Commit graph

330 commits

Author SHA1 Message Date
f71653e3ce
bundles/backup-{client,server}: introduce 2020-11-13 12:36:52 +01:00
30ee0c8bdf
bundles/mx-puppet-discord: restart service after building new version 2020-11-13 09:26:34 +01:00
e5c12f0628
bundles/nginx: create webroot directories after bundle:zfs is done 2020-11-12 22:59:46 +01:00
2274e7aa37
bundles/nfs-server: introduce
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-12 19:59:02 +01:00
f2a0f0b46a
bundles/systemd-networkd: support bond and bridge interfaces 2020-11-12 19:38:10 +01:00
633ccb97fd
bundles/zfs: rename zed -> zfs-zed 2020-11-12 19:36:28 +01:00
d01d89d432
bundles/apt: support debian 11 2020-11-12 18:40:19 +01:00
e395a42160
bundles/apt: no need to have apt-daily.timer running
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-12 15:10:59 +01:00
087f4bb74d
groups/{gce,home}: send mail via mx0.kunbox.net
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-11 13:31:01 +01:00
11701a67c8
dns: deploy MTA-STS
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-11 11:41:06 +01:00
d47c39185b
bundles/php: no need to restart php if just installing the base packages
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-11 08:37:29 +01:00
652fb72ccc
bundles/postfix: fix metadata reactor for letsencrypt 2020-11-11 08:35:36 +01:00
9dd7589f12
bundles/postfix: add submission_header_cleanup file 2020-11-10 20:34:27 +01:00
8180769120
bundles/postfix: add postmaster alias 2020-11-10 20:32:39 +01:00
f9bd2d695d
bundles/postfix: add SPAM BLOCKLISt for every non-private IP attached to the server
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 14:28:12 +01:00
aad1a742b7
bundles/icinga2: add ipv6-capable check_rbl script 2020-11-10 14:26:07 +01:00
f30aa48eca
bundles/icinga2: add sshmon private key
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 13:43:46 +01:00
a176a1aa65
bundles/icinga2: introduce, install checks, install sources.list, create postgres database
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 13:37:27 +01:00
a9c00409b4
bundles/mautrix-telegram: fix item dependency error
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 13:26:03 +01:00
6cd02dc563
bundles: move non-login users to items.py
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-10 13:24:07 +01:00
cca4fec761
bundles/users: get default user data from users.json 2020-11-10 13:12:36 +01:00
c090a9c2c2
bundles/users: move root user to metadata 2020-11-10 12:50:08 +01:00
3fbe32518a
bundles/postgresql: rename users -> roles
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 12:37:58 +01:00
d087cea869
bundles/gitea: add monitoring 2020-11-10 11:32:59 +01:00
985f47ca99
bundles/miniflux: add monitoring 2020-11-10 11:28:40 +01:00
8cb997133a
bundles/nginx: add monitoring
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 10:57:04 +01:00
65a8efc97f
bundles/zfs: fix monitoring metadata
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 10:35:01 +01:00
f80896fa3b
bundles/postfix: add monitoring 2020-11-10 10:21:37 +01:00
420cea15d2
bundles/apt: add monitoring for unattended upgrades 2020-11-10 09:50:20 +01:00
6ca0d863b1
bundles/sudo: use sudoers.d
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 20:39:35 +01:00
c7362df6c4
bundles/sshmon: import from work repository 2020-11-09 20:31:06 +01:00
eaf268aea9
libs/tools: change resolve_identifier() to return ipv4 and ipv6 separately
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 18:46:37 +01:00
67386d9efa
bundles/cron: provide some environment, also manage /etc/crontab
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 18:24:01 +01:00
a58c5877bf
bundles/gce-workaround: uninstall gce-disk-expand, too
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 16:48:28 +01:00
4921e0b74f
bundles/systemd-networkd: use correct syntax for resolv.conf 2020-11-09 16:47:56 +01:00
6f87a1d240
bundles/systemd-networkd: also deploy resolv.conf 2020-11-09 16:38:59 +01:00
394424951f
bundles/systemd-networkd: fix naming of GatewayOnlink 2020-11-09 16:38:35 +01:00
78047da04a
bundles/postgresql: only install packages after we have a zfs dataset 2020-11-09 16:37:00 +01:00
5bd642236c
bundles/postfix: only call newaliases if we already have postfix installed 2020-11-09 16:36:26 +01:00
607da9d39b
bundles/powerdns: user resolve_identifier() for node-dns-entries 2020-11-09 15:37:48 +01:00
91fd33cfa0
bundles/systemd-networkd: better dhcp support 2020-11-09 14:58:09 +01:00
5e7c7671e0
bundles/systemd-networkd: proper config 2020-11-09 14:48:19 +01:00
fbb4e2f7a5
systemd-networkd: first draft 2020-11-09 14:08:32 +01:00
c3c510c609
bundles/mautrix-telegram: disable parallel file transfers for now 2020-11-09 13:17:38 +01:00
af97226512
nodes/htz.ex42-1048908: update mautrix-telegram to 0.9.2-rc2
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 12:16:06 +01:00
06e30cf23c
bundles/mautrix-telegram: also upgrade pip when upgrading bridge 2020-11-09 12:15:37 +01:00
90e3bb7fb2
bundles/mautrix-telegram: no need to provide our own alembic.ini 2020-11-09 12:12:04 +01:00
c0986eb956
bundles/mautrix-telegram: fix database migration
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 12:09:17 +01:00
614b920890
bundles/mautrix-telegram: pin version until database migration is fixed
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 11:27:34 +01:00
3ff5d8a7dd
bundles/postfix: add alias database
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 10:52:24 +01:00
64cffad6a7
bundles/rspamd: silence clamav cronjob 2020-11-08 15:03:26 +01:00
0eca42d188
bundles/dovecot: fix home directory for virtual mailboxes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-08 13:00:44 +01:00
b4b988e5f2
bundles/postfix: disable TLS1.0 and 1.1, disable weak ciphers
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-08 12:24:37 +01:00
f85349f0c5
bundles/postfixadmin: fix apt packages
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-08 11:53:51 +01:00
15428b03be
bundles/rspamd: introduce, add to htz.ex42-1048908
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-08 10:43:51 +01:00
a236444fe5
bundles/dovecot: make sure to reload dovecot after letsencrypt 2020-11-08 10:42:08 +01:00
b00b2aa245
bundles/dovecot: autoexpunge Junk folder
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-07 22:46:15 +01:00
7080b0d89e
bundles/rspamd: create dummy bundle 2020-11-07 22:32:08 +01:00
18b573a9c6
bundles/dovecot: introduce 2020-11-07 22:31:47 +01:00
f42dda5961
bundles/postfixadmin: introduce 2020-11-07 22:31:29 +01:00
5550d2cc56
bundles/postfix: introduce 2020-11-07 22:31:18 +01:00
88afba9ce9
bundles/mx-puppet-discord: add RestartSec= to systemd unit file 2020-11-07 09:40:22 +01:00
7ab121e7e5
bundles/mautrix-telegram: install bridge from git repository 2020-11-07 09:39:57 +01:00
d7f578742b
bundles/mx-puppet-discord: put bridge repo into subdirectory
this avoids recreating config and registration on every update, which in turn
avoids restarting synapse
2020-11-07 09:08:10 +01:00
c481fc1327
nodes/htz.ex42-1048908: add php
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-07 09:06:11 +01:00
f8bc4b2ad9
bundles/php: introduce 2020-10-31 13:00:38 +01:00
e2d8923dee
bundles/nginx: use metadata reactor to determine index files 2020-10-31 10:41:48 +01:00
f1f7086aab
bundles/postgresql: make sure we have postgres_role before adding postgres_db 2020-10-31 10:30:48 +01:00
67c5c23194
bundles/nginx: support non-domain vhost names 2020-10-31 10:30:07 +01:00
113221a9b2
bundles/nginx: make sure we have dhparam.pem 2020-10-31 10:18:40 +01:00
9cc5c07466
bundles/letsencrypt: do not try to do authorizations without a webserver 2020-10-31 10:11:58 +01:00
76fe68a3d1
bundles/zfs: fix dependencies, auto-load zfs module if not loaded 2020-10-31 10:11:15 +01:00
8eeaabf615
bundles/nginx: use http 308 for https redirect
All checks were successful
bundlewrap/pipeline/head This commit looks good
basically "go away. nothing's here. use https forever."
2020-10-30 15:24:24 +01:00
50372572f4
bundles/zfs: improvements 2020-10-25 16:41:18 +01:00
3077d74318
bundles/users: alias s='sudo -i' 2020-10-25 13:21:04 +01:00
351d779f20
bundles/users: add metadata entry for bash aliases 2020-10-25 13:19:46 +01:00
2a992773f3
bundles/users: fish shell is gone everywhere 2020-10-25 13:17:26 +01:00
831545d8b1
introduce node.metadata['hostname'] to other bundles, update nodefiles to reflect changes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-25 11:14:46 +01:00
b70f9c9c9d
bundles/powerdns: make sure every dns server is able to resolve every other dns server 2020-10-25 10:58:11 +01:00
a33d8e4201
bundles/powerdns: decrease RETRY time 2020-10-25 10:57:26 +01:00
29f488c082
bundles/powerdns: put ip addresses of secondary nameservers into allow-axfer-ips
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-10-25 10:56:55 +01:00
152bb56fdd
bundles/powerdns: remove superslave setting
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
debian currently does ship an older version, in which this
setting is enabled by default.
2020-10-25 10:55:17 +01:00
7a3e3ad68f
bundles/powerdns: we don't need the node names of primary nameservers 2020-10-25 10:53:55 +01:00
43bd6b4774
bundles/powerdns: only enable webserver and api on primary nameservers 2020-10-25 10:52:51 +01:00
78c553faf9
bundles/nodejs: update to 14.x
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-24 17:20:50 +02:00
a0702416a0
bundles/radicale: introduce
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-23 15:22:35 +02:00
d76f69ab49
bundles/apt: more output for upgrade-and-reboot
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-23 06:26:19 +02:00
2bc659af5f
bundles/users: add some bash aliases
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-23 06:06:59 +02:00
6398e668e1
bundles/apt: use DEBIAN_FRONTEND=noninteractive everywhere in upgrade-and-reboot
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-23 04:33:01 +02:00
07dcb813f3
bundles/raspberrypi: add options for camera and gpu_mem
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-18 19:51:52 +02:00
48cc865892
bundles/nginx: make sure webroot directory exists
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-18 18:55:00 +02:00
5c31cdccdd
bundles/kodi: fix path
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-18 16:53:19 +02:00
4271c92d70
bundles/gitea: fix chmod
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-18 16:18:12 +02:00
e32ad2eb19
formatting
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-18 15:51:45 +02:00
ececab44b4
bundles/miniflux: introduce 2020-10-18 15:49:32 +02:00
366374b4e5
bundles/apt: handle unattended-upgrades ourselves 2020-10-18 15:33:41 +02:00
kunsi
5635571f97 Merge pull request 'PowerDNS instead of bind9' (#2) from kunsi-feature-powerdns-instead-of-bind into main
All checks were successful
bundlewrap/pipeline/head This commit looks good
Reviewed-on: https://git.kunsmann.eu/kunsi/bundlewrap/pulls/2
2020-10-17 11:12:35 +00:00
ae7c3220e0
bundles/powerdns: fix NS records in zonefile header
Some checks are pending
bundlewrap/pipeline/head Build queued...
2020-10-17 13:04:28 +02:00
4d6b867bb3
bundles/powerdns: add metadata reactor for automatic node-dns-generation
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-17 12:57:35 +02:00
793220c0ec
bundles/powerdns: auto-generate zonefile header based on dns server nodes 2020-10-17 12:57:07 +02:00