1
0
mirror of https://github.com/tommytran732/Fedora-CoreOS-Ignition synced 2024-11-09 11:41:34 -05:00
Commit Graph

45 Commits

Author SHA1 Message Date
Robin Ophalvens
a71b39940e
Unbound systemd overrides affect Service section, not the Unit (#2)
Unbound overrides affect Service section, not the Unit
2023-04-12 07:16:14 -04:00
3b845ea7d2
Indentcation fix
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-29 11:49:12 -04:00
92fc6758d3
Regornaize the postinst service
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-29 01:07:50 -04:00
6393fd4f75
Allow ICMP
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-20 13:59:24 -04:00
948aaf845d
Remove remote filesystems
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-19 22:05:31 -04:00
fd4cd807fc
Use runc for watchtower
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-17 18:45:07 -04:00
db59e93bbd
Change watchtower schedule
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-17 18:40:22 -04:00
e04ff2250e
Enable gvisor updater
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-16 14:03:16 -04:00
e1bb116517
Allow ptrace
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-16 13:59:34 -04:00
5b9605128f
Disable rollout wariness
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-15 19:07:01 -04:00
c593f64c5c
Use host network for gVisor
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-15 19:03:29 -04:00
041b880c09
Fix deletion command
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-15 03:28:08 -04:00
a81fa14ebf
Add 5 seconds sleep
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-15 02:10:09 -04:00
0826c5962c
Use gVisor
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-15 01:38:02 -04:00
30196a1409
Remove do-not-query-localhost
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-11 11:00:35 -05:00
be7393ba04
Update Kicksecure sysctl
Signed-off-by: Tommy <contact@tommytran.io>
2023-02-04 05:26:13 -05:00
b2bfd7df0a
Remove unnecessary unbound configs
Signed-off-by: Tommy <contact@tommytran.io>
2023-01-24 09:10:51 -05:00
73855406f7
Update unbound configuration
Signed-off-by: Tommy <contact@tommytran.io>
2023-01-24 07:50:03 -05:00
c2dc6c9363
Use link for unbound
Signed-off-by: Tommy <contact@tommytran.io>
2023-01-24 02:33:44 -05:00
3148545adf
Enable DNSSEC and DOT
Signed-off-by: Tommy <contact@tommytran.io>
2023-01-24 01:07:16 -05:00
31d030ef1a
Add VerifyHostKeyDNS
Signed-off-by: Tommy <contact@tommytran.io>
2023-01-18 06:53:12 -05:00
66846eacc7
Use SSHD socket
Signed-off-by: Tommy <contact@tommytran.io>
2022-12-26 10:17:18 -05:00
28f36ae0aa
Typo fix
Signed-off-by: Tommy <contact@tommytran.io>
2022-12-14 01:41:07 -05:00
e91473fe24
Additional hardening
Signed-off-by: Tommy <contact@tommytran.io>
2022-12-01 14:47:50 -05:00
b436314d54
kernel.yama.ptrace_scope=3
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-16 04:20:37 -04:00
3f3cbd4bd3
Fix invalid config
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-12 19:01:25 -04:00
901bb8af68
Additional Mitigations
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-12 18:34:28 -04:00
c75d4a363a
Update SSHD and Kernel configs
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-12 17:58:29 -04:00
254eeaef42
Remove fail2ban
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-12 12:07:04 -04:00
52c86b8089
Add NTS
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-05 08:18:33 -04:00
700e399e07
Finalize boot params
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-05 02:26:22 -04:00
379e38d9ad
Remove sysctl.kernel.dmesg_restrict=1
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-05 01:25:39 -04:00
740bbe5bc2
Yama ptrace 2
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-04 23:51:52 -04:00
228f54c2fd
Remove efi=disable_early_pci_dma
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-04 23:28:40 -04:00
0d9c6e847c
Remove sysctl.kernel.core_pattern=|/bin/false
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-04 23:21:57 -04:00
620ed5dce2
Minor Fixes
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-04 22:59:14 -04:00
2ce2af2b83
Fix Kargs
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-04 22:51:57 -04:00
a3491e4774
Remove prelockd
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-04 16:13:26 -04:00
9a7c211a09
Update SSH Keys
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-04 16:10:20 -04:00
a535bfe84c
Update Generic.yml 2022-04-11 19:46:00 -04:00
41045aa18c
Update Generic.yml 2022-04-11 19:11:38 -04:00
de1d9199d5
Update GPG Key 2021-11-13 21:33:56 -05:00
d62beede12
Update Generic.yml 2021-11-05 19:19:11 -04:00
f20a76c5ab
Update Generic.yml 2021-11-04 06:21:36 -04:00
76bfa90fca
Add files via upload 2021-11-02 22:32:22 -04:00