54d0c42da6
bundles/matrix-synapse: auto-trust all own servers as keyservers
2023-07-23 13:59:26 +02:00
e9ee2039d5
bundles/smartd: ignore non-digit values in telegraf stats
2023-07-13 21:41:52 +02:00
471e2ba6f6
bundles/{influxdb2,telegraf}: it's always the same, just use 'stable main'
2023-07-13 21:41:22 +02:00
838b61a2b9
bundles/grafana: remove useless "power on hours" graph
2023-07-13 21:40:55 +02:00
6b27128b6d
bundles/systemd-timers: add exclude_from_monitoring
2023-07-13 21:31:25 +02:00
3936e64227
bundles/smartd: use systemd-timers
2023-07-13 21:31:11 +02:00
bbfa985e1d
bundles/smartd: ignore partitions in smartd check
2023-07-13 21:30:49 +02:00
d0825a51ee
bundles/smartd: unit names have changed
2023-07-13 21:30:29 +02:00
70bd7d295d
bundles/cron: less strict dependencies
2023-07-13 20:19:17 +02:00
cff3fe558e
bundles/zfs: more ordering please
2023-07-13 20:04:43 +02:00
5fa8c72863
debian bookworm time \o/
2023-07-13 20:02:38 +02:00
fa4ea575b4
bundles/users: show last five logins on login
2023-07-11 05:40:39 +02:00
d5f5fd853b
bundles/element-web: remove --openssl-legacy-provider
2023-06-29 05:39:30 +02:00
8968252ba6
bundles/nginx: fix content_type for logrotate config
2023-06-21 23:27:30 +02:00
42e20b122c
bundles/icinga2: add non-listing results to check_spam_blocklist
2023-06-21 23:25:12 +02:00
Sophie Schiller
d17b146476
hedgedoc new release
2023-06-04 23:17:55 +02:00
712454c1e3
bundles/postgresql: more cache, please
2023-06-03 13:21:23 +02:00
55f80b468e
bundles/matrix-registration: fix bugs
2023-05-26 10:48:01 +02:00
e6111efe2d
bundles/matrix-registration: configurable client_redirect
2023-05-26 07:11:22 +02:00
9fc0004746
add option to exclude hosts from public status page
2023-05-21 06:59:34 +02:00
b35bfc85e9
ovh.icinga2: fix simple-icinga-dashboard
2023-05-20 20:12:24 +02:00
2607049f8d
add bundle:matrix-registration
2023-05-20 15:15:35 +02:00
6374f6b71e
bundles/matrix-synapse: support home servers without appservices
2023-05-20 15:10:57 +02:00
1708f6ae17
bundles/matrix-synapse: include signing key in backups
2023-05-20 14:23:52 +02:00
b1567443ca
bundles/zfs: support other cpu architectures
2023-05-20 12:38:27 +02:00
0db4c19457
htz-cloud.sewfile: update to debian bullseye
2023-05-20 12:19:46 +02:00
32e6e61a3b
bundles/systemd: fix dependencies
2023-05-20 11:25:26 +02:00
cff42ef0f7
update home.downloadhelper to debian bullseye
2023-05-20 11:13:48 +02:00
048fb83ee7
bundles/apt: support spreading unattended-upgrades in a group
2023-05-20 07:46:23 +02:00
92cca7f396
isort the repo
2023-05-20 07:46:02 +02:00
1260410eae
bundles/powerdns: split "add ip to autoprimaries" and "fix hostname for autoprimary"
2023-05-16 19:56:21 +02:00
6d2cf0fa24
bundles/powerdns: ensure primary servers are in database
2023-05-16 19:25:17 +02:00
f8416215d5
ns-ionos: move powerdnsadmin webinterface to new hostname
2023-05-16 18:08:00 +02:00
a4bb7f89ec
rename ns-primary to ns-ionos
2023-05-16 17:58:31 +02:00
b2ad9ce3d8
bundles/jugendhackt_tools: fix static root
2023-05-15 12:08:57 +02:00
906994b50f
rx300: add bundle:jugendhackt_tools
2023-05-06 17:27:02 +02:00
714fa88d72
bundles/ntfy: fix directory modes
2023-05-06 17:26:59 +02:00
f12a176759
bundles/sysctl: we need 99-sysctl.conf on debian
2023-05-06 17:26:54 +02:00
9a32534c49
bundles/icinga2: remove uceprotect level 2 from check_spam_blocklist
2023-04-28 16:42:55 +02:00
b3e490720e
bundles/icinga2: add notification support via ntfy
2023-04-09 17:32:36 +02:00
c6cf997102
bundles/ntfy: add option to disable unauthorized writes
2023-04-09 12:24:23 +02:00
95d5c0cfc8
bundles/ntfy: update config to more recent version
2023-04-09 12:09:28 +02:00
a27ac38bec
add bundle:telegraf-monitors-mikrotik
2023-04-01 07:01:03 +02:00
9a6be52b05
bundles/backup-client: use set instead of list
2023-04-01 06:58:48 +02:00
60fc0e64e7
bundles/{apt,pacman}: ignore sshd processes spawned by user nobody
2023-04-01 06:50:37 +02:00
28298d3ce6
replace predefined ssh keys with generated ones
2023-03-31 21:45:09 +02:00
ca614efec1
add home.switch-rack
2023-03-26 15:58:29 +02:00
190833c54a
bundles/lldp: do not run for routeros devices
2023-03-26 15:58:09 +02:00
e3b1d14fe7
bundles/miniflux: fix proxy settings
2023-03-19 15:43:34 +01:00
cc49d34475
bundles/matrix-synapse: add script to reset the federation timeout
2023-03-19 15:43:09 +01:00
4122a7ccf8
isort the repo
2023-02-05 17:30:58 +01:00
429bc2a7c6
bundles/homeassistant: fix .provides()
2023-02-05 17:28:52 +01:00
1906e7c256
bundles/gitea: derive version number from installed gitea
2023-02-05 17:24:50 +01:00
077b25f67e
bundles/miniflux: repo has changed
...
... also now everything is unsigned, yeaaaaaaaaaaaah
2023-02-02 19:29:28 +01:00
7bd8237876
bashrc: add 'ipa' alias
2023-01-29 11:03:38 +01:00
55bebda4d4
bundles/powerdns: fix socket path for telegraf
2023-01-29 11:02:49 +01:00
ef16a2d081
bundles/powerdns: rework zone file generation
2023-01-29 11:01:48 +01:00
264ea3e8a7
bundles/systemd-networkd: remove isc-dhcp-client
2023-01-29 10:13:26 +01:00
109914c039
bundles/powerdnsadmin: create virtualenv after packages are installed
2023-01-29 10:04:47 +01:00
f6b0c587d0
rename some gitea stuff to forgejo
2023-01-29 09:42:36 +01:00
a8e2e6b5ad
bundles/gitea: adjust config for 1.18
2023-01-29 09:40:38 +01:00
17aee0f6bb
update gitea to forgejo 1.18.2-1
2023-01-29 09:35:29 +01:00
a3218ac41f
bundles/sshmon: fix hostname in check_forgejo_for_new_release
2023-01-29 09:35:05 +01:00
2e6e6b663e
bundles/powerdns: also send out notify to all secondaries
2023-01-29 09:21:59 +01:00
c93a4d0a99
powerdns: switch to AXFR for secondarie
2023-01-29 08:35:08 +01:00
31e614ab3b
bundles/powerdns: allow exposing API to the world
2023-01-29 08:06:27 +01:00
60585a3716
bundles/homeassistant: fix typo
2023-01-29 07:04:38 +01:00
c717e86f70
bundles/homeassistant: fix website_check
2023-01-29 07:03:28 +01:00
ff8928dd0b
remove openhab, move backups to hass
2023-01-29 06:54:48 +01:00
ba97cd432f
bundles/icinga2: icingaweb2 apparently ships monitoring module by itself
2023-01-29 06:45:34 +01:00
07dce73bca
bundles/sshmon: get rid of sysstat
2023-01-28 18:10:24 +01:00
c5ccc31ad9
get rid of molly-guard
2023-01-28 18:10:21 +01:00
ab76721ddb
bundles/powerdnsadmin: install psycopg2 in venv
2023-01-28 18:10:18 +01:00
b460085bb0
bundles/powerdns: enable superslave if supported
2023-01-28 18:10:14 +01:00
c94aef55a5
bundles/dovecot: enable sieve logging
2022-12-31 16:33:10 +01:00
c04ce63c35
bundles/arch-with-gui: more packages via bundle, less via nodefile
2022-12-29 13:45:06 +01:00
070b466abe
bundles/travelynx: update bundle for new version
2022-12-27 13:38:53 +01:00
9dae384cd1
Merge pull request 'homassistant' ( #56 ) from homassistant into main
...
Reviewed-on: #56
2022-12-24 17:32:36 +00:00
Sophie Schiller
52983a51a9
homeassistant: rework update check
2022-12-24 17:51:42 +01:00
638363e927
bundles/php: rework bundle, fix directory permissions
2022-12-24 16:12:22 +01:00
9a45e3c30e
bundles/gitea: fix wrong monitoring command
2022-12-24 13:45:44 +01:00
648a80362e
bundles/sshmon: actually install the check
2022-12-24 08:45:48 +01:00
931f3cd583
bundles/gitea: set update check to check for forgejo update
2022-12-23 14:57:32 +01:00
df303b3487
bundles/homeassistant: set websockets=True in nginx config
2022-12-22 20:01:35 +01:00
Sophie Schiller
edeffee5c2
first running hass stuff
2022-12-22 18:59:27 +01:00
Sophie Schiller
107fd6872b
home.hass add metadata
2022-12-22 17:53:10 +01:00
Sophie Schiller
c407a4520a
blind dev result of homeassistant
2022-12-22 17:37:13 +01:00
fcb546baf6
bundles/nodejs: fix repo name
2022-12-22 17:32:36 +01:00
c5e45cbafc
bundles/sshmon: add check_forgejo_for_new_release
2022-12-22 12:13:53 +01:00
3db7168589
move default nameservers to libs/defaults
2022-12-22 12:13:13 +01:00
90823b7984
bundles/postfix: lessen smtpd security restrictions
2022-12-20 08:55:44 +01:00
caa54051ff
bundles/zfs: please, just restart zed
2022-12-18 11:43:38 +01:00
8621c726bb
bundles/systemd: fix edgecase in check_timesyncd_sync
2022-12-18 11:34:21 +01:00
ee761507a2
bundles/{icinga2,influxdb}: fix file permissions
2022-12-17 11:45:10 +01:00
6d49889f2f
bundles/systemd: systemd-timesyncd not showing offset is an error
2022-12-17 11:41:37 +01:00
8a0ae4fa10
bundles/systemd: explicitely use all four ntp.org timeserver pools
...
turns out, only 2.pool.ntp.org has IPv6, but we won't get any IPv6
addresses when querying pool.ntp.org
2022-12-17 11:39:45 +01:00
eaab905735
bundles/systemd: add monitoring for systemd-timesyncd
2022-12-16 16:15:57 +01:00
e12b9e6c12
uninstall chrony and ntpd everywhere
2022-12-16 15:32:09 +01:00
bd64d52edb
bundles/gce-workaround: uninstall chrony
2022-12-16 15:24:51 +01:00
d6da47fc1e
bundles/systemd: also manage systemd-timesyncd
2022-12-16 15:10:52 +01:00
5dc60eb24e
bundles/openvpn-client: do not manage config directory group
2022-12-16 15:10:03 +01:00
f790e2cee0
bundles/vnstat: rework bundle
2022-12-12 07:56:23 +01:00
c8dd809057
bundles/wireguard: better nftables rules
2022-12-11 17:42:39 +01:00
e8d24bc363
bundles/pppd: automatically add interface entry for ignored interface
2022-12-11 17:42:08 +01:00
d86dc32f51
bundles/mixcloud-downloader: improvements
2022-12-07 18:06:44 +01:00
15ea875742
home.nas: add bundle:mixcloud-downloader
2022-12-07 04:24:38 +01:00
615f6107bc
bundles/element-web: only set --openssl-legacy-provider if using nodejs >= 17
2022-11-27 19:56:36 +01:00
ca18a8d231
bundles/pretalx: ignore update check if no version was specified
2022-11-27 19:48:13 +01:00
d64657feef
bundles/openvpn-client: fix permissions for /etc/openvpn/client
2022-11-22 18:45:19 +01:00
b7de8b3a4d
bundles/grafana: new repo, who dis?
2022-11-21 19:32:47 +01:00
bc589011d2
add c3voc vpn to kunsi-p14s
2022-11-21 19:31:49 +01:00
72cbe56b5f
bundles/nodejs: make nodejs version configurable
2022-11-16 18:54:52 +01:00
2ea914dc0b
bundles/minecraft: collect metrics more often
2022-11-13 18:13:18 +01:00
7a14084417
bundles/minecraft: add monitoring via icinga2
2022-11-13 17:48:22 +01:00
019d5ce2b6
bundles/minecraft: add monitoring via telegraf
2022-11-13 17:47:19 +01:00
52e36f7ae1
bundles/redis: use a lot less snapshots
2022-11-06 19:08:35 +01:00
e6e563fb33
bundles/systemd-timers: use bash, because we're using bash if
2022-11-06 19:08:13 +01:00
3dce0fb6ac
add bundle:minecraft to rx300
2022-11-06 18:52:38 +01:00
fba5d6a782
bundles/{jenkins-ci,openhab}: bump openjdk version
2022-11-06 18:52:14 +01:00
b0a43fb128
bundles/users: enable color output in ipb
2022-11-06 14:27:35 +01:00
73e6ba0872
bundles/{matrix-dimension,mx-puppet-discord}: nodejs-dependency-hölle, once again
2022-11-05 07:47:07 +01:00
ee9f7b8875
bundles/element-web: requires legacy openssl provider for now
2022-11-04 07:29:11 +01:00
aa01329dbf
bundles/nodejs: update to nodejs 18
2022-11-04 07:28:53 +01:00
e1fe424df9
bundles/basic: support configuring /etc/environment
2022-11-04 07:28:14 +01:00
8b1ccb760a
bundles/ntfy: fix formatting errors
2022-11-04 07:27:38 +01:00
3db6078d9b
bundles/postfix: set tls ciphers to medium to increase compatibility with centos
2022-11-04 07:08:33 +01:00
Sophie Schiller
bd3c92aac9
bundles/ntfy fix various typos
2022-10-19 17:23:57 +02:00
Sophie Schiller
014c7e5be8
bundles/ntfy add more nginx options
2022-10-19 16:33:36 +02:00
Sophie Schiller
6e23f84a39
bundles/ntfy various fixes
2022-10-19 15:38:10 +02:00
Sophie Schiller
a8cf858d44
bundles/ntfy: first draft
2022-10-19 15:24:39 +02:00
2095696131
bundles/mautrix-telegram: disable backfilling
2022-10-16 21:29:53 +02:00
8c77e5824a
bundles/grafana: disable metrics
2022-10-02 11:00:06 +02:00
988d7e08a0
bundles/travelynx: use carton instead of cpanm
2022-09-22 06:03:51 +02:00
edaa22dab6
bundles/infobeamer-cms: fix nginx config
2022-09-11 11:38:13 +02:00
038f19ea5e
bundles/unbound: use systemd-timers
2022-09-11 11:32:26 +02:00
d9be69d3a9
bundles/systemd-timers: don't auto-reset alerts
2022-09-11 11:26:57 +02:00
f004591e98
bundles/letsencrypt: use systemd-timers
2022-09-11 11:26:24 +02:00
944c66354b
bundles/mx-puppet-discord: github is archived, gitlab is the new hotness
2022-09-10 18:10:14 +02:00
2fd94c2a4b
bundles/hedgedoc: fix nginx config
2022-08-29 19:24:33 +02:00
aa5c7ff8b4
block access to the go /debug/pprof/ endpoint
2022-08-19 07:26:01 +02:00
84917649dd
bundles/arch-with-gui: have pytz available in i3pystatus
2022-08-14 12:47:52 +02:00
6b641890c3
bundles/grafana: replace the useless builtin of telegraf with something more useful
2022-08-07 10:16:07 +02:00
a1ce8bf91a
bundles/sudo: purge directory after package installation
2022-07-25 10:08:26 +02:00
5539957eb6
bundles/molly-guard: empty directories after package has been installed
2022-07-25 10:07:54 +02:00
86cc900d74
rx300: update gitea to 1.16.9
2022-07-17 10:30:05 +02:00
2a938d19f1
bundles/gitea: disable registration by default
2022-07-12 20:28:59 +02:00
dd5a97eced
bundles: add dependency to systemd-networkd
2022-07-10 13:32:11 +02:00
1d58955ced
bundles/zfs: increase timeout for ZFS OLD SNAPSHOTS check
kunsi/bundlewrap/pipeline/head This commit looks good
2022-06-05 09:30:44 +02:00
51c9506a19
move pacman/no_extract to bundle metadata defaults
2022-05-16 10:52:14 +02:00
9730a2be13
bundles/wireguard: fix permissions for wireguard netdev files
2022-05-16 10:48:26 +02:00
8cc116c0c4
bundles/zfs: respect pacman/linux-lts option
2022-04-30 12:30:32 +02:00
7fffdbab32
bundles/voc-tracker-worker: improve bundle
2022-04-27 05:40:20 +02:00
a38b66a7c5
bundles/nfs-client: minor fixes
2022-04-27 05:39:34 +02:00
74b3a513f6
bundles/pacman: make NoExtract user-configurable
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-22 15:47:47 +02:00
8145fb22e8
add bundle:voc-tracker-worker
2022-04-22 15:43:34 +02:00
fc2a69fc2c
rx300: update netbox to 3.2.1
2022-04-15 06:37:09 +02:00
Sophie Schiller
5979d8a1f9
hedgedoc: use global yarn in systemd unit
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-11 00:34:56 +02:00
ca69969dad
bundles/backup-server: disable ZFS OLD SNAPSHOTS check
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-06 18:13:23 +02:00
4390256abc
bundles/zfs: add metadata option to disable ZFS OLD SNAPSHOTS check
2022-04-06 18:13:01 +02:00
5640556ad9
bundles/zfs: run scrub for each pool separately
2022-04-03 09:48:28 +02:00
4823653214
bundles/systemd-networkd: remove usage of systemd-resolved
...
kunsi/bundlewrap/pipeline/head This commit looks good
Something in the combination of arch+zfs+netctl+resolved+ipv6 leads to
hanging dns, which in turn leads to hanging everything.
2022-04-03 09:01:10 +02:00
891823376f
bundles: add missing dependency to yarn
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-03 08:38:20 +02:00
a340071ad8
bundles/oidentd: provide our own systemd unit file
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-03 08:32:07 +02:00
ddd29bef3b
bundles: install yarn globally instead of in each individual bundle
2022-04-03 08:16:35 +02:00
4ecf7ccb46
bundles/matrix-media-repo: download prebuilt executable instead of building ourselves
2022-04-03 08:05:46 +02:00
d8f8f1377f
bundles/arch-with-gui: install sipcalc and inkscape
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-30 18:28:46 +02:00
ac48462043
bundles/icinga2: icingaweb2 roles.ini needs another option
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-30 17:29:27 +02:00
7b9686977d
bundles/backup-client: do backups between 00:00 and 02:59
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-30 17:23:10 +02:00
7c49ac59f5
more packages, please
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-24 18:14:50 +01:00
2f8306a14a
bundles/pacman: fix archzfs-kernels repo name
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-23 21:04:12 +01:00
950c88aab2
bundles/pacman: install archzfs repo and archzfs-kernels repo if node has bundle:zfs
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-23 19:19:21 +01:00
489c2386de
voc.infobeamer-cms: prepare for divoc
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-20 12:35:26 +01:00
3e7e355dd6
rx300: update mautrix-whatsapp to 0.3.0
2022-03-19 07:02:54 +01:00
c983c50d21
bundles/icinga2: fix timeperiods
2022-03-19 07:02:48 +01:00
206cdfe128
bundles/systemd: fix dependencies
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 15:19:01 +01:00
7604fef734
bundles/icinga2: use ip addresses for monitoring instead of hostnames
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-13 15:15:47 +01:00
5179edb458
bundles/wireguard: fix forwarding firewall rules
2022-03-13 15:15:08 +01:00
c0ebd25ffc
bundles/systemd: systemd-timesyncd gets started automatically
2022-03-13 15:14:40 +01:00
212ba72b30
bundles/nftables: workaround does not work for debian buster
2022-03-13 14:13:59 +01:00
aa3ce32a7c
bundles/systemd: systemd-timesyncd package requires debian bullseye
2022-03-13 14:12:05 +01:00
c71d827691
bundles/icinga2: add some missing config
2022-03-13 14:07:28 +01:00
690c0b7050
bundles/nftables: restart on failure
2022-03-13 14:07:08 +01:00
a9d4cc73c1
bundles/systemd: ensure we have systemd-timesyncd installed and running
2022-03-13 14:06:40 +01:00
28b235514a
bundles/zfs: fix compatibility to older zfs versions
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 12:58:07 +01:00
8397739634
bundles/backup-server: fix bug in retaining
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 09:24:45 +01:00
008940d75f
bundles/users: add journalctl bash alias
2022-03-13 09:21:10 +01:00
cd1a33ccbb
bundles/zfs: refactor zfs-auto-snapshot
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 09:18:14 +01:00
dab6065b89
bundles/vmhost: svc_systemd:virtlogd gets triggered by socket, too
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 08:42:51 +01:00
65efdc2e2c
bundles/pacman: disable pam_faillock
2022-03-13 08:42:48 +01:00
a4fb9a15b5
bundles/backup-server: increase timeout for monitoring checks
2022-03-13 08:42:44 +01:00
f56703df2e
bundles/dovecot: filter X-Spam-Status, not X-Spam-Flag
...
kunsi/bundlewrap/pipeline/head This commit looks good
The latter is YES even if the overall score is very low because of
IP allowlisting.
2022-03-12 10:24:06 +01:00
759a711dc5
bundles/rspamd: remove from_name from dmarc reporting config
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-12 10:08:04 +01:00
6a9da7efa5
bundles/arch-with-gui: add workaround for broken bw test
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-12 09:03:45 +01:00
72cf616114
bundles/zfs: use zfs-import-scan instead of zfs-import-cache
...
Last night, rx300 rebooted. After a reboot, the disks were detected
in another order (but still, all were detected!), so the cachefile did
no longer match, leading to breaking the import.
Running `zpool import` manually worked, because that will ignore the
cachefile. So, why do we depend on the cache file on boot up? The added
reliability of zfs-import-scan beats the speed of zfs-import-cache in
any way.
2022-03-12 09:03:42 +01:00
42a66751e1
bundles/vmhost: don't try to start libvirtd on every apply
2022-03-12 09:03:38 +01:00
4a03a9f89c
bundles/icinga2: fix directory permissions for /etc/icingaweb2
2022-03-12 09:03:35 +01:00
d7b47d2560
bundles/jenkins: jenkins.war has moved
2022-03-12 09:03:32 +01:00
403b67ee48
bundles/vmhost: install pkg_pacman:edk2-ovmf
2022-03-12 09:03:28 +01:00
757f1cb3cd
bundles/vmhost: prepare for arch linux
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-11 13:58:38 +01:00
93351340d0
move thermald package back to fkusei-locutus
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-10 21:09:26 +01:00