From 82ce48755932282b4d81e054189e78528b9f633a Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Tue, 11 Apr 2023 17:09:24 +0200
Subject: [PATCH] change permissions of data libvirt volume pool

---
 bootstrap/main.tf                       |  4 ++++
 bootstrap/set_volume_pool_mode_open.xsl | 19 +++++++++++++++++++
 configure/sshd.conf                     |  2 ++
 3 files changed, 25 insertions(+)
 create mode 100644 bootstrap/set_volume_pool_mode_open.xsl

diff --git a/bootstrap/main.tf b/bootstrap/main.tf
index 25ac37a..8a2cbce 100644
--- a/bootstrap/main.tf
+++ b/bootstrap/main.tf
@@ -37,6 +37,10 @@ resource "libvirt_pool" "data" {
   name = "data"
   type = "dir"
   path = "/kvm/data"
+
+  xml {
+    xslt = file("set_volume_pool_mode_open.xsl")
+  }
 }
 
 resource "libvirt_volume" "ubuntu_jammy" {
diff --git a/bootstrap/set_volume_pool_mode_open.xsl b/bootstrap/set_volume_pool_mode_open.xsl
new file mode 100644
index 0000000..1f53bf9
--- /dev/null
+++ b/bootstrap/set_volume_pool_mode_open.xsl
@@ -0,0 +1,19 @@
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+	<xsl:output omit-xml-declaration="yes" indent="yes"/>
+
+	<xsl:template match="@*|node()">
+		<xsl:copy>
+			<xsl:apply-templates select="@*|node()" />
+		</xsl:copy>
+	</xsl:template>
+
+	<xsl:template match="/pool/target">
+		<xsl:copy>
+			<xsl:apply-templates select="@*|node()" />
+			<permissions>
+				<mode>0755</mode>
+			</permissions>
+		</xsl:copy>
+	</xsl:template>
+
+</xsl:stylesheet>
diff --git a/configure/sshd.conf b/configure/sshd.conf
index 61b55a2..08f27e3 100644
--- a/configure/sshd.conf
+++ b/configure/sshd.conf
@@ -4,3 +4,5 @@ Match User lewis
 	AuthorizedPrincipalsFile /etc/ssh/lewis_principals
 	ChrootDirectory /kvm/data
 	ForceCommand internal-sftp
+	AllowTcpForwarding no
+	X11Forwarding no