aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/etc
Commit message (Expand)AuthorAgeFilesLines
* refactor(suspend): gate suspend on AC, drop bespoke zellij inhibitLibravatar sommerfeld2 days1-0/+14
* feat(suspend): re-enable suspend on s2idle, drop diagnostic scaffoldingLibravatar sommerfeld2 days4-23/+8
* fix(suspend): switch hardened to s2idle, keep console alive, archive pstoreLibravatar sommerfeld2 days1-1/+1
* fix(suspend): load intel_lpss_pci from initramfs (Arch wiki touchpad fix)Libravatar sommerfeld2 days3-6/+5
* feat(suspend): hardened-only init_on_free=0 + hang-detection cmdlineLibravatar sommerfeld2 days2-2/+7
* feat(suspend): disable system suspend until hardened kernel resume issue is f...Libravatar sommerfeld2 days1-0/+17
* fix(iwd): revert MAC randomization — broke DHCPLibravatar sommerfeld2 days1-23/+0
* feat(suspend): bounce snx-rs around system sleepLibravatar sommerfeld2 days1-0/+45
* fix(hardened): restore podman compatibility on linux-hardenedLibravatar sommerfeld2 days1-0/+4
* Revert "refactor(boot): drop linux-hardened-fallback UKI"Libravatar sommerfeld2 days1-1/+4
* refactor(boot): drop linux-hardened-fallback UKILibravatar sommerfeld2 days1-4/+1
* feat(boot): add linux-hardened as parallel UKILibravatar sommerfeld2 days1-0/+19
* feat(iwd): per-SSID MAC randomisationLibravatar sommerfeld2 days1-0/+23
* feat(polkit): restrict systemd + udisks system actions to active local sessionsLibravatar sommerfeld2 days2-0/+26
* feat(sysctl): kernel info-disclosure + ICMP/IPv6 RA hardeningLibravatar sommerfeld2 days1-1/+39
* fix(nftables): waydroid DHCP/DNS ingress, drop manual NAT tableLibravatar sommerfeld9 days1-19/+9
* fix(nftables): add MASQUERADE for waydroid0Libravatar sommerfeld9 days1-3/+19
* Revert "fix(sysctl): enable net.ipv4.ip_forward for NAT bridges"Libravatar sommerfeld9 days1-5/+0
* fix(sysctl): enable net.ipv4.ip_forward for NAT bridgesLibravatar sommerfeld9 days1-0/+5
* fix(net): positive-match physical NICs into bond0Libravatar sommerfeld9 days1-14/+9
* fix(net): keep waydroid0 out of bond0, allow it through nftablesLibravatar sommerfeld9 days2-2/+10
* fix(pacman): correct llama.cpp-vulkan IgnorePkg name (was llama-cpp-vulkan)Libravatar sommerfeld12 days1-3/+3
* feat: teams autostart, llama-cpp-vulkan ignore, snxctl-chromium wrapperLibravatar sommerfeld2026-05-141-1/+3
* fix(nftables): use iifname/oifname for virbr0 so rules load before libvirtdLibravatar sommerfeld2026-05-131-4/+6
* fix(nftables): allow DHCP/DNS and forwarding for libvirt virbr0Libravatar sommerfeld2026-05-131-0/+16
* fix(networkd): exclude virtual taps/bridges from bond0 enslavementLibravatar sommerfeld2026-05-131-0/+10
* feat: add libvirt/qemu/swtpm stack for Sii Intune VMLibravatar sommerfeld2026-05-131-0/+13
* feat(nix): saturate builds, add community cache, pin nixpkgs registryLibravatar sommerfeld2026-05-131-2/+10
* fix(lostfiles): emit parent directories alongside tracked filesLibravatar sommerfeld2026-05-131-1/+1
* feat(lostfiles): filter known/private/cache paths via auto-synced ignoreLibravatar sommerfeld2026-05-132-1/+36
* refactor(udev): drop hand-rolled ZSA rule, install qmk package insteadLibravatar sommerfeld2026-05-131-13/+0
* feat(udev,flatpak): allow ungoogled-chromium to talk to ZSA keyboardsLibravatar sommerfeld2026-05-131-0/+13
* refactor(sudoers): drop NOPASSWD poweroff/reboot, polkit handles itLibravatar sommerfeld2026-05-131-3/+0
* refactor(nftables): minimize diff against upstream pristineLibravatar sommerfeld2026-05-132-46/+24
* fix(sudoers-rs,waybar): pass DIFFPROG (and friends) through sudo-rsLibravatar sommerfeld2026-05-131-0/+16
* feat(lostfiles): weekly unowned-files refresh + waybar reminderLibravatar sommerfeld2026-05-132-0/+21
* feat(arch-audit): daily CVE refresh + waybar reminderLibravatar sommerfeld2026-05-132-0/+21
* feat(systemd): monthly btrfs balance templateLibravatar sommerfeld2026-05-132-0/+25
* feat(waybar,sway): htop click handler, app keybinds, VPN toggleLibravatar sommerfeld2026-05-131-0/+13
* fix(logind): ignore KEY_POWER long-press tooLibravatar sommerfeld2026-05-131-6/+12
* refactor(logind): drop device-specific rationale from power-key drop-inLibravatar sommerfeld2026-05-131-8/+5
* fix(logind): ignore KEY_POWER short-press to stop Shokz dongle shutdownsLibravatar sommerfeld2026-05-132-7/+11
* feat(udev): replace shokz blacklist with hwdb keycode overrideLibravatar sommerfeld2026-05-132-1/+7
* fix(privesc): revert bogus AssumeInstalled directiveLibravatar sommerfeld2026-05-131-4/+0
* feat(privesc): drop classic sudo via AssumeInstalledLibravatar sommerfeld2026-05-131-0/+4
* feat(privesc): migrate from opendoas to sudo-rsLibravatar sommerfeld2026-05-133-3/+17
* feat(nix): hybrid setup with flakes + direnv for per-project dev shellsLibravatar sommerfeld2026-05-131-0/+21
* feat(net): nftables laptop firewallLibravatar sommerfeld2026-05-132-0/+63
* refactor(etc): narrow etc-status to tracked-file driftLibravatar sommerfeld2026-05-131-57/+0
* fix(etc): restrict lsblk to the parent device onlyLibravatar sommerfeld2026-05-131-1/+1
generated by cgit v1.3.1 (git 2.54.0) at 2026-05-31 21:03:42 +0000