Fedora-CoreOS-Ignition

mirror of https://github.com/TommyTran732/Fedora-CoreOS-Ignition.git synced 2025-11-04 11:08:35 +01:00

Author	SHA1	Message	Date
Thien Tran	1498126454	ZRAM Compression Signed-off-by: Thien Tran <contact@tommytran.io>	2023-10-11 23:19:11 -07:00
Tommy	e275349bb5	Update README.md Signed-off-by: Tommy <contact@tommytran.io>	2023-10-11 23:08:23 -07:00
Thien Tran	746ec7425b	Update SSH Hardening Signed-off-by: Thien Tran <contact@tommytran.io>	2023-10-10 12:29:15 -07:00
Thien Tran	a99d1f5e1d	Update SSH Hardening Signed-off-by: Thien Tran <contact@tommytran.io>	2023-10-10 12:05:22 -07:00
Thien Tran	3ffaeccc7f	Update runtimes Signed-off-by: Thien Tran <contact@tommytran.io>	2023-10-10 10:18:35 -07:00
Thien Tran	56aec4db80	Change sshd hardening filename Signed-off-by: Thien Tran <contact@tommytran.io>	2023-09-07 15:02:25 -07:00
Thien Tran	53e864b380	Update SSH Key Signed-off-by: Thien Tran <contact@tommytran.io>	2023-08-27 06:25:44 -07:00
Thien Tran	4eaf4eee81	Consistency fixes Signed-off-by: Thien Tran <contact@tommytran.io>	2023-08-16 03:37:26 -07:00
Thien Tran	3ee9f7c9d1	Setup Chrony seccomp filter Signed-off-by: Thien Tran <contact@tommytran.io>	2023-08-15 18:23:38 -07:00
Thien Tran	f66bce02e9	Use 1.1.1.2 for badness enumeration Signed-off-by: Thien Tran <contact@tommytran.io>	2023-07-27 04:58:07 -07:00
Thien Tran	f244a338d0	Fix DNS resolution Signed-off-by: Thien Tran <contact@tommytran.io>	2023-06-26 07:21:23 -07:00
Thien Tran	40bc7f18b4	Update UTM deployment Signed-off-by: Thien Tran <contact@tommytran.io>	2023-06-26 06:29:56 -07:00
Thien Tran	4dad452714	Add UTM Ignition Signed-off-by: Thien Tran <contact@tommytran.io>	2023-06-26 04:50:15 -07:00
Thien Tran	b5afd8e0d5	Switch to Cloudflare DNS Signed-off-by: Thien Tran <contact@tommytran.io>	2023-06-25 13:19:57 -07:00
Thien Tran	45fa68d5c9	Typo fix Signed-off-by: Thien Tran <contact@tommytran.io>	2023-06-11 03:48:51 -07:00
Thien Tran	05b2df9c8b	Use systrap by default Signed-off-by: Thien Tran <contact@tommytran.io>	2023-06-08 16:06:20 -07:00
Thien Tran	b057975c8a	Add workspace config Signed-off-by: Thien Tran <contact@tommytran.io>	2023-06-08 14:26:54 -07:00
Tommy	996c4a331e	Update Ignition files Signed-off-by: Tommy <contact@tommytran.io>	2023-04-15 04:24:16 -04:00
Tommy	af51a505ae	Fix gVisor SELinux context Signed-off-by: Tommy <contact@tommytran.io>	2023-04-15 04:22:34 -04:00
Robin Ophalvens	6a0f4afe1d	Add missing sed in-place flag (#1 ) * Add missing sed in-place flag * Update README to warn passwordless users	2023-04-15 04:05:22 -04:00
Robin Ophalvens	a71b39940e	Unbound systemd overrides affect Service section, not the Unit (#2 ) Unbound overrides affect Service section, not the Unit	2023-04-12 07:16:14 -04:00
Tommy	3b845ea7d2	Indentcation fix Signed-off-by: Tommy <contact@tommytran.io>	2023-03-29 11:49:12 -04:00
Tommy	92fc6758d3	Regornaize the postinst service Signed-off-by: Tommy <contact@tommytran.io>	2023-03-29 01:07:50 -04:00
Tommy	6393fd4f75	Allow ICMP Signed-off-by: Tommy <contact@tommytran.io>	2023-03-20 13:59:24 -04:00
Tommy	948aaf845d	Remove remote filesystems Signed-off-by: Tommy <contact@tommytran.io>	2023-03-19 22:05:31 -04:00
Tommy	fd4cd807fc	Use runc for watchtower Signed-off-by: Tommy <contact@tommytran.io>	2023-03-17 18:45:07 -04:00
Tommy	db59e93bbd	Change watchtower schedule Signed-off-by: Tommy <contact@tommytran.io>	2023-03-17 18:40:22 -04:00
Tommy	e04ff2250e	Enable gvisor updater Signed-off-by: Tommy <contact@tommytran.io>	2023-03-16 14:03:16 -04:00
Tommy	e1bb116517	Allow ptrace Signed-off-by: Tommy <contact@tommytran.io>	2023-03-16 13:59:34 -04:00
Tommy	5b9605128f	Disable rollout wariness Signed-off-by: Tommy <contact@tommytran.io>	2023-03-15 19:07:01 -04:00
Tommy	c593f64c5c	Use host network for gVisor Signed-off-by: Tommy <contact@tommytran.io>	2023-03-15 19:03:29 -04:00
Tommy	041b880c09	Fix deletion command Signed-off-by: Tommy <contact@tommytran.io>	2023-03-15 03:28:08 -04:00
Tommy	a81fa14ebf	Add 5 seconds sleep Signed-off-by: Tommy <contact@tommytran.io>	2023-03-15 02:10:09 -04:00
Tommy	0826c5962c	Use gVisor Signed-off-by: Tommy <contact@tommytran.io>	2023-03-15 01:38:02 -04:00
Tommy	30196a1409	Remove do-not-query-localhost Signed-off-by: Tommy <contact@tommytran.io>	2023-03-11 11:00:35 -05:00
Tommy	be7393ba04	Update Kicksecure sysctl Signed-off-by: Tommy <contact@tommytran.io>	2023-02-04 05:26:13 -05:00
Tommy	b2bfd7df0a	Remove unnecessary unbound configs Signed-off-by: Tommy <contact@tommytran.io>	2023-01-24 09:10:51 -05:00
Tommy	73855406f7	Update unbound configuration Signed-off-by: Tommy <contact@tommytran.io>	2023-01-24 07:50:03 -05:00
Tommy	c2dc6c9363	Use link for unbound Signed-off-by: Tommy <contact@tommytran.io>	2023-01-24 02:33:44 -05:00
Tommy	3148545adf	Enable DNSSEC and DOT Signed-off-by: Tommy <contact@tommytran.io>	2023-01-24 01:07:16 -05:00
Tommy	31d030ef1a	Add VerifyHostKeyDNS Signed-off-by: Tommy <contact@tommytran.io>	2023-01-18 06:53:12 -05:00
Tommy	66846eacc7	Use SSHD socket Signed-off-by: Tommy <contact@tommytran.io>	2022-12-26 10:17:18 -05:00
Tommy	28f36ae0aa	Typo fix Signed-off-by: Tommy <contact@tommytran.io>	2022-12-14 01:41:07 -05:00
Tommy	e91473fe24	Additional hardening Signed-off-by: Tommy <contact@tommytran.io>	2022-12-01 14:47:50 -05:00
Tommy	f6393dc6fa	Add auto-updater.service to Docker-Compose files Signed-off-by: Tommy <contact@tommytran.io>	2022-11-25 02:39:56 -05:00
Tommy	59fcc5ba77	Requires=network-online.target Signed-off-by: Tommy <contact@tommytran.io>	2022-09-16 04:23:35 -04:00
Tommy	b436314d54	kernel.yama.ptrace_scope=3 Signed-off-by: Tommy <contact@tommytran.io>	2022-09-16 04:20:37 -04:00
Tommy	3f3cbd4bd3	Fix invalid config Signed-off-by: Tommy <contact@tommytran.io>	2022-09-12 19:01:25 -04:00
Tommy	5febcefa93	Update kargs Signed-off-by: Tommy <contact@tommytran.io>	2022-09-12 18:41:54 -04:00
Tommy	901bb8af68	Additional Mitigations Signed-off-by: Tommy <contact@tommytran.io>	2022-09-12 18:34:28 -04:00

1 2

90 Commits