Franzi
b52a196c73
bundles/nginx: add configuration option for client_max_body_size
bundlewrap/pipeline/head This commit looks good
2021-03-30 21:26:25 +02:00
Franzi
b7583bc8cc
nodes/voc.pretalx: install some plugins
bundlewrap/pipeline/head This commit looks good
2021-03-30 19:52:31 +02:00
Franzi
da9fe36646
bundles/pretalx: support installing plugins
2021-03-30 19:52:03 +02:00
Franzi
8503a4a946
nodes/htz.ex42-1048908: update travelynx to 1.19.9
bundlewrap/pipeline/head This commit looks good
2021-03-30 18:22:35 +02:00
Franzi
e924cc1322
nodes/htz.ex42-1048908: update element-web to 1.7.24
2021-03-30 18:22:19 +02:00
Franzi
72831ee386
nodes/home.nas: one cronjob for permissions instead of three
bundlewrap/pipeline/head This commit looks good
2021-03-28 16:44:01 +02:00
Franzi
7345543fa2
bundles/mx-puppet-discord: remove logging to files, disable presence logging
bundlewrap/pipeline/head This commit looks good
2021-03-28 11:29:16 +02:00
Franzi
c388d5ea1e
bundles/postgresql: fix restart dependencies
bundlewrap/pipeline/head This commit looks good
2021-03-28 09:39:08 +02:00
Franzi
35e4bbf04b
bundles/postfix: remove postscreen usage
...
bundlewrap/pipeline/head This commit looks good
postscreen isn't able to share its cache file between
instances, which leads to the server simply accepting
mails for the port on which postscreen starts up later.
Since we can't predict which port this will be, we
simply remove postscreen alltogether.
Yes, i know i could just remove postscreen for port 2525.
2021-03-28 09:00:37 +02:00
Franzi
ce39850bda
bundles/postfix: fix .provides() for iptables reactor
bundlewrap/pipeline/head This commit looks good
2021-03-28 08:56:22 +02:00
Franzi
9fe4e2933d
bundles/postfix: add firewalling for port 2525
bundlewrap/pipeline/head There was a failure building this commit
2021-03-28 08:37:51 +02:00
Franzi
a4b2dc29a9
bundles/miniflux: don't clean up old entries
bundlewrap/pipeline/head This commit looks good
2021-03-28 08:04:41 +02:00
Franzi
85d9b9fdac
nodes/htz-cloud.sewfile: move seafile data to zfs
bundlewrap/pipeline/head This commit looks good
2021-03-27 14:03:33 +01:00
Franzi
0ca57e8e24
nodes/htz-cloud.sewfile: also backup mysql database
bundlewrap/pipeline/head This commit looks good
2021-03-27 13:49:23 +01:00
Franzi
39c1d34bbb
bundles/sshmon: fix disk space usage limits
2021-03-27 12:07:49 +01:00
Franzi
8f0f635484
bundles/basic: change load graph for cpu graph
2021-03-27 12:06:12 +01:00
Franzi
568a31586f
bundles/apt: fix permissions for /etc/kernel/postinst.d/unattended-upgrades
bundlewrap/pipeline/head This commit looks good
2021-03-27 08:31:29 +01:00
Franzi
f514e200f0
bundles/mautrix-whatsapp: restart bridge daily again
...
bundlewrap/pipeline/head This commit looks good
It seems neither WhatsApp nor WhatsApp Web are designed for 24/7
connections, thus leading to all kinds of weird side effects like
"Bridge thinks it's connected, but no messages get through at all"
or "WhatsApp is running, but the Bridge can't connect to it"
2021-03-27 08:21:41 +01:00
Franzi
83db4ba886
nodes/home.nas: add firewalling for yate sip server
bundlewrap/pipeline/head This commit looks good
2021-03-26 18:55:20 +01:00
Franzi
f98720b57b
bundles/dhcpd: sort dchp leases by ip in bash alias
bundlewrap/pipeline/head This commit looks good
2021-03-26 09:27:52 +01:00
Franzi
8d7e5d3f66
nodes/htz.ex42-1048908: update matrix-media-repo to 1.2.6
bundlewrap/pipeline/head This commit looks good
2021-03-26 09:06:35 +01:00
Franzi
65490b1d20
bundles/apt: log stdout and stderr separately in upgrade-and-reboot
bundlewrap/pipeline/head This commit looks good
2021-03-26 09:02:48 +01:00
Franzi
4bd61fedde
nodes/htz.ex42-1048908: update gitea to 1.13.6
bundlewrap/pipeline/head This commit looks good
2021-03-25 17:44:55 +01:00
Franzi
27753d50c4
bundles/postfix: use threading in check_spam_blocklist
bundlewrap/pipeline/head This commit looks good
2021-03-25 17:42:59 +01:00
Franzi
fdcec012f3
bundles/postfix: add SPAM BLOCKLIST check for every non-private IP attached to the server
bundlewrap/pipeline/head This commit looks good
2021-03-22 20:24:14 +01:00
Franzi
b99176be49
bundles/kodi: add iptables rules
bundlewrap/pipeline/head This commit looks good
2021-03-21 19:10:49 +01:00
Franzi
75f5c58764
dns/franzi.business: fix matrix federation port in SRV record
bundlewrap/pipeline/head This commit looks good
2021-03-21 18:12:27 +01:00
Franzi
50438d940e
nodes/htz.ex42-1048908: update gitea to 1.13.5
bundlewrap/pipeline/head This commit looks good
2021-03-21 17:55:43 +01:00
Franzi
28dd9694af
add bundle:oidentd
bundlewrap/pipeline/head This commit looks good
2021-03-21 17:40:58 +01:00
Franzi
6a6198c9b9
bundles/wireguard: move iptables rules to metadata reactor
bundlewrap/pipeline/head This commit looks good
2021-03-21 15:26:29 +01:00
Franzi
559f743ce2
nodes/voc.pretalx: no localized strings in website_check_string
bundlewrap/pipeline/head This commit looks good
2021-03-21 12:59:08 +01:00
Franzi
691c3e7bc2
iptables: add some missing rules
bundlewrap/pipeline/head This commit looks good
2021-03-21 12:27:03 +01:00
Franzi
087bc4c669
nodes: iptables for all
bundlewrap/pipeline/head This commit looks good
2021-03-21 11:44:52 +01:00
Franzi
3bc5e55400
bundles/iptables: don't apply iptables rules if a rules file is missing
2021-03-21 11:44:27 +01:00
Franzi
4b00c8b55a
bundles/unbound: do not bind to 0.0.0.0 if qemu is installed
2021-03-21 11:43:53 +01:00
Franzi
5a0aa82ec9
bundles/powerdns: fix missing imports
2021-03-21 11:43:17 +01:00
Franzi
62f7080db9
bundles/nfs-server: add iptables config
2021-03-21 11:24:21 +01:00
Franzi
626075ee94
nodes/htz.ex42-1048908: add some iptables rules for unmanaged services
bundlewrap/pipeline/head There was a failure building this commit
2021-03-21 11:12:42 +01:00
Franzi
850d860d59
bundles/powerdns: add iptables config
2021-03-21 11:12:18 +01:00
Franzi
31ddea7649
bundles/dovecot: add iptables config
2021-03-21 11:12:03 +01:00
Franzi
5775001301
bundles/postfix: add iptables config
2021-03-21 11:11:49 +01:00
Franzi
c9f008ad82
bundles/openssh: move iptables rules to metadata reactor
bundlewrap/pipeline/head This commit looks good
2021-03-21 10:37:28 +01:00
Franzi
b943d2d465
rework iptables configuration
bundlewrap/pipeline/head This commit looks good
2021-03-21 10:30:04 +01:00
Franzi
d3ea06c3e8
nodes/htz.ex42-1048908: update matrix-media-repo to 1.2.5
bundlewrap/pipeline/head This commit looks good
2021-03-19 15:00:00 +01:00
Franzi
41dac92e1a
nodes/htz.ex42-1048908: update element-web to 1.7.23
bundlewrap/pipeline/head This commit looks good
2021-03-17 14:15:38 +01:00
Franzi
841a86aa61
dns/kunbox.net: remove duplicate entries, disable dmarc
bundlewrap/pipeline/head This commit looks good
2021-03-15 11:59:21 +01:00
Franzi
9e1685531c
nodes/home.router: add iptables rule for mail
bundlewrap/pipeline/head This commit looks good
2021-03-15 11:48:35 +01:00
Franzi
3fcd81960e
bundles/postfix: allow configuring mynetworks
bundlewrap/pipeline/head This commit looks good
2021-03-15 11:41:35 +01:00
Franzi
52cab71fec
bundles/wireguard: also allow outgoing traffic
...
How did this ever work without this rule?
2021-03-15 09:00:35 +01:00
Franzi
adb808a683
bundles/users: more colourful bash for everyone
bundlewrap/pipeline/head This commit looks good
2021-03-14 17:14:08 +01:00