From 1c0e1c432baa0053b78d243cd72f60b7685d7a7d Mon Sep 17 00:00:00 2001
From: Alex <caskd@420blaze.it>
Date: Fri, 19 Jun 2020 23:25:23 +0200
Subject: [PATCH] Allow h2 and alpn, add PROXY and give telegraf network
 control perms for wireguard

---
 templates/telegraf.service.j2 | 4 ++++
 templates/varnish.service.j2  | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/templates/telegraf.service.j2 b/templates/telegraf.service.j2
index d5f0300..aff888a 100644
--- a/templates/telegraf.service.j2
+++ b/templates/telegraf.service.j2
@@ -24,3 +24,7 @@ MemoryDenyWriteExecute=yes
 LockPersonality=yes
 PrivateTmp=yes
 PrivateDevices=yes
+{% if inventory_hostname == "n1" %}
+CapabilityBoundingSet=CAP_NET_ADMIN
+AmbientCapabilities=CAP_NET_ADMIN
+{% endif %}
diff --git a/templates/varnish.service.j2 b/templates/varnish.service.j2
index eb79b0e..73eff04 100644
--- a/templates/varnish.service.j2
+++ b/templates/varnish.service.j2
@@ -7,4 +7,4 @@ Restart=on-failure
 RestartSec=10
 
 ExecStart=
-ExecStart=/usr/sbin/varnishd -F -a {{ varnish.frontend.sock }},user={{ varnish.frontend.user }},group={{ varnish.frontend.group }},mode={{ varnish.frontend.mode }} -j unix,user={{ varnish.jail.user }} -f /etc/varnish/default.vcl -s malloc,256m
+ExecStart=/usr/sbin/varnishd -F -a {{ varnish.frontend.sock }},user={{ varnish.frontend.user }},group={{ varnish.frontend.group }},mode={{ varnish.frontend.mode }},PROXY -p feature=+http2 -j unix,user={{ varnish.jail.user }} -f /etc/varnish/default.vcl -s malloc,512m