tommytran.io/content/projects.md

---
title: "Projects"
date: 2022-09-02
---

## PrivSec.dev

![Privsec.dev](/images/privsec.png)

[PrivSec.dev](https://privsec.dev) is a website made by me and a couple of friends. The goal is to provide practical privacy and security advice for the end user. You can think of it as a shared blog focusing on this topic.

We focus on in-depth system configuration, security analysis, and software/hardware recommendations. Our site is based on technical merits, not ideologies and politics.

## ArcticFoxes.net

![ArcticFoxes.net](/images/arcticfoxes.png)

[ArcticFoxes.net](https://arcticfoxes.net) is a group of self hosted and federated services run by me. It consists of:

- [A Matrix server](https://matrix.arcticfoxes.net) using my [hardened docker image](https://github.com/tommytran732/Synapse-Docker). I also have a [web client](https://element.arcticfoxes.net) and TURN server as accessories for the Matrix server.
- [A OpenVPN to ONC converter](onc.arcticfoxes.net). This is a simpel fork of [thomkeh/ovpn2onc](https://github.com/thomkeh/ovpn2onc) with a dark theme.

Most of the configurations and deployment files are available on [GitHub](https://github.com/ArcticFoxes-net).

## Linux Setup Scripts

![Glitched Tux](/images/glitched-tux.jpg)

These are setup scripts I run on my Linux systems, and serve as the basis for my other setups. You can adapt them to deploy yours. 

Features include, but are not limited to:
- Removal of unnecessary packages
- Hardened boot parameters
- Hardened sysctl settings
- Kernel module blacklist from Whonix's [security-misc](https://github.com/Kicksecure/security-misc/blob/master/etc/modprobe.d/30_security-misc.conf)
- Mac Address randomization for desktop installations
- SSH client and server hardening
- Installation of Hardened Malloc on Red Hat systems
- Installation and configuration of Microsoft Edge policies for desktop installations
- NTS setup
- Firewall setup


## Fedora CoreOS Ignition Files

![Fedora CoreOS](/images/fedora-coreos.png)

These are sample [Butane/Ingition configuration files](https://github.com/tommytran732/Fedora-CoreOS-Ignition) that you can adapt to quickly deploy a Fedora CoreOS server with the containers of your choice. They share the same hardening as the Linux Setup Scripts.

On Fedora CoreOS, I have also included systemd services to:
- Install and update gVisor at boot
- Update containers in a Docker Compose stack once a week.
Site Upload 2022-09-02 23:49:44 +02:00			`---`
			`title: "Projects"`
			`date: 2022-09-02`
			`---`

			`## PrivSec.dev`

			`![Privsec.dev](/images/privsec.png)`

			`[PrivSec.dev](https://privsec.dev) is a website made by me and a couple of friends. The goal is to provide practical privacy and security advice for the end user. You can think of it as a shared blog focusing on this topic.`

			`We focus on in-depth system configuration, security analysis, and software/hardware recommendations. Our site is based on technical merits, not ideologies and politics.`

Update content Signed-off-by: Tommy <contact@tommytran.io> 2023-11-05 11:21:11 +01:00			`## ArcticFoxes.net`

			`![ArcticFoxes.net](/images/arcticfoxes.png)`

			`[ArcticFoxes.net](https://arcticfoxes.net) is a group of self hosted and federated services run by me. It consists of:`

			`- [A Matrix server](https://matrix.arcticfoxes.net) using my [hardened docker image](https://github.com/tommytran732/Synapse-Docker). I also have a [web client](https://element.arcticfoxes.net) and TURN server as accessories for the Matrix server.`
			`- [A OpenVPN to ONC converter](onc.arcticfoxes.net). This is a simpel fork of [thomkeh/ovpn2onc](https://github.com/thomkeh/ovpn2onc) with a dark theme.`

			`Most of the configurations and deployment files are available on [GitHub](https://github.com/ArcticFoxes-net).`

Remove unmaintained projects Signed-off-by: Tommy <contact@tommytran.io> 2024-05-28 11:17:53 +02:00			`## Linux Setup Scripts`
Site Upload 2022-09-02 23:49:44 +02:00
Remove unmaintained projects Signed-off-by: Tommy <contact@tommytran.io> 2024-05-28 11:17:53 +02:00			`![Glitched Tux](/images/glitched-tux.jpg)`
Site Upload 2022-09-02 23:49:44 +02:00
Remove unmaintained projects Signed-off-by: Tommy <contact@tommytran.io> 2024-05-28 11:17:53 +02:00			`These are setup scripts I run on my Linux systems, and serve as the basis for my other setups. You can adapt them to deploy yours.`
Site Upload 2022-09-02 23:49:44 +02:00
Remove unmaintained projects Signed-off-by: Tommy <contact@tommytran.io> 2024-05-28 11:17:53 +02:00			`Features include, but are not limited to:`
			`- Removal of unnecessary packages`
			`- Hardened boot parameters`
			`- Hardened sysctl settings`
			`- Kernel module blacklist from Whonix's [security-misc](https://github.com/Kicksecure/security-misc/blob/master/etc/modprobe.d/30_security-misc.conf)`
			`- Mac Address randomization for desktop installations`
			`- SSH client and server hardening`
			`- Installation of Hardened Malloc on Red Hat systems`
			`- Installation and configuration of Microsoft Edge policies for desktop installations`
			`- NTS setup`
			`- Firewall setup`
Site Upload 2022-09-02 23:49:44 +02:00
Update content Signed-off-by: Tommy <contact@tommytran.io> 2023-11-05 11:21:11 +01:00
			`## Fedora CoreOS Ignition Files`

			`![Fedora CoreOS](/images/fedora-coreos.png)`

Remove unmaintained projects Signed-off-by: Tommy <contact@tommytran.io> 2024-05-28 11:17:53 +02:00			`These are sample [Butane/Ingition configuration files](https://github.com/tommytran732/Fedora-CoreOS-Ignition) that you can adapt to quickly deploy a Fedora CoreOS server with the containers of your choice. They share the same hardening as the Linux Setup Scripts.`
Update content Signed-off-by: Tommy <contact@tommytran.io> 2023-11-05 11:21:11 +01:00
Remove unmaintained projects Signed-off-by: Tommy <contact@tommytran.io> 2024-05-28 11:17:53 +02:00			`On Fedora CoreOS, I have also included systemd services to:`
			`- Install and update gVisor at boot`
			`- Update containers in a Docker Compose stack once a week.`
Site Upload 2022-09-02 23:49:44 +02:00