Commit graph

930 commits

Author SHA1 Message Date
c388d5ea1e
bundles/postgresql: fix restart dependencies
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-28 09:39:08 +02:00
35e4bbf04b
bundles/postfix: remove postscreen usage
All checks were successful
bundlewrap/pipeline/head This commit looks good
postscreen isn't able to share its cache file between
instances, which leads to the server simply accepting
mails for the port on which postscreen starts up later.
Since we can't predict which port this will be, we
simply remove postscreen alltogether.

Yes, i know i could just remove postscreen for port 2525.
2021-03-28 09:00:37 +02:00
ce39850bda
bundles/postfix: fix .provides() for iptables reactor
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-28 08:56:22 +02:00
9fe4e2933d
bundles/postfix: add firewalling for port 2525
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-03-28 08:37:51 +02:00
a4b2dc29a9
bundles/miniflux: don't clean up old entries
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-28 08:04:41 +02:00
85d9b9fdac
nodes/htz-cloud.sewfile: move seafile data to zfs
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-27 14:03:33 +01:00
0ca57e8e24
nodes/htz-cloud.sewfile: also backup mysql database
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-27 13:49:23 +01:00
39c1d34bbb
bundles/sshmon: fix disk space usage limits 2021-03-27 12:07:49 +01:00
8f0f635484
bundles/basic: change load graph for cpu graph 2021-03-27 12:06:12 +01:00
568a31586f
bundles/apt: fix permissions for /etc/kernel/postinst.d/unattended-upgrades
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-27 08:31:29 +01:00
f514e200f0
bundles/mautrix-whatsapp: restart bridge daily again
All checks were successful
bundlewrap/pipeline/head This commit looks good
It seems neither WhatsApp nor WhatsApp Web are designed for 24/7
connections, thus leading to all kinds of weird side effects like
"Bridge thinks it's connected, but no messages get through at all"
or "WhatsApp is running, but the Bridge can't connect to it"
2021-03-27 08:21:41 +01:00
83db4ba886
nodes/home.nas: add firewalling for yate sip server
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-26 18:55:20 +01:00
f98720b57b
bundles/dhcpd: sort dchp leases by ip in bash alias
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-26 09:27:52 +01:00
8d7e5d3f66
nodes/htz.ex42-1048908: update matrix-media-repo to 1.2.6
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-26 09:06:35 +01:00
65490b1d20
bundles/apt: log stdout and stderr separately in upgrade-and-reboot
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-26 09:02:48 +01:00
4bd61fedde
nodes/htz.ex42-1048908: update gitea to 1.13.6
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-25 17:44:55 +01:00
27753d50c4
bundles/postfix: use threading in check_spam_blocklist
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-25 17:42:59 +01:00
fdcec012f3
bundles/postfix: add SPAM BLOCKLIST check for every non-private IP attached to the server
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-22 20:24:14 +01:00
b99176be49
bundles/kodi: add iptables rules
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-21 19:10:49 +01:00
75f5c58764
dns/franzi.business: fix matrix federation port in SRV record
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-21 18:12:27 +01:00
50438d940e
nodes/htz.ex42-1048908: update gitea to 1.13.5
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-21 17:55:43 +01:00
28dd9694af
add bundle:oidentd
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-21 17:40:58 +01:00
6a6198c9b9
bundles/wireguard: move iptables rules to metadata reactor
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-21 15:26:29 +01:00
559f743ce2
nodes/voc.pretalx: no localized strings in website_check_string
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-21 12:59:08 +01:00
691c3e7bc2
iptables: add some missing rules
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-21 12:27:03 +01:00
087bc4c669
nodes: iptables for all
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-21 11:44:52 +01:00
3bc5e55400
bundles/iptables: don't apply iptables rules if a rules file is missing 2021-03-21 11:44:27 +01:00
4b00c8b55a
bundles/unbound: do not bind to 0.0.0.0 if qemu is installed 2021-03-21 11:43:53 +01:00
5a0aa82ec9
bundles/powerdns: fix missing imports 2021-03-21 11:43:17 +01:00
62f7080db9
bundles/nfs-server: add iptables config 2021-03-21 11:24:21 +01:00
626075ee94
nodes/htz.ex42-1048908: add some iptables rules for unmanaged services
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-03-21 11:12:42 +01:00
850d860d59
bundles/powerdns: add iptables config 2021-03-21 11:12:18 +01:00
31ddea7649
bundles/dovecot: add iptables config 2021-03-21 11:12:03 +01:00
5775001301
bundles/postfix: add iptables config 2021-03-21 11:11:49 +01:00
c9f008ad82
bundles/openssh: move iptables rules to metadata reactor
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-21 10:37:28 +01:00
b943d2d465
rework iptables configuration
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-21 10:30:04 +01:00
d3ea06c3e8
nodes/htz.ex42-1048908: update matrix-media-repo to 1.2.5
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-19 15:00:00 +01:00
41dac92e1a
nodes/htz.ex42-1048908: update element-web to 1.7.23
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-17 14:15:38 +01:00
841a86aa61
dns/kunbox.net: remove duplicate entries, disable dmarc
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-15 11:59:21 +01:00
9e1685531c
nodes/home.router: add iptables rule for mail
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-15 11:48:35 +01:00
3fcd81960e
bundles/postfix: allow configuring mynetworks
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-15 11:41:35 +01:00
52cab71fec
bundles/wireguard: also allow outgoing traffic
How did this ever work without this rule?
2021-03-15 09:00:35 +01:00
adb808a683
bundles/users: more colourful bash for everyone
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-14 17:14:08 +01:00
70665abb0b
nodes/htz.ex42-1048908: allow http traffic to radicale web without authentication
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-14 17:04:00 +01:00
d596d46783
nodes/htz.ex42-1048908: update travelynx to 1.19.8 2021-03-14 17:03:34 +01:00
6f80303782
add scripts/generate-wireguard-client-certificate
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-14 14:32:49 +01:00
sophie
6ae0d31840 Merge pull request 'sophies-stuff' (#36) from sophies-stuff into main
All checks were successful
bundlewrap/pipeline/head This commit looks good
Reviewed-on: https://git.kunsmann.eu/kunsi/bundlewrap/pulls/36
2021-03-13 12:43:44 +00:00
Sophie Schiller
800a4fc956 remove trailing whitespace
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-13 13:39:59 +01:00
Sophie Schiller
c062c38971 remove trailing whitespace
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-03-13 13:38:24 +01:00
Sophie Schiller
e8e513e6d4 bw/miniserver new vhost
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-03-13 13:31:41 +01:00