[gitlab] gardening

c11a7664 · shirenn · 8db9375a · c11a7664 · c11a7664 · c11a7664
Commit c11a7664 authored 2 years ago by shirenn 🌊
--- a/roles/docker/templates/systemd/system/docker.service.d/override.conf.j2
+++ b/roles/docker/templates/systemd/system/docker.service.d/override.conf.j2
 [Service]
 # Allow domain resolution, don't use adm network for anything else
-ExecStartPost=/bin/sh -c "/usr/sbin/iptables -I FORWARD 1 -i docker0 -d {{ docker.dns_network }} -p udp --dport 53 -j ACCEPT; /usr/sbin/iptables -I FORWARD 2 -d {{ docker.adm_network }} -i docker0 -j REJECT --reject-with icmp-port-unreachable"
+ExecStartPost=/bin/sh -c "/usr/sbin/iptables -I FORWARD 1 -i docker0 -d 172.16.10.128/32 -p udp --dport 53 -j ACCEPT; /usr/sbin/iptables -I FORWARD 2 -d 172.16.0.0/16 -i docker0 -j REJECT --reject-with icmp-port-unreachable"
 ExecStopPost=/usr/sbin/iptables --flush FORWARD
--- a/roles/gitlab-runner/tasks/main.yml
+++ b/roles/gitlab-runner/tasks/main.yml
@@ -26,7 +26,7 @@
 # Add the repository into source list
 - name: Configure Gitlab repository
  apt_repository:
-    repo: deb https://packages.gitlab.com/runner/gitlab-runner/debian/ buster main
+    repo: "deb https://packages.gitlab.com/runner/gitlab-runner/debian/ {{ ansible_distribution_release }} main"
    state: present

 - name: Install gitlab-runner

--- a/roles/irker/tasks/main.yml
+++ b/roles/irker/tasks/main.yml
@@ -37,7 +37,7 @@
  lineinfile:
    path: /etc/default/irker
    regexp: ^IRKER_OPTIONS=
-    line: IRKER_OPTIONS="-n {{ irker.name }} -d warning"
+    line: IRKER_OPTIONS="-n {{ irker.name }}"
    create: true
    owner: root
    group: root