diff options
| author | kwadronaut <kwadronaut@autistici.org> | 2022-10-13 07:42:44 +0000 |
|---|---|---|
| committer | kwadronaut <kwadronaut@autistici.org> | 2022-10-13 07:42:44 +0000 |
| commit | d25723bc19fb295001c43945e9ec3726042e206f (patch) | |
| tree | 71d5e7695f75f1129e74e8e8f77f6a648df4a34d | |
| parent | e7448ad3ba02c5bf4ed96c521327c9b7f82a29fb (diff) | |
| parent | 693c0f715b0e8b67500d212285fc43428409e27d (diff) | |
Merge branch 'update-float' into 'main'
git subrepo commit (merge) float
See merge request leap/container-platform/lilypad!58
| -rw-r--r-- | float/.gitrepo | 4 | ||||
| -rw-r--r-- | float/playbooks/apt-upgrade.yml | 3 | ||||
| -rw-r--r-- | float/roles/float-base/templates/sysctl.conf.j2 | 1 | ||||
| -rw-r--r-- | float/services.yml.default | 1 | ||||
| -rw-r--r-- | float/services.yml.no-elasticsearch | 1 |
5 files changed, 6 insertions, 4 deletions
diff --git a/float/.gitrepo b/float/.gitrepo index 0d468d8..a9d1600 100644 --- a/float/.gitrepo +++ b/float/.gitrepo @@ -6,7 +6,7 @@ [subrepo] remote = https://git.autistici.org/ai3/float.git branch = master - commit = 4251afa4979c48b9dd36946b2a955d9b57a39d59 + commit = c2c4ad89ae7ad3f1f722bf4528e1057c377e2886 parent = d9b2f97887292b92babad1990bd760c23e952416 - cmdver = 0.4.1 + cmdver = 0.4.3 method = merge diff --git a/float/playbooks/apt-upgrade.yml b/float/playbooks/apt-upgrade.yml index f8051ea..f2285d3 100644 --- a/float/playbooks/apt-upgrade.yml +++ b/float/playbooks/apt-upgrade.yml @@ -1,9 +1,8 @@ --- - - hosts: all tasks: - copy: - src: float/roles/float-base/files/apt/deb_autistici_org.gpg + src: ../roles/float-base/files/apt/deb_autistici_org.gpg dest: /usr/share/keyrings/deb.autistici.org.gpg - apt: update_cache: yes diff --git a/float/roles/float-base/templates/sysctl.conf.j2 b/float/roles/float-base/templates/sysctl.conf.j2 index ac7fed2..c28c31e 100644 --- a/float/roles/float-base/templates/sysctl.conf.j2 +++ b/float/roles/float-base/templates/sysctl.conf.j2 @@ -114,6 +114,7 @@ kernel.sysrq=0 # (linux-hardened default) net.core.bpf_jit_harden=2 kernel.unprivileged_bpf_disabled=1 +{% endif %} {% if not disable_restricted_sysctl %} # Disable unprivileged user namespaces diff --git a/float/services.yml.default b/float/services.yml.default index bb6f715..c7c67a6 100644 --- a/float/services.yml.default +++ b/float/services.yml.default @@ -54,6 +54,7 @@ log-collector: - /etc/rsyslog-collector-lognorm: /etc/rsyslog-collector-lognorm - /var/spool/rsyslog-collector: /var/spool/rsyslog - /var/log/remote: /var/log/remote + egress_policy: internal - name: kibana image: registry.git.autistici.org/ai3/docker/kibana:master port: 5601 diff --git a/float/services.yml.no-elasticsearch b/float/services.yml.no-elasticsearch index 8ce6e82..3665352 100644 --- a/float/services.yml.no-elasticsearch +++ b/float/services.yml.no-elasticsearch @@ -52,6 +52,7 @@ log-collector: - /etc/rsyslog-collector-lognorm: /etc/rsyslog-collector-lognorm - /var/spool/rsyslog-collector: /var/spool/rsyslog - /var/log/remote: /var/log/remote + egress_policy: internal ports: - 6514 |