Tommy
|
5201fedaae
|
Run curl unprivileged
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-12-02 08:15:27 -07:00 |
|
Tommy
|
7999d90e6c
|
Fix 990-security-misc path
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-11-15 14:18:29 -07:00 |
|
Tommy
|
e7b703615d
|
Fix runsc path
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-11-06 18:40:04 -07:00 |
|
Tommy
|
1c70f5040c
|
Update SSH Key
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-11-04 13:54:13 -07:00 |
|
Thien Tran
|
0f478ae5d1
|
Add auditd
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-11-01 16:09:46 -07:00 |
|
Thien Tran
|
447136c03b
|
Update KickSecure configuration paths
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-10-31 09:23:35 -07:00 |
|
Thien Tran
|
7ccba15df9
|
Mask ctrl-alt-del.target
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-10-25 16:41:48 -07:00 |
|
Thien Tran
|
b26e2d7379
|
Disable CtrlAltDelBurstAction
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-10-25 16:12:34 -07:00 |
|
Thien Tran
|
caeeefc990
|
Mask debug shell
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-10-25 16:07:17 -07:00 |
|
Thien Tran
|
ce5d43d097
|
Typo Fixes
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-10-25 15:43:51 -07:00 |
|
Thien Tran
|
e348ca1b9b
|
/etc/issue(.net)
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-10-25 15:18:07 -07:00 |
|
Thien Tran
|
c4a0207da6
|
Update UTM config
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-10-21 18:11:27 -07:00 |
|
Thien Tran
|
d2f65d8b2e
|
Remove outdated ZRAM comment
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-10-11 23:39:54 -07:00 |
|
Tommy
|
00dfed479b
|
Update README.md
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-10-11 23:19:54 -07:00 |
|
Thien Tran
|
1498126454
|
ZRAM Compression
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-10-11 23:19:11 -07:00 |
|
Tommy
|
e275349bb5
|
Update README.md
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-10-11 23:08:23 -07:00 |
|
Thien Tran
|
746ec7425b
|
Update SSH Hardening
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-10-10 12:29:15 -07:00 |
|
Thien Tran
|
a99d1f5e1d
|
Update SSH Hardening
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-10-10 12:05:22 -07:00 |
|
Thien Tran
|
3ffaeccc7f
|
Update runtimes
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-10-10 10:18:35 -07:00 |
|
Thien Tran
|
56aec4db80
|
Change sshd hardening filename
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-09-07 15:02:25 -07:00 |
|
Thien Tran
|
53e864b380
|
Update SSH Key
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-08-27 06:25:44 -07:00 |
|
Thien Tran
|
4eaf4eee81
|
Consistency fixes
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-08-16 03:37:26 -07:00 |
|
Thien Tran
|
3ee9f7c9d1
|
Setup Chrony seccomp filter
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-08-15 18:23:38 -07:00 |
|
Thien Tran
|
f66bce02e9
|
Use 1.1.1.2 for badness enumeration
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-07-27 04:58:07 -07:00 |
|
Thien Tran
|
f244a338d0
|
Fix DNS resolution
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-06-26 07:21:23 -07:00 |
|
Thien Tran
|
40bc7f18b4
|
Update UTM deployment
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-06-26 06:29:56 -07:00 |
|
Thien Tran
|
4dad452714
|
Add UTM Ignition
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-06-26 04:50:15 -07:00 |
|
Thien Tran
|
b5afd8e0d5
|
Switch to Cloudflare DNS
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-06-25 13:19:57 -07:00 |
|
Thien Tran
|
45fa68d5c9
|
Typo fix
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-06-11 03:48:51 -07:00 |
|
Thien Tran
|
05b2df9c8b
|
Use systrap by default
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-06-08 16:06:20 -07:00 |
|
Thien Tran
|
b057975c8a
|
Add workspace config
Signed-off-by: Thien Tran <contact@tommytran.io>
|
2023-06-08 14:26:54 -07:00 |
|
Tommy
|
996c4a331e
|
Update Ignition files
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-04-15 04:24:16 -04:00 |
|
Tommy
|
af51a505ae
|
Fix gVisor SELinux context
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-04-15 04:22:34 -04:00 |
|
Robin Ophalvens
|
6a0f4afe1d
|
Add missing sed in-place flag (#1)
* Add missing sed in-place flag
* Update README to warn passwordless users
|
2023-04-15 04:05:22 -04:00 |
|
Robin Ophalvens
|
a71b39940e
|
Unbound systemd overrides affect Service section, not the Unit (#2)
Unbound overrides affect Service section, not the Unit
|
2023-04-12 07:16:14 -04:00 |
|
Tommy
|
3b845ea7d2
|
Indentcation fix
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-03-29 11:49:12 -04:00 |
|
Tommy
|
92fc6758d3
|
Regornaize the postinst service
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-03-29 01:07:50 -04:00 |
|
Tommy
|
6393fd4f75
|
Allow ICMP
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-03-20 13:59:24 -04:00 |
|
Tommy
|
948aaf845d
|
Remove remote filesystems
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-03-19 22:05:31 -04:00 |
|
Tommy
|
fd4cd807fc
|
Use runc for watchtower
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-03-17 18:45:07 -04:00 |
|
Tommy
|
db59e93bbd
|
Change watchtower schedule
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-03-17 18:40:22 -04:00 |
|
Tommy
|
e04ff2250e
|
Enable gvisor updater
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-03-16 14:03:16 -04:00 |
|
Tommy
|
e1bb116517
|
Allow ptrace
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-03-16 13:59:34 -04:00 |
|
Tommy
|
5b9605128f
|
Disable rollout wariness
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-03-15 19:07:01 -04:00 |
|
Tommy
|
c593f64c5c
|
Use host network for gVisor
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-03-15 19:03:29 -04:00 |
|
Tommy
|
041b880c09
|
Fix deletion command
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-03-15 03:28:08 -04:00 |
|
Tommy
|
a81fa14ebf
|
Add 5 seconds sleep
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-03-15 02:10:09 -04:00 |
|
Tommy
|
0826c5962c
|
Use gVisor
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-03-15 01:38:02 -04:00 |
|
Tommy
|
30196a1409
|
Remove do-not-query-localhost
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-03-11 11:00:35 -05:00 |
|
Tommy
|
be7393ba04
|
Update Kicksecure sysctl
Signed-off-by: Tommy <contact@tommytran.io>
|
2023-02-04 05:26:13 -05:00 |
|