summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Matthijs Kooijman [Wed, 29 Feb 2012 11:50:01 +0000 (12:50 +0100)]
system: Add default /etc/skel directory.
This is the homedir skeleton as created by the default Debian install,
without any modifications.
Daniele Sluijters [Wed, 29 Feb 2012 11:04:07 +0000 (12:04 +0100)]
lxc: Add a bindmount for /data/users
Matthijs Kooijman [Wed, 29 Feb 2012 10:54:35 +0000 (11:54 +0100)]
lxc: Append .local to the container hostnames.
Setting .local in the hostname allows containers to find their own fqdn.
Setting the short hostname to a full hostname isn't really how it should
be, but there seems to be no way to convince avahi/mdns to resolve the
short hostname to the full .local version otherwise.
Matthijs Kooijman [Wed, 29 Feb 2012 10:49:38 +0000 (11:49 +0100)]
lxc/ldap: Mount /data/db/ldap.
Matthijs Kooijman [Tue, 13 Sep 2011 19:01:16 +0000 (21:01 +0200)]
lxc: Add ldap container configuration
Matthijs Kooijman [Wed, 17 Aug 2011 12:44:45 +0000 (14:44 +0200)]
lxc: Drop a bunch of capabilities in the template container
This should enhance the security of the containers a bit, but it's
certainly not foolproof yet and dropping these capabilities might have
side effects as well (some are a bit coarse-grained, like sys_admin).
Matthijs Kooijman [Wed, 17 Aug 2011 11:37:04 +0000 (13:37 +0200)]
lxc: Move template container's rootfs to /containers
Matthijs Kooijman [Wed, 17 Aug 2011 11:53:40 +0000 (13:53 +0200)]
lxc: Make mount entries relative in template container config.
Turns out lxc supports specifiying relative paths within its mount
entries, preventing duplicating the rootfs path.
Matthijs Kooijman [Wed, 17 Aug 2011 11:36:46 +0000 (13:36 +0200)]
fstab: Rename /vservers to /containers.
Matthijs Kooijman [Mon, 15 Aug 2011 21:28:00 +0000 (23:28 +0200)]
lxc: Setup networking for the template container.
Matthijs Kooijman [Mon, 15 Aug 2011 21:26:13 +0000 (23:26 +0200)]
network: Add br-lxc bridge for containers.
This is a bridge interface, under which all containers will get an
interface. Only containers' interfaces will be added there, which will
be received by the host system on this bridge interface and routed or
NATed from there.
Matthijs Kooijman [Sun, 14 Aug 2011 14:23:55 +0000 (16:23 +0200)]
lxc: Reorder and better document template container configuration.
This only adds comments and reorders lines, no real changes are made.
Matthijs Kooijman [Sun, 14 Aug 2011 14:22:37 +0000 (16:22 +0200)]
lxc: Log console output for the template container.
Matthijs Kooijman [Sun, 14 Aug 2011 14:21:44 +0000 (16:21 +0200)]
lxc: Virtualize the hostname for the template container.
Matthijs Kooijman [Sun, 14 Aug 2011 14:19:54 +0000 (16:19 +0200)]
lxc: Limit the template container to 256 pts nodes.
The default device configuration only allows access to /dev/pts/* nodes
up to 255, so let's keep the pts limit in sync with that (but note that
this limit does not seem to be implemented currently, according to
lxc.conf(5)).
Matthijs Kooijman [Sun, 14 Aug 2011 14:19:21 +0000 (16:19 +0200)]
lxc: Better document device config for the template container.
This changes only comments.
Matthijs Kooijman [Sun, 14 Aug 2011 14:13:41 +0000 (16:13 +0200)]
lxc: Add configuration for template container.
This container will serve as a template for other containers. The
configuration is generated using lxc-create using the "debian" template.
Matthijs Kooijman [Sun, 14 Aug 2011 12:02:26 +0000 (14:02 +0200)]
fstab: Mount cgroup control filesystem.
This is needed to work with Linux Containers (lxc). The exact mount
location doesn't matter, so we use the commonly used /var/local/cgroup.
Matthijs Kooijman [Fri, 25 Mar 2011 08:57:44 +0000 (09:57 +0100)]
vserver: Make /data/db/ldap available in the ldap vserver.
Matthijs Kooijman [Thu, 24 Mar 2011 21:11:29 +0000 (22:11 +0100)]
vserver: Add ldap vserver configuration.
Daniele Sluijters [Thu, 24 Mar 2011 16:26:50 +0000 (17:26 +0100)]
sudo: Keep HGRCPATH variable.
Matthijs Kooijman [Thu, 18 Nov 2010 19:06:31 +0000 (20:06 +0100)]
kernel: Don't install symlinks in /.
Matthijs Kooijman [Thu, 18 Nov 2010 19:00:34 +0000 (20:00 +0100)]
kernel: Add default kernel-img.conf.
Matthijs Kooijman [Thu, 18 Nov 2010 18:53:23 +0000 (19:53 +0100)]
system: Don't accept ipv6 router advertisements.
Matthijs Kooijman [Thu, 18 Nov 2010 18:41:18 +0000 (19:41 +0100)]
system: Enable the acl option for /data and /home.
root [Tue, 16 Sep 2008 15:57:02 +0000 (17:57 +0200)]
apt: Set Default-release to "squeeze".
Note that we don't use "stable", since squeeze is still testing right
now.
Matthijs Kooijman [Thu, 16 Oct 2008 17:05:48 +0000 (19:05 +0200)]
vserver: Add a new script, vserver-hashify-all.
Matthijs Kooijman [Thu, 16 Oct 2008 14:10:07 +0000 (16:10 +0200)]
vserver: Add script for adding and setting up new vservers.
Matthijs Kooijman [Fri, 26 Sep 2008 20:06:39 +0000 (22:06 +0200)]
vserver: Add a hash directory for the /vservers filesystem.
Matthijs Kooijman [Fri, 26 Sep 2008 19:54:36 +0000 (21:54 +0200)]
vserver: Update vdirbase configuration to point to /vservers.
Matthijs Kooijman [Thu, 18 Nov 2010 14:47:36 +0000 (15:47 +0100)]
vserver: Create clone-exclude for files not be copied on cloning.
This file is not used automatically, but should be passed to
vserver ... build ... --exclude-from
Matthijs Kooijman [Tue, 16 Sep 2008 15:54:49 +0000 (17:54 +0200)]
vserver: Set an explicit exclude list for vhashify, based on the default one.
Matthijs Kooijman [Tue, 16 Sep 2008 15:54:06 +0000 (17:54 +0200)]
vserver: Disable automatic config file detection for vhashify.
Matthijs Kooijman [Fri, 8 Aug 2008 09:55:00 +0000 (11:55 +0200)]
vserver: Add default fstab for vservers.
This fstab is copied from /usr/lib/util-vserver/defaults/fstab.
Matthijs Kooijman [Thu, 18 Nov 2010 14:37:32 +0000 (15:37 +0100)]
vserver: Add default configuration files.
Matthijs Kooijman [Tue, 17 Jun 2008 11:55:02 +0000 (13:55 +0200)]
system: Enable getty on the first serial port.
Matthijs Kooijman [Tue, 21 Sep 2010 14:43:29 +0000 (16:43 +0200)]
sshd: Add default configuration.
Matthijs Kooijman [Tue, 21 Sep 2010 14:43:12 +0000 (16:43 +0200)]
rsyslog: Add default configuration.
Matthijs Kooijman [Tue, 21 Sep 2010 14:42:32 +0000 (16:42 +0200)]
system: Add default inittab.
Matthijs Kooijman [Tue, 21 Sep 2010 14:41:13 +0000 (16:41 +0200)]
system: Add default hosts file.
This is the file as generated by debian-installer.
Matthijs Kooijman [Tue, 21 Sep 2010 14:40:09 +0000 (16:40 +0200)]
system: Add default fstab file.
This is the file as created by debian-installer.
Matthijs Kooijman [Tue, 21 Sep 2010 14:36:13 +0000 (16:36 +0200)]
system: Add default networking configuration.
This is the configuration created by debian-installer.
Matthijs Kooijman [Tue, 21 Sep 2010 14:35:01 +0000 (16:35 +0200)]
apt: Add our own custom repository.
Matthijs Kooijman [Tue, 21 Sep 2010 14:27:11 +0000 (16:27 +0200)]
sudo: Keep SSH_* environment variables.
Matthijs Kooijman [Tue, 21 Sep 2010 14:03:37 +0000 (16:03 +0200)]
system: Don't load the pcspkr module.
Matthijs Kooijman [Tue, 21 Sep 2010 12:16:01 +0000 (14:16 +0200)]
sudo: Keep GIT_* environment variables.
This allows setting committer and author info through sudo.
Matthijs Kooijman [Tue, 21 Sep 2010 12:15:30 +0000 (14:15 +0200)]
bash: Enable extra bash completion.
Matthijs Kooijman [Tue, 21 Sep 2010 12:14:12 +0000 (14:14 +0200)]
sudo: Add default sudoers file.
Matthijs Kooijman [Tue, 21 Sep 2010 12:12:50 +0000 (14:12 +0200)]
bash: Add default bash.bashrc and profile.
Matthijs Kooijman [Tue, 21 Sep 2010 12:11:59 +0000 (14:11 +0200)]
apt: Add default sources.list.
Matthijs Kooijman [Tue, 21 Sep 2010 12:09:19 +0000 (14:09 +0200)]
Empty initial commit.