Commit graph

1296 commits

Author SHA1 Message Date
2fbbaa1586
bundles/zfs: remove support for snapshot_only and snapshot_never (unused) 2021-02-13 08:36:10 +01:00
b20f369ea8
bundles/backup-client: metadata backup-pre-hooks now use /bin/sh by default 2021-02-13 08:26:46 +01:00
077eaa265c
bundles/radicale: use Fault.as_htpasswd_entry() instead of pre-encrypting passwords 2021-02-13 08:17:31 +01:00
978285bf32
bundles/matrix-media-repo: add backup/paths metadata 2021-02-13 08:09:48 +01:00
f52df58517
bundles: code style improvements
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-12 20:45:41 +01:00
c0353d2911
bundles/apt: add option to configure patch-hour, not only patchday 2021-02-12 18:53:25 +01:00
767db8efdd
bundles/apt: add /etc/kernel/postinst.d/unattended-upgrades to ensure a reboot on kernel updates
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-12 18:12:24 +01:00
d4b110087f
bundles/matrix-media-repo: introduce, add to htz.ex42-1048908
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-12 16:01:35 +01:00
638e37c05f
bundles: add Requires=postgresql.service to some services which require postgresql
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-12 13:28:52 +01:00
9f8cbde7d7
bundles/transmission: always try to restart transmission
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-11 09:06:20 +01:00
a86e04683a
bundles/backup-client: fix missing space in generate-backup
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-09 07:17:25 +01:00
c25233b991
nodes: replace pkg_apt:redis with bundle:redis
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-07 21:09:39 +01:00
0d1e987a6f
bundles/backup-client: add backup-pre-hooks (fixes #24) 2021-02-07 20:47:22 +01:00
a8690b13b8
bundles/rspamd: add "unless" to action:rspamd_assure_dkim_key_permissions
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-06 19:10:16 +01:00
eb431d8da8
bundles/postfix: also set alias_maps
All checks were successful
bundlewrap/pipeline/head This commit looks good
fixes "warning: dict_nis_init: NIS domain name not set - NIS lookups disabled"
2021-02-06 10:24:19 +01:00
457052d42b
bundles/gitea: downloading gitea updates needs stopping it first 2021-02-06 09:43:54 +01:00
b6d23aaed4
bundles/sshmon: use own check_cpu_stats script
Old script only checked iowait, which is not enough.
2021-02-06 09:38:50 +01:00
c185a5bacd
bundles/backup-client: do backups at 23:xx, so it won't interfere with upgrade-and-reboot
All checks were successful
bundlewrap/pipeline/head This commit looks good
There were still problems with systems starting their backups late in the hour,
but backup servers did upgrade-and-reboot early it the hour. This leads to
incomplete backups, if the machine is rebooting, too.
2021-02-06 09:36:44 +01:00
7e15f8adc3
bundles/octoprint: multi-line-output for check_octoprint_update
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-02 20:20:11 +01:00
8523754935
bundles/users: add vim-keybindings for pane navigation to tmux.conf 2021-01-31 07:59:19 +01:00
bdc5b4de33
bundles/transmission: don't overwrite configs managed by transmission 2021-01-30 17:39:34 +01:00
71f033b7c2
bundles/icinga2: fix dependencies for svc_systemd:icinga2
All checks were successful
bundlewrap/pipeline/head This commit looks good
icinga2 runs fine without any checks, so we now only depend on the other
configuration files managed by bw. This will also fix unwanted
dependencies, because 'file:' means *all* files, not only those provided
by this bundle. In the past, it wasn't possible to skip any file,
because that would result in icinga not properly restarting.
2021-01-30 17:31:05 +01:00
569275329c
bundles/sshmon: remove INTERNET check
All checks were successful
bundlewrap/pipeline/head This commit looks good
We're using the internet to check these hosts, so if those hosts
wouldn't have an internet connection, the whole host would be
down, atleast as far as icinga can tell.
2021-01-30 11:47:55 +01:00
161aec9314
bundles/powerdnsadmin: use tagged release
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-29 18:13:16 +01:00
f56852c27d
bundles/postfixadmin: use tagged release 2021-01-29 18:07:57 +01:00
fa462fbd0f
bundles/sshmon: use tag_name instead of human-readable name in check_github_for_new_release 2021-01-29 18:04:35 +01:00
b3e6063596
bundles/unbound: silence refresh-root-hints cronjob 2021-01-29 17:58:24 +01:00
c31066fea8
bundles/mautrix-whatsapp: restart weekly to work around 24/7 connection issues 2021-01-29 17:27:33 +01:00
fd421bf6f8
add bundle:redis, add redis support to pretalx
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-29 15:58:54 +01:00
ce76430b4d
bundles/mautrix-whatsapp: decrease log level to info
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-28 15:05:04 +01:00
4efcc73f55
bundles/mautrix-whatsapp: ensure we're not using ssl for postgres
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-25 22:27:11 +01:00
f3d8a1412c
bundles/dovecot: better ssl
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-24 18:44:25 +01:00
2aaf7cf8f8
bundles/nginx: better ssl 2021-01-24 18:44:13 +01:00
614bdf9dec
bundles/basic: support creating additional locales 2021-01-24 07:49:49 +01:00
d344664fa1
bundles/basic: fix format for /etc/locale.gen
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-23 12:25:32 +01:00
6b720c6c75
bundles/postgresql: only deploy packages if we have locales installed
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-23 12:06:38 +01:00
4a9463db5f
bundles/basic: ensure a proper locale is installed 2021-01-23 12:05:59 +01:00
a160e7cf46
bundles/postgresql: improvements
All checks were successful
bundlewrap/pipeline/head This commit looks good
- support other postgresql versions
- manage configs using bw
2021-01-23 11:35:03 +01:00
c41ee0f806
bundles/apt: fix logging for upgrade-and-reboot 2021-01-23 11:32:35 +01:00
51101fc615
bundles/sudo: fix mode for /etc/sudoers
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-23 09:28:50 +01:00
c5109fbfe3
bundles/icinga2: no need to do metadata.copy() here
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-23 09:11:18 +01:00
717159b61f
bundles/seafile: no need for sms for seafile process, we're already doing http content checks
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-01-23 09:09:30 +01:00
63cdd470cf
bundles/c3voc-addons: support cron definition
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-19 13:34:23 +01:00
0893156723
bundles/c3voc-addons: add upgrade-and-reboot to bundle
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-17 18:43:30 +01:00
0f0ee046b1
bundles/c3voc-addons: some assertions to make sure we don't conflict with ansible
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-17 10:16:23 +01:00
1041e092b1
bundles/dhcpd: add bash alias for lease list 2021-01-17 09:12:32 +01:00
4f62e25d5e
bundles/c3voc-addons: add nginx vhost monitoring
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-17 08:07:21 +01:00
3b90426b4d
bundles/pretalx: fix needs for systemd units
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-17 08:01:15 +01:00
2b0678063c
bundles/pretalx: new version needs to trigger regenerate_css, too
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-17 07:59:57 +01:00
b5cc8c2c57
bundles/pretalx: add to PORT_MAP.md, allocate a port
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-17 07:55:08 +01:00
35abb92daf
bundles/icinga2: do not schedule downtimes for hosts which do not do unattended-upgrades
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-16 22:31:51 +01:00
173746fe9c
bundles/sshmon: ensure sshmon user is able to log in 2021-01-16 22:31:18 +01:00
39aabd0546
bundles/backup-server: of course, we need to ignore hosts which have exclude_from_backups set
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-16 22:22:51 +01:00
ad84f62c0d
bundles/sshmon: do not rely on bundle:users to create sshmon user
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-01-16 22:21:27 +01:00
ec8802dd4a
bundles/backup-server: ignore all nodes which don't have bundle:backup-client 2021-01-16 22:12:49 +01:00
9f0fc90679
bundles/pretalx: fix wrong metadata key 2021-01-16 22:12:16 +01:00
70944d7065
bundles/pretalx: introduce 2021-01-16 22:03:38 +01:00
0b9056bd2b
add pseudo-bundle to add configs to c3voc ansible managed hosts 2021-01-16 22:03:03 +01:00
8fc0017378
bundles/backup-client: do backups at 00:xx, so it won't interfere with upgrade-and-reboot
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-15 15:31:36 +01:00
9854fc9dbc
bundles/hostname: also set motd 2021-01-15 15:29:49 +01:00
db3a15310c
bundles/letsencrypt: fix concat_and_deploy comment
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-10 10:48:19 +01:00
659e35686e
bundles/iptables: removing rule files should also trigger iptables-enforce
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-09 14:02:50 +01:00
4f6b57676a
bundles/systemd-networkd: LACPTransmitRate=fast
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-09 12:52:03 +01:00
00fd1df67a
bundles/wide-dhcp6c: stop, then start, instead of restart 2021-01-09 12:51:37 +01:00
8e54d6eb23
add monitoring for freifunk nodes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-09 11:03:23 +01:00
19dd29e847
bundles/transmission: also allow tcp peer-port
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-08 17:06:26 +01:00
33b85ff0de
bundles/transmission: add bundle, add to home.downloadhelper
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-08 17:00:08 +01:00
dca13263e2
bundles/systemd-networkd: add option for setting static routes 2021-01-08 16:09:59 +01:00
17510b783c
bundles/nfs-client: do start automount units. Previous comment was wrong.
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-07 22:15:57 +01:00
fb42f9e667
bundles/dhcpd: catch keyerrors for nodes which do dhcp in unmanaged networks 2021-01-07 22:14:17 +01:00
2d42e5f7dd
update bw to 4.3, add .provides() to metadata reactors
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-07 18:44:38 +01:00
7f0fb7a6e2
bundles/influxdb: remove 2021-01-07 18:28:08 +01:00
Sophie Schiller
2ba4946975 update letsencrypt hashes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-06 13:18:44 +01:00
ec13a1edaa
bundles/simple-icinga-dashboard: repo is public now
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-03 09:56:51 +01:00
03d3ab6e9d
bundles/{netdata,nginx,unbound}: fix iptables rules (should also create ip6tables rules)
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-01-02 16:19:55 +01:00
e8d131b041
add simple-icinga-dashboard on status.franzi.business
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
fixes #20
2021-01-02 14:47:11 +01:00
2ebf7ec32b
bundles/mautrix-whatsapp: disable log timestamps, journal takes care of that
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-02 14:01:26 +01:00
b8bcc6c499
bundles/mautrix-whatsapp: only log to journal
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-02 13:59:47 +01:00
8752299e61
bundles/icinga2: add hostgroup for hosts which send SMS
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-02 12:58:52 +01:00
4f57a6c0e3
icinga2: more checks should send sms
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-02 12:26:37 +01:00
10fd67a0fd
bundles/systemd-networkd: fix LACP options
All checks were successful
bundlewrap/pipeline/head This commit looks good
fixes #25, hopefully
2021-01-02 11:00:10 +01:00
f329373a4a
bundles/systemd-networkd: remove settings from bond.netdev
All checks were successful
bundlewrap/pipeline/head This commit looks good
Why the fuck doesn't this work like it's written in the documentation?
2021-01-01 22:00:50 +01:00
16ea6ce0d5
bundles/systemd-networkd: disable STP on bridges 2021-01-01 21:59:21 +01:00
48fc341137
bundles/backup-client: add monitoring for backups 2021-01-01 13:59:42 +01:00
3e1d3b483e
bundles/mautrix-whatsapp: use -a for check_procs
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-31 12:31:14 +01:00
fede30c2cc
bundles/mautrix-whatsapp: introduce 2020-12-31 12:18:34 +01:00
914889da6c
bundles/vmhost: add option to exclude VM from monitoring
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-29 10:18:16 +01:00
62d7baa3ec
bundles/icinga2: admins shall receive all notifications
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-27 09:09:40 +01:00
d72c43083d
nodes/rx300: set proper lldp hostname
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-25 14:45:41 +01:00
ca7f3ed4a6
bundles/octoprint: fix typo in check_octoprint_update
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-23 12:38:44 +01:00
e40f88aa69
bundles/unbound: only start unbound after pppoe.service has been started (fixes #23)
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-23 10:50:54 +01:00
275249481f
bundles/octoprint: display version in update check, remove error states (we're monitoring this separately)
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-23 10:43:13 +01:00
d2be654206
bundles/unbound: enable prefetching 2020-12-22 09:24:10 +01:00
5e45efb7ae
bundles/unbound: better caching 2020-12-22 09:22:37 +01:00
5935aed0db
bundles/{netdata,pppd,radvd,vmhost,vnstat,wide-dhcp6c}: add monitoring
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-21 09:50:15 +01:00
0b52f8e7e6
bundles/icinga2: allow limiting permissions for api users 2020-12-20 09:33:17 +01:00
da4b139095
bundles/{radvd,wide-dhcp6c}: remove metadata key integrate-with-pppd
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-18 16:30:17 +01:00
6045debe9e
bundles/nginx: check ssl certificates
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-18 13:28:08 +01:00
5f5c3d5207
bundles/icinga2: admins shall receive more notifications
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-18 08:24:19 +01:00
958f5893e6
bundles/zfs: adjust warning period for check_zfs_old_snapshots 2020-12-18 08:23:42 +01:00
487e4d0df6
bundles/rspamd: add missing } 2020-12-18 08:21:56 +01:00
e81fcafe7a
bundles/powerdns: fix dependencies
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-12-18 06:41:24 +01:00
63d455d242
bundles/rspamd: fix dependencies 2020-12-18 06:41:05 +01:00
65db8b1625
bundles/systemd-networkd: faster miimon 2020-12-18 06:33:05 +01:00
ecb7a93073
bundles/pppd: silence restart-pppoe-if-no-public-ip 2020-12-18 06:32:18 +01:00
e33af1c845
bundles/unbound: refresh root-hint.txt once a week 2020-12-13 15:22:19 +01:00
9c6fe48859
bundles/unbound: add netdata config
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-13 15:17:19 +01:00
3eeb253e55
bundles/unbound: introduce, add to nodes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-13 14:59:44 +01:00
c5e43188ca
bundles/radvd: support not announcing a nameserver 2020-12-13 14:59:10 +01:00
057d4f0c4c
bundles/dovecot: autoexpunge Trash older than 360 days
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-13 11:55:28 +01:00
18c56cce9a
bundles/dovecot: do not auto-subscribe to junk mailbox 2020-12-13 11:54:55 +01:00
58d99eb402
bundles/systemd: configure journald
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-12 10:39:57 +01:00
cf4d0c1ca6
bundles/powerdnsadmin: ensure permissions of powerdnsadmin static directory
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-10 22:18:04 +01:00
8be6f9b78d
bundles/apt: fix date call in check_unattended_upgrades 2020-12-10 22:15:31 +01:00
be15458e1e
bundles/powerdnsadmin: fix database upgrade
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-10 22:07:26 +01:00
1d06d86205
bundles/wireguard: fix early fault resolve in metadata.py
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-10 16:39:26 +01:00
bd217f0666
bundles/pppd: automatically restart pppoe (once per hour) if no public ip address can be found
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-12-10 16:14:17 +01:00
b80c0b12fe
home.router: add c3voc vpn 2020-12-08 17:45:30 +01:00
9398649db0
bundles/seafile: add icinga checks
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-12-05 09:28:54 +01:00
febcacdfe3
icinga2: enable mails for update checks 2020-12-05 09:17:21 +01:00
67d8293201
bundles/wireguard: one icinga2 check per peer
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-30 06:43:46 +01:00
295ff72b4b
bundles/smartd: introduce, add to hosts where *we* need to keep track of disk health
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-29 12:07:27 +01:00
8456ac43c6
bundles/nfs-client: don't try to start automount units 2020-11-29 12:06:34 +01:00
1bfeead5e8
nodes/home.nas: change nfs-mount options for /storage/nas 2020-11-29 12:05:51 +01:00
a549936e09
bundles/nfs-server: ensure nfs-kernel-server is started 2020-11-28 15:48:27 +01:00
014b37082c
bundles/wireguard: send pings over vpn, if pppd reconnects 2020-11-27 03:09:37 +01:00
c1885e20b6
nodes/home.octoprint-vielschichtigkeit: fix ifnames, fix vhost 2020-11-25 21:26:21 +01:00
dc9e378908
bundles/icinga2: add icinga statusmonitor
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 18:56:04 +01:00
12ce8d8f6e
bundles/icinga2: add automatic downtime for upgrade-and-reboot
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 13:28:14 +01:00
3a56b0425c
bundles/icinga2: add default for vars.notification.mail, enable mail for check_sipgate_account_balance
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 11:44:09 +01:00
9651d740ae
bundles/icinga2: add check_sipgate_account_balance, adjust check_interval
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 11:38:53 +01:00
9cace7dace
bundles/icinga2: only include service_name in sms if it actually is a service
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 11:09:44 +01:00
54219928e4
bundles/icinga2: only add user to on-call group if they have atleast one of (email, phone) set
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 11:07:02 +01:00
8c6c691e5e
bundles/icinga2: implement SMS notifications 2020-11-22 10:34:49 +01:00
22d5ba12ee
bundles/octoprint: don't try to resolve faults in metadata.py
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 09:07:28 +01:00
15826c73b0
bundles/icinga2: send notifications
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-22 09:04:24 +01:00
d26b8ade45
remove some comments 2020-11-22 08:27:37 +01:00
4a57926577
bundles/icinga2: set some notification options for checks 2020-11-22 08:24:44 +01:00
b114ba3ff8
bundles/postgresql: fix typo
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-22 07:40:34 +01:00
d428572461
bundles/icinga2: add servicegroup for every service which has checks
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-21 23:04:15 +01:00
0bc4b5439c
bundles/icinga2: add hostgroup for every bw group
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-21 22:46:29 +01:00
12cf03e03f
bundles/icinga2: generate icinga_users from users.json
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-21 21:46:41 +01:00
c77856f97a
bundles/vmhost: add info line to QEMU VM STATUS 2020-11-21 21:01:37 +01:00
5639da4954
bundles/vmhost: add QEMU VM STATUS check
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-21 20:58:55 +01:00
325f483a26
bundles/{gitea,mautrix-telegram}: add update check
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-21 20:35:51 +01:00
4f5e462c94
bundles/octoprint: add update check 2020-11-21 20:35:29 +01:00
91f2fd839b
bundles/sshmon: add check_github_for_new_release 2020-11-21 20:03:50 +01:00
a4ca98e79e
bundles/rspamd: add monitoring
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-21 18:55:45 +01:00
e6acda1f52
bundles/powerdns: add monitoring 2020-11-21 18:55:34 +01:00
2fdeeca9c3
bundles/postgresql: add monitoring 2020-11-21 18:55:21 +01:00
2f7f35c85a
bundles/matrix*: add monitoring 2020-11-21 18:55:06 +01:00
1d450b9829
bundles/apt: fix statusfile output of unattended upgrades
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-21 18:07:01 +01:00
35025b40f6
bundles/sshmon: increase timeout for INTERNET check
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-21 16:17:16 +01:00
5aee050c5d
bundles/wireguard: add icinga check 2020-11-21 16:15:34 +01:00
58ca3fa9ae
bundles/wireguard: add netdev and network files, add iptables rules
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-21 15:38:38 +01:00
63fd31c226
bundles/icinga2: support specifying an alternative host for checks
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-21 10:58:57 +01:00
5419bf31fb
bundles: fix some icinga checks 2020-11-21 10:30:05 +01:00
11071914e0
bundles/icinga2: initial working draft 2020-11-21 10:29:36 +01:00
d3de7a27be
bundles/icinga2: add dependencies for icingaweb2 setup 2020-11-21 08:57:46 +01:00
6ad28bb375
bundles/vnstat: add graph for "yesterday" 2020-11-19 16:52:45 +01:00
fd99334a66
bundles/vnstat: improve usability of web dashboard for mobile devices
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-16 21:43:51 +01:00
6b11a7b2a8
bundles/vnstat: redirect cron output to /dev/null
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-16 17:10:14 +01:00
7d78ac9db8
bundles/vnstat: add flag to generate statistics images, add to home.router
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-16 17:07:05 +01:00
2d856a1e9a
bundles/nginx: add iptables rules
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-16 16:43:57 +01:00
88dd587fb4
bundles/vnstat: introduce, add to home.router 2020-11-16 16:33:26 +01:00
8343838dc6
bundles/nfs-client: don't touch permissions of mount directory by default
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 13:37:13 +01:00
sophie
75e199ae0d Merge pull request 'bundle/dhcpd: improvements' (#19) from kunsi-dhcpd-improvements into main
All checks were successful
bundlewrap/pipeline/head This commit looks good
Reviewed-on: https://git.kunsmann.eu/kunsi/bundlewrap/pulls/19
2020-11-15 12:34:41 +00:00
c9e5ae87a1
bundles/users: sort ssh keys
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 13:26:10 +01:00
121dfb692c
bundles/netdata: use correct metadatum name
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 13:25:15 +01:00
9df5cb1f16
bundles/dhcpd: remove hardcoded group in metadata reactor get_static_allocations()
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 13:23:24 +01:00
c597244a9d
bundles/dhcpd: adjust spacing in metadata processor for static leases
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 12:07:02 +01:00
d5bca495e0
bundles/dhcpd: remove some .get()
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 12:06:03 +01:00
ad569f073e
bundles/dhcpd: add iptables rules 2020-11-15 12:01:14 +01:00
cdef8cdb13
bundles/dhcpd: adjust indentation in dhcpd.conf 2020-11-15 12:00:58 +01:00
4f9281a4a4
bundles/dhcpd: download oui.txt
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 11:40:33 +01:00
2457d5b435
bundles/backup-client: redirect stderr to /dev/null
All checks were successful
bundlewrap/pipeline/head This commit looks good
We have monitoring to determine wether the backup succeeded or not.
No need for E-Mails, too.
2020-11-15 11:15:53 +01:00
84d1984cc1
nodes/home.nas: add users to "nas" group, add cronjobs to ensure permissions on nas dataset
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 11:12:22 +01:00
ccfa56ad5e
bundles/pppd: also wait for ppp interface to vanish before restarting
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 10:02:13 +01:00
0aafeb96cd
bundles/pppd: make sure dependent services are stopped before restarting pppoe session 2020-11-15 09:56:06 +01:00
d83dbbdd75
bundles/systemd-networkd: use some more options for bond interfaces 2020-11-15 09:39:44 +01:00
5319cd1e8b
bundles/netdata: disable health checks 2020-11-14 16:55:29 +01:00
6d58f2387f
bundles/openssh: introduce, add to all nodes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-14 14:46:59 +01:00
e56e875433
bundles/rspamd: switch to automatically-generated dkim key 2020-11-14 14:35:27 +01:00
3213e462c5
bundles/netdata: only save to ram, keep less history 2020-11-14 14:34:38 +01:00
1339564dc4
bundles/netdata: introduce, add to home.nas and home.router
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-14 14:05:28 +01:00
ff607777ce
bundles/backup-client: support using a non-standard ssh port
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-14 12:52:18 +01:00
f405dca771
bundles/pppd: add dyndns capability 2020-11-14 12:46:19 +01:00
0ca8edf656
bundles/apt: move patchday to metadata reactor, make patchday configurable 2020-11-14 12:24:55 +01:00
32b7dda61f
bundles/iptables: add newline to rules files 2020-11-14 12:24:12 +01:00
877744b0ba
bundles/pppd: send out a Router Solicitation on ifup
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-14 12:11:51 +01:00
a14580944b
bundles/{radvd,wide-dhcp6c}: improve handling of non-properly terminated ip-down scripts 2020-11-14 11:57:01 +01:00
644eb37b82
bundles/radvd: introduce, add to home.router 2020-11-14 11:47:44 +01:00
fa224a9939
bundles/wide-dhcp6c: introduce, add to home.router 2020-11-14 11:34:16 +01:00
00ba7e49d6
bundles/pppd: accept RA on ppp interface 2020-11-13 23:56:59 +01:00
Sophie Schiller
cbfc8c75ad bundles/dhcpd add defaults file and some escaping
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-13 23:30:49 +01:00
Sophie Schiller
ef211f7356 update gitignore 2020-11-13 23:30:49 +01:00
Sophie Schiller
dcf944b198 bundles/dhcpd add initial items, metadata and template 2020-11-13 23:30:49 +01:00
6ba0f6df1d
bundles/systemd: make sure we're using UTC and NTP
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-13 23:26:13 +01:00
870a5252e5
bundles/pppd: add iptables rules on ifup/ifdown 2020-11-13 23:04:43 +01:00
f65e216828
bundles/iptables: introduce, add to home.router
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-13 22:47:23 +01:00
df9863ef31
bundles/openvpn-client: add 2020-11-13 22:15:36 +01:00
e515378497
bundles/backup-server: dummy nodes never do backups
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-13 21:58:35 +01:00
3b829caaf6
bundles/pppd: introduce 2020-11-13 21:41:02 +01:00
b1860b7e01
bundles/systemd-networkd: add option to only create a .netdev file for interfaces 2020-11-13 21:40:44 +01:00
75d86f3339
bundles/systemd-networkd: support vlans 2020-11-13 16:29:17 +01:00
4213b60052
bundles/lldp: introduce, add to all nodes at home 2020-11-13 16:28:43 +01:00
b9b0a9c5ca
bundles/vmhost: install correct packages 2020-11-13 14:47:40 +01:00
df63f8c732
bundles/nginx: make sure /var/www exists 2020-11-13 13:35:02 +01:00
e91ac7e457
bundles/backup-client: fix detection of rsync errors
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-13 13:34:21 +01:00
d31910368c
icinga2: install packages and dependencies 2020-11-13 13:19:26 +01:00
6bac83def2
bundles/rspamd: fix automatic generation of dkim key
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-13 13:11:26 +01:00
cff0870e63
bundles/rspamd: refine auto-generation of dkim signing keys 2020-11-13 13:09:37 +01:00
56f1b1a6c6
bundles/rspamd: first draft for automatically-rotating dkim keys 2020-11-13 13:09:34 +01:00
f04dac11e5
Merge branch 'kunsi-icinga2' into main
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-13 13:03:16 +01:00
741f3b0032
bundles/backup-client: fix cronjob 2020-11-13 12:57:50 +01:00
0749fc75c5
bundles: add backup paths 2020-11-13 12:37:26 +01:00
f71653e3ce
bundles/backup-{client,server}: introduce 2020-11-13 12:36:52 +01:00
30ee0c8bdf
bundles/mx-puppet-discord: restart service after building new version 2020-11-13 09:26:34 +01:00
e5c12f0628
bundles/nginx: create webroot directories after bundle:zfs is done 2020-11-12 22:59:46 +01:00
2274e7aa37
bundles/nfs-server: introduce
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-12 19:59:02 +01:00
f2a0f0b46a
bundles/systemd-networkd: support bond and bridge interfaces 2020-11-12 19:38:10 +01:00
633ccb97fd
bundles/zfs: rename zed -> zfs-zed 2020-11-12 19:36:28 +01:00
d01d89d432
bundles/apt: support debian 11 2020-11-12 18:40:19 +01:00
e395a42160
bundles/apt: no need to have apt-daily.timer running
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-12 15:10:59 +01:00
087f4bb74d
groups/{gce,home}: send mail via mx0.kunbox.net
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-11 13:31:01 +01:00
11701a67c8
dns: deploy MTA-STS
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-11 11:41:06 +01:00
d47c39185b
bundles/php: no need to restart php if just installing the base packages
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-11 08:37:29 +01:00
652fb72ccc
bundles/postfix: fix metadata reactor for letsencrypt 2020-11-11 08:35:36 +01:00
9dd7589f12
bundles/postfix: add submission_header_cleanup file 2020-11-10 20:34:27 +01:00
8180769120
bundles/postfix: add postmaster alias 2020-11-10 20:32:39 +01:00
f9bd2d695d
bundles/postfix: add SPAM BLOCKLISt for every non-private IP attached to the server
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 14:28:12 +01:00
aad1a742b7
bundles/icinga2: add ipv6-capable check_rbl script 2020-11-10 14:26:07 +01:00
f30aa48eca
bundles/icinga2: add sshmon private key
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 13:43:46 +01:00
a176a1aa65
bundles/icinga2: introduce, install checks, install sources.list, create postgres database
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 13:37:27 +01:00
a9c00409b4
bundles/mautrix-telegram: fix item dependency error
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 13:26:03 +01:00
6cd02dc563
bundles: move non-login users to items.py
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-10 13:24:07 +01:00
cca4fec761
bundles/users: get default user data from users.json 2020-11-10 13:12:36 +01:00
c090a9c2c2
bundles/users: move root user to metadata 2020-11-10 12:50:08 +01:00
3fbe32518a
bundles/postgresql: rename users -> roles
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 12:37:58 +01:00
d087cea869
bundles/gitea: add monitoring 2020-11-10 11:32:59 +01:00
985f47ca99
bundles/miniflux: add monitoring 2020-11-10 11:28:40 +01:00
8cb997133a
bundles/nginx: add monitoring
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 10:57:04 +01:00
65a8efc97f
bundles/zfs: fix monitoring metadata
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 10:35:01 +01:00
f80896fa3b
bundles/postfix: add monitoring 2020-11-10 10:21:37 +01:00
420cea15d2
bundles/apt: add monitoring for unattended upgrades 2020-11-10 09:50:20 +01:00
6ca0d863b1
bundles/sudo: use sudoers.d
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 20:39:35 +01:00
c7362df6c4
bundles/sshmon: import from work repository 2020-11-09 20:31:06 +01:00
eaf268aea9
libs/tools: change resolve_identifier() to return ipv4 and ipv6 separately
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 18:46:37 +01:00
67386d9efa
bundles/cron: provide some environment, also manage /etc/crontab
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 18:24:01 +01:00
a58c5877bf
bundles/gce-workaround: uninstall gce-disk-expand, too
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 16:48:28 +01:00
4921e0b74f
bundles/systemd-networkd: use correct syntax for resolv.conf 2020-11-09 16:47:56 +01:00
6f87a1d240
bundles/systemd-networkd: also deploy resolv.conf 2020-11-09 16:38:59 +01:00
394424951f
bundles/systemd-networkd: fix naming of GatewayOnlink 2020-11-09 16:38:35 +01:00
78047da04a
bundles/postgresql: only install packages after we have a zfs dataset 2020-11-09 16:37:00 +01:00
5bd642236c
bundles/postfix: only call newaliases if we already have postfix installed 2020-11-09 16:36:26 +01:00
607da9d39b
bundles/powerdns: user resolve_identifier() for node-dns-entries 2020-11-09 15:37:48 +01:00
91fd33cfa0
bundles/systemd-networkd: better dhcp support 2020-11-09 14:58:09 +01:00
5e7c7671e0
bundles/systemd-networkd: proper config 2020-11-09 14:48:19 +01:00
fbb4e2f7a5
systemd-networkd: first draft 2020-11-09 14:08:32 +01:00
c3c510c609
bundles/mautrix-telegram: disable parallel file transfers for now 2020-11-09 13:17:38 +01:00
af97226512
nodes/htz.ex42-1048908: update mautrix-telegram to 0.9.2-rc2
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 12:16:06 +01:00
06e30cf23c
bundles/mautrix-telegram: also upgrade pip when upgrading bridge 2020-11-09 12:15:37 +01:00
90e3bb7fb2
bundles/mautrix-telegram: no need to provide our own alembic.ini 2020-11-09 12:12:04 +01:00
c0986eb956
bundles/mautrix-telegram: fix database migration
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 12:09:17 +01:00
614b920890
bundles/mautrix-telegram: pin version until database migration is fixed
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 11:27:34 +01:00
3ff5d8a7dd
bundles/postfix: add alias database
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 10:52:24 +01:00
64cffad6a7
bundles/rspamd: silence clamav cronjob 2020-11-08 15:03:26 +01:00
0eca42d188
bundles/dovecot: fix home directory for virtual mailboxes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-08 13:00:44 +01:00
b4b988e5f2
bundles/postfix: disable TLS1.0 and 1.1, disable weak ciphers
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-08 12:24:37 +01:00
f85349f0c5
bundles/postfixadmin: fix apt packages
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-08 11:53:51 +01:00
15428b03be
bundles/rspamd: introduce, add to htz.ex42-1048908
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-08 10:43:51 +01:00
a236444fe5
bundles/dovecot: make sure to reload dovecot after letsencrypt 2020-11-08 10:42:08 +01:00
b00b2aa245
bundles/dovecot: autoexpunge Junk folder
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-07 22:46:15 +01:00
7080b0d89e
bundles/rspamd: create dummy bundle 2020-11-07 22:32:08 +01:00
18b573a9c6
bundles/dovecot: introduce 2020-11-07 22:31:47 +01:00
f42dda5961
bundles/postfixadmin: introduce 2020-11-07 22:31:29 +01:00
5550d2cc56
bundles/postfix: introduce 2020-11-07 22:31:18 +01:00
88afba9ce9
bundles/mx-puppet-discord: add RestartSec= to systemd unit file 2020-11-07 09:40:22 +01:00
7ab121e7e5
bundles/mautrix-telegram: install bridge from git repository 2020-11-07 09:39:57 +01:00
d7f578742b
bundles/mx-puppet-discord: put bridge repo into subdirectory
this avoids recreating config and registration on every update, which in turn
avoids restarting synapse
2020-11-07 09:08:10 +01:00
c481fc1327
nodes/htz.ex42-1048908: add php
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-07 09:06:11 +01:00
f8bc4b2ad9
bundles/php: introduce 2020-10-31 13:00:38 +01:00
e2d8923dee
bundles/nginx: use metadata reactor to determine index files 2020-10-31 10:41:48 +01:00
f1f7086aab
bundles/postgresql: make sure we have postgres_role before adding postgres_db 2020-10-31 10:30:48 +01:00
67c5c23194
bundles/nginx: support non-domain vhost names 2020-10-31 10:30:07 +01:00
113221a9b2
bundles/nginx: make sure we have dhparam.pem 2020-10-31 10:18:40 +01:00
9cc5c07466
bundles/letsencrypt: do not try to do authorizations without a webserver 2020-10-31 10:11:58 +01:00
76fe68a3d1
bundles/zfs: fix dependencies, auto-load zfs module if not loaded 2020-10-31 10:11:15 +01:00
8eeaabf615
bundles/nginx: use http 308 for https redirect
All checks were successful
bundlewrap/pipeline/head This commit looks good
basically "go away. nothing's here. use https forever."
2020-10-30 15:24:24 +01:00
50372572f4
bundles/zfs: improvements 2020-10-25 16:41:18 +01:00
3077d74318
bundles/users: alias s='sudo -i' 2020-10-25 13:21:04 +01:00
351d779f20
bundles/users: add metadata entry for bash aliases 2020-10-25 13:19:46 +01:00
2a992773f3
bundles/users: fish shell is gone everywhere 2020-10-25 13:17:26 +01:00
831545d8b1
introduce node.metadata['hostname'] to other bundles, update nodefiles to reflect changes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-25 11:14:46 +01:00
b70f9c9c9d
bundles/powerdns: make sure every dns server is able to resolve every other dns server 2020-10-25 10:58:11 +01:00
a33d8e4201
bundles/powerdns: decrease RETRY time 2020-10-25 10:57:26 +01:00
29f488c082
bundles/powerdns: put ip addresses of secondary nameservers into allow-axfer-ips
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-10-25 10:56:55 +01:00
152bb56fdd
bundles/powerdns: remove superslave setting
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
debian currently does ship an older version, in which this
setting is enabled by default.
2020-10-25 10:55:17 +01:00
7a3e3ad68f
bundles/powerdns: we don't need the node names of primary nameservers 2020-10-25 10:53:55 +01:00
43bd6b4774
bundles/powerdns: only enable webserver and api on primary nameservers 2020-10-25 10:52:51 +01:00
78c553faf9
bundles/nodejs: update to 14.x
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-24 17:20:50 +02:00
a0702416a0
bundles/radicale: introduce
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-23 15:22:35 +02:00
d76f69ab49
bundles/apt: more output for upgrade-and-reboot
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-23 06:26:19 +02:00
2bc659af5f
bundles/users: add some bash aliases
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-23 06:06:59 +02:00
6398e668e1
bundles/apt: use DEBIAN_FRONTEND=noninteractive everywhere in upgrade-and-reboot
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-23 04:33:01 +02:00
07dcb813f3
bundles/raspberrypi: add options for camera and gpu_mem
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-18 19:51:52 +02:00
48cc865892
bundles/nginx: make sure webroot directory exists
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-18 18:55:00 +02:00
5c31cdccdd
bundles/kodi: fix path
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-18 16:53:19 +02:00
4271c92d70
bundles/gitea: fix chmod
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-18 16:18:12 +02:00
e32ad2eb19
formatting
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-18 15:51:45 +02:00
ececab44b4
bundles/miniflux: introduce 2020-10-18 15:49:32 +02:00
366374b4e5
bundles/apt: handle unattended-upgrades ourselves 2020-10-18 15:33:41 +02:00
kunsi
5635571f97 Merge pull request 'PowerDNS instead of bind9' (#2) from kunsi-feature-powerdns-instead-of-bind into main
All checks were successful
bundlewrap/pipeline/head This commit looks good
Reviewed-on: https://git.kunsmann.eu/kunsi/bundlewrap/pulls/2
2020-10-17 11:12:35 +00:00
ae7c3220e0
bundles/powerdns: fix NS records in zonefile header
Some checks are pending
bundlewrap/pipeline/head Build queued...
2020-10-17 13:04:28 +02:00
4d6b867bb3
bundles/powerdns: add metadata reactor for automatic node-dns-generation
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-17 12:57:35 +02:00
793220c0ec
bundles/powerdns: auto-generate zonefile header based on dns server nodes 2020-10-17 12:57:07 +02:00
51e6d0534e
bundles/powerdns: fix Faults
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-17 10:50:21 +02:00
ca1646d394
bundles/powerdns: add support for zone transfers
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-10-16 23:02:47 +02:00
31cc74951b
bundles/powerdns: only reload pdns on zone changes, don't restart
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-10-16 20:40:05 +02:00
7c1c0f5e80
bundles/powerdns: increase default TTL to 1 day 2020-10-16 20:16:34 +02:00
0a115d2372
EOL bundles/bind 2020-10-16 20:12:47 +02:00
155c93f739
bundles/powerdns: fix schema import for pgsql 2020-10-16 20:10:55 +02:00
9bba18d13e
bundles/powerdnsadmin: introduce 2020-10-16 20:10:34 +02:00
0533e4087a
bundles/postgresql: install dev packages
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-16 19:24:40 +02:00
d442ab399e
bundles/powerdns: support pgsql 2020-10-16 19:24:12 +02:00
2c1a825b7d
bundles/apt: make sure we have python3-dev 2020-10-16 19:14:15 +02:00
8acc0a7bb1
bundles/apt: make sure we have build-essential and git 2020-10-16 19:12:26 +02:00
a553e736d1
bundles/powerdns: fix dependencies 2020-10-16 17:59:46 +02:00
df852e8ef9
bundles/powerdns: more config, add bind backend
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-16 17:44:31 +02:00
fa67bd13f4
bundles/powerdns: minimal pdns.conf
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-16 13:19:44 +02:00
d029af554c
bundles/travelynx: make sure to restart worker service, too
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-16 13:03:52 +02:00
c5c0c923d1
home.kodi-wohnzimmer: switch to debian-multimedia repository to have kodi 18
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-15 19:34:22 +02:00
a08f483ac5
bundles/powerdns: introduce
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-13 19:06:22 +02:00
591d3fb947
bundles/nfs-client: fix installation of automount units
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-10 17:25:39 +02:00
6a8768fb2f
bundles/nfs-client: introduce 2020-10-10 16:37:33 +02:00
Sophie Schiller
3170e75bbe update kodi to unstable 2020-10-09 18:12:56 +02:00
a955a7b84d
bundles/raspberrypi: do not set empty default for config.txt 2020-10-09 17:46:36 +02:00
c953d138ee
bundles/kodi: fix dependencies for alsa 2020-10-09 17:46:07 +02:00
5e8489a74c
bundles/kodi: add missing dependencies 2020-10-03 18:36:48 +02:00
c2bcd1f0d9
bundles/apt: add raspbian to supported OSes 2020-10-03 18:36:29 +02:00
2387b196b2
bundles/kodi: use alsa instead of pulseaudio
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-03 17:00:13 +02:00
018bdd1d00
bundles/kodi: also install addon repository
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-03 15:54:03 +02:00
9b8c5450ec
bundles/raspberrypi: make sure dphys-swapfile is uninstalled 2020-10-03 15:10:28 +02:00
60cfe90a1d
bundles/raspberrypi: force maximum cpu frequency 2020-10-03 13:52:34 +02:00
32fd2f7a7b
bundles/kodi: introduce 2020-10-03 13:36:12 +02:00
fc44a9cd69
bundles/raspberrypi: enable audio, force hdmi mode 2020-10-03 13:35:44 +02:00
675f8beea9
bundles/raspberrypi: improvements 2020-09-27 17:18:05 +02:00
c2c9913514
allow setting hostname in metadata 2020-09-27 16:46:54 +02:00
5d1e71e83e
bundles/raspberrypi: introduce 2020-09-27 16:46:26 +02:00
0784b85fbb
bundles/mx-puppet-discord: create registration.yaml using bw
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-09-26 15:34:12 +02:00
bf7e982fdb
bundles/bind: change zonefile header
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-09-26 15:20:37 +02:00
4b41a00ac4
bundles/matrix-synapse: don't remove conf.d directory
We're taking care of that by deploying a override.conf instead
2020-09-26 15:20:08 +02:00
a67353e24f
Merge branch 'pending-new-bw-release' into main 2020-09-26 15:18:29 +02:00
c8adfcabf1
bundles/octoprint: add octoprint to dialout group 2020-09-26 15:16:09 +02:00
91c4846129
bundles/mjpg-streamer: introduce
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-09-22 19:59:36 +02:00
176a41e2f3
bundles/octoprint: add octoprint to gpio group
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-09-22 19:16:38 +02:00
d02538368a
bundles/octoprint: add systemd-wrapper script
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-09-22 18:52:11 +02:00
7ea85247e0
bundles/nginx: proxy is a dict now, add some more configuration options
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-09-22 18:39:38 +02:00
d1672a9a45
bundles/octoprint: restart octoprint after changing unit file
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-09-22 18:11:42 +02:00
eee9b00f10
bundles/systemd: fix daemon-reload command 2020-09-22 18:11:09 +02:00
44a6e8292a
bundles/bind: add node-dns-auto-generator 2020-09-20 18:56:53 +02:00
151d8e92c3
bundles/nginx: do not set X-Forwarded-Proto if https is disabled, do not use http2 without ssl 2020-09-20 15:46:39 +02:00
84a78f5fec
bundles/octoprint: allow 'sudo /usr/bin/vcgencmd' 2020-09-20 15:12:18 +02:00
577c3c7c49
bundles/sudo: change metadata key to 'sudo_commands' 2020-09-20 15:11:52 +02:00
04c632953d
bundles/octoprint: introduce 2020-09-20 15:05:17 +02:00
d6799088c4
bundles/nginx: add metadata option to disable https 2020-09-20 14:36:43 +02:00
bb0b6f2079
shuffle some ports around
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-09-20 13:16:08 +02:00
3242d97cfa
bundles/mautrix-telegram: use pkg_pip 2020-09-20 10:30:13 +02:00
eede422e9a
shuffle some ports around 2020-09-20 10:29:19 +02:00
d1bbb5a855
bundles/travelynx: restart service when changing imprint
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-09-12 17:08:18 +02:00
dd082d45e9
bundles/matrix-synapse: set suppress_key_server_warning if using matrix.org as trusted key server
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-09-12 13:22:16 +02:00
6adc4a675f
bundles/mautrix-telegram: reload systemd when changing service file
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-09-12 13:03:15 +02:00
2361466c84
bundles/mautrix-telegram: handle registration.yaml ourselves
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-09-12 12:59:34 +02:00
f6ecaf3c29
bundles/mautrix-telegram: also deploy alembic.ini, make sure alembic ini gets called if alembic scripts dir does not exist
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-09-12 12:09:20 +02:00
cf2920f284
bundles/mautrix-telegram: introduce 2020-09-06 12:15:37 +02:00
180802a669
bundles/apt: make sure we do have pip3 and virtualenv 2020-09-06 12:04:56 +02:00
1744596296
bundles/matrix-synapse: deploy override.conf to make sure synapse doesn't try to load config from there
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-09-05 20:06:35 +02:00
a443272e02
bundles/gitea: make sure to restart gitea after downloading binary 2020-09-04 21:06:13 +02:00
e35f41c6dc
bundles/letsencrypt: change cronjob times
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-30 21:26:33 +02:00
27d6c1880a
bundles/influxdb: introduce
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-30 12:07:06 +02:00
ccd4a09183
bundles/apt: allow variables {os} and {os_release} in sources.list entries 2020-08-30 12:06:19 +02:00
77051c0a0e
bundles/nginx: clean up unmanaged nginx vhosts 2020-08-30 11:36:48 +02:00
626355178a
bundles/apt: make sure popularity-contest is uninstalled 2020-08-30 11:14:31 +02:00
f22b30e4fa
bundles/cron: purge unwanted data from /etc/cron.d 2020-08-30 11:14:10 +02:00
c8ae22da8a
I HATE GOOGLE (v3)
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-30 10:44:13 +02:00
b24253a64b
bundles/nginx: determine worker processes by cpu count by default 2020-08-30 10:32:29 +02:00
049b77e702
bundles/postgresql: use zfs if possible
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-29 21:30:12 +02:00
4934eb46fb
bundles/zfs: import bundle from work repository 2020-08-29 21:10:59 +02:00
b690ae25b0
bundles/apt: use node.os and node.os_version to determine settings 2020-08-29 21:10:22 +02:00
007a617785
bundles/users: rework 2020-08-29 19:21:35 +02:00
0de62a0afa
bundles/postgresql: add apt packages, create root user
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-21 16:21:46 +02:00
b4122bf3f9
travelynx: add imprint
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-21 15:06:04 +02:00
4a81c05f6d
I HATE GOOGLE (v2)
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-21 14:41:34 +02:00
0d8332ec7e
bundles/gitea: auto-configure nginx vhost
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-20 15:49:11 +02:00
1fb5787807
htz.ex42-1048908: can haz gitea?
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-20 15:34:27 +02:00
55d6257243
bundles/users: only remove ssh key if we're managing configs 2020-08-20 15:34:05 +02:00
21343f6213
get rid of cloud-init
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-20 11:07:18 +02:00
ad620396f5
bundles/apt: rework gpg key handling 2020-08-20 10:59:45 +02:00
54371cf289
I HATE GOOGLE
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-20 10:01:34 +02:00
4974494ee0
bundles/travelynx: make version configurable via metadata
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-20 09:44:01 +02:00
b7f377816f
htz.ex42-1048908: fix travelynx static files
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-19 22:01:54 +02:00
15dbc4307f
bundles/travelynx: use worker service instead of cronjob
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-19 21:53:19 +02:00
8547948ce6
bundles/nginx: also set host header for proxy connections 2020-08-19 21:43:37 +02:00
15eda05074
bundles/travelynx: hard-code displayed version
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-19 20:09:21 +02:00
71b604c5af
bundles/travelynx: use github mirror
All checks were successful
bundlewrap/pipeline/head This commit looks good
git.finalrewind.org seems slow sometimes, which breaks our CI pipeline
2020-08-19 19:06:59 +02:00
277c259e05
bundles/travelynx: hard-code displayed version
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-08-19 18:52:20 +02:00
9f4f19cdc5
bundles/travelynx: make sure config changes are reflected in production 2020-08-19 18:51:27 +02:00
5797d790aa
bundles/travelynx: add cron 2020-08-19 18:48:05 +02:00
0dd2a4b985
htz.ex42-1048908: can haz travelynx?
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-08-19 18:43:32 +02:00
20f3f566ac
bundles/mx-puppet-discord: fix postgres database 2020-08-19 18:39:07 +02:00
0ebcf9762e
add gce workaround
All checks were successful
bundlewrap/pipeline/head This commit looks good
those daemons keep messing with our settings, get rid of them
2020-08-18 15:51:24 +02:00
11468cd1e7
bundles/apt: more default packages 2020-08-18 15:46:42 +02:00
7d911ce835
bundles/matrix-synapse: remove conf.d, fix server name
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-08-18 15:34:20 +02:00
5e2fea8497
update to bw4 2020-08-18 15:31:52 +02:00
d7862918a6
bundles/nginx: set default X-Frame-Options to SAMEORIGIN
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-18 15:07:43 +02:00
17828a29f8
bundles/nginx: fix hsts header
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-14 08:23:41 +02:00
7986f6ee7d
bundles/letsencrypt: remove ocsp stapling
All checks were successful
bundlewrap/pipeline/head This commit looks good
This causes problems with weechat and dovecot. Those certificates
are short-lived, so not having OCSP stapling is probably fine.
2020-07-26 18:48:37 +02:00
f7eb0cc150
bundles/{letsencrypt,nginx}: fix ocsp stapling
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-07-19 12:10:19 +02:00
de632a7725
htz.ex42-1048908: add missing domains
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-07-19 11:26:12 +02:00
94c2c644a6
bundles/nginx: support PHP 7.3 2020-07-19 11:09:53 +02:00
0743283763
bundles/letsencrypt: use sorted() in domains.txt 2020-07-19 10:59:19 +02:00
31a1a88d13
bundles/nginx: use DEFAULTS for letsencrypt 2020-07-19 10:58:54 +02:00
950897324c
bundles/mx-puppet-discord: add dependency on chown 2020-07-05 16:59:30 +02:00
f47c9ea0a0
htz-cloud: keep cloud-init
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-06-08 10:12:48 +02:00
2e92f9851a
bundles/apt: auto reboot after upgrade if needed 2020-06-08 10:08:16 +02:00
507e28bc24
bundles/apt: remove cloud-init if found on node 2020-06-06 10:26:05 +02:00
9d9e33977a
bundles/bind: add
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-06-05 17:50:45 +02:00
d1236d6e25
bundles/nginx: add stub_status
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-06-01 13:35:54 +02:00
5f804ca3be
bundles/letsencrypt: add metadata to reload certificates and services
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-06-01 12:33:25 +02:00
2a6547dfb7
bundles/cron: add 2020-06-01 11:54:28 +02:00
85b3adf671
add proxy feature to nginx 2020-06-01 11:31:13 +02:00
3523edbcb4
bundles/nginx: ensure we're doing letsencrypt, since we're enforcing ssl 2020-06-01 11:17:52 +02:00
54467af6f5
bundles/jenkins-ci: fix metaproc name 2020-06-01 11:14:04 +02:00
943a7c1566
nodes/htz.ex42-1048908: move postgres roles and databases to bundles
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-06-01 11:09:40 +02:00
36c8b90c4b
bundles/nginx: switch to TLS 1.2 and 1.3 only
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-06-01 11:01:00 +02:00
871341dd4b
bundles/riot-web: add nginx metadata
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-06-01 10:53:19 +02:00
c4330f866b
bundles/nginx: add deployment of vhost configs 2020-06-01 10:52:52 +02:00
dc9e8dc679
add letsencrypt bundle 2020-06-01 10:26:37 +02:00
d136e90a3d
bundles/apt: no need to do minimal steps when doing unattended-upgrade
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-05-29 20:06:33 +02:00
6d9e62e653
bundles/apt: fix typo 2020-05-29 19:58:21 +02:00
86d88a4355
fix apt unattended-upgrades 2020-05-23 17:01:30 +02:00
bd48c45553
bundles/users: edit tmux.conf 2020-05-23 11:36:03 +02:00
7a04c7182e
bundles/users: fix typo
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-05-16 10:32:44 +02:00
4e72b41971
bundles/mx-puppet-discord: config tweaks
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-05-16 10:06:40 +02:00
dddb387e58
display login name in tmux status bar
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-05-09 15:36:32 +02:00
34703b6eba
add bundle jenkins-ci 2020-05-09 13:14:49 +02:00
3765189450
bundles/voc-loudness-monitor: remove sloop 2020-05-09 11:35:40 +02:00
7b3d3567de
bundles/voc-loudness-monitor: use h264 instead 2020-05-09 10:23:50 +02:00
fa50f8b248
bundles/seafile: fix mode of /opt/seafile 2020-04-13 09:59:02 +02:00
f701110654
bundles/users: fix deletion of unneded home directories 2020-04-13 09:57:33 +02:00
004422c060
bundles/seafile: initial commit
seafile installation itself is not managed
2020-04-13 09:53:10 +02:00
ffb962b108
bundles/nginx: add nginx config 2020-04-13 09:52:26 +02:00
411d22d404
bundles/users: add vim 2020-04-11 12:26:02 +02:00
2990216a8b
bundles/users: add fish_variables 2020-04-11 12:06:57 +02:00
4c79fdf997
bundles/voc-loudness-monitor: add s23 and s89 2020-04-11 11:29:04 +02:00
f1a693d0d6
bundles: only install apt packages via apt bundle to avoid double defining packages 2020-04-11 11:25:24 +02:00
8a26def21c
add matrix-synapse bundle 2020-04-05 11:38:31 +02:00
29eeffbdc3
bundles/mx-puppet-discord: restart bridge if config or registration changed 2020-04-04 18:33:05 +02:00
78bae4f77b
bundles/postgresql: fix database creation 2020-04-04 18:28:38 +02:00
1dfa5c457c
bundles/mx-puppet-discord: specify path to registration file in systemd unit 2020-04-04 18:28:15 +02:00
081fafc64e
bundles/mx-puppet-discord: add systemd unit file 2020-04-04 18:21:40 +02:00
629c38230c
bundles/users: add option to change home directory mode 2020-04-04 18:15:08 +02:00
a8a3bcdb83
bundles/mx-puppet-discord: remove registration.yaml before generating new one 2020-04-04 18:10:37 +02:00
5910d825c0
bundles/mx-puppet-discord: set default listen-addr to IPv4 2020-04-04 18:07:27 +02:00
4c5a88f734
add bundle for mx-puppet-discord 2020-04-04 18:01:58 +02:00
1856f4749c
bundles/users: add option to not automatically deploy configs 2020-04-04 17:54:26 +02:00
4da792f522
bundles/postgresql: add bundle 2020-04-04 17:53:59 +02:00
234604cd0c
bundles/sudo: add secure_path to sudoers file 2020-04-04 16:53:25 +02:00
f3dc5c8325
bundles/nodejs: move to own bundle 2020-04-04 16:31:50 +02:00
a1e05108c1
bundles/apt: change origins to sites 2020-04-04 11:21:30 +02:00
0750610ccc
bundles/users: fix user-specific tmux config 2020-03-28 13:32:39 +01:00
719d41a557
bundles/users: add readme 2020-03-28 13:12:45 +01:00
0b51c9dae4
bundles/users: deploy standard tmux config to /etc/tmux.conf instead of ~/.tmux.conf 2020-03-28 13:03:35 +01:00
eddb8ca70a
bundles/users: add option for custom tmux/bash/fish configs 2020-03-28 12:56:45 +01:00
810c2cfcf8
bundles/users: also deploy tmux config 2020-03-28 12:40:37 +01:00
d7ca23d57e
bundles/apt: autoclean unused packages 2020-03-28 12:36:40 +01:00
32bdcae23f
bundles/hostname: add node name to hosts file 2020-03-28 09:47:43 +00:00
841b49cd18
bundles/users: also deploy shell config 2020-03-27 13:33:37 +00:00
6656a0864f
bundles/{systemd,hostname}: add hostname control 2020-03-27 12:46:10 +00:00
067b498bf2
bundles/sudo: add bundle 2020-03-27 11:52:17 +00:00
9a956e832a
bundles/voc-loudness-monitor: no need to start the loudness units on every run 2020-03-27 11:50:50 +00:00
7406ed7522
bundles/apt: fix additional origins for unattended-users 2020-03-27 11:30:11 +00:00
a3c0e6a08e
bundles/users: regular users don't need a password 2020-03-27 11:28:44 +00:00
8e681e4c39
bundles/voc-loudness-monitor: sources need ffmpeg installed 2020-03-21 11:42:33 +00:00
e351c508f2
bundles/systemd: add daemon-reload action 2020-03-21 11:31:56 +00:00
8abfe74c2b
bundles/voc-loudness-monitor: inital commit of sources units 2020-03-21 11:31:27 +00:00
9556e423bd
bundles/nginx: initial commit 2020-03-14 09:56:19 +00:00
b4808d54e9
bundles/riot-web: add metadata to write config.json 2020-03-14 09:38:12 +00:00
589965b58b
bundles/apt: fix unattended-upgrades 2020-03-14 09:37:31 +00:00
d0ba89a1f3
default shell is bash, not fish
... sadly :(
2020-02-29 14:47:41 +00:00
a27fd619a2
add riot-web bundle 2020-02-29 14:42:54 +00:00
ad7b164533
add apt bundle 2020-02-29 14:42:29 +00:00
e5539d508b
bundles/users: remove authorized_keys if not set by bundle 2020-02-29 13:09:14 +00:00
a47bdcfb39
fixup groups 2020-02-29 12:38:27 +00:00
ebf7f7ada9
add users bundle 2020-02-29 12:30:21 +00:00
3934414140
initial version of vmhost bundle 2020-02-29 12:30:06 +00:00