Commit Graph

44 Commits

Author SHA1 Message Date
Thien Tran
e348ca1b9b
/etc/issue(.net)
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-10-25 15:18:07 -07:00
Thien Tran
d2f65d8b2e
Remove outdated ZRAM comment
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-10-11 23:39:54 -07:00
Thien Tran
1498126454
ZRAM Compression
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-10-11 23:19:11 -07:00
Thien Tran
746ec7425b
Update SSH Hardening
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-10-10 12:29:15 -07:00
Thien Tran
a99d1f5e1d
Update SSH Hardening
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-10-10 12:05:22 -07:00
Thien Tran
3ffaeccc7f
Update runtimes
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-10-10 10:18:35 -07:00
Thien Tran
53e864b380
Update SSH Key
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-08-27 06:25:44 -07:00
Thien Tran
4eaf4eee81
Consistency fixes
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-08-16 03:37:26 -07:00
Thien Tran
3ee9f7c9d1
Setup Chrony seccomp filter
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-08-15 18:23:38 -07:00
Thien Tran
f66bce02e9
Use 1.1.1.2 for badness enumeration
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-07-27 04:58:07 -07:00
Thien Tran
b5afd8e0d5
Switch to Cloudflare DNS
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-06-25 13:19:57 -07:00
Thien Tran
45fa68d5c9
Typo fix
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-06-11 03:48:51 -07:00
Thien Tran
05b2df9c8b
Use systrap by default
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-06-08 16:06:20 -07:00
Tommy
996c4a331e
Update Ignition files
Signed-off-by: Tommy <contact@tommytran.io>
2023-04-15 04:24:16 -04:00
Tommy
af51a505ae
Fix gVisor SELinux context
Signed-off-by: Tommy <contact@tommytran.io>
2023-04-15 04:22:34 -04:00
Robin Ophalvens
6a0f4afe1d
Add missing sed in-place flag (#1)
* Add missing sed in-place flag

* Update README to warn passwordless users
2023-04-15 04:05:22 -04:00
Tommy
3b845ea7d2
Indentcation fix
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-29 11:49:12 -04:00
Tommy
92fc6758d3
Regornaize the postinst service
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-29 01:07:50 -04:00
Tommy
6393fd4f75
Allow ICMP
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-20 13:59:24 -04:00
Tommy
948aaf845d
Remove remote filesystems
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-19 22:05:31 -04:00
Tommy
e04ff2250e
Enable gvisor updater
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-16 14:03:16 -04:00
Tommy
e1bb116517
Allow ptrace
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-16 13:59:34 -04:00
Tommy
5b9605128f
Disable rollout wariness
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-15 19:07:01 -04:00
Tommy
c593f64c5c
Use host network for gVisor
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-15 19:03:29 -04:00
Tommy
041b880c09
Fix deletion command
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-15 03:28:08 -04:00
Tommy
a81fa14ebf
Add 5 seconds sleep
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-15 02:10:09 -04:00
Tommy
0826c5962c
Use gVisor
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-15 01:38:02 -04:00
Tommy
30196a1409
Remove do-not-query-localhost
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-11 11:00:35 -05:00
Tommy
be7393ba04
Update Kicksecure sysctl
Signed-off-by: Tommy <contact@tommytran.io>
2023-02-04 05:26:13 -05:00
Tommy
b2bfd7df0a
Remove unnecessary unbound configs
Signed-off-by: Tommy <contact@tommytran.io>
2023-01-24 09:10:51 -05:00
Tommy
73855406f7
Update unbound configuration
Signed-off-by: Tommy <contact@tommytran.io>
2023-01-24 07:50:03 -05:00
Tommy
c2dc6c9363
Use link for unbound
Signed-off-by: Tommy <contact@tommytran.io>
2023-01-24 02:33:44 -05:00
Tommy
3148545adf
Enable DNSSEC and DOT
Signed-off-by: Tommy <contact@tommytran.io>
2023-01-24 01:07:16 -05:00
Tommy
31d030ef1a
Add VerifyHostKeyDNS
Signed-off-by: Tommy <contact@tommytran.io>
2023-01-18 06:53:12 -05:00
Tommy
66846eacc7
Use SSHD socket
Signed-off-by: Tommy <contact@tommytran.io>
2022-12-26 10:17:18 -05:00
Tommy
28f36ae0aa
Typo fix
Signed-off-by: Tommy <contact@tommytran.io>
2022-12-14 01:41:07 -05:00
Tommy
e91473fe24
Additional hardening
Signed-off-by: Tommy <contact@tommytran.io>
2022-12-01 14:47:50 -05:00
Tommy
f6393dc6fa
Add auto-updater.service to Docker-Compose files
Signed-off-by: Tommy <contact@tommytran.io>
2022-11-25 02:39:56 -05:00
Tommy
b436314d54
kernel.yama.ptrace_scope=3
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-16 04:20:37 -04:00
Tommy
3f3cbd4bd3
Fix invalid config
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-12 19:01:25 -04:00
Tommy
901bb8af68
Additional Mitigations
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-12 18:34:28 -04:00
Tommy
c75d4a363a
Update SSHD and Kernel configs
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-12 17:58:29 -04:00
Tommy
2387d6f27f
Update Ignition files
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-05 08:22:43 -04:00
Tommy
372ea1030f
Create Ignition files
Signed-off-by: Tommy <contact@tommytran.io>
2022-09-05 04:20:06 -04:00