Commit Graph

40 Commits

Author SHA1 Message Date
Thien Tran
b5afd8e0d5
Switch to Cloudflare DNS
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-06-25 13:19:57 -07:00
Thien Tran
45fa68d5c9
Typo fix
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-06-11 03:48:51 -07:00
Thien Tran
05b2df9c8b
Use systrap by default
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-06-08 16:06:20 -07:00
Tommy
996c4a331e
Update Ignition files
Signed-off-by: Tommy <contact@tommytran.io>
2023-04-15 04:24:16 -04:00
Tommy
af51a505ae
Fix gVisor SELinux context
Signed-off-by: Tommy <contact@tommytran.io>
2023-04-15 04:22:34 -04:00
Robin Ophalvens
6a0f4afe1d
Add missing sed in-place flag (#1)
* Add missing sed in-place flag

* Update README to warn passwordless users
2023-04-15 04:05:22 -04:00
Tommy
3b845ea7d2
Indentcation fix
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-29 11:49:12 -04:00
Tommy
92fc6758d3
Regornaize the postinst service
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-29 01:07:50 -04:00
Tommy
6393fd4f75
Allow ICMP
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-20 13:59:24 -04:00
Tommy
948aaf845d
Remove remote filesystems
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-19 22:05:31 -04:00
Tommy
fd4cd807fc
Use runc for watchtower
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-17 18:45:07 -04:00
Tommy
db59e93bbd
Change watchtower schedule
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-17 18:40:22 -04:00
Tommy
e04ff2250e
Enable gvisor updater
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-16 14:03:16 -04:00
Tommy
e1bb116517
Allow ptrace
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-16 13:59:34 -04:00
Tommy
5b9605128f
Disable rollout wariness
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-15 19:07:01 -04:00
Tommy
c593f64c5c
Use host network for gVisor
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-15 19:03:29 -04:00
Tommy
041b880c09
Fix deletion command
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-15 03:28:08 -04:00
Tommy
a81fa14ebf
Add 5 seconds sleep
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-15 02:10:09 -04:00
Tommy
0826c5962c
Use gVisor
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-15 01:38:02 -04:00
Tommy
30196a1409
Remove do-not-query-localhost
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-11 11:00:35 -05:00
Tommy
be7393ba04
Update Kicksecure sysctl
Signed-off-by: Tommy <contact@tommytran.io>
2023-02-04 05:26:13 -05:00
Tommy
b2bfd7df0a
Remove unnecessary unbound configs
Signed-off-by: Tommy <contact@tommytran.io>
2023-01-24 09:10:51 -05:00
Tommy
73855406f7
Update unbound configuration
Signed-off-by: Tommy <contact@tommytran.io>
2023-01-24 07:50:03 -05:00
Tommy
c2dc6c9363
Use link for unbound
Signed-off-by: Tommy <contact@tommytran.io>
2023-01-24 02:33:44 -05:00
Tommy
3148545adf
Enable DNSSEC and DOT
Signed-off-by: Tommy <contact@tommytran.io>
2023-01-24 01:07:16 -05:00
Tommy
31d030ef1a
Add VerifyHostKeyDNS
Signed-off-by: Tommy <contact@tommytran.io>
2023-01-18 06:53:12 -05:00
Tommy
66846eacc7
Use SSHD socket
Signed-off-by: Tommy <contact@tommytran.io>
2022-12-26 10:17:18 -05:00
Tommy
28f36ae0aa
Typo fix
Signed-off-by: Tommy <contact@tommytran.io>
2022-12-14 01:41:07 -05:00
Tommy
e91473fe24
Additional hardening
Signed-off-by: Tommy <contact@tommytran.io>
2022-12-01 14:47:50 -05:00
Tommy
b436314d54
kernel.yama.ptrace_scope=3
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-16 04:20:37 -04:00
Tommy
3f3cbd4bd3
Fix invalid config
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-12 19:01:25 -04:00
Tommy
901bb8af68
Additional Mitigations
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-12 18:34:28 -04:00
Tommy
c75d4a363a
Update SSHD and Kernel configs
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-12 17:58:29 -04:00
Tommy
254eeaef42
Remove fail2ban
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-12 12:07:04 -04:00
Tommy
2387d6f27f
Update Ignition files
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-05 08:22:43 -04:00
Tommy
372ea1030f
Create Ignition files
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-05 04:20:06 -04:00
Tommy
9a7c211a09
Update SSH Keys
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-04 16:10:20 -04:00
TommyTran732
de1d9199d5
Update GPG Key 2021-11-13 21:33:56 -05:00
Tommy
2e29e827ef
Update Generic.ign 2021-11-07 19:30:57 -05:00
Tommy
76bfa90fca
Add files via upload 2021-11-02 22:32:22 -04:00