2b06c77439
bundles/pppd: allow dynamic configuration of nftables rules
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-14 16:18:11 +01:00
0101e0c92d
bundles/nftables: store rules in dedicated files instead of nftables.conf
kunsi/bundlewrap/pipeline/pr-main This commit looks good
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-14 15:27:30 +01:00
74f5b25f0d
various fixes, remove some TODOs
2021-11-27 10:40:20 +01:00
f02088d9fe
nodes/home.router: enable wg_health_check
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-14 09:02:29 +02:00
b7482008df
home.router: add hosts entry for wireguard box
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-30 06:48:22 +02:00
13057d6f76
home.router: remove openvpn client
2021-09-29 20:36:34 +02:00
89f91f3857
nodes: add bird to wireguard nodes
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-29 19:47:14 +02:00
ece7b343f9
nodes/home.router: disable sms alerts for now
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-22 07:14:47 +02:00
bd10dc578f
bundles/pppd: refactor check_dyndns_update
...
kunsi/bundlewrap/pipeline/head There was a failure building this commit
We don't care about what the DNS provider said when updating the ip
address. The only thing we care about is wether the current external ip
of the system matches the resolved ip address.
2021-08-14 08:00:43 +02:00
77f785135d
groups/home: add icinga host dependencies
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 09:21:43 +02:00
72d4826dbb
remove bundle:netdata - we have telegraf and grafana now
bundlewrap/pipeline/head This commit looks good
2021-06-05 13:28:25 +02:00
95856a2c2d
add bundle:sysctl
2021-06-04 07:28:26 +02:00
d569b00960
modify nodes and bundles for new nftables syntax
2021-06-03 13:59:36 +02:00
a6434bd8d0
create dedicated user for kunsi work laptop
2021-06-01 16:55:16 +02:00
d51cded72d
nodes/home.router: use debian buster nginx repo for now
bundlewrap/pipeline/head This commit looks good
2021-05-15 06:58:42 +02:00
a8e07c62c3
nodes/home.router: add ssl to vnstat nginx vhost
2021-04-25 09:10:05 +02:00
1360a36a95
nodes/home.router: poll switch and usv more often
2021-04-24 14:58:09 +02:00
e5c49ab172
nodes/home.router: add snmp plugin to telegraf
bundlewrap/pipeline/head This commit looks good
2021-04-24 14:32:27 +02:00
24362768fb
bundles/dhcpd: rework metadata
bundlewrap/pipeline/head This commit looks good
2021-04-20 18:18:17 +02:00
4973c63e62
bundles/icinga2: remove icinga_options/downtime_also_for, add host dependencies via icinga_options/also_affected_by
bundlewrap/pipeline/head This commit looks good
2021-04-17 09:21:51 +02:00
ac58f2a10c
nodes/home.router: fix dhcp config for dmz
2021-04-10 12:09:24 +02:00
3a7d612c7a
nodes/home.router: update to bullseye
2021-04-10 09:20:34 +02:00
68b8cf28d3
nodes/home.{nas,router}: fix firewall for netdata and nginx
bundlewrap/pipeline/head This commit looks good
2021-04-04 11:30:50 +02:00
6e423c24fb
bundles/wireguard: rework metadata.py
bundlewrap/pipeline/head There was a failure building this commit
2021-04-01 16:27:31 +02:00
087bc4c669
nodes: iptables for all
bundlewrap/pipeline/head This commit looks good
2021-03-21 11:44:52 +01:00
5775001301
bundles/postfix: add iptables config
2021-03-21 11:11:49 +01:00
9e1685531c
nodes/home.router: add iptables rule for mail
bundlewrap/pipeline/head This commit looks good
2021-03-15 11:48:35 +01:00
3fcd81960e
bundles/postfix: allow configuring mynetworks
bundlewrap/pipeline/head This commit looks good
2021-03-15 11:41:35 +01:00
f6ecf2a465
bundles/nfs-client: support arch linux
bundlewrap/pipeline/head This commit looks good
2021-03-11 15:24:06 +01:00
f57681b098
nodes: move wireguard stuff to 172.19.136.0/25
bundlewrap/pipeline/head This commit looks good
2021-03-07 14:39:04 +01:00
74d81eb7ba
bundles/nginx: support disabling ssl for each vhost individually
bundlewrap/pipeline/head This commit looks good
2021-02-20 14:25:27 +01:00
56ff2a794f
nodes/home.router: enable sms notifications for monitoring
2021-02-19 14:46:29 +01:00
debabe85b0
nodes/home.router: add dhcp and ipv6 to DMZ
2021-02-19 12:02:46 +00:00
5c1eba0d58
bundles: use a common metadata key for firewall restrictions, use repo.libs.tools.resolve_identifier()
bundlewrap/pipeline/head This commit looks good
2021-02-15 14:16:35 +01:00
6527c985a7
nodes/home.router: add wg0 to allowed interfaces for netdata and nginx
bundlewrap/pipeline/head This commit looks good
2021-02-14 21:42:50 +01:00
ed325848ab
nodes/home.router: refine forwarding rules for enp1s0.23
bundlewrap/pipeline/head This commit looks good
2020-12-31 22:30:10 +01:00
1a9fadce70
nodes/home.router: allow ICMP and SSH via IPv6 to all hosts behind this router
bundlewrap/pipeline/head This commit looks good
2020-12-31 21:28:15 +01:00
da4b139095
bundles/{radvd,wide-dhcp6c}: remove metadata key integrate-with-pppd
bundlewrap/pipeline/head This commit looks good
2020-12-18 16:30:17 +01:00
3eeb253e55
bundles/unbound: introduce, add to nodes
bundlewrap/pipeline/head This commit looks good
2020-12-13 14:59:44 +01:00
2c062761e3
nodes/home.router: add work ssh keys
2020-12-12 09:12:26 +01:00
41ff060e99
nodes/home.router: fix restart_pppd cronjob
2020-12-12 09:12:05 +01:00
bd217f0666
bundles/pppd: automatically restart pppoe (once per hour) if no public ip address can be found
bundlewrap/pipeline/head There was a failure building this commit
2020-12-10 16:14:17 +01:00
b80c0b12fe
home.router: add c3voc vpn
2020-12-08 17:45:30 +01:00
8a1a1bd8fd
home.router: sort metadata
2020-12-06 19:52:32 +01:00
58ca3fa9ae
bundles/wireguard: add netdev and network files, add iptables rules
bundlewrap/pipeline/head This commit looks good
2020-11-21 15:38:38 +01:00
63fd31c226
bundles/icinga2: support specifying an alternative host for checks
bundlewrap/pipeline/head This commit looks good
2020-11-21 10:58:57 +01:00
daa90a4668
move groups around
2020-11-21 10:55:09 +01:00
7d78ac9db8
bundles/vnstat: add flag to generate statistics images, add to home.router
bundlewrap/pipeline/head This commit looks good
2020-11-16 17:07:05 +01:00
88dd587fb4
bundles/vnstat: introduce, add to home.router
2020-11-16 16:33:26 +01:00
f6dafbc78e
nodes/home.router: use default settings for dhcp lease times
2020-11-15 11:58:55 +01:00