Commit graph

1209 commits

Author SHA1 Message Date
fc0495f13a
bundles/rspamd: dkim key can be a string, too 2021-07-17 16:18:18 +02:00
61062c8312
bundles/matrix-dimension: disable update check until there are releases
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
... we're using 'master' for now.
2021-07-17 13:06:49 +02:00
32c0ad3bd6
bundles/matrix-synapse: auto-configure nginx vhost
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 12:38:04 +02:00
ff526a7f7f Merge pull request 'matrix-dimension' (#44) from matrix-dimension into main
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
Reviewed-on: #44
2021-07-17 09:58:18 +00:00
6a144cf991
bundles/users: add option to enable lingering
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 11:33:43 +02:00
ce9f6dd7ba
bundles: add zfs dataset to bundles 2021-07-17 10:17:39 +02:00
337b660f5a
bundles/matrix-synapse: ensure matrix-synapse does not mess with our homeserver.yaml
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 09:32:49 +02:00
cbeb42c8ae
bundles/matrix-media-repo: add zfs 2021-07-17 09:12:11 +02:00
1086ed28c3
items/zfs_dataset: add automatic dependency for all files, directories and git_deploy of a dataset 2021-07-17 09:10:56 +02:00
Sophie Schiller
58691904fc bw/matrix-dimension repair syntax errors 2021-07-17 01:09:33 +02:00
Sophie Schiller
d076384ead bw/matrix-dimension remove unneeded metadata 2021-07-17 01:09:33 +02:00
Sophie Schiller
6ceb47a92e bw/matrix-dimension get all the things 2021-07-17 01:09:33 +02:00
Sophie Schiller
2b1c53e47a bw/matrix-dimension disable logfile 2021-07-17 01:09:33 +02:00
Sophie Schiller
aa639dc913 bw/matrix-dimension switch to generic vhost name 2021-07-17 01:09:33 +02:00
Sophie Schiller
71a1a4d59b bw/matrix-dimension enable process monitoring 2021-07-17 01:09:33 +02:00
Sophie Schiller
f40036422f bw/matrix-dimensions fix typos 2021-07-17 01:09:33 +02:00
Sophie Schiller
568a73efaf bw/matrix-dimension switch listening port 2021-07-17 01:09:33 +02:00
Sophie Schiller
9fb5293c80 bw/matrix-dimension switch to dedicated user 2021-07-17 01:09:33 +02:00
Sophie Schiller
ebee3b3de5 bw/matrix-dimension witespaaaaaaaace 2021-07-17 01:09:33 +02:00
Sophie Schiller
8ee59cd036 bundle/matrix-dimension enable backups 2021-07-17 01:09:33 +02:00
Sophie Schiller
a5b6250c86 bw/bundle matrix-dimension this might actually work 2021-07-17 01:09:33 +02:00
Sophie Schiller
c52482e98b bw/bundle matrix-dimension add first draft 2021-07-17 01:09:33 +02:00
6022bac0ef
have more bundles provide nginx metadata for themselves 2021-07-16 14:20:01 +02:00
9e305fc854
bundles/element-web: fix nginx webroot path
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-15 18:44:02 +02:00
f7098b0d35
bundles/element-web: move to /opt (and zfs, if we have that) 2021-07-15 18:40:48 +02:00
133627ace2
bundles/unbound: prefer ipv4 if using pppoe
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-13 20:51:58 +02:00
3c2f245b71
bundles/mx-puppet-discord: remove "Discord" in room name for now
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-11 16:38:59 +02:00
72f148425a
bundles/jenkins-ci: add ssh keys and config
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-11 15:47:45 +02:00
0a14d46cf2
bundles/jenkins: add zfs dataset 2021-07-11 15:29:42 +02:00
8da40eab67
nodes/rx300: add php 8.0 2021-07-11 15:23:49 +02:00
a66d9c5765
bundles/mx-puppet-discord: add (Discord) to room and user names
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-11 12:29:05 +02:00
b193971625
bundles/postfix: fix some needed files not being present in chroot on arch
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-10 16:16:56 +02:00
8f4db6f2ba
bundles/postfix: install pkg_pacman:s-nail 2021-07-10 15:59:03 +02:00
3351767d56
add bundle:check-mail-received
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-10 14:22:19 +02:00
6c9809b165
bundles/grafana: add guest cpu time to cpu graph
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-10 10:05:26 +02:00
6a4b24c0f2
fix git urls in repo
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-09 17:27:12 +02:00
1927837205
bundles/gitea: add /var/lib/gitea to backups 2021-07-09 16:22:37 +02:00
9bf0b8a0b0
bundles/gitea: use zfs datasets for all data 2021-07-09 16:22:10 +02:00
82dd354f92
bundles/gitea: fix permissions for /home/git/.ssh 2021-07-09 16:15:38 +02:00
95c5e0b6ea
bundles/gitea: use generic vhost name 2021-07-09 15:55:31 +02:00
3c23de4dfa
bundles/grafana: fix nginx vhost config
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-04 20:10:19 +02:00
9021c6f853
bundles/grafana: fix permissions for some files and directories
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-04 20:06:35 +02:00
cbc0a1a927
nodes/htz.ex42-1048908: fix X-Forwarded-For header for matrix-media-repo
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-04 20:03:22 +02:00
b5ab21549d
bundles/nginx: rename 'proxy' metadata to 'locations', support more generic options, move extras files to metadata
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-04 19:28:03 +02:00
c87a8e2f15
bundles/pretalx: use pip install -e for locally existing code
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-02 18:45:59 +02:00
e091adaa64
bundles/nginx: increase buffer sizes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-02 18:21:57 +02:00
9c1b4f5dbe
move travelynx.franzi.business to rx300
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-02 16:15:31 +02:00
8ef6522ead
bundles/travelynx: needs directory to git_deploy into 2021-07-02 15:48:48 +02:00
f9e2715b30
bundles/systemd-networkd: removal of unmanaged files must also trigger restart of systemd-networkd 2021-07-02 15:03:47 +02:00
7ac7c1a2b7
bundles/cron: ensure cron is installed and running 2021-07-02 06:36:51 +02:00
9816da4f85
bundles/postgresql: only install postgresql-server-dev-* if needed 2021-07-01 18:22:38 +02:00
210ae8dd2e
bundles/zfs: debian bullseye does not need zfs from backports 2021-07-01 18:19:24 +02:00
686aa533e8
bundles/grafana: change logBase for nginx timing dashboard
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-01 16:34:17 +02:00
d32f675de7
bundles/miniflux: use vhost with generic name 2021-07-01 16:04:56 +02:00
68e79b4883
bundles/nginx: only add well-known alias for vhosts which use letsencrypt 2021-07-01 16:04:46 +02:00
20f4c182ad
bundles/pacman: ensure we have run-parts
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-30 06:22:06 +02:00
7f27762054
bundles/zfs: report *used*, not free storage space 2021-06-29 15:18:31 +02:00
f01e24f995
bundles/postgresql: wait 10s after restarting 2021-06-29 14:23:51 +02:00
7b00e7484e
fix monitoring for arch linux hosts
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-28 19:59:54 +02:00
dfbdbe73bd
bundles/icinga2: only nodes which have bundle:apt have unattended-upgrades (for now) 2021-06-28 19:48:05 +02:00
450fb3f87a
bundles/kodi: do not install libcec4
All checks were successful
bundlewrap/pipeline/head This commit looks good
It's not available in bullseye (but libcec6), but we don't need it
anyway, because we're not using cec here.
2021-06-27 07:17:05 +02:00
cd6e4b9767
bundles/influxdb2: disable atime for zfs dataset
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-26 08:19:55 +02:00
2193e0ca53
bundles/grafana: fix units for zfs panels
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-25 20:16:13 +02:00
7d4a99344b
bundles/zfs: enable autotrim on debian bullseye and above
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-25 20:05:35 +02:00
1c10be5cdc
bundles/zfs: add per-dataset metrics 2021-06-25 20:04:30 +02:00
9cc324f84c
bundles/backup-server: enable compression for backups 2021-06-25 20:04:10 +02:00
a793bb5fc1
bundles/zfs: rename zfs_arc_max_mb to zfs_arc_max_gb
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-25 18:39:06 +02:00
Sophie Schiller
b949ba3e72 bw/home.kodi-wohnzimmer update to bullseye
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-23 18:07:43 +02:00
68865895e5
bundles/grafana: set decimals=0 for fan speed info 2021-06-19 14:18:30 +02:00
8d331b0086
bundles/nginx: always use first of month for security.txt expiry
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-19 08:49:10 +02:00
fc5e163fb9
bundles/miniflux: use health check endpoint
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-12 10:11:17 +02:00
05670ac2bb
bundles/icinga2: less code for icinga statusmonitor
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-11 16:49:12 +02:00
455d4d7551
bundles/sshmon: fix occasional KeyErrors in check_cpu_stats
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-06 17:59:58 +02:00
94dba9139b
bundles/mosquitto: rewrite tasmota-telegraf-plugin using paho-mqtt library
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-06 15:17:34 +02:00
fa4fe51155
bundles/backup-client: do logging
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-06 08:05:41 +02:00
82d2e5b416
bundles/grafana: hide empty/zero values in lm-sensors dashboard row
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-05 21:39:48 +02:00
840d8228ed
bundles/grafana: fix line width for lm-sensors dashboard row
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-05 15:58:00 +02:00
db83b1614b
bundles/nginx: add anonymous timing logging for http requests
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-05 15:53:02 +02:00
72d4826dbb
remove bundle:netdata - we have telegraf and grafana now
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-05 13:28:25 +02:00
91cf6cd1e5
move lm-sensors to its own bundle, add to hardware systems 2021-06-05 12:23:09 +02:00
5dde5d1642
bundles/apt: no --force-confdef in unattended upgrades
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-05 11:13:51 +02:00
6138db1089
bundles/matrix-synapse: no statistics 2021-06-05 11:13:19 +02:00
ff85191bbe
bundles/radvd: fix typo
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-04 07:28:40 +02:00
95856a2c2d
add bundle:sysctl 2021-06-04 07:28:26 +02:00
8d21e15106
bundles/pppd: restart nftables if it isn't running 2021-06-04 07:20:59 +02:00
1fbc08f74b
bundles/nginx: add a default security.txt to all vhosts
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-03 18:57:25 +02:00
0a7e5bcdcd
move default values to libs/defaults 2021-06-03 18:27:45 +02:00
5369490b79
bundles/postfix: fix spam blocklist timeout 2021-06-03 14:31:03 +02:00
5c83287057
EOL bundle:iptables
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-03 13:59:50 +02:00
d569b00960
modify nodes and bundles for new nftables syntax 2021-06-03 13:59:36 +02:00
ecb67d012b
bundles/nftables: introduce 2021-06-03 13:57:50 +02:00
faf27a3940
bundles/nfs-server: support using node names for shares
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-03 07:45:56 +02:00
09397e2597
bundles/users: fix adding of non-admin users 2021-06-01 16:53:29 +02:00
47c18913ca
bundles/pacman: install htop 2021-06-01 16:53:14 +02:00
fba83415c7
bundles/letsencrypt: prepare for arch linux 2021-06-01 16:52:52 +02:00
cf3c45fdd5
bundles/nginx: prepare for arch linux 2021-06-01 16:52:03 +02:00
6b90d568cf
bundles/postfix: use dig in check_spam_blocklist instead of a python library
All checks were successful
bundlewrap/pipeline/head This commit looks good
The library isn't available as a debian package, so we would have to
manually install that every time the python package updates its minor
version number.
2021-05-29 09:29:40 +02:00
3468b719ed
bundles/nginx: default vhost always supports letsencrypt 2021-05-24 19:19:10 +02:00
Sophie Schiller
1461cf2827 bw/home.paperless-sophie add sophie's paperless host
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-24 19:04:59 +02:00
6bfcd87976
bundles/paperless-ng: ensure we have static files
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-24 15:02:04 +02:00
Sophie Schiller
9a60d36a03 scan bright colors
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-24 11:01:13 +02:00
5d4ca086e6
bundles/scansnap: do ocr in a separate process to speed up scanning
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-24 10:24:01 +02:00
d193ec8ef3
bundles/paperless: set some options 2021-05-24 10:23:19 +02:00
df3e18b476
bundles/paperless: fix media path
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-23 18:41:56 +02:00
22c98a4206
nodes/home.paperless: introduce
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-23 17:41:19 +02:00
3a44a9fbfb
bundles/vmhost: only install qemu-kvm for debian buster and older
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-23 14:54:47 +02:00
46f7aa93ef
bundles: fix dependencies 2021-05-23 14:54:24 +02:00
8dc66421c0
bundles/basic: don't rewrite /etc/locale.gen every time 2021-05-23 14:53:45 +02:00
5a182fadef
make some bundles arch-compatible, more default packages for arch 2021-05-23 14:36:16 +02:00
97cbef06a2
bundles/grafana: remove derivative from temperature and fan graphs
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-20 06:51:10 +02:00
8568298a4e
bundles/grafana: make sure we have backups of the grafana database
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-19 20:56:34 +02:00
e54135b014
bundles/telegraf: it's "command" for execd, not "commands", because ... who knows
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-19 20:50:18 +02:00
df192e543b
bundles/transmission: add telegraf statistics
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-05-19 20:12:52 +02:00
3b3bdeecab
bundles/pacman: add lm_sensors to telegraf, add dashboard row 2021-05-19 18:46:22 +02:00
9e07af289e
bundles/scansnap: don't try to delete output directory
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-19 06:35:18 +02:00
3e9c28b8ae
bundles/zfs: no 'set -e' in backup-pre-hook
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-16 07:53:27 +02:00
976aa251d1
bundles/zfs: actually unmount snapshots before trying to destroy them
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-16 07:43:31 +02:00
479b730be4
bundles/zfs: introduce zfs-snapshot-backups, enable backups for nodes which need zfs-snapshot-backups
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-15 20:32:23 +02:00
25b305bddf
bundles/mosquitto: fix .provides()
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-15 08:58:15 +02:00
32826ed131
bundles/mosquitto: add telegraf stats for tasmota devices
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-05-15 08:52:37 +02:00
eb6ae208cb
bundles/grafana: fix file system permissions
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-15 07:33:21 +02:00
d9595ad8e6
bundles/icinga2: fix typo in check_usv_snmp 2021-05-15 07:28:15 +02:00
07c3d93e7d
bundles/miniflux: make sure to restart process if it crashes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-15 06:50:11 +02:00
8e45b93b78
bundles/powerdnsadmin: yarn isn't installed globally any more
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-14 20:15:49 +02:00
Sophie Schiller
d3c9550463 bundle/postgresql add dependencies, remove redundant config 2021-05-14 20:06:42 +02:00
Sophie Schiller
a656eb7eb3 bundle/nodejs remove yarn install 2021-05-14 20:05:04 +02:00
Sophie Schiller
88cfbc0699 bundle/matrix-synapse update dependencies, improve postgres database
creation
2021-05-14 20:03:56 +02:00
Sophie Schiller
bd19749971 bundle/matrix-media-repo update dependencies and needs 2021-05-14 20:02:39 +02:00
Sophie Schiller
3c5e778016 bundle:/element-web install yarn from npm instead of apt 2021-05-14 20:01:19 +02:00
459c7731cb
bundles/backup-client: use --compress-level=1 instead of -z 2021-05-14 10:47:58 +02:00
7775f33679
bundles/apt: move patchday to 21:00 UTC 2021-05-13 09:10:33 +02:00
fab9a41024
bundles/c3voc-addons: use new way of doing updates, too
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-11 06:21:42 +02:00
276bd6ae8d
bundles/apt: rework upgrade-and-reboot mechanics to be more robust
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-08 08:31:04 +02:00
c976be62d7
bundles/grafana: only refresh managed dashboards every minute
All checks were successful
bundlewrap/pipeline/head This commit looks good
After all, we're only getting data every minute, so there's no point
in refreshing more often.
2021-05-02 19:57:32 +02:00
c1b1dc1a29
bundles/grafana: add support for custom managed dashboards 2021-05-02 17:49:40 +02:00
fe668fd5d4
bundles/grafana: add "traffic per interface" graphs, fix naming of values
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-02 15:01:22 +02:00
0f387102b3
bundles/postgresql: do not collect metrics for telegraf database
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-02 14:01:26 +02:00
ada87897a4
bundles/grafana: add wireguard graphs 2021-05-02 13:55:41 +02:00
40160fb25a
bundles: remove telegraf metrics from systemd-networkd and icinga2 2021-05-02 13:18:35 +02:00
3b1d1f7e94
add postgresql metrics to telegraf/grafana
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-02 13:09:01 +02:00
1bc47fa231
bundles/grafana: fix y axis for disk iops graph
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-02 12:07:49 +02:00
ae0bb8ed58
bundles/postfix: rework exporter for better usability 2021-05-02 12:06:53 +02:00
9b9465502a
bundles/grafana: add postfix graph
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-02 11:55:34 +02:00
0b972bc464
bundles/grafana: add nginx
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-02 11:34:55 +02:00
b299edbef4
bundles/grafana: add "free" to memory row
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-02 11:05:01 +02:00
68fed2439d
bundles/apt: fix "set -x" call
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-02 10:45:21 +02:00
c548a88ee7
bundles/grafana: introduce, add to htz-cloud.influxdb 2021-05-02 10:44:50 +02:00
1a1ea721d9
bundles/telegraf: also work for arch linux systems 2021-05-02 07:32:54 +02:00
8c276b53a6
nodes/home.nas: enable x11 forwarding for admins
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-01 15:18:21 +02:00
75fea7aa34
bundles/gitea: add a ssh key, enable git hooks for htz.ex42-1048908
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-01 14:27:31 +02:00
8a95dfa90a
nodes/home.downloadhelper: restrict lldp to vlan 42
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-01 10:05:24 +02:00
3de85e6717
bundles/webfs: introduce 2021-04-30 19:40:45 +02:00
30efde6eb3
bundles/apt: remove unneeded if
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-30 13:30:10 +02:00
b235519ecf
bundles/apt: "set -xeuo pipefail" for upgrade-and-reboot
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-30 12:51:09 +02:00
8fd83241ca
bundles: ensure apt/repos/*/items is a set 2021-04-30 12:49:59 +02:00
44d42de81c
bundles/nginx: only redirect to ssl for sites which actually have ssl enabled
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-25 09:20:16 +02:00
d98a1adfd9
bundles/ssl: support using a preexisting ssl certificate 2021-04-25 09:09:23 +02:00
019d658442
bundles/icinga2: add check_usv_snmp
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-25 08:02:04 +02:00
ffd899534a
bundles/telegraf: use node.metadate.get() everywhere
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-24 14:51:01 +02:00
e9ce0ce869
bundles/systemd-networkd: add missing key to .provides()
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-24 12:38:51 +02:00
966ee7dae9
bundles/unbound: set correct statistics interval 2021-04-24 12:00:09 +02:00
a9692317d2
bundles/telegraf: temporarily hardcode a repo path
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-04-24 11:47:28 +02:00
6772b3b5d0
bundles: various fixes for telegraf plugins
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-04-24 11:45:58 +02:00
a980e22ecb
bundles/telegraf: support requesting additional capabilities and/or groups 2021-04-24 11:44:55 +02:00
dc0695e38f
bundles/influxdb: introduce 2021-04-24 10:17:56 +02:00
c97d9ab948
bundles/postfix: use own postqueue exporter 2021-04-24 10:17:05 +02:00
76f46ca7d5
bundles/telegraf: add sudoers file 2021-04-24 10:12:56 +02:00
2432075f9a
bundles/telegraf: ensure telegraf is running, restart on config changes 2021-04-24 10:05:52 +02:00
f58e66f701
bundles/c3voc-addons: make sure we're not accidentially overwriting c3voc telegraf config 2021-04-24 09:44:31 +02:00
2667a2c00d
libs: replace libs.toml.dict_to_toml with libs.faults.resolve_faults
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-24 09:39:08 +02:00
a37d31973a
bundles: add some telegraf plugins 2021-04-24 09:14:25 +02:00
5e0541aef8
bundles/telegraf: introduce 2021-04-24 09:14:21 +02:00
ebb6d287b2
bundles/icinga2: add node name to automatic downtime comment
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-23 14:30:34 +02:00
8b14575657
bundles/postgresql: add metadata keys for some performance related config options 2021-04-23 14:02:04 +02:00
616feb54b2
bundles/sshmon: fix an issue where check_mounts couldn't properly detect systemd mount units 2021-04-23 14:01:24 +02:00
c0ff320281
bundles/scansnap: set proper permissions for /srv/scansnap 2021-04-21 18:25:37 +02:00
c79b3f77c2
bundles/scansnap: cleanup old scans 2021-04-21 18:20:47 +02:00
0c0a8e6263
bundles/scansnap: chown files to nobody-nogroup 2021-04-21 18:18:27 +02:00
b5fb5dd6c2
bundles/scansnap: introduce, add to home.nas 2021-04-21 17:58:16 +02:00
5e49e3204b
bundles/nfs-server: sort shares 2021-04-21 17:56:53 +02:00
24362768fb
bundles/dhcpd: rework metadata
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-20 18:18:17 +02:00
12c04cf3be
bundles/users: some more bash config 2021-04-19 20:39:57 +02:00
8536e87475
bundles/systemd-networkd: some more dhcp settings
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-18 11:05:42 +02:00
51ee9be424
bundles/radvd: advertise atleast every 30 seconds 2021-04-18 11:05:10 +02:00
4973c63e62
bundles/icinga2: remove icinga_options/downtime_also_for, add host dependencies via icinga_options/also_affected_by
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-17 09:21:51 +02:00
4d5e75df68
bundles/icinga2: introduce icinga_options/downtime_also_for
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-17 03:43:08 +02:00
6a88040826
bundles/nginx: disable Federated Learning of Cohorts for all hosts
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-16 18:36:50 +02:00
bc8050cd3c
bundles/postfix: fix connection limits for smtpd
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-11 21:56:37 +02:00
b04a207262
nodes/htz.ex42-1048908: add some blocked email domains
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-11 18:20:16 +02:00
f0eb6f0d1b
bundles/vnstat: add favicon to web dashboard
All checks were successful
bundlewrap/pipeline/head This commit looks good
As requested by sophie
2021-04-11 14:35:49 +02:00
e809ed4859
bundles/vnstat: changes in systemd unit files must trigger daemon-reload
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-11 11:18:42 +02:00
dca56140aa
bundles/simple-icinga-dashboard: use systemd-timers, use virtualenv
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-11 11:17:09 +02:00
26c2be07cf
bundles/vnstat: adjust vnstati calls for debian bullseye
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-11 09:01:58 +02:00
69279ba34f
bundles/postfix: be a bit more relaxed when checking for smtp errors
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-10 16:50:16 +02:00
018bdb2f83
bundles/matrix*: better monitoring
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-10 16:40:44 +02:00
9618e388c3
bundles/simple-icinga-dashboard: only resolve faults when rendering the template, not earlier
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-10 16:33:32 +02:00
36bd6f5755
bundles/simple-icinga-dashboard: config is a toml file now
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-04-10 16:08:52 +02:00
b33ddaadb5
bundles/simple-icinga-dashboard: add replacements 2021-04-10 15:43:37 +02:00
fc7655469f
icinga2: add pretty_name for status page
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-10 15:05:29 +02:00
efd2875b17
bundles/c3voc-addons: add sms to NGINX VHOST checks 2021-04-10 15:04:34 +02:00
8b2771cd63
Revert "bundles/systemd-networkd: fix vlan support for bridges and bonds"
All checks were successful
bundlewrap/pipeline/head This commit looks good
This reverts commit 02146a81d6.
2021-04-10 13:34:49 +02:00
ef84b3f889
Revert "bundles/systemd-networkd: no need for a specific order in /etc/systemd/network/"
All checks were successful
bundlewrap/pipeline/head This commit looks good
This reverts commit b679f568eb.

Documentation says order is irrelevant, but it is not. If we do not use
ordering, vlan interfaces are defined before the parent interfaces, which
leads to systemd-networkd not applying config for the parent interfaces.
2021-04-10 12:22:08 +02:00
0d1a220b7b
bundles/systemd-networkd: generate unique mac address for vlan interfaces 2021-04-10 12:18:23 +02:00
197ebe2e38
bundles/systemd-networkd: add BindCarrier to bridges
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-10 11:41:23 +02:00
00d46cb1b1
bundles/pppd: fix typo in restart-pppoe-if-no-public-ip 2021-04-10 09:49:40 +02:00
af6b16cc35
bundles/pppd: fix KeyError in restart-pppoe-if-no-public-ip
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-10 09:38:47 +02:00
02146a81d6
bundles/systemd-networkd: fix vlan support for bridges and bonds 2021-04-10 09:18:45 +02:00
24f04e59aa
nodes/voc.pretalx: work around content-security-policy issues
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-05 08:18:21 +02:00
aad27851bb
bundles/miniflux: proxy all images
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-04 22:16:14 +02:00
e36a352a42
bundles: fix usage of set() vs {}
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-04 10:34:55 +02:00
c418102000
bundles/netdata: fix iptables default 2021-04-04 10:30:45 +02:00
513eb4bed6
bundles/mosquitto: add monitoring
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-03 09:43:24 +02:00
2027308249
bundles/zfs: fix typo in check_zpool_space 2021-04-03 09:41:17 +02:00
9cbf866de7
bundles/mosquitto: introduce, add to node home.nas
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-03 09:36:47 +02:00
f8bbe00d47
overall better handling and usage of exceptions
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-02 18:57:13 +02:00
5d5930265a
bundles/postfix: remove print statement 2021-04-02 18:29:33 +02:00
61cf881a03
bundles/pretalx: add bash_alias for manage.py
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-02 14:59:56 +02:00
4a3be10add
bundles/apt: fix if in upgrade-and-reboot 2021-04-02 13:40:55 +02:00
a24fb12c21
bundles/apt: introduce restart_triggers (restart services if another service has been upgraded)
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-04-02 08:12:51 +02:00
7ca24d27d3
bundles/apt: add a bit of code to remove old, unused kernel images 2021-04-02 08:11:17 +02:00
8a0c8f32ae
bundles: less Restart=on-failure, more Restart=always 2021-04-02 08:05:33 +02:00
5b276368b8
bundles/wireguard: iptables/bundle_rules should be a list
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-01 17:13:24 +02:00
17f9aa9c3e
bundles/icinga2: disable command module
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-01 17:12:35 +02:00
c5eb2f4f70
bundles/icinga2: do not send recovery emails 2021-04-01 17:11:42 +02:00
957cac5ebc
bundles/postfix: disable SPAM BLOCKLIST check if relayhost is set 2021-04-01 17:00:53 +02:00
61c6188454
bundles/postfix: mynetworks now supports identifiers 2021-04-01 16:59:49 +02:00
b7222e2cd1
bundles/systemd-networkd: fix typo in routes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-01 16:31:57 +02:00
6e423c24fb
bundles/wireguard: rework metadata.py
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-04-01 16:27:31 +02:00
b679f568eb
bundles/systemd-networkd: no need for a specific order in /etc/systemd/network/ 2021-04-01 16:26:06 +02:00
d787f8b0a3
bundles/systemd-networkd: rework routes 2021-04-01 16:25:24 +02:00
b52a196c73
bundles/nginx: add configuration option for client_max_body_size
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-30 21:26:25 +02:00
da9fe36646
bundles/pretalx: support installing plugins 2021-03-30 19:52:03 +02:00
7345543fa2
bundles/mx-puppet-discord: remove logging to files, disable presence logging
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-28 11:29:16 +02:00
c388d5ea1e
bundles/postgresql: fix restart dependencies
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-28 09:39:08 +02:00
35e4bbf04b
bundles/postfix: remove postscreen usage
All checks were successful
bundlewrap/pipeline/head This commit looks good
postscreen isn't able to share its cache file between
instances, which leads to the server simply accepting
mails for the port on which postscreen starts up later.
Since we can't predict which port this will be, we
simply remove postscreen alltogether.

Yes, i know i could just remove postscreen for port 2525.
2021-03-28 09:00:37 +02:00
ce39850bda
bundles/postfix: fix .provides() for iptables reactor
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-28 08:56:22 +02:00
9fe4e2933d
bundles/postfix: add firewalling for port 2525
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-03-28 08:37:51 +02:00
a4b2dc29a9
bundles/miniflux: don't clean up old entries
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-28 08:04:41 +02:00
39c1d34bbb
bundles/sshmon: fix disk space usage limits 2021-03-27 12:07:49 +01:00
8f0f635484
bundles/basic: change load graph for cpu graph 2021-03-27 12:06:12 +01:00
568a31586f
bundles/apt: fix permissions for /etc/kernel/postinst.d/unattended-upgrades
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-27 08:31:29 +01:00
f514e200f0
bundles/mautrix-whatsapp: restart bridge daily again
All checks were successful
bundlewrap/pipeline/head This commit looks good
It seems neither WhatsApp nor WhatsApp Web are designed for 24/7
connections, thus leading to all kinds of weird side effects like
"Bridge thinks it's connected, but no messages get through at all"
or "WhatsApp is running, but the Bridge can't connect to it"
2021-03-27 08:21:41 +01:00
f98720b57b
bundles/dhcpd: sort dchp leases by ip in bash alias
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-26 09:27:52 +01:00
65490b1d20
bundles/apt: log stdout and stderr separately in upgrade-and-reboot
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-26 09:02:48 +01:00
27753d50c4
bundles/postfix: use threading in check_spam_blocklist
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-25 17:42:59 +01:00
fdcec012f3
bundles/postfix: add SPAM BLOCKLIST check for every non-private IP attached to the server
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-22 20:24:14 +01:00
b99176be49
bundles/kodi: add iptables rules
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-21 19:10:49 +01:00
28dd9694af
add bundle:oidentd
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-21 17:40:58 +01:00
6a6198c9b9
bundles/wireguard: move iptables rules to metadata reactor
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-21 15:26:29 +01:00
3bc5e55400
bundles/iptables: don't apply iptables rules if a rules file is missing 2021-03-21 11:44:27 +01:00
4b00c8b55a
bundles/unbound: do not bind to 0.0.0.0 if qemu is installed 2021-03-21 11:43:53 +01:00
5a0aa82ec9
bundles/powerdns: fix missing imports 2021-03-21 11:43:17 +01:00
62f7080db9
bundles/nfs-server: add iptables config 2021-03-21 11:24:21 +01:00
850d860d59
bundles/powerdns: add iptables config 2021-03-21 11:12:18 +01:00
31ddea7649
bundles/dovecot: add iptables config 2021-03-21 11:12:03 +01:00
5775001301
bundles/postfix: add iptables config 2021-03-21 11:11:49 +01:00
c9f008ad82
bundles/openssh: move iptables rules to metadata reactor
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-21 10:37:28 +01:00
b943d2d465
rework iptables configuration
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-21 10:30:04 +01:00
3fcd81960e
bundles/postfix: allow configuring mynetworks
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-15 11:41:35 +01:00
52cab71fec
bundles/wireguard: also allow outgoing traffic
How did this ever work without this rule?
2021-03-15 09:00:35 +01:00
adb808a683
bundles/users: more colourful bash for everyone
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-14 17:14:08 +01:00
f6ecf2a465
bundles/nfs-client: support arch linux
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-11 15:24:06 +01:00
Sophie Schiller
c87611c2e2 bw/kodi add backports repo
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-08 21:06:25 +01:00
8b07fce738
bundles/unbound: decrease statistics-interval until debian has 1.19 and we're actually able to use them 2021-03-06 10:03:22 +01:00
f214f70cd4
bundles/basic: add textual cpu stats to htop 2021-03-06 09:58:22 +01:00
7e57c0f03e
bundles/basic: current htop version in debian does not support DiskIO nor NetworkIO
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-06 09:56:05 +01:00
ebcf8e4445
bundles/matrix-media-repo: also restart matrix-media-repo after updating
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-05 07:21:23 +01:00
2adf3c6a72
bundles/sshmon: increase acceptable amount of cpu steal
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-01 15:52:55 +01:00
e435ae582a
bundles/icinga2: add monitoring for IdoPgsqlConnection
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-01 15:36:29 +01:00
3adfb9779a
bundles/molly-guard: introduce, add to systems
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-26 17:58:20 +01:00
51ca74549e
bundles/basic: add htoprc
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-24 19:24:56 +01:00
836f065382
bundles/pleroma: add website content check
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-20 22:11:19 +01:00
b470fddc12
bundles/nginx: add gdpr-compatible log format 2021-02-20 21:11:12 +01:00
8cb172a1c1
bundles/pleroma: remove NoNewPrivileges=true, interferes with mail delivery 2021-02-20 20:57:00 +01:00
017c2c3421
bundles/pleroma: allow database configuration
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-02-20 20:18:34 +01:00
f8c157ce50
bundles/pleroma: get it working
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-20 19:37:33 +01:00
1f3e7afb2c
bundles/pleroma: initial NON-WORKING version 2021-02-20 19:14:20 +01:00
5433859a86
bundles/letsencrypt: also check for chain.pem, nginx needs this
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-20 17:38:11 +01:00
e2d7d05783
bundles/systemd-networkd: manage apt packages via bundle:apt
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-20 17:35:45 +01:00
ad5c8cc0ab
bundles/postfix: only get certificate if actually needed
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-20 17:30:38 +01:00
97a1b3ae85
bundles/zfs: add comment to action:modprobe-zfs
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-20 16:51:34 +01:00
1c0a3ee8e7
bundles/postgresql: fix postgresql config path 2021-02-20 16:50:38 +01:00
194de9ef2d
bundles/letsencrypt: fix some errors in letsencrypt-ensure-some-certificate
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-20 15:48:17 +01:00
3fa81ddc85
bundles/gitea: use canned stop action 2021-02-20 15:47:35 +01:00
74d81eb7ba
bundles/nginx: support disabling ssl for each vhost individually
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-20 14:25:27 +01:00
228786f6aa
bundles/letsencrypt: generate a dummy certificate, if no certificate already exists 2021-02-20 13:52:40 +01:00
014b6029c5
nodes/htz.ex42-1048908: update element-web config
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-20 11:10:08 +01:00
1ac6559b9f
bundles/postgresql: add pg_query_mon 2021-02-20 10:56:20 +01:00
c0b8d35a47
bundles/icinga2: fix double emoji for WARNING state
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-19 14:03:00 +01:00
2bccbf9ded
bundles/icinga2: add some emoji to sent SMS, don't send output via SMS if everything is fine
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-19 14:01:45 +01:00
8ac9b2f204
bundles/matrix-synapse: add scripts/synapse-purge-unused-rooms
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-19 11:56:21 +01:00
b06532241b
bundles: use metastack syntax for metadata.get()
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-18 18:12:25 +01:00
6e9fb7044a
bundles/systemd-networkd: add "enable-resolved" flag 2021-02-18 17:56:43 +01:00
fbf0371371
bundles/systemd: support different timezones 2021-02-18 17:56:06 +01:00
1abc0153f5
bundles/openssh: do not add deleted users to ssh config
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-02-18 15:12:30 +01:00
75224f0d5c
bundles/lldp: support arch linux 2021-02-18 15:10:50 +01:00
f4a644795e
bundles/basic: support setting a different default locale 2021-02-18 14:51:33 +01:00
32d129015e
bundles/pacman: introduce, support pkg_pacman in some other bundles 2021-02-18 14:24:57 +01:00
9bf7f856af
bundles/users: allow setting another shell 2021-02-18 14:24:09 +01:00
8a2bef9b77
bundles/apt: move vim to default packages 2021-02-18 14:23:43 +01:00
03840fd152
bundles/systemd: more options in journald.conf
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-18 10:29:38 +01:00
fbb8840dff
add .editorconfig, format files correctly
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-17 10:56:18 +01:00
b42e39ed0a
get rid of check_rbl 2021-02-17 10:51:49 +01:00
9d5d80457f
bundles/element-web: rename from riot-web, use tagged releases
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-16 12:49:02 +01:00
abb99ed58a
bundles/raspberrypi: remove isc-dhcp-client 2021-02-16 08:41:37 +01:00
d2260b4699
bundles/wireguard: use PersistentKeepalive to work around intermittent connection issues
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-15 15:16:44 +01:00
5c1eba0d58
bundles: use a common metadata key for firewall restrictions, use repo.libs.tools.resolve_identifier()
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-15 14:16:35 +01:00
56fce7d460
bundles/wireguard: add exclude_from_monitoring option for wireguard peers 2021-02-14 21:35:37 +01:00
65e6b8d053
bundles/backup-client: use a bash function to do backups instead of repeating the same code over and over 2021-02-13 09:18:00 +01:00
adeb8eff88
bundles/postgresql: only do database dumps if we're actually doing backups 2021-02-13 09:04:59 +01:00
724537558e
bundles/postgresql: do a database dump before backing up the database
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-13 08:56:35 +01:00
3d1468b214
bundles/backup-client: backup-pre-hooks should have numeric sorting 2021-02-13 08:37:49 +01:00
7aeb46382d
bundles/zfs: move icinga2_api to metadata defaults 2021-02-13 08:37:00 +01:00
2fbbaa1586
bundles/zfs: remove support for snapshot_only and snapshot_never (unused) 2021-02-13 08:36:10 +01:00
b20f369ea8
bundles/backup-client: metadata backup-pre-hooks now use /bin/sh by default 2021-02-13 08:26:46 +01:00
077eaa265c
bundles/radicale: use Fault.as_htpasswd_entry() instead of pre-encrypting passwords 2021-02-13 08:17:31 +01:00
978285bf32
bundles/matrix-media-repo: add backup/paths metadata 2021-02-13 08:09:48 +01:00
f52df58517
bundles: code style improvements
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-12 20:45:41 +01:00
c0353d2911
bundles/apt: add option to configure patch-hour, not only patchday 2021-02-12 18:53:25 +01:00
767db8efdd
bundles/apt: add /etc/kernel/postinst.d/unattended-upgrades to ensure a reboot on kernel updates
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-12 18:12:24 +01:00
d4b110087f
bundles/matrix-media-repo: introduce, add to htz.ex42-1048908
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-12 16:01:35 +01:00
638e37c05f
bundles: add Requires=postgresql.service to some services which require postgresql
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-12 13:28:52 +01:00
9f8cbde7d7
bundles/transmission: always try to restart transmission
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-11 09:06:20 +01:00
a86e04683a
bundles/backup-client: fix missing space in generate-backup
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-09 07:17:25 +01:00
c25233b991
nodes: replace pkg_apt:redis with bundle:redis
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-07 21:09:39 +01:00
0d1e987a6f
bundles/backup-client: add backup-pre-hooks (fixes #24) 2021-02-07 20:47:22 +01:00
a8690b13b8
bundles/rspamd: add "unless" to action:rspamd_assure_dkim_key_permissions
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-06 19:10:16 +01:00
eb431d8da8
bundles/postfix: also set alias_maps
All checks were successful
bundlewrap/pipeline/head This commit looks good
fixes "warning: dict_nis_init: NIS domain name not set - NIS lookups disabled"
2021-02-06 10:24:19 +01:00
457052d42b
bundles/gitea: downloading gitea updates needs stopping it first 2021-02-06 09:43:54 +01:00
b6d23aaed4
bundles/sshmon: use own check_cpu_stats script
Old script only checked iowait, which is not enough.
2021-02-06 09:38:50 +01:00
c185a5bacd
bundles/backup-client: do backups at 23:xx, so it won't interfere with upgrade-and-reboot
All checks were successful
bundlewrap/pipeline/head This commit looks good
There were still problems with systems starting their backups late in the hour,
but backup servers did upgrade-and-reboot early it the hour. This leads to
incomplete backups, if the machine is rebooting, too.
2021-02-06 09:36:44 +01:00
7e15f8adc3
bundles/octoprint: multi-line-output for check_octoprint_update
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-02 20:20:11 +01:00
8523754935
bundles/users: add vim-keybindings for pane navigation to tmux.conf 2021-01-31 07:59:19 +01:00
bdc5b4de33
bundles/transmission: don't overwrite configs managed by transmission 2021-01-30 17:39:34 +01:00
71f033b7c2
bundles/icinga2: fix dependencies for svc_systemd:icinga2
All checks were successful
bundlewrap/pipeline/head This commit looks good
icinga2 runs fine without any checks, so we now only depend on the other
configuration files managed by bw. This will also fix unwanted
dependencies, because 'file:' means *all* files, not only those provided
by this bundle. In the past, it wasn't possible to skip any file,
because that would result in icinga not properly restarting.
2021-01-30 17:31:05 +01:00
569275329c
bundles/sshmon: remove INTERNET check
All checks were successful
bundlewrap/pipeline/head This commit looks good
We're using the internet to check these hosts, so if those hosts
wouldn't have an internet connection, the whole host would be
down, atleast as far as icinga can tell.
2021-01-30 11:47:55 +01:00
161aec9314
bundles/powerdnsadmin: use tagged release
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-29 18:13:16 +01:00
f56852c27d
bundles/postfixadmin: use tagged release 2021-01-29 18:07:57 +01:00
fa462fbd0f
bundles/sshmon: use tag_name instead of human-readable name in check_github_for_new_release 2021-01-29 18:04:35 +01:00
b3e6063596
bundles/unbound: silence refresh-root-hints cronjob 2021-01-29 17:58:24 +01:00
c31066fea8
bundles/mautrix-whatsapp: restart weekly to work around 24/7 connection issues 2021-01-29 17:27:33 +01:00
fd421bf6f8
add bundle:redis, add redis support to pretalx
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-29 15:58:54 +01:00
ce76430b4d
bundles/mautrix-whatsapp: decrease log level to info
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-28 15:05:04 +01:00
4efcc73f55
bundles/mautrix-whatsapp: ensure we're not using ssl for postgres
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-25 22:27:11 +01:00
f3d8a1412c
bundles/dovecot: better ssl
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-24 18:44:25 +01:00
2aaf7cf8f8
bundles/nginx: better ssl 2021-01-24 18:44:13 +01:00
614bdf9dec
bundles/basic: support creating additional locales 2021-01-24 07:49:49 +01:00
d344664fa1
bundles/basic: fix format for /etc/locale.gen
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-23 12:25:32 +01:00
6b720c6c75
bundles/postgresql: only deploy packages if we have locales installed
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-23 12:06:38 +01:00
4a9463db5f
bundles/basic: ensure a proper locale is installed 2021-01-23 12:05:59 +01:00
a160e7cf46
bundles/postgresql: improvements
All checks were successful
bundlewrap/pipeline/head This commit looks good
- support other postgresql versions
- manage configs using bw
2021-01-23 11:35:03 +01:00
c41ee0f806
bundles/apt: fix logging for upgrade-and-reboot 2021-01-23 11:32:35 +01:00
51101fc615
bundles/sudo: fix mode for /etc/sudoers
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-23 09:28:50 +01:00
c5109fbfe3
bundles/icinga2: no need to do metadata.copy() here
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-23 09:11:18 +01:00
717159b61f
bundles/seafile: no need for sms for seafile process, we're already doing http content checks
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-01-23 09:09:30 +01:00
63cdd470cf
bundles/c3voc-addons: support cron definition
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-19 13:34:23 +01:00
0893156723
bundles/c3voc-addons: add upgrade-and-reboot to bundle
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-17 18:43:30 +01:00
0f0ee046b1
bundles/c3voc-addons: some assertions to make sure we don't conflict with ansible
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-17 10:16:23 +01:00
1041e092b1
bundles/dhcpd: add bash alias for lease list 2021-01-17 09:12:32 +01:00
4f62e25d5e
bundles/c3voc-addons: add nginx vhost monitoring
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-17 08:07:21 +01:00
3b90426b4d
bundles/pretalx: fix needs for systemd units
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-17 08:01:15 +01:00
2b0678063c
bundles/pretalx: new version needs to trigger regenerate_css, too
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-17 07:59:57 +01:00
b5cc8c2c57
bundles/pretalx: add to PORT_MAP.md, allocate a port
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-17 07:55:08 +01:00
35abb92daf
bundles/icinga2: do not schedule downtimes for hosts which do not do unattended-upgrades
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-16 22:31:51 +01:00
173746fe9c
bundles/sshmon: ensure sshmon user is able to log in 2021-01-16 22:31:18 +01:00
39aabd0546
bundles/backup-server: of course, we need to ignore hosts which have exclude_from_backups set
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-16 22:22:51 +01:00
ad84f62c0d
bundles/sshmon: do not rely on bundle:users to create sshmon user
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-01-16 22:21:27 +01:00
ec8802dd4a
bundles/backup-server: ignore all nodes which don't have bundle:backup-client 2021-01-16 22:12:49 +01:00
9f0fc90679
bundles/pretalx: fix wrong metadata key 2021-01-16 22:12:16 +01:00
70944d7065
bundles/pretalx: introduce 2021-01-16 22:03:38 +01:00
0b9056bd2b
add pseudo-bundle to add configs to c3voc ansible managed hosts 2021-01-16 22:03:03 +01:00
8fc0017378
bundles/backup-client: do backups at 00:xx, so it won't interfere with upgrade-and-reboot
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-15 15:31:36 +01:00
9854fc9dbc
bundles/hostname: also set motd 2021-01-15 15:29:49 +01:00
db3a15310c
bundles/letsencrypt: fix concat_and_deploy comment
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-10 10:48:19 +01:00
659e35686e
bundles/iptables: removing rule files should also trigger iptables-enforce
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-09 14:02:50 +01:00
4f6b57676a
bundles/systemd-networkd: LACPTransmitRate=fast
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-09 12:52:03 +01:00
00fd1df67a
bundles/wide-dhcp6c: stop, then start, instead of restart 2021-01-09 12:51:37 +01:00
8e54d6eb23
add monitoring for freifunk nodes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-09 11:03:23 +01:00
19dd29e847
bundles/transmission: also allow tcp peer-port
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-08 17:06:26 +01:00
33b85ff0de
bundles/transmission: add bundle, add to home.downloadhelper
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-08 17:00:08 +01:00
dca13263e2
bundles/systemd-networkd: add option for setting static routes 2021-01-08 16:09:59 +01:00
17510b783c
bundles/nfs-client: do start automount units. Previous comment was wrong.
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-07 22:15:57 +01:00
fb42f9e667
bundles/dhcpd: catch keyerrors for nodes which do dhcp in unmanaged networks 2021-01-07 22:14:17 +01:00
2d42e5f7dd
update bw to 4.3, add .provides() to metadata reactors
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-07 18:44:38 +01:00
7f0fb7a6e2
bundles/influxdb: remove 2021-01-07 18:28:08 +01:00
Sophie Schiller
2ba4946975 update letsencrypt hashes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-06 13:18:44 +01:00
ec13a1edaa
bundles/simple-icinga-dashboard: repo is public now
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-03 09:56:51 +01:00
03d3ab6e9d
bundles/{netdata,nginx,unbound}: fix iptables rules (should also create ip6tables rules)
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-01-02 16:19:55 +01:00
e8d131b041
add simple-icinga-dashboard on status.franzi.business
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
fixes #20
2021-01-02 14:47:11 +01:00
2ebf7ec32b
bundles/mautrix-whatsapp: disable log timestamps, journal takes care of that
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-02 14:01:26 +01:00
b8bcc6c499
bundles/mautrix-whatsapp: only log to journal
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-02 13:59:47 +01:00
8752299e61
bundles/icinga2: add hostgroup for hosts which send SMS
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-02 12:58:52 +01:00
4f57a6c0e3
icinga2: more checks should send sms
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-02 12:26:37 +01:00
10fd67a0fd
bundles/systemd-networkd: fix LACP options
All checks were successful
bundlewrap/pipeline/head This commit looks good
fixes #25, hopefully
2021-01-02 11:00:10 +01:00
f329373a4a
bundles/systemd-networkd: remove settings from bond.netdev
All checks were successful
bundlewrap/pipeline/head This commit looks good
Why the fuck doesn't this work like it's written in the documentation?
2021-01-01 22:00:50 +01:00
16ea6ce0d5
bundles/systemd-networkd: disable STP on bridges 2021-01-01 21:59:21 +01:00
48fc341137
bundles/backup-client: add monitoring for backups 2021-01-01 13:59:42 +01:00
3e1d3b483e
bundles/mautrix-whatsapp: use -a for check_procs
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-31 12:31:14 +01:00
fede30c2cc
bundles/mautrix-whatsapp: introduce 2020-12-31 12:18:34 +01:00
914889da6c
bundles/vmhost: add option to exclude VM from monitoring
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-29 10:18:16 +01:00
62d7baa3ec
bundles/icinga2: admins shall receive all notifications
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-27 09:09:40 +01:00
d72c43083d
nodes/rx300: set proper lldp hostname
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-25 14:45:41 +01:00
ca7f3ed4a6
bundles/octoprint: fix typo in check_octoprint_update
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-23 12:38:44 +01:00
e40f88aa69
bundles/unbound: only start unbound after pppoe.service has been started (fixes #23)
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-23 10:50:54 +01:00
275249481f
bundles/octoprint: display version in update check, remove error states (we're monitoring this separately)
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-23 10:43:13 +01:00
d2be654206
bundles/unbound: enable prefetching 2020-12-22 09:24:10 +01:00
5e45efb7ae
bundles/unbound: better caching 2020-12-22 09:22:37 +01:00
5935aed0db
bundles/{netdata,pppd,radvd,vmhost,vnstat,wide-dhcp6c}: add monitoring
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-21 09:50:15 +01:00
0b52f8e7e6
bundles/icinga2: allow limiting permissions for api users 2020-12-20 09:33:17 +01:00
da4b139095
bundles/{radvd,wide-dhcp6c}: remove metadata key integrate-with-pppd
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-18 16:30:17 +01:00
6045debe9e
bundles/nginx: check ssl certificates
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-18 13:28:08 +01:00
5f5c3d5207
bundles/icinga2: admins shall receive more notifications
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-18 08:24:19 +01:00
958f5893e6
bundles/zfs: adjust warning period for check_zfs_old_snapshots 2020-12-18 08:23:42 +01:00
487e4d0df6
bundles/rspamd: add missing } 2020-12-18 08:21:56 +01:00
e81fcafe7a
bundles/powerdns: fix dependencies
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-12-18 06:41:24 +01:00
63d455d242
bundles/rspamd: fix dependencies 2020-12-18 06:41:05 +01:00
65db8b1625
bundles/systemd-networkd: faster miimon 2020-12-18 06:33:05 +01:00
ecb7a93073
bundles/pppd: silence restart-pppoe-if-no-public-ip 2020-12-18 06:32:18 +01:00
e33af1c845
bundles/unbound: refresh root-hint.txt once a week 2020-12-13 15:22:19 +01:00
9c6fe48859
bundles/unbound: add netdata config
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-13 15:17:19 +01:00
3eeb253e55
bundles/unbound: introduce, add to nodes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-13 14:59:44 +01:00
c5e43188ca
bundles/radvd: support not announcing a nameserver 2020-12-13 14:59:10 +01:00
057d4f0c4c
bundles/dovecot: autoexpunge Trash older than 360 days
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-13 11:55:28 +01:00
18c56cce9a
bundles/dovecot: do not auto-subscribe to junk mailbox 2020-12-13 11:54:55 +01:00
58d99eb402
bundles/systemd: configure journald
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-12 10:39:57 +01:00
cf4d0c1ca6
bundles/powerdnsadmin: ensure permissions of powerdnsadmin static directory
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-10 22:18:04 +01:00
8be6f9b78d
bundles/apt: fix date call in check_unattended_upgrades 2020-12-10 22:15:31 +01:00
be15458e1e
bundles/powerdnsadmin: fix database upgrade
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-10 22:07:26 +01:00
1d06d86205
bundles/wireguard: fix early fault resolve in metadata.py
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-10 16:39:26 +01:00
bd217f0666
bundles/pppd: automatically restart pppoe (once per hour) if no public ip address can be found
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-12-10 16:14:17 +01:00
b80c0b12fe
home.router: add c3voc vpn 2020-12-08 17:45:30 +01:00
9398649db0
bundles/seafile: add icinga checks
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-12-05 09:28:54 +01:00
febcacdfe3
icinga2: enable mails for update checks 2020-12-05 09:17:21 +01:00
67d8293201
bundles/wireguard: one icinga2 check per peer
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-30 06:43:46 +01:00
295ff72b4b
bundles/smartd: introduce, add to hosts where *we* need to keep track of disk health
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-29 12:07:27 +01:00
8456ac43c6
bundles/nfs-client: don't try to start automount units 2020-11-29 12:06:34 +01:00
1bfeead5e8
nodes/home.nas: change nfs-mount options for /storage/nas 2020-11-29 12:05:51 +01:00
a549936e09
bundles/nfs-server: ensure nfs-kernel-server is started 2020-11-28 15:48:27 +01:00
014b37082c
bundles/wireguard: send pings over vpn, if pppd reconnects 2020-11-27 03:09:37 +01:00
c1885e20b6
nodes/home.octoprint-vielschichtigkeit: fix ifnames, fix vhost 2020-11-25 21:26:21 +01:00
dc9e378908
bundles/icinga2: add icinga statusmonitor
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 18:56:04 +01:00
12ce8d8f6e
bundles/icinga2: add automatic downtime for upgrade-and-reboot
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 13:28:14 +01:00
3a56b0425c
bundles/icinga2: add default for vars.notification.mail, enable mail for check_sipgate_account_balance
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 11:44:09 +01:00
9651d740ae
bundles/icinga2: add check_sipgate_account_balance, adjust check_interval
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 11:38:53 +01:00
9cace7dace
bundles/icinga2: only include service_name in sms if it actually is a service
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 11:09:44 +01:00
54219928e4
bundles/icinga2: only add user to on-call group if they have atleast one of (email, phone) set
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 11:07:02 +01:00
8c6c691e5e
bundles/icinga2: implement SMS notifications 2020-11-22 10:34:49 +01:00
22d5ba12ee
bundles/octoprint: don't try to resolve faults in metadata.py
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 09:07:28 +01:00
15826c73b0
bundles/icinga2: send notifications
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-22 09:04:24 +01:00
d26b8ade45
remove some comments 2020-11-22 08:27:37 +01:00