Commit graph

1480 commits

Author SHA1 Message Date
77ed050ade
install oidentd on carlene, fix dependencies 2023-09-24 10:40:47 +02:00
d999895450
home.router: let dyndns have ipv6 please 2023-09-23 16:42:00 +02:00
07de570175
auto-generate full wireguard mesh between all nodes in libs.s2s.WG_AUTOGEN_NODES 2023-09-23 15:06:16 +02:00
3a0ed4a7f5
bundles/wireguard: autogenerate port number based on index in WG_AUTOGEN_NODES 2023-09-23 15:04:47 +02:00
d47f7db708
bundles/wireguard: only try to auto-generate ips and ports if nodes are present in WG_AUTOGEN_NODES 2023-09-23 15:04:11 +02:00
0d79216ae5
bundles/wireguard: fix KeyError when running with no peers 2023-09-23 15:03:44 +02:00
c59a3038a1
bundles/wide-dhcp-client: fix some bugs 2023-09-23 09:23:41 +02:00
dda3c4162c
bundles/postfix: ensure /etc/mailname exists before installing postfix 2023-09-20 17:46:04 +02:00
3bf0e1124e
bundles/rspamd: disable greylisting
This only gets in the way. If mail is spam, it will get delivered to the
junk mail folder anyways.
2023-09-17 15:44:43 +02:00
4f260932c3
bundles/wireguard: health checks for everyone 2023-09-12 20:15:19 +02:00
9bde0d9410
home.router: upgrade to bookworm and switch to kea-dhcp-server 2023-09-10 22:02:14 +02:00
aaf67f1a3d
bundles/apt: bookworm has their own firmware repo 2023-09-10 22:00:19 +02:00
234e81431d
bundles/wireguard: easier snat setup 2023-09-10 21:27:03 +02:00
5b1d814d40
bundles/icinga2: more timeout for check_spam_blocklist 2023-09-10 21:15:31 +02:00
563735d31a
add new status page to icinga 2023-09-10 09:48:20 +02:00
5238937044
bundles/powerdns: do not put private ipv4 into dns if public ipv6 exists 2023-09-09 23:02:38 +02:00
Sophie Schiller
30604db869 hedgedoc: makee usable on bookworm 2023-09-09 22:42:53 +02:00
54d55bbb8d
update forgejo to 1.20.4 2023-09-09 21:09:30 +02:00
40aeeab265
update matrix-media-repo to 1.3.1 2023-09-09 20:39:23 +02:00
b38ba55ed3
bundles/forgejo: fix missing slash 2023-09-09 20:31:05 +02:00
cb6f12b218
add bundle:kea-dhcp-server 2023-09-09 18:40:10 +02:00
d9cb324bb6
update pretalx to 2023.1.0 2023-09-09 17:48:22 +02:00
f061196f0d
bundles/icinga2: add snmp package, needed for check_snmp to work 2023-09-09 17:02:51 +02:00
f2b538a168
bundles/homeassistant: allow more time for checking stuff 2023-09-09 16:54:33 +02:00
fe4d4abc9c
bundles/wireguard: fix max interface length 2023-09-09 16:10:49 +02:00
a2ceb8cc3a
bundles/bird: announce subnets via all ips 2023-09-09 16:10:33 +02:00
2b51812118
libs.tools.resolve_identifier(): add option to filter out linklocal ips and only physical interfaces 2023-09-09 15:37:37 +02:00
bf6ed289e1
bundles/icinga2: fix stupid in check_spam_blocklist 2023-09-09 14:24:34 +02:00
e6e9e425fc
move icinga2 to new host 2023-09-09 14:12:24 +02:00
5db3856218
bundles/icinga2: remove obsolete check 2023-09-09 14:10:58 +02:00
e029329a03
bundles/icinga2: handle dig status messages in check_spam_blocklist 2023-09-09 14:10:27 +02:00
deb0c7b597
bundles/unbound: ensure /usr/share/dns exists 2023-09-09 13:55:58 +02:00
d1bb94fd74
bundles/icinga2: more auto-generation of stuff 2023-09-09 13:55:16 +02:00
7df6b1d13a
bundles/wireguard: name wg interfaces according to their peers 2023-09-09 13:55:03 +02:00
e2e5eaa236
bundles/nextcloud: more upload limit please 2023-09-03 18:15:17 +02:00
94bee38ca7
bundles/php: fix some typos 2023-09-03 12:20:24 +02:00
a33076186b
bundles/nextcloud: install php-apcu 2023-09-03 12:19:34 +02:00
ad24c0ea5b
add bundle:nextcloud to carlene 2023-09-02 21:14:38 +02:00
ea77c68e16
bundles/nginx: hide content security headers coming from php 2023-09-02 20:49:05 +02:00
72607adbfe
bundles/nginx: allow vhosts to set their own index files 2023-09-02 20:48:41 +02:00
8cfcefcfc4
bundles/matrix-stickerpicker: fix backup paths 2023-09-02 20:48:15 +02:00
b08c9fb5a4
replace matrix-dimension on rx300 with matrix-stickerpicker on carlene 2023-09-02 13:36:15 +02:00
194c60ddb2
bundles/ntfy: do not create timing logs 2023-09-01 06:20:19 +02:00
97afd6c522
bundles/php: add php8.2 2023-09-01 05:54:54 +02:00
a838f6c5bd
bundles/postfixadmin: move vhost generation to reactor 2023-09-01 05:54:23 +02:00
b01dcb0ff9
bundles/nginx: enable creating logs for debugging purposes 2023-09-01 05:53:37 +02:00
01531c62de
bundles/rsyslogd: keep more logfiles 2023-08-28 17:26:34 +02:00
39576fda38
add bundle:rsyslogd 2023-08-28 17:21:48 +02:00
36dac3be7c
bundles/weechat: fix weechat fifo path 2023-08-27 11:13:35 +02:00
ad2312b715
matrix stuff: make journal usable again 2023-08-27 09:28:57 +02:00
50cba7cb49
bundles/miniflux: use metadata.get() 2023-08-27 09:17:34 +02:00
0190555f16
bundles/matrix-synapse: do not log every request 2023-08-27 09:17:12 +02:00
757e9e6bb8
bundles/nginx: add option to disable anon_timing log 2023-08-26 17:21:23 +02:00
c6bb00c124
bundles/systemd: ensure we're not logging to syslog 2023-08-26 07:28:12 +02:00
8cf2dde6e0
add bundle:weechat, migrate weechat from rx300 to carlene 2023-08-25 12:52:31 +02:00
c6120accc1
bundles/icinga2: fix monitoring config 2023-08-25 11:11:48 +02:00
d0302d826a
bundles/icinga2: add icingaweb2 monitoring config 2023-08-25 11:09:36 +02:00
Sophie Schiller
48d3f8eee6 miniserver hedgedoc update 2023-08-24 19:13:09 +02:00
bca4d152ea
bundles/zfs: print zfs status output if pool is not online 2023-08-24 07:41:37 +02:00
33d42e2472
bundles/matrix-synapse: ensure we're logging to journal 2023-08-23 17:25:41 +02:00
10a9e61026
bundles/homeassistant: changes for bookworm 2023-08-23 17:17:42 +02:00
daae710624
bundles/forgejo: fix version string in update check 2023-08-23 13:47:38 +02:00
b692b09c00
rename bundle:gitea to bundle:forgejo 2023-08-02 16:37:48 +02:00
88ccd3ca72
migrate netbox from rx300 to carlene 2023-08-02 08:07:36 +02:00
c121110f00
bundles/travelynx: prepare for bookworm 2023-08-01 21:21:31 +02:00
3826ccf4ec
remove reboot mails, noone does care about these anyway 2023-07-26 08:29:37 +02:00
4b434e7946
bundles/mixcloud-downloader: fix username 2023-07-23 14:04:01 +02:00
00cbabea1b
bundles/mixcloud-downloader: fix duplicate 2023-07-23 14:02:09 +02:00
272a11f7d3
bundles/postgresql: remove version-specific options 2023-07-23 13:59:34 +02:00
9aacb8f506
htop: less room for cpus please 2023-07-23 13:59:32 +02:00
76eef92ee2
bundles/postgresql: some improvements 2023-07-23 13:59:29 +02:00
54d0c42da6
bundles/matrix-synapse: auto-trust all own servers as keyservers 2023-07-23 13:59:26 +02:00
e9ee2039d5
bundles/smartd: ignore non-digit values in telegraf stats 2023-07-13 21:41:52 +02:00
471e2ba6f6
bundles/{influxdb2,telegraf}: it's always the same, just use 'stable main' 2023-07-13 21:41:22 +02:00
838b61a2b9
bundles/grafana: remove useless "power on hours" graph 2023-07-13 21:40:55 +02:00
6b27128b6d
bundles/systemd-timers: add exclude_from_monitoring 2023-07-13 21:31:25 +02:00
3936e64227
bundles/smartd: use systemd-timers 2023-07-13 21:31:11 +02:00
bbfa985e1d
bundles/smartd: ignore partitions in smartd check 2023-07-13 21:30:49 +02:00
d0825a51ee
bundles/smartd: unit names have changed 2023-07-13 21:30:29 +02:00
70bd7d295d
bundles/cron: less strict dependencies 2023-07-13 20:19:17 +02:00
cff3fe558e
bundles/zfs: more ordering please 2023-07-13 20:04:43 +02:00
5fa8c72863
debian bookworm time \o/ 2023-07-13 20:02:38 +02:00
fa4ea575b4
bundles/users: show last five logins on login 2023-07-11 05:40:39 +02:00
d5f5fd853b
bundles/element-web: remove --openssl-legacy-provider 2023-06-29 05:39:30 +02:00
8968252ba6
bundles/nginx: fix content_type for logrotate config 2023-06-21 23:27:30 +02:00
42e20b122c
bundles/icinga2: add non-listing results to check_spam_blocklist 2023-06-21 23:25:12 +02:00
Sophie Schiller
d17b146476 hedgedoc new release 2023-06-04 23:17:55 +02:00
712454c1e3
bundles/postgresql: more cache, please 2023-06-03 13:21:23 +02:00
55f80b468e
bundles/matrix-registration: fix bugs 2023-05-26 10:48:01 +02:00
e6111efe2d
bundles/matrix-registration: configurable client_redirect 2023-05-26 07:11:22 +02:00
9fc0004746
add option to exclude hosts from public status page 2023-05-21 06:59:34 +02:00
b35bfc85e9
ovh.icinga2: fix simple-icinga-dashboard 2023-05-20 20:12:24 +02:00
2607049f8d
add bundle:matrix-registration 2023-05-20 15:15:35 +02:00
6374f6b71e
bundles/matrix-synapse: support home servers without appservices 2023-05-20 15:10:57 +02:00
1708f6ae17
bundles/matrix-synapse: include signing key in backups 2023-05-20 14:23:52 +02:00
b1567443ca
bundles/zfs: support other cpu architectures 2023-05-20 12:38:27 +02:00
0db4c19457
htz-cloud.sewfile: update to debian bullseye 2023-05-20 12:19:46 +02:00
32e6e61a3b
bundles/systemd: fix dependencies 2023-05-20 11:25:26 +02:00
cff42ef0f7
update home.downloadhelper to debian bullseye 2023-05-20 11:13:48 +02:00
048fb83ee7
bundles/apt: support spreading unattended-upgrades in a group 2023-05-20 07:46:23 +02:00
92cca7f396
isort the repo 2023-05-20 07:46:02 +02:00
1260410eae
bundles/powerdns: split "add ip to autoprimaries" and "fix hostname for autoprimary" 2023-05-16 19:56:21 +02:00
6d2cf0fa24
bundles/powerdns: ensure primary servers are in database 2023-05-16 19:25:17 +02:00
f8416215d5
ns-ionos: move powerdnsadmin webinterface to new hostname 2023-05-16 18:08:00 +02:00
a4bb7f89ec
rename ns-primary to ns-ionos 2023-05-16 17:58:31 +02:00
b2ad9ce3d8
bundles/jugendhackt_tools: fix static root 2023-05-15 12:08:57 +02:00
906994b50f
rx300: add bundle:jugendhackt_tools 2023-05-06 17:27:02 +02:00
714fa88d72
bundles/ntfy: fix directory modes 2023-05-06 17:26:59 +02:00
f12a176759
bundles/sysctl: we need 99-sysctl.conf on debian 2023-05-06 17:26:54 +02:00
9a32534c49
bundles/icinga2: remove uceprotect level 2 from check_spam_blocklist 2023-04-28 16:42:55 +02:00
b3e490720e
bundles/icinga2: add notification support via ntfy 2023-04-09 17:32:36 +02:00
c6cf997102
bundles/ntfy: add option to disable unauthorized writes 2023-04-09 12:24:23 +02:00
95d5c0cfc8
bundles/ntfy: update config to more recent version 2023-04-09 12:09:28 +02:00
a27ac38bec
add bundle:telegraf-monitors-mikrotik 2023-04-01 07:01:03 +02:00
9a6be52b05
bundles/backup-client: use set instead of list 2023-04-01 06:58:48 +02:00
60fc0e64e7
bundles/{apt,pacman}: ignore sshd processes spawned by user nobody 2023-04-01 06:50:37 +02:00
28298d3ce6
replace predefined ssh keys with generated ones 2023-03-31 21:45:09 +02:00
ca614efec1
add home.switch-rack 2023-03-26 15:58:29 +02:00
190833c54a
bundles/lldp: do not run for routeros devices 2023-03-26 15:58:09 +02:00
e3b1d14fe7
bundles/miniflux: fix proxy settings 2023-03-19 15:43:34 +01:00
cc49d34475
bundles/matrix-synapse: add script to reset the federation timeout 2023-03-19 15:43:09 +01:00
4122a7ccf8
isort the repo 2023-02-05 17:30:58 +01:00
429bc2a7c6
bundles/homeassistant: fix .provides() 2023-02-05 17:28:52 +01:00
1906e7c256
bundles/gitea: derive version number from installed gitea 2023-02-05 17:24:50 +01:00
077b25f67e
bundles/miniflux: repo has changed
... also now everything is unsigned, yeaaaaaaaaaaaah
2023-02-02 19:29:28 +01:00
7bd8237876
bashrc: add 'ipa' alias 2023-01-29 11:03:38 +01:00
55bebda4d4
bundles/powerdns: fix socket path for telegraf 2023-01-29 11:02:49 +01:00
ef16a2d081
bundles/powerdns: rework zone file generation 2023-01-29 11:01:48 +01:00
264ea3e8a7
bundles/systemd-networkd: remove isc-dhcp-client 2023-01-29 10:13:26 +01:00
109914c039
bundles/powerdnsadmin: create virtualenv after packages are installed 2023-01-29 10:04:47 +01:00
f6b0c587d0
rename some gitea stuff to forgejo 2023-01-29 09:42:36 +01:00
a8e2e6b5ad
bundles/gitea: adjust config for 1.18 2023-01-29 09:40:38 +01:00
17aee0f6bb
update gitea to forgejo 1.18.2-1 2023-01-29 09:35:29 +01:00
a3218ac41f
bundles/sshmon: fix hostname in check_forgejo_for_new_release 2023-01-29 09:35:05 +01:00
2e6e6b663e
bundles/powerdns: also send out notify to all secondaries 2023-01-29 09:21:59 +01:00
c93a4d0a99
powerdns: switch to AXFR for secondarie 2023-01-29 08:35:08 +01:00
31e614ab3b
bundles/powerdns: allow exposing API to the world 2023-01-29 08:06:27 +01:00
60585a3716
bundles/homeassistant: fix typo 2023-01-29 07:04:38 +01:00
c717e86f70
bundles/homeassistant: fix website_check 2023-01-29 07:03:28 +01:00
ff8928dd0b
remove openhab, move backups to hass 2023-01-29 06:54:48 +01:00
ba97cd432f
bundles/icinga2: icingaweb2 apparently ships monitoring module by itself 2023-01-29 06:45:34 +01:00
07dce73bca
bundles/sshmon: get rid of sysstat 2023-01-28 18:10:24 +01:00
c5ccc31ad9
get rid of molly-guard 2023-01-28 18:10:21 +01:00
ab76721ddb
bundles/powerdnsadmin: install psycopg2 in venv 2023-01-28 18:10:18 +01:00
b460085bb0
bundles/powerdns: enable superslave if supported 2023-01-28 18:10:14 +01:00
c94aef55a5
bundles/dovecot: enable sieve logging 2022-12-31 16:33:10 +01:00
c04ce63c35
bundles/arch-with-gui: more packages via bundle, less via nodefile 2022-12-29 13:45:06 +01:00
070b466abe
bundles/travelynx: update bundle for new version 2022-12-27 13:38:53 +01:00
9dae384cd1 Merge pull request 'homassistant' (#56) from homassistant into main
Reviewed-on: #56
2022-12-24 17:32:36 +00:00
Sophie Schiller
52983a51a9 homeassistant: rework update check 2022-12-24 17:51:42 +01:00
638363e927
bundles/php: rework bundle, fix directory permissions 2022-12-24 16:12:22 +01:00
9a45e3c30e
bundles/gitea: fix wrong monitoring command 2022-12-24 13:45:44 +01:00
648a80362e
bundles/sshmon: actually install the check 2022-12-24 08:45:48 +01:00
931f3cd583
bundles/gitea: set update check to check for forgejo update 2022-12-23 14:57:32 +01:00
df303b3487
bundles/homeassistant: set websockets=True in nginx config 2022-12-22 20:01:35 +01:00
Sophie Schiller
edeffee5c2 first running hass stuff 2022-12-22 18:59:27 +01:00
Sophie Schiller
107fd6872b home.hass add metadata 2022-12-22 17:53:10 +01:00
Sophie Schiller
c407a4520a blind dev result of homeassistant 2022-12-22 17:37:13 +01:00
fcb546baf6
bundles/nodejs: fix repo name 2022-12-22 17:32:36 +01:00
c5e45cbafc
bundles/sshmon: add check_forgejo_for_new_release 2022-12-22 12:13:53 +01:00
3db7168589
move default nameservers to libs/defaults 2022-12-22 12:13:13 +01:00
90823b7984
bundles/postfix: lessen smtpd security restrictions 2022-12-20 08:55:44 +01:00
caa54051ff
bundles/zfs: please, just restart zed 2022-12-18 11:43:38 +01:00
8621c726bb
bundles/systemd: fix edgecase in check_timesyncd_sync 2022-12-18 11:34:21 +01:00
ee761507a2
bundles/{icinga2,influxdb}: fix file permissions 2022-12-17 11:45:10 +01:00
6d49889f2f
bundles/systemd: systemd-timesyncd not showing offset is an error 2022-12-17 11:41:37 +01:00
8a0ae4fa10
bundles/systemd: explicitely use all four ntp.org timeserver pools
turns out, only 2.pool.ntp.org has IPv6, but we won't get any IPv6
addresses when querying pool.ntp.org
2022-12-17 11:39:45 +01:00
eaab905735
bundles/systemd: add monitoring for systemd-timesyncd 2022-12-16 16:15:57 +01:00
e12b9e6c12
uninstall chrony and ntpd everywhere 2022-12-16 15:32:09 +01:00
bd64d52edb
bundles/gce-workaround: uninstall chrony 2022-12-16 15:24:51 +01:00
d6da47fc1e
bundles/systemd: also manage systemd-timesyncd 2022-12-16 15:10:52 +01:00
5dc60eb24e
bundles/openvpn-client: do not manage config directory group 2022-12-16 15:10:03 +01:00
f790e2cee0
bundles/vnstat: rework bundle 2022-12-12 07:56:23 +01:00
c8dd809057
bundles/wireguard: better nftables rules 2022-12-11 17:42:39 +01:00
e8d24bc363
bundles/pppd: automatically add interface entry for ignored interface 2022-12-11 17:42:08 +01:00
d86dc32f51
bundles/mixcloud-downloader: improvements 2022-12-07 18:06:44 +01:00
15ea875742
home.nas: add bundle:mixcloud-downloader 2022-12-07 04:24:38 +01:00
615f6107bc
bundles/element-web: only set --openssl-legacy-provider if using nodejs >= 17 2022-11-27 19:56:36 +01:00
ca18a8d231
bundles/pretalx: ignore update check if no version was specified 2022-11-27 19:48:13 +01:00
d64657feef
bundles/openvpn-client: fix permissions for /etc/openvpn/client 2022-11-22 18:45:19 +01:00
b7de8b3a4d
bundles/grafana: new repo, who dis? 2022-11-21 19:32:47 +01:00
bc589011d2
add c3voc vpn to kunsi-p14s 2022-11-21 19:31:49 +01:00
72cbe56b5f
bundles/nodejs: make nodejs version configurable 2022-11-16 18:54:52 +01:00
2ea914dc0b
bundles/minecraft: collect metrics more often 2022-11-13 18:13:18 +01:00
7a14084417
bundles/minecraft: add monitoring via icinga2 2022-11-13 17:48:22 +01:00
019d5ce2b6
bundles/minecraft: add monitoring via telegraf 2022-11-13 17:47:19 +01:00
52e36f7ae1
bundles/redis: use a lot less snapshots 2022-11-06 19:08:35 +01:00
e6e563fb33
bundles/systemd-timers: use bash, because we're using bash if 2022-11-06 19:08:13 +01:00
3dce0fb6ac
add bundle:minecraft to rx300 2022-11-06 18:52:38 +01:00
fba5d6a782
bundles/{jenkins-ci,openhab}: bump openjdk version 2022-11-06 18:52:14 +01:00
b0a43fb128
bundles/users: enable color output in ipb 2022-11-06 14:27:35 +01:00
73e6ba0872
bundles/{matrix-dimension,mx-puppet-discord}: nodejs-dependency-hölle, once again 2022-11-05 07:47:07 +01:00
ee9f7b8875
bundles/element-web: requires legacy openssl provider for now 2022-11-04 07:29:11 +01:00
aa01329dbf
bundles/nodejs: update to nodejs 18 2022-11-04 07:28:53 +01:00
e1fe424df9
bundles/basic: support configuring /etc/environment 2022-11-04 07:28:14 +01:00
8b1ccb760a
bundles/ntfy: fix formatting errors 2022-11-04 07:27:38 +01:00
3db6078d9b
bundles/postfix: set tls ciphers to medium to increase compatibility with centos 2022-11-04 07:08:33 +01:00
Sophie Schiller
bd3c92aac9 bundles/ntfy fix various typos 2022-10-19 17:23:57 +02:00
Sophie Schiller
014c7e5be8 bundles/ntfy add more nginx options 2022-10-19 16:33:36 +02:00
Sophie Schiller
6e23f84a39 bundles/ntfy various fixes 2022-10-19 15:38:10 +02:00