||Software | Authelia
||Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion of reverse proxies like nginx, Traefik or HAProxy to let them know whether queries should pass through. Unauthenticated user are redirected to Authelia Sign-in portal instead.
Documentation is available at https://docs.authelia.com.
||Software | NextDNS
||NextDNS CLI is a DNS53 to DNS-over-HTTPS (DoH) proxy with advanced capabilities to get the most out of the NextDNS service. Although the most advanced features will only work with NextDNS, this program can work as a client for any DoH provider or a mix of NextDNS + another DNS (split horizon).
The CLI is mostly aimed at routers and UNIX based systems, but it is also a great client for windows and macOS for people who prefer a fully open-source clients and don't mind the lack of GUI.
Stub DNS53 to DoH proxy.
Auto discovery and forwarding of LAN client's name and model.
Supports a vast number of platforms / OS / routers.
Can run on single host or at router level.
Auto router setup (integrate with many different router firmware).
Serve from /etc/hosts.
Multi upstream healthcheck / fallback.
Conditional forwarder selection based on domain.
Conditional NextDNS configuration ID selection based on client subnet prefix or MAC address.
Auto detection of captive portals.
||Software | RaspAP-webgui
A simple, responsive web interface to control wifi and hostapd on the Raspberry Pi.
RaspAP lets you quickly get a WiFi access point up and running to share the connectivity of many popular Debian-based devices, including the Raspberry Pi. Our popular Quick installer creates a known-good default configuration that “just works” on all current Raspberry Pis with onboard wireless. A responsive interface gives you control over the relevant services and networking options. Advanced DHCP settings, OpenVPN client support, SSL, security audits, themes and multilingual options are included.
RaspAP has been featured on sites such as Instructables, Adafruit, Raspberry Pi Weekly and Awesome Raspberry Pi and implemented in countless projects.
We hope you enjoy using RaspAP as much as we do creating it. Tell us how you use this with your own projects.
||Software | iridiumbrowser
Iridium Browser is based on the Chromium code base. All modifications enhance the privacy of the user and make sure that the latest and best secure technologies are used. Automatic transmission of partial queries, keywords and metrics to central services is prevented and only occurs with the approval of the user. In addition, all our builds are reproducible and modifications are auditable, setting the project ahead of other secure browser providers.
With Iridium, the whole process is entirely transparent. The public Git repository allows a direct view on all changes made. The complete source code is therefore available.
Iridium Browser has various enhancements where it forces strict security to provide the maximum level of security without compromising compatibility.
We try to distribute it in ways where it allows easy installation and yet allows administrators to deploy it easily. An example is an MSI-based installation mechanism for easy deployments throughout an entire organization.
There are many browsers out there. Chrome is fast, stable and user-friendly but does not meet many organizations’ demands for privacy. Since the tight integration with its inventor (Google) makes many things easier, it does not comply to restrictive data environments. Iridium is not another new browser from scratch. It takes the Chromium code base and enhances its security and sets certain policies by default. There are many forks of Chromium-based browsers, yet, in our opinion they failed in many other key areas important for adoption.
||Software | Rclone
Rclone is a command line program to manage files on cloud storage. It is a feature rich alternative to cloud vendors' web storage interfaces. Over 40 cloud storage products support rclone including S3 object stores, business & consumer file storage services, as well as standard transfer protocols.
Rclone has powerful cloud equivalents to the unix commands rsync, cp, mv, mount, ls, ncdu, tree, rm, and cat. Rclone's familiar syntax includes shell pipeline support, and --dry-run protection. It is used at the command line, in scripts or via its API.
Users call rclone "The Swiss army knife of cloud storage", and "Technology indistinguishable from magic".
Rclone really looks after your data. It preserves timestamps and verifies checksums at all times. Transfers over limited bandwidth; intermittent connections, or subject to quota can be restarted, from the last good file transferred. You can check the integrity of your files. Where possible, rclone employs server side transfers to minimise local bandwidth use and transfers from one provider to another without using local disk.
Virtual backends wrap local and cloud file systems to apply encryption, caching, chunking and joining.
Rclone mounts any local, cloud or virtual filesystem as a disk on Windows, macOS, linux and FreeBSD, and also serves these over SFTP, HTTP, WebDAV, FTP and DLNA.
Rclone is mature, open source software originally inspired by rsync and written in Go. The friendly support community are familiar with varied use cases. Official Ubuntu, Debian, Fedora, Brew and Chocolatey repos. include rclone. For the latest version downloading from rclone.org is recommended.
Rclone is widely used on Linux, Windows and Mac. Third party developers create innovative backup, restore, GUI and business process solutions using the rclone command line or API.
Rclone does the heavy lifting of communicating with cloud storage.
||Software | USBGuard
The USBGuard software framework helps to protect your computer against rogue USB devices (a.k.a. BadUSB) by implementing basic whitelisting and blacklisting capabilities based on device attributes.
Rule language for writting USB device authorization policies
Daemon component with an IPC interface for dynamic interaction and policy enforcement
Command line and GUI interface to interact with a running USBGuard instance
C++ API for interacting with the daemon component implemented in a shared library
Supported Operating Systems
Currently, USBGuard works only on Linux. To enforce the user-defined policy, it uses the USB device authorization feature implemented in the Linux kernel since 2007. Read this document if you want to know more.
||Software | ZeroTier
||Every Area Networking
Radically simplify your network with a virtual networking layer that works the same everywhere.
ZeroTier is a smart programmable Ethernet switch for planet Earth. It allows all networked devices, VMs, containers, and applications to communicate as if they all reside in the same physical data center or cloud region.
This is accomplished by combining a cryptographically addressed and secure peer to peer network (termed VL1) with an Ethernet emulation layer somewhat similar to VXLAN (termed VL2). Our VL2 Ethernet virtualization layer includes advanced enterprise SDN features like fine grained access control rules for network micro-segmentation and security monitoring.
All ZeroTier traffic is encrypted end-to-end using secret keys that only you control. Most traffic flows peer to peer, though we offer free (but slow) relaying for users who cannot establish peer to peer connections.
||Software | Mailpile
||Mailpile is software, an e-mail client. It runs on your desktop or laptop computer and you interact with it by using your web browser. The goal of Mailpile is to allow people to send e-mail in a more secure and private manner than before.
We recommend you let Mailpile download your e-mail and store it on your computer. This allows you to read and write mail even if your Internet connection is not working, and gives you the option of deleting the mail from the server which in turn improves your privacy.
Mailpile stores mail it has downloaded in the Mailpile data folder, the precise location of which depends a bit on your operating system. It's easy to find from within the app though.
||Software | The Stress Terminal UI: s-tui
||Stress-Terminal UI, s-tui, monitors CPU temperature, frequency, power and utilization in a graphical way from the terminal.
||Software | Portainer
||- Short description | Portainer is a lightweight management UI which allows you to easily manage your different Docker environments (Docker hosts or Swarm clusters).
Portainer is meant to be as simple to deploy as it is to use. It consists of a single container that can run on any Docker engine
(can be deployed as Linux container or a Windows native container, supports other platforms too). Portainer allows you to
manage your all your Docker resources (containers, images, volumes, networks and more) ! It is compatible with the standalone Docker engine and with Docker Swarm mode.
- Official URL (if available) | https://www.portainer.io/
- (Official) install documentation | https://www.portainer.io/installation/
||Software | OverlayFS
||OverlayFS to protect SD card from write access
Read-only root filesystem for Raspbian Stretch
This repository contains some useful files that allow you to use a Raspberry PI using a readonly filesystem. After running install.sh everything will be set up and the system will reboot into read-only mode.
See instructions below to see how to switch to permanent or temporary write-mode.
This script is tested with a freshly deployed Raspbian image with "desktop and recommended software", specifically with the img file dated 2018-11-13, kernel 4.14. (Tested on a Rpi 3B+)
This files contains some ideas and code of the following projects:
Congratulate the original authors if these files work as expected.
||Software | Nyx
||Nyx is a command-line monitor for Tor. With this you can get detailed real-time information about your relay such as bandwidth usage, connections, logs, and much more.
Nyx's latest version is 2.1.0, released January 12th, 2019.