RedXen
/
ansible-systemd
Archived
1
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

Allow h2 and alpn, add PROXY and give telegraf network control perms for wireguard

This commit is contained in:
Alex 2020-06-19 23:25:23 +02:00
parent b6f5c6a4f1
commit 1c0e1c432b
Signed by: caskd
GPG Key ID: F92BA85F61F4C173
2 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
templates/telegraf.service.j2
View File

@ -24,3 +24,7 @@ MemoryDenyWriteExecute=yes
LockPersonality=yes LockPersonality=yes
PrivateTmp=yes PrivateTmp=yes
PrivateDevices=yes PrivateDevices=yes
{% if inventory_hostname == "n1" %}
CapabilityBoundingSet=CAP_NET_ADMIN
AmbientCapabilities=CAP_NET_ADMIN
{% endif %}

2
templates/varnish.service.j2
View File

@ -7,4 +7,4 @@ Restart=on-failure
RestartSec=10 RestartSec=10
ExecStart= ExecStart=
ExecStart=/usr/sbin/varnishd -F -a {{ varnish.frontend.sock }},user={{ varnish.frontend.user }},group={{ varnish.frontend.group }},mode={{ varnish.frontend.mode }} -j unix,user={{ varnish.jail.user }} -f /etc/varnish/default.vcl -s malloc,256m ExecStart=/usr/sbin/varnishd -F -a {{ varnish.frontend.sock }},user={{ varnish.frontend.user }},group={{ varnish.frontend.group }},mode={{ varnish.frontend.mode }},PROXY -p feature=+http2 -j unix,user={{ varnish.jail.user }} -f /etc/varnish/default.vcl -s malloc,512m