vcunat

{
    "$schema": "https://json-schema.org/draft/2020-12/schema",
    "description": "Knot Resolver declarative configuration.",
    "type": "object",
    "properties": {
        "version": {
            "type": "integer",
            "description": "Version of the configuration schema. By default it is the latest supported by the resolver, but couple of versions back are be supported as well.",
            "default": 1
        },

mochaaP

# Maintainer: mochaaP <aports@mochaa.ws>

_flavor=xanmodedge
pkgname=linux-${_flavor}
# NOTE: this kernel is intended for testing
# please resist urge to upgrade it blindly
pkgver=5.17.3
case $pkgver in
	*.*.*)	_kernver=${pkgver%.*};;
	*.*) _kernver=$pkgver;;

dante-robinson

Linux Performance Tweaks

Table of Contents

Reflector Mirrors (Arch Based Only)
Conifgure Pacman (Arch Based Only)
Makepkg Tweaks
Installing Yay (Arch Based Only)
Installing Pamac (Arch Based Only)
Performance Tweaks

nitred

About

• I faced bandwidth issues between a WG Peer and a WG server. Download bandwidth when downloading from WG Server to WG peer was reduced significantly and upload bandwidth was practically non existent.
• I found a few reddit posts that said that we need to choose the right MTU. So I wrote a script to find an optimal MTU.
• Ideally I would have liked to have run all possible MTU configurations for both WG Server and WG Peer but for simplicity I choose to fix the WG Server to the original 1420 MTU and tried all MTUs from 1280 to 1500 for the WG Peer.

Testing

• On WG server, I started an iperf3 server
• On WG peer, I wrote a script that does the following:
  • wg-quick down wg0
• Edit MTU in the /etc/wireguard/wg0.conf file

themagicalmammal

Index

• Gummiboot
• Silent Grub
• Turn off Mitigations
• Disable Watchdog
• Kernel Parameters
• Fstab Modification
• Optimizing Boot
• Fix bad font rendering
• Getting rid of unnecessary packages

n1zyy

Apple runs a fleet of stratum 1 NTP servers at time.apple.com. In my experience, ntpd/chronyd are very happy with them.

It looks like, instead of doing anycast, they maybe use DNS to steer you to the closest one.

time.apple.com is a CNAME for time-osx.g.aaplimg.com. Querying a handful of DNS servers, I've identified the following locations:

IP	Hostname	Location
17.253.2.125	usdal4-ntp-001.aaplimg.com.	Dallas

arvati

Make a dynamic motd for your server

create a crond script to dynamic create an motd message to users

rc-service crond start && rc-update add crond
nano /etc/periodic/15min/motd
chmod a+x /etc/periodic/15min/motd
run-parts --test /etc/periodic/15min

Contents of /etc/periodic/15min/motd

hasnat

-- vim:syntax=lua:set ts=4 sw=4:
-- Refer to manual: https://knot-resolver.readthedocs.io/en/stable/daemon.html#configuration

-- Listen on all interfaces (localhost would not work in Docker)
net.listen('0.0.0.0')
net.listen('0.0.0.0', 853, { kind = 'tls' })
net.listen('0.0.0.0', 443, { kind = 'doh' })
net.listen('0.0.0.0', 8453, { kind = 'webmgmt' })

-- To disable DNSSEC validation, uncomment the following line (not recommended)

fsamareanu

#Set cake as qdisc and bbr as your congestion control (either from shell or add them to sysctl.conf or your OS equivalent)

sysctl net.core.default_qdisc=cake
sysctl net.ipv4.tcp_congestion_control=bbr

#Replace the root qdisc to cake diffserv4 (we get 4 distinct queues this way). Replace enp0231f6 with your interface name:

/sbin/tc qdisc replace root dev enp0s31f6 cake ethernet diffserv4 wash

#Check output. Queue priority (from lowest to highest) is bulk<best effort<video<voice. It should be similar to below one:

zoonderkins

-- listen for console connection with the given secret key
-- controlSocket("0.0.0.0")
-- setKey(please generate a fresh private key with makeKey())

-- start the web server on port 8083, using password 'set a random password here'
-- webserver("0.0.0.0:8083", "set a random password here")

-- accept DNS queries on UDP/5200 and TCP/5200