Franzi
9a45e3c30e
bundles/gitea: fix wrong monitoring command
2022-12-24 13:45:44 +01:00
Franzi
648a80362e
bundles/sshmon: actually install the check
2022-12-24 08:45:48 +01:00
Franzi
931f3cd583
bundles/gitea: set update check to check for forgejo update
2022-12-23 14:57:32 +01:00
Franzi
df303b3487
bundles/homeassistant: set websockets=True in nginx config
2022-12-22 20:01:35 +01:00
Sophie Schiller
edeffee5c2
first running hass stuff
2022-12-22 18:59:27 +01:00
Sophie Schiller
107fd6872b
home.hass add metadata
2022-12-22 17:53:10 +01:00
Sophie Schiller
c407a4520a
blind dev result of homeassistant
2022-12-22 17:37:13 +01:00
Franzi
fcb546baf6
bundles/nodejs: fix repo name
2022-12-22 17:32:36 +01:00
Franzi
c5e45cbafc
bundles/sshmon: add check_forgejo_for_new_release
2022-12-22 12:13:53 +01:00
Franzi
3db7168589
move default nameservers to libs/defaults
2022-12-22 12:13:13 +01:00
Franzi
90823b7984
bundles/postfix: lessen smtpd security restrictions
2022-12-20 08:55:44 +01:00
Franzi
caa54051ff
bundles/zfs: please, just restart zed
2022-12-18 11:43:38 +01:00
Franzi
8621c726bb
bundles/systemd: fix edgecase in check_timesyncd_sync
2022-12-18 11:34:21 +01:00
Franzi
ee761507a2
bundles/{icinga2,influxdb}: fix file permissions
2022-12-17 11:45:10 +01:00
Franzi
6d49889f2f
bundles/systemd: systemd-timesyncd not showing offset is an error
2022-12-17 11:41:37 +01:00
Franzi
8a0ae4fa10
bundles/systemd: explicitely use all four ntp.org timeserver pools
...
turns out, only 2.pool.ntp.org has IPv6, but we won't get any IPv6
addresses when querying pool.ntp.org
2022-12-17 11:39:45 +01:00
Franzi
eaab905735
bundles/systemd: add monitoring for systemd-timesyncd
2022-12-16 16:15:57 +01:00
Franzi
e12b9e6c12
uninstall chrony and ntpd everywhere
2022-12-16 15:32:09 +01:00
Franzi
bd64d52edb
bundles/gce-workaround: uninstall chrony
2022-12-16 15:24:51 +01:00
Franzi
d6da47fc1e
bundles/systemd: also manage systemd-timesyncd
2022-12-16 15:10:52 +01:00
Franzi
5dc60eb24e
bundles/openvpn-client: do not manage config directory group
2022-12-16 15:10:03 +01:00
Franzi
f790e2cee0
bundles/vnstat: rework bundle
2022-12-12 07:56:23 +01:00
Franzi
c8dd809057
bundles/wireguard: better nftables rules
2022-12-11 17:42:39 +01:00
Franzi
e8d24bc363
bundles/pppd: automatically add interface entry for ignored interface
2022-12-11 17:42:08 +01:00
Franzi
d86dc32f51
bundles/mixcloud-downloader: improvements
2022-12-07 18:06:44 +01:00
Franzi
15ea875742
home.nas: add bundle:mixcloud-downloader
2022-12-07 04:24:38 +01:00
Franzi
615f6107bc
bundles/element-web: only set --openssl-legacy-provider if using nodejs >= 17
2022-11-27 19:56:36 +01:00
Franzi
ca18a8d231
bundles/pretalx: ignore update check if no version was specified
2022-11-27 19:48:13 +01:00
Franzi
d64657feef
bundles/openvpn-client: fix permissions for /etc/openvpn/client
2022-11-22 18:45:19 +01:00
Franzi
b7de8b3a4d
bundles/grafana: new repo, who dis?
2022-11-21 19:32:47 +01:00
Franzi
bc589011d2
add c3voc vpn to kunsi-p14s
2022-11-21 19:31:49 +01:00
Franzi
72cbe56b5f
bundles/nodejs: make nodejs version configurable
2022-11-16 18:54:52 +01:00
Franzi
2ea914dc0b
bundles/minecraft: collect metrics more often
2022-11-13 18:13:18 +01:00
Franzi
7a14084417
bundles/minecraft: add monitoring via icinga2
2022-11-13 17:48:22 +01:00
Franzi
019d5ce2b6
bundles/minecraft: add monitoring via telegraf
2022-11-13 17:47:19 +01:00
Franzi
52e36f7ae1
bundles/redis: use a lot less snapshots
2022-11-06 19:08:35 +01:00
Franzi
e6e563fb33
bundles/systemd-timers: use bash, because we're using bash if
2022-11-06 19:08:13 +01:00
Franzi
3dce0fb6ac
add bundle:minecraft to rx300
2022-11-06 18:52:38 +01:00
Franzi
fba5d6a782
bundles/{jenkins-ci,openhab}: bump openjdk version
2022-11-06 18:52:14 +01:00
Franzi
b0a43fb128
bundles/users: enable color output in ipb
2022-11-06 14:27:35 +01:00
Franzi
73e6ba0872
bundles/{matrix-dimension,mx-puppet-discord}: nodejs-dependency-hölle, once again
2022-11-05 07:47:07 +01:00
Franzi
ee9f7b8875
bundles/element-web: requires legacy openssl provider for now
2022-11-04 07:29:11 +01:00
Franzi
aa01329dbf
bundles/nodejs: update to nodejs 18
2022-11-04 07:28:53 +01:00
Franzi
e1fe424df9
bundles/basic: support configuring /etc/environment
2022-11-04 07:28:14 +01:00
Franzi
8b1ccb760a
bundles/ntfy: fix formatting errors
2022-11-04 07:27:38 +01:00
Franzi
3db6078d9b
bundles/postfix: set tls ciphers to medium to increase compatibility with centos
2022-11-04 07:08:33 +01:00
Sophie Schiller
bd3c92aac9
bundles/ntfy fix various typos
2022-10-19 17:23:57 +02:00
Sophie Schiller
014c7e5be8
bundles/ntfy add more nginx options
2022-10-19 16:33:36 +02:00
Sophie Schiller
6e23f84a39
bundles/ntfy various fixes
2022-10-19 15:38:10 +02:00
Sophie Schiller
a8cf858d44
bundles/ntfy: first draft
2022-10-19 15:24:39 +02:00
Franzi
2095696131
bundles/mautrix-telegram: disable backfilling
2022-10-16 21:29:53 +02:00
Franzi
8c77e5824a
bundles/grafana: disable metrics
2022-10-02 11:00:06 +02:00
Franzi
988d7e08a0
bundles/travelynx: use carton instead of cpanm
2022-09-22 06:03:51 +02:00
Franzi
edaa22dab6
bundles/infobeamer-cms: fix nginx config
2022-09-11 11:38:13 +02:00
Franzi
038f19ea5e
bundles/unbound: use systemd-timers
2022-09-11 11:32:26 +02:00
Franzi
d9be69d3a9
bundles/systemd-timers: don't auto-reset alerts
2022-09-11 11:26:57 +02:00
Franzi
f004591e98
bundles/letsencrypt: use systemd-timers
2022-09-11 11:26:24 +02:00
Franzi
944c66354b
bundles/mx-puppet-discord: github is archived, gitlab is the new hotness
2022-09-10 18:10:14 +02:00
Franzi
2fd94c2a4b
bundles/hedgedoc: fix nginx config
2022-08-29 19:24:33 +02:00
Franzi
aa5c7ff8b4
block access to the go /debug/pprof/ endpoint
2022-08-19 07:26:01 +02:00
Franzi
84917649dd
bundles/arch-with-gui: have pytz available in i3pystatus
2022-08-14 12:47:52 +02:00
Franzi
6b641890c3
bundles/grafana: replace the useless builtin of telegraf with something more useful
2022-08-07 10:16:07 +02:00
Franzi
a1ce8bf91a
bundles/sudo: purge directory after package installation
2022-07-25 10:08:26 +02:00
Franzi
5539957eb6
bundles/molly-guard: empty directories after package has been installed
2022-07-25 10:07:54 +02:00
Franzi
86cc900d74
rx300: update gitea to 1.16.9
2022-07-17 10:30:05 +02:00
Franzi
2a938d19f1
bundles/gitea: disable registration by default
2022-07-12 20:28:59 +02:00
Franzi
dd5a97eced
bundles: add dependency to systemd-networkd
2022-07-10 13:32:11 +02:00
Franzi
1d58955ced
bundles/zfs: increase timeout for ZFS OLD SNAPSHOTS check
kunsi/bundlewrap/pipeline/head This commit looks good
2022-06-05 09:30:44 +02:00
Franzi
51c9506a19
move pacman/no_extract to bundle metadata defaults
2022-05-16 10:52:14 +02:00
Franzi
9730a2be13
bundles/wireguard: fix permissions for wireguard netdev files
2022-05-16 10:48:26 +02:00
Franzi
8cc116c0c4
bundles/zfs: respect pacman/linux-lts option
2022-04-30 12:30:32 +02:00
Franzi
7fffdbab32
bundles/voc-tracker-worker: improve bundle
2022-04-27 05:40:20 +02:00
Franzi
a38b66a7c5
bundles/nfs-client: minor fixes
2022-04-27 05:39:34 +02:00
Franzi
74b3a513f6
bundles/pacman: make NoExtract user-configurable
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-22 15:47:47 +02:00
Franzi
8145fb22e8
add bundle:voc-tracker-worker
2022-04-22 15:43:34 +02:00
Franzi
fc2a69fc2c
rx300: update netbox to 3.2.1
2022-04-15 06:37:09 +02:00
Sophie Schiller
5979d8a1f9
hedgedoc: use global yarn in systemd unit
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-11 00:34:56 +02:00
Franzi
ca69969dad
bundles/backup-server: disable ZFS OLD SNAPSHOTS check
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-06 18:13:23 +02:00
Franzi
4390256abc
bundles/zfs: add metadata option to disable ZFS OLD SNAPSHOTS check
2022-04-06 18:13:01 +02:00
Franzi
5640556ad9
bundles/zfs: run scrub for each pool separately
2022-04-03 09:48:28 +02:00
Franzi
4823653214
bundles/systemd-networkd: remove usage of systemd-resolved
...
kunsi/bundlewrap/pipeline/head This commit looks good
Something in the combination of arch+zfs+netctl+resolved+ipv6 leads to
hanging dns, which in turn leads to hanging everything.
2022-04-03 09:01:10 +02:00
Franzi
891823376f
bundles: add missing dependency to yarn
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-03 08:38:20 +02:00
Franzi
a340071ad8
bundles/oidentd: provide our own systemd unit file
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-03 08:32:07 +02:00
Franzi
ddd29bef3b
bundles: install yarn globally instead of in each individual bundle
2022-04-03 08:16:35 +02:00
Franzi
4ecf7ccb46
bundles/matrix-media-repo: download prebuilt executable instead of building ourselves
2022-04-03 08:05:46 +02:00
Franzi
d8f8f1377f
bundles/arch-with-gui: install sipcalc and inkscape
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-30 18:28:46 +02:00
Franzi
ac48462043
bundles/icinga2: icingaweb2 roles.ini needs another option
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-30 17:29:27 +02:00
Franzi
7b9686977d
bundles/backup-client: do backups between 00:00 and 02:59
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-30 17:23:10 +02:00
Franzi
7c49ac59f5
more packages, please
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-24 18:14:50 +01:00
Franzi
2f8306a14a
bundles/pacman: fix archzfs-kernels repo name
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-23 21:04:12 +01:00
Franzi
950c88aab2
bundles/pacman: install archzfs repo and archzfs-kernels repo if node has bundle:zfs
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-23 19:19:21 +01:00
Franzi
489c2386de
voc.infobeamer-cms: prepare for divoc
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-20 12:35:26 +01:00
Franzi
3e7e355dd6
rx300: update mautrix-whatsapp to 0.3.0
2022-03-19 07:02:54 +01:00
Franzi
c983c50d21
bundles/icinga2: fix timeperiods
2022-03-19 07:02:48 +01:00
Franzi
206cdfe128
bundles/systemd: fix dependencies
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 15:19:01 +01:00
Franzi
7604fef734
bundles/icinga2: use ip addresses for monitoring instead of hostnames
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-13 15:15:47 +01:00
Franzi
5179edb458
bundles/wireguard: fix forwarding firewall rules
2022-03-13 15:15:08 +01:00
Franzi
c0ebd25ffc
bundles/systemd: systemd-timesyncd gets started automatically
2022-03-13 15:14:40 +01:00
Franzi
212ba72b30
bundles/nftables: workaround does not work for debian buster
2022-03-13 14:13:59 +01:00
Franzi
aa3ce32a7c
bundles/systemd: systemd-timesyncd package requires debian bullseye
2022-03-13 14:12:05 +01:00
Franzi
c71d827691
bundles/icinga2: add some missing config
2022-03-13 14:07:28 +01:00
Franzi
690c0b7050
bundles/nftables: restart on failure
2022-03-13 14:07:08 +01:00
Franzi
a9d4cc73c1
bundles/systemd: ensure we have systemd-timesyncd installed and running
2022-03-13 14:06:40 +01:00
Franzi
28b235514a
bundles/zfs: fix compatibility to older zfs versions
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 12:58:07 +01:00
Franzi
8397739634
bundles/backup-server: fix bug in retaining
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 09:24:45 +01:00
Franzi
008940d75f
bundles/users: add journalctl bash alias
2022-03-13 09:21:10 +01:00
Franzi
cd1a33ccbb
bundles/zfs: refactor zfs-auto-snapshot
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 09:18:14 +01:00
Franzi
dab6065b89
bundles/vmhost: svc_systemd:virtlogd gets triggered by socket, too
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 08:42:51 +01:00
Franzi
65efdc2e2c
bundles/pacman: disable pam_faillock
2022-03-13 08:42:48 +01:00
Franzi
a4fb9a15b5
bundles/backup-server: increase timeout for monitoring checks
2022-03-13 08:42:44 +01:00
Franzi
f56703df2e
bundles/dovecot: filter X-Spam-Status, not X-Spam-Flag
...
kunsi/bundlewrap/pipeline/head This commit looks good
The latter is YES even if the overall score is very low because of
IP allowlisting.
2022-03-12 10:24:06 +01:00
Franzi
759a711dc5
bundles/rspamd: remove from_name from dmarc reporting config
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-12 10:08:04 +01:00
Franzi
6a9da7efa5
bundles/arch-with-gui: add workaround for broken bw test
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-12 09:03:45 +01:00
Franzi
72cf616114
bundles/zfs: use zfs-import-scan instead of zfs-import-cache
...
Last night, rx300 rebooted. After a reboot, the disks were detected
in another order (but still, all were detected!), so the cachefile did
no longer match, leading to breaking the import.
Running `zpool import` manually worked, because that will ignore the
cachefile. So, why do we depend on the cache file on boot up? The added
reliability of zfs-import-scan beats the speed of zfs-import-cache in
any way.
2022-03-12 09:03:42 +01:00
Franzi
42a66751e1
bundles/vmhost: don't try to start libvirtd on every apply
2022-03-12 09:03:38 +01:00
Franzi
4a03a9f89c
bundles/icinga2: fix directory permissions for /etc/icingaweb2
2022-03-12 09:03:35 +01:00
Franzi
d7b47d2560
bundles/jenkins: jenkins.war has moved
2022-03-12 09:03:32 +01:00
Franzi
403b67ee48
bundles/vmhost: install pkg_pacman:edk2-ovmf
2022-03-12 09:03:28 +01:00
Franzi
757f1cb3cd
bundles/vmhost: prepare for arch linux
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-11 13:58:38 +01:00
Franzi
93351340d0
move thermald package back to fkusei-locutus
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-10 21:09:26 +01:00
Franzi
15ae3b7a0b
move some configuration from nodes to bundle:arch-with-gui
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-10 21:00:45 +01:00
Franzi
e181be3fc6
bundles/wireguard: better dependency management
2022-03-10 21:00:42 +01:00
Franzi
64448af027
add node fkusei-locutus
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-09 13:07:55 +01:00
Franzi
0082d3e014
bundles/zfs: ensure some targets are started on arch linux
2022-03-09 13:05:57 +01:00
Franzi
c7e5002f17
bundles/wireguard: support arch linux and other netmasks than /31
2022-03-09 13:05:01 +01:00
Franzi
05a2e501ce
bundles/bird: support arch linux
2022-03-09 13:04:34 +01:00
Franzi
c023c144c3
bundles/arch-with-gui: install firefox
2022-03-09 13:03:56 +01:00
Franzi
f969b05468
bundles/arch-with-gui: i3pystatus requires python-virtualenv
2022-03-09 13:02:35 +01:00
Franzi
b351703953
bundles/c3voc-addons: implement addidional_update_commands
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-06 12:57:48 +01:00
Franzi
a693e90aa3
bundles/nodejs: auto-upgrade npm
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-06 12:50:04 +01:00
Franzi
50ea6a92a5
bundles/apt: introduce additional_update_commands for updating other stuff
2022-03-06 12:49:46 +01:00
Franzi
56bafd73be
bundles/nginx: refine fastcgi config
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-05 18:55:51 +01:00
Franzi
ca861a78fb
bundles/grafana: do not auto-refresh dashboards
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-05 13:49:17 +01:00
Franzi
8ed4aa3751
bundles/pacman: don't extract systemd-homed pam module
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-05 13:45:28 +01:00
Franzi
14e7fff081
bundles/grafana: improve config
2022-03-05 13:45:16 +01:00
Franzi
65ba43525f
bundles/icinga2: introduce new notification period 'daytime'
2022-03-05 08:29:10 +01:00
Franzi
98cd2df8ff
bundles/nginx: add certificate name to icinga check
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-02 07:19:15 +01:00
Franzi
be3dd6662e
kunsi-p14s: more packages
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-02 07:12:38 +01:00
Franzi
0ba3df7385
bundles/zfs: unmount backup-snapshots recursively
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-01 06:32:23 +01:00
Franzi
931d566736
bundles/backup-server: fix stupid in check_backup_for_node
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-28 21:09:04 +01:00
Franzi
e909144544
bw/bundles/postgresql: do not auto-detect postgresql version from debian version
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-27 12:51:53 +01:00
Franzi
e1f7c691c3
bundles/nfs-server: fix trailing whitespace
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-20 19:45:40 +01:00
Franzi
83fb1a5e11
bundles/nfs-client: decrease timeout, set some default mount options
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-20 19:44:05 +01:00
Franzi
dcb563b31e
bundles/systemd-networkd: remove BindCarrier
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-20 12:36:21 +01:00
Franzi
88891b44be
bundles/nfs-server: ensure nfs runs on managed ports, fix firewall rules
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-20 08:24:38 +01:00
Franzi
6267b4c33d
bundles/nfs-server: fix package name
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 20:09:53 +01:00
Franzi
0a4da160fd
bundles/matrix-media-repo: add RestartSec
2022-02-19 20:02:08 +01:00
Franzi
945e349d61
bundles/jenkins-ci: add systemd unit file
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 18:53:49 +01:00
Franzi
bd45def053
bundles/{lldpd,nfs-server}: fix dependencies
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 17:49:53 +01:00
Franzi
18674a1a4a
bundles/icinga2: always print status line in check_usv_snmp
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 17:44:46 +01:00
Franzi
07d5a8cdae
bundles/systemd-networkd: add BindCarrier to bonds
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 11:29:29 +01:00
Franzi
7e58e9c667
bundles/icinga2: simplify template
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 09:23:00 +01:00
Franzi
8434eacd94
bundles/{lldp,nfs-server,smartd}: move package dependencies to metadata
2022-02-18 22:37:07 +01:00
Sophie Schiller
a01c28da21
various bundles: fix dependencies
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 22:18:44 +01:00
Franzi
14fed8bc6e
bundles/zfs: move scrub to systemd-timer
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 21:10:50 +01:00
Franzi
19dee89039
rx300: pin version of mx-puppet-discord for now
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 19:02:57 +01:00
Franzi
94eff087a0
bundles/users: remove PROMPT_COMMAND from bashrc
2022-02-18 17:03:54 +01:00
Franzi
468a0b0023
bundles/icinga2: remove unused code in hosts_template
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 16:25:59 +01:00
Franzi
d35770c122
bundles/icinga2: rework config generation - use one file per host instead of one per bundle
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 12:25:34 +01:00
Franzi
1f6520ac02
bundles/sshmon: ignore prereleases and drafts
2022-02-17 18:08:02 +01:00
Franzi
22759ca52a
bundles/postfix: enable smtps
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-15 18:21:12 +01:00
Franzi
83d58791bb
bundles/postgresql: set recordsize=8K for zfs
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 22:05:09 +01:00
Franzi
e51ad5993a
bundles/users: ensure we have kitty terminfo
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 20:45:57 +01:00
Franzi
6944da6769
fix syntaxerrors
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 07:56:51 +01:00
Franzi
33d2d5beff
bundles/pacman: fix unattended-upgrades
2022-02-14 07:54:44 +01:00
Franzi
1ee0b38133
bundles/telegraf: properly support arch linux
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 07:11:14 +01:00
Franzi
e45237d70e
bundles/icinga2: do not check scam blocklists
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-13 09:51:03 +01:00
Franzi
3c4700eb6d
bundles/openhab: clean up old backups before doing new ones
2022-02-13 09:48:37 +01:00
Franzi
60c31d2d11
bundles/pacman: add opt-in unattended-upgrades
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-13 09:43:52 +01:00
Franzi
14b402cdf3
bundles/backup-server: fix TypeError in check_backup_for_node
2022-02-13 09:42:59 +01:00
Franzi
e4c317f677
add bundle:systemd-boot
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-13 09:24:11 +01:00
Franzi
3c763820ed
bundles/pacman: ensure we have man
2022-02-13 09:23:30 +01:00
Franzi
77e152f8ce
bundles/pacman: enable paccache.timer to clean up old package versions
2022-02-13 08:55:26 +01:00
Franzi
5d7872042b
bundles/backup-server: add metadata backup-client/one_backup_every_hours
2022-02-12 19:04:15 +01:00
Franzi
9a8e7abef4
kunsi-p14s: do backups
2022-02-12 18:56:54 +01:00
Franzi
5be2610a86
bundles/systemd-networkd: don't manage resolv.conf if using resolved
2022-02-12 18:54:56 +01:00
Franzi
03d1ada220
bundles/zfs: explicitely set mountpoint for all datasets
2022-02-12 18:09:40 +01:00
Franzi
32b732e509
bundles/arch-with-gui: add some backup paths
2022-02-12 18:08:04 +01:00
Franzi
c073599f6f
add kunsi-p14s, add bundle:arch-with-gui
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-12 14:06:53 +01:00
Franzi
87bf6fac68
bundles/zfs: use systemd-timers for zfs snapshots
kunsi/bundlewrap/pipeline/head This commit looks good
2022-02-12 11:29:26 +01:00
Franzi
c1bb43286d
bundles/zfs: support arch linux
2022-02-12 11:24:50 +01:00
Franzi
961a2891a0
bundles/systemd-networkd: fix systemd-resolved not getting started
2022-02-12 11:24:19 +01:00
Franzi
40485ced8a
bundles/systemd-timers: add support for multiple commands in timer
2022-02-07 07:01:19 +01:00
Franzi
bc4f6e507a
bundles/c3voc-addons: fix .provides()
kunsi/bundlewrap/pipeline/head This commit looks good
2022-02-06 15:31:28 +01:00
Franzi
6d1a24b034
bundles/gitea: use github releases instead of dl.gitea.io (which is slow)
2022-02-06 15:25:33 +01:00
Franzi
a627437fce
bundles/systemd-timers: fix shebang in check
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-06 13:42:08 +01:00
Franzi
0674b3f8db
bundles/netbox: move housekeeping to systemd timers
2022-02-06 13:40:33 +01:00
Franzi
0599c4dae0
add bundle:systemd-timers
2022-02-06 13:39:52 +01:00
Franzi
d51d7316d0
bundles/backup-client: remove duplicate space
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-05 15:39:55 +01:00
Franzi
12af28cb13
bundles/pretalx: specifying a revision is now mandatory
2022-02-05 11:42:18 +01:00
Franzi
0d865c93d4
bundles/cron: use MAILTO=, rework metadata syntax
2022-02-05 11:41:41 +01:00
Franzi
4cfbdb32d6
bundles/apt: check for "reboot required" in icinga check only
...
kunsi/bundlewrap/pipeline/head There was a failure building this commit
This avoids the need to manually adjust the status file after a reboot of
the server.
2022-01-30 11:43:14 +01:00
Franzi
11969b6064
bundles/travelynx: changing the imprint does not require restarting the worker process
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-29 09:24:23 +01:00
Franzi
8a24af27ee
bundles/openhab: backup-client/pre-hooks must not be a list
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-24 07:29:36 +01:00
Franzi
b14f5aea58
bundles/openhab: also include /usr/share/openhab/addons in backups
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-24 07:28:26 +01:00
Franzi
031d647864
bundles/openhab: do full backup in backup-pre-hooks
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-24 07:26:34 +01:00
Franzi
0ccb983b28
bundles/apt: fix metadata key mess (unattended-upgrades vs unattended_upgrades)
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-23 05:47:42 +01:00
Franzi
b21c8f6dbb
bundles/pacman: fix SyntaxError
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-13 16:04:37 +01:00
Franzi
0dd9b061b9
bundles/scansnap: fix backup metadata
2022-01-13 15:54:49 +01:00
Franzi
5b2e5fc838
bundles/backup-server: do not alert for one missing day of backups
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-09 08:26:08 +01:00
Franzi
5df546754f
bundles/pacman: fix install_gui package definition
2022-01-09 08:23:59 +01:00
Franzi
40a9ac4523
bundles/sshmon: add check if OOM killer was active
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-07 18:07:33 +01:00
Franzi
14e4415e5f
bundles/backup-client: rework backup generation
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-07 08:29:34 +01:00
Franzi
b20e729298
bundles/backup-server: add option to disable "last backup" check
2022-01-05 22:57:30 +01:00
Franzi
c535ce24a4
bundles/backup-client: show timezone in backup check
2022-01-05 22:57:26 +01:00
Franzi
35104cb8ce
bundles/backup-client: add check for last backup of specific client
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-05 22:44:55 +01:00
Franzi
b5f93ceb48
bundles/zfs: fix typo
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-05 10:03:54 +01:00
Franzi
c9054a243a
backups: do backup rotation ourselves instead of relying on zfs-auto-snapshot
2022-01-05 09:59:09 +01:00
Franzi
b6eb12ed90
bundles/zfs: add option to disable snapshots for dataset tree
2022-01-05 09:52:20 +01:00
Franzi
a3300cde98
bundles/paperless: ensure we're doing backups of the actual data, too
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-05 07:50:22 +01:00
Franzi
3e0269ba99
bundles/backup-{client,server}: use node names, only deploy users to correct backup server
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 17:15:56 +01:00
Franzi
5a34d9d58c
bundles/systemd-networkd: add option to enable RA for nodes without dhcp
2022-01-04 15:47:05 +01:00
Franzi
245b2219ee
bundles/backup-client: spread backups further apart
2022-01-04 15:34:53 +01:00
Franzi
2c4eb03214
bundles/backup-server: auto-import pool after decrypting
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 15:24:22 +01:00
Franzi
fb931df4f0
bundles/apt: add flag to disable automatic rebooting
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 15:15:19 +01:00
Franzi
4c59479d5c
bundles/backup-server: add option for encrypted devices
2022-01-04 15:15:16 +01:00
Franzi
d0b8ccef64
add bundle:dm-crypt
2022-01-04 15:15:13 +01:00
Franzi
906b63b123
move hostname stuff to libs.tools.resolve_identifier
2022-01-04 15:15:11 +01:00
Franzi
36a4ebcdd6
bundles/powerdns: also try to use node.hostname for dns generation
2022-01-04 15:15:03 +01:00
Franzi
dc2b2ae86b
bundles/check-mail-received: move check source to icinga2 itself
2022-01-02 14:50:32 +01:00
Franzi
59fd71ac6f
update mautrix-telegram to 0.11.0
2022-01-02 13:38:23 +01:00
Franzi
390f18a3a4
hooks: test zfs metadata consistency
2021-12-29 13:23:07 +01:00
Franzi
0b4f0e142f
bundles/zfs: explicitely set canmount and mountpoint if not specified
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-28 16:58:42 +01:00
Franzi
803e1dc411
bundles/mautrix-whatsapp: no need for regular restarts any more
2021-12-28 16:48:43 +01:00
Franzi
7cfe080e6f
bundles/sshmon: add check_pypi_for_new_release
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-25 11:40:23 +01:00
Franzi
0ac0fe072d
bundles/pretalx: wait for migrations before regenerating css and rebuilding stuff
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-25 10:00:26 +01:00
Franzi
44fcdc7d11
bundles/icinga: set cascade_skip=False for icinga_notification_wrapper
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 16:29:18 +01:00
Sophie Schiller
d6ec8de7c6
cleanup duplicated metadata
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 15:39:28 +01:00
Franzi
6292dd4c71
bundles/infobeamer-cms: config is toml now, deploy to src/
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 15:30:25 +01:00
Sophie Schiller
b39d87f33f
infobeamer-cms: set sensible start time
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 14:56:02 +01:00
Franzi
cda1dc2095
bundles/infobeamer-cms: use curl -s
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 13:04:31 +01:00
Franzi
7dc584d8cb
bundles/infobeamer-cms: adjust config to new version
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 12:17:14 +01:00
Franzi
ba294f6a6c
Merge pull request 'Add new Node and bundle for infobeamer-cms' ( #49 ) from sschi-infobeamer-cms into main
...
kunsi/bundlewrap/pipeline/head This commit looks good
Reviewed-on: #49
2021-12-24 10:57:58 +00:00
Franzi
caf2ff6a30
update matrix-media-repo to 1.2.10
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 09:23:58 +01:00
Franzi
0383fa0a67
bundles/{rspamd,netbox}: update redis database number
2021-12-24 09:09:28 +01:00
Sophie Schiller
678f558f4a
infobeamer-cms: WHITESPACE
kunsi/bundlewrap/pipeline/head This commit looks good
kunsi/bundlewrap/pipeline/pr-main This commit looks good
2021-12-23 19:45:24 +01:00
Sophie Schiller
18e30178a4
letsencrypt: add openssl package
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-12-23 19:39:12 +01:00
Sophie Schiller
bac2a369c4
infobeamer-cms: make usable
2021-12-23 19:39:12 +01:00
Sophie Schiller
bf125a73b1
infobeamer-cms: initial commit
2021-12-23 19:39:06 +01:00
Franzi
d288923969
get redis database mapping from libs.defaults
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-23 07:39:08 +01:00
Franzi
b6b5beaa27
bundles/netbox: send update notification mails
2021-12-22 11:12:34 +01:00
Franzi
b8a109efb0
bundles/sshmon: rewrite check_github_for_new_release
2021-12-22 11:09:26 +01:00
Franzi
38b449af35
bundles/letsencrypt: only run dehydrated after installing it
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-19 14:17:41 +01:00
Franzi
de3580a7d3
bundles/letsencrypt: ensure-some-certificate shouldn't create 10-year-certs
2021-12-19 06:36:11 +01:00
Franzi
04450d4b4c
bundles/sudo: disable syslog spam
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-19 06:23:05 +01:00
Franzi
5261375574
bundles/pppd: add systemd-timer to automatically update dyndns
2021-12-19 06:21:04 +01:00
Franzi
376dba347f
bundles/php: allow configuring of memory_limit and clear_env
2021-12-18 18:54:00 +01:00
Franzi
2b06c77439
bundles/pppd: allow dynamic configuration of nftables rules
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-14 16:18:11 +01:00
Franzi
0101e0c92d
bundles/nftables: store rules in dedicated files instead of nftables.conf
kunsi/bundlewrap/pipeline/pr-main This commit looks good
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-14 15:27:30 +01:00
Franzi
c6c5d40084
bundles/nftables: add support for restricting to "all ipv6" and "all ipv4"
2021-12-14 12:40:54 +01:00
Franzi
e2efe87308
rx300: update netbox to 3.1.0
2021-12-12 08:36:18 +01:00
Franzi
7eec5c42e3
bundles/icinga2: do not send sms or mail for services when sms/mail was disabled for host
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-04 20:07:36 +01:00
Franzi
0531ecd217
bundles/gitea: downloading gitea does not need restarting
...
kunsi/bundlewrap/pipeline/head This commit looks good
we're stopping gitea beforehand, then start it again afterwards. No need
to restart it again.
2021-12-04 20:01:35 +01:00
Franzi
d44c87e8a7
move SPAM BLOCKLIST check to icinga2 itself
...
kunsi/bundlewrap/pipeline/head This commit looks good
somehow, we tend to get false positives if we run that check on the
node itself.
2021-11-28 07:26:41 +01:00
Franzi
74f5b25f0d
various fixes, remove some TODOs
2021-11-27 10:40:20 +01:00
Franzi
a76c60f881
bundles/nftables: fix shebang
2021-11-26 18:36:16 +01:00
Franzi
632a1f6e75
voc,pretalx: install plugin lower_thirds
kunsi/bundlewrap/pipeline/head This commit looks good
2021-11-21 09:42:02 +01:00
Franzi
998b776b9f
bundles/kodi: fix .provides()
kunsi/bundlewrap/pipeline/head This commit looks good
2021-11-15 21:45:41 +01:00
Franzi
e4e340e431
bundles/grafana: fix spanning for battery row
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:36:45 +01:00
Franzi
52fbcfb43e
bundles/grafana: add some filling to battery row
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:31:15 +01:00
Franzi
7969ae9ebe
bundles/grafana: fix value for battery dashboard row
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:26:23 +01:00
Franzi
e17d1ab02f
add bundle:telegraf-battery-usage
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:18:42 +01:00
Franzi
e10ac0e57f
bundles/matrix-{media-repo,synapse}: catch all them metrics into influxdb
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-09 18:26:52 +01:00
Franzi
8f6b8632f5
bundles/{element-web,hedgedoc,powerdnsadmin}: use 'yarn install --ignore-scripts'
2021-11-09 18:10:22 +01:00
Franzi
33b6700848
bundles/mautrix-whatsapp: use precompiled binary
2021-11-09 18:10:17 +01:00
Sophie Schiller
eef463afbd
hedgedoc: forbid access to metrics and stats
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-09 11:58:11 +01:00
Sophie Schiller
55798ac704
hedgedoc: add telegraf config for hedgedoc metrics
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-09 11:48:03 +01:00
Franzi
0398df8f3a
bundles/openhab: fix website_check_string
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-10-31 10:31:13 +01:00
Franzi
0412c9042a
bundles/wireguard: fix stderr handling of wg_health_check
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-10-31 09:49:37 +01:00
Franzi
f482874310
home.openhab: install and configure openhab
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-10-31 09:43:53 +01:00
Franzi
2f885e7bfb
bundles/kodi: allow websocket port in firewall
2021-10-31 09:43:07 +01:00
Franzi
ee86b5a121
bundles/wireguard: less spammy output for wg_health_check
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-30 19:36:20 +02:00
Franzi
0a131b4248
bundles/grafana: add voltages and power usage to ipmitool
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-18 19:48:19 +02:00
Franzi
8300f48541
add bundle:ipmitool, add grafana dashboard row
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-18 19:42:27 +02:00
Franzi
92b2e19e44
bundles/grafana: fix line width for fans
2021-10-18 19:41:16 +02:00
Franzi
3775bcb9db
bundles/telegraf: add cache directory
2021-10-18 19:34:20 +02:00
Franzi
5885e4b043
bundles/users: add lsb_release and local date to status line
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-16 07:42:19 +02:00
Franzi
29eef9ec59
htop: fix sorting
2021-10-16 07:38:57 +02:00
Franzi
94cba4283b
bundles/pretalx: fixup cron
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-15 20:10:46 +02:00
Franzi
86953e60bd
bundles/pretalx: add script to automatically set is_administrator and is_staff based on group membership
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-15 20:03:15 +02:00
Franzi
095d425de1
bundles/wireguard: do not run wg_health_check during bw apply
2021-10-14 09:02:01 +02:00
Franzi
9188b28b7a
bundles/wireguard: add wg_health_check
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-14 08:54:54 +02:00
Franzi
61e5591628
bundles/systemd-networkd: fix bridge-in-bridge-setup on home.nas not working properly
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-11 20:46:07 +02:00
Franzi
8656f99f8e
bundles/wireguard: re-add reconnect script for added resiliency
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-30 06:37:42 +02:00
Franzi
30d4d989fc
add bundle:bird
2021-09-29 19:45:18 +02:00
Franzi
fe44417b14
bundles/systemd-networkd: add dummy interfaces
2021-09-29 19:44:37 +02:00
Franzi
996ef6e115
bundles/nftables: more sorted()
2021-09-29 19:44:13 +02:00
Franzi
5f1f4fd654
bundles/wireguard: add option 'snat_to' for connections
2021-09-29 19:43:29 +02:00
Franzi
902840ee7f
bundles/wireguard: use one wireguard connection per peer instead of one for all
2021-09-29 19:27:13 +02:00
Franzi
2b0e3a4bf0
bundles/powerdns: use only public ips or those attached to physical interfaces to create dns records
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-25 11:08:18 +02:00
Franzi
b81153e957
bundles/netbox: fix upgrade command
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-22 16:43:59 +02:00
Franzi
05d69c1f12
bundles/powerdns: use named-checkzone to verify zone integrity
2021-09-22 16:42:26 +02:00
Franzi
bb8910d15f
bundles/gitea: use metadata.get()
2021-09-22 16:38:27 +02:00
Franzi
b21f7c856a
bundles/gitea: switch to new file type 'download'
2021-09-21 07:55:15 +02:00
Franzi
ed2bb66e3e
bundles/basic: add links to icinga, grafana and nginx vhosts to login message
2021-09-16 19:33:11 +02:00
Franzi
5a7d0b0afd
bundles/icinga2: don't skip everything if check_sipgate_account_balance can't get applied
2021-09-16 19:33:08 +02:00
Sophie Schiller
c9f9a27096
bundle/hedgedoc add new csp defaults
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-14 20:23:01 +02:00
Sophie Schiller
738dbd94a0
bundle/hedgedoc improve dependencies
2021-09-14 20:23:01 +02:00
Sophie Schiller
481c1c85e5
bundle/nginx set instead of HTTPS
2021-09-14 20:23:01 +02:00
Sophie Schiller
77a14a0017
bundle/hedgedoc remove quoting inconsistencies
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-11 20:24:10 +02:00
Franzi
