Commit graph

401 commits

Author SHA1 Message Date
Sophie Schiller
ef211f7356 update gitignore 2020-11-13 23:30:49 +01:00
Sophie Schiller
dcf944b198 bundles/dhcpd add initial items, metadata and template 2020-11-13 23:30:49 +01:00
6ba0f6df1d
bundles/systemd: make sure we're using UTC and NTP
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-13 23:26:13 +01:00
870a5252e5
bundles/pppd: add iptables rules on ifup/ifdown 2020-11-13 23:04:43 +01:00
f65e216828
bundles/iptables: introduce, add to home.router
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-13 22:47:23 +01:00
df9863ef31
bundles/openvpn-client: add 2020-11-13 22:15:36 +01:00
e515378497
bundles/backup-server: dummy nodes never do backups
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-13 21:58:35 +01:00
3b829caaf6
bundles/pppd: introduce 2020-11-13 21:41:02 +01:00
b1860b7e01
bundles/systemd-networkd: add option to only create a .netdev file for interfaces 2020-11-13 21:40:44 +01:00
75d86f3339
bundles/systemd-networkd: support vlans 2020-11-13 16:29:17 +01:00
4213b60052
bundles/lldp: introduce, add to all nodes at home 2020-11-13 16:28:43 +01:00
b9b0a9c5ca
bundles/vmhost: install correct packages 2020-11-13 14:47:40 +01:00
df63f8c732
bundles/nginx: make sure /var/www exists 2020-11-13 13:35:02 +01:00
e91ac7e457
bundles/backup-client: fix detection of rsync errors
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-13 13:34:21 +01:00
d31910368c
icinga2: install packages and dependencies 2020-11-13 13:19:26 +01:00
6bac83def2
bundles/rspamd: fix automatic generation of dkim key
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-13 13:11:26 +01:00
cff0870e63
bundles/rspamd: refine auto-generation of dkim signing keys 2020-11-13 13:09:37 +01:00
56f1b1a6c6
bundles/rspamd: first draft for automatically-rotating dkim keys 2020-11-13 13:09:34 +01:00
f04dac11e5
Merge branch 'kunsi-icinga2' into main
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-13 13:03:16 +01:00
741f3b0032
bundles/backup-client: fix cronjob 2020-11-13 12:57:50 +01:00
0749fc75c5
bundles: add backup paths 2020-11-13 12:37:26 +01:00
f71653e3ce
bundles/backup-{client,server}: introduce 2020-11-13 12:36:52 +01:00
30ee0c8bdf
bundles/mx-puppet-discord: restart service after building new version 2020-11-13 09:26:34 +01:00
e5c12f0628
bundles/nginx: create webroot directories after bundle:zfs is done 2020-11-12 22:59:46 +01:00
2274e7aa37
bundles/nfs-server: introduce
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-12 19:59:02 +01:00
f2a0f0b46a
bundles/systemd-networkd: support bond and bridge interfaces 2020-11-12 19:38:10 +01:00
633ccb97fd
bundles/zfs: rename zed -> zfs-zed 2020-11-12 19:36:28 +01:00
d01d89d432
bundles/apt: support debian 11 2020-11-12 18:40:19 +01:00
e395a42160
bundles/apt: no need to have apt-daily.timer running
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-12 15:10:59 +01:00
087f4bb74d
groups/{gce,home}: send mail via mx0.kunbox.net
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-11 13:31:01 +01:00
11701a67c8
dns: deploy MTA-STS
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-11 11:41:06 +01:00
d47c39185b
bundles/php: no need to restart php if just installing the base packages
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-11 08:37:29 +01:00
652fb72ccc
bundles/postfix: fix metadata reactor for letsencrypt 2020-11-11 08:35:36 +01:00
9dd7589f12
bundles/postfix: add submission_header_cleanup file 2020-11-10 20:34:27 +01:00
8180769120
bundles/postfix: add postmaster alias 2020-11-10 20:32:39 +01:00
f9bd2d695d
bundles/postfix: add SPAM BLOCKLISt for every non-private IP attached to the server
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 14:28:12 +01:00
aad1a742b7
bundles/icinga2: add ipv6-capable check_rbl script 2020-11-10 14:26:07 +01:00
f30aa48eca
bundles/icinga2: add sshmon private key
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 13:43:46 +01:00
a176a1aa65
bundles/icinga2: introduce, install checks, install sources.list, create postgres database
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 13:37:27 +01:00
a9c00409b4
bundles/mautrix-telegram: fix item dependency error
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 13:26:03 +01:00
6cd02dc563
bundles: move non-login users to items.py
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-10 13:24:07 +01:00
cca4fec761
bundles/users: get default user data from users.json 2020-11-10 13:12:36 +01:00
c090a9c2c2
bundles/users: move root user to metadata 2020-11-10 12:50:08 +01:00
3fbe32518a
bundles/postgresql: rename users -> roles
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 12:37:58 +01:00
d087cea869
bundles/gitea: add monitoring 2020-11-10 11:32:59 +01:00
985f47ca99
bundles/miniflux: add monitoring 2020-11-10 11:28:40 +01:00
8cb997133a
bundles/nginx: add monitoring
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 10:57:04 +01:00
65a8efc97f
bundles/zfs: fix monitoring metadata
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 10:35:01 +01:00
f80896fa3b
bundles/postfix: add monitoring 2020-11-10 10:21:37 +01:00
420cea15d2
bundles/apt: add monitoring for unattended upgrades 2020-11-10 09:50:20 +01:00
6ca0d863b1
bundles/sudo: use sudoers.d
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 20:39:35 +01:00
c7362df6c4
bundles/sshmon: import from work repository 2020-11-09 20:31:06 +01:00
eaf268aea9
libs/tools: change resolve_identifier() to return ipv4 and ipv6 separately
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 18:46:37 +01:00
67386d9efa
bundles/cron: provide some environment, also manage /etc/crontab
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 18:24:01 +01:00
a58c5877bf
bundles/gce-workaround: uninstall gce-disk-expand, too
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 16:48:28 +01:00
4921e0b74f
bundles/systemd-networkd: use correct syntax for resolv.conf 2020-11-09 16:47:56 +01:00
6f87a1d240
bundles/systemd-networkd: also deploy resolv.conf 2020-11-09 16:38:59 +01:00
394424951f
bundles/systemd-networkd: fix naming of GatewayOnlink 2020-11-09 16:38:35 +01:00
78047da04a
bundles/postgresql: only install packages after we have a zfs dataset 2020-11-09 16:37:00 +01:00
5bd642236c
bundles/postfix: only call newaliases if we already have postfix installed 2020-11-09 16:36:26 +01:00
607da9d39b
bundles/powerdns: user resolve_identifier() for node-dns-entries 2020-11-09 15:37:48 +01:00
91fd33cfa0
bundles/systemd-networkd: better dhcp support 2020-11-09 14:58:09 +01:00
5e7c7671e0
bundles/systemd-networkd: proper config 2020-11-09 14:48:19 +01:00
fbb4e2f7a5
systemd-networkd: first draft 2020-11-09 14:08:32 +01:00
c3c510c609
bundles/mautrix-telegram: disable parallel file transfers for now 2020-11-09 13:17:38 +01:00
af97226512
nodes/htz.ex42-1048908: update mautrix-telegram to 0.9.2-rc2
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 12:16:06 +01:00
06e30cf23c
bundles/mautrix-telegram: also upgrade pip when upgrading bridge 2020-11-09 12:15:37 +01:00
90e3bb7fb2
bundles/mautrix-telegram: no need to provide our own alembic.ini 2020-11-09 12:12:04 +01:00
c0986eb956
bundles/mautrix-telegram: fix database migration
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 12:09:17 +01:00
614b920890
bundles/mautrix-telegram: pin version until database migration is fixed
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 11:27:34 +01:00
3ff5d8a7dd
bundles/postfix: add alias database
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 10:52:24 +01:00
64cffad6a7
bundles/rspamd: silence clamav cronjob 2020-11-08 15:03:26 +01:00
0eca42d188
bundles/dovecot: fix home directory for virtual mailboxes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-08 13:00:44 +01:00
b4b988e5f2
bundles/postfix: disable TLS1.0 and 1.1, disable weak ciphers
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-08 12:24:37 +01:00
f85349f0c5
bundles/postfixadmin: fix apt packages
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-08 11:53:51 +01:00
15428b03be
bundles/rspamd: introduce, add to htz.ex42-1048908
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-08 10:43:51 +01:00
a236444fe5
bundles/dovecot: make sure to reload dovecot after letsencrypt 2020-11-08 10:42:08 +01:00
b00b2aa245
bundles/dovecot: autoexpunge Junk folder
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-07 22:46:15 +01:00
7080b0d89e
bundles/rspamd: create dummy bundle 2020-11-07 22:32:08 +01:00
18b573a9c6
bundles/dovecot: introduce 2020-11-07 22:31:47 +01:00
f42dda5961
bundles/postfixadmin: introduce 2020-11-07 22:31:29 +01:00
5550d2cc56
bundles/postfix: introduce 2020-11-07 22:31:18 +01:00
88afba9ce9
bundles/mx-puppet-discord: add RestartSec= to systemd unit file 2020-11-07 09:40:22 +01:00
7ab121e7e5
bundles/mautrix-telegram: install bridge from git repository 2020-11-07 09:39:57 +01:00
d7f578742b
bundles/mx-puppet-discord: put bridge repo into subdirectory
this avoids recreating config and registration on every update, which in turn
avoids restarting synapse
2020-11-07 09:08:10 +01:00
c481fc1327
nodes/htz.ex42-1048908: add php
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-07 09:06:11 +01:00
f8bc4b2ad9
bundles/php: introduce 2020-10-31 13:00:38 +01:00
e2d8923dee
bundles/nginx: use metadata reactor to determine index files 2020-10-31 10:41:48 +01:00
f1f7086aab
bundles/postgresql: make sure we have postgres_role before adding postgres_db 2020-10-31 10:30:48 +01:00
67c5c23194
bundles/nginx: support non-domain vhost names 2020-10-31 10:30:07 +01:00
113221a9b2
bundles/nginx: make sure we have dhparam.pem 2020-10-31 10:18:40 +01:00
9cc5c07466
bundles/letsencrypt: do not try to do authorizations without a webserver 2020-10-31 10:11:58 +01:00
76fe68a3d1
bundles/zfs: fix dependencies, auto-load zfs module if not loaded 2020-10-31 10:11:15 +01:00
8eeaabf615
bundles/nginx: use http 308 for https redirect
All checks were successful
bundlewrap/pipeline/head This commit looks good
basically "go away. nothing's here. use https forever."
2020-10-30 15:24:24 +01:00
50372572f4
bundles/zfs: improvements 2020-10-25 16:41:18 +01:00
3077d74318
bundles/users: alias s='sudo -i' 2020-10-25 13:21:04 +01:00
351d779f20
bundles/users: add metadata entry for bash aliases 2020-10-25 13:19:46 +01:00
2a992773f3
bundles/users: fish shell is gone everywhere 2020-10-25 13:17:26 +01:00
831545d8b1
introduce node.metadata['hostname'] to other bundles, update nodefiles to reflect changes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-25 11:14:46 +01:00
b70f9c9c9d
bundles/powerdns: make sure every dns server is able to resolve every other dns server 2020-10-25 10:58:11 +01:00
a33d8e4201
bundles/powerdns: decrease RETRY time 2020-10-25 10:57:26 +01:00
29f488c082
bundles/powerdns: put ip addresses of secondary nameservers into allow-axfer-ips
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-10-25 10:56:55 +01:00
152bb56fdd
bundles/powerdns: remove superslave setting
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
debian currently does ship an older version, in which this
setting is enabled by default.
2020-10-25 10:55:17 +01:00
7a3e3ad68f
bundles/powerdns: we don't need the node names of primary nameservers 2020-10-25 10:53:55 +01:00
43bd6b4774
bundles/powerdns: only enable webserver and api on primary nameservers 2020-10-25 10:52:51 +01:00
78c553faf9
bundles/nodejs: update to 14.x
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-24 17:20:50 +02:00
a0702416a0
bundles/radicale: introduce
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-23 15:22:35 +02:00
d76f69ab49
bundles/apt: more output for upgrade-and-reboot
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-23 06:26:19 +02:00
2bc659af5f
bundles/users: add some bash aliases
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-23 06:06:59 +02:00
6398e668e1
bundles/apt: use DEBIAN_FRONTEND=noninteractive everywhere in upgrade-and-reboot
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-23 04:33:01 +02:00
07dcb813f3
bundles/raspberrypi: add options for camera and gpu_mem
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-18 19:51:52 +02:00
48cc865892
bundles/nginx: make sure webroot directory exists
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-18 18:55:00 +02:00
5c31cdccdd
bundles/kodi: fix path
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-18 16:53:19 +02:00
4271c92d70
bundles/gitea: fix chmod
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-18 16:18:12 +02:00
e32ad2eb19
formatting
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-18 15:51:45 +02:00
ececab44b4
bundles/miniflux: introduce 2020-10-18 15:49:32 +02:00
366374b4e5
bundles/apt: handle unattended-upgrades ourselves 2020-10-18 15:33:41 +02:00
kunsi
5635571f97 Merge pull request 'PowerDNS instead of bind9' (#2) from kunsi-feature-powerdns-instead-of-bind into main
All checks were successful
bundlewrap/pipeline/head This commit looks good
Reviewed-on: https://git.kunsmann.eu/kunsi/bundlewrap/pulls/2
2020-10-17 11:12:35 +00:00
ae7c3220e0
bundles/powerdns: fix NS records in zonefile header
Some checks are pending
bundlewrap/pipeline/head Build queued...
2020-10-17 13:04:28 +02:00
4d6b867bb3
bundles/powerdns: add metadata reactor for automatic node-dns-generation
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-17 12:57:35 +02:00
793220c0ec
bundles/powerdns: auto-generate zonefile header based on dns server nodes 2020-10-17 12:57:07 +02:00
51e6d0534e
bundles/powerdns: fix Faults
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-17 10:50:21 +02:00
ca1646d394
bundles/powerdns: add support for zone transfers
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-10-16 23:02:47 +02:00
31cc74951b
bundles/powerdns: only reload pdns on zone changes, don't restart
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-10-16 20:40:05 +02:00
7c1c0f5e80
bundles/powerdns: increase default TTL to 1 day 2020-10-16 20:16:34 +02:00
0a115d2372
EOL bundles/bind 2020-10-16 20:12:47 +02:00
155c93f739
bundles/powerdns: fix schema import for pgsql 2020-10-16 20:10:55 +02:00
9bba18d13e
bundles/powerdnsadmin: introduce 2020-10-16 20:10:34 +02:00
0533e4087a
bundles/postgresql: install dev packages
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-16 19:24:40 +02:00
d442ab399e
bundles/powerdns: support pgsql 2020-10-16 19:24:12 +02:00
2c1a825b7d
bundles/apt: make sure we have python3-dev 2020-10-16 19:14:15 +02:00
8acc0a7bb1
bundles/apt: make sure we have build-essential and git 2020-10-16 19:12:26 +02:00
a553e736d1
bundles/powerdns: fix dependencies 2020-10-16 17:59:46 +02:00
df852e8ef9
bundles/powerdns: more config, add bind backend
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-16 17:44:31 +02:00
fa67bd13f4
bundles/powerdns: minimal pdns.conf
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-16 13:19:44 +02:00
d029af554c
bundles/travelynx: make sure to restart worker service, too
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-16 13:03:52 +02:00
c5c0c923d1
home.kodi-wohnzimmer: switch to debian-multimedia repository to have kodi 18
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-15 19:34:22 +02:00
a08f483ac5
bundles/powerdns: introduce
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-13 19:06:22 +02:00
591d3fb947
bundles/nfs-client: fix installation of automount units
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-10 17:25:39 +02:00
6a8768fb2f
bundles/nfs-client: introduce 2020-10-10 16:37:33 +02:00
Sophie Schiller
3170e75bbe update kodi to unstable 2020-10-09 18:12:56 +02:00
a955a7b84d
bundles/raspberrypi: do not set empty default for config.txt 2020-10-09 17:46:36 +02:00
c953d138ee
bundles/kodi: fix dependencies for alsa 2020-10-09 17:46:07 +02:00
5e8489a74c
bundles/kodi: add missing dependencies 2020-10-03 18:36:48 +02:00
c2bcd1f0d9
bundles/apt: add raspbian to supported OSes 2020-10-03 18:36:29 +02:00
2387b196b2
bundles/kodi: use alsa instead of pulseaudio
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-03 17:00:13 +02:00
018bdd1d00
bundles/kodi: also install addon repository
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-03 15:54:03 +02:00
9b8c5450ec
bundles/raspberrypi: make sure dphys-swapfile is uninstalled 2020-10-03 15:10:28 +02:00
60cfe90a1d
bundles/raspberrypi: force maximum cpu frequency 2020-10-03 13:52:34 +02:00
32fd2f7a7b
bundles/kodi: introduce 2020-10-03 13:36:12 +02:00