add pi config files

3 files changed, 42 insertions, 0 deletions

diff --git a/pi_configs/etc/modules-load.d/wireguard.conf b/pi_configs/etc/modules-load.d/wireguard.conf
new file mode 100644
index 0000000..a82c63a
--- /dev/null
+++ b/pi_configs/etc/modules-load.d/wireguard.conf
@@ -0,0 +1 @@
+wireguard
diff --git a/pi_configs/etc/nftables.conf b/pi_configs/etc/nftables.conf
new file mode 100644
index 0000000..9c3532d
--- /dev/null
+++ b/pi_configs/etc/nftables.conf
@@ -0,0 +1,40 @@
+#!/usr/bin/nft -f
+
+# IPv4/IPv6 Simple & Safe firewall ruleset.
+# More examples in /usr/share/nftables/ and /usr/share/doc/nftables/examples/.
+
+# some codes from https://wiki.archlinux.org/title/Nftables
+
+# needed for reload config using `sudo systemctl restart nftables` or `sudo nft -f /etc/nftables.conf`
+flush ruleset
+
+table inet my_table {
+
+	chain my_input {
+		type filter hook input priority filter
+		policy drop
+
+		ct state invalid drop comment "early drop of invalid connections"
+		ct state {established, related} accept comment "allow tracked connections"
+		iifname lo accept comment "allow from loopback"
+		ip protocol icmp accept
+		meta l4proto ipv6-icmp accept
+
+		tcp dport ssh accept
+
+		pkttype host limit rate 5/second counter reject with icmpx type admin-prohibited
+		counter comment "count any other traffic"
+	}
+
+	chain my_forward {
+		type filter hook forward priority filter
+		policy drop
+		# Drop everything forwarded to us. We do not forward. That is routers job.
+	}
+
+	chain my_output {
+		type filter hook output priority filter
+		policy accept
+		# Accept every outbound connection
+	}
+}
diff --git a/pi_configs/home/Spartan_Racing_Charger/.config/labwc/autostart b/pi_configs/home/Spartan_Racing_Charger/.config/labwc/autostart
new file mode 100644
index 0000000..c1ff693
--- /dev/null
+++ b/pi_configs/home/Spartan_Racing_Charger/.config/labwc/autostart
@@ -0,0 +1 @@
+/usr/local/bin/remote_plot -l &