Commit graph

1379 commits

Author SHA1 Message Date
2095696131
bundles/mautrix-telegram: disable backfilling 2022-10-16 21:29:53 +02:00
8c77e5824a
bundles/grafana: disable metrics 2022-10-02 11:00:06 +02:00
988d7e08a0
bundles/travelynx: use carton instead of cpanm 2022-09-22 06:03:51 +02:00
edaa22dab6
bundles/infobeamer-cms: fix nginx config 2022-09-11 11:38:13 +02:00
038f19ea5e
bundles/unbound: use systemd-timers 2022-09-11 11:32:26 +02:00
d9be69d3a9
bundles/systemd-timers: don't auto-reset alerts 2022-09-11 11:26:57 +02:00
f004591e98
bundles/letsencrypt: use systemd-timers 2022-09-11 11:26:24 +02:00
944c66354b
bundles/mx-puppet-discord: github is archived, gitlab is the new hotness 2022-09-10 18:10:14 +02:00
2fd94c2a4b
bundles/hedgedoc: fix nginx config 2022-08-29 19:24:33 +02:00
aa5c7ff8b4
block access to the go /debug/pprof/ endpoint 2022-08-19 07:26:01 +02:00
84917649dd
bundles/arch-with-gui: have pytz available in i3pystatus 2022-08-14 12:47:52 +02:00
6b641890c3
bundles/grafana: replace the useless builtin of telegraf with something more useful 2022-08-07 10:16:07 +02:00
a1ce8bf91a
bundles/sudo: purge directory after package installation 2022-07-25 10:08:26 +02:00
5539957eb6
bundles/molly-guard: empty directories after package has been installed 2022-07-25 10:07:54 +02:00
86cc900d74
rx300: update gitea to 1.16.9 2022-07-17 10:30:05 +02:00
2a938d19f1
bundles/gitea: disable registration by default 2022-07-12 20:28:59 +02:00
dd5a97eced
bundles: add dependency to systemd-networkd 2022-07-10 13:32:11 +02:00
1d58955ced
bundles/zfs: increase timeout for ZFS OLD SNAPSHOTS check
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-06-05 09:30:44 +02:00
51c9506a19
move pacman/no_extract to bundle metadata defaults 2022-05-16 10:52:14 +02:00
9730a2be13
bundles/wireguard: fix permissions for wireguard netdev files 2022-05-16 10:48:26 +02:00
8cc116c0c4
bundles/zfs: respect pacman/linux-lts option 2022-04-30 12:30:32 +02:00
7fffdbab32
bundles/voc-tracker-worker: improve bundle 2022-04-27 05:40:20 +02:00
a38b66a7c5
bundles/nfs-client: minor fixes 2022-04-27 05:39:34 +02:00
74b3a513f6
bundles/pacman: make NoExtract user-configurable
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-22 15:47:47 +02:00
8145fb22e8
add bundle:voc-tracker-worker 2022-04-22 15:43:34 +02:00
fc2a69fc2c
rx300: update netbox to 3.2.1 2022-04-15 06:37:09 +02:00
Sophie Schiller
5979d8a1f9 hedgedoc: use global yarn in systemd unit
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-11 00:34:56 +02:00
ca69969dad
bundles/backup-server: disable ZFS OLD SNAPSHOTS check
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-06 18:13:23 +02:00
4390256abc
bundles/zfs: add metadata option to disable ZFS OLD SNAPSHOTS check 2022-04-06 18:13:01 +02:00
5640556ad9
bundles/zfs: run scrub for each pool separately 2022-04-03 09:48:28 +02:00
4823653214
bundles/systemd-networkd: remove usage of systemd-resolved
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
Something in the combination of arch+zfs+netctl+resolved+ipv6 leads to
hanging dns, which in turn leads to hanging everything.
2022-04-03 09:01:10 +02:00
891823376f
bundles: add missing dependency to yarn
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-03 08:38:20 +02:00
a340071ad8
bundles/oidentd: provide our own systemd unit file
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-03 08:32:07 +02:00
ddd29bef3b
bundles: install yarn globally instead of in each individual bundle 2022-04-03 08:16:35 +02:00
4ecf7ccb46
bundles/matrix-media-repo: download prebuilt executable instead of building ourselves 2022-04-03 08:05:46 +02:00
d8f8f1377f
bundles/arch-with-gui: install sipcalc and inkscape
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-30 18:28:46 +02:00
ac48462043
bundles/icinga2: icingaweb2 roles.ini needs another option
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-30 17:29:27 +02:00
7b9686977d
bundles/backup-client: do backups between 00:00 and 02:59
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-30 17:23:10 +02:00
7c49ac59f5
more packages, please
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-24 18:14:50 +01:00
2f8306a14a
bundles/pacman: fix archzfs-kernels repo name
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-23 21:04:12 +01:00
950c88aab2
bundles/pacman: install archzfs repo and archzfs-kernels repo if node has bundle:zfs
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-23 19:19:21 +01:00
489c2386de
voc.infobeamer-cms: prepare for divoc
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-20 12:35:26 +01:00
3e7e355dd6
rx300: update mautrix-whatsapp to 0.3.0 2022-03-19 07:02:54 +01:00
c983c50d21
bundles/icinga2: fix timeperiods 2022-03-19 07:02:48 +01:00
206cdfe128
bundles/systemd: fix dependencies
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 15:19:01 +01:00
7604fef734
bundles/icinga2: use ip addresses for monitoring instead of hostnames
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-13 15:15:47 +01:00
5179edb458
bundles/wireguard: fix forwarding firewall rules 2022-03-13 15:15:08 +01:00
c0ebd25ffc
bundles/systemd: systemd-timesyncd gets started automatically 2022-03-13 15:14:40 +01:00
212ba72b30
bundles/nftables: workaround does not work for debian buster 2022-03-13 14:13:59 +01:00
aa3ce32a7c
bundles/systemd: systemd-timesyncd package requires debian bullseye 2022-03-13 14:12:05 +01:00
c71d827691
bundles/icinga2: add some missing config 2022-03-13 14:07:28 +01:00
690c0b7050
bundles/nftables: restart on failure 2022-03-13 14:07:08 +01:00
a9d4cc73c1
bundles/systemd: ensure we have systemd-timesyncd installed and running 2022-03-13 14:06:40 +01:00
28b235514a
bundles/zfs: fix compatibility to older zfs versions
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 12:58:07 +01:00
8397739634
bundles/backup-server: fix bug in retaining
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 09:24:45 +01:00
008940d75f
bundles/users: add journalctl bash alias 2022-03-13 09:21:10 +01:00
cd1a33ccbb
bundles/zfs: refactor zfs-auto-snapshot
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 09:18:14 +01:00
dab6065b89
bundles/vmhost: svc_systemd:virtlogd gets triggered by socket, too
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 08:42:51 +01:00
65efdc2e2c
bundles/pacman: disable pam_faillock 2022-03-13 08:42:48 +01:00
a4fb9a15b5
bundles/backup-server: increase timeout for monitoring checks 2022-03-13 08:42:44 +01:00
f56703df2e
bundles/dovecot: filter X-Spam-Status, not X-Spam-Flag
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
The latter is YES even if the overall score is very low because of
IP allowlisting.
2022-03-12 10:24:06 +01:00
759a711dc5
bundles/rspamd: remove from_name from dmarc reporting config
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-12 10:08:04 +01:00
6a9da7efa5
bundles/arch-with-gui: add workaround for broken bw test
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-12 09:03:45 +01:00
72cf616114
bundles/zfs: use zfs-import-scan instead of zfs-import-cache
Last night, rx300 rebooted. After a reboot, the disks were detected
in another order (but still, all were detected!), so the cachefile did
no longer match, leading to breaking the import.

Running `zpool import` manually worked, because that will ignore the
cachefile. So, why do we depend on the cache file on boot up? The added
reliability of zfs-import-scan beats the speed of zfs-import-cache in
any way.
2022-03-12 09:03:42 +01:00
42a66751e1
bundles/vmhost: don't try to start libvirtd on every apply 2022-03-12 09:03:38 +01:00
4a03a9f89c
bundles/icinga2: fix directory permissions for /etc/icingaweb2 2022-03-12 09:03:35 +01:00
d7b47d2560
bundles/jenkins: jenkins.war has moved 2022-03-12 09:03:32 +01:00
403b67ee48
bundles/vmhost: install pkg_pacman:edk2-ovmf 2022-03-12 09:03:28 +01:00
757f1cb3cd
bundles/vmhost: prepare for arch linux
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-11 13:58:38 +01:00
93351340d0
move thermald package back to fkusei-locutus
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-10 21:09:26 +01:00
15ae3b7a0b
move some configuration from nodes to bundle:arch-with-gui
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-10 21:00:45 +01:00
e181be3fc6
bundles/wireguard: better dependency management 2022-03-10 21:00:42 +01:00
64448af027
add node fkusei-locutus
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-09 13:07:55 +01:00
0082d3e014
bundles/zfs: ensure some targets are started on arch linux 2022-03-09 13:05:57 +01:00
c7e5002f17
bundles/wireguard: support arch linux and other netmasks than /31 2022-03-09 13:05:01 +01:00
05a2e501ce
bundles/bird: support arch linux 2022-03-09 13:04:34 +01:00
c023c144c3
bundles/arch-with-gui: install firefox 2022-03-09 13:03:56 +01:00
f969b05468
bundles/arch-with-gui: i3pystatus requires python-virtualenv 2022-03-09 13:02:35 +01:00
b351703953
bundles/c3voc-addons: implement addidional_update_commands
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-06 12:57:48 +01:00
a693e90aa3
bundles/nodejs: auto-upgrade npm
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-06 12:50:04 +01:00
50ea6a92a5
bundles/apt: introduce additional_update_commands for updating other stuff 2022-03-06 12:49:46 +01:00
56bafd73be
bundles/nginx: refine fastcgi config
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-05 18:55:51 +01:00
ca861a78fb
bundles/grafana: do not auto-refresh dashboards
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-05 13:49:17 +01:00
8ed4aa3751
bundles/pacman: don't extract systemd-homed pam module
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-05 13:45:28 +01:00
14e7fff081
bundles/grafana: improve config 2022-03-05 13:45:16 +01:00
65ba43525f
bundles/icinga2: introduce new notification period 'daytime' 2022-03-05 08:29:10 +01:00
98cd2df8ff
bundles/nginx: add certificate name to icinga check
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-02 07:19:15 +01:00
be3dd6662e
kunsi-p14s: more packages
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-02 07:12:38 +01:00
0ba3df7385
bundles/zfs: unmount backup-snapshots recursively
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-01 06:32:23 +01:00
931d566736
bundles/backup-server: fix stupid in check_backup_for_node
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-28 21:09:04 +01:00
e909144544
bw/bundles/postgresql: do not auto-detect postgresql version from debian version
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-27 12:51:53 +01:00
e1f7c691c3
bundles/nfs-server: fix trailing whitespace
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-20 19:45:40 +01:00
83fb1a5e11
bundles/nfs-client: decrease timeout, set some default mount options
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-20 19:44:05 +01:00
dcb563b31e
bundles/systemd-networkd: remove BindCarrier
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-20 12:36:21 +01:00
88891b44be
bundles/nfs-server: ensure nfs runs on managed ports, fix firewall rules
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-20 08:24:38 +01:00
6267b4c33d
bundles/nfs-server: fix package name
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 20:09:53 +01:00
0a4da160fd
bundles/matrix-media-repo: add RestartSec 2022-02-19 20:02:08 +01:00
945e349d61
bundles/jenkins-ci: add systemd unit file
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 18:53:49 +01:00
bd45def053
bundles/{lldpd,nfs-server}: fix dependencies
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 17:49:53 +01:00
18674a1a4a
bundles/icinga2: always print status line in check_usv_snmp
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 17:44:46 +01:00
07d5a8cdae
bundles/systemd-networkd: add BindCarrier to bonds
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 11:29:29 +01:00
7e58e9c667
bundles/icinga2: simplify template
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 09:23:00 +01:00
8434eacd94
bundles/{lldp,nfs-server,smartd}: move package dependencies to metadata 2022-02-18 22:37:07 +01:00
Sophie Schiller
a01c28da21 various bundles: fix dependencies
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 22:18:44 +01:00
14fed8bc6e
bundles/zfs: move scrub to systemd-timer
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 21:10:50 +01:00
19dee89039
rx300: pin version of mx-puppet-discord for now
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 19:02:57 +01:00
94eff087a0
bundles/users: remove PROMPT_COMMAND from bashrc 2022-02-18 17:03:54 +01:00
468a0b0023
bundles/icinga2: remove unused code in hosts_template
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 16:25:59 +01:00
d35770c122
bundles/icinga2: rework config generation - use one file per host instead of one per bundle
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 12:25:34 +01:00
1f6520ac02
bundles/sshmon: ignore prereleases and drafts 2022-02-17 18:08:02 +01:00
22759ca52a
bundles/postfix: enable smtps
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-15 18:21:12 +01:00
83d58791bb
bundles/postgresql: set recordsize=8K for zfs
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 22:05:09 +01:00
e51ad5993a
bundles/users: ensure we have kitty terminfo
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 20:45:57 +01:00
6944da6769
fix syntaxerrors
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 07:56:51 +01:00
33d2d5beff
bundles/pacman: fix unattended-upgrades 2022-02-14 07:54:44 +01:00
1ee0b38133
bundles/telegraf: properly support arch linux
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 07:11:14 +01:00
e45237d70e
bundles/icinga2: do not check scam blocklists
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-13 09:51:03 +01:00
3c4700eb6d
bundles/openhab: clean up old backups before doing new ones 2022-02-13 09:48:37 +01:00
60c31d2d11
bundles/pacman: add opt-in unattended-upgrades
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-13 09:43:52 +01:00
14b402cdf3
bundles/backup-server: fix TypeError in check_backup_for_node 2022-02-13 09:42:59 +01:00
e4c317f677
add bundle:systemd-boot
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-13 09:24:11 +01:00
3c763820ed
bundles/pacman: ensure we have man 2022-02-13 09:23:30 +01:00
77e152f8ce
bundles/pacman: enable paccache.timer to clean up old package versions 2022-02-13 08:55:26 +01:00
5d7872042b
bundles/backup-server: add metadata backup-client/one_backup_every_hours 2022-02-12 19:04:15 +01:00
9a8e7abef4
kunsi-p14s: do backups 2022-02-12 18:56:54 +01:00
5be2610a86
bundles/systemd-networkd: don't manage resolv.conf if using resolved 2022-02-12 18:54:56 +01:00
03d1ada220
bundles/zfs: explicitely set mountpoint for all datasets 2022-02-12 18:09:40 +01:00
32b732e509
bundles/arch-with-gui: add some backup paths 2022-02-12 18:08:04 +01:00
c073599f6f
add kunsi-p14s, add bundle:arch-with-gui
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-12 14:06:53 +01:00
87bf6fac68
bundles/zfs: use systemd-timers for zfs snapshots
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-02-12 11:29:26 +01:00
c1bb43286d
bundles/zfs: support arch linux 2022-02-12 11:24:50 +01:00
961a2891a0
bundles/systemd-networkd: fix systemd-resolved not getting started 2022-02-12 11:24:19 +01:00
40485ced8a
bundles/systemd-timers: add support for multiple commands in timer 2022-02-07 07:01:19 +01:00
bc4f6e507a
bundles/c3voc-addons: fix .provides()
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-02-06 15:31:28 +01:00
6d1a24b034
bundles/gitea: use github releases instead of dl.gitea.io (which is slow) 2022-02-06 15:25:33 +01:00
a627437fce
bundles/systemd-timers: fix shebang in check
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-06 13:42:08 +01:00
0674b3f8db
bundles/netbox: move housekeeping to systemd timers 2022-02-06 13:40:33 +01:00
0599c4dae0
add bundle:systemd-timers 2022-02-06 13:39:52 +01:00
d51d7316d0
bundles/backup-client: remove duplicate space
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-05 15:39:55 +01:00
12af28cb13
bundles/pretalx: specifying a revision is now mandatory 2022-02-05 11:42:18 +01:00
0d865c93d4
bundles/cron: use MAILTO=, rework metadata syntax 2022-02-05 11:41:41 +01:00
4cfbdb32d6
bundles/apt: check for "reboot required" in icinga check only
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
This avoids the need to manually adjust the status file after a reboot of
the server.
2022-01-30 11:43:14 +01:00
11969b6064
bundles/travelynx: changing the imprint does not require restarting the worker process
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-29 09:24:23 +01:00
8a24af27ee
bundles/openhab: backup-client/pre-hooks must not be a list
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-24 07:29:36 +01:00
b14f5aea58
bundles/openhab: also include /usr/share/openhab/addons in backups
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-24 07:28:26 +01:00
031d647864
bundles/openhab: do full backup in backup-pre-hooks
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-24 07:26:34 +01:00
0ccb983b28
bundles/apt: fix metadata key mess (unattended-upgrades vs unattended_upgrades)
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-23 05:47:42 +01:00
b21c8f6dbb
bundles/pacman: fix SyntaxError
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-13 16:04:37 +01:00
0dd9b061b9
bundles/scansnap: fix backup metadata 2022-01-13 15:54:49 +01:00
5b2e5fc838
bundles/backup-server: do not alert for one missing day of backups
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-09 08:26:08 +01:00
5df546754f
bundles/pacman: fix install_gui package definition 2022-01-09 08:23:59 +01:00
40a9ac4523
bundles/sshmon: add check if OOM killer was active
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-07 18:07:33 +01:00
14e4415e5f
bundles/backup-client: rework backup generation
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-07 08:29:34 +01:00
b20e729298
bundles/backup-server: add option to disable "last backup" check 2022-01-05 22:57:30 +01:00
c535ce24a4
bundles/backup-client: show timezone in backup check 2022-01-05 22:57:26 +01:00
35104cb8ce
bundles/backup-client: add check for last backup of specific client
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-05 22:44:55 +01:00
b5f93ceb48
bundles/zfs: fix typo
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-05 10:03:54 +01:00
c9054a243a
backups: do backup rotation ourselves instead of relying on zfs-auto-snapshot 2022-01-05 09:59:09 +01:00
b6eb12ed90
bundles/zfs: add option to disable snapshots for dataset tree 2022-01-05 09:52:20 +01:00
a3300cde98
bundles/paperless: ensure we're doing backups of the actual data, too
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-05 07:50:22 +01:00
3e0269ba99
bundles/backup-{client,server}: use node names, only deploy users to correct backup server
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 17:15:56 +01:00
5a34d9d58c
bundles/systemd-networkd: add option to enable RA for nodes without dhcp 2022-01-04 15:47:05 +01:00
245b2219ee
bundles/backup-client: spread backups further apart 2022-01-04 15:34:53 +01:00
2c4eb03214
bundles/backup-server: auto-import pool after decrypting
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 15:24:22 +01:00
fb931df4f0
bundles/apt: add flag to disable automatic rebooting
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 15:15:19 +01:00
4c59479d5c
bundles/backup-server: add option for encrypted devices 2022-01-04 15:15:16 +01:00
d0b8ccef64
add bundle:dm-crypt 2022-01-04 15:15:13 +01:00
906b63b123
move hostname stuff to libs.tools.resolve_identifier 2022-01-04 15:15:11 +01:00
36a4ebcdd6
bundles/powerdns: also try to use node.hostname for dns generation 2022-01-04 15:15:03 +01:00
dc2b2ae86b
bundles/check-mail-received: move check source to icinga2 itself 2022-01-02 14:50:32 +01:00
59fd71ac6f
update mautrix-telegram to 0.11.0 2022-01-02 13:38:23 +01:00
390f18a3a4
hooks: test zfs metadata consistency 2021-12-29 13:23:07 +01:00
0b4f0e142f
bundles/zfs: explicitely set canmount and mountpoint if not specified
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-28 16:58:42 +01:00
803e1dc411
bundles/mautrix-whatsapp: no need for regular restarts any more 2021-12-28 16:48:43 +01:00
7cfe080e6f
bundles/sshmon: add check_pypi_for_new_release
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-25 11:40:23 +01:00
0ac0fe072d
bundles/pretalx: wait for migrations before regenerating css and rebuilding stuff
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-25 10:00:26 +01:00
44fcdc7d11
bundles/icinga: set cascade_skip=False for icinga_notification_wrapper
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 16:29:18 +01:00
Sophie Schiller
d6ec8de7c6 cleanup duplicated metadata
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 15:39:28 +01:00
6292dd4c71
bundles/infobeamer-cms: config is toml now, deploy to src/
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 15:30:25 +01:00
Sophie Schiller
b39d87f33f infobeamer-cms: set sensible start time
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 14:56:02 +01:00
cda1dc2095
bundles/infobeamer-cms: use curl -s
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 13:04:31 +01:00
7dc584d8cb
bundles/infobeamer-cms: adjust config to new version
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 12:17:14 +01:00
ba294f6a6c Merge pull request 'Add new Node and bundle for infobeamer-cms' (#49) from sschi-infobeamer-cms into main
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
Reviewed-on: #49
2021-12-24 10:57:58 +00:00
caf2ff6a30
update matrix-media-repo to 1.2.10
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 09:23:58 +01:00
0383fa0a67
bundles/{rspamd,netbox}: update redis database number 2021-12-24 09:09:28 +01:00
Sophie Schiller
678f558f4a infobeamer-cms: WHITESPACE
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
kunsi/bundlewrap/pipeline/pr-main This commit looks good
2021-12-23 19:45:24 +01:00
Sophie Schiller
18e30178a4 letsencrypt: add openssl package
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-12-23 19:39:12 +01:00
Sophie Schiller
bac2a369c4 infobeamer-cms: make usable 2021-12-23 19:39:12 +01:00
Sophie Schiller
bf125a73b1 infobeamer-cms: initial commit 2021-12-23 19:39:06 +01:00
d288923969
get redis database mapping from libs.defaults
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-23 07:39:08 +01:00
b6b5beaa27
bundles/netbox: send update notification mails 2021-12-22 11:12:34 +01:00
b8a109efb0
bundles/sshmon: rewrite check_github_for_new_release 2021-12-22 11:09:26 +01:00
38b449af35
bundles/letsencrypt: only run dehydrated after installing it
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-19 14:17:41 +01:00
de3580a7d3
bundles/letsencrypt: ensure-some-certificate shouldn't create 10-year-certs 2021-12-19 06:36:11 +01:00
04450d4b4c
bundles/sudo: disable syslog spam
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-19 06:23:05 +01:00
5261375574
bundles/pppd: add systemd-timer to automatically update dyndns 2021-12-19 06:21:04 +01:00
376dba347f
bundles/php: allow configuring of memory_limit and clear_env 2021-12-18 18:54:00 +01:00
2b06c77439
bundles/pppd: allow dynamic configuration of nftables rules
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-14 16:18:11 +01:00
0101e0c92d
bundles/nftables: store rules in dedicated files instead of nftables.conf
All checks were successful
kunsi/bundlewrap/pipeline/pr-main This commit looks good
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-14 15:27:30 +01:00
c6c5d40084
bundles/nftables: add support for restricting to "all ipv6" and "all ipv4" 2021-12-14 12:40:54 +01:00
e2efe87308
rx300: update netbox to 3.1.0 2021-12-12 08:36:18 +01:00
7eec5c42e3
bundles/icinga2: do not send sms or mail for services when sms/mail was disabled for host
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-04 20:07:36 +01:00
0531ecd217
bundles/gitea: downloading gitea does not need restarting
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
we're stopping gitea beforehand, then start it again afterwards. No need
to restart it again.
2021-12-04 20:01:35 +01:00
d44c87e8a7
move SPAM BLOCKLIST check to icinga2 itself
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
somehow, we tend to get false positives if we run that check on the
node itself.
2021-11-28 07:26:41 +01:00
74f5b25f0d
various fixes, remove some TODOs 2021-11-27 10:40:20 +01:00
a76c60f881
bundles/nftables: fix shebang 2021-11-26 18:36:16 +01:00
632a1f6e75
voc,pretalx: install plugin lower_thirds
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-11-21 09:42:02 +01:00
998b776b9f
bundles/kodi: fix .provides()
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-11-15 21:45:41 +01:00
e4e340e431
bundles/grafana: fix spanning for battery row
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:36:45 +01:00
52fbcfb43e
bundles/grafana: add some filling to battery row
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:31:15 +01:00
7969ae9ebe
bundles/grafana: fix value for battery dashboard row
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:26:23 +01:00
e17d1ab02f
add bundle:telegraf-battery-usage
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:18:42 +01:00
e10ac0e57f
bundles/matrix-{media-repo,synapse}: catch all them metrics into influxdb
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-09 18:26:52 +01:00
8f6b8632f5
bundles/{element-web,hedgedoc,powerdnsadmin}: use 'yarn install --ignore-scripts' 2021-11-09 18:10:22 +01:00
33b6700848
bundles/mautrix-whatsapp: use precompiled binary 2021-11-09 18:10:17 +01:00
Sophie Schiller
eef463afbd hedgedoc: forbid access to metrics and stats
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-09 11:58:11 +01:00
Sophie Schiller
55798ac704 hedgedoc: add telegraf config for hedgedoc metrics
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-09 11:48:03 +01:00
0398df8f3a
bundles/openhab: fix website_check_string
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-10-31 10:31:13 +01:00
0412c9042a
bundles/wireguard: fix stderr handling of wg_health_check
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-10-31 09:49:37 +01:00
f482874310
home.openhab: install and configure openhab
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-10-31 09:43:53 +01:00
2f885e7bfb
bundles/kodi: allow websocket port in firewall 2021-10-31 09:43:07 +01:00
ee86b5a121
bundles/wireguard: less spammy output for wg_health_check
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-30 19:36:20 +02:00
0a131b4248
bundles/grafana: add voltages and power usage to ipmitool
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-18 19:48:19 +02:00
8300f48541
add bundle:ipmitool, add grafana dashboard row
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-18 19:42:27 +02:00
92b2e19e44
bundles/grafana: fix line width for fans 2021-10-18 19:41:16 +02:00
3775bcb9db
bundles/telegraf: add cache directory 2021-10-18 19:34:20 +02:00
5885e4b043
bundles/users: add lsb_release and local date to status line
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-16 07:42:19 +02:00
29eef9ec59
htop: fix sorting 2021-10-16 07:38:57 +02:00
94cba4283b
bundles/pretalx: fixup cron
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-15 20:10:46 +02:00
86953e60bd
bundles/pretalx: add script to automatically set is_administrator and is_staff based on group membership
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-15 20:03:15 +02:00
095d425de1
bundles/wireguard: do not run wg_health_check during bw apply 2021-10-14 09:02:01 +02:00
9188b28b7a
bundles/wireguard: add wg_health_check
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-14 08:54:54 +02:00
61e5591628
bundles/systemd-networkd: fix bridge-in-bridge-setup on home.nas not working properly
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-11 20:46:07 +02:00
8656f99f8e
bundles/wireguard: re-add reconnect script for added resiliency
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-30 06:37:42 +02:00
30d4d989fc
add bundle:bird 2021-09-29 19:45:18 +02:00
fe44417b14
bundles/systemd-networkd: add dummy interfaces 2021-09-29 19:44:37 +02:00
996ef6e115
bundles/nftables: more sorted() 2021-09-29 19:44:13 +02:00
5f1f4fd654
bundles/wireguard: add option 'snat_to' for connections 2021-09-29 19:43:29 +02:00
902840ee7f
bundles/wireguard: use one wireguard connection per peer instead of one for all 2021-09-29 19:27:13 +02:00
2b0e3a4bf0
bundles/powerdns: use only public ips or those attached to physical interfaces to create dns records
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-25 11:08:18 +02:00
b81153e957
bundles/netbox: fix upgrade command
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-22 16:43:59 +02:00
05d69c1f12
bundles/powerdns: use named-checkzone to verify zone integrity 2021-09-22 16:42:26 +02:00
bb8910d15f
bundles/gitea: use metadata.get() 2021-09-22 16:38:27 +02:00
b21f7c856a
bundles/gitea: switch to new file type 'download' 2021-09-21 07:55:15 +02:00
ed2bb66e3e
bundles/basic: add links to icinga, grafana and nginx vhosts to login message 2021-09-16 19:33:11 +02:00
5a7d0b0afd
bundles/icinga2: don't skip everything if check_sipgate_account_balance can't get applied 2021-09-16 19:33:08 +02:00
Sophie Schiller
c9f9a27096 bundle/hedgedoc add new csp defaults
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-14 20:23:01 +02:00
Sophie Schiller
738dbd94a0 bundle/hedgedoc improve dependencies 2021-09-14 20:23:01 +02:00
Sophie Schiller
481c1c85e5 bundle/nginx set instead of HTTPS 2021-09-14 20:23:01 +02:00
Sophie Schiller
77a14a0017
bundle/hedgedoc remove quoting inconsistencies
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-11 20:24:10 +02:00
Sophie Schiller
09da9a8d92 bundle/hedgedoc improve config rendering to not produce errors with faults
Some checks are pending
kunsi/bundlewrap/pipeline/head This commit looks good
kunsi/bundlewrap/pipeline/pr-main Build started...
2021-09-11 20:07:52 +02:00
Sophie Schiller
3d3994789e bundle/hedgedoc update wbsite check
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-09-11 19:56:49 +02:00
Sophie Schiller
478a8da9f4 bundles/hedgedoc add new bundle 2021-09-11 19:47:28 +02:00
f77d6df1e5
bundles/matrix-dimension: fix dependencies
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-08 15:16:00 +02:00
05f9712b24
bundles/rspamd: change dmarc reporting sender to working address
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-08 14:43:22 +02:00
de6249c65d
dns: fix some errors 2021-09-06 16:42:14 +02:00
78fda4f9e9
bundles/rspamd: do not try to resolve faults in items.py
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-06 09:28:30 +02:00
3039a0900e
bundles/rspamd: add alias for dmarc reports 2021-09-06 09:14:18 +02:00
4ca0926546
bundles/rspamd: send dmarc reports 2021-09-06 09:11:36 +02:00
43bcd75e87
update netbox to 3.0.1
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-09-02 07:52:11 +02:00
c7fd6ee041
bundles/grafana: make rspamd row more pretty
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-08-25 15:15:09 +02:00
2940bfd3d8
bundles/rspamd: add telegraf metrics
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-08-23 22:24:59 +02:00
3f38497585
bundles/vmhost: add metadata reactor to add all admins to 'libvirt' group
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-22 07:25:46 +02:00
65462ca536
bundles/nginx: default redirect mode should be 308 2021-08-22 07:20:45 +02:00
d94df613c5
bundles/netbox: fix ADMINS
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-21 12:46:55 +02:00
c6fe9d5eb2
bundles/postfix: fix .provides() 2021-08-21 12:32:47 +02:00
b0d2503f08
add bundle:netbox 2021-08-21 12:32:40 +02:00
4cb89d699c
bundles/grafana: fix missing derivative() in dovecot row 2021-08-21 08:39:39 +02:00
12ca6f4ff7
bundles/postfix: open up SMTPS 2021-08-21 08:12:21 +02:00
3da3c00310
bundles/rspamd: changing of .map files does not need restarting 2021-08-21 07:48:02 +02:00
ea9abc5f73
bundles/grafana: add dashboard row for dovecot 2021-08-21 07:47:24 +02:00
96f1604879
bundles/dovecot: some fixes
- fix postfix/myhostname default
- ensure old_stats plugin is enabled
- ensure permissions for old_stats plugin
- ensure /etc/dovecot/ssl exists
- remove unneeded configuration files
2021-08-21 07:31:22 +02:00
8301664d9a
bundles/{grafana,influxdb2}: fix more permissions
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-20 13:33:28 +02:00
72d91767ec
bundles/influxdb: fix INFLUXDB PROCESS check 2021-08-20 13:25:40 +02:00
949e139978
bundles/telegraf: influxdata has bullseye repos now 2021-08-20 13:25:22 +02:00
f0987ccb44
bundles/unbound: automatically restart unbound if dns resolution fails for more than five minutes
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-19 20:03:24 +02:00
35938ead04
bundles/unbound: less caching of negative results 2021-08-19 20:02:27 +02:00
4167d3cb22
update to bw 4.11.2
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-17 18:10:35 +02:00
5bbd188b0b
bundles/pretalx: no sudo for rebuilding 2021-08-17 16:46:58 +02:00
d507f6794f
bundles/apt: ensure we have ncurses-term
If that's not installed, we get weird drawing issues in tmux.
2021-08-17 16:42:26 +02:00
25ea5af2db
bundles/smartd: add cronjob to schedule a monthly long test
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-08-15 16:22:34 +02:00
bd10dc578f
bundles/pppd: refactor check_dyndns_update
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
We don't care about what the DNS provider said when updating the ip
address. The only thing we care about is wether the current external ip
of the system matches the resolved ip address.
2021-08-14 08:00:43 +02:00
bb519adb2c
bundles/backup-client: more logging, fix wrong variable name 2021-08-08 07:47:07 +02:00
c14bb43993
bundles/grafana: fix derivative for wireguard last handshake time
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-07 23:32:39 +02:00
Sophie Schiller
e8d1582ed4 bw/nginx i hate whitespace
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
kunsi/bundlewrap/pipeline/pr-main This commit looks good
2021-08-07 22:01:40 +02:00
Sophie Schiller
6e3603553f bw/nginx retab everything
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
kunsi/bundlewrap/pipeline/pr-main There was a failure building this commit
2021-08-07 21:59:07 +02:00
Sophie Schiller
ab21983a4f bw/nginx add not found page and deployment of error pages
Some checks failed
kunsi/bundlewrap/pipeline/pr-main There was a failure building this commit
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-08-07 21:52:39 +02:00
d9d98116e6
bundles/grafana: increase proxy_read_timeout for /api/ds/query
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-07 20:02:57 +02:00
0a77b72cd3
update mautrix-whatsapp to 0.1.8
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-07 18:57:31 +02:00
05de574471
bundles/backup-client: sleep a bit if backup did finish non-zero to increase chances of success 2021-08-07 10:30:19 +02:00
04cee2b4c3
bundles/icinga2: fix file permissions
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-07 07:13:41 +02:00
b677eaf187
bundles/grafana: fix file permissions 2021-08-07 07:03:15 +02:00
da49a907f7
bundles/nftables: set RemainAfterExit=yes 2021-08-07 07:01:00 +02:00
8eb7cbf6fd
bundles/mautrix-whatsapp: don't restart so often 2021-08-07 07:00:27 +02:00
8fd73e09de
bundles/backup-client: retry backups
rsync just fails too often in the last couple of days. I don't want to
babysit this every morning.
2021-08-07 06:59:33 +02:00
3c105d3295
bundles/mautrix-*: repository has moved
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-06 16:25:21 +02:00
ffefb56f83
bundles/chekc-mail-received: increase sshmon timeout
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-04 16:07:13 +02:00
0f425036b2
bundles/backup-client: fix newlines
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-04 15:55:14 +02:00
91a527c35a
bundles/mautrix-telegram: change animated stickers to webm 2021-08-01 12:41:47 +02:00
b94ab9de9c
bundles/nodejs: fix type for apt repo items
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-01 08:20:06 +02:00