Commit graph

1182 commits

Author SHA1 Message Date
c0ebd25ffc
bundles/systemd: systemd-timesyncd gets started automatically 2022-03-13 15:14:40 +01:00
212ba72b30
bundles/nftables: workaround does not work for debian buster 2022-03-13 14:13:59 +01:00
aa3ce32a7c
bundles/systemd: systemd-timesyncd package requires debian bullseye 2022-03-13 14:12:05 +01:00
c71d827691
bundles/icinga2: add some missing config 2022-03-13 14:07:28 +01:00
690c0b7050
bundles/nftables: restart on failure 2022-03-13 14:07:08 +01:00
a9d4cc73c1
bundles/systemd: ensure we have systemd-timesyncd installed and running 2022-03-13 14:06:40 +01:00
28b235514a
bundles/zfs: fix compatibility to older zfs versions
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 12:58:07 +01:00
8397739634
bundles/backup-server: fix bug in retaining
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 09:24:45 +01:00
008940d75f
bundles/users: add journalctl bash alias 2022-03-13 09:21:10 +01:00
cd1a33ccbb
bundles/zfs: refactor zfs-auto-snapshot
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 09:18:14 +01:00
dab6065b89
bundles/vmhost: svc_systemd:virtlogd gets triggered by socket, too
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 08:42:51 +01:00
65efdc2e2c
bundles/pacman: disable pam_faillock 2022-03-13 08:42:48 +01:00
a4fb9a15b5
bundles/backup-server: increase timeout for monitoring checks 2022-03-13 08:42:44 +01:00
f56703df2e
bundles/dovecot: filter X-Spam-Status, not X-Spam-Flag
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
The latter is YES even if the overall score is very low because of
IP allowlisting.
2022-03-12 10:24:06 +01:00
759a711dc5
bundles/rspamd: remove from_name from dmarc reporting config
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-12 10:08:04 +01:00
6a9da7efa5
bundles/arch-with-gui: add workaround for broken bw test
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-12 09:03:45 +01:00
72cf616114
bundles/zfs: use zfs-import-scan instead of zfs-import-cache
Last night, rx300 rebooted. After a reboot, the disks were detected
in another order (but still, all were detected!), so the cachefile did
no longer match, leading to breaking the import.

Running `zpool import` manually worked, because that will ignore the
cachefile. So, why do we depend on the cache file on boot up? The added
reliability of zfs-import-scan beats the speed of zfs-import-cache in
any way.
2022-03-12 09:03:42 +01:00
42a66751e1
bundles/vmhost: don't try to start libvirtd on every apply 2022-03-12 09:03:38 +01:00
4a03a9f89c
bundles/icinga2: fix directory permissions for /etc/icingaweb2 2022-03-12 09:03:35 +01:00
d7b47d2560
bundles/jenkins: jenkins.war has moved 2022-03-12 09:03:32 +01:00
403b67ee48
bundles/vmhost: install pkg_pacman:edk2-ovmf 2022-03-12 09:03:28 +01:00
757f1cb3cd
bundles/vmhost: prepare for arch linux
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-11 13:58:38 +01:00
93351340d0
move thermald package back to fkusei-locutus
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-10 21:09:26 +01:00
15ae3b7a0b
move some configuration from nodes to bundle:arch-with-gui
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-10 21:00:45 +01:00
e181be3fc6
bundles/wireguard: better dependency management 2022-03-10 21:00:42 +01:00
64448af027
add node fkusei-locutus
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-09 13:07:55 +01:00
0082d3e014
bundles/zfs: ensure some targets are started on arch linux 2022-03-09 13:05:57 +01:00
c7e5002f17
bundles/wireguard: support arch linux and other netmasks than /31 2022-03-09 13:05:01 +01:00
05a2e501ce
bundles/bird: support arch linux 2022-03-09 13:04:34 +01:00
c023c144c3
bundles/arch-with-gui: install firefox 2022-03-09 13:03:56 +01:00
f969b05468
bundles/arch-with-gui: i3pystatus requires python-virtualenv 2022-03-09 13:02:35 +01:00
b351703953
bundles/c3voc-addons: implement addidional_update_commands
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-06 12:57:48 +01:00
a693e90aa3
bundles/nodejs: auto-upgrade npm
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-06 12:50:04 +01:00
50ea6a92a5
bundles/apt: introduce additional_update_commands for updating other stuff 2022-03-06 12:49:46 +01:00
56bafd73be
bundles/nginx: refine fastcgi config
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-05 18:55:51 +01:00
ca861a78fb
bundles/grafana: do not auto-refresh dashboards
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-05 13:49:17 +01:00
8ed4aa3751
bundles/pacman: don't extract systemd-homed pam module
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-05 13:45:28 +01:00
14e7fff081
bundles/grafana: improve config 2022-03-05 13:45:16 +01:00
65ba43525f
bundles/icinga2: introduce new notification period 'daytime' 2022-03-05 08:29:10 +01:00
98cd2df8ff
bundles/nginx: add certificate name to icinga check
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-02 07:19:15 +01:00
be3dd6662e
kunsi-p14s: more packages
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-02 07:12:38 +01:00
0ba3df7385
bundles/zfs: unmount backup-snapshots recursively
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-01 06:32:23 +01:00
931d566736
bundles/backup-server: fix stupid in check_backup_for_node
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-28 21:09:04 +01:00
e909144544
bw/bundles/postgresql: do not auto-detect postgresql version from debian version
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-27 12:51:53 +01:00
e1f7c691c3
bundles/nfs-server: fix trailing whitespace
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-20 19:45:40 +01:00
83fb1a5e11
bundles/nfs-client: decrease timeout, set some default mount options
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-20 19:44:05 +01:00
dcb563b31e
bundles/systemd-networkd: remove BindCarrier
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-20 12:36:21 +01:00
88891b44be
bundles/nfs-server: ensure nfs runs on managed ports, fix firewall rules
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-20 08:24:38 +01:00
6267b4c33d
bundles/nfs-server: fix package name
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 20:09:53 +01:00
0a4da160fd
bundles/matrix-media-repo: add RestartSec 2022-02-19 20:02:08 +01:00
945e349d61
bundles/jenkins-ci: add systemd unit file
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 18:53:49 +01:00
bd45def053
bundles/{lldpd,nfs-server}: fix dependencies
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 17:49:53 +01:00
18674a1a4a
bundles/icinga2: always print status line in check_usv_snmp
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 17:44:46 +01:00
07d5a8cdae
bundles/systemd-networkd: add BindCarrier to bonds
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 11:29:29 +01:00
7e58e9c667
bundles/icinga2: simplify template
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 09:23:00 +01:00
8434eacd94
bundles/{lldp,nfs-server,smartd}: move package dependencies to metadata 2022-02-18 22:37:07 +01:00
Sophie Schiller
a01c28da21 various bundles: fix dependencies
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 22:18:44 +01:00
14fed8bc6e
bundles/zfs: move scrub to systemd-timer
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 21:10:50 +01:00
19dee89039
rx300: pin version of mx-puppet-discord for now
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 19:02:57 +01:00
94eff087a0
bundles/users: remove PROMPT_COMMAND from bashrc 2022-02-18 17:03:54 +01:00
468a0b0023
bundles/icinga2: remove unused code in hosts_template
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 16:25:59 +01:00
d35770c122
bundles/icinga2: rework config generation - use one file per host instead of one per bundle
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 12:25:34 +01:00
1f6520ac02
bundles/sshmon: ignore prereleases and drafts 2022-02-17 18:08:02 +01:00
22759ca52a
bundles/postfix: enable smtps
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-15 18:21:12 +01:00
83d58791bb
bundles/postgresql: set recordsize=8K for zfs
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 22:05:09 +01:00
e51ad5993a
bundles/users: ensure we have kitty terminfo
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 20:45:57 +01:00
6944da6769
fix syntaxerrors
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 07:56:51 +01:00
33d2d5beff
bundles/pacman: fix unattended-upgrades 2022-02-14 07:54:44 +01:00
1ee0b38133
bundles/telegraf: properly support arch linux
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 07:11:14 +01:00
e45237d70e
bundles/icinga2: do not check scam blocklists
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-13 09:51:03 +01:00
3c4700eb6d
bundles/openhab: clean up old backups before doing new ones 2022-02-13 09:48:37 +01:00
60c31d2d11
bundles/pacman: add opt-in unattended-upgrades
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-13 09:43:52 +01:00
14b402cdf3
bundles/backup-server: fix TypeError in check_backup_for_node 2022-02-13 09:42:59 +01:00
e4c317f677
add bundle:systemd-boot
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-13 09:24:11 +01:00
3c763820ed
bundles/pacman: ensure we have man 2022-02-13 09:23:30 +01:00
77e152f8ce
bundles/pacman: enable paccache.timer to clean up old package versions 2022-02-13 08:55:26 +01:00
5d7872042b
bundles/backup-server: add metadata backup-client/one_backup_every_hours 2022-02-12 19:04:15 +01:00
9a8e7abef4
kunsi-p14s: do backups 2022-02-12 18:56:54 +01:00
5be2610a86
bundles/systemd-networkd: don't manage resolv.conf if using resolved 2022-02-12 18:54:56 +01:00
03d1ada220
bundles/zfs: explicitely set mountpoint for all datasets 2022-02-12 18:09:40 +01:00
32b732e509
bundles/arch-with-gui: add some backup paths 2022-02-12 18:08:04 +01:00
c073599f6f
add kunsi-p14s, add bundle:arch-with-gui
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-12 14:06:53 +01:00
87bf6fac68
bundles/zfs: use systemd-timers for zfs snapshots
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-02-12 11:29:26 +01:00
c1bb43286d
bundles/zfs: support arch linux 2022-02-12 11:24:50 +01:00
961a2891a0
bundles/systemd-networkd: fix systemd-resolved not getting started 2022-02-12 11:24:19 +01:00
40485ced8a
bundles/systemd-timers: add support for multiple commands in timer 2022-02-07 07:01:19 +01:00
bc4f6e507a
bundles/c3voc-addons: fix .provides()
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-02-06 15:31:28 +01:00
6d1a24b034
bundles/gitea: use github releases instead of dl.gitea.io (which is slow) 2022-02-06 15:25:33 +01:00
a627437fce
bundles/systemd-timers: fix shebang in check
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-06 13:42:08 +01:00
0674b3f8db
bundles/netbox: move housekeeping to systemd timers 2022-02-06 13:40:33 +01:00
0599c4dae0
add bundle:systemd-timers 2022-02-06 13:39:52 +01:00
d51d7316d0
bundles/backup-client: remove duplicate space
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-05 15:39:55 +01:00
12af28cb13
bundles/pretalx: specifying a revision is now mandatory 2022-02-05 11:42:18 +01:00
0d865c93d4
bundles/cron: use MAILTO=, rework metadata syntax 2022-02-05 11:41:41 +01:00
4cfbdb32d6
bundles/apt: check for "reboot required" in icinga check only
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
This avoids the need to manually adjust the status file after a reboot of
the server.
2022-01-30 11:43:14 +01:00
11969b6064
bundles/travelynx: changing the imprint does not require restarting the worker process
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-29 09:24:23 +01:00
8a24af27ee
bundles/openhab: backup-client/pre-hooks must not be a list
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-24 07:29:36 +01:00
b14f5aea58
bundles/openhab: also include /usr/share/openhab/addons in backups
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-24 07:28:26 +01:00
031d647864
bundles/openhab: do full backup in backup-pre-hooks
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-24 07:26:34 +01:00
0ccb983b28
bundles/apt: fix metadata key mess (unattended-upgrades vs unattended_upgrades)
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-23 05:47:42 +01:00
b21c8f6dbb
bundles/pacman: fix SyntaxError
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-13 16:04:37 +01:00
0dd9b061b9
bundles/scansnap: fix backup metadata 2022-01-13 15:54:49 +01:00
5b2e5fc838
bundles/backup-server: do not alert for one missing day of backups
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-09 08:26:08 +01:00
5df546754f
bundles/pacman: fix install_gui package definition 2022-01-09 08:23:59 +01:00
40a9ac4523
bundles/sshmon: add check if OOM killer was active
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-07 18:07:33 +01:00
14e4415e5f
bundles/backup-client: rework backup generation
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-07 08:29:34 +01:00
b20e729298
bundles/backup-server: add option to disable "last backup" check 2022-01-05 22:57:30 +01:00
c535ce24a4
bundles/backup-client: show timezone in backup check 2022-01-05 22:57:26 +01:00
35104cb8ce
bundles/backup-client: add check for last backup of specific client
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-05 22:44:55 +01:00
b5f93ceb48
bundles/zfs: fix typo
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-05 10:03:54 +01:00
c9054a243a
backups: do backup rotation ourselves instead of relying on zfs-auto-snapshot 2022-01-05 09:59:09 +01:00
b6eb12ed90
bundles/zfs: add option to disable snapshots for dataset tree 2022-01-05 09:52:20 +01:00
a3300cde98
bundles/paperless: ensure we're doing backups of the actual data, too
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-05 07:50:22 +01:00
3e0269ba99
bundles/backup-{client,server}: use node names, only deploy users to correct backup server
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 17:15:56 +01:00
5a34d9d58c
bundles/systemd-networkd: add option to enable RA for nodes without dhcp 2022-01-04 15:47:05 +01:00
245b2219ee
bundles/backup-client: spread backups further apart 2022-01-04 15:34:53 +01:00
2c4eb03214
bundles/backup-server: auto-import pool after decrypting
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 15:24:22 +01:00
fb931df4f0
bundles/apt: add flag to disable automatic rebooting
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 15:15:19 +01:00
4c59479d5c
bundles/backup-server: add option for encrypted devices 2022-01-04 15:15:16 +01:00
d0b8ccef64
add bundle:dm-crypt 2022-01-04 15:15:13 +01:00
906b63b123
move hostname stuff to libs.tools.resolve_identifier 2022-01-04 15:15:11 +01:00
36a4ebcdd6
bundles/powerdns: also try to use node.hostname for dns generation 2022-01-04 15:15:03 +01:00
dc2b2ae86b
bundles/check-mail-received: move check source to icinga2 itself 2022-01-02 14:50:32 +01:00
59fd71ac6f
update mautrix-telegram to 0.11.0 2022-01-02 13:38:23 +01:00
390f18a3a4
hooks: test zfs metadata consistency 2021-12-29 13:23:07 +01:00
0b4f0e142f
bundles/zfs: explicitely set canmount and mountpoint if not specified
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-28 16:58:42 +01:00
803e1dc411
bundles/mautrix-whatsapp: no need for regular restarts any more 2021-12-28 16:48:43 +01:00
7cfe080e6f
bundles/sshmon: add check_pypi_for_new_release
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-25 11:40:23 +01:00
0ac0fe072d
bundles/pretalx: wait for migrations before regenerating css and rebuilding stuff
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-25 10:00:26 +01:00
44fcdc7d11
bundles/icinga: set cascade_skip=False for icinga_notification_wrapper
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 16:29:18 +01:00
Sophie Schiller
d6ec8de7c6 cleanup duplicated metadata
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 15:39:28 +01:00
6292dd4c71
bundles/infobeamer-cms: config is toml now, deploy to src/
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 15:30:25 +01:00
Sophie Schiller
b39d87f33f infobeamer-cms: set sensible start time
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 14:56:02 +01:00
cda1dc2095
bundles/infobeamer-cms: use curl -s
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 13:04:31 +01:00
7dc584d8cb
bundles/infobeamer-cms: adjust config to new version
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 12:17:14 +01:00
ba294f6a6c Merge pull request 'Add new Node and bundle for infobeamer-cms' (#49) from sschi-infobeamer-cms into main
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
Reviewed-on: #49
2021-12-24 10:57:58 +00:00
caf2ff6a30
update matrix-media-repo to 1.2.10
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 09:23:58 +01:00
0383fa0a67
bundles/{rspamd,netbox}: update redis database number 2021-12-24 09:09:28 +01:00
Sophie Schiller
678f558f4a infobeamer-cms: WHITESPACE
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
kunsi/bundlewrap/pipeline/pr-main This commit looks good
2021-12-23 19:45:24 +01:00
Sophie Schiller
18e30178a4 letsencrypt: add openssl package
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-12-23 19:39:12 +01:00
Sophie Schiller
bac2a369c4 infobeamer-cms: make usable 2021-12-23 19:39:12 +01:00
Sophie Schiller
bf125a73b1 infobeamer-cms: initial commit 2021-12-23 19:39:06 +01:00
d288923969
get redis database mapping from libs.defaults
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-23 07:39:08 +01:00
b6b5beaa27
bundles/netbox: send update notification mails 2021-12-22 11:12:34 +01:00
b8a109efb0
bundles/sshmon: rewrite check_github_for_new_release 2021-12-22 11:09:26 +01:00
38b449af35
bundles/letsencrypt: only run dehydrated after installing it
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-19 14:17:41 +01:00
de3580a7d3
bundles/letsencrypt: ensure-some-certificate shouldn't create 10-year-certs 2021-12-19 06:36:11 +01:00
04450d4b4c
bundles/sudo: disable syslog spam
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-19 06:23:05 +01:00
5261375574
bundles/pppd: add systemd-timer to automatically update dyndns 2021-12-19 06:21:04 +01:00
376dba347f
bundles/php: allow configuring of memory_limit and clear_env 2021-12-18 18:54:00 +01:00