No description

Find a file

mwiegand 00ffe8e8bc todo		2022-03-26 13:55:59 +01:00
bin	apt_upgrade_and_restart_all	2022-03-07 17:54:50 +01:00
bundles	github https	2022-03-26 12:26:48 +01:00
data	gitea ci	2022-03-13 18:11:11 +01:00
groups	fix agetty path on older systems	2022-03-07 18:04:55 +01:00
hooks	apt_upgrade_and_restart_all	2022-03-07 17:54:50 +01:00
items	nc picsort	2021-10-16 13:35:44 +02:00
libs	apt_upgrade_and_restart_all	2022-03-07 17:54:50 +01:00
nodes	gitea ci	2022-03-13 18:11:11 +01:00
.envrc	EXPERIMENTAL_UPLOAD_VIA_CAT	2022-02-15 16:41:42 +01:00
.gitignore	build cystal	2021-11-17 01:13:01 +01:00
.python-version	wip	2021-06-16 23:56:31 +02:00
groups.py	wip	2021-06-11 13:30:57 +02:00
nodes.py	wip	2021-06-30 00:34:09 +02:00
README.md	todo	2022-03-26 13:55:59 +01:00
requirements.txt	qireguard qrcode	2022-02-24 00:03:44 +01:00

README.md

TODO

dont spamfilter forwarded mails
gollum wiki
blog?
fix dkim not working sometimes
LDAP
oauth2/OpenID
icinga

Raspberry pi as soundcard

gadget mode
OTG g_audio
https://audiosciencereview.com/forum/index.php?threads/raspberry-pi-as-usb-to-i2s-adapter.8567/post-215824

systemd hardening

[Unit] Description=TEST

[Service] Type=oneshot ExecStart=/opt/test

ProtectSystem=strict ProtectHome=yes PrivateTmp=yes PrivateDevices=yes PrivateNetwork=yes PrivateUsers=yes ProtectHostname=yes ProtectClock=yes ProtectKernelTunables=yes ProtectKernelModules=yes ProtectKernelLogs=yes ProtectControlGroups=yes RestrictAddressFamilies=none RestrictFileSystems=ext4 tmpfs zfs RestrictNamespaces=yes LockPersonality=yes MemoryDenyWriteExecute=yes RestrictRealtime=yes RestrictSUIDSGID=yes RemoveIPC=yes PrivateMounts=yes SystemCallFilter= SystemCallArchitectures=native CapabilityBoundingSet=

ReadOnlyPaths=/

NoExecPaths=/ ExecPaths=/opt/test /bin/bash /lib

[Install] WantedBy=multi-user.target