Sophie Schiller
|
ef211f7356
|
update gitignore
|
2020-11-13 23:30:49 +01:00 |
|
Sophie Schiller
|
dcf944b198
|
bundles/dhcpd add initial items, metadata and template
|
2020-11-13 23:30:49 +01:00 |
|
|
6ba0f6df1d
|
bundles/systemd: make sure we're using UTC and NTP
bundlewrap/pipeline/head This commit looks good
|
2020-11-13 23:26:13 +01:00 |
|
|
870a5252e5
|
bundles/pppd: add iptables rules on ifup/ifdown
|
2020-11-13 23:04:43 +01:00 |
|
|
f65e216828
|
bundles/iptables: introduce, add to home.router
bundlewrap/pipeline/head This commit looks good
|
2020-11-13 22:47:23 +01:00 |
|
|
df9863ef31
|
bundles/openvpn-client: add
|
2020-11-13 22:15:36 +01:00 |
|
|
e515378497
|
bundles/backup-server: dummy nodes never do backups
bundlewrap/pipeline/head There was a failure building this commit
|
2020-11-13 21:58:35 +01:00 |
|
|
3b829caaf6
|
bundles/pppd: introduce
|
2020-11-13 21:41:02 +01:00 |
|
|
b1860b7e01
|
bundles/systemd-networkd: add option to only create a .netdev file for interfaces
|
2020-11-13 21:40:44 +01:00 |
|
|
75d86f3339
|
bundles/systemd-networkd: support vlans
|
2020-11-13 16:29:17 +01:00 |
|
|
4213b60052
|
bundles/lldp: introduce, add to all nodes at home
|
2020-11-13 16:28:43 +01:00 |
|
|
b9b0a9c5ca
|
bundles/vmhost: install correct packages
|
2020-11-13 14:47:40 +01:00 |
|
|
df63f8c732
|
bundles/nginx: make sure /var/www exists
|
2020-11-13 13:35:02 +01:00 |
|
|
e91ac7e457
|
bundles/backup-client: fix detection of rsync errors
bundlewrap/pipeline/head This commit looks good
|
2020-11-13 13:34:21 +01:00 |
|
|
d31910368c
|
icinga2: install packages and dependencies
|
2020-11-13 13:19:26 +01:00 |
|
|
6bac83def2
|
bundles/rspamd: fix automatic generation of dkim key
bundlewrap/pipeline/head This commit looks good
|
2020-11-13 13:11:26 +01:00 |
|
|
cff0870e63
|
bundles/rspamd: refine auto-generation of dkim signing keys
|
2020-11-13 13:09:37 +01:00 |
|
|
56f1b1a6c6
|
bundles/rspamd: first draft for automatically-rotating dkim keys
|
2020-11-13 13:09:34 +01:00 |
|
|
f04dac11e5
|
Merge branch 'kunsi-icinga2' into main
bundlewrap/pipeline/head This commit looks good
|
2020-11-13 13:03:16 +01:00 |
|
|
741f3b0032
|
bundles/backup-client: fix cronjob
|
2020-11-13 12:57:50 +01:00 |
|
|
0749fc75c5
|
bundles: add backup paths
|
2020-11-13 12:37:26 +01:00 |
|
|
f71653e3ce
|
bundles/backup-{client,server}: introduce
|
2020-11-13 12:36:52 +01:00 |
|
|
30ee0c8bdf
|
bundles/mx-puppet-discord: restart service after building new version
|
2020-11-13 09:26:34 +01:00 |
|
|
e5c12f0628
|
bundles/nginx: create webroot directories after bundle:zfs is done
|
2020-11-12 22:59:46 +01:00 |
|
|
2274e7aa37
|
bundles/nfs-server: introduce
bundlewrap/pipeline/head This commit looks good
|
2020-11-12 19:59:02 +01:00 |
|
|
f2a0f0b46a
|
bundles/systemd-networkd: support bond and bridge interfaces
|
2020-11-12 19:38:10 +01:00 |
|
|
633ccb97fd
|
bundles/zfs: rename zed -> zfs-zed
|
2020-11-12 19:36:28 +01:00 |
|
|
d01d89d432
|
bundles/apt: support debian 11
|
2020-11-12 18:40:19 +01:00 |
|
|
e395a42160
|
bundles/apt: no need to have apt-daily.timer running
bundlewrap/pipeline/head This commit looks good
|
2020-11-12 15:10:59 +01:00 |
|
|
087f4bb74d
|
groups/{gce,home}: send mail via mx0.kunbox.net
bundlewrap/pipeline/head This commit looks good
|
2020-11-11 13:31:01 +01:00 |
|
|
11701a67c8
|
dns: deploy MTA-STS
bundlewrap/pipeline/head This commit looks good
|
2020-11-11 11:41:06 +01:00 |
|
|
d47c39185b
|
bundles/php: no need to restart php if just installing the base packages
bundlewrap/pipeline/head This commit looks good
|
2020-11-11 08:37:29 +01:00 |
|
|
652fb72ccc
|
bundles/postfix: fix metadata reactor for letsencrypt
|
2020-11-11 08:35:36 +01:00 |
|
|
9dd7589f12
|
bundles/postfix: add submission_header_cleanup file
|
2020-11-10 20:34:27 +01:00 |
|
|
8180769120
|
bundles/postfix: add postmaster alias
|
2020-11-10 20:32:39 +01:00 |
|
|
f9bd2d695d
|
bundles/postfix: add SPAM BLOCKLISt for every non-private IP attached to the server
bundlewrap/pipeline/head This commit looks good
|
2020-11-10 14:28:12 +01:00 |
|
|
aad1a742b7
|
bundles/icinga2: add ipv6-capable check_rbl script
|
2020-11-10 14:26:07 +01:00 |
|
|
f30aa48eca
|
bundles/icinga2: add sshmon private key
bundlewrap/pipeline/head This commit looks good
|
2020-11-10 13:43:46 +01:00 |
|
|
a176a1aa65
|
bundles/icinga2: introduce, install checks, install sources.list, create postgres database
bundlewrap/pipeline/head This commit looks good
|
2020-11-10 13:37:27 +01:00 |
|
|
a9c00409b4
|
bundles/mautrix-telegram: fix item dependency error
bundlewrap/pipeline/head This commit looks good
|
2020-11-10 13:26:03 +01:00 |
|
|
6cd02dc563
|
bundles: move non-login users to items.py
bundlewrap/pipeline/head There was a failure building this commit
|
2020-11-10 13:24:07 +01:00 |
|
|
cca4fec761
|
bundles/users: get default user data from users.json
|
2020-11-10 13:12:36 +01:00 |
|
|
c090a9c2c2
|
bundles/users: move root user to metadata
|
2020-11-10 12:50:08 +01:00 |
|
|
3fbe32518a
|
bundles/postgresql: rename users -> roles
bundlewrap/pipeline/head This commit looks good
|
2020-11-10 12:37:58 +01:00 |
|
|
d087cea869
|
bundles/gitea: add monitoring
|
2020-11-10 11:32:59 +01:00 |
|
|
985f47ca99
|
bundles/miniflux: add monitoring
|
2020-11-10 11:28:40 +01:00 |
|
|
8cb997133a
|
bundles/nginx: add monitoring
bundlewrap/pipeline/head This commit looks good
|
2020-11-10 10:57:04 +01:00 |
|
|
65a8efc97f
|
bundles/zfs: fix monitoring metadata
bundlewrap/pipeline/head This commit looks good
|
2020-11-10 10:35:01 +01:00 |
|
|
f80896fa3b
|
bundles/postfix: add monitoring
|
2020-11-10 10:21:37 +01:00 |
|
|
420cea15d2
|
bundles/apt: add monitoring for unattended upgrades
|
2020-11-10 09:50:20 +01:00 |
|
|
6ca0d863b1
|
bundles/sudo: use sudoers.d
bundlewrap/pipeline/head This commit looks good
|
2020-11-09 20:39:35 +01:00 |
|
|
c7362df6c4
|
bundles/sshmon: import from work repository
|
2020-11-09 20:31:06 +01:00 |
|
|
eaf268aea9
|
libs/tools: change resolve_identifier() to return ipv4 and ipv6 separately
bundlewrap/pipeline/head This commit looks good
|
2020-11-09 18:46:37 +01:00 |
|
|
67386d9efa
|
bundles/cron: provide some environment, also manage /etc/crontab
bundlewrap/pipeline/head This commit looks good
|
2020-11-09 18:24:01 +01:00 |
|
|
a58c5877bf
|
bundles/gce-workaround: uninstall gce-disk-expand, too
bundlewrap/pipeline/head This commit looks good
|
2020-11-09 16:48:28 +01:00 |
|
|
4921e0b74f
|
bundles/systemd-networkd: use correct syntax for resolv.conf
|
2020-11-09 16:47:56 +01:00 |
|
|
6f87a1d240
|
bundles/systemd-networkd: also deploy resolv.conf
|
2020-11-09 16:38:59 +01:00 |
|
|
394424951f
|
bundles/systemd-networkd: fix naming of GatewayOnlink
|
2020-11-09 16:38:35 +01:00 |
|
|
78047da04a
|
bundles/postgresql: only install packages after we have a zfs dataset
|
2020-11-09 16:37:00 +01:00 |
|
|
5bd642236c
|
bundles/postfix: only call newaliases if we already have postfix installed
|
2020-11-09 16:36:26 +01:00 |
|
|
607da9d39b
|
bundles/powerdns: user resolve_identifier() for node-dns-entries
|
2020-11-09 15:37:48 +01:00 |
|
|
91fd33cfa0
|
bundles/systemd-networkd: better dhcp support
|
2020-11-09 14:58:09 +01:00 |
|
|
5e7c7671e0
|
bundles/systemd-networkd: proper config
|
2020-11-09 14:48:19 +01:00 |
|
|
fbb4e2f7a5
|
systemd-networkd: first draft
|
2020-11-09 14:08:32 +01:00 |
|
|
c3c510c609
|
bundles/mautrix-telegram: disable parallel file transfers for now
|
2020-11-09 13:17:38 +01:00 |
|
|
af97226512
|
nodes/htz.ex42-1048908: update mautrix-telegram to 0.9.2-rc2
bundlewrap/pipeline/head This commit looks good
|
2020-11-09 12:16:06 +01:00 |
|
|
06e30cf23c
|
bundles/mautrix-telegram: also upgrade pip when upgrading bridge
|
2020-11-09 12:15:37 +01:00 |
|
|
90e3bb7fb2
|
bundles/mautrix-telegram: no need to provide our own alembic.ini
|
2020-11-09 12:12:04 +01:00 |
|
|
c0986eb956
|
bundles/mautrix-telegram: fix database migration
bundlewrap/pipeline/head This commit looks good
|
2020-11-09 12:09:17 +01:00 |
|
|
614b920890
|
bundles/mautrix-telegram: pin version until database migration is fixed
bundlewrap/pipeline/head This commit looks good
|
2020-11-09 11:27:34 +01:00 |
|
|
3ff5d8a7dd
|
bundles/postfix: add alias database
bundlewrap/pipeline/head This commit looks good
|
2020-11-09 10:52:24 +01:00 |
|
|
64cffad6a7
|
bundles/rspamd: silence clamav cronjob
|
2020-11-08 15:03:26 +01:00 |
|
|
0eca42d188
|
bundles/dovecot: fix home directory for virtual mailboxes
bundlewrap/pipeline/head This commit looks good
|
2020-11-08 13:00:44 +01:00 |
|
|
b4b988e5f2
|
bundles/postfix: disable TLS1.0 and 1.1, disable weak ciphers
bundlewrap/pipeline/head This commit looks good
|
2020-11-08 12:24:37 +01:00 |
|
|
f85349f0c5
|
bundles/postfixadmin: fix apt packages
bundlewrap/pipeline/head This commit looks good
|
2020-11-08 11:53:51 +01:00 |
|
|
15428b03be
|
bundles/rspamd: introduce, add to htz.ex42-1048908
bundlewrap/pipeline/head There was a failure building this commit
|
2020-11-08 10:43:51 +01:00 |
|
|
a236444fe5
|
bundles/dovecot: make sure to reload dovecot after letsencrypt
|
2020-11-08 10:42:08 +01:00 |
|
|
b00b2aa245
|
bundles/dovecot: autoexpunge Junk folder
bundlewrap/pipeline/head There was a failure building this commit
|
2020-11-07 22:46:15 +01:00 |
|
|
7080b0d89e
|
bundles/rspamd: create dummy bundle
|
2020-11-07 22:32:08 +01:00 |
|
|
18b573a9c6
|
bundles/dovecot: introduce
|
2020-11-07 22:31:47 +01:00 |
|
|
f42dda5961
|
bundles/postfixadmin: introduce
|
2020-11-07 22:31:29 +01:00 |
|
|
5550d2cc56
|
bundles/postfix: introduce
|
2020-11-07 22:31:18 +01:00 |
|
|
88afba9ce9
|
bundles/mx-puppet-discord: add RestartSec= to systemd unit file
|
2020-11-07 09:40:22 +01:00 |
|
|
7ab121e7e5
|
bundles/mautrix-telegram: install bridge from git repository
|
2020-11-07 09:39:57 +01:00 |
|
|
d7f578742b
|
bundles/mx-puppet-discord: put bridge repo into subdirectory
this avoids recreating config and registration on every update, which in turn
avoids restarting synapse
|
2020-11-07 09:08:10 +01:00 |
|
|
c481fc1327
|
nodes/htz.ex42-1048908: add php
bundlewrap/pipeline/head This commit looks good
|
2020-11-07 09:06:11 +01:00 |
|
|
f8bc4b2ad9
|
bundles/php: introduce
|
2020-10-31 13:00:38 +01:00 |
|
|
e2d8923dee
|
bundles/nginx: use metadata reactor to determine index files
|
2020-10-31 10:41:48 +01:00 |
|
|
f1f7086aab
|
bundles/postgresql: make sure we have postgres_role before adding postgres_db
|
2020-10-31 10:30:48 +01:00 |
|
|
67c5c23194
|
bundles/nginx: support non-domain vhost names
|
2020-10-31 10:30:07 +01:00 |
|
|
113221a9b2
|
bundles/nginx: make sure we have dhparam.pem
|
2020-10-31 10:18:40 +01:00 |
|
|
9cc5c07466
|
bundles/letsencrypt: do not try to do authorizations without a webserver
|
2020-10-31 10:11:58 +01:00 |
|
|
76fe68a3d1
|
bundles/zfs: fix dependencies, auto-load zfs module if not loaded
|
2020-10-31 10:11:15 +01:00 |
|
|
8eeaabf615
|
bundles/nginx: use http 308 for https redirect
bundlewrap/pipeline/head This commit looks good
basically "go away. nothing's here. use https forever."
|
2020-10-30 15:24:24 +01:00 |
|
|
50372572f4
|
bundles/zfs: improvements
|
2020-10-25 16:41:18 +01:00 |
|
|
3077d74318
|
bundles/users: alias s='sudo -i'
|
2020-10-25 13:21:04 +01:00 |
|
|
351d779f20
|
bundles/users: add metadata entry for bash aliases
|
2020-10-25 13:19:46 +01:00 |
|
|
2a992773f3
|
bundles/users: fish shell is gone everywhere
|
2020-10-25 13:17:26 +01:00 |
|
|
831545d8b1
|
introduce node.metadata['hostname'] to other bundles, update nodefiles to reflect changes
bundlewrap/pipeline/head This commit looks good
|
2020-10-25 11:14:46 +01:00 |
|
|
b70f9c9c9d
|
bundles/powerdns: make sure every dns server is able to resolve every other dns server
|
2020-10-25 10:58:11 +01:00 |
|
|
a33d8e4201
|
bundles/powerdns: decrease RETRY time
|
2020-10-25 10:57:26 +01:00 |
|
|
29f488c082
|
bundles/powerdns: put ip addresses of secondary nameservers into allow-axfer-ips
bundlewrap/pipeline/head There was a failure building this commit
|
2020-10-25 10:56:55 +01:00 |
|
|
152bb56fdd
|
bundles/powerdns: remove superslave setting
bundlewrap/pipeline/head There was a failure building this commit
debian currently does ship an older version, in which this
setting is enabled by default.
|
2020-10-25 10:55:17 +01:00 |
|
|
7a3e3ad68f
|
bundles/powerdns: we don't need the node names of primary nameservers
|
2020-10-25 10:53:55 +01:00 |
|
|
43bd6b4774
|
bundles/powerdns: only enable webserver and api on primary nameservers
|
2020-10-25 10:52:51 +01:00 |
|
|
78c553faf9
|
bundles/nodejs: update to 14.x
bundlewrap/pipeline/head This commit looks good
|
2020-10-24 17:20:50 +02:00 |
|
|
a0702416a0
|
bundles/radicale: introduce
bundlewrap/pipeline/head This commit looks good
|
2020-10-23 15:22:35 +02:00 |
|
|
d76f69ab49
|
bundles/apt: more output for upgrade-and-reboot
bundlewrap/pipeline/head This commit looks good
|
2020-10-23 06:26:19 +02:00 |
|
|
2bc659af5f
|
bundles/users: add some bash aliases
bundlewrap/pipeline/head This commit looks good
|
2020-10-23 06:06:59 +02:00 |
|
|
6398e668e1
|
bundles/apt: use DEBIAN_FRONTEND=noninteractive everywhere in upgrade-and-reboot
bundlewrap/pipeline/head This commit looks good
|
2020-10-23 04:33:01 +02:00 |
|
|
07dcb813f3
|
bundles/raspberrypi: add options for camera and gpu_mem
bundlewrap/pipeline/head This commit looks good
|
2020-10-18 19:51:52 +02:00 |
|
|
48cc865892
|
bundles/nginx: make sure webroot directory exists
bundlewrap/pipeline/head This commit looks good
|
2020-10-18 18:55:00 +02:00 |
|
|
5c31cdccdd
|
bundles/kodi: fix path
bundlewrap/pipeline/head This commit looks good
|
2020-10-18 16:53:19 +02:00 |
|
|
4271c92d70
|
bundles/gitea: fix chmod
bundlewrap/pipeline/head This commit looks good
|
2020-10-18 16:18:12 +02:00 |
|
|
e32ad2eb19
|
formatting
bundlewrap/pipeline/head This commit looks good
|
2020-10-18 15:51:45 +02:00 |
|
|
ececab44b4
|
bundles/miniflux: introduce
|
2020-10-18 15:49:32 +02:00 |
|
|
366374b4e5
|
bundles/apt: handle unattended-upgrades ourselves
|
2020-10-18 15:33:41 +02:00 |
|
kunsi
|
5635571f97
|
Merge pull request 'PowerDNS instead of bind9' (#2) from kunsi-feature-powerdns-instead-of-bind into main
bundlewrap/pipeline/head This commit looks good
Reviewed-on: https://git.kunsmann.eu/kunsi/bundlewrap/pulls/2
|
2020-10-17 11:12:35 +00:00 |
|
|
ae7c3220e0
|
bundles/powerdns: fix NS records in zonefile header
bundlewrap/pipeline/head Build queued...
|
2020-10-17 13:04:28 +02:00 |
|
|
4d6b867bb3
|
bundles/powerdns: add metadata reactor for automatic node-dns-generation
bundlewrap/pipeline/head This commit looks good
|
2020-10-17 12:57:35 +02:00 |
|
|
793220c0ec
|
bundles/powerdns: auto-generate zonefile header based on dns server nodes
|
2020-10-17 12:57:07 +02:00 |
|
|
51e6d0534e
|
bundles/powerdns: fix Faults
bundlewrap/pipeline/head This commit looks good
|
2020-10-17 10:50:21 +02:00 |
|
|
ca1646d394
|
bundles/powerdns: add support for zone transfers
bundlewrap/pipeline/head There was a failure building this commit
|
2020-10-16 23:02:47 +02:00 |
|
|
31cc74951b
|
bundles/powerdns: only reload pdns on zone changes, don't restart
bundlewrap/pipeline/head There was a failure building this commit
|
2020-10-16 20:40:05 +02:00 |
|
|
7c1c0f5e80
|
bundles/powerdns: increase default TTL to 1 day
|
2020-10-16 20:16:34 +02:00 |
|
|
0a115d2372
|
EOL bundles/bind
|
2020-10-16 20:12:47 +02:00 |
|
|
155c93f739
|
bundles/powerdns: fix schema import for pgsql
|
2020-10-16 20:10:55 +02:00 |
|
|
9bba18d13e
|
bundles/powerdnsadmin: introduce
|
2020-10-16 20:10:34 +02:00 |
|
|
0533e4087a
|
bundles/postgresql: install dev packages
bundlewrap/pipeline/head This commit looks good
|
2020-10-16 19:24:40 +02:00 |
|
|
d442ab399e
|
bundles/powerdns: support pgsql
|
2020-10-16 19:24:12 +02:00 |
|
|
2c1a825b7d
|
bundles/apt: make sure we have python3-dev
|
2020-10-16 19:14:15 +02:00 |
|
|
8acc0a7bb1
|
bundles/apt: make sure we have build-essential and git
|
2020-10-16 19:12:26 +02:00 |
|
|
a553e736d1
|
bundles/powerdns: fix dependencies
|
2020-10-16 17:59:46 +02:00 |
|
|
df852e8ef9
|
bundles/powerdns: more config, add bind backend
bundlewrap/pipeline/head This commit looks good
|
2020-10-16 17:44:31 +02:00 |
|
|
fa67bd13f4
|
bundles/powerdns: minimal pdns.conf
bundlewrap/pipeline/head This commit looks good
|
2020-10-16 13:19:44 +02:00 |
|
|
d029af554c
|
bundles/travelynx: make sure to restart worker service, too
bundlewrap/pipeline/head This commit looks good
|
2020-10-16 13:03:52 +02:00 |
|
|
c5c0c923d1
|
home.kodi-wohnzimmer: switch to debian-multimedia repository to have kodi 18
bundlewrap/pipeline/head This commit looks good
|
2020-10-15 19:34:22 +02:00 |
|
|
a08f483ac5
|
bundles/powerdns: introduce
bundlewrap/pipeline/head This commit looks good
|
2020-10-13 19:06:22 +02:00 |
|
|
591d3fb947
|
bundles/nfs-client: fix installation of automount units
bundlewrap/pipeline/head This commit looks good
|
2020-10-10 17:25:39 +02:00 |
|
|
6a8768fb2f
|
bundles/nfs-client: introduce
|
2020-10-10 16:37:33 +02:00 |
|
Sophie Schiller
|
3170e75bbe
|
update kodi to unstable
|
2020-10-09 18:12:56 +02:00 |
|
|
a955a7b84d
|
bundles/raspberrypi: do not set empty default for config.txt
|
2020-10-09 17:46:36 +02:00 |
|
|
c953d138ee
|
bundles/kodi: fix dependencies for alsa
|
2020-10-09 17:46:07 +02:00 |
|
|
5e8489a74c
|
bundles/kodi: add missing dependencies
|
2020-10-03 18:36:48 +02:00 |
|
|
c2bcd1f0d9
|
bundles/apt: add raspbian to supported OSes
|
2020-10-03 18:36:29 +02:00 |
|
|
2387b196b2
|
bundles/kodi: use alsa instead of pulseaudio
bundlewrap/pipeline/head This commit looks good
|
2020-10-03 17:00:13 +02:00 |
|
|
018bdd1d00
|
bundles/kodi: also install addon repository
bundlewrap/pipeline/head This commit looks good
|
2020-10-03 15:54:03 +02:00 |
|
|
9b8c5450ec
|
bundles/raspberrypi: make sure dphys-swapfile is uninstalled
|
2020-10-03 15:10:28 +02:00 |
|
|
60cfe90a1d
|
bundles/raspberrypi: force maximum cpu frequency
|
2020-10-03 13:52:34 +02:00 |
|
|
32fd2f7a7b
|
bundles/kodi: introduce
|
2020-10-03 13:36:12 +02:00 |
|