diff options
| -rwxr-xr-x | post-setup.sh | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/post-setup.sh b/post-setup.sh index 68dfce1..c8a7294 100755 --- a/post-setup.sh +++ b/post-setup.sh @@ -75,11 +75,22 @@ rc-update add bluetooth default # Setup firewall # requires: ufw - +subnet=192.168.1.0/24 ufw enable ufw default deny incoming ufw default allow outgoing -ufw allow from 192.168.1.0/24 to any port 22/tcp comment 'Allow incoming SSH via subnet' +ufw allow from $subnet to any port 22/tcp comment 'Allow incoming SSH via subnet' + +# Podman +apk add crun podman +rc-update add cgroups +rc-service cgroups start + +# for rootless/user run podman +modprobe tun +grep "^tun" /etc/modules || echo tun >> /etc/modules +echo "$user:100000:65536" > /etc/subuid +echo "$user:100000:65536" > /etc/subgid # Setup xdg user directories # requires: xdg-user-dirs |