From 1d83a8c9e71a945d20d4de9db270b192c6842e9c Mon Sep 17 00:00:00 2001
From: LinuxSquare <7436714-OfficialLinuxSquare@users.noreply.gitlab.com>
Date: Fri, 27 Oct 2023 17:22:14 +0200
Subject: [PATCH] podman - npm: disable privileged ports

---
 podman/containers/files/files_unprivileged_ports.jinja | 3 ---
 podman/containers/npm.sls                              | 5 +----
 2 files changed, 1 insertion(+), 7 deletions(-)
 delete mode 100644 podman/containers/files/files_unprivileged_ports.jinja

diff --git a/podman/containers/files/files_unprivileged_ports.jinja b/podman/containers/files/files_unprivileged_ports.jinja
deleted file mode 100644
index 3093811..0000000
--- a/podman/containers/files/files_unprivileged_ports.jinja
+++ /dev/null
@@ -1,3 +0,0 @@
-{%- for port in UNPRIVILEGED_PORTS %}
-net.ipv4.ip_unprivileged_port_start={{ port }}
-{%- endfor %}
diff --git a/podman/containers/npm.sls b/podman/containers/npm.sls
index 26246e3..2d69c45 100644
--- a/podman/containers/npm.sls
+++ b/podman/containers/npm.sls
@@ -42,10 +42,7 @@ podman_containers_npm_letsencrypt_dir:
 podman_containers_npm_privileged_ports:
   file.managed:
     - name: /etc/sysctl.d/podman.conf
-    - source: salt://{{ tpldir }}/files/files_unprivileged_ports.jinja
-    - template: jinja
-    - context:
-        UNPRIVILEGED_PORTS: [22, 80, 81, 443]
+    - text: net.ipv4.ip_unprivileged_port_start = 0
     - user: root
     - group: root
     - mode: '0644'