e909144544
bw/bundles/postgresql: do not auto-detect postgresql version from debian version
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-27 12:51:53 +01:00
5de7e0245a
home.rechenmonster: fix trailing whitespace
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 17:46:14 +01:00
75e1ab0db4
home.rechenmonster: enable smartd, sort metadata
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 22:37:20 +01:00
Sophie Schiller
3455e6daa2
add more config to rechenmonster
2022-02-18 22:18:27 +01:00
Sophie Schiller
266fd5aaa8
home.rechenmonster: upgrade to real node
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 21:21:26 +01:00
8e9097a8c1
home.nas: split nas_permissions timer to multiple commands
kunsi/bundlewrap/pipeline/head This commit looks good
2022-02-07 07:01:50 +01:00
46e6b0f704
home.nas: move cron jobs to systemd timers
2022-02-06 13:40:54 +01:00
2a3a26c333
home.nas: system is no longer backup target, do run scrub at night
2022-02-06 08:51:44 +01:00
c43129104d
home.nas: more backup paths
2022-02-05 15:39:33 +01:00
0d865c93d4
bundles/cron: use MAILTO=, rework metadata syntax
2022-02-05 11:41:41 +01:00
c6078e566c
home.nas: uninstall youtube-dl
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-24 20:04:10 +01:00
Sophie Schiller
248133a632
bw/home.wled-wohnzimmer set new mac address
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-23 13:55:43 +01:00
0ccb983b28
bundles/apt: fix metadata key mess (unattended-upgrades vs unattended_upgrades)
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-23 05:47:42 +01:00
07157b6335
home.nas: disable automatic reboot after updates
2022-01-23 05:09:36 +01:00
05f87bad77
home.nas: do some backups
2022-01-13 15:56:57 +01:00
c9054a243a
backups: do backup rotation ourselves instead of relying on zfs-auto-snapshot
2022-01-05 09:59:09 +01:00
fd1e2690f8
remove home.octoprint-leapfrog
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 17:35:59 +01:00
3e0269ba99
bundles/backup-{client,server}: use node names, only deploy users to correct backup server
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 17:15:56 +01:00
3d90f544bf
groups/linux: change backup host to htz-hel.backup-kunsi
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 15:52:24 +01:00
5a34d9d58c
bundles/systemd-networkd: add option to enable RA for nodes without dhcp
2022-01-04 15:47:05 +01:00
956185fde1
home.nas: fix local mqtt topic for c3voc bridge
2021-12-25 20:11:09 +01:00
2b06c77439
bundles/pppd: allow dynamic configuration of nftables rules
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-14 16:18:11 +01:00
0101e0c92d
bundles/nftables: store rules in dedicated files instead of nftables.conf
kunsi/bundlewrap/pipeline/pr-main This commit looks good
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-14 15:27:30 +01:00
74f5b25f0d
various fixes, remove some TODOs
2021-11-27 10:40:20 +01:00
c0b5dbe89a
home.openhab: fix backup server address
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-02 18:03:19 +01:00
f482874310
home.openhab: install and configure openhab
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-10-31 09:43:53 +01:00
980bea3351
add node home.openhab
2021-10-26 15:38:01 +02:00
f02088d9fe
nodes/home.router: enable wg_health_check
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-14 09:02:29 +02:00
b7482008df
home.router: add hosts entry for wireguard box
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-30 06:48:22 +02:00
13057d6f76
home.router: remove openvpn client
2021-09-29 20:36:34 +02:00
89f91f3857
nodes: add bird to wireguard nodes
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-29 19:47:14 +02:00
74ba98624b
home.nas: install requirements for compiling yate
2021-09-16 19:33:05 +02:00
3f38497585
bundles/vmhost: add metadata reactor to add all admins to 'libvirt' group
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-22 07:25:46 +02:00
ece7b343f9
nodes/home.router: disable sms alerts for now
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-22 07:14:47 +02:00
08485aa827
nodes/home.nas: add second bridge where LAN is available untagged
2021-08-22 07:13:32 +02:00
4167d3cb22
update to bw 4.11.2
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-17 18:10:35 +02:00
bd10dc578f
bundles/pppd: refactor check_dyndns_update
...
kunsi/bundlewrap/pipeline/head There was a failure building this commit
We don't care about what the DNS provider said when updating the ip
address. The only thing we care about is wether the current external ip
of the system matches the resolved ip address.
2021-08-14 08:00:43 +02:00
4082540b7d
home.nas: add one more ssh key to qcn user
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-25 09:40:49 +02:00
0d9e9ffa4b
home.nas: add read-only rsync user for movie storage
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-24 12:10:54 +02:00
46fcd1670f
fix mac address for home.winkeeinhorn-vm
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-22 16:24:51 +02:00
cee2a41771
items/zfs_pool: rewrite item to support all kinds of zfs pools
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 18:12:57 +02:00
77f785135d
groups/home: add icinga host dependencies
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 09:21:43 +02:00
b5ab21549d
bundles/nginx: rename 'proxy' metadata to 'locations', support more generic options, move extras files to metadata
bundlewrap/pipeline/head This commit looks good
2021-07-04 19:28:03 +02:00
b7935e59e7
nodes/home.paperless: increase max_body_size
2021-07-02 15:49:17 +02:00
bb15d1217f
nodes/home.nas: more ram
bundlewrap/pipeline/head This commit looks good
2021-06-26 06:18:01 +02:00
a793bb5fc1
bundles/zfs: rename zfs_arc_max_mb to zfs_arc_max_gb
bundlewrap/pipeline/head This commit looks good
2021-06-25 18:39:06 +02:00
Sophie Schiller
b949ba3e72
bw/home.kodi-wohnzimmer update to bullseye
bundlewrap/pipeline/head This commit looks good
2021-06-23 18:07:43 +02:00
e3578e669c
nodes/home.nas: add cronjob
bundlewrap/pipeline/head This commit looks good
2021-06-12 08:56:38 +02:00
3fc51d9eba
nodes/home.nas: move scrub to where it does not interfere with backups
2021-06-06 08:03:16 +02:00
72d4826dbb
remove bundle:netdata - we have telegraf and grafana now
bundlewrap/pipeline/head This commit looks good
2021-06-05 13:28:25 +02:00
91cf6cd1e5
move lm-sensors to its own bundle, add to hardware systems
2021-06-05 12:23:09 +02:00
95856a2c2d
add bundle:sysctl
2021-06-04 07:28:26 +02:00
d569b00960
modify nodes and bundles for new nftables syntax
2021-06-03 13:59:36 +02:00
faf27a3940
bundles/nfs-server: support using node names for shares
bundlewrap/pipeline/head This commit looks good
2021-06-03 07:45:56 +02:00
a6434bd8d0
create dedicated user for kunsi work laptop
2021-06-01 16:55:16 +02:00
79facf2409
nodes/home.paperless: set backup target
bundlewrap/pipeline/head This commit looks good
2021-05-24 19:19:24 +02:00
Sophie Schiller
1461cf2827
bw/home.paperless-sophie add sophie's paperless host
bundlewrap/pipeline/head This commit looks good
2021-05-24 19:04:59 +02:00
d193ec8ef3
bundles/paperless: set some options
2021-05-24 10:23:19 +02:00
fa59c547a9
nodes/home.paperless: add vhost extras for static files
bundlewrap/pipeline/head This commit looks good
2021-05-23 18:11:57 +02:00
22c98a4206
nodes/home.paperless: introduce
bundlewrap/pipeline/head This commit looks good
2021-05-23 17:41:19 +02:00
32826ed131
bundles/mosquitto: add telegraf stats for tasmota devices
bundlewrap/pipeline/head There was a failure building this commit
2021-05-15 08:52:37 +02:00
d51cded72d
nodes/home.router: use debian buster nginx repo for now
bundlewrap/pipeline/head This commit looks good
2021-05-15 06:58:42 +02:00
dccdd4d97f
nodes/home.octoprint-vielschichtigkeit: remove node
bundlewrap/pipeline/head This commit looks good
2021-05-13 09:11:33 +02:00
7775f33679
bundles/apt: move patchday to 21:00 UTC
2021-05-13 09:10:33 +02:00
c41c43cd5c
nodes/home.nas: more snapshot for storage/nas
2021-05-08 11:07:12 +02:00
8c276b53a6
nodes/home.nas: enable x11 forwarding for admins
bundlewrap/pipeline/head This commit looks good
2021-05-01 15:18:21 +02:00
8a95dfa90a
nodes/home.downloadhelper: restrict lldp to vlan 42
bundlewrap/pipeline/head This commit looks good
2021-05-01 10:05:24 +02:00
a8e07c62c3
nodes/home.router: add ssl to vnstat nginx vhost
2021-04-25 09:10:05 +02:00
019d658442
bundles/icinga2: add check_usv_snmp
bundlewrap/pipeline/head This commit looks good
2021-04-25 08:02:04 +02:00
1360a36a95
nodes/home.router: poll switch and usv more often
2021-04-24 14:58:09 +02:00
e5c49ab172
nodes/home.router: add snmp plugin to telegraf
bundlewrap/pipeline/head This commit looks good
2021-04-24 14:32:27 +02:00
8687cd6bfa
nodes/home.nas: set zfs snapshot settings for storage/scan
bundlewrap/pipeline/head This commit looks good
2021-04-21 18:26:10 +02:00
0c0a8e6263
bundles/scansnap: chown files to nobody-nogroup
2021-04-21 18:18:27 +02:00
b5fb5dd6c2
bundles/scansnap: introduce, add to home.nas
2021-04-21 17:58:16 +02:00
24362768fb
bundles/dhcpd: rework metadata
bundlewrap/pipeline/head This commit looks good
2021-04-20 18:18:17 +02:00
0028e0fcd0
nodes/home.downloadhelper: do not send hostname via dhcp
bundlewrap/pipeline/head This commit looks good
2021-04-19 20:42:15 +02:00
0c59af2fdc
nodes/home.octoprint-vielschichtigkeit: set exclude_from_monitoring
2021-04-17 09:40:02 +02:00
4973c63e62
bundles/icinga2: remove icinga_options/downtime_also_for, add host dependencies via icinga_options/also_affected_by
bundlewrap/pipeline/head This commit looks good
2021-04-17 09:21:51 +02:00
4d5e75df68
bundles/icinga2: introduce icinga_options/downtime_also_for
bundlewrap/pipeline/head This commit looks good
2021-04-17 03:43:08 +02:00
ac58f2a10c
nodes/home.router: fix dhcp config for dmz
2021-04-10 12:09:24 +02:00
3a7d612c7a
nodes/home.router: update to bullseye
2021-04-10 09:20:34 +02:00
Sophie Schiller
913f2cde8f
switch to new kodi with old name
bundlewrap/pipeline/head This commit looks good
2021-04-09 21:13:24 +02:00
Sophie Schiller
995ae2f55f
add new kodi minion
bundlewrap/pipeline/head This commit looks good
2021-04-09 20:54:53 +02:00
28eb3f023c
nodes/home.openwebrx: reuse pi for home.octoprint-leapfrog
bundlewrap/pipeline/head This commit looks good
2021-04-05 19:50:36 +02:00
68b8cf28d3
nodes/home.{nas,router}: fix firewall for netdata and nginx
bundlewrap/pipeline/head This commit looks good
2021-04-04 11:30:50 +02:00
c418102000
bundles/netdata: fix iptables default
2021-04-04 10:30:45 +02:00
9cbf866de7
bundles/mosquitto: introduce, add to node home.nas
bundlewrap/pipeline/head This commit looks good
2021-04-03 09:36:47 +02:00
6e423c24fb
bundles/wireguard: rework metadata.py
bundlewrap/pipeline/head There was a failure building this commit
2021-04-01 16:27:31 +02:00
d787f8b0a3
bundles/systemd-networkd: rework routes
2021-04-01 16:25:24 +02:00
b52a196c73
bundles/nginx: add configuration option for client_max_body_size
bundlewrap/pipeline/head This commit looks good
2021-03-30 21:26:25 +02:00
72831ee386
nodes/home.nas: one cronjob for permissions instead of three
bundlewrap/pipeline/head This commit looks good
2021-03-28 16:44:01 +02:00
83db4ba886
nodes/home.nas: add firewalling for yate sip server
bundlewrap/pipeline/head This commit looks good
2021-03-26 18:55:20 +01:00
691c3e7bc2
iptables: add some missing rules
bundlewrap/pipeline/head This commit looks good
2021-03-21 12:27:03 +01:00
087bc4c669
nodes: iptables for all
bundlewrap/pipeline/head This commit looks good
2021-03-21 11:44:52 +01:00
5775001301
bundles/postfix: add iptables config
2021-03-21 11:11:49 +01:00
9e1685531c
nodes/home.router: add iptables rule for mail
bundlewrap/pipeline/head This commit looks good
2021-03-15 11:48:35 +01:00
3fcd81960e
bundles/postfix: allow configuring mynetworks
bundlewrap/pipeline/head This commit looks good
2021-03-15 11:41:35 +01:00
f6ecf2a465
bundles/nfs-client: support arch linux
bundlewrap/pipeline/head This commit looks good
2021-03-11 15:24:06 +01:00
f57681b098
nodes: move wireguard stuff to 172.19.136.0/25
bundlewrap/pipeline/head This commit looks good
2021-03-07 14:39:04 +01:00
74d81eb7ba
bundles/nginx: support disabling ssl for each vhost individually
bundlewrap/pipeline/head This commit looks good
2021-02-20 14:25:27 +01:00
56ff2a794f
nodes/home.router: enable sms notifications for monitoring
2021-02-19 14:46:29 +01:00
debabe85b0
nodes/home.router: add dhcp and ipv6 to DMZ
2021-02-19 12:02:46 +00:00
d1b1ca7729
nodes/home.openwebrx: introduce
bundlewrap/pipeline/head This commit looks good
2021-02-16 08:43:10 +01:00
5c1eba0d58
bundles: use a common metadata key for firewall restrictions, use repo.libs.tools.resolve_identifier()
bundlewrap/pipeline/head This commit looks good
2021-02-15 14:16:35 +01:00
6527c985a7
nodes/home.router: add wg0 to allowed interfaces for netdata and nginx
bundlewrap/pipeline/head This commit looks good
2021-02-14 21:42:50 +01:00
d7398135d1
nodes/home.wled-wohnzimmer: add node
2021-02-06 09:39:36 +01:00
5d1fc22813
nodes/home.downloadhelper: install netdata
bundlewrap/pipeline/head This commit looks good
2021-01-16 15:43:42 +01:00
4e6be9b51e
nodes/home.nas: less snapshots for storage/download
2021-01-10 10:02:25 +01:00
8e54d6eb23
add monitoring for freifunk nodes
bundlewrap/pipeline/head This commit looks good
2021-01-09 11:03:23 +01:00
33b85ff0de
bundles/transmission: add bundle, add to home.downloadhelper
bundlewrap/pipeline/head This commit looks good
2021-01-08 17:00:08 +01:00
dca13263e2
bundles/systemd-networkd: add option for setting static routes
2021-01-08 16:09:59 +01:00
c49d9ffc56
nodes/home.downloadhelper: add node, add storage on home.nas
2021-01-07 22:15:14 +01:00
Sophie Schiller
f6eeda0235
update ip-addresses and macs
bundlewrap/pipeline/head This commit looks good
2021-01-04 07:24:57 +01:00
fc94e63467
nodes/{home.nas,rx300}: remove bond priority (unused)
2021-01-02 12:18:41 +01:00
379dc9e1fe
nodes/home.nas: fix LACP priority
2021-01-01 21:59:49 +01:00
ed325848ab
nodes/home.router: refine forwarding rules for enp1s0.23
bundlewrap/pipeline/head This commit looks good
2020-12-31 22:30:10 +01:00
1a9fadce70
nodes/home.router: allow ICMP and SSH via IPv6 to all hosts behind this router
bundlewrap/pipeline/head This commit looks good
2020-12-31 21:28:15 +01:00
55058bdfd9
nodes/home.{nas,usv01}: add comments about Dell Local Node Manager
bundlewrap/pipeline/head This commit looks good
2020-12-25 15:26:23 +01:00
4d853c974c
nodes/home.{sw01,usv01}: add to monitoring
bundlewrap/pipeline/head This commit looks good
2020-12-22 16:54:38 +01:00
7bf77f9a49
home.nas: add ZFS cache disk to S.M.A.R.T. checks
bundlewrap/pipeline/head This commit looks good
2020-12-18 18:00:32 +01:00
da4b139095
bundles/{radvd,wide-dhcp6c}: remove metadata key integrate-with-pppd
bundlewrap/pipeline/head This commit looks good
2020-12-18 16:30:17 +01:00
ec62dfdb9a
home.kodi-wohnzimmer: disable smart checks
2020-12-18 08:42:36 +01:00
3eeb253e55
bundles/unbound: introduce, add to nodes
bundlewrap/pipeline/head This commit looks good
2020-12-13 14:59:44 +01:00
2c062761e3
nodes/home.router: add work ssh keys
2020-12-12 09:12:26 +01:00
41ff060e99
nodes/home.router: fix restart_pppd cronjob
2020-12-12 09:12:05 +01:00
bd217f0666
bundles/pppd: automatically restart pppoe (once per hour) if no public ip address can be found
bundlewrap/pipeline/head There was a failure building this commit
2020-12-10 16:14:17 +01:00
b80c0b12fe
home.router: add c3voc vpn
2020-12-08 17:45:30 +01:00
8a1a1bd8fd
home.router: sort metadata
2020-12-06 19:52:32 +01:00
295ff72b4b
bundles/smartd: introduce, add to hosts where *we* need to keep track of disk health
bundlewrap/pipeline/head This commit looks good
2020-11-29 12:07:27 +01:00
1bfeead5e8
nodes/home.nas: change nfs-mount options for /storage/nas
2020-11-29 12:05:51 +01:00
d19f0dd5bd
nodes/home.nas: add backup target for kunsi-t470
2020-11-27 03:10:11 +01:00
c1885e20b6
nodes/home.octoprint-vielschichtigkeit: fix ifnames, fix vhost
2020-11-25 21:26:21 +01:00
4f5e462c94
bundles/octoprint: add update check
2020-11-21 20:35:29 +01:00
58ca3fa9ae
bundles/wireguard: add netdev and network files, add iptables rules
bundlewrap/pipeline/head This commit looks good
2020-11-21 15:38:38 +01:00
70513c47fa
nodes/home.*: set icinga_options
bundlewrap/pipeline/head This commit looks good
2020-11-21 11:31:40 +01:00
63fd31c226
bundles/icinga2: support specifying an alternative host for checks
bundlewrap/pipeline/head This commit looks good
2020-11-21 10:58:57 +01:00
daa90a4668
move groups around
2020-11-21 10:55:09 +01:00
7d78ac9db8
bundles/vnstat: add flag to generate statistics images, add to home.router
bundlewrap/pipeline/head This commit looks good
2020-11-16 17:07:05 +01:00
88dd587fb4
bundles/vnstat: introduce, add to home.router
2020-11-16 16:33:26 +01:00
9fa3757a96
nodes/home.nas: add zfs dataset for yate installation
2020-11-16 15:28:16 +01:00
d0b2e2fb61
nodes/home.nas: fix permissions cronjobs
bundlewrap/pipeline/head This commit looks good
2020-11-15 17:33:25 +01:00
f6dafbc78e
nodes/home.router: use default settings for dhcp lease times
2020-11-15 11:58:55 +01:00
84d1984cc1
nodes/home.nas: add users to "nas" group, add cronjobs to ensure permissions on nas dataset
bundlewrap/pipeline/head This commit looks good
2020-11-15 11:12:22 +01:00
9e2cb92766
nodes/home.nas: add user f2k1de
2020-11-15 10:36:40 +01:00
da39da4a5f
nodes/home.router: add user f2k1de, to allow them to do port forwarding
bundlewrap/pipeline/head This commit looks good
2020-11-15 10:07:29 +01:00
d83dbbdd75
bundles/systemd-networkd: use some more options for bond interfaces
2020-11-15 09:39:44 +01:00
1339564dc4
bundles/netdata: introduce, add to home.nas and home.router
bundlewrap/pipeline/head This commit looks good
2020-11-14 14:05:28 +01:00
f405dca771
bundles/pppd: add dyndns capability
2020-11-14 12:46:19 +01:00
10732efa36
nodes/home.router: add port forwarding for home.nas
bundlewrap/pipeline/head This commit looks good
2020-11-14 12:26:22 +01:00
c8272b933a
nodes/home.nas: do updates on saturday
...
This machine is the vmhost for our router. We don't want them
to be rebooting at the same time.
2020-11-14 12:25:52 +01:00