I hereby claim:
- I am tristor on github.
- I am tristor (https://keybase.io/tristor) on keybase.
- I have a public key whose fingerprint is 26B4 1281 A0AA 61EE 2CFD 47FA 1915 97E1 CB67 6F29
To claim this, I am signing this object:
Tristor Tristor
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This DNSMasq configuration forces restrictions to be enabled for YouTube, Bing, and Google Search | |
| # for more information see: https://learn.akamai.com/en-us/webhelp/enterprise-threat-protector/enterprise-threat-protector/GUID-0FCB1221-60DC-4A01-9B09-0C25B16BF3D0.html | |
| # or see: https://support.google.com/youtube/answer/6214622?hl=en | |
| # Put this file in /etc/dnsmasq.d/ | |
| ## YouTube | |
| cname=www.youtube.com,restrictmoderate.youtube.com | |
| cname=m.youtube.com,restrictmoderate.youtube.com | |
| cname=youtube.googleapis.com,restrictmoderate.youtube.com | |
| cname=youtubei.googleapis.com,restrictmoderate.youtube.com |
Tristor
/ matrix-synapse.conf
Created
February 23, 2017 19:41
Nginx reverse-proxy config for Matrix Synapse server
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80; | |
| listen [::]:80; | |
| server_name matrix.tristor.ro; | |
| location '/.well-known/acme-challenge' { | |
| default_type "text/plain"; | |
| allow all; | |
| root /var/www/matrix.tristor.ro/public/; | |
| } |
Tristor
/ certbot.conf
Created
February 23, 2017 19:10
Nginx temporary configuration for CertBot webroot verification
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80; | |
| server_name localhost; | |
| location / { | |
| root /var/www/matrix.tristor.ro/public/; | |
| index index.html index.htm; | |
| } | |
| location '/.well-known/acme-challenge' { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # vim: set ft=pf | |
| # /etc/pf.conf | |
| ext_if = "vtnet0" | |
| # These macros define the ports we let in and out. | |
| webports = "{http, https}" | |
| needout = "{ssh, domain, ntp, www, https, git, ftp}" | |
| turn = "{3478}" | |
| turns = "{5349}" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This configuration is for $CN | |
| #viscosity dns full | |
| #viscosity usepeerdns true | |
| #viscosity dhcp true | |
| tls-client | |
| pull | |
| client | |
| dev tun | |
| proto udp | |
| remote 123.123.123.123 1194 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Basic Connection Config | |
| dev tun | |
| proto udp | |
| port 1194 | |
| keepalive 10 120 | |
| max-clients 5 | |
| # Certs | |
| ca ca.crt | |
| cert server.crt |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Flushing all rules | |
| iptables -F FORWARD | |
| iptables -F INPUT | |
| iptables -F OUTPUT | |
| iptables -X | |
| # Setting default filter policy | |
| iptables -P INPUT DROP | |
| iptables -P OUTPUT DROP | |
| iptables -P FORWARD DROP |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo nvram SystemAudioVolume=" " | |
| defaults write com.apple.universalaccess reduceTransparency -bool true | |
| for domain in ~/Library/Preferences/ByHost/com.apple.systemuiserver.*; do | |
| defaults write "${domain}" dontAutoLoad -array \ | |
| "/System/Library/CoreServices/Menu Extras/TimeMachine.menu" \ | |
| "/System/Library/CoreServices/Menu Extras/Volume.menu" \ | |
| "/System/Library/CoreServices/Menu Extras/User.menu" | |
| done | |
| defaults write com.apple.systemuiserver menuExtras -array \ | |
| "/System/Library/CoreServices/Menu Extras/Bluetooth.menu" \ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # TCP port to bind to | |
| # Change to a high/odd port if this server is exposed to the internet directly | |
| Port 22 | |
| # Bind to all interfaces (change to specific interface if needed) | |
| ListenAddress 0.0.0.0 | |
| # Force SSHv2 Protocol | |
| Protocol 2 |