On Sat, 30 Jul 2016 23:24:00 -0400, coadde wrote: > Hi guys, i would make some changes in the new server, however i would > propose it to be discussed under consensus first: > > * Remove SSL certificates to be more KISS and adhocratic.
What? Both servers now allow you to just drop files in `/etc/ssl/misc/certbot-get.d/`, then run `sudo -u keys /etc/ssl/misc/certbot-get`; as described on the wiki[0]. [0]: https://wiki.parabola.nu/Hacking:Servers/Winston#issuance.2C_renewal.2C_and_installation > * Use a TOX server as XMPP replacement. no comment > * Use our own DNS server. Been on the todo list forever; go for it. > * Use NetworkManager (CLI) instead of Netctl. What!? Why? KISS! > * Improve IPv6 security against IoT and RFID (keep link-local IPv6 in > anonymous -> "fe80::") > * Add firewall > * Add TOR, DNSCrypt and VPN to increase security. > * Testing against all type of attacks to check our security settings is ok. _______________________________________________ Dev mailing list [email protected] https://lists.parabola.nu/mailman/listinfo/dev
