Franzi
a8690b13b8
bundles/rspamd: add "unless" to action:rspamd_assure_dkim_key_permissions
bundlewrap/pipeline/head This commit looks good
2021-02-06 19:10:16 +01:00
Franzi
eb431d8da8
bundles/postfix: also set alias_maps
...
bundlewrap/pipeline/head This commit looks good
fixes "warning: dict_nis_init: NIS domain name not set - NIS lookups disabled"
2021-02-06 10:24:19 +01:00
Franzi
457052d42b
bundles/gitea: downloading gitea updates needs stopping it first
2021-02-06 09:43:54 +01:00
Franzi
b6d23aaed4
bundles/sshmon: use own check_cpu_stats script
...
Old script only checked iowait, which is not enough.
2021-02-06 09:38:50 +01:00
Franzi
c185a5bacd
bundles/backup-client: do backups at 23:xx, so it won't interfere with upgrade-and-reboot
...
bundlewrap/pipeline/head This commit looks good
There were still problems with systems starting their backups late in the hour,
but backup servers did upgrade-and-reboot early it the hour. This leads to
incomplete backups, if the machine is rebooting, too.
2021-02-06 09:36:44 +01:00
Franzi
7e15f8adc3
bundles/octoprint: multi-line-output for check_octoprint_update
bundlewrap/pipeline/head This commit looks good
2021-02-02 20:20:11 +01:00
Franzi
8523754935
bundles/users: add vim-keybindings for pane navigation to tmux.conf
2021-01-31 07:59:19 +01:00
Franzi
bdc5b4de33
bundles/transmission: don't overwrite configs managed by transmission
2021-01-30 17:39:34 +01:00
Franzi
71f033b7c2
bundles/icinga2: fix dependencies for svc_systemd:icinga2
...
bundlewrap/pipeline/head This commit looks good
icinga2 runs fine without any checks, so we now only depend on the other
configuration files managed by bw. This will also fix unwanted
dependencies, because 'file:' means *all* files, not only those provided
by this bundle. In the past, it wasn't possible to skip any file,
because that would result in icinga not properly restarting.
2021-01-30 17:31:05 +01:00
Franzi
569275329c
bundles/sshmon: remove INTERNET check
...
bundlewrap/pipeline/head This commit looks good
We're using the internet to check these hosts, so if those hosts
wouldn't have an internet connection, the whole host would be
down, atleast as far as icinga can tell.
2021-01-30 11:47:55 +01:00
Franzi
161aec9314
bundles/powerdnsadmin: use tagged release
bundlewrap/pipeline/head This commit looks good
2021-01-29 18:13:16 +01:00
Franzi
f56852c27d
bundles/postfixadmin: use tagged release
2021-01-29 18:07:57 +01:00
Franzi
fa462fbd0f
bundles/sshmon: use tag_name instead of human-readable name in check_github_for_new_release
2021-01-29 18:04:35 +01:00
Franzi
b3e6063596
bundles/unbound: silence refresh-root-hints cronjob
2021-01-29 17:58:24 +01:00
Franzi
c31066fea8
bundles/mautrix-whatsapp: restart weekly to work around 24/7 connection issues
2021-01-29 17:27:33 +01:00
Franzi
fd421bf6f8
add bundle:redis, add redis support to pretalx
bundlewrap/pipeline/head This commit looks good
2021-01-29 15:58:54 +01:00
Franzi
ce76430b4d
bundles/mautrix-whatsapp: decrease log level to info
bundlewrap/pipeline/head This commit looks good
2021-01-28 15:05:04 +01:00
Franzi
4efcc73f55
bundles/mautrix-whatsapp: ensure we're not using ssl for postgres
bundlewrap/pipeline/head This commit looks good
2021-01-25 22:27:11 +01:00
Franzi
f3d8a1412c
bundles/dovecot: better ssl
bundlewrap/pipeline/head This commit looks good
2021-01-24 18:44:25 +01:00
Franzi
2aaf7cf8f8
bundles/nginx: better ssl
2021-01-24 18:44:13 +01:00
Franzi
614bdf9dec
bundles/basic: support creating additional locales
2021-01-24 07:49:49 +01:00
Franzi
d344664fa1
bundles/basic: fix format for /etc/locale.gen
bundlewrap/pipeline/head This commit looks good
2021-01-23 12:25:32 +01:00
Franzi
6b720c6c75
bundles/postgresql: only deploy packages if we have locales installed
bundlewrap/pipeline/head This commit looks good
2021-01-23 12:06:38 +01:00
Franzi
4a9463db5f
bundles/basic: ensure a proper locale is installed
2021-01-23 12:05:59 +01:00
Franzi
a160e7cf46
bundles/postgresql: improvements
...
bundlewrap/pipeline/head This commit looks good
- support other postgresql versions
- manage configs using bw
2021-01-23 11:35:03 +01:00
Franzi
c41ee0f806
bundles/apt: fix logging for upgrade-and-reboot
2021-01-23 11:32:35 +01:00
Franzi
51101fc615
bundles/sudo: fix mode for /etc/sudoers
bundlewrap/pipeline/head This commit looks good
2021-01-23 09:28:50 +01:00
Franzi
c5109fbfe3
bundles/icinga2: no need to do metadata.copy() here
bundlewrap/pipeline/head This commit looks good
2021-01-23 09:11:18 +01:00
Franzi
717159b61f
bundles/seafile: no need for sms for seafile process, we're already doing http content checks
bundlewrap/pipeline/head There was a failure building this commit
2021-01-23 09:09:30 +01:00
Franzi
63cdd470cf
bundles/c3voc-addons: support cron definition
bundlewrap/pipeline/head This commit looks good
2021-01-19 13:34:23 +01:00
Franzi
0893156723
bundles/c3voc-addons: add upgrade-and-reboot to bundle
bundlewrap/pipeline/head This commit looks good
2021-01-17 18:43:30 +01:00
Franzi
0f0ee046b1
bundles/c3voc-addons: some assertions to make sure we don't conflict with ansible
bundlewrap/pipeline/head This commit looks good
2021-01-17 10:16:23 +01:00
Franzi
1041e092b1
bundles/dhcpd: add bash alias for lease list
2021-01-17 09:12:32 +01:00
Franzi
4f62e25d5e
bundles/c3voc-addons: add nginx vhost monitoring
bundlewrap/pipeline/head This commit looks good
2021-01-17 08:07:21 +01:00
Franzi
3b90426b4d
bundles/pretalx: fix needs for systemd units
bundlewrap/pipeline/head This commit looks good
2021-01-17 08:01:15 +01:00
Franzi
2b0678063c
bundles/pretalx: new version needs to trigger regenerate_css, too
bundlewrap/pipeline/head This commit looks good
2021-01-17 07:59:57 +01:00
Franzi
b5cc8c2c57
bundles/pretalx: add to PORT_MAP.md, allocate a port
bundlewrap/pipeline/head This commit looks good
2021-01-17 07:55:08 +01:00
Franzi
35abb92daf
bundles/icinga2: do not schedule downtimes for hosts which do not do unattended-upgrades
bundlewrap/pipeline/head This commit looks good
2021-01-16 22:31:51 +01:00
Franzi
173746fe9c
bundles/sshmon: ensure sshmon user is able to log in
2021-01-16 22:31:18 +01:00
Franzi
39aabd0546
bundles/backup-server: of course, we need to ignore hosts which have exclude_from_backups set
bundlewrap/pipeline/head This commit looks good
2021-01-16 22:22:51 +01:00
Franzi
ad84f62c0d
bundles/sshmon: do not rely on bundle:users to create sshmon user
bundlewrap/pipeline/head There was a failure building this commit
2021-01-16 22:21:27 +01:00
Franzi
ec8802dd4a
bundles/backup-server: ignore all nodes which don't have bundle:backup-client
2021-01-16 22:12:49 +01:00
Franzi
9f0fc90679
bundles/pretalx: fix wrong metadata key
2021-01-16 22:12:16 +01:00
Franzi
70944d7065
bundles/pretalx: introduce
2021-01-16 22:03:38 +01:00
Franzi
0b9056bd2b
add pseudo-bundle to add configs to c3voc ansible managed hosts
2021-01-16 22:03:03 +01:00
Franzi
8fc0017378
bundles/backup-client: do backups at 00:xx, so it won't interfere with upgrade-and-reboot
bundlewrap/pipeline/head This commit looks good
2021-01-15 15:31:36 +01:00
Franzi
9854fc9dbc
bundles/hostname: also set motd
2021-01-15 15:29:49 +01:00
Franzi
db3a15310c
bundles/letsencrypt: fix concat_and_deploy comment
bundlewrap/pipeline/head This commit looks good
2021-01-10 10:48:19 +01:00
Franzi
659e35686e
bundles/iptables: removing rule files should also trigger iptables-enforce
bundlewrap/pipeline/head This commit looks good
2021-01-09 14:02:50 +01:00
Franzi
4f6b57676a
bundles/systemd-networkd: LACPTransmitRate=fast
bundlewrap/pipeline/head This commit looks good
2021-01-09 12:52:03 +01:00
Franzi
00fd1df67a
bundles/wide-dhcp6c: stop, then start, instead of restart
2021-01-09 12:51:37 +01:00
Franzi
8e54d6eb23
add monitoring for freifunk nodes
bundlewrap/pipeline/head This commit looks good
2021-01-09 11:03:23 +01:00
Franzi
19dd29e847
bundles/transmission: also allow tcp peer-port
bundlewrap/pipeline/head This commit looks good
2021-01-08 17:06:26 +01:00
Franzi
33b85ff0de
bundles/transmission: add bundle, add to home.downloadhelper
bundlewrap/pipeline/head This commit looks good
2021-01-08 17:00:08 +01:00
Franzi
dca13263e2
bundles/systemd-networkd: add option for setting static routes
2021-01-08 16:09:59 +01:00
Franzi
17510b783c
bundles/nfs-client: do start automount units. Previous comment was wrong.
bundlewrap/pipeline/head This commit looks good
2021-01-07 22:15:57 +01:00
Franzi
fb42f9e667
bundles/dhcpd: catch keyerrors for nodes which do dhcp in unmanaged networks
2021-01-07 22:14:17 +01:00
Franzi
2d42e5f7dd
update bw to 4.3, add .provides() to metadata reactors
bundlewrap/pipeline/head This commit looks good
2021-01-07 18:44:38 +01:00
Franzi
7f0fb7a6e2
bundles/influxdb: remove
2021-01-07 18:28:08 +01:00
Sophie Schiller
2ba4946975
update letsencrypt hashes
bundlewrap/pipeline/head This commit looks good
2021-01-06 13:18:44 +01:00
Franzi
ec13a1edaa
bundles/simple-icinga-dashboard: repo is public now
bundlewrap/pipeline/head This commit looks good
2021-01-03 09:56:51 +01:00
Franzi
03d3ab6e9d
bundles/{netdata,nginx,unbound}: fix iptables rules (should also create ip6tables rules)
bundlewrap/pipeline/head There was a failure building this commit
2021-01-02 16:19:55 +01:00
Franzi
e8d131b041
add simple-icinga-dashboard on status.franzi.business
...
bundlewrap/pipeline/head There was a failure building this commit
fixes #20
2021-01-02 14:47:11 +01:00
Franzi
2ebf7ec32b
bundles/mautrix-whatsapp: disable log timestamps, journal takes care of that
bundlewrap/pipeline/head This commit looks good
2021-01-02 14:01:26 +01:00
Franzi
b8bcc6c499
bundles/mautrix-whatsapp: only log to journal
bundlewrap/pipeline/head This commit looks good
2021-01-02 13:59:47 +01:00
Franzi
8752299e61
bundles/icinga2: add hostgroup for hosts which send SMS
bundlewrap/pipeline/head This commit looks good
2021-01-02 12:58:52 +01:00
Franzi
4f57a6c0e3
icinga2: more checks should send sms
bundlewrap/pipeline/head This commit looks good
2021-01-02 12:26:37 +01:00
Franzi
10fd67a0fd
bundles/systemd-networkd: fix LACP options
...
bundlewrap/pipeline/head This commit looks good
fixes #25 , hopefully
2021-01-02 11:00:10 +01:00
Franzi
f329373a4a
bundles/systemd-networkd: remove settings from bond.netdev
...
bundlewrap/pipeline/head This commit looks good
Why the fuck doesn't this work like it's written in the documentation?
2021-01-01 22:00:50 +01:00
Franzi
16ea6ce0d5
bundles/systemd-networkd: disable STP on bridges
2021-01-01 21:59:21 +01:00
Franzi
48fc341137
bundles/backup-client: add monitoring for backups
2021-01-01 13:59:42 +01:00
Franzi
3e1d3b483e
bundles/mautrix-whatsapp: use -a for check_procs
bundlewrap/pipeline/head This commit looks good
2020-12-31 12:31:14 +01:00
Franzi
fede30c2cc
bundles/mautrix-whatsapp: introduce
2020-12-31 12:18:34 +01:00
Franzi
914889da6c
bundles/vmhost: add option to exclude VM from monitoring
bundlewrap/pipeline/head This commit looks good
2020-12-29 10:18:16 +01:00
Franzi
62d7baa3ec
bundles/icinga2: admins shall receive all notifications
bundlewrap/pipeline/head This commit looks good
2020-12-27 09:09:40 +01:00
Franzi
d72c43083d
nodes/rx300: set proper lldp hostname
bundlewrap/pipeline/head This commit looks good
2020-12-25 14:45:41 +01:00
Franzi
ca7f3ed4a6
bundles/octoprint: fix typo in check_octoprint_update
bundlewrap/pipeline/head This commit looks good
2020-12-23 12:38:44 +01:00
Franzi
e40f88aa69
bundles/unbound: only start unbound after pppoe.service has been started ( fixes #23 )
bundlewrap/pipeline/head This commit looks good
2020-12-23 10:50:54 +01:00
Franzi
275249481f
bundles/octoprint: display version in update check, remove error states (we're monitoring this separately)
bundlewrap/pipeline/head This commit looks good
2020-12-23 10:43:13 +01:00
Franzi
d2be654206
bundles/unbound: enable prefetching
2020-12-22 09:24:10 +01:00
Franzi
5e45efb7ae
bundles/unbound: better caching
2020-12-22 09:22:37 +01:00
Franzi
5935aed0db
bundles/{netdata,pppd,radvd,vmhost,vnstat,wide-dhcp6c}: add monitoring
bundlewrap/pipeline/head This commit looks good
2020-12-21 09:50:15 +01:00
Franzi
0b52f8e7e6
bundles/icinga2: allow limiting permissions for api users
2020-12-20 09:33:17 +01:00
Franzi
da4b139095
bundles/{radvd,wide-dhcp6c}: remove metadata key integrate-with-pppd
bundlewrap/pipeline/head This commit looks good
2020-12-18 16:30:17 +01:00
Franzi
6045debe9e
bundles/nginx: check ssl certificates
bundlewrap/pipeline/head This commit looks good
2020-12-18 13:28:08 +01:00
Franzi
5f5c3d5207
bundles/icinga2: admins shall receive more notifications
bundlewrap/pipeline/head This commit looks good
2020-12-18 08:24:19 +01:00
Franzi
958f5893e6
bundles/zfs: adjust warning period for check_zfs_old_snapshots
2020-12-18 08:23:42 +01:00
Franzi
487e4d0df6
bundles/rspamd: add missing }
2020-12-18 08:21:56 +01:00
Franzi
e81fcafe7a
bundles/powerdns: fix dependencies
bundlewrap/pipeline/head There was a failure building this commit
2020-12-18 06:41:24 +01:00
Franzi
63d455d242
bundles/rspamd: fix dependencies
2020-12-18 06:41:05 +01:00
Franzi
65db8b1625
bundles/systemd-networkd: faster miimon
2020-12-18 06:33:05 +01:00
Franzi
ecb7a93073
bundles/pppd: silence restart-pppoe-if-no-public-ip
2020-12-18 06:32:18 +01:00
Franzi
e33af1c845
bundles/unbound: refresh root-hint.txt once a week
2020-12-13 15:22:19 +01:00
Franzi
9c6fe48859
bundles/unbound: add netdata config
bundlewrap/pipeline/head This commit looks good
2020-12-13 15:17:19 +01:00
Franzi
3eeb253e55
bundles/unbound: introduce, add to nodes
bundlewrap/pipeline/head This commit looks good
2020-12-13 14:59:44 +01:00
Franzi
c5e43188ca
bundles/radvd: support not announcing a nameserver
2020-12-13 14:59:10 +01:00
Franzi
057d4f0c4c
bundles/dovecot: autoexpunge Trash older than 360 days
bundlewrap/pipeline/head This commit looks good
2020-12-13 11:55:28 +01:00
Franzi
18c56cce9a
bundles/dovecot: do not auto-subscribe to junk mailbox
2020-12-13 11:54:55 +01:00
Franzi
58d99eb402
bundles/systemd: configure journald
bundlewrap/pipeline/head This commit looks good
2020-12-12 10:39:57 +01:00
Franzi
cf4d0c1ca6
bundles/powerdnsadmin: ensure permissions of powerdnsadmin static directory
bundlewrap/pipeline/head This commit looks good
2020-12-10 22:18:04 +01:00
Franzi
