Commit Graph

11 Commits

Author SHA1 Message Date
Jonas Nick
5f567ee1ed
Merge #113: Simplify clightning preStart
67a464d097 Mention problems with hardened kernel and NUCs in README (Jonas Nick)
7771a4c931 Refer to systemd man pages for hardening options (Jonas Nick)
a5e10a82d8 Simplify clightning preStart (Jonas Nick)

Pull request description:

  CC @cypherpunk2140

Top commit has no ACKs.

Tree-SHA512: aa726f29e499cc268b21cac8cd07617be591cfdaa89dd0495cb979ebd3e49cc01164af25924c554429a1d35d14167dea276f7d61877452b69f027143cc3eee97
2019-08-21 14:58:22 +00:00
Jonas Nick
1c8dadd876
Add allowAnyProtocol option to nix-bitcoin-services 2019-08-19 21:11:08 +00:00
Jonas Nick
7771a4c931
Refer to systemd man pages for hardening options 2019-08-19 20:44:10 +00:00
Ștefan D. Mihăilă
cd722cac1a
Fix identation 2019-08-18 12:53:08 +02:00
nixbitcoin
7416ec4a29
Limit syscalls with Docker whitelist 2019-05-10 12:42:06 +02:00
Jonas Nick
e1ee5023e2
Rename service settings for 'node' to 'nodejs' to avoid confusion 2019-05-03 10:44:16 +00:00
Jonas Nick
469c1de6a9
Fix electrum after disallowing anything but localhost by adding ipv6 local address 2019-04-28 18:54:13 +00:00
Jonas Nick
6f8dac6e07
Restrict namespaces for systemd services by default 2019-04-28 13:15:17 +00:00
Jonas Nick
eaaf8e9aab
Use IPAddress{Allow,Deny} by default for systemd services 2019-04-28 13:15:17 +00:00
Jonas Nick
d9533edad1
Fix memory deny write execute for nodejs services 2019-04-28 13:15:16 +00:00
Jonas Nick
a089d65d25
Move service hardening flags into separate file 2019-04-28 13:15:12 +00:00