aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--README.md2
-rw-r--r--roles/host/tasks/main.yml4
-rw-r--r--roles/host/tasks/unprivileged-port.yml (renamed from roles/host/tasks/unprivileged-ports.yml)8
3 files changed, 7 insertions, 7 deletions
diff --git a/README.md b/README.md
index 3315826..6e1e16d 100644
--- a/README.md
+++ b/README.md
@@ -35,7 +35,7 @@ Provide your own inventory and/or variables to override this.
## Tags
- `host.yml`:
- - `unprivileged-ports` - configures host to allow port `80` and above to be used by unprivileged accounts
+ - `unprivileged-port` - configures host to allow unprivileged accounts to use privileged ports, defaults to `80`
- `cpanel-dnsonly` - changes only needed when running on a dnsonly cPanel instance, check `roles/host/tasks/cpanel-dnsonly.yml` for details
- `containers.yml`:
- `create` - create quadlet files
diff --git a/roles/host/tasks/main.yml b/roles/host/tasks/main.yml
index 5b9dd6b..3b92a94 100644
--- a/roles/host/tasks/main.yml
+++ b/roles/host/tasks/main.yml
@@ -8,10 +8,10 @@
- ansible.builtin.import_tasks: systemd-user-network-check.yml
-- ansible.builtin.import_tasks: unprivileged-ports.yml
+- ansible.builtin.import_tasks: unprivileged-port.yml
tags:
- never
- - unprivileged-ports
+ - unprivileged-port
- ansible.builtin.import_tasks: cpanel-dnsonly.yml
tags:
diff --git a/roles/host/tasks/unprivileged-ports.yml b/roles/host/tasks/unprivileged-port.yml
index b6afd29..c724e49 100644
--- a/roles/host/tasks/unprivileged-ports.yml
+++ b/roles/host/tasks/unprivileged-port.yml
@@ -1,11 +1,11 @@
-- name: Set unprivileged ports sysctl parameter in /etc/sysctl.d/50-UnprivilegedPorts.conf
+- name: Set unprivileged ports sysctl parameter in /etc/sysctl.d/50-UnprivilegedPort.conf
ansible.builtin.lineinfile:
- path: "/etc/sysctl.d/50-UnprivilegedPorts.conf"
+ path: "/etc/sysctl.d/50-UnprivilegedPort.conf"
regexp: "^net.ipv4.ip_unprivileged_port_start="
- line: "net.ipv4.ip_unprivileged_port_start={{ host_unprivileged_ports_start }}"
+ line: "net.ipv4.ip_unprivileged_port_start={{ host_unprivileged_port_start }}"
create: true
register: sysctl
- name: Reload sysctl
- ansible.builtin.shell: "sysctl -p /etc/sysctl.d/50-UnprivilegedPorts.conf"
+ ansible.builtin.shell: "sysctl -p /etc/sysctl.d/50-UnprivilegedPort.conf"
when: sysctl.changed
generated by cgit (git 2.34.1) at 2025-12-06 06:27:50 +0000