Franzi
194de9ef2d
bundles/letsencrypt: fix some errors in letsencrypt-ensure-some-certificate
bundlewrap/pipeline/head This commit looks good
2021-02-20 15:48:17 +01:00
Franzi
3fa81ddc85
bundles/gitea: use canned stop action
2021-02-20 15:47:35 +01:00
Franzi
74d81eb7ba
bundles/nginx: support disabling ssl for each vhost individually
bundlewrap/pipeline/head This commit looks good
2021-02-20 14:25:27 +01:00
Franzi
228786f6aa
bundles/letsencrypt: generate a dummy certificate, if no certificate already exists
2021-02-20 13:52:40 +01:00
Franzi
014b6029c5
nodes/htz.ex42-1048908: update element-web config
bundlewrap/pipeline/head This commit looks good
2021-02-20 11:10:08 +01:00
Franzi
1ac6559b9f
bundles/postgresql: add pg_query_mon
2021-02-20 10:56:20 +01:00
Franzi
c0b8d35a47
bundles/icinga2: fix double emoji for WARNING state
bundlewrap/pipeline/head This commit looks good
2021-02-19 14:03:00 +01:00
Franzi
2bccbf9ded
bundles/icinga2: add some emoji to sent SMS, don't send output via SMS if everything is fine
bundlewrap/pipeline/head This commit looks good
2021-02-19 14:01:45 +01:00
Franzi
8ac9b2f204
bundles/matrix-synapse: add scripts/synapse-purge-unused-rooms
bundlewrap/pipeline/head This commit looks good
2021-02-19 11:56:21 +01:00
Franzi
b06532241b
bundles: use metastack syntax for metadata.get()
bundlewrap/pipeline/head This commit looks good
2021-02-18 18:12:25 +01:00
Franzi
6e9fb7044a
bundles/systemd-networkd: add "enable-resolved" flag
2021-02-18 17:56:43 +01:00
Franzi
fbf0371371
bundles/systemd: support different timezones
2021-02-18 17:56:06 +01:00
Franzi
1abc0153f5
bundles/openssh: do not add deleted users to ssh config
bundlewrap/pipeline/head There was a failure building this commit
2021-02-18 15:12:30 +01:00
Franzi
75224f0d5c
bundles/lldp: support arch linux
2021-02-18 15:10:50 +01:00
Franzi
f4a644795e
bundles/basic: support setting a different default locale
2021-02-18 14:51:33 +01:00
Franzi
32d129015e
bundles/pacman: introduce, support pkg_pacman in some other bundles
2021-02-18 14:24:57 +01:00
Franzi
9bf7f856af
bundles/users: allow setting another shell
2021-02-18 14:24:09 +01:00
Franzi
8a2bef9b77
bundles/apt: move vim to default packages
2021-02-18 14:23:43 +01:00
Franzi
03840fd152
bundles/systemd: more options in journald.conf
bundlewrap/pipeline/head This commit looks good
2021-02-18 10:29:38 +01:00
Franzi
fbb8840dff
add .editorconfig, format files correctly
bundlewrap/pipeline/head This commit looks good
2021-02-17 10:56:18 +01:00
Franzi
b42e39ed0a
get rid of check_rbl
2021-02-17 10:51:49 +01:00
Franzi
9d5d80457f
bundles/element-web: rename from riot-web, use tagged releases
bundlewrap/pipeline/head This commit looks good
2021-02-16 12:49:02 +01:00
Franzi
abb99ed58a
bundles/raspberrypi: remove isc-dhcp-client
2021-02-16 08:41:37 +01:00
Franzi
d2260b4699
bundles/wireguard: use PersistentKeepalive to work around intermittent connection issues
bundlewrap/pipeline/head This commit looks good
2021-02-15 15:16:44 +01:00
Franzi
5c1eba0d58
bundles: use a common metadata key for firewall restrictions, use repo.libs.tools.resolve_identifier()
bundlewrap/pipeline/head This commit looks good
2021-02-15 14:16:35 +01:00
Franzi
56fce7d460
bundles/wireguard: add exclude_from_monitoring option for wireguard peers
2021-02-14 21:35:37 +01:00
Franzi
65e6b8d053
bundles/backup-client: use a bash function to do backups instead of repeating the same code over and over
2021-02-13 09:18:00 +01:00
Franzi
adeb8eff88
bundles/postgresql: only do database dumps if we're actually doing backups
2021-02-13 09:04:59 +01:00
Franzi
724537558e
bundles/postgresql: do a database dump before backing up the database
bundlewrap/pipeline/head This commit looks good
2021-02-13 08:56:35 +01:00
Franzi
3d1468b214
bundles/backup-client: backup-pre-hooks should have numeric sorting
2021-02-13 08:37:49 +01:00
Franzi
7aeb46382d
bundles/zfs: move icinga2_api to metadata defaults
2021-02-13 08:37:00 +01:00
Franzi
2fbbaa1586
bundles/zfs: remove support for snapshot_only and snapshot_never (unused)
2021-02-13 08:36:10 +01:00
Franzi
b20f369ea8
bundles/backup-client: metadata backup-pre-hooks now use /bin/sh by default
2021-02-13 08:26:46 +01:00
Franzi
077eaa265c
bundles/radicale: use Fault.as_htpasswd_entry() instead of pre-encrypting passwords
2021-02-13 08:17:31 +01:00
Franzi
978285bf32
bundles/matrix-media-repo: add backup/paths metadata
2021-02-13 08:09:48 +01:00
Franzi
f52df58517
bundles: code style improvements
bundlewrap/pipeline/head This commit looks good
2021-02-12 20:45:41 +01:00
Franzi
c0353d2911
bundles/apt: add option to configure patch-hour, not only patchday
2021-02-12 18:53:25 +01:00
Franzi
767db8efdd
bundles/apt: add /etc/kernel/postinst.d/unattended-upgrades to ensure a reboot on kernel updates
bundlewrap/pipeline/head This commit looks good
2021-02-12 18:12:24 +01:00
Franzi
d4b110087f
bundles/matrix-media-repo: introduce, add to htz.ex42-1048908
bundlewrap/pipeline/head This commit looks good
2021-02-12 16:01:35 +01:00
Franzi
638e37c05f
bundles: add Requires=postgresql.service to some services which require postgresql
bundlewrap/pipeline/head This commit looks good
2021-02-12 13:28:52 +01:00
Franzi
9f8cbde7d7
bundles/transmission: always try to restart transmission
bundlewrap/pipeline/head This commit looks good
2021-02-11 09:06:20 +01:00
Franzi
a86e04683a
bundles/backup-client: fix missing space in generate-backup
bundlewrap/pipeline/head This commit looks good
2021-02-09 07:17:25 +01:00
Franzi
c25233b991
nodes: replace pkg_apt:redis with bundle:redis
bundlewrap/pipeline/head This commit looks good
2021-02-07 21:09:39 +01:00
Franzi
0d1e987a6f
bundles/backup-client: add backup-pre-hooks ( fixes #24 )
2021-02-07 20:47:22 +01:00
Franzi
a8690b13b8
bundles/rspamd: add "unless" to action:rspamd_assure_dkim_key_permissions
bundlewrap/pipeline/head This commit looks good
2021-02-06 19:10:16 +01:00
Franzi
eb431d8da8
bundles/postfix: also set alias_maps
...
bundlewrap/pipeline/head This commit looks good
fixes "warning: dict_nis_init: NIS domain name not set - NIS lookups disabled"
2021-02-06 10:24:19 +01:00
Franzi
457052d42b
bundles/gitea: downloading gitea updates needs stopping it first
2021-02-06 09:43:54 +01:00
Franzi
b6d23aaed4
bundles/sshmon: use own check_cpu_stats script
...
Old script only checked iowait, which is not enough.
2021-02-06 09:38:50 +01:00
Franzi
c185a5bacd
bundles/backup-client: do backups at 23:xx, so it won't interfere with upgrade-and-reboot
...
bundlewrap/pipeline/head This commit looks good
There were still problems with systems starting their backups late in the hour,
but backup servers did upgrade-and-reboot early it the hour. This leads to
incomplete backups, if the machine is rebooting, too.
2021-02-06 09:36:44 +01:00
Franzi
7e15f8adc3
bundles/octoprint: multi-line-output for check_octoprint_update
bundlewrap/pipeline/head This commit looks good
2021-02-02 20:20:11 +01:00
Franzi
8523754935
bundles/users: add vim-keybindings for pane navigation to tmux.conf
2021-01-31 07:59:19 +01:00
Franzi
bdc5b4de33
bundles/transmission: don't overwrite configs managed by transmission
2021-01-30 17:39:34 +01:00
Franzi
71f033b7c2
bundles/icinga2: fix dependencies for svc_systemd:icinga2
...
bundlewrap/pipeline/head This commit looks good
icinga2 runs fine without any checks, so we now only depend on the other
configuration files managed by bw. This will also fix unwanted
dependencies, because 'file:' means *all* files, not only those provided
by this bundle. In the past, it wasn't possible to skip any file,
because that would result in icinga not properly restarting.
2021-01-30 17:31:05 +01:00
Franzi
569275329c
bundles/sshmon: remove INTERNET check
...
bundlewrap/pipeline/head This commit looks good
We're using the internet to check these hosts, so if those hosts
wouldn't have an internet connection, the whole host would be
down, atleast as far as icinga can tell.
2021-01-30 11:47:55 +01:00
Franzi
161aec9314
bundles/powerdnsadmin: use tagged release
bundlewrap/pipeline/head This commit looks good
2021-01-29 18:13:16 +01:00
Franzi
f56852c27d
bundles/postfixadmin: use tagged release
2021-01-29 18:07:57 +01:00
Franzi
fa462fbd0f
bundles/sshmon: use tag_name instead of human-readable name in check_github_for_new_release
2021-01-29 18:04:35 +01:00
Franzi
b3e6063596
bundles/unbound: silence refresh-root-hints cronjob
2021-01-29 17:58:24 +01:00
Franzi
c31066fea8
bundles/mautrix-whatsapp: restart weekly to work around 24/7 connection issues
2021-01-29 17:27:33 +01:00
Franzi
fd421bf6f8
add bundle:redis, add redis support to pretalx
bundlewrap/pipeline/head This commit looks good
2021-01-29 15:58:54 +01:00
Franzi
ce76430b4d
bundles/mautrix-whatsapp: decrease log level to info
bundlewrap/pipeline/head This commit looks good
2021-01-28 15:05:04 +01:00
Franzi
4efcc73f55
bundles/mautrix-whatsapp: ensure we're not using ssl for postgres
bundlewrap/pipeline/head This commit looks good
2021-01-25 22:27:11 +01:00
Franzi
f3d8a1412c
bundles/dovecot: better ssl
bundlewrap/pipeline/head This commit looks good
2021-01-24 18:44:25 +01:00
Franzi
2aaf7cf8f8
bundles/nginx: better ssl
2021-01-24 18:44:13 +01:00
Franzi
614bdf9dec
bundles/basic: support creating additional locales
2021-01-24 07:49:49 +01:00
Franzi
d344664fa1
bundles/basic: fix format for /etc/locale.gen
bundlewrap/pipeline/head This commit looks good
2021-01-23 12:25:32 +01:00
Franzi
6b720c6c75
bundles/postgresql: only deploy packages if we have locales installed
bundlewrap/pipeline/head This commit looks good
2021-01-23 12:06:38 +01:00
Franzi
4a9463db5f
bundles/basic: ensure a proper locale is installed
2021-01-23 12:05:59 +01:00
Franzi
a160e7cf46
bundles/postgresql: improvements
...
bundlewrap/pipeline/head This commit looks good
- support other postgresql versions
- manage configs using bw
2021-01-23 11:35:03 +01:00
Franzi
c41ee0f806
bundles/apt: fix logging for upgrade-and-reboot
2021-01-23 11:32:35 +01:00
Franzi
51101fc615
bundles/sudo: fix mode for /etc/sudoers
bundlewrap/pipeline/head This commit looks good
2021-01-23 09:28:50 +01:00
Franzi
c5109fbfe3
bundles/icinga2: no need to do metadata.copy() here
bundlewrap/pipeline/head This commit looks good
2021-01-23 09:11:18 +01:00
Franzi
717159b61f
bundles/seafile: no need for sms for seafile process, we're already doing http content checks
bundlewrap/pipeline/head There was a failure building this commit
2021-01-23 09:09:30 +01:00
Franzi
63cdd470cf
bundles/c3voc-addons: support cron definition
bundlewrap/pipeline/head This commit looks good
2021-01-19 13:34:23 +01:00
Franzi
0893156723
bundles/c3voc-addons: add upgrade-and-reboot to bundle
bundlewrap/pipeline/head This commit looks good
2021-01-17 18:43:30 +01:00
Franzi
0f0ee046b1
bundles/c3voc-addons: some assertions to make sure we don't conflict with ansible
bundlewrap/pipeline/head This commit looks good
2021-01-17 10:16:23 +01:00
Franzi
1041e092b1
bundles/dhcpd: add bash alias for lease list
2021-01-17 09:12:32 +01:00
Franzi
4f62e25d5e
bundles/c3voc-addons: add nginx vhost monitoring
bundlewrap/pipeline/head This commit looks good
2021-01-17 08:07:21 +01:00
Franzi
3b90426b4d
bundles/pretalx: fix needs for systemd units
bundlewrap/pipeline/head This commit looks good
2021-01-17 08:01:15 +01:00
Franzi
2b0678063c
bundles/pretalx: new version needs to trigger regenerate_css, too
bundlewrap/pipeline/head This commit looks good
2021-01-17 07:59:57 +01:00
Franzi
b5cc8c2c57
bundles/pretalx: add to PORT_MAP.md, allocate a port
bundlewrap/pipeline/head This commit looks good
2021-01-17 07:55:08 +01:00
Franzi
35abb92daf
bundles/icinga2: do not schedule downtimes for hosts which do not do unattended-upgrades
bundlewrap/pipeline/head This commit looks good
2021-01-16 22:31:51 +01:00
Franzi
173746fe9c
bundles/sshmon: ensure sshmon user is able to log in
2021-01-16 22:31:18 +01:00
Franzi
39aabd0546
bundles/backup-server: of course, we need to ignore hosts which have exclude_from_backups set
bundlewrap/pipeline/head This commit looks good
2021-01-16 22:22:51 +01:00
Franzi
ad84f62c0d
bundles/sshmon: do not rely on bundle:users to create sshmon user
bundlewrap/pipeline/head There was a failure building this commit
2021-01-16 22:21:27 +01:00
Franzi
ec8802dd4a
bundles/backup-server: ignore all nodes which don't have bundle:backup-client
2021-01-16 22:12:49 +01:00
Franzi
9f0fc90679
bundles/pretalx: fix wrong metadata key
2021-01-16 22:12:16 +01:00
Franzi
70944d7065
bundles/pretalx: introduce
2021-01-16 22:03:38 +01:00
Franzi
0b9056bd2b
add pseudo-bundle to add configs to c3voc ansible managed hosts
2021-01-16 22:03:03 +01:00
Franzi
8fc0017378
bundles/backup-client: do backups at 00:xx, so it won't interfere with upgrade-and-reboot
bundlewrap/pipeline/head This commit looks good
2021-01-15 15:31:36 +01:00
Franzi
9854fc9dbc
bundles/hostname: also set motd
2021-01-15 15:29:49 +01:00
Franzi
db3a15310c
bundles/letsencrypt: fix concat_and_deploy comment
bundlewrap/pipeline/head This commit looks good
2021-01-10 10:48:19 +01:00
Franzi
659e35686e
bundles/iptables: removing rule files should also trigger iptables-enforce
bundlewrap/pipeline/head This commit looks good
2021-01-09 14:02:50 +01:00
Franzi
4f6b57676a
bundles/systemd-networkd: LACPTransmitRate=fast
bundlewrap/pipeline/head This commit looks good
2021-01-09 12:52:03 +01:00
Franzi
00fd1df67a
bundles/wide-dhcp6c: stop, then start, instead of restart
2021-01-09 12:51:37 +01:00
Franzi
8e54d6eb23
add monitoring for freifunk nodes
bundlewrap/pipeline/head This commit looks good
2021-01-09 11:03:23 +01:00
Franzi
19dd29e847
bundles/transmission: also allow tcp peer-port
bundlewrap/pipeline/head This commit looks good
2021-01-08 17:06:26 +01:00
Franzi
33b85ff0de
bundles/transmission: add bundle, add to home.downloadhelper
bundlewrap/pipeline/head This commit looks good
2021-01-08 17:00:08 +01:00
Franzi
dca13263e2
bundles/systemd-networkd: add option for setting static routes
2021-01-08 16:09:59 +01:00
Franzi
17510b783c
bundles/nfs-client: do start automount units. Previous comment was wrong.
bundlewrap/pipeline/head This commit looks good
2021-01-07 22:15:57 +01:00
Franzi