From 2c496ebf7d9e79cbd173b94232c22453730f2b6d Mon Sep 17 00:00:00 2001 From: Tommy Date: Mon, 11 Apr 2022 19:12:25 -0400 Subject: [PATCH] Update GitLab.yml --- GitLab.yml | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/GitLab.yml b/GitLab.yml index 3d7cd82..2127e81 100644 --- a/GitLab.yml +++ b/GitLab.yml @@ -29,9 +29,6 @@ systemd: RemainAfterExit=yes ExecStart=/usr/bin/rpm-ostree install fail2ban firewalld prelockd tuned qemu-guest-agent ExecStart=/bin/touch /var/lib/%N.stamp - ExecStart=/usr/sbin/setsebool -P container_use_cephfs off - ExecStart=/usr/sbin/setsebool -P virt_use_nfs off - ExecStart=/usr/sbin/setsebool -P virt_use_samba off ExecStart=/usr/bin/sed 's/nullok//g' /etc/pam.d/system-auth ExecStart=/usr/bin/curl https://raw.githubusercontent.com/Whonix/security-misc/master/etc/modprobe.d/30_security-misc.conf -o /etc/modprobe.d/30_security-misc.conf ExecStart=/bin/systemctl --no-block reboot @@ -56,6 +53,17 @@ systemd: ExecStart=/usr/bin/docker run --detach --hostname your_domain --publish 443:443 --publish 80:80 --publish 7022:22 --name gitlab --restart unless-stopped --volume /srv/gitlab/config:/etc/gitlab:Z --volume /srv/gitlab/logs:/var/log/gitlab:Z --volume /srv/gitlab/data:/var/opt/gitlab:Z gitlab/gitlab-ee:latest ExecStart=/bin/touch /var/lib/%N.stamp + [Install] + WantedBy=multi-user.target + - name: setsebool.service + enabled: true + contents: | + [Service] + Type=oneshot + ExecStart=/usr/sbin/setsebool container_use_cephfs off + ExecStart=/usr/sbin/setsebool virt_use_nfs off + ExecStart=/usr/sbin/setsebool virt_use_samba off + RemainAfterExit=yes [Install] WantedBy=multi-user.target - name: docker.service