ff85191bbe
bundles/radvd: fix typo
bundlewrap/pipeline/head This commit looks good
2021-06-04 07:28:40 +02:00
95856a2c2d
add bundle:sysctl
2021-06-04 07:28:26 +02:00
8d21e15106
bundles/pppd: restart nftables if it isn't running
2021-06-04 07:20:59 +02:00
1fbc08f74b
bundles/nginx: add a default security.txt to all vhosts
bundlewrap/pipeline/head This commit looks good
2021-06-03 18:57:25 +02:00
0a7e5bcdcd
move default values to libs/defaults
2021-06-03 18:27:45 +02:00
5369490b79
bundles/postfix: fix spam blocklist timeout
2021-06-03 14:31:03 +02:00
5c83287057
EOL bundle:iptables
bundlewrap/pipeline/head This commit looks good
2021-06-03 13:59:50 +02:00
d569b00960
modify nodes and bundles for new nftables syntax
2021-06-03 13:59:36 +02:00
ecb67d012b
bundles/nftables: introduce
2021-06-03 13:57:50 +02:00
faf27a3940
bundles/nfs-server: support using node names for shares
bundlewrap/pipeline/head This commit looks good
2021-06-03 07:45:56 +02:00
09397e2597
bundles/users: fix adding of non-admin users
2021-06-01 16:53:29 +02:00
47c18913ca
bundles/pacman: install htop
2021-06-01 16:53:14 +02:00
fba83415c7
bundles/letsencrypt: prepare for arch linux
2021-06-01 16:52:52 +02:00
cf3c45fdd5
bundles/nginx: prepare for arch linux
2021-06-01 16:52:03 +02:00
6b90d568cf
bundles/postfix: use dig
in check_spam_blocklist instead of a python library
...
bundlewrap/pipeline/head This commit looks good
The library isn't available as a debian package, so we would have to
manually install that every time the python package updates its minor
version number.
2021-05-29 09:29:40 +02:00
3468b719ed
bundles/nginx: default vhost always supports letsencrypt
2021-05-24 19:19:10 +02:00
Sophie Schiller
1461cf2827
bw/home.paperless-sophie add sophie's paperless host
bundlewrap/pipeline/head This commit looks good
2021-05-24 19:04:59 +02:00
6bfcd87976
bundles/paperless-ng: ensure we have static files
bundlewrap/pipeline/head This commit looks good
2021-05-24 15:02:04 +02:00
Sophie Schiller
9a60d36a03
scan bright colors
bundlewrap/pipeline/head This commit looks good
2021-05-24 11:01:13 +02:00
5d4ca086e6
bundles/scansnap: do ocr in a separate process to speed up scanning
bundlewrap/pipeline/head This commit looks good
2021-05-24 10:24:01 +02:00
d193ec8ef3
bundles/paperless: set some options
2021-05-24 10:23:19 +02:00
df3e18b476
bundles/paperless: fix media path
bundlewrap/pipeline/head This commit looks good
2021-05-23 18:41:56 +02:00
22c98a4206
nodes/home.paperless: introduce
bundlewrap/pipeline/head This commit looks good
2021-05-23 17:41:19 +02:00
3a44a9fbfb
bundles/vmhost: only install qemu-kvm for debian buster and older
bundlewrap/pipeline/head This commit looks good
2021-05-23 14:54:47 +02:00
46f7aa93ef
bundles: fix dependencies
2021-05-23 14:54:24 +02:00
8dc66421c0
bundles/basic: don't rewrite /etc/locale.gen every time
2021-05-23 14:53:45 +02:00
5a182fadef
make some bundles arch-compatible, more default packages for arch
2021-05-23 14:36:16 +02:00
97cbef06a2
bundles/grafana: remove derivative from temperature and fan graphs
bundlewrap/pipeline/head This commit looks good
2021-05-20 06:51:10 +02:00
8568298a4e
bundles/grafana: make sure we have backups of the grafana database
bundlewrap/pipeline/head This commit looks good
2021-05-19 20:56:34 +02:00
e54135b014
bundles/telegraf: it's "command" for execd, not "commands", because ... who knows
bundlewrap/pipeline/head This commit looks good
2021-05-19 20:50:18 +02:00
df192e543b
bundles/transmission: add telegraf statistics
bundlewrap/pipeline/head There was a failure building this commit
2021-05-19 20:12:52 +02:00
3b3bdeecab
bundles/pacman: add lm_sensors to telegraf, add dashboard row
2021-05-19 18:46:22 +02:00
9e07af289e
bundles/scansnap: don't try to delete output directory
bundlewrap/pipeline/head This commit looks good
2021-05-19 06:35:18 +02:00
3e9c28b8ae
bundles/zfs: no 'set -e' in backup-pre-hook
bundlewrap/pipeline/head This commit looks good
2021-05-16 07:53:27 +02:00
976aa251d1
bundles/zfs: actually unmount snapshots before trying to destroy them
bundlewrap/pipeline/head This commit looks good
2021-05-16 07:43:31 +02:00
479b730be4
bundles/zfs: introduce zfs-snapshot-backups, enable backups for nodes which need zfs-snapshot-backups
bundlewrap/pipeline/head This commit looks good
2021-05-15 20:32:23 +02:00
25b305bddf
bundles/mosquitto: fix .provides()
bundlewrap/pipeline/head This commit looks good
2021-05-15 08:58:15 +02:00
32826ed131
bundles/mosquitto: add telegraf stats for tasmota devices
bundlewrap/pipeline/head There was a failure building this commit
2021-05-15 08:52:37 +02:00
eb6ae208cb
bundles/grafana: fix file system permissions
bundlewrap/pipeline/head This commit looks good
2021-05-15 07:33:21 +02:00
d9595ad8e6
bundles/icinga2: fix typo in check_usv_snmp
2021-05-15 07:28:15 +02:00
07c3d93e7d
bundles/miniflux: make sure to restart process if it crashes
bundlewrap/pipeline/head This commit looks good
2021-05-15 06:50:11 +02:00
8e45b93b78
bundles/powerdnsadmin: yarn isn't installed globally any more
bundlewrap/pipeline/head This commit looks good
2021-05-14 20:15:49 +02:00
Sophie Schiller
d3c9550463
bundle/postgresql add dependencies, remove redundant config
2021-05-14 20:06:42 +02:00
Sophie Schiller
a656eb7eb3
bundle/nodejs remove yarn install
2021-05-14 20:05:04 +02:00
Sophie Schiller
88cfbc0699
bundle/matrix-synapse update dependencies, improve postgres database
...
creation
2021-05-14 20:03:56 +02:00
Sophie Schiller
bd19749971
bundle/matrix-media-repo update dependencies and needs
2021-05-14 20:02:39 +02:00
Sophie Schiller
3c5e778016
bundle:/element-web install yarn from npm instead of apt
2021-05-14 20:01:19 +02:00
459c7731cb
bundles/backup-client: use --compress-level=1 instead of -z
2021-05-14 10:47:58 +02:00
7775f33679
bundles/apt: move patchday to 21:00 UTC
2021-05-13 09:10:33 +02:00
fab9a41024
bundles/c3voc-addons: use new way of doing updates, too
bundlewrap/pipeline/head This commit looks good
2021-05-11 06:21:42 +02:00
276bd6ae8d
bundles/apt: rework upgrade-and-reboot mechanics to be more robust
bundlewrap/pipeline/head This commit looks good
2021-05-08 08:31:04 +02:00
c976be62d7
bundles/grafana: only refresh managed dashboards every minute
...
bundlewrap/pipeline/head This commit looks good
After all, we're only getting data every minute, so there's no point
in refreshing more often.
2021-05-02 19:57:32 +02:00
c1b1dc1a29
bundles/grafana: add support for custom managed dashboards
2021-05-02 17:49:40 +02:00
fe668fd5d4
bundles/grafana: add "traffic per interface" graphs, fix naming of values
bundlewrap/pipeline/head This commit looks good
2021-05-02 15:01:22 +02:00
0f387102b3
bundles/postgresql: do not collect metrics for telegraf database
bundlewrap/pipeline/head This commit looks good
2021-05-02 14:01:26 +02:00
ada87897a4
bundles/grafana: add wireguard graphs
2021-05-02 13:55:41 +02:00
40160fb25a
bundles: remove telegraf metrics from systemd-networkd and icinga2
2021-05-02 13:18:35 +02:00
3b1d1f7e94
add postgresql metrics to telegraf/grafana
bundlewrap/pipeline/head This commit looks good
2021-05-02 13:09:01 +02:00
1bc47fa231
bundles/grafana: fix y axis for disk iops graph
bundlewrap/pipeline/head This commit looks good
2021-05-02 12:07:49 +02:00
ae0bb8ed58
bundles/postfix: rework exporter for better usability
2021-05-02 12:06:53 +02:00
9b9465502a
bundles/grafana: add postfix graph
bundlewrap/pipeline/head This commit looks good
2021-05-02 11:55:34 +02:00
0b972bc464
bundles/grafana: add nginx
bundlewrap/pipeline/head This commit looks good
2021-05-02 11:34:55 +02:00
b299edbef4
bundles/grafana: add "free" to memory row
bundlewrap/pipeline/head This commit looks good
2021-05-02 11:05:01 +02:00
68fed2439d
bundles/apt: fix "set -x" call
bundlewrap/pipeline/head This commit looks good
2021-05-02 10:45:21 +02:00
c548a88ee7
bundles/grafana: introduce, add to htz-cloud.influxdb
2021-05-02 10:44:50 +02:00
1a1ea721d9
bundles/telegraf: also work for arch linux systems
2021-05-02 07:32:54 +02:00
8c276b53a6
nodes/home.nas: enable x11 forwarding for admins
bundlewrap/pipeline/head This commit looks good
2021-05-01 15:18:21 +02:00
75fea7aa34
bundles/gitea: add a ssh key, enable git hooks for htz.ex42-1048908
bundlewrap/pipeline/head This commit looks good
2021-05-01 14:27:31 +02:00
8a95dfa90a
nodes/home.downloadhelper: restrict lldp to vlan 42
bundlewrap/pipeline/head This commit looks good
2021-05-01 10:05:24 +02:00
3de85e6717
bundles/webfs: introduce
2021-04-30 19:40:45 +02:00
30efde6eb3
bundles/apt: remove unneeded if
bundlewrap/pipeline/head This commit looks good
2021-04-30 13:30:10 +02:00
b235519ecf
bundles/apt: "set -xeuo pipefail" for upgrade-and-reboot
bundlewrap/pipeline/head This commit looks good
2021-04-30 12:51:09 +02:00
8fd83241ca
bundles: ensure apt/repos/*/items is a set
2021-04-30 12:49:59 +02:00
44d42de81c
bundles/nginx: only redirect to ssl for sites which actually have ssl enabled
bundlewrap/pipeline/head This commit looks good
2021-04-25 09:20:16 +02:00
d98a1adfd9
bundles/ssl: support using a preexisting ssl certificate
2021-04-25 09:09:23 +02:00
019d658442
bundles/icinga2: add check_usv_snmp
bundlewrap/pipeline/head This commit looks good
2021-04-25 08:02:04 +02:00
ffd899534a
bundles/telegraf: use node.metadate.get() everywhere
bundlewrap/pipeline/head This commit looks good
2021-04-24 14:51:01 +02:00
e9ce0ce869
bundles/systemd-networkd: add missing key to .provides()
bundlewrap/pipeline/head This commit looks good
2021-04-24 12:38:51 +02:00
966ee7dae9
bundles/unbound: set correct statistics interval
2021-04-24 12:00:09 +02:00
a9692317d2
bundles/telegraf: temporarily hardcode a repo path
bundlewrap/pipeline/head There was a failure building this commit
2021-04-24 11:47:28 +02:00
6772b3b5d0
bundles: various fixes for telegraf plugins
bundlewrap/pipeline/head There was a failure building this commit
2021-04-24 11:45:58 +02:00
a980e22ecb
bundles/telegraf: support requesting additional capabilities and/or groups
2021-04-24 11:44:55 +02:00
dc0695e38f
bundles/influxdb: introduce
2021-04-24 10:17:56 +02:00
c97d9ab948
bundles/postfix: use own postqueue exporter
2021-04-24 10:17:05 +02:00
76f46ca7d5
bundles/telegraf: add sudoers file
2021-04-24 10:12:56 +02:00
2432075f9a
bundles/telegraf: ensure telegraf is running, restart on config changes
2021-04-24 10:05:52 +02:00
f58e66f701
bundles/c3voc-addons: make sure we're not accidentially overwriting c3voc telegraf config
2021-04-24 09:44:31 +02:00
2667a2c00d
libs: replace libs.toml.dict_to_toml with libs.faults.resolve_faults
bundlewrap/pipeline/head This commit looks good
2021-04-24 09:39:08 +02:00
a37d31973a
bundles: add some telegraf plugins
2021-04-24 09:14:25 +02:00
5e0541aef8
bundles/telegraf: introduce
2021-04-24 09:14:21 +02:00
ebb6d287b2
bundles/icinga2: add node name to automatic downtime comment
bundlewrap/pipeline/head This commit looks good
2021-04-23 14:30:34 +02:00
8b14575657
bundles/postgresql: add metadata keys for some performance related config options
2021-04-23 14:02:04 +02:00
616feb54b2
bundles/sshmon: fix an issue where check_mounts couldn't properly detect systemd mount units
2021-04-23 14:01:24 +02:00
c0ff320281
bundles/scansnap: set proper permissions for /srv/scansnap
2021-04-21 18:25:37 +02:00
c79b3f77c2
bundles/scansnap: cleanup old scans
2021-04-21 18:20:47 +02:00
0c0a8e6263
bundles/scansnap: chown files to nobody-nogroup
2021-04-21 18:18:27 +02:00
b5fb5dd6c2
bundles/scansnap: introduce, add to home.nas
2021-04-21 17:58:16 +02:00
5e49e3204b
bundles/nfs-server: sort shares
2021-04-21 17:56:53 +02:00
24362768fb
bundles/dhcpd: rework metadata
bundlewrap/pipeline/head This commit looks good
2021-04-20 18:18:17 +02:00
12c04cf3be
bundles/users: some more bash config
2021-04-19 20:39:57 +02:00
8536e87475
bundles/systemd-networkd: some more dhcp settings
bundlewrap/pipeline/head This commit looks good
2021-04-18 11:05:42 +02:00
51ee9be424
bundles/radvd: advertise atleast every 30 seconds
2021-04-18 11:05:10 +02:00
4973c63e62
bundles/icinga2: remove icinga_options/downtime_also_for, add host dependencies via icinga_options/also_affected_by
bundlewrap/pipeline/head This commit looks good
2021-04-17 09:21:51 +02:00
4d5e75df68
bundles/icinga2: introduce icinga_options/downtime_also_for
bundlewrap/pipeline/head This commit looks good
2021-04-17 03:43:08 +02:00
6a88040826
bundles/nginx: disable Federated Learning of Cohorts for all hosts
bundlewrap/pipeline/head This commit looks good
2021-04-16 18:36:50 +02:00
bc8050cd3c
bundles/postfix: fix connection limits for smtpd
bundlewrap/pipeline/head This commit looks good
2021-04-11 21:56:37 +02:00
b04a207262
nodes/htz.ex42-1048908: add some blocked email domains
bundlewrap/pipeline/head This commit looks good
2021-04-11 18:20:16 +02:00
f0eb6f0d1b
bundles/vnstat: add favicon to web dashboard
...
bundlewrap/pipeline/head This commit looks good
As requested by sophie
2021-04-11 14:35:49 +02:00
e809ed4859
bundles/vnstat: changes in systemd unit files must trigger daemon-reload
bundlewrap/pipeline/head This commit looks good
2021-04-11 11:18:42 +02:00
dca56140aa
bundles/simple-icinga-dashboard: use systemd-timers, use virtualenv
bundlewrap/pipeline/head This commit looks good
2021-04-11 11:17:09 +02:00
26c2be07cf
bundles/vnstat: adjust vnstati calls for debian bullseye
bundlewrap/pipeline/head This commit looks good
2021-04-11 09:01:58 +02:00
69279ba34f
bundles/postfix: be a bit more relaxed when checking for smtp errors
bundlewrap/pipeline/head This commit looks good
2021-04-10 16:50:16 +02:00
018bdb2f83
bundles/matrix*: better monitoring
bundlewrap/pipeline/head This commit looks good
2021-04-10 16:40:44 +02:00
9618e388c3
bundles/simple-icinga-dashboard: only resolve faults when rendering the template, not earlier
bundlewrap/pipeline/head This commit looks good
2021-04-10 16:33:32 +02:00
36bd6f5755
bundles/simple-icinga-dashboard: config is a toml file now
bundlewrap/pipeline/head There was a failure building this commit
2021-04-10 16:08:52 +02:00
b33ddaadb5
bundles/simple-icinga-dashboard: add replacements
2021-04-10 15:43:37 +02:00
fc7655469f
icinga2: add pretty_name for status page
bundlewrap/pipeline/head This commit looks good
2021-04-10 15:05:29 +02:00
efd2875b17
bundles/c3voc-addons: add sms to NGINX VHOST checks
2021-04-10 15:04:34 +02:00
8b2771cd63
Revert "bundles/systemd-networkd: fix vlan support for bridges and bonds"
...
bundlewrap/pipeline/head This commit looks good
This reverts commit 02146a81d6
.
2021-04-10 13:34:49 +02:00
ef84b3f889
Revert "bundles/systemd-networkd: no need for a specific order in /etc/systemd/network/"
...
bundlewrap/pipeline/head This commit looks good
This reverts commit b679f568eb
.
Documentation says order is irrelevant, but it is not. If we do not use
ordering, vlan interfaces are defined before the parent interfaces, which
leads to systemd-networkd not applying config for the parent interfaces.
2021-04-10 12:22:08 +02:00
0d1a220b7b
bundles/systemd-networkd: generate unique mac address for vlan interfaces
2021-04-10 12:18:23 +02:00
197ebe2e38
bundles/systemd-networkd: add BindCarrier to bridges
bundlewrap/pipeline/head This commit looks good
2021-04-10 11:41:23 +02:00
00d46cb1b1
bundles/pppd: fix typo in restart-pppoe-if-no-public-ip
2021-04-10 09:49:40 +02:00
af6b16cc35
bundles/pppd: fix KeyError in restart-pppoe-if-no-public-ip
bundlewrap/pipeline/head This commit looks good
2021-04-10 09:38:47 +02:00
02146a81d6
bundles/systemd-networkd: fix vlan support for bridges and bonds
2021-04-10 09:18:45 +02:00
24f04e59aa
nodes/voc.pretalx: work around content-security-policy issues
bundlewrap/pipeline/head This commit looks good
2021-04-05 08:18:21 +02:00
aad27851bb
bundles/miniflux: proxy all images
bundlewrap/pipeline/head This commit looks good
2021-04-04 22:16:14 +02:00
e36a352a42
bundles: fix usage of set() vs {}
bundlewrap/pipeline/head This commit looks good
2021-04-04 10:34:55 +02:00
c418102000
bundles/netdata: fix iptables default
2021-04-04 10:30:45 +02:00
513eb4bed6
bundles/mosquitto: add monitoring
bundlewrap/pipeline/head This commit looks good
2021-04-03 09:43:24 +02:00
2027308249
bundles/zfs: fix typo in check_zpool_space
2021-04-03 09:41:17 +02:00
9cbf866de7
bundles/mosquitto: introduce, add to node home.nas
bundlewrap/pipeline/head This commit looks good
2021-04-03 09:36:47 +02:00
f8bbe00d47
overall better handling and usage of exceptions
bundlewrap/pipeline/head This commit looks good
2021-04-02 18:57:13 +02:00
5d5930265a
bundles/postfix: remove print statement
2021-04-02 18:29:33 +02:00
61cf881a03
bundles/pretalx: add bash_alias for manage.py
bundlewrap/pipeline/head This commit looks good
2021-04-02 14:59:56 +02:00
4a3be10add
bundles/apt: fix if in upgrade-and-reboot
2021-04-02 13:40:55 +02:00
a24fb12c21
bundles/apt: introduce restart_triggers (restart services if another service has been upgraded)
bundlewrap/pipeline/head There was a failure building this commit
2021-04-02 08:12:51 +02:00
7ca24d27d3
bundles/apt: add a bit of code to remove old, unused kernel images
2021-04-02 08:11:17 +02:00
8a0c8f32ae
bundles: less Restart=on-failure, more Restart=always
2021-04-02 08:05:33 +02:00
5b276368b8
bundles/wireguard: iptables/bundle_rules should be a list
bundlewrap/pipeline/head This commit looks good
2021-04-01 17:13:24 +02:00
17f9aa9c3e
bundles/icinga2: disable command module
bundlewrap/pipeline/head This commit looks good
2021-04-01 17:12:35 +02:00
c5eb2f4f70
bundles/icinga2: do not send recovery emails
2021-04-01 17:11:42 +02:00
957cac5ebc
bundles/postfix: disable SPAM BLOCKLIST check if relayhost is set
2021-04-01 17:00:53 +02:00
61c6188454
bundles/postfix: mynetworks now supports identifiers
2021-04-01 16:59:49 +02:00
b7222e2cd1
bundles/systemd-networkd: fix typo in routes
bundlewrap/pipeline/head This commit looks good
2021-04-01 16:31:57 +02:00
6e423c24fb
bundles/wireguard: rework metadata.py
bundlewrap/pipeline/head There was a failure building this commit
2021-04-01 16:27:31 +02:00
b679f568eb
bundles/systemd-networkd: no need for a specific order in /etc/systemd/network/
2021-04-01 16:26:06 +02:00
d787f8b0a3
bundles/systemd-networkd: rework routes
2021-04-01 16:25:24 +02:00
b52a196c73
bundles/nginx: add configuration option for client_max_body_size
bundlewrap/pipeline/head This commit looks good
2021-03-30 21:26:25 +02:00
da9fe36646
bundles/pretalx: support installing plugins
2021-03-30 19:52:03 +02:00