podman - npm: disable privileged ports

2023-10-27 17:22:14 +02:00 · 2023-10-27 17:22:14 +02:00 · 1d83a8c9e7
commit 1d83a8c9e7
parent 6e020a8333
2 changed files with 1 additions and 7 deletions
--- a/podman/containers/files/files_unprivileged_ports.jinja
+++ b/podman/containers/files/files_unprivileged_ports.jinja
@ -1,3 +0,0 @@
-{%- for port in UNPRIVILEGED_PORTS %}
-net.ipv4.ip_unprivileged_port_start={{ port }}
-{%- endfor %}
--- a/podman/containers/npm.sls
+++ b/podman/containers/npm.sls
@ -42,10 +42,7 @@ podman_containers_npm_letsencrypt_dir:
 podman_containers_npm_privileged_ports:
  file.managed:
    - name: /etc/sysctl.d/podman.conf
-    - source: salt://{{ tpldir }}/files/files_unprivileged_ports.jinja
-    - template: jinja
-    - context:
-        UNPRIVILEGED_PORTS: [22, 80, 81, 443]
+    - text: net.ipv4.ip_unprivileged_port_start = 0
    - user: root
    - group: root
    - mode: '0644'