scottk/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-03-22 06:41:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,435 Commits 1 Branch 0 Tags
d6a1966a42e7aaaffc051ce4dfd2ee945ce7ea01
Commit Graph

10 Commits

Author SHA1 Message Date
Jamil
d656cd54f6 chore: remove test lib bash sourcing from customer-run scripts (#4753) 
Didn't catch this in code review. These are run on customer's systems
and can't possibly source our shared script.
 2024-04-23 19:04:02 +00:00
Thomas Eizinger
26494b0e34 ci: reduce duplication in integration tests (#4583) 
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
 2024-04-11 23:01:12 +00:00
Jamil
19a7bac4ae chore(ci): enforce shellscript formatting and style (#3679) 
Noticed that we all have different styles of writing scripts :-).

This PR adds linting to our shell scripts to standardize on formatting,
catch common issues and/or possible security bugs.

For editor setup:
- Ensure [`shellcheck`](https://github.com/koalaman/shellcheck) and
[`shfmt`](https://github.com/mvdan/sh) are in your `PATH`
- Configure `shfmt` with indentation of `4`, otherwise it uses tabs by
default.
[Here](https://github.com/jamilbk/nvim/blob/master/init.vim#L159) is how
you can do that with Vim and
[here](https://marketplace.visualstudio.com/items?itemName=mkhl.shfmt)
is how for VScode.

---------

Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Brian Manifold <bmanifold@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Andrew Dryga <andrew@dryga.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
 2024-02-21 01:01:32 +00:00
Andrew Dryga
4dc8cdf908 Revert "fix(gateway): Remove /dev/net/tun requirement and clean up upgrade script (#3691) 
This reverts PR #3392.
This reverts commit 16f5401a73.
 2024-02-19 20:03:14 +00:00
Jamil
16f5401a73 fix(gateway): Remove /dev/net/tun requirement and clean up upgrade script (#3392) 
* Clean up gateway upgrade script
* Fixes #3226 to remove another place where things can go wrong when
upgrading gateways
 2024-01-29 04:19:59 +00:00
Jamil
eeaa65812e fix(gateway): Use new prod Docker registry for upgrades (#3386) 2024-01-24 10:48:18 -08:00
Jamil
3c2b32c215 revert(devops): Revert healthcommands (#3280) 2024-01-17 03:35:45 -08:00
Jamil
36209c7d2d fix(rust): Check /proc for health checks (#3250) 
Debian slim is slimmer than we could ever have imagined.
 2024-01-16 16:46:44 +00:00
Jamil
34ab093dbc security(gateway): Don't run systemd gateways as root (#2943) 
Docker-based gateways won't have working IPv6 (good point @AndrewDryga),
so I started testing the systemd gateways more and found some issues I
fixed.

* Update default tab order for Deploy gateways page to prefer systemd
* Update unit file to run gateway as unprivileged user
* Remove dependency on `wget` in unit file
* Fix iptables logic so rules as re-created on reboot
* Use `/var/lib/firezone` instead of `/etc/firezone` for writing runtime
files (`/etc/` is often mounted read-only on hardened systems)

---------

Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
Co-authored-by: Andrew Dryga <andrew@dryga.com>
 2023-12-21 18:29:10 +00:00
Jamil
54e2258264 Gateway upgrade docs (#2914) 
Realized we need a small script to upgrade Docker-based gateways
reliably.
 2023-12-14 21:20:30 -08:00