Commit graph

1511 commits

Author SHA1 Message Date
e6f6229b87
bundles/wireguard: do not generate PSKs for unmanaged nodes 2024-03-23 10:19:15 +01:00
104d1f11bf
bundles/wireguard: support s2s connection to other services 2024-03-22 22:52:12 +01:00
ae14265abc
bundles/matrix-synapse: add sliding-sync proxy 2024-03-17 18:40:28 +01:00
4d92211862
home.hass: use pyenv for homeassistant 2024-03-07 08:23:04 +01:00
ac10630fb9
add bundle:pyenv 2024-03-07 08:15:23 +01:00
0d362bdb22
EOL htz-cloud.sewfile 2024-03-06 20:06:42 +01:00
e386b44442
bundles/paperless: PLEASE just import my files 2024-03-04 21:23:19 +01:00
dd80579fae
bundles/paperless: add missing dependency 2024-03-04 21:23:00 +01:00
faa30962aa
bundles/paperless: restart please 2024-03-04 21:20:39 +01:00
232e087905
bundles/paperless: please, just import documents 2024-03-04 21:02:19 +01:00
e3d7cae251
net.ipv4.ip_forward -> net.ipv4.conf.all.forwarding 2024-03-03 15:44:31 +01:00
8d8f457468
bundles/nginx: add mjs to mime types 2024-03-03 12:44:41 +01:00
c5550bf552
bundles/unbound: add option to disable dns64 even when jool is installed 2024-02-26 19:26:01 +01:00
699c7acf93
bundles/radvd: increase intervals again 2024-02-26 19:25:43 +01:00
575fe91685
bundles/radvd: fix syntax 2024-02-26 07:27:25 +01:00
12c6b5fc54
add bundle:jool 2024-02-26 07:27:18 +01:00
4514541e8f
bundles/radvd: decrease RDNSS lifetime 2024-02-26 06:41:59 +01:00
0d0548311c
bundles/powerdns: add private ipv6 addresses as well 2024-02-26 06:34:30 +01:00
7d4624ce62
remove users/$user/is_admin metadata, directly write sudo_commands instead 2024-02-25 15:29:10 +01:00
c6552e8dd2
bundles/smartd: do not try to monitor encrypted devices 2024-02-25 14:45:47 +01:00
26ee966bd6
bundles/paperless: fix config for static directory 2024-02-17 04:45:54 +01:00
012726a2ce
bundles/paperless: ensure we run collectstatic and restart services 2024-02-17 04:36:39 +01:00
297726f297
bundles/backup-client: don't monitor backups for nodes which have exclude_from_monitoring 2024-02-13 14:24:27 +01:00
698f203936
bundles/nginx: add option to not redirect domain aliases 2024-02-13 14:01:40 +01:00
050931edf2
bundles/nginx: redirect domain_aliases to primary domain 2024-02-13 13:57:53 +01:00
dcb9db3639
bundles/users: source users bashrc after loading global bashrc instead of overwriting it 2024-02-04 17:25:17 +01:00
a3cc5a9347
bundles/kea-dhcp-server: add kea-lease-list script 2024-01-30 21:01:20 +01:00
980f4cb41a
bundles/nftables: add "globally blocked ips" 2024-01-23 09:30:41 +01:00
5ffbe50b1e
add bundle:telegraf_airgradient 2024-01-23 09:30:13 +01:00
bb56f0fb9a
bundles/nftables: add feature to block ips 2024-01-21 11:44:13 +01:00
ee58509e93
bundles/postfix: add feature to block email recipients 2024-01-21 11:43:43 +01:00
fa8d05fc74
bundles/mixcloud-downloader: add elisa 2024-01-21 11:17:05 +01:00
8fa488e411
bundles/icinga2: only send sms for HOST alerts 2024-01-21 11:16:46 +01:00
ccfe2ff0b0
home.nas: allow TV to access jellyfin without https
for some reason, connecting to the hostname fails, and connecting to the
ip using https leads to certificate errors
2024-01-15 21:52:48 +01:00
739ce09e60
bundles/homeassistant: requires ffmpeg now
atleast it's complaining about the lack of ffmpeg in its logs ...
2024-01-13 14:12:59 +01:00
d5491648f2
bundles/mixcloud-downloader: download zotanmew sets 2024-01-03 22:25:59 +01:00
bc63ef97ab
bundles/arch-with-gui: install pipewire-zeroconf 2024-01-03 15:11:05 +01:00
3bddab5f67
bundles/arch-with-gui: ensure we have avahi installed and running 2024-01-03 12:59:21 +01:00
7c70c600f4
bundles/infobeamer-monitor: only alert online devices once 2024-01-01 11:38:39 +01:00
46e00d6fc8
bundles/nodejs: only install nodesource packages if debian does not ship that version 2024-01-01 10:11:11 +01:00
a929f24977
bundles/infobeamer-cms: more and better information 2023-12-31 08:50:45 +01:00
ec1efaafcc
bundles/infobeamer-cms: move static files outside repo root 2023-12-29 08:19:33 +01:00
e33cc65cb1
bundles/infobeamer-monitor: only dump state if device is online 2023-12-27 14:55:15 +01:00
c5ea690621
bundles/infobeamer-cms: less security needed 2023-12-27 12:12:24 +01:00
14c01e3bf0
bundles/infobeamer-monitor: more alerts 2023-12-26 23:16:26 +01:00
9be370f8df
bundles/infobeamer-monitor: improve code a bit 2023-12-26 15:02:56 +01:00
b5475df467
voc.infobeamer-cms: add infobeamer-monitor 2023-12-26 14:50:24 +01:00
2670d60906
bundles/infobeamer-cms: new version requires new configs 2023-12-26 14:49:04 +01:00
e7e2fd184f
bundles/bird: fix bw test 2023-12-25 10:22:33 +01:00
3b7e14755c
bundles/wireguard: clean up leftovers 2023-12-25 10:19:34 +01:00
b11fece803
EOL GCE 2023-12-16 10:23:44 +01:00
24373d0ac9
bundles/icinga2: 15min downtime is enough for unattended upgrades 2023-12-16 10:19:33 +01:00
86b8cd8edf
bundles/wireguard: remove wg_health_check 2023-12-10 17:01:01 +01:00
f3269ce979
bundle/wireguard: fix firewall for home.router 2023-12-10 16:59:53 +01:00
63d42c6b42
bundles/wireguard: add no_autoconnect option 2023-12-10 16:58:52 +01:00
ffb5125ddd
bundles/wireguard: add option to set settings based on a specific peer 2023-12-10 14:48:24 +01:00
9a3134cf46
update paperless-ngx to v2.1.0 2023-12-07 21:12:27 +01:00
a21102724a
bundles/basic: use metadata.get() 2023-11-29 16:41:03 +01:00
308b66c407
bundles/apt: explicitely uninstall python3-packaging 2023-11-26 11:14:17 +01:00
935f68ee97
bundles/icinga2: remove map.spam-rbl.com from SPAM BLOCKLIST check
points to sale.domainserviceplatform.com nowadays
2023-11-24 08:23:56 +01:00
400b10789a
home.paperless: update debian bookworm, update to paperless-ngx 2023-11-12 11:28:40 +01:00
75ef2e7bb9
bundles/wireguard: uninstall dkms package for debian > 11 2023-11-12 11:00:43 +01:00
6f318f21ae
bundles/powerdns: use schema provided by the powerdns package 2023-11-11 20:38:45 +01:00
1ae02ad4ec
bundles/php: some opcache settings 2023-11-11 20:16:33 +01:00
Sophie Schiller
60fffd6714 remove phanpy 2023-10-27 19:29:33 +02:00
0e03038bdb
bundles/voc-tracker-worker: use EnvironmentFile 2023-10-22 08:58:48 +02:00
ea42188904
bundles/oidentd: disable socket based activation 2023-10-22 08:58:31 +02:00
Sophie Schiller
34428034dc bw/phanpy add fediverse interface 2023-10-08 16:54:34 +02:00
497ecb5279
EOL htz-cloud.pleroma 2023-09-30 17:38:49 +02:00
ad9a920a48
bundles/icinga2: please only use "real" network interfaces instead of some vpn transfer ips 2023-09-24 21:07:21 +02:00
cd48cf495d
rework firewall setup 2023-09-24 21:01:51 +02:00
be62c1270f
remove isc-dhcp-server 2023-09-24 19:25:03 +02:00
a09b5b98ca
bundles/wireguard: disable health_checks if auto_connection is false 2023-09-24 18:57:27 +02:00
458606649e
bundles/wireguard: add option to route networks through vpn 2023-09-24 18:56:50 +02:00
0e40b03060
bundles/wireguard: only try to do full mesh if *we* are doing full mesh 2023-09-24 18:56:18 +02:00
53ff288d89
bundles/systemd-networkd: combine templates for interfaces 2023-09-24 18:54:47 +02:00
e27e374983
bundles/vmhost: qemu-headless does not exist anymore, apparently 2023-09-24 18:49:31 +02:00
d6eb0b4228
bundles/bird: do not auto-generate config if peer does not use bird 2023-09-24 18:48:24 +02:00
4084e764e4
add nginx proxy to jellyfin 2023-09-24 16:48:19 +02:00
361bb6a563
install jellyfin onto home.nas 2023-09-24 15:26:00 +02:00
74baeb4bf4
bundles/apt: suport deb822-style sources 2023-09-24 15:22:14 +02:00
77ed050ade
install oidentd on carlene, fix dependencies 2023-09-24 10:40:47 +02:00
d999895450
home.router: let dyndns have ipv6 please 2023-09-23 16:42:00 +02:00
07de570175
auto-generate full wireguard mesh between all nodes in libs.s2s.WG_AUTOGEN_NODES 2023-09-23 15:06:16 +02:00
3a0ed4a7f5
bundles/wireguard: autogenerate port number based on index in WG_AUTOGEN_NODES 2023-09-23 15:04:47 +02:00
d47f7db708
bundles/wireguard: only try to auto-generate ips and ports if nodes are present in WG_AUTOGEN_NODES 2023-09-23 15:04:11 +02:00
0d79216ae5
bundles/wireguard: fix KeyError when running with no peers 2023-09-23 15:03:44 +02:00
c59a3038a1
bundles/wide-dhcp-client: fix some bugs 2023-09-23 09:23:41 +02:00
dda3c4162c
bundles/postfix: ensure /etc/mailname exists before installing postfix 2023-09-20 17:46:04 +02:00
3bf0e1124e
bundles/rspamd: disable greylisting
This only gets in the way. If mail is spam, it will get delivered to the
junk mail folder anyways.
2023-09-17 15:44:43 +02:00
4f260932c3
bundles/wireguard: health checks for everyone 2023-09-12 20:15:19 +02:00
9bde0d9410
home.router: upgrade to bookworm and switch to kea-dhcp-server 2023-09-10 22:02:14 +02:00
aaf67f1a3d
bundles/apt: bookworm has their own firmware repo 2023-09-10 22:00:19 +02:00
234e81431d
bundles/wireguard: easier snat setup 2023-09-10 21:27:03 +02:00
5b1d814d40
bundles/icinga2: more timeout for check_spam_blocklist 2023-09-10 21:15:31 +02:00
563735d31a
add new status page to icinga 2023-09-10 09:48:20 +02:00
5238937044
bundles/powerdns: do not put private ipv4 into dns if public ipv6 exists 2023-09-09 23:02:38 +02:00
Sophie Schiller
30604db869 hedgedoc: makee usable on bookworm 2023-09-09 22:42:53 +02:00
54d55bbb8d
update forgejo to 1.20.4 2023-09-09 21:09:30 +02:00
40aeeab265
update matrix-media-repo to 1.3.1 2023-09-09 20:39:23 +02:00
b38ba55ed3
bundles/forgejo: fix missing slash 2023-09-09 20:31:05 +02:00
cb6f12b218
add bundle:kea-dhcp-server 2023-09-09 18:40:10 +02:00
d9cb324bb6
update pretalx to 2023.1.0 2023-09-09 17:48:22 +02:00
f061196f0d
bundles/icinga2: add snmp package, needed for check_snmp to work 2023-09-09 17:02:51 +02:00
f2b538a168
bundles/homeassistant: allow more time for checking stuff 2023-09-09 16:54:33 +02:00
fe4d4abc9c
bundles/wireguard: fix max interface length 2023-09-09 16:10:49 +02:00
a2ceb8cc3a
bundles/bird: announce subnets via all ips 2023-09-09 16:10:33 +02:00
2b51812118
libs.tools.resolve_identifier(): add option to filter out linklocal ips and only physical interfaces 2023-09-09 15:37:37 +02:00
bf6ed289e1
bundles/icinga2: fix stupid in check_spam_blocklist 2023-09-09 14:24:34 +02:00
e6e9e425fc
move icinga2 to new host 2023-09-09 14:12:24 +02:00
5db3856218
bundles/icinga2: remove obsolete check 2023-09-09 14:10:58 +02:00
e029329a03
bundles/icinga2: handle dig status messages in check_spam_blocklist 2023-09-09 14:10:27 +02:00
deb0c7b597
bundles/unbound: ensure /usr/share/dns exists 2023-09-09 13:55:58 +02:00
d1bb94fd74
bundles/icinga2: more auto-generation of stuff 2023-09-09 13:55:16 +02:00
7df6b1d13a
bundles/wireguard: name wg interfaces according to their peers 2023-09-09 13:55:03 +02:00
e2e5eaa236
bundles/nextcloud: more upload limit please 2023-09-03 18:15:17 +02:00
94bee38ca7
bundles/php: fix some typos 2023-09-03 12:20:24 +02:00
a33076186b
bundles/nextcloud: install php-apcu 2023-09-03 12:19:34 +02:00
ad24c0ea5b
add bundle:nextcloud to carlene 2023-09-02 21:14:38 +02:00
ea77c68e16
bundles/nginx: hide content security headers coming from php 2023-09-02 20:49:05 +02:00
72607adbfe
bundles/nginx: allow vhosts to set their own index files 2023-09-02 20:48:41 +02:00
8cfcefcfc4
bundles/matrix-stickerpicker: fix backup paths 2023-09-02 20:48:15 +02:00
b08c9fb5a4
replace matrix-dimension on rx300 with matrix-stickerpicker on carlene 2023-09-02 13:36:15 +02:00
194c60ddb2
bundles/ntfy: do not create timing logs 2023-09-01 06:20:19 +02:00
97afd6c522
bundles/php: add php8.2 2023-09-01 05:54:54 +02:00
a838f6c5bd
bundles/postfixadmin: move vhost generation to reactor 2023-09-01 05:54:23 +02:00
b01dcb0ff9
bundles/nginx: enable creating logs for debugging purposes 2023-09-01 05:53:37 +02:00
01531c62de
bundles/rsyslogd: keep more logfiles 2023-08-28 17:26:34 +02:00
39576fda38
add bundle:rsyslogd 2023-08-28 17:21:48 +02:00
36dac3be7c
bundles/weechat: fix weechat fifo path 2023-08-27 11:13:35 +02:00
ad2312b715
matrix stuff: make journal usable again 2023-08-27 09:28:57 +02:00
50cba7cb49
bundles/miniflux: use metadata.get() 2023-08-27 09:17:34 +02:00
0190555f16
bundles/matrix-synapse: do not log every request 2023-08-27 09:17:12 +02:00
757e9e6bb8
bundles/nginx: add option to disable anon_timing log 2023-08-26 17:21:23 +02:00
c6bb00c124
bundles/systemd: ensure we're not logging to syslog 2023-08-26 07:28:12 +02:00
8cf2dde6e0
add bundle:weechat, migrate weechat from rx300 to carlene 2023-08-25 12:52:31 +02:00
c6120accc1
bundles/icinga2: fix monitoring config 2023-08-25 11:11:48 +02:00
d0302d826a
bundles/icinga2: add icingaweb2 monitoring config 2023-08-25 11:09:36 +02:00
Sophie Schiller
48d3f8eee6 miniserver hedgedoc update 2023-08-24 19:13:09 +02:00
bca4d152ea
bundles/zfs: print zfs status output if pool is not online 2023-08-24 07:41:37 +02:00
33d42e2472
bundles/matrix-synapse: ensure we're logging to journal 2023-08-23 17:25:41 +02:00
10a9e61026
bundles/homeassistant: changes for bookworm 2023-08-23 17:17:42 +02:00
daae710624
bundles/forgejo: fix version string in update check 2023-08-23 13:47:38 +02:00
b692b09c00
rename bundle:gitea to bundle:forgejo 2023-08-02 16:37:48 +02:00
88ccd3ca72
migrate netbox from rx300 to carlene 2023-08-02 08:07:36 +02:00
c121110f00
bundles/travelynx: prepare for bookworm 2023-08-01 21:21:31 +02:00
3826ccf4ec
remove reboot mails, noone does care about these anyway 2023-07-26 08:29:37 +02:00
4b434e7946
bundles/mixcloud-downloader: fix username 2023-07-23 14:04:01 +02:00
00cbabea1b
bundles/mixcloud-downloader: fix duplicate 2023-07-23 14:02:09 +02:00
272a11f7d3
bundles/postgresql: remove version-specific options 2023-07-23 13:59:34 +02:00