Franzi
68865895e5
bundles/grafana: set decimals=0 for fan speed info
2021-06-19 14:18:30 +02:00
Franzi
8d331b0086
bundles/nginx: always use first of month for security.txt expiry
bundlewrap/pipeline/head This commit looks good
2021-06-19 08:49:10 +02:00
Franzi
fc5e163fb9
bundles/miniflux: use health check endpoint
bundlewrap/pipeline/head This commit looks good
2021-06-12 10:11:17 +02:00
Franzi
05670ac2bb
bundles/icinga2: less code for icinga statusmonitor
bundlewrap/pipeline/head This commit looks good
2021-06-11 16:49:12 +02:00
Franzi
455d4d7551
bundles/sshmon: fix occasional KeyErrors in check_cpu_stats
bundlewrap/pipeline/head This commit looks good
2021-06-06 17:59:58 +02:00
Franzi
94dba9139b
bundles/mosquitto: rewrite tasmota-telegraf-plugin using paho-mqtt library
bundlewrap/pipeline/head This commit looks good
2021-06-06 15:17:34 +02:00
Franzi
fa4fe51155
bundles/backup-client: do logging
bundlewrap/pipeline/head This commit looks good
2021-06-06 08:05:41 +02:00
Franzi
82d2e5b416
bundles/grafana: hide empty/zero values in lm-sensors dashboard row
bundlewrap/pipeline/head This commit looks good
2021-06-05 21:39:48 +02:00
Franzi
840d8228ed
bundles/grafana: fix line width for lm-sensors dashboard row
bundlewrap/pipeline/head This commit looks good
2021-06-05 15:58:00 +02:00
Franzi
db83b1614b
bundles/nginx: add anonymous timing logging for http requests
bundlewrap/pipeline/head This commit looks good
2021-06-05 15:53:02 +02:00
Franzi
72d4826dbb
remove bundle:netdata - we have telegraf and grafana now
bundlewrap/pipeline/head This commit looks good
2021-06-05 13:28:25 +02:00
Franzi
91cf6cd1e5
move lm-sensors to its own bundle, add to hardware systems
2021-06-05 12:23:09 +02:00
Franzi
5dde5d1642
bundles/apt: no --force-confdef in unattended upgrades
bundlewrap/pipeline/head This commit looks good
2021-06-05 11:13:51 +02:00
Franzi
6138db1089
bundles/matrix-synapse: no statistics
2021-06-05 11:13:19 +02:00
Franzi
ff85191bbe
bundles/radvd: fix typo
bundlewrap/pipeline/head This commit looks good
2021-06-04 07:28:40 +02:00
Franzi
95856a2c2d
add bundle:sysctl
2021-06-04 07:28:26 +02:00
Franzi
8d21e15106
bundles/pppd: restart nftables if it isn't running
2021-06-04 07:20:59 +02:00
Franzi
1fbc08f74b
bundles/nginx: add a default security.txt to all vhosts
bundlewrap/pipeline/head This commit looks good
2021-06-03 18:57:25 +02:00
Franzi
0a7e5bcdcd
move default values to libs/defaults
2021-06-03 18:27:45 +02:00
Franzi
5369490b79
bundles/postfix: fix spam blocklist timeout
2021-06-03 14:31:03 +02:00
Franzi
5c83287057
EOL bundle:iptables
bundlewrap/pipeline/head This commit looks good
2021-06-03 13:59:50 +02:00
Franzi
d569b00960
modify nodes and bundles for new nftables syntax
2021-06-03 13:59:36 +02:00
Franzi
ecb67d012b
bundles/nftables: introduce
2021-06-03 13:57:50 +02:00
Franzi
faf27a3940
bundles/nfs-server: support using node names for shares
bundlewrap/pipeline/head This commit looks good
2021-06-03 07:45:56 +02:00
Franzi
09397e2597
bundles/users: fix adding of non-admin users
2021-06-01 16:53:29 +02:00
Franzi
47c18913ca
bundles/pacman: install htop
2021-06-01 16:53:14 +02:00
Franzi
fba83415c7
bundles/letsencrypt: prepare for arch linux
2021-06-01 16:52:52 +02:00
Franzi
cf3c45fdd5
bundles/nginx: prepare for arch linux
2021-06-01 16:52:03 +02:00
Franzi
6b90d568cf
bundles/postfix: use dig in check_spam_blocklist instead of a python library
...
bundlewrap/pipeline/head This commit looks good
The library isn't available as a debian package, so we would have to
manually install that every time the python package updates its minor
version number.
2021-05-29 09:29:40 +02:00
Franzi
3468b719ed
bundles/nginx: default vhost always supports letsencrypt
2021-05-24 19:19:10 +02:00
Sophie Schiller
1461cf2827
bw/home.paperless-sophie add sophie's paperless host
bundlewrap/pipeline/head This commit looks good
2021-05-24 19:04:59 +02:00
Franzi
6bfcd87976
bundles/paperless-ng: ensure we have static files
bundlewrap/pipeline/head This commit looks good
2021-05-24 15:02:04 +02:00
Sophie Schiller
9a60d36a03
scan bright colors
bundlewrap/pipeline/head This commit looks good
2021-05-24 11:01:13 +02:00
Franzi
5d4ca086e6
bundles/scansnap: do ocr in a separate process to speed up scanning
bundlewrap/pipeline/head This commit looks good
2021-05-24 10:24:01 +02:00
Franzi
d193ec8ef3
bundles/paperless: set some options
2021-05-24 10:23:19 +02:00
Franzi
df3e18b476
bundles/paperless: fix media path
bundlewrap/pipeline/head This commit looks good
2021-05-23 18:41:56 +02:00
Franzi
22c98a4206
nodes/home.paperless: introduce
bundlewrap/pipeline/head This commit looks good
2021-05-23 17:41:19 +02:00
Franzi
3a44a9fbfb
bundles/vmhost: only install qemu-kvm for debian buster and older
bundlewrap/pipeline/head This commit looks good
2021-05-23 14:54:47 +02:00
Franzi
46f7aa93ef
bundles: fix dependencies
2021-05-23 14:54:24 +02:00
Franzi
8dc66421c0
bundles/basic: don't rewrite /etc/locale.gen every time
2021-05-23 14:53:45 +02:00
Franzi
5a182fadef
make some bundles arch-compatible, more default packages for arch
2021-05-23 14:36:16 +02:00
Franzi
97cbef06a2
bundles/grafana: remove derivative from temperature and fan graphs
bundlewrap/pipeline/head This commit looks good
2021-05-20 06:51:10 +02:00
Franzi
8568298a4e
bundles/grafana: make sure we have backups of the grafana database
bundlewrap/pipeline/head This commit looks good
2021-05-19 20:56:34 +02:00
Franzi
e54135b014
bundles/telegraf: it's "command" for execd, not "commands", because ... who knows
bundlewrap/pipeline/head This commit looks good
2021-05-19 20:50:18 +02:00
Franzi
df192e543b
bundles/transmission: add telegraf statistics
bundlewrap/pipeline/head There was a failure building this commit
2021-05-19 20:12:52 +02:00
Franzi
3b3bdeecab
bundles/pacman: add lm_sensors to telegraf, add dashboard row
2021-05-19 18:46:22 +02:00
Franzi
9e07af289e
bundles/scansnap: don't try to delete output directory
bundlewrap/pipeline/head This commit looks good
2021-05-19 06:35:18 +02:00
Franzi
3e9c28b8ae
bundles/zfs: no 'set -e' in backup-pre-hook
bundlewrap/pipeline/head This commit looks good
2021-05-16 07:53:27 +02:00
Franzi
976aa251d1
bundles/zfs: actually unmount snapshots before trying to destroy them
bundlewrap/pipeline/head This commit looks good
2021-05-16 07:43:31 +02:00
Franzi
479b730be4
bundles/zfs: introduce zfs-snapshot-backups, enable backups for nodes which need zfs-snapshot-backups
bundlewrap/pipeline/head This commit looks good
2021-05-15 20:32:23 +02:00
Franzi
25b305bddf
bundles/mosquitto: fix .provides()
bundlewrap/pipeline/head This commit looks good
2021-05-15 08:58:15 +02:00
Franzi
32826ed131
bundles/mosquitto: add telegraf stats for tasmota devices
bundlewrap/pipeline/head There was a failure building this commit
2021-05-15 08:52:37 +02:00
Franzi
eb6ae208cb
bundles/grafana: fix file system permissions
bundlewrap/pipeline/head This commit looks good
2021-05-15 07:33:21 +02:00
Franzi
d9595ad8e6
bundles/icinga2: fix typo in check_usv_snmp
2021-05-15 07:28:15 +02:00
Franzi
07c3d93e7d
bundles/miniflux: make sure to restart process if it crashes
bundlewrap/pipeline/head This commit looks good
2021-05-15 06:50:11 +02:00
Franzi
8e45b93b78
bundles/powerdnsadmin: yarn isn't installed globally any more
bundlewrap/pipeline/head This commit looks good
2021-05-14 20:15:49 +02:00
Sophie Schiller
d3c9550463
bundle/postgresql add dependencies, remove redundant config
2021-05-14 20:06:42 +02:00
Sophie Schiller
a656eb7eb3
bundle/nodejs remove yarn install
2021-05-14 20:05:04 +02:00
Sophie Schiller
88cfbc0699
bundle/matrix-synapse update dependencies, improve postgres database
...
creation
2021-05-14 20:03:56 +02:00
Sophie Schiller
bd19749971
bundle/matrix-media-repo update dependencies and needs
2021-05-14 20:02:39 +02:00
Sophie Schiller
3c5e778016
bundle:/element-web install yarn from npm instead of apt
2021-05-14 20:01:19 +02:00
Franzi
459c7731cb
bundles/backup-client: use --compress-level=1 instead of -z
2021-05-14 10:47:58 +02:00
Franzi
7775f33679
bundles/apt: move patchday to 21:00 UTC
2021-05-13 09:10:33 +02:00
Franzi
fab9a41024
bundles/c3voc-addons: use new way of doing updates, too
bundlewrap/pipeline/head This commit looks good
2021-05-11 06:21:42 +02:00
Franzi
276bd6ae8d
bundles/apt: rework upgrade-and-reboot mechanics to be more robust
bundlewrap/pipeline/head This commit looks good
2021-05-08 08:31:04 +02:00
Franzi
c976be62d7
bundles/grafana: only refresh managed dashboards every minute
...
bundlewrap/pipeline/head This commit looks good
After all, we're only getting data every minute, so there's no point
in refreshing more often.
2021-05-02 19:57:32 +02:00
Franzi
c1b1dc1a29
bundles/grafana: add support for custom managed dashboards
2021-05-02 17:49:40 +02:00
Franzi
fe668fd5d4
bundles/grafana: add "traffic per interface" graphs, fix naming of values
bundlewrap/pipeline/head This commit looks good
2021-05-02 15:01:22 +02:00
Franzi
0f387102b3
bundles/postgresql: do not collect metrics for telegraf database
bundlewrap/pipeline/head This commit looks good
2021-05-02 14:01:26 +02:00
Franzi
ada87897a4
bundles/grafana: add wireguard graphs
2021-05-02 13:55:41 +02:00
Franzi
40160fb25a
bundles: remove telegraf metrics from systemd-networkd and icinga2
2021-05-02 13:18:35 +02:00
Franzi
3b1d1f7e94
add postgresql metrics to telegraf/grafana
bundlewrap/pipeline/head This commit looks good
2021-05-02 13:09:01 +02:00
Franzi
1bc47fa231
bundles/grafana: fix y axis for disk iops graph
bundlewrap/pipeline/head This commit looks good
2021-05-02 12:07:49 +02:00
Franzi
ae0bb8ed58
bundles/postfix: rework exporter for better usability
2021-05-02 12:06:53 +02:00
Franzi
9b9465502a
bundles/grafana: add postfix graph
bundlewrap/pipeline/head This commit looks good
2021-05-02 11:55:34 +02:00
Franzi
0b972bc464
bundles/grafana: add nginx
bundlewrap/pipeline/head This commit looks good
2021-05-02 11:34:55 +02:00
Franzi
b299edbef4
bundles/grafana: add "free" to memory row
bundlewrap/pipeline/head This commit looks good
2021-05-02 11:05:01 +02:00
Franzi
68fed2439d
bundles/apt: fix "set -x" call
bundlewrap/pipeline/head This commit looks good
2021-05-02 10:45:21 +02:00
Franzi
c548a88ee7
bundles/grafana: introduce, add to htz-cloud.influxdb
2021-05-02 10:44:50 +02:00
Franzi
1a1ea721d9
bundles/telegraf: also work for arch linux systems
2021-05-02 07:32:54 +02:00
Franzi
8c276b53a6
nodes/home.nas: enable x11 forwarding for admins
bundlewrap/pipeline/head This commit looks good
2021-05-01 15:18:21 +02:00
Franzi
75fea7aa34
bundles/gitea: add a ssh key, enable git hooks for htz.ex42-1048908
bundlewrap/pipeline/head This commit looks good
2021-05-01 14:27:31 +02:00
Franzi
8a95dfa90a
nodes/home.downloadhelper: restrict lldp to vlan 42
bundlewrap/pipeline/head This commit looks good
2021-05-01 10:05:24 +02:00
Franzi
3de85e6717
bundles/webfs: introduce
2021-04-30 19:40:45 +02:00
Franzi
30efde6eb3
bundles/apt: remove unneeded if
bundlewrap/pipeline/head This commit looks good
2021-04-30 13:30:10 +02:00
Franzi
b235519ecf
bundles/apt: "set -xeuo pipefail" for upgrade-and-reboot
bundlewrap/pipeline/head This commit looks good
2021-04-30 12:51:09 +02:00
Franzi
8fd83241ca
bundles: ensure apt/repos/*/items is a set
2021-04-30 12:49:59 +02:00
Franzi
44d42de81c
bundles/nginx: only redirect to ssl for sites which actually have ssl enabled
bundlewrap/pipeline/head This commit looks good
2021-04-25 09:20:16 +02:00
Franzi
d98a1adfd9
bundles/ssl: support using a preexisting ssl certificate
2021-04-25 09:09:23 +02:00
Franzi
019d658442
bundles/icinga2: add check_usv_snmp
bundlewrap/pipeline/head This commit looks good
2021-04-25 08:02:04 +02:00
Franzi
ffd899534a
bundles/telegraf: use node.metadate.get() everywhere
bundlewrap/pipeline/head This commit looks good
2021-04-24 14:51:01 +02:00
Franzi
e9ce0ce869
bundles/systemd-networkd: add missing key to .provides()
bundlewrap/pipeline/head This commit looks good
2021-04-24 12:38:51 +02:00
Franzi
966ee7dae9
bundles/unbound: set correct statistics interval
2021-04-24 12:00:09 +02:00
Franzi
a9692317d2
bundles/telegraf: temporarily hardcode a repo path
bundlewrap/pipeline/head There was a failure building this commit
2021-04-24 11:47:28 +02:00
Franzi
6772b3b5d0
bundles: various fixes for telegraf plugins
bundlewrap/pipeline/head There was a failure building this commit
2021-04-24 11:45:58 +02:00
Franzi
a980e22ecb
bundles/telegraf: support requesting additional capabilities and/or groups
2021-04-24 11:44:55 +02:00
Franzi
dc0695e38f
bundles/influxdb: introduce
2021-04-24 10:17:56 +02:00
Franzi
c97d9ab948
bundles/postfix: use own postqueue exporter
2021-04-24 10:17:05 +02:00
Franzi
76f46ca7d5
bundles/telegraf: add sudoers file
2021-04-24 10:12:56 +02:00
Franzi
2432075f9a
bundles/telegraf: ensure telegraf is running, restart on config changes
2021-04-24 10:05:52 +02:00
Franzi
f58e66f701
bundles/c3voc-addons: make sure we're not accidentially overwriting c3voc telegraf config
2021-04-24 09:44:31 +02:00
Franzi
2667a2c00d
libs: replace libs.toml.dict_to_toml with libs.faults.resolve_faults
bundlewrap/pipeline/head This commit looks good
2021-04-24 09:39:08 +02:00
Franzi
a37d31973a
bundles: add some telegraf plugins
2021-04-24 09:14:25 +02:00
Franzi
5e0541aef8
bundles/telegraf: introduce
2021-04-24 09:14:21 +02:00
Franzi
ebb6d287b2
bundles/icinga2: add node name to automatic downtime comment
bundlewrap/pipeline/head This commit looks good
2021-04-23 14:30:34 +02:00
Franzi
8b14575657
bundles/postgresql: add metadata keys for some performance related config options
2021-04-23 14:02:04 +02:00
Franzi
616feb54b2
bundles/sshmon: fix an issue where check_mounts couldn't properly detect systemd mount units
2021-04-23 14:01:24 +02:00
Franzi
c0ff320281
bundles/scansnap: set proper permissions for /srv/scansnap
2021-04-21 18:25:37 +02:00
Franzi
c79b3f77c2
bundles/scansnap: cleanup old scans
2021-04-21 18:20:47 +02:00
Franzi
0c0a8e6263
bundles/scansnap: chown files to nobody-nogroup
2021-04-21 18:18:27 +02:00
Franzi
b5fb5dd6c2
bundles/scansnap: introduce, add to home.nas
2021-04-21 17:58:16 +02:00
Franzi
5e49e3204b
bundles/nfs-server: sort shares
2021-04-21 17:56:53 +02:00
Franzi
24362768fb
bundles/dhcpd: rework metadata
bundlewrap/pipeline/head This commit looks good
2021-04-20 18:18:17 +02:00
Franzi
12c04cf3be
bundles/users: some more bash config
2021-04-19 20:39:57 +02:00
Franzi
8536e87475
bundles/systemd-networkd: some more dhcp settings
bundlewrap/pipeline/head This commit looks good
2021-04-18 11:05:42 +02:00
Franzi
51ee9be424
bundles/radvd: advertise atleast every 30 seconds
2021-04-18 11:05:10 +02:00
Franzi
4973c63e62
bundles/icinga2: remove icinga_options/downtime_also_for, add host dependencies via icinga_options/also_affected_by
bundlewrap/pipeline/head This commit looks good
2021-04-17 09:21:51 +02:00
Franzi
4d5e75df68
bundles/icinga2: introduce icinga_options/downtime_also_for
bundlewrap/pipeline/head This commit looks good
2021-04-17 03:43:08 +02:00
Franzi
6a88040826
bundles/nginx: disable Federated Learning of Cohorts for all hosts
bundlewrap/pipeline/head This commit looks good
2021-04-16 18:36:50 +02:00
Franzi
bc8050cd3c
bundles/postfix: fix connection limits for smtpd
bundlewrap/pipeline/head This commit looks good
2021-04-11 21:56:37 +02:00
Franzi
b04a207262
nodes/htz.ex42-1048908: add some blocked email domains
bundlewrap/pipeline/head This commit looks good
2021-04-11 18:20:16 +02:00
Franzi
f0eb6f0d1b
bundles/vnstat: add favicon to web dashboard
...
bundlewrap/pipeline/head This commit looks good
As requested by sophie
2021-04-11 14:35:49 +02:00
Franzi
e809ed4859
bundles/vnstat: changes in systemd unit files must trigger daemon-reload
bundlewrap/pipeline/head This commit looks good
2021-04-11 11:18:42 +02:00
Franzi
dca56140aa
bundles/simple-icinga-dashboard: use systemd-timers, use virtualenv
bundlewrap/pipeline/head This commit looks good
2021-04-11 11:17:09 +02:00
Franzi
26c2be07cf
bundles/vnstat: adjust vnstati calls for debian bullseye
bundlewrap/pipeline/head This commit looks good
2021-04-11 09:01:58 +02:00
Franzi
69279ba34f
bundles/postfix: be a bit more relaxed when checking for smtp errors
bundlewrap/pipeline/head This commit looks good
2021-04-10 16:50:16 +02:00
Franzi
018bdb2f83
bundles/matrix*: better monitoring
bundlewrap/pipeline/head This commit looks good
2021-04-10 16:40:44 +02:00
Franzi
9618e388c3
bundles/simple-icinga-dashboard: only resolve faults when rendering the template, not earlier
bundlewrap/pipeline/head This commit looks good
2021-04-10 16:33:32 +02:00
Franzi
36bd6f5755
bundles/simple-icinga-dashboard: config is a toml file now
bundlewrap/pipeline/head There was a failure building this commit
2021-04-10 16:08:52 +02:00
Franzi
b33ddaadb5
bundles/simple-icinga-dashboard: add replacements
2021-04-10 15:43:37 +02:00
Franzi
fc7655469f
icinga2: add pretty_name for status page
bundlewrap/pipeline/head This commit looks good
2021-04-10 15:05:29 +02:00
Franzi
efd2875b17
bundles/c3voc-addons: add sms to NGINX VHOST checks
2021-04-10 15:04:34 +02:00
Franzi
8b2771cd63
Revert "bundles/systemd-networkd: fix vlan support for bridges and bonds"
...
bundlewrap/pipeline/head This commit looks good
This reverts commit 02146a81d6
2021-04-10 13:34:49 +02:00
Franzi
ef84b3f889
Revert "bundles/systemd-networkd: no need for a specific order in /etc/systemd/network/"
...
bundlewrap/pipeline/head This commit looks good
This reverts commit b679f568eb
2021-04-10 12:22:08 +02:00
Franzi
0d1a220b7b
bundles/systemd-networkd: generate unique mac address for vlan interfaces
2021-04-10 12:18:23 +02:00
Franzi
197ebe2e38
bundles/systemd-networkd: add BindCarrier to bridges
bundlewrap/pipeline/head This commit looks good
2021-04-10 11:41:23 +02:00
Franzi
00d46cb1b1
bundles/pppd: fix typo in restart-pppoe-if-no-public-ip
2021-04-10 09:49:40 +02:00
Franzi
af6b16cc35
bundles/pppd: fix KeyError in restart-pppoe-if-no-public-ip
bundlewrap/pipeline/head This commit looks good
2021-04-10 09:38:47 +02:00
Franzi
02146a81d6
bundles/systemd-networkd: fix vlan support for bridges and bonds
2021-04-10 09:18:45 +02:00
Franzi
24f04e59aa
nodes/voc.pretalx: work around content-security-policy issues
bundlewrap/pipeline/head This commit looks good
2021-04-05 08:18:21 +02:00
Franzi
aad27851bb
bundles/miniflux: proxy all images
bundlewrap/pipeline/head This commit looks good
2021-04-04 22:16:14 +02:00
Franzi
e36a352a42
bundles: fix usage of set() vs {}
bundlewrap/pipeline/head This commit looks good
2021-04-04 10:34:55 +02:00
Franzi
c418102000
bundles/netdata: fix iptables default
2021-04-04 10:30:45 +02:00
Franzi
513eb4bed6
bundles/mosquitto: add monitoring
bundlewrap/pipeline/head This commit looks good
2021-04-03 09:43:24 +02:00
Franzi
2027308249
bundles/zfs: fix typo in check_zpool_space
2021-04-03 09:41:17 +02:00
Franzi
9cbf866de7
bundles/mosquitto: introduce, add to node home.nas
bundlewrap/pipeline/head This commit looks good
2021-04-03 09:36:47 +02:00
Franzi
f8bbe00d47
overall better handling and usage of exceptions
bundlewrap/pipeline/head This commit looks good
2021-04-02 18:57:13 +02:00
Franzi
5d5930265a
bundles/postfix: remove print statement
2021-04-02 18:29:33 +02:00
Franzi
61cf881a03
bundles/pretalx: add bash_alias for manage.py
bundlewrap/pipeline/head This commit looks good
2021-04-02 14:59:56 +02:00
Franzi
4a3be10add
bundles/apt: fix if in upgrade-and-reboot
2021-04-02 13:40:55 +02:00
Franzi
a24fb12c21
bundles/apt: introduce restart_triggers (restart services if another service has been upgraded)
bundlewrap/pipeline/head There was a failure building this commit
2021-04-02 08:12:51 +02:00
Franzi
7ca24d27d3
bundles/apt: add a bit of code to remove old, unused kernel images
2021-04-02 08:11:17 +02:00
Franzi
8a0c8f32ae
bundles: less Restart=on-failure, more Restart=always
2021-04-02 08:05:33 +02:00
Franzi
5b276368b8
bundles/wireguard: iptables/bundle_rules should be a list
bundlewrap/pipeline/head This commit looks good
2021-04-01 17:13:24 +02:00
Franzi
17f9aa9c3e
bundles/icinga2: disable command module
bundlewrap/pipeline/head This commit looks good
2021-04-01 17:12:35 +02:00
Franzi
c5eb2f4f70
bundles/icinga2: do not send recovery emails
2021-04-01 17:11:42 +02:00
Franzi
957cac5ebc
bundles/postfix: disable SPAM BLOCKLIST check if relayhost is set
2021-04-01 17:00:53 +02:00
Franzi
61c6188454
bundles/postfix: mynetworks now supports identifiers
2021-04-01 16:59:49 +02:00
Franzi
b7222e2cd1
bundles/systemd-networkd: fix typo in routes
bundlewrap/pipeline/head This commit looks good
2021-04-01 16:31:57 +02:00
Franzi
6e423c24fb
bundles/wireguard: rework metadata.py
bundlewrap/pipeline/head There was a failure building this commit
2021-04-01 16:27:31 +02:00
Franzi
b679f568eb
bundles/systemd-networkd: no need for a specific order in /etc/systemd/network/
2021-04-01 16:26:06 +02:00
Franzi
d787f8b0a3
bundles/systemd-networkd: rework routes
2021-04-01 16:25:24 +02:00
Franzi
b52a196c73
bundles/nginx: add configuration option for client_max_body_size
bundlewrap/pipeline/head This commit looks good
2021-03-30 21:26:25 +02:00
Franzi
da9fe36646
bundles/pretalx: support installing plugins
2021-03-30 19:52:03 +02:00
Franzi
7345543fa2
bundles/mx-puppet-discord: remove logging to files, disable presence logging
bundlewrap/pipeline/head This commit looks good
2021-03-28 11:29:16 +02:00
Franzi
c388d5ea1e
bundles/postgresql: fix restart dependencies
bundlewrap/pipeline/head This commit looks good
2021-03-28 09:39:08 +02:00
Franzi
35e4bbf04b
bundles/postfix: remove postscreen usage
...
bundlewrap/pipeline/head This commit looks good
postscreen isn't able to share its cache file between
instances, which leads to the server simply accepting
mails for the port on which postscreen starts up later.
Since we can't predict which port this will be, we
simply remove postscreen alltogether.
Yes, i know i could just remove postscreen for port 2525.
2021-03-28 09:00:37 +02:00
Franzi
ce39850bda
bundles/postfix: fix .provides() for iptables reactor
bundlewrap/pipeline/head This commit looks good
2021-03-28 08:56:22 +02:00
Franzi
9fe4e2933d
bundles/postfix: add firewalling for port 2525
bundlewrap/pipeline/head There was a failure building this commit
2021-03-28 08:37:51 +02:00
Franzi
a4b2dc29a9
bundles/miniflux: don't clean up old entries
bundlewrap/pipeline/head This commit looks good
2021-03-28 08:04:41 +02:00
Franzi
39c1d34bbb
bundles/sshmon: fix disk space usage limits
2021-03-27 12:07:49 +01:00
Franzi
8f0f635484
bundles/basic: change load graph for cpu graph
2021-03-27 12:06:12 +01:00
Franzi
568a31586f
bundles/apt: fix permissions for /etc/kernel/postinst.d/unattended-upgrades
bundlewrap/pipeline/head This commit looks good
2021-03-27 08:31:29 +01:00
Franzi
f514e200f0
bundles/mautrix-whatsapp: restart bridge daily again
...
bundlewrap/pipeline/head This commit looks good
It seems neither WhatsApp nor WhatsApp Web are designed for 24/7
connections, thus leading to all kinds of weird side effects like
"Bridge thinks it's connected, but no messages get through at all"
or "WhatsApp is running, but the Bridge can't connect to it"
2021-03-27 08:21:41 +01:00
Franzi
f98720b57b
bundles/dhcpd: sort dchp leases by ip in bash alias
bundlewrap/pipeline/head This commit looks good
2021-03-26 09:27:52 +01:00
Franzi
65490b1d20
bundles/apt: log stdout and stderr separately in upgrade-and-reboot
bundlewrap/pipeline/head This commit looks good
2021-03-26 09:02:48 +01:00
Franzi
27753d50c4
bundles/postfix: use threading in check_spam_blocklist
bundlewrap/pipeline/head This commit looks good
2021-03-25 17:42:59 +01:00
Franzi
fdcec012f3
bundles/postfix: add SPAM BLOCKLIST check for every non-private IP attached to the server
bundlewrap/pipeline/head This commit looks good
2021-03-22 20:24:14 +01:00
Franzi
b99176be49
bundles/kodi: add iptables rules
bundlewrap/pipeline/head This commit looks good
2021-03-21 19:10:49 +01:00
Franzi
28dd9694af
add bundle:oidentd
bundlewrap/pipeline/head This commit looks good
2021-03-21 17:40:58 +01:00
Franzi
6a6198c9b9
bundles/wireguard: move iptables rules to metadata reactor
bundlewrap/pipeline/head This commit looks good
2021-03-21 15:26:29 +01:00
Franzi
3bc5e55400
bundles/iptables: don't apply iptables rules if a rules file is missing
2021-03-21 11:44:27 +01:00
Franzi
4b00c8b55a
bundles/unbound: do not bind to 0.0.0.0 if qemu is installed
2021-03-21 11:43:53 +01:00
Franzi
5a0aa82ec9
bundles/powerdns: fix missing imports
2021-03-21 11:43:17 +01:00
Franzi
62f7080db9
bundles/nfs-server: add iptables config
2021-03-21 11:24:21 +01:00
Franzi
850d860d59
bundles/powerdns: add iptables config
2021-03-21 11:12:18 +01:00
Franzi
31ddea7649
bundles/dovecot: add iptables config
2021-03-21 11:12:03 +01:00
Franzi
5775001301
bundles/postfix: add iptables config
2021-03-21 11:11:49 +01:00
Franzi
c9f008ad82
bundles/openssh: move iptables rules to metadata reactor
bundlewrap/pipeline/head This commit looks good
2021-03-21 10:37:28 +01:00
Franzi
b943d2d465
rework iptables configuration
bundlewrap/pipeline/head This commit looks good
2021-03-21 10:30:04 +01:00
Franzi
3fcd81960e
bundles/postfix: allow configuring mynetworks
bundlewrap/pipeline/head This commit looks good
2021-03-15 11:41:35 +01:00
Franzi
52cab71fec
bundles/wireguard: also allow outgoing traffic
...
How did this ever work without this rule?
2021-03-15 09:00:35 +01:00
Franzi
adb808a683
bundles/users: more colourful bash for everyone
bundlewrap/pipeline/head This commit looks good
2021-03-14 17:14:08 +01:00
Franzi
f6ecf2a465
bundles/nfs-client: support arch linux
bundlewrap/pipeline/head This commit looks good
2021-03-11 15:24:06 +01:00
Sophie Schiller
c87611c2e2
bw/kodi add backports repo
bundlewrap/pipeline/head This commit looks good
2021-03-08 21:06:25 +01:00
Franzi
8b07fce738
bundles/unbound: decrease statistics-interval until debian has 1.19 and we're actually able to use them
2021-03-06 10:03:22 +01:00
Franzi
f214f70cd4
bundles/basic: add textual cpu stats to htop
2021-03-06 09:58:22 +01:00
Franzi
7e57c0f03e
bundles/basic: current htop version in debian does not support DiskIO nor NetworkIO
bundlewrap/pipeline/head This commit looks good
2021-03-06 09:56:05 +01:00
Franzi
ebcf8e4445
bundles/matrix-media-repo: also restart matrix-media-repo after updating
bundlewrap/pipeline/head This commit looks good
2021-03-05 07:21:23 +01:00
Franzi
2adf3c6a72
bundles/sshmon: increase acceptable amount of cpu steal
bundlewrap/pipeline/head This commit looks good
2021-03-01 15:52:55 +01:00
Franzi
