diff --git a/ansible/roles/inspection-store/templates/nginx.conf b/ansible/roles/inspection-store/templates/nginx.conf
index cea01e58d..e7a883bc4 100644
--- a/ansible/roles/inspection-store/templates/nginx.conf
+++ b/ansible/roles/inspection-store/templates/nginx.conf
@@ -28,7 +28,7 @@ http {
     #gzip  on;
 
     server {
-        listen {{ inspection_store_port }};
+        listen {{ internal_net_name | net_ip }}:{{ inspection_store_port }};
         root /data;
         location /ironic-inspector {
             return 200 "";
diff --git a/releasenotes/notes/inspection-store-nginx-listen-6ed8e936594e04f0.yaml b/releasenotes/notes/inspection-store-nginx-listen-6ed8e936594e04f0.yaml
new file mode 100644
index 000000000..ba195e206
--- /dev/null
+++ b/releasenotes/notes/inspection-store-nginx-listen-6ed8e936594e04f0.yaml
@@ -0,0 +1,6 @@
+---
+security:
+  - |
+    Fixes nginx configuration of the ``inspection_store`` container to listen
+    on the internal network instead of binding to all interfaces.
+    `LP#2153801 <https://bugs.launchpad.net/kayobe/+bug/2153801>`__
diff --git a/roles/kayobe-ci-prep/tasks/main.yml b/roles/kayobe-ci-prep/tasks/main.yml
index b3b9c25ad..942a1988a 100644
--- a/roles/kayobe-ci-prep/tasks/main.yml
+++ b/roles/kayobe-ci-prep/tasks/main.yml
@@ -9,10 +9,20 @@
   vars:
     configure_ephemeral_mountpoint: "{{ '/var/lib/containers' if container_engine | default('docker') == 'podman' else '/var/lib/docker' }}"
 
+- name: Find YUM repo files
+  become: true
+  ansible.builtin.find:
+    paths: /etc/yum.repos.d
+    patterns: "*.repo"
+    file_type: file
+  register: repo_files
+  when: ansible_facts.distribution == "Rocky"
+
 - name: Set Rocky Linux mirror to download.rockylinux.org
   become: true
   ansible.builtin.shell:
-    cmd: sed -i 's/mirrorlist/#mirrorlist/g; s/#baseurl/baseurl/g' /etc/yum.repos.d/rocky.repo
+    cmd: sed -i 's/mirrorlist/#mirrorlist/g; s/#baseurl/baseurl/g' {{ item }}
+  loop: "{{ repo_files.files | map(attribute='path') | list }}"
   when: ansible_facts.distribution == "Rocky"
 
 - block:
diff --git a/roles/kayobe-diagnostics/files/get_logs.sh b/roles/kayobe-diagnostics/files/get_logs.sh
index 3fd319f2c..c9767b744 100644
--- a/roles/kayobe-diagnostics/files/get_logs.sh
+++ b/roles/kayobe-diagnostics/files/get_logs.sh
@@ -147,6 +147,11 @@ copy_logs() {
         cp /opt/kayobe/images/ipa/ipa.stderr /opt/kayobe/images/ipa/ipa.stdout ${LOG_DIR}/kayobe/
     fi
 
+    # Inspection store
+    if [[ -d /opt/kayobe/etc/inspection-store ]]; then
+        cp -rnL /opt/kayobe/etc/inspection-store ${LOG_DIR}/kayobe/
+    fi
+
     # Overcloud host image build logs
     if [[ -f /opt/kayobe/images/deployment_image/deployment_image.stderr ]] || [[ -f /opt/kayobe/images/deployment_image/deployment_image.stdout ]]; then
         mkdir -p ${LOG_DIR}/kayobe