Add DoH setup to vyos
All checks were successful
ShellCheck / shellcheck (push) Successful in 20s

This commit is contained in:
Mathieu Strypsteen 2024-10-19 09:12:15 +02:00
parent cfe73fe9ab
commit 3505aa3776
Signed by: mathieu
GPG key ID: 782A42E461BC6824
4 changed files with 7 additions and 6 deletions

View file

@ -4,7 +4,6 @@ server {
listen 443 ssl;
listen [::]:443 ssl;
include snippets/headers.conf;
include snippets/local-only.conf;
location / {
set $upstream sandbox.server.home.arpa;
proxy_pass http://$upstream:8080;

View file

@ -1,5 +1,5 @@
[Container]
Image=codeberg.org/forgejo/forgejo:8-rootless
Image=codeberg.org/forgejo/forgejo:9-rootless
Network=nginx.network
Volume=/var/lib/system-config/container-config/forgejo:/etc/gitea:z,ro
Volume=forgejo.volume:/var/lib/gitea:U,Z

View file

@ -2,7 +2,7 @@
set -euo pipefail
cp -R desktop/* qubes-fedora/* /
dnf config-manager --set-enabled qubes-vm-r4.2-security-testing qubes-vm-r4.2-current-testing
dnf install --allowerasing bash-color-prompt bash-completion borgbackup bind-utils butane default-fonts fcitx5-anthy fcitx5-autostart fedora-flathub-remote file-roller fuse-sshfs gcc gcc-gdb-plugin glibc-all-langpacks helm htop kubernetes-client nautilus netcat nodejs-npm pipx qubes-ctap ShellCheck toolbox wireguard-tools whois xdg-desktop-portal-gtk yt-dlp
dnf install --allowerasing bash-color-prompt bash-completion borgbackup bind-utils butane default-fonts fcitx5-anthy fcitx5-autostart fedora-flathub-remote ffmpeg-free file-roller fuse-sshfs gcc gcc-gdb-plugin glibc-all-langpacks helm htop kubernetes-client nautilus netcat nodejs-npm pipx qubes-ctap ShellCheck toolbox wireguard-tools whois xdg-desktop-portal-gtk yt-dlp
dnf remove cheese evolution-data-server firefox gnome-software gnome-weather PackageKit-command-not-found rpmfusion-nonfree-release thunderbird totem
sh setup-desktop.sh
all_proxy=127.0.0.1:8082 flatpak remote-add --if-not-exists flathub /usr/lib/fedora-third-party/conf.d/fedora-flathub.flatpakrepo

View file

@ -56,10 +56,12 @@ set service dhcp-server shared-network-name server subnet 192.168.253.0/24 lease
set service router-advert interface eth1 prefix ::/64
set service router-advert interface eth2 prefix ::/64
set service router-advert interface eth3 prefix ::/64
set service dns forwarding listen-address 0.0.0.0
set service dns forwarding name-server 9.9.9.9
set service dns forwarding listen-address 192.168.252.1
set service dns forwarding listen-address 192.168.253.1
set service dns forwarding listen-address 192.168.254.1
set service dns forwarding listen-address 192.168.255.1
set service dns forwarding name-server 127.0.0.1
set service dns forwarding dnssec validate
set service dns forwarding allow-from 127.0.0.1/32
set service dns forwarding allow-from 192.168.0.0/16
set service tftp-server directory /config/tftp
set service tftp-server listen-address 192.168.253.1