|
3b90426b4d
|
bundles/pretalx: fix needs for systemd units
bundlewrap/pipeline/head This commit looks good
|
2021-01-17 08:01:15 +01:00 |
|
|
2b0678063c
|
bundles/pretalx: new version needs to trigger regenerate_css, too
bundlewrap/pipeline/head This commit looks good
|
2021-01-17 07:59:57 +01:00 |
|
|
b5cc8c2c57
|
bundles/pretalx: add to PORT_MAP.md, allocate a port
bundlewrap/pipeline/head This commit looks good
|
2021-01-17 07:55:08 +01:00 |
|
|
35abb92daf
|
bundles/icinga2: do not schedule downtimes for hosts which do not do unattended-upgrades
bundlewrap/pipeline/head This commit looks good
|
2021-01-16 22:31:51 +01:00 |
|
|
173746fe9c
|
bundles/sshmon: ensure sshmon user is able to log in
|
2021-01-16 22:31:18 +01:00 |
|
|
39aabd0546
|
bundles/backup-server: of course, we need to ignore hosts which have exclude_from_backups set
bundlewrap/pipeline/head This commit looks good
|
2021-01-16 22:22:51 +01:00 |
|
|
ad84f62c0d
|
bundles/sshmon: do not rely on bundle:users to create sshmon user
bundlewrap/pipeline/head There was a failure building this commit
|
2021-01-16 22:21:27 +01:00 |
|
|
ec8802dd4a
|
bundles/backup-server: ignore all nodes which don't have bundle:backup-client
|
2021-01-16 22:12:49 +01:00 |
|
|
9f0fc90679
|
bundles/pretalx: fix wrong metadata key
|
2021-01-16 22:12:16 +01:00 |
|
|
70944d7065
|
bundles/pretalx: introduce
|
2021-01-16 22:03:38 +01:00 |
|
|
0b9056bd2b
|
add pseudo-bundle to add configs to c3voc ansible managed hosts
|
2021-01-16 22:03:03 +01:00 |
|
|
8fc0017378
|
bundles/backup-client: do backups at 00:xx, so it won't interfere with upgrade-and-reboot
bundlewrap/pipeline/head This commit looks good
|
2021-01-15 15:31:36 +01:00 |
|
|
9854fc9dbc
|
bundles/hostname: also set motd
|
2021-01-15 15:29:49 +01:00 |
|
|
db3a15310c
|
bundles/letsencrypt: fix concat_and_deploy comment
bundlewrap/pipeline/head This commit looks good
|
2021-01-10 10:48:19 +01:00 |
|
|
659e35686e
|
bundles/iptables: removing rule files should also trigger iptables-enforce
bundlewrap/pipeline/head This commit looks good
|
2021-01-09 14:02:50 +01:00 |
|
|
4f6b57676a
|
bundles/systemd-networkd: LACPTransmitRate=fast
bundlewrap/pipeline/head This commit looks good
|
2021-01-09 12:52:03 +01:00 |
|
|
00fd1df67a
|
bundles/wide-dhcp6c: stop, then start, instead of restart
|
2021-01-09 12:51:37 +01:00 |
|
|
8e54d6eb23
|
add monitoring for freifunk nodes
bundlewrap/pipeline/head This commit looks good
|
2021-01-09 11:03:23 +01:00 |
|
|
19dd29e847
|
bundles/transmission: also allow tcp peer-port
bundlewrap/pipeline/head This commit looks good
|
2021-01-08 17:06:26 +01:00 |
|
|
33b85ff0de
|
bundles/transmission: add bundle, add to home.downloadhelper
bundlewrap/pipeline/head This commit looks good
|
2021-01-08 17:00:08 +01:00 |
|
|
dca13263e2
|
bundles/systemd-networkd: add option for setting static routes
|
2021-01-08 16:09:59 +01:00 |
|
|
17510b783c
|
bundles/nfs-client: do start automount units. Previous comment was wrong.
bundlewrap/pipeline/head This commit looks good
|
2021-01-07 22:15:57 +01:00 |
|
|
fb42f9e667
|
bundles/dhcpd: catch keyerrors for nodes which do dhcp in unmanaged networks
|
2021-01-07 22:14:17 +01:00 |
|
|
2d42e5f7dd
|
update bw to 4.3, add .provides() to metadata reactors
bundlewrap/pipeline/head This commit looks good
|
2021-01-07 18:44:38 +01:00 |
|
|
7f0fb7a6e2
|
bundles/influxdb: remove
|
2021-01-07 18:28:08 +01:00 |
|
Sophie Schiller
|
2ba4946975
|
update letsencrypt hashes
bundlewrap/pipeline/head This commit looks good
|
2021-01-06 13:18:44 +01:00 |
|
|
ec13a1edaa
|
bundles/simple-icinga-dashboard: repo is public now
bundlewrap/pipeline/head This commit looks good
|
2021-01-03 09:56:51 +01:00 |
|
|
03d3ab6e9d
|
bundles/{netdata,nginx,unbound}: fix iptables rules (should also create ip6tables rules)
bundlewrap/pipeline/head There was a failure building this commit
|
2021-01-02 16:19:55 +01:00 |
|
|
e8d131b041
|
add simple-icinga-dashboard on status.franzi.business
bundlewrap/pipeline/head There was a failure building this commit
fixes #20
|
2021-01-02 14:47:11 +01:00 |
|
|
2ebf7ec32b
|
bundles/mautrix-whatsapp: disable log timestamps, journal takes care of that
bundlewrap/pipeline/head This commit looks good
|
2021-01-02 14:01:26 +01:00 |
|
|
b8bcc6c499
|
bundles/mautrix-whatsapp: only log to journal
bundlewrap/pipeline/head This commit looks good
|
2021-01-02 13:59:47 +01:00 |
|
|
8752299e61
|
bundles/icinga2: add hostgroup for hosts which send SMS
bundlewrap/pipeline/head This commit looks good
|
2021-01-02 12:58:52 +01:00 |
|
|
4f57a6c0e3
|
icinga2: more checks should send sms
bundlewrap/pipeline/head This commit looks good
|
2021-01-02 12:26:37 +01:00 |
|
|
10fd67a0fd
|
bundles/systemd-networkd: fix LACP options
bundlewrap/pipeline/head This commit looks good
fixes #25, hopefully
|
2021-01-02 11:00:10 +01:00 |
|
|
f329373a4a
|
bundles/systemd-networkd: remove settings from bond.netdev
bundlewrap/pipeline/head This commit looks good
Why the fuck doesn't this work like it's written in the documentation?
|
2021-01-01 22:00:50 +01:00 |
|
|
16ea6ce0d5
|
bundles/systemd-networkd: disable STP on bridges
|
2021-01-01 21:59:21 +01:00 |
|
|
48fc341137
|
bundles/backup-client: add monitoring for backups
|
2021-01-01 13:59:42 +01:00 |
|
|
3e1d3b483e
|
bundles/mautrix-whatsapp: use -a for check_procs
bundlewrap/pipeline/head This commit looks good
|
2020-12-31 12:31:14 +01:00 |
|
|
fede30c2cc
|
bundles/mautrix-whatsapp: introduce
|
2020-12-31 12:18:34 +01:00 |
|
|
914889da6c
|
bundles/vmhost: add option to exclude VM from monitoring
bundlewrap/pipeline/head This commit looks good
|
2020-12-29 10:18:16 +01:00 |
|
|
62d7baa3ec
|
bundles/icinga2: admins shall receive all notifications
bundlewrap/pipeline/head This commit looks good
|
2020-12-27 09:09:40 +01:00 |
|
|
d72c43083d
|
nodes/rx300: set proper lldp hostname
bundlewrap/pipeline/head This commit looks good
|
2020-12-25 14:45:41 +01:00 |
|
|
ca7f3ed4a6
|
bundles/octoprint: fix typo in check_octoprint_update
bundlewrap/pipeline/head This commit looks good
|
2020-12-23 12:38:44 +01:00 |
|
|
e40f88aa69
|
bundles/unbound: only start unbound after pppoe.service has been started (fixes #23)
bundlewrap/pipeline/head This commit looks good
|
2020-12-23 10:50:54 +01:00 |
|
|
275249481f
|
bundles/octoprint: display version in update check, remove error states (we're monitoring this separately)
bundlewrap/pipeline/head This commit looks good
|
2020-12-23 10:43:13 +01:00 |
|
|
d2be654206
|
bundles/unbound: enable prefetching
|
2020-12-22 09:24:10 +01:00 |
|
|
5e45efb7ae
|
bundles/unbound: better caching
|
2020-12-22 09:22:37 +01:00 |
|
|
5935aed0db
|
bundles/{netdata,pppd,radvd,vmhost,vnstat,wide-dhcp6c}: add monitoring
bundlewrap/pipeline/head This commit looks good
|
2020-12-21 09:50:15 +01:00 |
|
|
0b52f8e7e6
|
bundles/icinga2: allow limiting permissions for api users
|
2020-12-20 09:33:17 +01:00 |
|
|
da4b139095
|
bundles/{radvd,wide-dhcp6c}: remove metadata key integrate-with-pppd
bundlewrap/pipeline/head This commit looks good
|
2020-12-18 16:30:17 +01:00 |
|
|
6045debe9e
|
bundles/nginx: check ssl certificates
bundlewrap/pipeline/head This commit looks good
|
2020-12-18 13:28:08 +01:00 |
|
|
5f5c3d5207
|
bundles/icinga2: admins shall receive more notifications
bundlewrap/pipeline/head This commit looks good
|
2020-12-18 08:24:19 +01:00 |
|
|
958f5893e6
|
bundles/zfs: adjust warning period for check_zfs_old_snapshots
|
2020-12-18 08:23:42 +01:00 |
|
|
487e4d0df6
|
bundles/rspamd: add missing }
|
2020-12-18 08:21:56 +01:00 |
|
|
e81fcafe7a
|
bundles/powerdns: fix dependencies
bundlewrap/pipeline/head There was a failure building this commit
|
2020-12-18 06:41:24 +01:00 |
|
|
63d455d242
|
bundles/rspamd: fix dependencies
|
2020-12-18 06:41:05 +01:00 |
|
|
65db8b1625
|
bundles/systemd-networkd: faster miimon
|
2020-12-18 06:33:05 +01:00 |
|
|
ecb7a93073
|
bundles/pppd: silence restart-pppoe-if-no-public-ip
|
2020-12-18 06:32:18 +01:00 |
|
|
e33af1c845
|
bundles/unbound: refresh root-hint.txt once a week
|
2020-12-13 15:22:19 +01:00 |
|
|
9c6fe48859
|
bundles/unbound: add netdata config
bundlewrap/pipeline/head This commit looks good
|
2020-12-13 15:17:19 +01:00 |
|
|
3eeb253e55
|
bundles/unbound: introduce, add to nodes
bundlewrap/pipeline/head This commit looks good
|
2020-12-13 14:59:44 +01:00 |
|
|
c5e43188ca
|
bundles/radvd: support not announcing a nameserver
|
2020-12-13 14:59:10 +01:00 |
|
|
057d4f0c4c
|
bundles/dovecot: autoexpunge Trash older than 360 days
bundlewrap/pipeline/head This commit looks good
|
2020-12-13 11:55:28 +01:00 |
|
|
18c56cce9a
|
bundles/dovecot: do not auto-subscribe to junk mailbox
|
2020-12-13 11:54:55 +01:00 |
|
|
58d99eb402
|
bundles/systemd: configure journald
bundlewrap/pipeline/head This commit looks good
|
2020-12-12 10:39:57 +01:00 |
|
|
cf4d0c1ca6
|
bundles/powerdnsadmin: ensure permissions of powerdnsadmin static directory
bundlewrap/pipeline/head This commit looks good
|
2020-12-10 22:18:04 +01:00 |
|
|
8be6f9b78d
|
bundles/apt: fix date call in check_unattended_upgrades
|
2020-12-10 22:15:31 +01:00 |
|
|
be15458e1e
|
bundles/powerdnsadmin: fix database upgrade
bundlewrap/pipeline/head This commit looks good
|
2020-12-10 22:07:26 +01:00 |
|
|
1d06d86205
|
bundles/wireguard: fix early fault resolve in metadata.py
bundlewrap/pipeline/head This commit looks good
|
2020-12-10 16:39:26 +01:00 |
|
|
bd217f0666
|
bundles/pppd: automatically restart pppoe (once per hour) if no public ip address can be found
bundlewrap/pipeline/head There was a failure building this commit
|
2020-12-10 16:14:17 +01:00 |
|
|
b80c0b12fe
|
home.router: add c3voc vpn
|
2020-12-08 17:45:30 +01:00 |
|
|
9398649db0
|
bundles/seafile: add icinga checks
bundlewrap/pipeline/head There was a failure building this commit
|
2020-12-05 09:28:54 +01:00 |
|
|
febcacdfe3
|
icinga2: enable mails for update checks
|
2020-12-05 09:17:21 +01:00 |
|
|
67d8293201
|
bundles/wireguard: one icinga2 check per peer
bundlewrap/pipeline/head There was a failure building this commit
|
2020-11-30 06:43:46 +01:00 |
|
|
295ff72b4b
|
bundles/smartd: introduce, add to hosts where *we* need to keep track of disk health
bundlewrap/pipeline/head This commit looks good
|
2020-11-29 12:07:27 +01:00 |
|
|
8456ac43c6
|
bundles/nfs-client: don't try to start automount units
|
2020-11-29 12:06:34 +01:00 |
|
|
1bfeead5e8
|
nodes/home.nas: change nfs-mount options for /storage/nas
|
2020-11-29 12:05:51 +01:00 |
|
|
a549936e09
|
bundles/nfs-server: ensure nfs-kernel-server is started
|
2020-11-28 15:48:27 +01:00 |
|
|
014b37082c
|
bundles/wireguard: send pings over vpn, if pppd reconnects
|
2020-11-27 03:09:37 +01:00 |
|
|
c1885e20b6
|
nodes/home.octoprint-vielschichtigkeit: fix ifnames, fix vhost
|
2020-11-25 21:26:21 +01:00 |
|
|
dc9e378908
|
bundles/icinga2: add icinga statusmonitor
bundlewrap/pipeline/head This commit looks good
|
2020-11-22 18:56:04 +01:00 |
|
|
12ce8d8f6e
|
bundles/icinga2: add automatic downtime for upgrade-and-reboot
bundlewrap/pipeline/head This commit looks good
|
2020-11-22 13:28:14 +01:00 |
|
|
3a56b0425c
|
bundles/icinga2: add default for vars.notification.mail, enable mail for check_sipgate_account_balance
bundlewrap/pipeline/head This commit looks good
|
2020-11-22 11:44:09 +01:00 |
|
|
9651d740ae
|
bundles/icinga2: add check_sipgate_account_balance, adjust check_interval
bundlewrap/pipeline/head This commit looks good
|
2020-11-22 11:38:53 +01:00 |
|
|
9cace7dace
|
bundles/icinga2: only include service_name in sms if it actually is a service
bundlewrap/pipeline/head This commit looks good
|
2020-11-22 11:09:44 +01:00 |
|
|
54219928e4
|
bundles/icinga2: only add user to on-call group if they have atleast one of (email, phone) set
bundlewrap/pipeline/head This commit looks good
|
2020-11-22 11:07:02 +01:00 |
|
|
8c6c691e5e
|
bundles/icinga2: implement SMS notifications
|
2020-11-22 10:34:49 +01:00 |
|
|
22d5ba12ee
|
bundles/octoprint: don't try to resolve faults in metadata.py
bundlewrap/pipeline/head This commit looks good
|
2020-11-22 09:07:28 +01:00 |
|
|
15826c73b0
|
bundles/icinga2: send notifications
bundlewrap/pipeline/head There was a failure building this commit
|
2020-11-22 09:04:24 +01:00 |
|
|
d26b8ade45
|
remove some comments
|
2020-11-22 08:27:37 +01:00 |
|
|
4a57926577
|
bundles/icinga2: set some notification options for checks
|
2020-11-22 08:24:44 +01:00 |
|
|
b114ba3ff8
|
bundles/postgresql: fix typo
bundlewrap/pipeline/head There was a failure building this commit
|
2020-11-22 07:40:34 +01:00 |
|
|
d428572461
|
bundles/icinga2: add servicegroup for every service which has checks
bundlewrap/pipeline/head There was a failure building this commit
|
2020-11-21 23:04:15 +01:00 |
|
|
0bc4b5439c
|
bundles/icinga2: add hostgroup for every bw group
bundlewrap/pipeline/head There was a failure building this commit
|
2020-11-21 22:46:29 +01:00 |
|
|
12cf03e03f
|
bundles/icinga2: generate icinga_users from users.json
bundlewrap/pipeline/head There was a failure building this commit
|
2020-11-21 21:46:41 +01:00 |
|
|
c77856f97a
|
bundles/vmhost: add info line to QEMU VM STATUS
|
2020-11-21 21:01:37 +01:00 |
|
|
5639da4954
|
bundles/vmhost: add QEMU VM STATUS check
bundlewrap/pipeline/head There was a failure building this commit
|
2020-11-21 20:58:55 +01:00 |
|
|
325f483a26
|
bundles/{gitea,mautrix-telegram}: add update check
bundlewrap/pipeline/head There was a failure building this commit
|
2020-11-21 20:35:51 +01:00 |
|
|
4f5e462c94
|
bundles/octoprint: add update check
|
2020-11-21 20:35:29 +01:00 |
|
|
91f2fd839b
|
bundles/sshmon: add check_github_for_new_release
|
2020-11-21 20:03:50 +01:00 |
|
|
a4ca98e79e
|
bundles/rspamd: add monitoring
bundlewrap/pipeline/head This commit looks good
|
2020-11-21 18:55:45 +01:00 |
|
|
e6acda1f52
|
bundles/powerdns: add monitoring
|
2020-11-21 18:55:34 +01:00 |
|
|
2fdeeca9c3
|
bundles/postgresql: add monitoring
|
2020-11-21 18:55:21 +01:00 |
|
|
2f7f35c85a
|
bundles/matrix*: add monitoring
|
2020-11-21 18:55:06 +01:00 |
|
|
1d450b9829
|
bundles/apt: fix statusfile output of unattended upgrades
bundlewrap/pipeline/head This commit looks good
|
2020-11-21 18:07:01 +01:00 |
|
|
35025b40f6
|
bundles/sshmon: increase timeout for INTERNET check
bundlewrap/pipeline/head This commit looks good
|
2020-11-21 16:17:16 +01:00 |
|
|
5aee050c5d
|
bundles/wireguard: add icinga check
|
2020-11-21 16:15:34 +01:00 |
|
|
58ca3fa9ae
|
bundles/wireguard: add netdev and network files, add iptables rules
bundlewrap/pipeline/head This commit looks good
|
2020-11-21 15:38:38 +01:00 |
|
|
63fd31c226
|
bundles/icinga2: support specifying an alternative host for checks
bundlewrap/pipeline/head This commit looks good
|
2020-11-21 10:58:57 +01:00 |
|
|
5419bf31fb
|
bundles: fix some icinga checks
|
2020-11-21 10:30:05 +01:00 |
|
|
11071914e0
|
bundles/icinga2: initial working draft
|
2020-11-21 10:29:36 +01:00 |
|
|
d3de7a27be
|
bundles/icinga2: add dependencies for icingaweb2 setup
|
2020-11-21 08:57:46 +01:00 |
|
|
6ad28bb375
|
bundles/vnstat: add graph for "yesterday"
|
2020-11-19 16:52:45 +01:00 |
|
|
fd99334a66
|
bundles/vnstat: improve usability of web dashboard for mobile devices
bundlewrap/pipeline/head This commit looks good
|
2020-11-16 21:43:51 +01:00 |
|
|
6b11a7b2a8
|
bundles/vnstat: redirect cron output to /dev/null
bundlewrap/pipeline/head This commit looks good
|
2020-11-16 17:10:14 +01:00 |
|
|
7d78ac9db8
|
bundles/vnstat: add flag to generate statistics images, add to home.router
bundlewrap/pipeline/head This commit looks good
|
2020-11-16 17:07:05 +01:00 |
|
|
2d856a1e9a
|
bundles/nginx: add iptables rules
bundlewrap/pipeline/head This commit looks good
|
2020-11-16 16:43:57 +01:00 |
|
|
88dd587fb4
|
bundles/vnstat: introduce, add to home.router
|
2020-11-16 16:33:26 +01:00 |
|
|
8343838dc6
|
bundles/nfs-client: don't touch permissions of mount directory by default
bundlewrap/pipeline/head This commit looks good
|
2020-11-15 13:37:13 +01:00 |
|
sophie
|
75e199ae0d
|
Merge pull request 'bundle/dhcpd: improvements' (#19) from kunsi-dhcpd-improvements into main
bundlewrap/pipeline/head This commit looks good
Reviewed-on: https://git.kunsmann.eu/kunsi/bundlewrap/pulls/19
|
2020-11-15 12:34:41 +00:00 |
|
|
c9e5ae87a1
|
bundles/users: sort ssh keys
bundlewrap/pipeline/head This commit looks good
|
2020-11-15 13:26:10 +01:00 |
|
|
121dfb692c
|
bundles/netdata: use correct metadatum name
bundlewrap/pipeline/head This commit looks good
|
2020-11-15 13:25:15 +01:00 |
|
|
9df5cb1f16
|
bundles/dhcpd: remove hardcoded group in metadata reactor get_static_allocations()
bundlewrap/pipeline/head This commit looks good
|
2020-11-15 13:23:24 +01:00 |
|
|
c597244a9d
|
bundles/dhcpd: adjust spacing in metadata processor for static leases
bundlewrap/pipeline/head This commit looks good
|
2020-11-15 12:07:02 +01:00 |
|
|
d5bca495e0
|
bundles/dhcpd: remove some .get()
bundlewrap/pipeline/head This commit looks good
|
2020-11-15 12:06:03 +01:00 |
|
|
ad569f073e
|
bundles/dhcpd: add iptables rules
|
2020-11-15 12:01:14 +01:00 |
|
|
cdef8cdb13
|
bundles/dhcpd: adjust indentation in dhcpd.conf
|
2020-11-15 12:00:58 +01:00 |
|
|
4f9281a4a4
|
bundles/dhcpd: download oui.txt
bundlewrap/pipeline/head This commit looks good
|
2020-11-15 11:40:33 +01:00 |
|
|
2457d5b435
|
bundles/backup-client: redirect stderr to /dev/null
bundlewrap/pipeline/head This commit looks good
We have monitoring to determine wether the backup succeeded or not.
No need for E-Mails, too.
|
2020-11-15 11:15:53 +01:00 |
|
|
84d1984cc1
|
nodes/home.nas: add users to "nas" group, add cronjobs to ensure permissions on nas dataset
bundlewrap/pipeline/head This commit looks good
|
2020-11-15 11:12:22 +01:00 |
|
|
ccfa56ad5e
|
bundles/pppd: also wait for ppp interface to vanish before restarting
bundlewrap/pipeline/head This commit looks good
|
2020-11-15 10:02:13 +01:00 |
|
|
0aafeb96cd
|
bundles/pppd: make sure dependent services are stopped before restarting pppoe session
|
2020-11-15 09:56:06 +01:00 |
|
|
d83dbbdd75
|
bundles/systemd-networkd: use some more options for bond interfaces
|
2020-11-15 09:39:44 +01:00 |
|
|
5319cd1e8b
|
bundles/netdata: disable health checks
|
2020-11-14 16:55:29 +01:00 |
|
|
6d58f2387f
|
bundles/openssh: introduce, add to all nodes
bundlewrap/pipeline/head This commit looks good
|
2020-11-14 14:46:59 +01:00 |
|
|
e56e875433
|
bundles/rspamd: switch to automatically-generated dkim key
|
2020-11-14 14:35:27 +01:00 |
|
|
3213e462c5
|
bundles/netdata: only save to ram, keep less history
|
2020-11-14 14:34:38 +01:00 |
|
|
1339564dc4
|
bundles/netdata: introduce, add to home.nas and home.router
bundlewrap/pipeline/head This commit looks good
|
2020-11-14 14:05:28 +01:00 |
|
|
ff607777ce
|
bundles/backup-client: support using a non-standard ssh port
bundlewrap/pipeline/head This commit looks good
|
2020-11-14 12:52:18 +01:00 |
|
|
f405dca771
|
bundles/pppd: add dyndns capability
|
2020-11-14 12:46:19 +01:00 |
|
|
0ca8edf656
|
bundles/apt: move patchday to metadata reactor, make patchday configurable
|
2020-11-14 12:24:55 +01:00 |
|
|
32b7dda61f
|
bundles/iptables: add newline to rules files
|
2020-11-14 12:24:12 +01:00 |
|
|
877744b0ba
|
bundles/pppd: send out a Router Solicitation on ifup
bundlewrap/pipeline/head This commit looks good
|
2020-11-14 12:11:51 +01:00 |
|
|
a14580944b
|
bundles/{radvd,wide-dhcp6c}: improve handling of non-properly terminated ip-down scripts
|
2020-11-14 11:57:01 +01:00 |
|
|
644eb37b82
|
bundles/radvd: introduce, add to home.router
|
2020-11-14 11:47:44 +01:00 |
|
|
fa224a9939
|
bundles/wide-dhcp6c: introduce, add to home.router
|
2020-11-14 11:34:16 +01:00 |
|
|
00ba7e49d6
|
bundles/pppd: accept RA on ppp interface
|
2020-11-13 23:56:59 +01:00 |
|
Sophie Schiller
|
cbfc8c75ad
|
bundles/dhcpd add defaults file and some escaping
bundlewrap/pipeline/head This commit looks good
|
2020-11-13 23:30:49 +01:00 |
|
Sophie Schiller
|
ef211f7356
|
update gitignore
|
2020-11-13 23:30:49 +01:00 |
|
Sophie Schiller
|
dcf944b198
|
bundles/dhcpd add initial items, metadata and template
|
2020-11-13 23:30:49 +01:00 |
|
|
6ba0f6df1d
|
bundles/systemd: make sure we're using UTC and NTP
bundlewrap/pipeline/head This commit looks good
|
2020-11-13 23:26:13 +01:00 |
|
|
870a5252e5
|
bundles/pppd: add iptables rules on ifup/ifdown
|
2020-11-13 23:04:43 +01:00 |
|
|
f65e216828
|
bundles/iptables: introduce, add to home.router
bundlewrap/pipeline/head This commit looks good
|
2020-11-13 22:47:23 +01:00 |
|
|
df9863ef31
|
bundles/openvpn-client: add
|
2020-11-13 22:15:36 +01:00 |
|
|
e515378497
|
bundles/backup-server: dummy nodes never do backups
bundlewrap/pipeline/head There was a failure building this commit
|
2020-11-13 21:58:35 +01:00 |
|
|
3b829caaf6
|
bundles/pppd: introduce
|
2020-11-13 21:41:02 +01:00 |
|
|
b1860b7e01
|
bundles/systemd-networkd: add option to only create a .netdev file for interfaces
|
2020-11-13 21:40:44 +01:00 |
|
|
75d86f3339
|
bundles/systemd-networkd: support vlans
|
2020-11-13 16:29:17 +01:00 |
|
|
4213b60052
|
bundles/lldp: introduce, add to all nodes at home
|
2020-11-13 16:28:43 +01:00 |
|
|
b9b0a9c5ca
|
bundles/vmhost: install correct packages
|
2020-11-13 14:47:40 +01:00 |
|
|
df63f8c732
|
bundles/nginx: make sure /var/www exists
|
2020-11-13 13:35:02 +01:00 |
|
|
e91ac7e457
|
bundles/backup-client: fix detection of rsync errors
bundlewrap/pipeline/head This commit looks good
|
2020-11-13 13:34:21 +01:00 |
|
|
d31910368c
|
icinga2: install packages and dependencies
|
2020-11-13 13:19:26 +01:00 |
|
|
6bac83def2
|
bundles/rspamd: fix automatic generation of dkim key
bundlewrap/pipeline/head This commit looks good
|
2020-11-13 13:11:26 +01:00 |
|
|
cff0870e63
|
bundles/rspamd: refine auto-generation of dkim signing keys
|
2020-11-13 13:09:37 +01:00 |
|
|
56f1b1a6c6
|
bundles/rspamd: first draft for automatically-rotating dkim keys
|
2020-11-13 13:09:34 +01:00 |
|
|
f04dac11e5
|
Merge branch 'kunsi-icinga2' into main
bundlewrap/pipeline/head This commit looks good
|
2020-11-13 13:03:16 +01:00 |
|
|
741f3b0032
|
bundles/backup-client: fix cronjob
|
2020-11-13 12:57:50 +01:00 |
|
|
0749fc75c5
|
bundles: add backup paths
|
2020-11-13 12:37:26 +01:00 |
|
|
f71653e3ce
|
bundles/backup-{client,server}: introduce
|
2020-11-13 12:36:52 +01:00 |
|
|
30ee0c8bdf
|
bundles/mx-puppet-discord: restart service after building new version
|
2020-11-13 09:26:34 +01:00 |
|
|
e5c12f0628
|
bundles/nginx: create webroot directories after bundle:zfs is done
|
2020-11-12 22:59:46 +01:00 |
|
|
2274e7aa37
|
bundles/nfs-server: introduce
bundlewrap/pipeline/head This commit looks good
|
2020-11-12 19:59:02 +01:00 |
|
|
f2a0f0b46a
|
bundles/systemd-networkd: support bond and bridge interfaces
|
2020-11-12 19:38:10 +01:00 |
|
|
633ccb97fd
|
bundles/zfs: rename zed -> zfs-zed
|
2020-11-12 19:36:28 +01:00 |
|
|
d01d89d432
|
bundles/apt: support debian 11
|
2020-11-12 18:40:19 +01:00 |
|
|
e395a42160
|
bundles/apt: no need to have apt-daily.timer running
bundlewrap/pipeline/head This commit looks good
|
2020-11-12 15:10:59 +01:00 |
|
|
087f4bb74d
|
groups/{gce,home}: send mail via mx0.kunbox.net
bundlewrap/pipeline/head This commit looks good
|
2020-11-11 13:31:01 +01:00 |
|
|
11701a67c8
|
dns: deploy MTA-STS
bundlewrap/pipeline/head This commit looks good
|
2020-11-11 11:41:06 +01:00 |
|
|
d47c39185b
|
bundles/php: no need to restart php if just installing the base packages
bundlewrap/pipeline/head This commit looks good
|
2020-11-11 08:37:29 +01:00 |
|
|
652fb72ccc
|
bundles/postfix: fix metadata reactor for letsencrypt
|
2020-11-11 08:35:36 +01:00 |
|
|
9dd7589f12
|
bundles/postfix: add submission_header_cleanup file
|
2020-11-10 20:34:27 +01:00 |
|
|
8180769120
|
bundles/postfix: add postmaster alias
|
2020-11-10 20:32:39 +01:00 |
|
|
f9bd2d695d
|
bundles/postfix: add SPAM BLOCKLISt for every non-private IP attached to the server
bundlewrap/pipeline/head This commit looks good
|
2020-11-10 14:28:12 +01:00 |
|
|
aad1a742b7
|
bundles/icinga2: add ipv6-capable check_rbl script
|
2020-11-10 14:26:07 +01:00 |
|
|
f30aa48eca
|
bundles/icinga2: add sshmon private key
bundlewrap/pipeline/head This commit looks good
|
2020-11-10 13:43:46 +01:00 |
|
|
a176a1aa65
|
bundles/icinga2: introduce, install checks, install sources.list, create postgres database
bundlewrap/pipeline/head This commit looks good
|
2020-11-10 13:37:27 +01:00 |
|
|
a9c00409b4
|
bundles/mautrix-telegram: fix item dependency error
bundlewrap/pipeline/head This commit looks good
|
2020-11-10 13:26:03 +01:00 |
|
|
6cd02dc563
|
bundles: move non-login users to items.py
bundlewrap/pipeline/head There was a failure building this commit
|
2020-11-10 13:24:07 +01:00 |
|
|
cca4fec761
|
bundles/users: get default user data from users.json
|
2020-11-10 13:12:36 +01:00 |
|
|
c090a9c2c2
|
bundles/users: move root user to metadata
|
2020-11-10 12:50:08 +01:00 |
|
|
3fbe32518a
|
bundles/postgresql: rename users -> roles
bundlewrap/pipeline/head This commit looks good
|
2020-11-10 12:37:58 +01:00 |
|
|
d087cea869
|
bundles/gitea: add monitoring
|
2020-11-10 11:32:59 +01:00 |
|
|
985f47ca99
|
bundles/miniflux: add monitoring
|
2020-11-10 11:28:40 +01:00 |
|
|
8cb997133a
|
bundles/nginx: add monitoring
bundlewrap/pipeline/head This commit looks good
|
2020-11-10 10:57:04 +01:00 |
|
|
65a8efc97f
|
bundles/zfs: fix monitoring metadata
bundlewrap/pipeline/head This commit looks good
|
2020-11-10 10:35:01 +01:00 |
|
|
f80896fa3b
|
bundles/postfix: add monitoring
|
2020-11-10 10:21:37 +01:00 |
|
|
420cea15d2
|
bundles/apt: add monitoring for unattended upgrades
|
2020-11-10 09:50:20 +01:00 |
|
|
6ca0d863b1
|
bundles/sudo: use sudoers.d
bundlewrap/pipeline/head This commit looks good
|
2020-11-09 20:39:35 +01:00 |
|
|
c7362df6c4
|
bundles/sshmon: import from work repository
|
2020-11-09 20:31:06 +01:00 |
|
|
eaf268aea9
|
libs/tools: change resolve_identifier() to return ipv4 and ipv6 separately
bundlewrap/pipeline/head This commit looks good
|
2020-11-09 18:46:37 +01:00 |
|
|
67386d9efa
|
bundles/cron: provide some environment, also manage /etc/crontab
bundlewrap/pipeline/head This commit looks good
|
2020-11-09 18:24:01 +01:00 |
|
|
a58c5877bf
|
bundles/gce-workaround: uninstall gce-disk-expand, too
bundlewrap/pipeline/head This commit looks good
|
2020-11-09 16:48:28 +01:00 |
|
|
4921e0b74f
|
bundles/systemd-networkd: use correct syntax for resolv.conf
|
2020-11-09 16:47:56 +01:00 |
|
|
6f87a1d240
|
bundles/systemd-networkd: also deploy resolv.conf
|
2020-11-09 16:38:59 +01:00 |
|
|
394424951f
|
bundles/systemd-networkd: fix naming of GatewayOnlink
|
2020-11-09 16:38:35 +01:00 |
|
|
78047da04a
|
bundles/postgresql: only install packages after we have a zfs dataset
|
2020-11-09 16:37:00 +01:00 |
|
|
5bd642236c
|
bundles/postfix: only call newaliases if we already have postfix installed
|
2020-11-09 16:36:26 +01:00 |
|
|
607da9d39b
|
bundles/powerdns: user resolve_identifier() for node-dns-entries
|
2020-11-09 15:37:48 +01:00 |
|
|
91fd33cfa0
|
bundles/systemd-networkd: better dhcp support
|
2020-11-09 14:58:09 +01:00 |
|
|
5e7c7671e0
|
bundles/systemd-networkd: proper config
|
2020-11-09 14:48:19 +01:00 |
|
|
fbb4e2f7a5
|
systemd-networkd: first draft
|
2020-11-09 14:08:32 +01:00 |
|
|
c3c510c609
|
bundles/mautrix-telegram: disable parallel file transfers for now
|
2020-11-09 13:17:38 +01:00 |
|
|
af97226512
|
nodes/htz.ex42-1048908: update mautrix-telegram to 0.9.2-rc2
bundlewrap/pipeline/head This commit looks good
|
2020-11-09 12:16:06 +01:00 |
|
|
06e30cf23c
|
bundles/mautrix-telegram: also upgrade pip when upgrading bridge
|
2020-11-09 12:15:37 +01:00 |
|
|
90e3bb7fb2
|
bundles/mautrix-telegram: no need to provide our own alembic.ini
|
2020-11-09 12:12:04 +01:00 |
|
|
c0986eb956
|
bundles/mautrix-telegram: fix database migration
bundlewrap/pipeline/head This commit looks good
|
2020-11-09 12:09:17 +01:00 |
|
|
614b920890
|
bundles/mautrix-telegram: pin version until database migration is fixed
bundlewrap/pipeline/head This commit looks good
|
2020-11-09 11:27:34 +01:00 |
|
|
3ff5d8a7dd
|
bundles/postfix: add alias database
bundlewrap/pipeline/head This commit looks good
|
2020-11-09 10:52:24 +01:00 |
|
|
64cffad6a7
|
bundles/rspamd: silence clamav cronjob
|
2020-11-08 15:03:26 +01:00 |
|
|
0eca42d188
|
bundles/dovecot: fix home directory for virtual mailboxes
bundlewrap/pipeline/head This commit looks good
|
2020-11-08 13:00:44 +01:00 |
|
|
b4b988e5f2
|
bundles/postfix: disable TLS1.0 and 1.1, disable weak ciphers
bundlewrap/pipeline/head This commit looks good
|
2020-11-08 12:24:37 +01:00 |
|
|
f85349f0c5
|
bundles/postfixadmin: fix apt packages
bundlewrap/pipeline/head This commit looks good
|
2020-11-08 11:53:51 +01:00 |
|
|
15428b03be
|
bundles/rspamd: introduce, add to htz.ex42-1048908
bundlewrap/pipeline/head There was a failure building this commit
|
2020-11-08 10:43:51 +01:00 |
|
|
a236444fe5
|
bundles/dovecot: make sure to reload dovecot after letsencrypt
|
2020-11-08 10:42:08 +01:00 |
|
|
b00b2aa245
|
bundles/dovecot: autoexpunge Junk folder
bundlewrap/pipeline/head There was a failure building this commit
|
2020-11-07 22:46:15 +01:00 |
|
|
7080b0d89e
|
bundles/rspamd: create dummy bundle
|
2020-11-07 22:32:08 +01:00 |
|
|
18b573a9c6
|
bundles/dovecot: introduce
|
2020-11-07 22:31:47 +01:00 |
|
|
f42dda5961
|
bundles/postfixadmin: introduce
|
2020-11-07 22:31:29 +01:00 |
|
|
5550d2cc56
|
bundles/postfix: introduce
|
2020-11-07 22:31:18 +01:00 |
|
|
88afba9ce9
|
bundles/mx-puppet-discord: add RestartSec= to systemd unit file
|
2020-11-07 09:40:22 +01:00 |
|
|
7ab121e7e5
|
bundles/mautrix-telegram: install bridge from git repository
|
2020-11-07 09:39:57 +01:00 |
|
|
d7f578742b
|
bundles/mx-puppet-discord: put bridge repo into subdirectory
this avoids recreating config and registration on every update, which in turn
avoids restarting synapse
|
2020-11-07 09:08:10 +01:00 |
|
|
c481fc1327
|
nodes/htz.ex42-1048908: add php
bundlewrap/pipeline/head This commit looks good
|
2020-11-07 09:06:11 +01:00 |
|
|
f8bc4b2ad9
|
bundles/php: introduce
|
2020-10-31 13:00:38 +01:00 |
|
|
e2d8923dee
|
bundles/nginx: use metadata reactor to determine index files
|
2020-10-31 10:41:48 +01:00 |
|
|
f1f7086aab
|
bundles/postgresql: make sure we have postgres_role before adding postgres_db
|
2020-10-31 10:30:48 +01:00 |
|
|
67c5c23194
|
bundles/nginx: support non-domain vhost names
|
2020-10-31 10:30:07 +01:00 |
|
|
113221a9b2
|
bundles/nginx: make sure we have dhparam.pem
|
2020-10-31 10:18:40 +01:00 |
|
|
9cc5c07466
|
bundles/letsencrypt: do not try to do authorizations without a webserver
|
2020-10-31 10:11:58 +01:00 |
|
|
76fe68a3d1
|
bundles/zfs: fix dependencies, auto-load zfs module if not loaded
|
2020-10-31 10:11:15 +01:00 |
|
|
8eeaabf615
|
bundles/nginx: use http 308 for https redirect
bundlewrap/pipeline/head This commit looks good
basically "go away. nothing's here. use https forever."
|
2020-10-30 15:24:24 +01:00 |
|
|
50372572f4
|
bundles/zfs: improvements
|
2020-10-25 16:41:18 +01:00 |
|
|
3077d74318
|
bundles/users: alias s='sudo -i'
|
2020-10-25 13:21:04 +01:00 |
|
|
351d779f20
|
bundles/users: add metadata entry for bash aliases
|
2020-10-25 13:19:46 +01:00 |
|
|
2a992773f3
|
bundles/users: fish shell is gone everywhere
|
2020-10-25 13:17:26 +01:00 |
|
|
831545d8b1
|
introduce node.metadata['hostname'] to other bundles, update nodefiles to reflect changes
bundlewrap/pipeline/head This commit looks good
|
2020-10-25 11:14:46 +01:00 |
|
|
b70f9c9c9d
|
bundles/powerdns: make sure every dns server is able to resolve every other dns server
|
2020-10-25 10:58:11 +01:00 |
|
|
a33d8e4201
|
bundles/powerdns: decrease RETRY time
|
2020-10-25 10:57:26 +01:00 |
|
|
29f488c082
|
bundles/powerdns: put ip addresses of secondary nameservers into allow-axfer-ips
bundlewrap/pipeline/head There was a failure building this commit
|
2020-10-25 10:56:55 +01:00 |
|