{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":105777009,"defaultBranch":"master","name":"pot","ownerLogin":"bsdpot","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2017-10-04T14:15:14.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/102188723?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1703963442.0","currentOid":""},"activityList":{"items":[{"before":"f08fe6d74948fd1ed11285cfaaf5e65a17b24793","after":"9ac5a5fc15843039e1c266cbe9b083f95dd33952","ref":"refs/heads/master","pushedAt":"2023-12-30T19:07:34.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"grembo","name":null,"path":"/grembo","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5884220?s=80&v=4"},"commit":{"message":"Prepare 0.16.0 (#285)","shortMessageHtmlLink":"Prepare 0.16.0 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2060830262\" data-permission-text=\"Title is private\" data-url=\"https://github.com/bsdpot/pot/issues/285\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/bsdpot/pot/pull/285/hovercard\" href=\"https://github.com/bsdpot/pot/pull/285\">#285</a>)"}},{"before":"86fbf29f18e91726e6f8efb15a2c980d22b8596b","after":"f08fe6d74948fd1ed11285cfaaf5e65a17b24793","ref":"refs/heads/master","pushedAt":"2023-12-21T20:45:39.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"grembo","name":null,"path":"/grembo","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5884220?s=80&v=4"},"commit":{"message":"Fix typo in set-status.sh","shortMessageHtmlLink":"Fix typo in set-status.sh"}},{"before":"7b8c376d8cdd5bc810301cc419bb2901b6a682c9","after":"86fbf29f18e91726e6f8efb15a2c980d22b8596b","ref":"refs/heads/master","pushedAt":"2023-12-20T20:36:31.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"grembo","name":null,"path":"/grembo","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5884220?s=80&v=4"},"commit":{"message":"New global config to isolate vnet pots (#283)\n\nThis new global setting called `POT_ISOLATE_VNET_POTS` sets bridge\r\nmember epaira interfaces to be private, preventing them from\r\nforwarding traffic to each other. This helps with overall security,\r\nbut (primarily) makes sure that pots in larger nomad clusters don't\r\ntalk to each other using direct communication instead of published\r\n(natted) endpoints.\r\n\r\nThis could be a more fine-grained per pot setting in the future,\r\nin our setups we only ever needed a global setting decided by\r\nthe infrastructure operator (so, e.g., in the nomad cluster,\r\neverything uses this setting, whereas in the more static part\r\nforming the infrastructure the nomad cluster relies on, direct\r\ncommunication between pots is wanted) and changing it per pot\r\nwould be a disadvantage - hence this implementation.","shortMessageHtmlLink":"New global config to isolate vnet pots (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2049216520\" data-permission-text=\"Title is private\" data-url=\"https://github.com/bsdpot/pot/issues/283\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/bsdpot/pot/pull/283/hovercard\" href=\"https://github.com/bsdpot/pot/pull/283\">#283</a>)"}},{"before":"810af780d71c040c3e4e569670cf8df2d01a2c4c","after":"7b8c376d8cdd5bc810301cc419bb2901b6a682c9","ref":"refs/heads/master","pushedAt":"2023-12-20T20:34:25.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"grembo","name":null,"path":"/grembo","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5884220?s=80&v=4"},"commit":{"message":"Find bridge interfaces by interface group (#282)\n\nThis allows users to give their bridges custom names.\r\nWe might make use of this as well in the future\r\n(think $POT_BRIDGE_NAME).","shortMessageHtmlLink":"Find bridge interfaces by interface group (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2049126220\" data-permission-text=\"Title is private\" data-url=\"https://github.com/bsdpot/pot/issues/282\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/bsdpot/pot/pull/282/hovercard\" href=\"https://github.com/bsdpot/pot/pull/282\">#282</a>)"}},{"before":"c5a8ec4ce369bcc1038efaa4faa62e3b461f5fb9","after":"810af780d71c040c3e4e569670cf8df2d01a2c4c","ref":"refs/heads/master","pushedAt":"2023-12-20T20:33:52.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"grembo","name":null,"path":"/grembo","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5884220?s=80&v=4"},"commit":{"message":"Make init/de-init less intrusive (#284)\n\nThis adds the flag \"-m\" to be minimally intrusive. Also allows\r\nde-init to use \"-p pf_file\" to specify the firewall rulesets\r\n(this way it's symmetrical to init).\r\n\r\nRename \"-f pf_file\" to \"-p pf_file\" in init (as \"-f\" was already\r\ntaken in de-init), but keep \"-f\" as an alias for the time being.\r\n\r\nAdd flag \"-s\" to init (do not alter syslogd configuration).\r\n\r\nSome minor cleanup of variable names while there.\r\n\r\nFixes #85","shortMessageHtmlLink":"Make init/de-init less intrusive (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2050294123\" data-permission-text=\"Title is private\" data-url=\"https://github.com/bsdpot/pot/issues/284\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/bsdpot/pot/pull/284/hovercard\" href=\"https://github.com/bsdpot/pot/pull/284\">#284</a>)"}},{"before":"7a9e223fb01e06dc9f25b4c4c1d4963fdb73d906","after":"c5a8ec4ce369bcc1038efaa4faa62e3b461f5fb9","ref":"refs/heads/master","pushedAt":"2023-12-18T16:55:47.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"grembo","name":null,"path":"/grembo","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5884220?s=80&v=4"},"commit":{"message":"Forward verbosity flags to set-status (#279)\n\nThis gives the set-status call its own function\r\nin common.sh, improving readability.","shortMessageHtmlLink":"Forward verbosity flags to set-status (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2018945463\" data-permission-text=\"Title is private\" data-url=\"https://github.com/bsdpot/pot/issues/279\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/bsdpot/pot/pull/279/hovercard\" href=\"https://github.com/bsdpot/pot/pull/279\">#279</a>)"}},{"before":"146b5591ff87dadbff3a7ddfcff42bd3a7636cc3","after":"7a9e223fb01e06dc9f25b4c4c1d4963fdb73d906","ref":"refs/heads/master","pushedAt":"2023-12-16T14:33:07.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"grembo","name":null,"path":"/grembo","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5884220?s=80&v=4"},"commit":{"message":"Ignore pot status files that predate boot (#278)\n\nSimple check based on the system's uptime","shortMessageHtmlLink":"Ignore pot status files that predate boot (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2018923657\" data-permission-text=\"Title is private\" data-url=\"https://github.com/bsdpot/pot/issues/278\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/bsdpot/pot/pull/278/hovercard\" href=\"https://github.com/bsdpot/pot/pull/278\">#278</a>)"}},{"before":"9a102e9a82accf97501cfea9487e3728ebb6eff1","after":"146b5591ff87dadbff3a7ddfcff42bd3a7636cc3","ref":"refs/heads/master","pushedAt":"2023-12-16T14:32:38.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"grembo","name":null,"path":"/grembo","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5884220?s=80&v=4"},"commit":{"message":"Store tinirc.pid on start, truncate tinirc on start (#277)\n\nStoring the pid (which will become the pid of the process tinirc\r\nstarts) makes writing stop scripts easier.\r\n\r\nPicked /tmp as the location, as /var/run might not be available in\r\nslim no-rc images.\r\n\r\nFixed a bug where an existing copy of tinirc would be appended\r\nto, meaning that none of the pot's settings would actually be\r\napplied.","shortMessageHtmlLink":"Store tinirc.pid on start, truncate tinirc on start (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2000391655\" data-permission-text=\"Title is private\" data-url=\"https://github.com/bsdpot/pot/issues/277\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/bsdpot/pot/pull/277/hovercard\" href=\"https://github.com/bsdpot/pot/pull/277\">#277</a>)"}},{"before":"46f13fe32cd638af9a545b6e4caaed1ce5fa10b8","after":"9a102e9a82accf97501cfea9487e3728ebb6eff1","ref":"refs/heads/master","pushedAt":"2023-11-18T11:26:25.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"grembo","name":null,"path":"/grembo","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5884220?s=80&v=4"},"commit":{"message":"New attribute to control pot stop (#275)\n\nBy setting exec_stop and stop_timeout (which correspond to\r\njail(8) attributes exec.stop and stop.timeout), the user\r\nhas better control over shutting down a pot.\r\n\r\nFor \"fat\" pots this could mean setting\r\n\r\n    pot set-attr -A exec_stop -V \"/bin/sh /etc/rc.shutdown jail\"\r\n\r\nfor light jails (like nomad controlled using tinirc), this could\r\npoint to a simple script that make sure the wrapped process is\r\nstopped gracefully and, in case multiple processes are running\r\ninseide of the pot, make sure they're terminated in the correct\r\norder.\r\n\r\nAlso:\r\n- Fix a typo that made the nullfs attribute not work.\r\n- Make pot start use _save_params, which makes wrapping\r\n  attributes safer and therefore allows to remove\r\n  a shellcheck exemption.","shortMessageHtmlLink":"New attribute to control pot stop (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1989433654\" data-permission-text=\"Title is private\" data-url=\"https://github.com/bsdpot/pot/issues/275\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/bsdpot/pot/pull/275/hovercard\" href=\"https://github.com/bsdpot/pot/pull/275\">#275</a>)"}},{"before":"2611b5e7a189d1317c60ca1e3b3b36f64ff27211","after":"46f13fe32cd638af9a545b6e4caaed1ce5fa10b8","ref":"refs/heads/master","pushedAt":"2023-09-29T15:25:53.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"grembo","name":null,"path":"/grembo","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5884220?s=80&v=4"},"commit":{"message":"Prepare 0.15.6 (#274)","shortMessageHtmlLink":"Prepare 0.15.6 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1919484895\" data-permission-text=\"Title is private\" data-url=\"https://github.com/bsdpot/pot/issues/274\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/bsdpot/pot/pull/274/hovercard\" href=\"https://github.com/bsdpot/pot/pull/274\">#274</a>)"}},{"before":"e4ac4e35c74a60b72e91ef0f005281feb46a32ed","after":"2611b5e7a189d1317c60ca1e3b3b36f64ff27211","ref":"refs/heads/master","pushedAt":"2023-09-28T20:25:03.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"grembo","name":null,"path":"/grembo","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5884220?s=80&v=4"},"commit":{"message":"start: Add support for pf hook script (#273)\n\nBy setting POT_EXPORT_PORTS_PF_RULES_HOOK, the user has fine\r\ngrained control over how pf rules are setup.\r\n\r\nThis also skips creating netcat pipes.\r\n\r\nExample scripts making use of this will come in the future.","shortMessageHtmlLink":"start: Add support for pf hook script (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1913460359\" data-permission-text=\"Title is private\" data-url=\"https://github.com/bsdpot/pot/issues/273\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/bsdpot/pot/pull/273/hovercard\" href=\"https://github.com/bsdpot/pot/pull/273\">#273</a>)"}},{"before":"0c4fd3daa426678cd2491ee2d13a5cac5a94658e","after":"e4ac4e35c74a60b72e91ef0f005281feb46a32ed","ref":"refs/heads/master","pushedAt":"2023-09-28T18:35:22.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"pizzamig","name":"Luca Pizzamiglio","path":"/pizzamig","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/57148?s=80&v=4"},"commit":{"message":"Remove basepath from mountpoint (#259)\n\n* fix handling clone and fscomp\r\n* update-config: add fscomp update\r\nput update functions in common for future use\r\n* Remove the trailing / before mounting/unmounting\r\n* Fix mount-out as well\r\n* mount-[in|out]: make errors visible\r\n* create: adopt the new mountpoint\r\n* create3: fix tests\r\n* clone: support the new format\r\n* Call update fscomp to make transition easier\r\n\r\n---------\r\n\r\nCo-authored-by: Luca Pizzamiglio <pizzamig@FreeBSD.org>","shortMessageHtmlLink":"Remove basepath from mountpoint (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1576518118\" data-permission-text=\"Title is private\" data-url=\"https://github.com/bsdpot/pot/issues/259\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/bsdpot/pot/pull/259/hovercard\" href=\"https://github.com/bsdpot/pot/pull/259\">#259</a>)"}},{"before":"623189656689eff514a9cd348ac81ab98d54b156","after":"0c4fd3daa426678cd2491ee2d13a5cac5a94658e","ref":"refs/heads/master","pushedAt":"2023-06-29T07:00:09.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"grembo","name":null,"path":"/grembo","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5884220?s=80&v=4"},"commit":{"message":"Prepare 0.15.5 (#271)","shortMessageHtmlLink":"Prepare 0.15.5 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1780243734\" data-permission-text=\"Title is private\" data-url=\"https://github.com/bsdpot/pot/issues/271\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/bsdpot/pot/pull/271/hovercard\" href=\"https://github.com/bsdpot/pot/pull/271\">#271</a>)"}},{"before":"1eeefd5338178960d86cc7caf8c8289e8cb11ba3","after":"623189656689eff514a9cd348ac81ab98d54b156","ref":"refs/heads/master","pushedAt":"2023-06-25T13:57:18.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"grembo","name":null,"path":"/grembo","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5884220?s=80&v=4"},"commit":{"message":"Add attributes mlock, sysvshm, sysvsem, and sysvmsg\n\nRetire sysvipc attribute, which never made a difference anyway,\r\nsysvshm, sysvsem, and sysvmsg use `new` as the default value,\r\nto keep the previous behavior and prevent POLA violations.\r\n\r\nCo-authored-by: grembo <freebsd@grem.de>","shortMessageHtmlLink":"Add attributes mlock, sysvshm, sysvsem, and sysvmsg"}},{"before":"0666266815d7479b2b6b2b58d05b5060df3af030","after":"1eeefd5338178960d86cc7caf8c8289e8cb11ba3","ref":"refs/heads/master","pushedAt":"2023-06-25T12:42:54.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"grembo","name":null,"path":"/grembo","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5884220?s=80&v=4"},"commit":{"message":"Update CHANGELOG.md","shortMessageHtmlLink":"Update CHANGELOG.md"}},{"before":"28b302d5daa767093451aa35ae83b05321cbd6cc","after":"0666266815d7479b2b6b2b58d05b5060df3af030","ref":"refs/heads/master","pushedAt":"2023-06-25T12:41:24.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"grembo","name":null,"path":"/grembo","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5884220?s=80&v=4"},"commit":{"message":"Add support for setting devfs_ruleset  (#270)\n\nCloses #269","shortMessageHtmlLink":"Add support for setting devfs_ruleset (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1747704051\" data-permission-text=\"Title is private\" data-url=\"https://github.com/bsdpot/pot/issues/270\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/bsdpot/pot/pull/270/hovercard\" href=\"https://github.com/bsdpot/pot/pull/270\">#270</a>)"}},{"before":"58c72ab99dca93ad5953fb87268dc4e97535193b","after":"28b302d5daa767093451aa35ae83b05321cbd6cc","ref":"refs/heads/master","pushedAt":"2023-03-11T22:48:08.257Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"pizzamig","name":"Luca Pizzamiglio","path":"/pizzamig","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/57148?s=80&v=4"},"commit":{"message":"Remove trailing / for host folder (#256)","shortMessageHtmlLink":"Remove trailing / for host folder (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1576030457\" data-permission-text=\"Title is private\" data-url=\"https://github.com/bsdpot/pot/issues/256\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/bsdpot/pot/pull/256/hovercard\" href=\"https://github.com/bsdpot/pot/pull/256\">#256</a>)"}}],"hasNextPage":false,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAD1LO3yQA","startCursor":null,"endCursor":null}},"title":"Activity · bsdpot/pot"}