[gitlab] gardening

2022-11-30 15:56:52 +01:00 · 2022-11-30 15:56:52 +01:00 · c11a7664f5
parent 8db9375a49
commit c11a7664f5
3 changed files with 3 additions and 3 deletions
--- a/roles/docker/templates/systemd/system/docker.service.d/override.conf.j2
+++ b/roles/docker/templates/systemd/system/docker.service.d/override.conf.j2
@ -1,4 +1,4 @@
 [Service]
 # Allow domain resolution, don't use adm network for anything else
-ExecStartPost=/bin/sh -c "/usr/sbin/iptables -I FORWARD 1 -i docker0 -d {{ docker.dns_network }} -p udp --dport 53 -j ACCEPT; /usr/sbin/iptables -I FORWARD 2 -d {{ docker.adm_network }} -i docker0 -j REJECT --reject-with icmp-port-unreachable"
+ExecStartPost=/bin/sh -c "/usr/sbin/iptables -I FORWARD 1 -i docker0 -d 172.16.10.128/32 -p udp --dport 53 -j ACCEPT; /usr/sbin/iptables -I FORWARD 2 -d 172.16.0.0/16 -i docker0 -j REJECT --reject-with icmp-port-unreachable"
 ExecStopPost=/usr/sbin/iptables --flush FORWARD
--- a/roles/gitlab-runner/tasks/main.yml
+++ b/roles/gitlab-runner/tasks/main.yml
@ -26,7 +26,7 @@
 # Add the repository into source list
 - name: Configure Gitlab repository
  apt_repository:
-    repo: deb https://packages.gitlab.com/runner/gitlab-runner/debian/ buster main
+    repo: "deb https://packages.gitlab.com/runner/gitlab-runner/debian/ {{ ansible_distribution_release }} main"
    state: present
 - name: Install gitlab-runner
--- a/roles/irker/tasks/main.yml
+++ b/roles/irker/tasks/main.yml
@ -37,7 +37,7 @@
  lineinfile:
    path: /etc/default/irker
    regexp: ^IRKER_OPTIONS=
-    line: IRKER_OPTIONS="-n {{ irker.name }} -d warning"
+    line: IRKER_OPTIONS="-n {{ irker.name }}"
    create: true
    owner: root
    group: root