diff options
| author | Ćukasz 'sil2100' Zemczak <lukasz.zemczak@ubuntu.com> | 2017-09-04 10:27:07 +0200 |
|---|---|---|
| committer | usd-importer <ubuntu-server@lists.ubuntu.com> | 2017-09-04 09:38:24 +0000 |
| commit | 185ceb32fea5d5c2a43d7b6ee2a40228489055f4 (patch) | |
| tree | 2e1c9cc42510c4a922cf63fa265ec0e1945ec14b /config | |
| parent | 43bdf9debe5377216aed0086bff2aad864f6ba82 (diff) | |
| download | vyos-walinuxagent-185ceb32fea5d5c2a43d7b6ee2a40228489055f4.tar.gz vyos-walinuxagent-185ceb32fea5d5c2a43d7b6ee2a40228489055f4.zip | |
Import patches-unapplied version 2.2.16-0ubuntu1 to ubuntu/artful-proposed
Imported using git-ubuntu import.
Changelog parent: 43bdf9debe5377216aed0086bff2aad864f6ba82
New changelog entries:
* New upstream release (LP: #1714299).
Diffstat (limited to 'config')
| -rw-r--r-- | config/alpine/waagent.conf | 9 | ||||
| -rw-r--r-- | config/arch/waagent.conf | 9 | ||||
| -rw-r--r-- | config/bigip/waagent.conf | 19 | ||||
| -rw-r--r-- | config/clearlinux/waagent.conf | 9 | ||||
| -rw-r--r-- | config/coreos/waagent.conf | 9 | ||||
| -rw-r--r-- | config/freebsd/waagent.conf | 9 | ||||
| -rw-r--r-- | config/gaia/waagent.conf | 9 | ||||
| -rw-r--r-- | config/openbsd/waagent.conf | 13 | ||||
| -rw-r--r-- | config/suse/waagent.conf | 9 | ||||
| -rw-r--r-- | config/ubuntu/waagent.conf | 12 | ||||
| -rw-r--r-- | config/waagent.conf | 11 |
11 files changed, 114 insertions, 4 deletions
diff --git a/config/alpine/waagent.conf b/config/alpine/waagent.conf index 2e3f6a5..99495d5 100644 --- a/config/alpine/waagent.conf +++ b/config/alpine/waagent.conf @@ -81,3 +81,12 @@ OS.SshDir=/etc/ssh # handling until inVMArtifactsProfile.OnHold is false. # Default is disabled # EnableOverProvisioning=n + +# Allow fallback to HTTP if HTTPS is unavailable +# Note: Allowing HTTP (vs. HTTPS) may cause security risks +# OS.AllowHTTP=n + +# Add firewall rules to protect access to Azure host node services +# Note: +# - The default is false to protect the state of exising VMs +OS.EnableFirewall=y diff --git a/config/arch/waagent.conf b/config/arch/waagent.conf index 686b90c..200a458 100644 --- a/config/arch/waagent.conf +++ b/config/arch/waagent.conf @@ -107,3 +107,12 @@ OS.SshDir=/etc/ssh # handling until inVMArtifactsProfile.OnHold is false. # Default is disabled # EnableOverProvisioning=n + +# Allow fallback to HTTP if HTTPS is unavailable +# Note: Allowing HTTP (vs. HTTPS) may cause security risks +# OS.AllowHTTP=n + +# Add firewall rules to protect access to Azure host node services +# Note: +# - The default is false to protect the state of exising VMs +OS.EnableFirewall=y diff --git a/config/bigip/waagent.conf b/config/bigip/waagent.conf index a6a380b..9ff6ee1 100644 --- a/config/bigip/waagent.conf +++ b/config/bigip/waagent.conf @@ -76,4 +76,21 @@ OS.SshdConfigPath=/config/ssh/sshd_config OS.EnableRDMA=n # Enable or disable goal state processing auto-update, default is enabled -AutoUpdate.Enabled=y
\ No newline at end of file +AutoUpdate.Enabled=y + +# Determine the update family, this should not be changed +# AutoUpdate.GAFamily=Prod + +# Determine if the overprovisioning feature is enabled. If yes, hold extension +# handling until inVMArtifactsProfile.OnHold is false. +# Default is disabled +# EnableOverProvisioning=n + +# Allow fallback to HTTP if HTTPS is unavailable +# Note: Allowing HTTP (vs. HTTPS) may cause security risks +# OS.AllowHTTP=n + +# Add firewall rules to protect access to Azure host node services +# Note: +# - The default is false to protect the state of exising VMs +OS.EnableFirewall=y diff --git a/config/clearlinux/waagent.conf b/config/clearlinux/waagent.conf index 6606cd7..8109425 100644 --- a/config/clearlinux/waagent.conf +++ b/config/clearlinux/waagent.conf @@ -79,3 +79,12 @@ AutoUpdate.GAFamily=Prod # handling until inVMArtifactsProfile.OnHold is false. # Default is disabled # EnableOverProvisioning=n + +# Allow fallback to HTTP if HTTPS is unavailable +# Note: Allowing HTTP (vs. HTTPS) may cause security risks +# OS.AllowHTTP=n + +# Add firewall rules to protect access to Azure host node services +# Note: +# - The default is false to protect the state of exising VMs +OS.EnableFirewall=y diff --git a/config/coreos/waagent.conf b/config/coreos/waagent.conf index 664d037..cbb327f 100644 --- a/config/coreos/waagent.conf +++ b/config/coreos/waagent.conf @@ -107,3 +107,12 @@ OS.OpensslPath=None # handling until inVMArtifactsProfile.OnHold is false. # Default is disabled # EnableOverProvisioning=n + +# Allow fallback to HTTP if HTTPS is unavailable +# Note: Allowing HTTP (vs. HTTPS) may cause security risks +OS.AllowHTTP=y + +# Add firewall rules to protect access to Azure host node services +# Note: +# - The default is false to protect the state of exising VMs +OS.EnableFirewall=y diff --git a/config/freebsd/waagent.conf b/config/freebsd/waagent.conf index 5149573..6406c75 100644 --- a/config/freebsd/waagent.conf +++ b/config/freebsd/waagent.conf @@ -105,3 +105,12 @@ OS.SudoersDir=/usr/local/etc/sudoers.d # handling until inVMArtifactsProfile.OnHold is false. # Default is disabled # EnableOverProvisioning=n + +# Allow fallback to HTTP if HTTPS is unavailable +# Note: Allowing HTTP (vs. HTTPS) may cause security risks +# OS.AllowHTTP=n + +# Add firewall rules to protect access to Azure host node services +# Note: +# - The default is false to protect the state of exising VMs +OS.EnableFirewall=y diff --git a/config/gaia/waagent.conf b/config/gaia/waagent.conf index 75550a6..9c28ba3 100644 --- a/config/gaia/waagent.conf +++ b/config/gaia/waagent.conf @@ -104,3 +104,12 @@ AutoUpdate.Enabled=n # handling until inVMArtifactsProfile.OnHold is false. # Default is disabled # EnableOverProvisioning=n + +# Allow fallback to HTTP if HTTPS is unavailable +# Note: Allowing HTTP (vs. HTTPS) may cause security risks +# OS.AllowHTTP=n + +# Add firewall rules to protect access to Azure host node services +# Note: +# - The default is false to protect the state of exising VMs +OS.EnableFirewall=y diff --git a/config/openbsd/waagent.conf b/config/openbsd/waagent.conf index 09e7db7..a39a9a5 100644 --- a/config/openbsd/waagent.conf +++ b/config/openbsd/waagent.conf @@ -14,8 +14,8 @@ Provisioning.DeleteRootPassword=y # Generate fresh host key pair. Provisioning.RegenerateSshHostKeyPair=y -# Supported values are "rsa", "dsa", "ecdsa", and "ed25519". -Provisioning.SshHostKeyPairType=ed25519 +# Supported values are "rsa", "dsa", "ecdsa", "ed25519", and "auto". +Provisioning.SshHostKeyPairType=auto # Monitor host name changes and publish changes via DHCP requests. Provisioning.MonitorHostName=y @@ -103,3 +103,12 @@ OS.PasswordPath=/etc/master.passwd # handling until inVMArtifactsProfile.OnHold is false. # Default is disabled # EnableOverProvisioning=n + +# Allow fallback to HTTP if HTTPS is unavailable +# Note: Allowing HTTP (vs. HTTPS) may cause security risks +# OS.AllowHTTP=n + +# Add firewall rules to protect access to Azure host node services +# Note: +# - The default is false to protect the state of exising VMs +OS.EnableFirewall=y diff --git a/config/suse/waagent.conf b/config/suse/waagent.conf index b2e90a8..ba50be6 100644 --- a/config/suse/waagent.conf +++ b/config/suse/waagent.conf @@ -107,3 +107,12 @@ OS.SshDir=/etc/ssh # handling until inVMArtifactsProfile.OnHold is false. # Default is disabled # EnableOverProvisioning=n + +# Allow fallback to HTTP if HTTPS is unavailable +# Note: Allowing HTTP (vs. HTTPS) may cause security risks +# OS.AllowHTTP=n + +# Add firewall rules to protect access to Azure host node services +# Note: +# - The default is false to protect the state of exising VMs +OS.EnableFirewall=y diff --git a/config/ubuntu/waagent.conf b/config/ubuntu/waagent.conf index 734a403..71f2c04 100644 --- a/config/ubuntu/waagent.conf +++ b/config/ubuntu/waagent.conf @@ -82,6 +82,9 @@ OS.SshDir=/etc/ssh # Enable RDMA management and set up, should only be used in HPC images # OS.EnableRDMA=y +# Enable RDMA kernel update, this value is effective on Ubuntu +# OS.UpdateRdmaDriver=y + # Enable or disable goal state processing auto-update, default is enabled # AutoUpdate.Enabled=y @@ -92,3 +95,12 @@ OS.SshDir=/etc/ssh # handling until inVMArtifactsProfile.OnHold is false. # Default is disabled # EnableOverProvisioning=n + +# Allow fallback to HTTP if HTTPS is unavailable +# Note: Allowing HTTP (vs. HTTPS) may cause security risks +# OS.AllowHTTP=n + +# Add firewall rules to protect access to Azure host node services +# Note: +# - The default is false to protect the state of exising VMs +OS.EnableFirewall=y diff --git a/config/waagent.conf b/config/waagent.conf index b1b1ba3..99f54d6 100644 --- a/config/waagent.conf +++ b/config/waagent.conf @@ -14,7 +14,7 @@ Provisioning.DeleteRootPassword=y # Generate fresh host key pair. Provisioning.RegenerateSshHostKeyPair=y -# Supported values are "rsa", "dsa" and "ecdsa". +# Supported values are "rsa", "dsa", "ecdsa", "ed25519", and "auto". Provisioning.SshHostKeyPairType=rsa # Monitor host name changes and publish changes via DHCP requests. @@ -104,3 +104,12 @@ OS.SshDir=/etc/ssh # handling until inVMArtifactsProfile.OnHold is false. # Default is disabled # EnableOverProvisioning=n + +# Allow fallback to HTTP if HTTPS is unavailable +# Note: Allowing HTTP (vs. HTTPS) may cause security risks +# OS.AllowHTTP=n + +# Add firewall rules to protect access to Azure host node services +# Note: +# - The default is false to protect the state of exising VMs +OS.EnableFirewall=y |