Commit Graph

22 Commits

Author SHA1 Message Date
789f09f249
compose(drone-runner-docker): stop exposing :5000 2022-09-28 16:50:39 +02:00
0380712545
compose(drone-server): set cpu,mem limits 2022-09-28 16:47:03 +02:00
ae9d9a4324
compose: mount /etc/localtime into containers 2022-09-28 16:41:09 +02:00
d6fc9bd9f8
compose(drone-gc): don't run in debug mode 2022-09-28 16:40:01 +02:00
665dbda834
compose(drone-gc): set cpu,mem limits 2022-09-28 16:38:56 +02:00
50700b8021
compose: adjust GC_INTERVAL 2022-09-28 16:38:17 +02:00
5cfb2979cb
compose: pin revisions 2022-09-28 16:37:47 +02:00
61c2db54d2
compose: add labels for traefik to ignore 2022-09-28 16:36:40 +02:00
594825aa53
systemd,compose: adjust restart policy 2022-09-28 16:35:26 +02:00
260ad07626
systemd(SystemCallFilter=~): allow resources group 2022-09-28 16:32:40 +02:00
0229ed60ec
systemd: add ExecStartPre directive 2022-09-28 16:31:50 +02:00
0747bb247b
systemd: increase restart timeout to 15s 2022-09-28 16:31:19 +02:00
1687d49526
systemd: adjust dependency relations 2022-09-28 16:31:01 +02:00
f461367c73
systemd: stop delegating cgroups 2022-09-28 16:29:50 +02:00
ea51959b59
systemd: use Environment for DRYness 2022-09-28 16:28:38 +02:00
ab4e6375e0
set RestrictAddressFamilies to unix,ipv4,ipv6 2022-04-20 16:54:52 +02:00
c27499e2d3
rm forgotten comment 2022-04-20 16:53:46 +02:00
2ddfd699c3
restrict all namespaces 2022-04-20 16:52:59 +02:00
02098c63d4
set ProtectProc,ProcSubset 2022-04-20 16:52:11 +02:00
9b6bc98086
tighten Capabilities and SystemCallFilter list 2022-04-20 16:51:14 +02:00
1d34e711f6
run service with "--remove-orphans" 2022-04-20 16:49:23 +02:00
38e53c1060
create proper folder structer 2022-03-26 02:55:00 +01:00