b679f568eb
bundles/systemd-networkd: no need for a specific order in /etc/systemd/network/
2021-04-01 16:26:06 +02:00
d787f8b0a3
bundles/systemd-networkd: rework routes
2021-04-01 16:25:24 +02:00
b52a196c73
bundles/nginx: add configuration option for client_max_body_size
bundlewrap/pipeline/head This commit looks good
2021-03-30 21:26:25 +02:00
da9fe36646
bundles/pretalx: support installing plugins
2021-03-30 19:52:03 +02:00
7345543fa2
bundles/mx-puppet-discord: remove logging to files, disable presence logging
bundlewrap/pipeline/head This commit looks good
2021-03-28 11:29:16 +02:00
c388d5ea1e
bundles/postgresql: fix restart dependencies
bundlewrap/pipeline/head This commit looks good
2021-03-28 09:39:08 +02:00
35e4bbf04b
bundles/postfix: remove postscreen usage
...
bundlewrap/pipeline/head This commit looks good
postscreen isn't able to share its cache file between
instances, which leads to the server simply accepting
mails for the port on which postscreen starts up later.
Since we can't predict which port this will be, we
simply remove postscreen alltogether.
Yes, i know i could just remove postscreen for port 2525.
2021-03-28 09:00:37 +02:00
ce39850bda
bundles/postfix: fix .provides() for iptables reactor
bundlewrap/pipeline/head This commit looks good
2021-03-28 08:56:22 +02:00
9fe4e2933d
bundles/postfix: add firewalling for port 2525
bundlewrap/pipeline/head There was a failure building this commit
2021-03-28 08:37:51 +02:00
a4b2dc29a9
bundles/miniflux: don't clean up old entries
bundlewrap/pipeline/head This commit looks good
2021-03-28 08:04:41 +02:00
39c1d34bbb
bundles/sshmon: fix disk space usage limits
2021-03-27 12:07:49 +01:00
8f0f635484
bundles/basic: change load graph for cpu graph
2021-03-27 12:06:12 +01:00
568a31586f
bundles/apt: fix permissions for /etc/kernel/postinst.d/unattended-upgrades
bundlewrap/pipeline/head This commit looks good
2021-03-27 08:31:29 +01:00
f514e200f0
bundles/mautrix-whatsapp: restart bridge daily again
...
bundlewrap/pipeline/head This commit looks good
It seems neither WhatsApp nor WhatsApp Web are designed for 24/7
connections, thus leading to all kinds of weird side effects like
"Bridge thinks it's connected, but no messages get through at all"
or "WhatsApp is running, but the Bridge can't connect to it"
2021-03-27 08:21:41 +01:00
f98720b57b
bundles/dhcpd: sort dchp leases by ip in bash alias
bundlewrap/pipeline/head This commit looks good
2021-03-26 09:27:52 +01:00
65490b1d20
bundles/apt: log stdout and stderr separately in upgrade-and-reboot
bundlewrap/pipeline/head This commit looks good
2021-03-26 09:02:48 +01:00
27753d50c4
bundles/postfix: use threading in check_spam_blocklist
bundlewrap/pipeline/head This commit looks good
2021-03-25 17:42:59 +01:00
fdcec012f3
bundles/postfix: add SPAM BLOCKLIST check for every non-private IP attached to the server
bundlewrap/pipeline/head This commit looks good
2021-03-22 20:24:14 +01:00
b99176be49
bundles/kodi: add iptables rules
bundlewrap/pipeline/head This commit looks good
2021-03-21 19:10:49 +01:00
28dd9694af
add bundle:oidentd
bundlewrap/pipeline/head This commit looks good
2021-03-21 17:40:58 +01:00
6a6198c9b9
bundles/wireguard: move iptables rules to metadata reactor
bundlewrap/pipeline/head This commit looks good
2021-03-21 15:26:29 +01:00
3bc5e55400
bundles/iptables: don't apply iptables rules if a rules file is missing
2021-03-21 11:44:27 +01:00
4b00c8b55a
bundles/unbound: do not bind to 0.0.0.0 if qemu is installed
2021-03-21 11:43:53 +01:00
5a0aa82ec9
bundles/powerdns: fix missing imports
2021-03-21 11:43:17 +01:00
62f7080db9
bundles/nfs-server: add iptables config
2021-03-21 11:24:21 +01:00
850d860d59
bundles/powerdns: add iptables config
2021-03-21 11:12:18 +01:00
31ddea7649
bundles/dovecot: add iptables config
2021-03-21 11:12:03 +01:00
5775001301
bundles/postfix: add iptables config
2021-03-21 11:11:49 +01:00
c9f008ad82
bundles/openssh: move iptables rules to metadata reactor
bundlewrap/pipeline/head This commit looks good
2021-03-21 10:37:28 +01:00
b943d2d465
rework iptables configuration
bundlewrap/pipeline/head This commit looks good
2021-03-21 10:30:04 +01:00
3fcd81960e
bundles/postfix: allow configuring mynetworks
bundlewrap/pipeline/head This commit looks good
2021-03-15 11:41:35 +01:00
52cab71fec
bundles/wireguard: also allow outgoing traffic
...
How did this ever work without this rule?
2021-03-15 09:00:35 +01:00
adb808a683
bundles/users: more colourful bash for everyone
bundlewrap/pipeline/head This commit looks good
2021-03-14 17:14:08 +01:00
f6ecf2a465
bundles/nfs-client: support arch linux
bundlewrap/pipeline/head This commit looks good
2021-03-11 15:24:06 +01:00
Sophie Schiller
c87611c2e2
bw/kodi add backports repo
bundlewrap/pipeline/head This commit looks good
2021-03-08 21:06:25 +01:00
8b07fce738
bundles/unbound: decrease statistics-interval until debian has 1.19 and we're actually able to use them
2021-03-06 10:03:22 +01:00
f214f70cd4
bundles/basic: add textual cpu stats to htop
2021-03-06 09:58:22 +01:00
7e57c0f03e
bundles/basic: current htop version in debian does not support DiskIO nor NetworkIO
bundlewrap/pipeline/head This commit looks good
2021-03-06 09:56:05 +01:00
ebcf8e4445
bundles/matrix-media-repo: also restart matrix-media-repo after updating
bundlewrap/pipeline/head This commit looks good
2021-03-05 07:21:23 +01:00
2adf3c6a72
bundles/sshmon: increase acceptable amount of cpu steal
bundlewrap/pipeline/head This commit looks good
2021-03-01 15:52:55 +01:00
e435ae582a
bundles/icinga2: add monitoring for IdoPgsqlConnection
bundlewrap/pipeline/head This commit looks good
2021-03-01 15:36:29 +01:00
3adfb9779a
bundles/molly-guard: introduce, add to systems
bundlewrap/pipeline/head This commit looks good
2021-02-26 17:58:20 +01:00
51ca74549e
bundles/basic: add htoprc
bundlewrap/pipeline/head This commit looks good
2021-02-24 19:24:56 +01:00
836f065382
bundles/pleroma: add website content check
bundlewrap/pipeline/head This commit looks good
2021-02-20 22:11:19 +01:00
b470fddc12
bundles/nginx: add gdpr-compatible log format
2021-02-20 21:11:12 +01:00
8cb172a1c1
bundles/pleroma: remove NoNewPrivileges=true, interferes with mail delivery
2021-02-20 20:57:00 +01:00
017c2c3421
bundles/pleroma: allow database configuration
bundlewrap/pipeline/head There was a failure building this commit
2021-02-20 20:18:34 +01:00
f8c157ce50
bundles/pleroma: get it working
bundlewrap/pipeline/head This commit looks good
2021-02-20 19:37:33 +01:00
1f3e7afb2c
bundles/pleroma: initial NON-WORKING version
2021-02-20 19:14:20 +01:00
5433859a86
bundles/letsencrypt: also check for chain.pem, nginx needs this
bundlewrap/pipeline/head This commit looks good
2021-02-20 17:38:11 +01:00
e2d7d05783
bundles/systemd-networkd: manage apt packages via bundle:apt
bundlewrap/pipeline/head This commit looks good
2021-02-20 17:35:45 +01:00
ad5c8cc0ab
bundles/postfix: only get certificate if actually needed
bundlewrap/pipeline/head This commit looks good
2021-02-20 17:30:38 +01:00
97a1b3ae85
bundles/zfs: add comment to action:modprobe-zfs
bundlewrap/pipeline/head This commit looks good
2021-02-20 16:51:34 +01:00
1c0a3ee8e7
bundles/postgresql: fix postgresql config path
2021-02-20 16:50:38 +01:00
194de9ef2d
bundles/letsencrypt: fix some errors in letsencrypt-ensure-some-certificate
bundlewrap/pipeline/head This commit looks good
2021-02-20 15:48:17 +01:00
3fa81ddc85
bundles/gitea: use canned stop action
2021-02-20 15:47:35 +01:00
74d81eb7ba
bundles/nginx: support disabling ssl for each vhost individually
bundlewrap/pipeline/head This commit looks good
2021-02-20 14:25:27 +01:00
228786f6aa
bundles/letsencrypt: generate a dummy certificate, if no certificate already exists
2021-02-20 13:52:40 +01:00
014b6029c5
nodes/htz.ex42-1048908: update element-web config
bundlewrap/pipeline/head This commit looks good
2021-02-20 11:10:08 +01:00
1ac6559b9f
bundles/postgresql: add pg_query_mon
2021-02-20 10:56:20 +01:00
c0b8d35a47
bundles/icinga2: fix double emoji for WARNING state
bundlewrap/pipeline/head This commit looks good
2021-02-19 14:03:00 +01:00
2bccbf9ded
bundles/icinga2: add some emoji to sent SMS, don't send output via SMS if everything is fine
bundlewrap/pipeline/head This commit looks good
2021-02-19 14:01:45 +01:00
8ac9b2f204
bundles/matrix-synapse: add scripts/synapse-purge-unused-rooms
bundlewrap/pipeline/head This commit looks good
2021-02-19 11:56:21 +01:00
b06532241b
bundles: use metastack syntax for metadata.get()
bundlewrap/pipeline/head This commit looks good
2021-02-18 18:12:25 +01:00
6e9fb7044a
bundles/systemd-networkd: add "enable-resolved" flag
2021-02-18 17:56:43 +01:00
fbf0371371
bundles/systemd: support different timezones
2021-02-18 17:56:06 +01:00
1abc0153f5
bundles/openssh: do not add deleted users to ssh config
bundlewrap/pipeline/head There was a failure building this commit
2021-02-18 15:12:30 +01:00
75224f0d5c
bundles/lldp: support arch linux
2021-02-18 15:10:50 +01:00
f4a644795e
bundles/basic: support setting a different default locale
2021-02-18 14:51:33 +01:00
32d129015e
bundles/pacman: introduce, support pkg_pacman in some other bundles
2021-02-18 14:24:57 +01:00
9bf7f856af
bundles/users: allow setting another shell
2021-02-18 14:24:09 +01:00
8a2bef9b77
bundles/apt: move vim to default packages
2021-02-18 14:23:43 +01:00
03840fd152
bundles/systemd: more options in journald.conf
bundlewrap/pipeline/head This commit looks good
2021-02-18 10:29:38 +01:00
fbb8840dff
add .editorconfig, format files correctly
bundlewrap/pipeline/head This commit looks good
2021-02-17 10:56:18 +01:00
b42e39ed0a
get rid of check_rbl
2021-02-17 10:51:49 +01:00
9d5d80457f
bundles/element-web: rename from riot-web, use tagged releases
bundlewrap/pipeline/head This commit looks good
2021-02-16 12:49:02 +01:00
abb99ed58a
bundles/raspberrypi: remove isc-dhcp-client
2021-02-16 08:41:37 +01:00
d2260b4699
bundles/wireguard: use PersistentKeepalive to work around intermittent connection issues
bundlewrap/pipeline/head This commit looks good
2021-02-15 15:16:44 +01:00
5c1eba0d58
bundles: use a common metadata key for firewall restrictions, use repo.libs.tools.resolve_identifier()
bundlewrap/pipeline/head This commit looks good
2021-02-15 14:16:35 +01:00
56fce7d460
bundles/wireguard: add exclude_from_monitoring option for wireguard peers
2021-02-14 21:35:37 +01:00
65e6b8d053
bundles/backup-client: use a bash function to do backups instead of repeating the same code over and over
2021-02-13 09:18:00 +01:00
adeb8eff88
bundles/postgresql: only do database dumps if we're actually doing backups
2021-02-13 09:04:59 +01:00
724537558e
bundles/postgresql: do a database dump before backing up the database
bundlewrap/pipeline/head This commit looks good
2021-02-13 08:56:35 +01:00
3d1468b214
bundles/backup-client: backup-pre-hooks should have numeric sorting
2021-02-13 08:37:49 +01:00
7aeb46382d
bundles/zfs: move icinga2_api to metadata defaults
2021-02-13 08:37:00 +01:00
2fbbaa1586
bundles/zfs: remove support for snapshot_only and snapshot_never (unused)
2021-02-13 08:36:10 +01:00
b20f369ea8
bundles/backup-client: metadata backup-pre-hooks now use /bin/sh by default
2021-02-13 08:26:46 +01:00
077eaa265c
bundles/radicale: use Fault.as_htpasswd_entry() instead of pre-encrypting passwords
2021-02-13 08:17:31 +01:00
978285bf32
bundles/matrix-media-repo: add backup/paths metadata
2021-02-13 08:09:48 +01:00
f52df58517
bundles: code style improvements
bundlewrap/pipeline/head This commit looks good
2021-02-12 20:45:41 +01:00
c0353d2911
bundles/apt: add option to configure patch-hour, not only patchday
2021-02-12 18:53:25 +01:00
767db8efdd
bundles/apt: add /etc/kernel/postinst.d/unattended-upgrades to ensure a reboot on kernel updates
bundlewrap/pipeline/head This commit looks good
2021-02-12 18:12:24 +01:00
d4b110087f
bundles/matrix-media-repo: introduce, add to htz.ex42-1048908
bundlewrap/pipeline/head This commit looks good
2021-02-12 16:01:35 +01:00
638e37c05f
bundles: add Requires=postgresql.service to some services which require postgresql
bundlewrap/pipeline/head This commit looks good
2021-02-12 13:28:52 +01:00
9f8cbde7d7
bundles/transmission: always try to restart transmission
bundlewrap/pipeline/head This commit looks good
2021-02-11 09:06:20 +01:00
a86e04683a
bundles/backup-client: fix missing space in generate-backup
bundlewrap/pipeline/head This commit looks good
2021-02-09 07:17:25 +01:00
c25233b991
nodes: replace pkg_apt:redis with bundle:redis
bundlewrap/pipeline/head This commit looks good
2021-02-07 21:09:39 +01:00
0d1e987a6f
bundles/backup-client: add backup-pre-hooks ( fixes #24 )
2021-02-07 20:47:22 +01:00
a8690b13b8
bundles/rspamd: add "unless" to action:rspamd_assure_dkim_key_permissions
bundlewrap/pipeline/head This commit looks good
2021-02-06 19:10:16 +01:00
eb431d8da8
bundles/postfix: also set alias_maps
...
bundlewrap/pipeline/head This commit looks good
fixes "warning: dict_nis_init: NIS domain name not set - NIS lookups disabled"
2021-02-06 10:24:19 +01:00
457052d42b
bundles/gitea: downloading gitea updates needs stopping it first
2021-02-06 09:43:54 +01:00
b6d23aaed4
bundles/sshmon: use own check_cpu_stats script
...
Old script only checked iowait, which is not enough.
2021-02-06 09:38:50 +01:00
c185a5bacd
bundles/backup-client: do backups at 23:xx, so it won't interfere with upgrade-and-reboot
...
bundlewrap/pipeline/head This commit looks good
There were still problems with systems starting their backups late in the hour,
but backup servers did upgrade-and-reboot early it the hour. This leads to
incomplete backups, if the machine is rebooting, too.
2021-02-06 09:36:44 +01:00
7e15f8adc3
bundles/octoprint: multi-line-output for check_octoprint_update
bundlewrap/pipeline/head This commit looks good
2021-02-02 20:20:11 +01:00
8523754935
bundles/users: add vim-keybindings for pane navigation to tmux.conf
2021-01-31 07:59:19 +01:00
bdc5b4de33
bundles/transmission: don't overwrite configs managed by transmission
2021-01-30 17:39:34 +01:00
71f033b7c2
bundles/icinga2: fix dependencies for svc_systemd:icinga2
...
bundlewrap/pipeline/head This commit looks good
icinga2 runs fine without any checks, so we now only depend on the other
configuration files managed by bw. This will also fix unwanted
dependencies, because 'file:' means *all* files, not only those provided
by this bundle. In the past, it wasn't possible to skip any file,
because that would result in icinga not properly restarting.
2021-01-30 17:31:05 +01:00
569275329c
bundles/sshmon: remove INTERNET check
...
bundlewrap/pipeline/head This commit looks good
We're using the internet to check these hosts, so if those hosts
wouldn't have an internet connection, the whole host would be
down, atleast as far as icinga can tell.
2021-01-30 11:47:55 +01:00
161aec9314
bundles/powerdnsadmin: use tagged release
bundlewrap/pipeline/head This commit looks good
2021-01-29 18:13:16 +01:00
f56852c27d
bundles/postfixadmin: use tagged release
2021-01-29 18:07:57 +01:00
fa462fbd0f
bundles/sshmon: use tag_name instead of human-readable name in check_github_for_new_release
2021-01-29 18:04:35 +01:00
b3e6063596
bundles/unbound: silence refresh-root-hints cronjob
2021-01-29 17:58:24 +01:00
c31066fea8
bundles/mautrix-whatsapp: restart weekly to work around 24/7 connection issues
2021-01-29 17:27:33 +01:00
fd421bf6f8
add bundle:redis, add redis support to pretalx
bundlewrap/pipeline/head This commit looks good
2021-01-29 15:58:54 +01:00
ce76430b4d
bundles/mautrix-whatsapp: decrease log level to info
bundlewrap/pipeline/head This commit looks good
2021-01-28 15:05:04 +01:00
4efcc73f55
bundles/mautrix-whatsapp: ensure we're not using ssl for postgres
bundlewrap/pipeline/head This commit looks good
2021-01-25 22:27:11 +01:00
f3d8a1412c
bundles/dovecot: better ssl
bundlewrap/pipeline/head This commit looks good
2021-01-24 18:44:25 +01:00
2aaf7cf8f8
bundles/nginx: better ssl
2021-01-24 18:44:13 +01:00
614bdf9dec
bundles/basic: support creating additional locales
2021-01-24 07:49:49 +01:00
d344664fa1
bundles/basic: fix format for /etc/locale.gen
bundlewrap/pipeline/head This commit looks good
2021-01-23 12:25:32 +01:00
6b720c6c75
bundles/postgresql: only deploy packages if we have locales installed
bundlewrap/pipeline/head This commit looks good
2021-01-23 12:06:38 +01:00
4a9463db5f
bundles/basic: ensure a proper locale is installed
2021-01-23 12:05:59 +01:00
a160e7cf46
bundles/postgresql: improvements
...
bundlewrap/pipeline/head This commit looks good
- support other postgresql versions
- manage configs using bw
2021-01-23 11:35:03 +01:00
c41ee0f806
bundles/apt: fix logging for upgrade-and-reboot
2021-01-23 11:32:35 +01:00
51101fc615
bundles/sudo: fix mode for /etc/sudoers
bundlewrap/pipeline/head This commit looks good
2021-01-23 09:28:50 +01:00
c5109fbfe3
bundles/icinga2: no need to do metadata.copy() here
bundlewrap/pipeline/head This commit looks good
2021-01-23 09:11:18 +01:00
717159b61f
bundles/seafile: no need for sms for seafile process, we're already doing http content checks
bundlewrap/pipeline/head There was a failure building this commit
2021-01-23 09:09:30 +01:00
63cdd470cf
bundles/c3voc-addons: support cron definition
bundlewrap/pipeline/head This commit looks good
2021-01-19 13:34:23 +01:00
0893156723
bundles/c3voc-addons: add upgrade-and-reboot to bundle
bundlewrap/pipeline/head This commit looks good
2021-01-17 18:43:30 +01:00
0f0ee046b1
bundles/c3voc-addons: some assertions to make sure we don't conflict with ansible
bundlewrap/pipeline/head This commit looks good
2021-01-17 10:16:23 +01:00
1041e092b1
bundles/dhcpd: add bash alias for lease list
2021-01-17 09:12:32 +01:00
4f62e25d5e
bundles/c3voc-addons: add nginx vhost monitoring
bundlewrap/pipeline/head This commit looks good
2021-01-17 08:07:21 +01:00
3b90426b4d
bundles/pretalx: fix needs for systemd units
bundlewrap/pipeline/head This commit looks good
2021-01-17 08:01:15 +01:00
2b0678063c
bundles/pretalx: new version needs to trigger regenerate_css, too
bundlewrap/pipeline/head This commit looks good
2021-01-17 07:59:57 +01:00
b5cc8c2c57
bundles/pretalx: add to PORT_MAP.md, allocate a port
bundlewrap/pipeline/head This commit looks good
2021-01-17 07:55:08 +01:00
35abb92daf
bundles/icinga2: do not schedule downtimes for hosts which do not do unattended-upgrades
bundlewrap/pipeline/head This commit looks good
2021-01-16 22:31:51 +01:00
173746fe9c
bundles/sshmon: ensure sshmon user is able to log in
2021-01-16 22:31:18 +01:00
39aabd0546
bundles/backup-server: of course, we need to ignore hosts which have exclude_from_backups set
bundlewrap/pipeline/head This commit looks good
2021-01-16 22:22:51 +01:00
ad84f62c0d
bundles/sshmon: do not rely on bundle:users to create sshmon user
bundlewrap/pipeline/head There was a failure building this commit
2021-01-16 22:21:27 +01:00
ec8802dd4a
bundles/backup-server: ignore all nodes which don't have bundle:backup-client
2021-01-16 22:12:49 +01:00
9f0fc90679
bundles/pretalx: fix wrong metadata key
2021-01-16 22:12:16 +01:00
70944d7065
bundles/pretalx: introduce
2021-01-16 22:03:38 +01:00
0b9056bd2b
add pseudo-bundle to add configs to c3voc ansible managed hosts
2021-01-16 22:03:03 +01:00
8fc0017378
bundles/backup-client: do backups at 00:xx, so it won't interfere with upgrade-and-reboot
bundlewrap/pipeline/head This commit looks good
2021-01-15 15:31:36 +01:00
9854fc9dbc
bundles/hostname: also set motd
2021-01-15 15:29:49 +01:00
db3a15310c
bundles/letsencrypt: fix concat_and_deploy comment
bundlewrap/pipeline/head This commit looks good
2021-01-10 10:48:19 +01:00
659e35686e
bundles/iptables: removing rule files should also trigger iptables-enforce
bundlewrap/pipeline/head This commit looks good
2021-01-09 14:02:50 +01:00
4f6b57676a
bundles/systemd-networkd: LACPTransmitRate=fast
bundlewrap/pipeline/head This commit looks good
2021-01-09 12:52:03 +01:00
00fd1df67a
bundles/wide-dhcp6c: stop, then start, instead of restart
2021-01-09 12:51:37 +01:00
8e54d6eb23
add monitoring for freifunk nodes
bundlewrap/pipeline/head This commit looks good
2021-01-09 11:03:23 +01:00
19dd29e847
bundles/transmission: also allow tcp peer-port
bundlewrap/pipeline/head This commit looks good
2021-01-08 17:06:26 +01:00
33b85ff0de
bundles/transmission: add bundle, add to home.downloadhelper
bundlewrap/pipeline/head This commit looks good
2021-01-08 17:00:08 +01:00
dca13263e2
bundles/systemd-networkd: add option for setting static routes
2021-01-08 16:09:59 +01:00
17510b783c
bundles/nfs-client: do start automount units. Previous comment was wrong.
bundlewrap/pipeline/head This commit looks good
2021-01-07 22:15:57 +01:00
fb42f9e667
bundles/dhcpd: catch keyerrors for nodes which do dhcp in unmanaged networks
2021-01-07 22:14:17 +01:00
2d42e5f7dd
update bw to 4.3, add .provides() to metadata reactors
bundlewrap/pipeline/head This commit looks good
2021-01-07 18:44:38 +01:00
7f0fb7a6e2
bundles/influxdb: remove
2021-01-07 18:28:08 +01:00
Sophie Schiller
2ba4946975
update letsencrypt hashes
bundlewrap/pipeline/head This commit looks good
2021-01-06 13:18:44 +01:00
ec13a1edaa
bundles/simple-icinga-dashboard: repo is public now
bundlewrap/pipeline/head This commit looks good
2021-01-03 09:56:51 +01:00
03d3ab6e9d
bundles/{netdata,nginx,unbound}: fix iptables rules (should also create ip6tables rules)
bundlewrap/pipeline/head There was a failure building this commit
2021-01-02 16:19:55 +01:00
e8d131b041
add simple-icinga-dashboard on status.franzi.business
...
bundlewrap/pipeline/head There was a failure building this commit
fixes #20
2021-01-02 14:47:11 +01:00
2ebf7ec32b
bundles/mautrix-whatsapp: disable log timestamps, journal takes care of that
bundlewrap/pipeline/head This commit looks good
2021-01-02 14:01:26 +01:00
b8bcc6c499
bundles/mautrix-whatsapp: only log to journal
bundlewrap/pipeline/head This commit looks good
2021-01-02 13:59:47 +01:00
8752299e61
bundles/icinga2: add hostgroup for hosts which send SMS
bundlewrap/pipeline/head This commit looks good
2021-01-02 12:58:52 +01:00
4f57a6c0e3
icinga2: more checks should send sms
bundlewrap/pipeline/head This commit looks good
2021-01-02 12:26:37 +01:00
10fd67a0fd
bundles/systemd-networkd: fix LACP options
...
bundlewrap/pipeline/head This commit looks good
fixes #25 , hopefully
2021-01-02 11:00:10 +01:00
f329373a4a
bundles/systemd-networkd: remove settings from bond.netdev
...
bundlewrap/pipeline/head This commit looks good
Why the fuck doesn't this work like it's written in the documentation?
2021-01-01 22:00:50 +01:00
16ea6ce0d5
bundles/systemd-networkd: disable STP on bridges
2021-01-01 21:59:21 +01:00
48fc341137
bundles/backup-client: add monitoring for backups
2021-01-01 13:59:42 +01:00
3e1d3b483e
bundles/mautrix-whatsapp: use -a for check_procs
bundlewrap/pipeline/head This commit looks good
2020-12-31 12:31:14 +01:00
fede30c2cc
bundles/mautrix-whatsapp: introduce
2020-12-31 12:18:34 +01:00
914889da6c
bundles/vmhost: add option to exclude VM from monitoring
bundlewrap/pipeline/head This commit looks good
2020-12-29 10:18:16 +01:00
62d7baa3ec
bundles/icinga2: admins shall receive all notifications
bundlewrap/pipeline/head This commit looks good
2020-12-27 09:09:40 +01:00
d72c43083d
nodes/rx300: set proper lldp hostname
bundlewrap/pipeline/head This commit looks good
2020-12-25 14:45:41 +01:00
ca7f3ed4a6
bundles/octoprint: fix typo in check_octoprint_update
bundlewrap/pipeline/head This commit looks good
2020-12-23 12:38:44 +01:00
e40f88aa69
bundles/unbound: only start unbound after pppoe.service has been started ( fixes #23 )
bundlewrap/pipeline/head This commit looks good
2020-12-23 10:50:54 +01:00
275249481f
bundles/octoprint: display version in update check, remove error states (we're monitoring this separately)
bundlewrap/pipeline/head This commit looks good
2020-12-23 10:43:13 +01:00
d2be654206
bundles/unbound: enable prefetching
2020-12-22 09:24:10 +01:00
5e45efb7ae
bundles/unbound: better caching
2020-12-22 09:22:37 +01:00
5935aed0db
bundles/{netdata,pppd,radvd,vmhost,vnstat,wide-dhcp6c}: add monitoring
bundlewrap/pipeline/head This commit looks good
2020-12-21 09:50:15 +01:00
0b52f8e7e6
bundles/icinga2: allow limiting permissions for api users
2020-12-20 09:33:17 +01:00
da4b139095
bundles/{radvd,wide-dhcp6c}: remove metadata key integrate-with-pppd
bundlewrap/pipeline/head This commit looks good
2020-12-18 16:30:17 +01:00
6045debe9e
bundles/nginx: check ssl certificates
bundlewrap/pipeline/head This commit looks good
2020-12-18 13:28:08 +01:00
5f5c3d5207
bundles/icinga2: admins shall receive more notifications
bundlewrap/pipeline/head This commit looks good
2020-12-18 08:24:19 +01:00
958f5893e6
bundles/zfs: adjust warning period for check_zfs_old_snapshots
2020-12-18 08:23:42 +01:00
487e4d0df6
bundles/rspamd: add missing }
2020-12-18 08:21:56 +01:00
e81fcafe7a
bundles/powerdns: fix dependencies
bundlewrap/pipeline/head There was a failure building this commit
2020-12-18 06:41:24 +01:00
63d455d242
bundles/rspamd: fix dependencies
2020-12-18 06:41:05 +01:00
65db8b1625
bundles/systemd-networkd: faster miimon
2020-12-18 06:33:05 +01:00
ecb7a93073
bundles/pppd: silence restart-pppoe-if-no-public-ip
2020-12-18 06:32:18 +01:00
e33af1c845
bundles/unbound: refresh root-hint.txt once a week
2020-12-13 15:22:19 +01:00
9c6fe48859
bundles/unbound: add netdata config
bundlewrap/pipeline/head This commit looks good
2020-12-13 15:17:19 +01:00
3eeb253e55
bundles/unbound: introduce, add to nodes
bundlewrap/pipeline/head This commit looks good
2020-12-13 14:59:44 +01:00
c5e43188ca
bundles/radvd: support not announcing a nameserver
2020-12-13 14:59:10 +01:00
057d4f0c4c
bundles/dovecot: autoexpunge Trash older than 360 days
bundlewrap/pipeline/head This commit looks good
2020-12-13 11:55:28 +01:00
18c56cce9a
bundles/dovecot: do not auto-subscribe to junk mailbox
2020-12-13 11:54:55 +01:00
58d99eb402
bundles/systemd: configure journald
bundlewrap/pipeline/head This commit looks good
2020-12-12 10:39:57 +01:00
cf4d0c1ca6
bundles/powerdnsadmin: ensure permissions of powerdnsadmin static directory
bundlewrap/pipeline/head This commit looks good
2020-12-10 22:18:04 +01:00
8be6f9b78d
bundles/apt: fix date call in check_unattended_upgrades
2020-12-10 22:15:31 +01:00
be15458e1e
bundles/powerdnsadmin: fix database upgrade
bundlewrap/pipeline/head This commit looks good
2020-12-10 22:07:26 +01:00
1d06d86205
bundles/wireguard: fix early fault resolve in metadata.py
bundlewrap/pipeline/head This commit looks good
2020-12-10 16:39:26 +01:00
bd217f0666
bundles/pppd: automatically restart pppoe (once per hour) if no public ip address can be found
bundlewrap/pipeline/head There was a failure building this commit
2020-12-10 16:14:17 +01:00
b80c0b12fe
home.router: add c3voc vpn
2020-12-08 17:45:30 +01:00
9398649db0
bundles/seafile: add icinga checks
bundlewrap/pipeline/head There was a failure building this commit
2020-12-05 09:28:54 +01:00
febcacdfe3
icinga2: enable mails for update checks
2020-12-05 09:17:21 +01:00
67d8293201
bundles/wireguard: one icinga2 check per peer
bundlewrap/pipeline/head There was a failure building this commit
2020-11-30 06:43:46 +01:00
295ff72b4b
bundles/smartd: introduce, add to hosts where *we* need to keep track of disk health
bundlewrap/pipeline/head This commit looks good
2020-11-29 12:07:27 +01:00
8456ac43c6
bundles/nfs-client: don't try to start automount units
2020-11-29 12:06:34 +01:00
1bfeead5e8
nodes/home.nas: change nfs-mount options for /storage/nas
2020-11-29 12:05:51 +01:00
a549936e09
bundles/nfs-server: ensure nfs-kernel-server is started
2020-11-28 15:48:27 +01:00
014b37082c
bundles/wireguard: send pings over vpn, if pppd reconnects
2020-11-27 03:09:37 +01:00
c1885e20b6
nodes/home.octoprint-vielschichtigkeit: fix ifnames, fix vhost
2020-11-25 21:26:21 +01:00
dc9e378908
bundles/icinga2: add icinga statusmonitor
bundlewrap/pipeline/head This commit looks good
2020-11-22 18:56:04 +01:00
12ce8d8f6e
bundles/icinga2: add automatic downtime for upgrade-and-reboot
bundlewrap/pipeline/head This commit looks good
2020-11-22 13:28:14 +01:00
3a56b0425c
bundles/icinga2: add default for vars.notification.mail, enable mail for check_sipgate_account_balance
bundlewrap/pipeline/head This commit looks good
2020-11-22 11:44:09 +01:00
9651d740ae
bundles/icinga2: add check_sipgate_account_balance, adjust check_interval
bundlewrap/pipeline/head This commit looks good
2020-11-22 11:38:53 +01:00
9cace7dace
bundles/icinga2: only include service_name in sms if it actually is a service
bundlewrap/pipeline/head This commit looks good
2020-11-22 11:09:44 +01:00
54219928e4
bundles/icinga2: only add user to on-call group if they have atleast one of (email, phone) set
bundlewrap/pipeline/head This commit looks good
2020-11-22 11:07:02 +01:00
8c6c691e5e
bundles/icinga2: implement SMS notifications
2020-11-22 10:34:49 +01:00
22d5ba12ee
bundles/octoprint: don't try to resolve faults in metadata.py
bundlewrap/pipeline/head This commit looks good
2020-11-22 09:07:28 +01:00
15826c73b0
bundles/icinga2: send notifications
bundlewrap/pipeline/head There was a failure building this commit
2020-11-22 09:04:24 +01:00
d26b8ade45
remove some comments
2020-11-22 08:27:37 +01:00
4a57926577
bundles/icinga2: set some notification options for checks
2020-11-22 08:24:44 +01:00
b114ba3ff8
bundles/postgresql: fix typo
bundlewrap/pipeline/head There was a failure building this commit
2020-11-22 07:40:34 +01:00
d428572461
bundles/icinga2: add servicegroup for every service which has checks
bundlewrap/pipeline/head There was a failure building this commit
2020-11-21 23:04:15 +01:00
0bc4b5439c
bundles/icinga2: add hostgroup for every bw group
bundlewrap/pipeline/head There was a failure building this commit
2020-11-21 22:46:29 +01:00
12cf03e03f
bundles/icinga2: generate icinga_users from users.json
bundlewrap/pipeline/head There was a failure building this commit
2020-11-21 21:46:41 +01:00
c77856f97a
bundles/vmhost: add info line to QEMU VM STATUS
2020-11-21 21:01:37 +01:00
5639da4954
bundles/vmhost: add QEMU VM STATUS check
bundlewrap/pipeline/head There was a failure building this commit
2020-11-21 20:58:55 +01:00
325f483a26
bundles/{gitea,mautrix-telegram}: add update check
bundlewrap/pipeline/head There was a failure building this commit
2020-11-21 20:35:51 +01:00
4f5e462c94
bundles/octoprint: add update check
2020-11-21 20:35:29 +01:00
91f2fd839b
bundles/sshmon: add check_github_for_new_release
2020-11-21 20:03:50 +01:00
a4ca98e79e
bundles/rspamd: add monitoring
bundlewrap/pipeline/head This commit looks good
2020-11-21 18:55:45 +01:00
e6acda1f52
bundles/powerdns: add monitoring
2020-11-21 18:55:34 +01:00
2fdeeca9c3
bundles/postgresql: add monitoring
2020-11-21 18:55:21 +01:00
2f7f35c85a
bundles/matrix*: add monitoring
2020-11-21 18:55:06 +01:00
1d450b9829
bundles/apt: fix statusfile output of unattended upgrades
bundlewrap/pipeline/head This commit looks good
2020-11-21 18:07:01 +01:00
35025b40f6
bundles/sshmon: increase timeout for INTERNET check
bundlewrap/pipeline/head This commit looks good
2020-11-21 16:17:16 +01:00
5aee050c5d
bundles/wireguard: add icinga check
2020-11-21 16:15:34 +01:00
58ca3fa9ae
bundles/wireguard: add netdev and network files, add iptables rules
bundlewrap/pipeline/head This commit looks good
2020-11-21 15:38:38 +01:00
63fd31c226
bundles/icinga2: support specifying an alternative host for checks
bundlewrap/pipeline/head This commit looks good
2020-11-21 10:58:57 +01:00
5419bf31fb
bundles: fix some icinga checks
2020-11-21 10:30:05 +01:00
11071914e0
bundles/icinga2: initial working draft
2020-11-21 10:29:36 +01:00
d3de7a27be
bundles/icinga2: add dependencies for icingaweb2 setup
2020-11-21 08:57:46 +01:00
6ad28bb375
bundles/vnstat: add graph for "yesterday"
2020-11-19 16:52:45 +01:00
fd99334a66
bundles/vnstat: improve usability of web dashboard for mobile devices
bundlewrap/pipeline/head This commit looks good
2020-11-16 21:43:51 +01:00
6b11a7b2a8
bundles/vnstat: redirect cron output to /dev/null
bundlewrap/pipeline/head This commit looks good
2020-11-16 17:10:14 +01:00
7d78ac9db8
bundles/vnstat: add flag to generate statistics images, add to home.router
bundlewrap/pipeline/head This commit looks good
2020-11-16 17:07:05 +01:00
2d856a1e9a
bundles/nginx: add iptables rules
bundlewrap/pipeline/head This commit looks good
2020-11-16 16:43:57 +01:00
88dd587fb4
bundles/vnstat: introduce, add to home.router
2020-11-16 16:33:26 +01:00
8343838dc6
bundles/nfs-client: don't touch permissions of mount directory by default
bundlewrap/pipeline/head This commit looks good
2020-11-15 13:37:13 +01:00
sophie
75e199ae0d
Merge pull request 'bundle/dhcpd: improvements' ( #19 ) from kunsi-dhcpd-improvements into main
...
bundlewrap/pipeline/head This commit looks good
Reviewed-on: https://git.kunsmann.eu/kunsi/bundlewrap/pulls/19
2020-11-15 12:34:41 +00:00
c9e5ae87a1
bundles/users: sort ssh keys
bundlewrap/pipeline/head This commit looks good
2020-11-15 13:26:10 +01:00
121dfb692c
bundles/netdata: use correct metadatum name
bundlewrap/pipeline/head This commit looks good
2020-11-15 13:25:15 +01:00
9df5cb1f16
bundles/dhcpd: remove hardcoded group in metadata reactor get_static_allocations()
bundlewrap/pipeline/head This commit looks good
2020-11-15 13:23:24 +01:00
c597244a9d
bundles/dhcpd: adjust spacing in metadata processor for static leases
bundlewrap/pipeline/head This commit looks good
2020-11-15 12:07:02 +01:00
d5bca495e0
bundles/dhcpd: remove some .get()
bundlewrap/pipeline/head This commit looks good
2020-11-15 12:06:03 +01:00
ad569f073e
bundles/dhcpd: add iptables rules
2020-11-15 12:01:14 +01:00
cdef8cdb13
bundles/dhcpd: adjust indentation in dhcpd.conf
2020-11-15 12:00:58 +01:00
4f9281a4a4
bundles/dhcpd: download oui.txt
bundlewrap/pipeline/head This commit looks good
2020-11-15 11:40:33 +01:00
2457d5b435
bundles/backup-client: redirect stderr to /dev/null
...
bundlewrap/pipeline/head This commit looks good
We have monitoring to determine wether the backup succeeded or not.
No need for E-Mails, too.
2020-11-15 11:15:53 +01:00
84d1984cc1
nodes/home.nas: add users to "nas" group, add cronjobs to ensure permissions on nas dataset
bundlewrap/pipeline/head This commit looks good
2020-11-15 11:12:22 +01:00
ccfa56ad5e
bundles/pppd: also wait for ppp interface to vanish before restarting
bundlewrap/pipeline/head This commit looks good
2020-11-15 10:02:13 +01:00
0aafeb96cd
bundles/pppd: make sure dependent services are stopped before restarting pppoe session
2020-11-15 09:56:06 +01:00
d83dbbdd75
bundles/systemd-networkd: use some more options for bond interfaces
2020-11-15 09:39:44 +01:00
5319cd1e8b
bundles/netdata: disable health checks
2020-11-14 16:55:29 +01:00
6d58f2387f
bundles/openssh: introduce, add to all nodes
bundlewrap/pipeline/head This commit looks good
2020-11-14 14:46:59 +01:00
e56e875433
bundles/rspamd: switch to automatically-generated dkim key
2020-11-14 14:35:27 +01:00
3213e462c5
bundles/netdata: only save to ram, keep less history
2020-11-14 14:34:38 +01:00
1339564dc4
bundles/netdata: introduce, add to home.nas and home.router
bundlewrap/pipeline/head This commit looks good
2020-11-14 14:05:28 +01:00
ff607777ce
bundles/backup-client: support using a non-standard ssh port
bundlewrap/pipeline/head This commit looks good
2020-11-14 12:52:18 +01:00
f405dca771
bundles/pppd: add dyndns capability
2020-11-14 12:46:19 +01:00
0ca8edf656
bundles/apt: move patchday to metadata reactor, make patchday configurable
2020-11-14 12:24:55 +01:00
32b7dda61f
bundles/iptables: add newline to rules files
2020-11-14 12:24:12 +01:00
877744b0ba
bundles/pppd: send out a Router Solicitation on ifup
bundlewrap/pipeline/head This commit looks good
2020-11-14 12:11:51 +01:00
a14580944b
bundles/{radvd,wide-dhcp6c}: improve handling of non-properly terminated ip-down scripts
2020-11-14 11:57:01 +01:00
644eb37b82
bundles/radvd: introduce, add to home.router
2020-11-14 11:47:44 +01:00
fa224a9939
bundles/wide-dhcp6c: introduce, add to home.router
2020-11-14 11:34:16 +01:00
00ba7e49d6
bundles/pppd: accept RA on ppp interface
2020-11-13 23:56:59 +01:00
Sophie Schiller
cbfc8c75ad
bundles/dhcpd add defaults file and some escaping
bundlewrap/pipeline/head This commit looks good
2020-11-13 23:30:49 +01:00
Sophie Schiller
ef211f7356
update gitignore
2020-11-13 23:30:49 +01:00
Sophie Schiller
dcf944b198
bundles/dhcpd add initial items, metadata and template
2020-11-13 23:30:49 +01:00
6ba0f6df1d
bundles/systemd: make sure we're using UTC and NTP
bundlewrap/pipeline/head This commit looks good
2020-11-13 23:26:13 +01:00
870a5252e5
bundles/pppd: add iptables rules on ifup/ifdown
2020-11-13 23:04:43 +01:00
f65e216828
bundles/iptables: introduce, add to home.router
bundlewrap/pipeline/head This commit looks good
2020-11-13 22:47:23 +01:00
df9863ef31
bundles/openvpn-client: add
2020-11-13 22:15:36 +01:00
e515378497
bundles/backup-server: dummy nodes never do backups
bundlewrap/pipeline/head There was a failure building this commit
2020-11-13 21:58:35 +01:00
3b829caaf6
bundles/pppd: introduce
2020-11-13 21:41:02 +01:00
b1860b7e01
bundles/systemd-networkd: add option to only create a .netdev file for interfaces
2020-11-13 21:40:44 +01:00
75d86f3339
bundles/systemd-networkd: support vlans
2020-11-13 16:29:17 +01:00
4213b60052
bundles/lldp: introduce, add to all nodes at home
2020-11-13 16:28:43 +01:00
b9b0a9c5ca
bundles/vmhost: install correct packages
2020-11-13 14:47:40 +01:00
df63f8c732
bundles/nginx: make sure /var/www exists
2020-11-13 13:35:02 +01:00
e91ac7e457
bundles/backup-client: fix detection of rsync errors
bundlewrap/pipeline/head This commit looks good
2020-11-13 13:34:21 +01:00
d31910368c
icinga2: install packages and dependencies
2020-11-13 13:19:26 +01:00
6bac83def2
bundles/rspamd: fix automatic generation of dkim key
bundlewrap/pipeline/head This commit looks good
2020-11-13 13:11:26 +01:00
cff0870e63
bundles/rspamd: refine auto-generation of dkim signing keys
2020-11-13 13:09:37 +01:00
56f1b1a6c6
bundles/rspamd: first draft for automatically-rotating dkim keys
2020-11-13 13:09:34 +01:00
f04dac11e5
Merge branch 'kunsi-icinga2' into main
bundlewrap/pipeline/head This commit looks good
2020-11-13 13:03:16 +01:00
741f3b0032
bundles/backup-client: fix cronjob
2020-11-13 12:57:50 +01:00