Commit graph

996 commits

Author SHA1 Message Date
8656f99f8e
bundles/wireguard: re-add reconnect script for added resiliency
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-30 06:37:42 +02:00
30d4d989fc
add bundle:bird 2021-09-29 19:45:18 +02:00
fe44417b14
bundles/systemd-networkd: add dummy interfaces 2021-09-29 19:44:37 +02:00
996ef6e115
bundles/nftables: more sorted() 2021-09-29 19:44:13 +02:00
5f1f4fd654
bundles/wireguard: add option 'snat_to' for connections 2021-09-29 19:43:29 +02:00
902840ee7f
bundles/wireguard: use one wireguard connection per peer instead of one for all 2021-09-29 19:27:13 +02:00
2b0e3a4bf0
bundles/powerdns: use only public ips or those attached to physical interfaces to create dns records
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-25 11:08:18 +02:00
b81153e957
bundles/netbox: fix upgrade command
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-22 16:43:59 +02:00
05d69c1f12
bundles/powerdns: use named-checkzone to verify zone integrity 2021-09-22 16:42:26 +02:00
bb8910d15f
bundles/gitea: use metadata.get() 2021-09-22 16:38:27 +02:00
b21f7c856a
bundles/gitea: switch to new file type 'download' 2021-09-21 07:55:15 +02:00
ed2bb66e3e
bundles/basic: add links to icinga, grafana and nginx vhosts to login message 2021-09-16 19:33:11 +02:00
5a7d0b0afd
bundles/icinga2: don't skip everything if check_sipgate_account_balance can't get applied 2021-09-16 19:33:08 +02:00
Sophie Schiller
c9f9a27096 bundle/hedgedoc add new csp defaults
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-14 20:23:01 +02:00
Sophie Schiller
738dbd94a0 bundle/hedgedoc improve dependencies 2021-09-14 20:23:01 +02:00
Sophie Schiller
481c1c85e5 bundle/nginx set instead of HTTPS 2021-09-14 20:23:01 +02:00
Sophie Schiller
77a14a0017
bundle/hedgedoc remove quoting inconsistencies
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-11 20:24:10 +02:00
Sophie Schiller
09da9a8d92 bundle/hedgedoc improve config rendering to not produce errors with faults
Some checks are pending
kunsi/bundlewrap/pipeline/head This commit looks good
kunsi/bundlewrap/pipeline/pr-main Build started...
2021-09-11 20:07:52 +02:00
Sophie Schiller
3d3994789e bundle/hedgedoc update wbsite check
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-09-11 19:56:49 +02:00
Sophie Schiller
478a8da9f4 bundles/hedgedoc add new bundle 2021-09-11 19:47:28 +02:00
f77d6df1e5
bundles/matrix-dimension: fix dependencies
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-08 15:16:00 +02:00
05f9712b24
bundles/rspamd: change dmarc reporting sender to working address
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-08 14:43:22 +02:00
de6249c65d
dns: fix some errors 2021-09-06 16:42:14 +02:00
78fda4f9e9
bundles/rspamd: do not try to resolve faults in items.py
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-06 09:28:30 +02:00
3039a0900e
bundles/rspamd: add alias for dmarc reports 2021-09-06 09:14:18 +02:00
4ca0926546
bundles/rspamd: send dmarc reports 2021-09-06 09:11:36 +02:00
43bcd75e87
update netbox to 3.0.1
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-09-02 07:52:11 +02:00
c7fd6ee041
bundles/grafana: make rspamd row more pretty
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-08-25 15:15:09 +02:00
2940bfd3d8
bundles/rspamd: add telegraf metrics
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-08-23 22:24:59 +02:00
3f38497585
bundles/vmhost: add metadata reactor to add all admins to 'libvirt' group
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-22 07:25:46 +02:00
65462ca536
bundles/nginx: default redirect mode should be 308 2021-08-22 07:20:45 +02:00
d94df613c5
bundles/netbox: fix ADMINS
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-21 12:46:55 +02:00
c6fe9d5eb2
bundles/postfix: fix .provides() 2021-08-21 12:32:47 +02:00
b0d2503f08
add bundle:netbox 2021-08-21 12:32:40 +02:00
4cb89d699c
bundles/grafana: fix missing derivative() in dovecot row 2021-08-21 08:39:39 +02:00
12ca6f4ff7
bundles/postfix: open up SMTPS 2021-08-21 08:12:21 +02:00
3da3c00310
bundles/rspamd: changing of .map files does not need restarting 2021-08-21 07:48:02 +02:00
ea9abc5f73
bundles/grafana: add dashboard row for dovecot 2021-08-21 07:47:24 +02:00
96f1604879
bundles/dovecot: some fixes
- fix postfix/myhostname default
- ensure old_stats plugin is enabled
- ensure permissions for old_stats plugin
- ensure /etc/dovecot/ssl exists
- remove unneeded configuration files
2021-08-21 07:31:22 +02:00
8301664d9a
bundles/{grafana,influxdb2}: fix more permissions
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-20 13:33:28 +02:00
72d91767ec
bundles/influxdb: fix INFLUXDB PROCESS check 2021-08-20 13:25:40 +02:00
949e139978
bundles/telegraf: influxdata has bullseye repos now 2021-08-20 13:25:22 +02:00
f0987ccb44
bundles/unbound: automatically restart unbound if dns resolution fails for more than five minutes
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-19 20:03:24 +02:00
35938ead04
bundles/unbound: less caching of negative results 2021-08-19 20:02:27 +02:00
4167d3cb22
update to bw 4.11.2
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-17 18:10:35 +02:00
5bbd188b0b
bundles/pretalx: no sudo for rebuilding 2021-08-17 16:46:58 +02:00
d507f6794f
bundles/apt: ensure we have ncurses-term
If that's not installed, we get weird drawing issues in tmux.
2021-08-17 16:42:26 +02:00
25ea5af2db
bundles/smartd: add cronjob to schedule a monthly long test
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-08-15 16:22:34 +02:00
bd10dc578f
bundles/pppd: refactor check_dyndns_update
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
We don't care about what the DNS provider said when updating the ip
address. The only thing we care about is wether the current external ip
of the system matches the resolved ip address.
2021-08-14 08:00:43 +02:00
bb519adb2c
bundles/backup-client: more logging, fix wrong variable name 2021-08-08 07:47:07 +02:00
c14bb43993
bundles/grafana: fix derivative for wireguard last handshake time
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-07 23:32:39 +02:00
Sophie Schiller
e8d1582ed4 bw/nginx i hate whitespace
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
kunsi/bundlewrap/pipeline/pr-main This commit looks good
2021-08-07 22:01:40 +02:00
Sophie Schiller
6e3603553f bw/nginx retab everything
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
kunsi/bundlewrap/pipeline/pr-main There was a failure building this commit
2021-08-07 21:59:07 +02:00
Sophie Schiller
ab21983a4f bw/nginx add not found page and deployment of error pages
Some checks failed
kunsi/bundlewrap/pipeline/pr-main There was a failure building this commit
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-08-07 21:52:39 +02:00
d9d98116e6
bundles/grafana: increase proxy_read_timeout for /api/ds/query
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-07 20:02:57 +02:00
0a77b72cd3
update mautrix-whatsapp to 0.1.8
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-07 18:57:31 +02:00
05de574471
bundles/backup-client: sleep a bit if backup did finish non-zero to increase chances of success 2021-08-07 10:30:19 +02:00
04cee2b4c3
bundles/icinga2: fix file permissions
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-07 07:13:41 +02:00
b677eaf187
bundles/grafana: fix file permissions 2021-08-07 07:03:15 +02:00
da49a907f7
bundles/nftables: set RemainAfterExit=yes 2021-08-07 07:01:00 +02:00
8eb7cbf6fd
bundles/mautrix-whatsapp: don't restart so often 2021-08-07 07:00:27 +02:00
8fd73e09de
bundles/backup-client: retry backups
rsync just fails too often in the last couple of days. I don't want to
babysit this every morning.
2021-08-07 06:59:33 +02:00
3c105d3295
bundles/mautrix-*: repository has moved
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-06 16:25:21 +02:00
ffefb56f83
bundles/chekc-mail-received: increase sshmon timeout
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-04 16:07:13 +02:00
0f425036b2
bundles/backup-client: fix newlines
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-04 15:55:14 +02:00
91a527c35a
bundles/mautrix-telegram: change animated stickers to webm 2021-08-01 12:41:47 +02:00
b94ab9de9c
bundles/nodejs: fix type for apt repo items
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-01 08:20:06 +02:00
58d2576ec9
bundles/backup-server: fix dependencies
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-01 07:57:48 +02:00
e596b45344
bundles/backup-client: actually show which rsync call produced which error 2021-08-01 07:57:22 +02:00
9f8878ae8f
bundles/pacman: manage pacman.conf
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-30 14:27:30 +02:00
407d84a8c6
bundles/matrix-synapse: add option to automatically provision other nginx vhosts with wellknown data
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-29 17:33:48 +02:00
2f79f55da5
bundles/mautrix-whatsapp: fix cronjob
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-29 17:13:08 +02:00
df137f73a6
bundles/apt: symlink /usr/bin/python to python3
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-25 13:32:59 +02:00
e51e1113bb
bundles/sysctl: work around debian bug
The debian systemd will silently overwrite /etc/sysctl.d/99-sysctl.conf
with a symlink to /etc/sysctl.conf. We don't want that.
2021-07-25 13:31:00 +02:00
4666f1c923
bundles/users: remove duplicate keys from ssh pubkeys 2021-07-24 12:10:03 +02:00
9aa389ea28
bundles/matrix-media-repo: less strict rate limits
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-23 20:17:06 +02:00
e7023d087b
bundles/matrix-dimension: add zfs 2021-07-23 19:53:49 +02:00
79e6c841a7
bundles/grafana: add dashboard row for unbound
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-23 19:34:55 +02:00
d4d353f0b6
move radicale to rx300
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-23 13:03:47 +02:00
ff90f8cbca
bundles/radicale: add metadata reactor for nginx vhost 2021-07-23 12:56:29 +02:00
905a7917f8
bundles/matrix*: fix directories/repos 2021-07-23 07:58:15 +02:00
66fce8e076
bundles/rspamd: fix some dependencies 2021-07-18 07:56:26 +02:00
c9a1de5a8e
bundles/postfixadmin: fix backup path to be able to use zfs snapshots 2021-07-18 07:55:52 +02:00
6cadf33ae3
bundles/postfix: support having postfixadmin without setting myhostname 2021-07-18 07:55:19 +02:00
84d55c246a
items/zfs_dataset: remove automatic dependency detection for now
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
This basically reverts commit 1086ed28c3
2021-07-17 19:40:41 +02:00
cee2a41771
items/zfs_pool: rewrite item to support all kinds of zfs pools
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 18:12:57 +02:00
9111d49bf4
bundles: fix missing stuff
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 16:59:39 +02:00
fc0495f13a
bundles/rspamd: dkim key can be a string, too 2021-07-17 16:18:18 +02:00
61062c8312
bundles/matrix-dimension: disable update check until there are releases
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
... we're using 'master' for now.
2021-07-17 13:06:49 +02:00
32c0ad3bd6
bundles/matrix-synapse: auto-configure nginx vhost
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 12:38:04 +02:00
ff526a7f7f Merge pull request 'matrix-dimension' (#44) from matrix-dimension into main
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
Reviewed-on: #44
2021-07-17 09:58:18 +00:00
6a144cf991
bundles/users: add option to enable lingering
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 11:33:43 +02:00
ce9f6dd7ba
bundles: add zfs dataset to bundles 2021-07-17 10:17:39 +02:00
337b660f5a
bundles/matrix-synapse: ensure matrix-synapse does not mess with our homeserver.yaml
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 09:32:49 +02:00
cbeb42c8ae
bundles/matrix-media-repo: add zfs 2021-07-17 09:12:11 +02:00
1086ed28c3
items/zfs_dataset: add automatic dependency for all files, directories and git_deploy of a dataset 2021-07-17 09:10:56 +02:00
Sophie Schiller
58691904fc bw/matrix-dimension repair syntax errors 2021-07-17 01:09:33 +02:00
Sophie Schiller
d076384ead bw/matrix-dimension remove unneeded metadata 2021-07-17 01:09:33 +02:00
Sophie Schiller
6ceb47a92e bw/matrix-dimension get all the things 2021-07-17 01:09:33 +02:00
Sophie Schiller
2b1c53e47a bw/matrix-dimension disable logfile 2021-07-17 01:09:33 +02:00
Sophie Schiller
aa639dc913 bw/matrix-dimension switch to generic vhost name 2021-07-17 01:09:33 +02:00
Sophie Schiller
71a1a4d59b bw/matrix-dimension enable process monitoring 2021-07-17 01:09:33 +02:00
Sophie Schiller
f40036422f bw/matrix-dimensions fix typos 2021-07-17 01:09:33 +02:00
Sophie Schiller
568a73efaf bw/matrix-dimension switch listening port 2021-07-17 01:09:33 +02:00
Sophie Schiller
9fb5293c80 bw/matrix-dimension switch to dedicated user 2021-07-17 01:09:33 +02:00
Sophie Schiller
ebee3b3de5 bw/matrix-dimension witespaaaaaaaace 2021-07-17 01:09:33 +02:00
Sophie Schiller
8ee59cd036 bundle/matrix-dimension enable backups 2021-07-17 01:09:33 +02:00
Sophie Schiller
a5b6250c86 bw/bundle matrix-dimension this might actually work 2021-07-17 01:09:33 +02:00
Sophie Schiller
c52482e98b bw/bundle matrix-dimension add first draft 2021-07-17 01:09:33 +02:00
6022bac0ef
have more bundles provide nginx metadata for themselves 2021-07-16 14:20:01 +02:00
9e305fc854
bundles/element-web: fix nginx webroot path
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-15 18:44:02 +02:00
f7098b0d35
bundles/element-web: move to /opt (and zfs, if we have that) 2021-07-15 18:40:48 +02:00
133627ace2
bundles/unbound: prefer ipv4 if using pppoe
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-13 20:51:58 +02:00
3c2f245b71
bundles/mx-puppet-discord: remove "Discord" in room name for now
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-11 16:38:59 +02:00
72f148425a
bundles/jenkins-ci: add ssh keys and config
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-11 15:47:45 +02:00
0a14d46cf2
bundles/jenkins: add zfs dataset 2021-07-11 15:29:42 +02:00
8da40eab67
nodes/rx300: add php 8.0 2021-07-11 15:23:49 +02:00
a66d9c5765
bundles/mx-puppet-discord: add (Discord) to room and user names
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-11 12:29:05 +02:00
b193971625
bundles/postfix: fix some needed files not being present in chroot on arch
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-10 16:16:56 +02:00
8f4db6f2ba
bundles/postfix: install pkg_pacman:s-nail 2021-07-10 15:59:03 +02:00
3351767d56
add bundle:check-mail-received
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-10 14:22:19 +02:00
6c9809b165
bundles/grafana: add guest cpu time to cpu graph
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-10 10:05:26 +02:00
6a4b24c0f2
fix git urls in repo
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-09 17:27:12 +02:00
1927837205
bundles/gitea: add /var/lib/gitea to backups 2021-07-09 16:22:37 +02:00
9bf0b8a0b0
bundles/gitea: use zfs datasets for all data 2021-07-09 16:22:10 +02:00
82dd354f92
bundles/gitea: fix permissions for /home/git/.ssh 2021-07-09 16:15:38 +02:00
95c5e0b6ea
bundles/gitea: use generic vhost name 2021-07-09 15:55:31 +02:00
3c23de4dfa
bundles/grafana: fix nginx vhost config
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-04 20:10:19 +02:00
9021c6f853
bundles/grafana: fix permissions for some files and directories
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-04 20:06:35 +02:00
cbc0a1a927
nodes/htz.ex42-1048908: fix X-Forwarded-For header for matrix-media-repo
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-04 20:03:22 +02:00
b5ab21549d
bundles/nginx: rename 'proxy' metadata to 'locations', support more generic options, move extras files to metadata
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-04 19:28:03 +02:00
c87a8e2f15
bundles/pretalx: use pip install -e for locally existing code
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-02 18:45:59 +02:00
e091adaa64
bundles/nginx: increase buffer sizes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-02 18:21:57 +02:00
9c1b4f5dbe
move travelynx.franzi.business to rx300
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-02 16:15:31 +02:00
8ef6522ead
bundles/travelynx: needs directory to git_deploy into 2021-07-02 15:48:48 +02:00
f9e2715b30
bundles/systemd-networkd: removal of unmanaged files must also trigger restart of systemd-networkd 2021-07-02 15:03:47 +02:00
7ac7c1a2b7
bundles/cron: ensure cron is installed and running 2021-07-02 06:36:51 +02:00
9816da4f85
bundles/postgresql: only install postgresql-server-dev-* if needed 2021-07-01 18:22:38 +02:00
210ae8dd2e
bundles/zfs: debian bullseye does not need zfs from backports 2021-07-01 18:19:24 +02:00
686aa533e8
bundles/grafana: change logBase for nginx timing dashboard
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-01 16:34:17 +02:00
d32f675de7
bundles/miniflux: use vhost with generic name 2021-07-01 16:04:56 +02:00
68e79b4883
bundles/nginx: only add well-known alias for vhosts which use letsencrypt 2021-07-01 16:04:46 +02:00
20f4c182ad
bundles/pacman: ensure we have run-parts
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-30 06:22:06 +02:00
7f27762054
bundles/zfs: report *used*, not free storage space 2021-06-29 15:18:31 +02:00
f01e24f995
bundles/postgresql: wait 10s after restarting 2021-06-29 14:23:51 +02:00
7b00e7484e
fix monitoring for arch linux hosts
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-28 19:59:54 +02:00
dfbdbe73bd
bundles/icinga2: only nodes which have bundle:apt have unattended-upgrades (for now) 2021-06-28 19:48:05 +02:00
450fb3f87a
bundles/kodi: do not install libcec4
All checks were successful
bundlewrap/pipeline/head This commit looks good
It's not available in bullseye (but libcec6), but we don't need it
anyway, because we're not using cec here.
2021-06-27 07:17:05 +02:00
cd6e4b9767
bundles/influxdb2: disable atime for zfs dataset
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-26 08:19:55 +02:00
2193e0ca53
bundles/grafana: fix units for zfs panels
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-25 20:16:13 +02:00