Commit Graph

330 Commits

Author SHA1 Message Date
Ming Di Leom 13cb4353a2
post(log4shell): service unit needs to be unmasked
before starting it
2021-12-17 09:30:58 +00:00
Ming Di Leom 6921550557
post: Check Log4Shell vulnerability using Unbound DNS server 2021-12-17 09:28:37 +00:00
Ming Di Leom d78f5e4e2d
post(eepsite): clarify on deriving B32 from .dat 2021-12-09 06:31:34 +00:00
Ming Di Leom 8e37626802
fix(csp): allow web manifest
- this site does use it
  * https://gitlab.com/curben/blog/-/blob/master/source/site.webmanifest
2021-11-18 08:33:26 +00:00
Ming Di Leom ea92a6122c
post: cloud control 2021-10-08 10:20:24 +00:00
Ming Di Leom 7fade49ffa
post(microg): clarify microg installation options 2021-09-19 03:25:14 +00:00
Ming Di Leom f51f141e6a
post(microg): peril of OTA zip in A/B partition 2021-09-18 23:37:08 +00:00
Ming Di Leom a9dfb061d1
post(microg): microG installer using Magisk module 2021-09-18 02:56:26 +00:00
Ming Di Leom 68418203ea
post(aws-config): shorter title 2021-09-16 20:52:36 +00:00
Ming Di Leom c5594e4a3e
post(aws-waf): regional ACL
- style: standardise edit date
2021-09-01 09:19:38 +00:00
Ming Di Leom d5093b21f4
post(aws-waf): move usage guide to repo
- https://gitlab.com/curben/aws-scripts
2021-08-22 07:43:12 +00:00
Ming Di Leom 2a6f2ebd2a
feat(aws-config): support more rules
- consolidate into a script
2021-08-21 07:19:55 +00:00
Ming Di Leom 6545ab080e
post: aws config 2021-08-15 08:15:13 +00:00
Ming Di Leom b22baa1999
fix: move aws scripts to curben/aws-scripts repo 2021-08-15 08:06:18 +00:00
Ming Di Leom 671cafd086
fix(Caddyfile): http.reverse_proxy.upstream.host placeholder 2021-07-24 02:49:23 +00:00
Ming Di Leom bb1eed3b9e
post(caddy): remove more PII 2021-07-24 02:40:54 +00:00
Ming Di Leom 81df021f5d
post: Calculate Web ACL Capacity Unit (WCU) in AWS WAF 2021-07-23 08:00:02 +00:00
Ming Di Leom ff0dd91b8d
post(caddy): remove PII from error log
- "log" global option
- https://caddyserver.com/docs/caddyfile/options#log
- available in Caddy v2.4.0+
2021-07-16 09:16:10 +00:00
Ming Di Leom 588f65f6d4
fix: update duckduckgo v3 onion
https://teddit.net/r/duckduckgo/comments/oc07wj/news_duckduckgo_search_now_available_via_tor/
2021-07-07 11:32:52 +00:00
Ming Di Leom c59e036d12
post: remove harica file 2021-07-04 03:42:36 +00:00
Ming Di Leom 9b6993fc43
post: Get a ECDSA TLS certificate for your onion service 2021-07-04 03:39:22 +00:00
Ming Di Leom c3c8760977
post: Using custom package in a NixOS module 2021-07-02 22:51:58 +00:00
Ming Di Leom a61e612415
style: spacing 2021-06-27 07:56:44 +00:00
Ming Di Leom 54c63d1b7b
post: Convert AWS WAF ACLs to human-readable format 2021-06-27 07:53:55 +00:00
Ming Di Leom 4bc257c7e7
post(nixos): cloudflared replaced port forwarding & open inbound port 2021-06-20 07:02:48 +00:00
Ming Di Leom e7f1e1b2ff
post(free-apps): add Organic Maps, Catima, PDF Viewer
- remove defunct Yelp Store, Maps
2021-06-19 07:17:18 +00:00
Ming Di Leom 319ee042cd
post(microg): add Aurora Droid/Store, Organic Maps, Catima
- remove defunct Yelp Store, Maps
2021-06-19 07:06:02 +00:00
Ming Di Leom fff583c2b4
post(cloudflared): custom config location 2021-06-16 11:19:45 +00:00
Ming Di Leom 7c0d28e988
post(nixos): user must be assigned to a group
- otherwise the home folder will be created/assigned with "nogroup" group
2021-06-15 10:49:03 +00:00
Ming Di Leom 1e1223de2d
post: cf argo on nixos 2021-06-15 10:40:15 +00:00
Ming Di Leom 2bbe0cc629
post: nixos 21.05 upgrade note 2021-06-13 09:42:48 +00:00
Ming Di Leom 1d1bd91266
post(nixos): enable isSystemUser to disable shell 2021-06-13 09:22:57 +00:00
Ming Di Leom 365f937665
post(rsync-nixos): disable createHome to prevent reverting to chmod 700
- retain world-readable/chmod 755
2021-06-13 00:00:57 +00:00
Ming Di Leom 635ddd3f72
post(nixos): isNormalUser/isSystemUser must be set if uid is null
- https://search.nixos.org/options?channel=21.05&show=users.users.%3Cname%3E.isNormalUser&from=0&size=50&sort=relevance&query=isnormaluser
2021-06-12 08:10:26 +00:00
Ming Di Leom 8c2e000d8d
post(nixos): update syntax to 21.05
- https://nixos.org/manual/nixos/stable/release-notes.html#sec-release-21.05
2021-06-12 07:33:38 +00:00
Ming Di Leom ad4b53a5c3
fix(dedup-array): Object.fromEntries() to convert array to object 2021-06-06 07:51:33 +00:00
Ming Di Leom b714d9149a
post(python3-venv): mention virtualenv 2021-04-20 11:32:55 +00:00
Ming Di Leom 087efae9ac
post: python3 venv 2021-04-20 11:21:46 +00:00
Ming Di Leom c808b7ed89
post(gnu-busybox): minor correction on zip support 2021-04-20 08:46:07 +00:00
Ming Di Leom ccd0701586
post(gnu-busybox): limitation of gunzip 2021-04-19 10:32:44 +00:00
Ming Di Leom 8647a8e2c8
fix(http-headers): opt-out FLoC
- https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network
2021-04-16 05:54:38 +00:00
Ming Di Leom 776f16b0bc
fix(http-headers): Feature-Policy renamed to Permissions-Policy
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy
2021-04-14 08:54:00 +00:00
Ming Di Leom 732d467d97
post(snort-suricata): mention RPZ 2021-04-04 18:02:11 +00:00
Ming Di Leom 5256ade567
fix(markdown): ordered list's indent must have 4 spaces
- f8024eb24d/docs/demo/quickref.md (lists)
- fix table syntax
2021-04-04 17:54:45 +00:00
Ming Di Leom 4cea30e514
post(oracle-nixos): boot volume created from backup is not free 2021-04-04 17:42:51 +00:00
Ming Di Leom c4206b2f62
post: urlhaus-filter and phishing-filter available as Snort and Suricata rules 2021-03-20 03:38:35 +00:00
Ming Di Leom 0c569662a1
post(rsync-nixos): specify artifact between jobs 2021-03-15 22:51:56 +00:00
Ming Di Leom 1417d7d408
ci: after_script should only be used for cleanup
- in case of job failure
2021-03-15 11:12:54 +00:00
Ming Di Leom 28c702670f
post: "rsync is surprisingly simple to setup" 2021-03-15 07:01:43 +00:00
Ming Di Leom 77d29cec6c
post(nixos-oracle): mention NixOS-Infect
- https://github.com/elitak/nixos-infect
2021-03-15 03:02:08 +00:00