2024-12-28move to secret cfgs, because secret ipXiao Pan
generated by cgit v1.2.3-70-g09d2 (git 2.51.0) at 2025-09-11 05:31:53 +0000