fba5d6a782
bundles/{jenkins-ci,openhab}: bump openjdk version
2022-11-06 18:52:14 +01:00
b0a43fb128
bundles/users: enable color output in ipb
2022-11-06 14:27:35 +01:00
73e6ba0872
bundles/{matrix-dimension,mx-puppet-discord}: nodejs-dependency-hölle, once again
2022-11-05 07:47:07 +01:00
ee9f7b8875
bundles/element-web: requires legacy openssl provider for now
2022-11-04 07:29:11 +01:00
aa01329dbf
bundles/nodejs: update to nodejs 18
2022-11-04 07:28:53 +01:00
e1fe424df9
bundles/basic: support configuring /etc/environment
2022-11-04 07:28:14 +01:00
8b1ccb760a
bundles/ntfy: fix formatting errors
2022-11-04 07:27:38 +01:00
3db6078d9b
bundles/postfix: set tls ciphers to medium to increase compatibility with centos
2022-11-04 07:08:33 +01:00
Sophie Schiller
bd3c92aac9
bundles/ntfy fix various typos
2022-10-19 17:23:57 +02:00
Sophie Schiller
014c7e5be8
bundles/ntfy add more nginx options
2022-10-19 16:33:36 +02:00
Sophie Schiller
6e23f84a39
bundles/ntfy various fixes
2022-10-19 15:38:10 +02:00
Sophie Schiller
a8cf858d44
bundles/ntfy: first draft
2022-10-19 15:24:39 +02:00
2095696131
bundles/mautrix-telegram: disable backfilling
2022-10-16 21:29:53 +02:00
8c77e5824a
bundles/grafana: disable metrics
2022-10-02 11:00:06 +02:00
988d7e08a0
bundles/travelynx: use carton instead of cpanm
2022-09-22 06:03:51 +02:00
edaa22dab6
bundles/infobeamer-cms: fix nginx config
2022-09-11 11:38:13 +02:00
038f19ea5e
bundles/unbound: use systemd-timers
2022-09-11 11:32:26 +02:00
d9be69d3a9
bundles/systemd-timers: don't auto-reset alerts
2022-09-11 11:26:57 +02:00
f004591e98
bundles/letsencrypt: use systemd-timers
2022-09-11 11:26:24 +02:00
944c66354b
bundles/mx-puppet-discord: github is archived, gitlab is the new hotness
2022-09-10 18:10:14 +02:00
2fd94c2a4b
bundles/hedgedoc: fix nginx config
2022-08-29 19:24:33 +02:00
aa5c7ff8b4
block access to the go /debug/pprof/ endpoint
2022-08-19 07:26:01 +02:00
84917649dd
bundles/arch-with-gui: have pytz available in i3pystatus
2022-08-14 12:47:52 +02:00
6b641890c3
bundles/grafana: replace the useless builtin of telegraf with something more useful
2022-08-07 10:16:07 +02:00
a1ce8bf91a
bundles/sudo: purge directory after package installation
2022-07-25 10:08:26 +02:00
5539957eb6
bundles/molly-guard: empty directories after package has been installed
2022-07-25 10:07:54 +02:00
86cc900d74
rx300: update gitea to 1.16.9
2022-07-17 10:30:05 +02:00
2a938d19f1
bundles/gitea: disable registration by default
2022-07-12 20:28:59 +02:00
dd5a97eced
bundles: add dependency to systemd-networkd
2022-07-10 13:32:11 +02:00
1d58955ced
bundles/zfs: increase timeout for ZFS OLD SNAPSHOTS check
kunsi/bundlewrap/pipeline/head This commit looks good
2022-06-05 09:30:44 +02:00
51c9506a19
move pacman/no_extract to bundle metadata defaults
2022-05-16 10:52:14 +02:00
9730a2be13
bundles/wireguard: fix permissions for wireguard netdev files
2022-05-16 10:48:26 +02:00
8cc116c0c4
bundles/zfs: respect pacman/linux-lts option
2022-04-30 12:30:32 +02:00
7fffdbab32
bundles/voc-tracker-worker: improve bundle
2022-04-27 05:40:20 +02:00
a38b66a7c5
bundles/nfs-client: minor fixes
2022-04-27 05:39:34 +02:00
74b3a513f6
bundles/pacman: make NoExtract user-configurable
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-22 15:47:47 +02:00
8145fb22e8
add bundle:voc-tracker-worker
2022-04-22 15:43:34 +02:00
fc2a69fc2c
rx300: update netbox to 3.2.1
2022-04-15 06:37:09 +02:00
Sophie Schiller
5979d8a1f9
hedgedoc: use global yarn in systemd unit
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-11 00:34:56 +02:00
ca69969dad
bundles/backup-server: disable ZFS OLD SNAPSHOTS check
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-06 18:13:23 +02:00
4390256abc
bundles/zfs: add metadata option to disable ZFS OLD SNAPSHOTS check
2022-04-06 18:13:01 +02:00
5640556ad9
bundles/zfs: run scrub for each pool separately
2022-04-03 09:48:28 +02:00
4823653214
bundles/systemd-networkd: remove usage of systemd-resolved
...
kunsi/bundlewrap/pipeline/head This commit looks good
Something in the combination of arch+zfs+netctl+resolved+ipv6 leads to
hanging dns, which in turn leads to hanging everything.
2022-04-03 09:01:10 +02:00
891823376f
bundles: add missing dependency to yarn
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-03 08:38:20 +02:00
a340071ad8
bundles/oidentd: provide our own systemd unit file
kunsi/bundlewrap/pipeline/head This commit looks good
2022-04-03 08:32:07 +02:00
ddd29bef3b
bundles: install yarn globally instead of in each individual bundle
2022-04-03 08:16:35 +02:00
4ecf7ccb46
bundles/matrix-media-repo: download prebuilt executable instead of building ourselves
2022-04-03 08:05:46 +02:00
d8f8f1377f
bundles/arch-with-gui: install sipcalc and inkscape
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-30 18:28:46 +02:00
ac48462043
bundles/icinga2: icingaweb2 roles.ini needs another option
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-30 17:29:27 +02:00
7b9686977d
bundles/backup-client: do backups between 00:00 and 02:59
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-30 17:23:10 +02:00
7c49ac59f5
more packages, please
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-24 18:14:50 +01:00
2f8306a14a
bundles/pacman: fix archzfs-kernels repo name
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-23 21:04:12 +01:00
950c88aab2
bundles/pacman: install archzfs repo and archzfs-kernels repo if node has bundle:zfs
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-23 19:19:21 +01:00
489c2386de
voc.infobeamer-cms: prepare for divoc
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-20 12:35:26 +01:00
3e7e355dd6
rx300: update mautrix-whatsapp to 0.3.0
2022-03-19 07:02:54 +01:00
c983c50d21
bundles/icinga2: fix timeperiods
2022-03-19 07:02:48 +01:00
206cdfe128
bundles/systemd: fix dependencies
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 15:19:01 +01:00
7604fef734
bundles/icinga2: use ip addresses for monitoring instead of hostnames
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-13 15:15:47 +01:00
5179edb458
bundles/wireguard: fix forwarding firewall rules
2022-03-13 15:15:08 +01:00
c0ebd25ffc
bundles/systemd: systemd-timesyncd gets started automatically
2022-03-13 15:14:40 +01:00
212ba72b30
bundles/nftables: workaround does not work for debian buster
2022-03-13 14:13:59 +01:00
aa3ce32a7c
bundles/systemd: systemd-timesyncd package requires debian bullseye
2022-03-13 14:12:05 +01:00
c71d827691
bundles/icinga2: add some missing config
2022-03-13 14:07:28 +01:00
690c0b7050
bundles/nftables: restart on failure
2022-03-13 14:07:08 +01:00
a9d4cc73c1
bundles/systemd: ensure we have systemd-timesyncd installed and running
2022-03-13 14:06:40 +01:00
28b235514a
bundles/zfs: fix compatibility to older zfs versions
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 12:58:07 +01:00
8397739634
bundles/backup-server: fix bug in retaining
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 09:24:45 +01:00
008940d75f
bundles/users: add journalctl bash alias
2022-03-13 09:21:10 +01:00
cd1a33ccbb
bundles/zfs: refactor zfs-auto-snapshot
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 09:18:14 +01:00
dab6065b89
bundles/vmhost: svc_systemd:virtlogd gets triggered by socket, too
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-13 08:42:51 +01:00
65efdc2e2c
bundles/pacman: disable pam_faillock
2022-03-13 08:42:48 +01:00
a4fb9a15b5
bundles/backup-server: increase timeout for monitoring checks
2022-03-13 08:42:44 +01:00
f56703df2e
bundles/dovecot: filter X-Spam-Status, not X-Spam-Flag
...
kunsi/bundlewrap/pipeline/head This commit looks good
The latter is YES even if the overall score is very low because of
IP allowlisting.
2022-03-12 10:24:06 +01:00
759a711dc5
bundles/rspamd: remove from_name from dmarc reporting config
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-12 10:08:04 +01:00
6a9da7efa5
bundles/arch-with-gui: add workaround for broken bw test
kunsi/bundlewrap/pipeline/head This commit looks good
2022-03-12 09:03:45 +01:00
72cf616114
bundles/zfs: use zfs-import-scan instead of zfs-import-cache
...
Last night, rx300 rebooted. After a reboot, the disks were detected
in another order (but still, all were detected!), so the cachefile did
no longer match, leading to breaking the import.
Running `zpool import` manually worked, because that will ignore the
cachefile. So, why do we depend on the cache file on boot up? The added
reliability of zfs-import-scan beats the speed of zfs-import-cache in
any way.
2022-03-12 09:03:42 +01:00
42a66751e1
bundles/vmhost: don't try to start libvirtd on every apply
2022-03-12 09:03:38 +01:00
4a03a9f89c
bundles/icinga2: fix directory permissions for /etc/icingaweb2
2022-03-12 09:03:35 +01:00
d7b47d2560
bundles/jenkins: jenkins.war has moved
2022-03-12 09:03:32 +01:00
403b67ee48
bundles/vmhost: install pkg_pacman:edk2-ovmf
2022-03-12 09:03:28 +01:00
757f1cb3cd
bundles/vmhost: prepare for arch linux
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-11 13:58:38 +01:00
93351340d0
move thermald package back to fkusei-locutus
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-10 21:09:26 +01:00
15ae3b7a0b
move some configuration from nodes to bundle:arch-with-gui
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-10 21:00:45 +01:00
e181be3fc6
bundles/wireguard: better dependency management
2022-03-10 21:00:42 +01:00
64448af027
add node fkusei-locutus
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-09 13:07:55 +01:00
0082d3e014
bundles/zfs: ensure some targets are started on arch linux
2022-03-09 13:05:57 +01:00
c7e5002f17
bundles/wireguard: support arch linux and other netmasks than /31
2022-03-09 13:05:01 +01:00
05a2e501ce
bundles/bird: support arch linux
2022-03-09 13:04:34 +01:00
c023c144c3
bundles/arch-with-gui: install firefox
2022-03-09 13:03:56 +01:00
f969b05468
bundles/arch-with-gui: i3pystatus requires python-virtualenv
2022-03-09 13:02:35 +01:00
b351703953
bundles/c3voc-addons: implement addidional_update_commands
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-06 12:57:48 +01:00
a693e90aa3
bundles/nodejs: auto-upgrade npm
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-06 12:50:04 +01:00
50ea6a92a5
bundles/apt: introduce additional_update_commands for updating other stuff
2022-03-06 12:49:46 +01:00
56bafd73be
bundles/nginx: refine fastcgi config
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-05 18:55:51 +01:00
ca861a78fb
bundles/grafana: do not auto-refresh dashboards
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-05 13:49:17 +01:00
8ed4aa3751
bundles/pacman: don't extract systemd-homed pam module
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-05 13:45:28 +01:00
14e7fff081
bundles/grafana: improve config
2022-03-05 13:45:16 +01:00
65ba43525f
bundles/icinga2: introduce new notification period 'daytime'
2022-03-05 08:29:10 +01:00
98cd2df8ff
bundles/nginx: add certificate name to icinga check
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-02 07:19:15 +01:00
be3dd6662e
kunsi-p14s: more packages
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-02 07:12:38 +01:00
0ba3df7385
bundles/zfs: unmount backup-snapshots recursively
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-01 06:32:23 +01:00
931d566736
bundles/backup-server: fix stupid in check_backup_for_node
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-28 21:09:04 +01:00
e909144544
bw/bundles/postgresql: do not auto-detect postgresql version from debian version
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-27 12:51:53 +01:00
e1f7c691c3
bundles/nfs-server: fix trailing whitespace
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-20 19:45:40 +01:00
83fb1a5e11
bundles/nfs-client: decrease timeout, set some default mount options
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-20 19:44:05 +01:00
dcb563b31e
bundles/systemd-networkd: remove BindCarrier
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-20 12:36:21 +01:00
88891b44be
bundles/nfs-server: ensure nfs runs on managed ports, fix firewall rules
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-20 08:24:38 +01:00
6267b4c33d
bundles/nfs-server: fix package name
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 20:09:53 +01:00
0a4da160fd
bundles/matrix-media-repo: add RestartSec
2022-02-19 20:02:08 +01:00
945e349d61
bundles/jenkins-ci: add systemd unit file
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 18:53:49 +01:00
bd45def053
bundles/{lldpd,nfs-server}: fix dependencies
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 17:49:53 +01:00
18674a1a4a
bundles/icinga2: always print status line in check_usv_snmp
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 17:44:46 +01:00
07d5a8cdae
bundles/systemd-networkd: add BindCarrier to bonds
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 11:29:29 +01:00
7e58e9c667
bundles/icinga2: simplify template
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 09:23:00 +01:00
8434eacd94
bundles/{lldp,nfs-server,smartd}: move package dependencies to metadata
2022-02-18 22:37:07 +01:00
Sophie Schiller
a01c28da21
various bundles: fix dependencies
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 22:18:44 +01:00
14fed8bc6e
bundles/zfs: move scrub to systemd-timer
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 21:10:50 +01:00
19dee89039
rx300: pin version of mx-puppet-discord for now
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 19:02:57 +01:00
94eff087a0
bundles/users: remove PROMPT_COMMAND from bashrc
2022-02-18 17:03:54 +01:00
468a0b0023
bundles/icinga2: remove unused code in hosts_template
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 16:25:59 +01:00
d35770c122
bundles/icinga2: rework config generation - use one file per host instead of one per bundle
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 12:25:34 +01:00
1f6520ac02
bundles/sshmon: ignore prereleases and drafts
2022-02-17 18:08:02 +01:00
22759ca52a
bundles/postfix: enable smtps
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-15 18:21:12 +01:00
83d58791bb
bundles/postgresql: set recordsize=8K for zfs
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 22:05:09 +01:00
e51ad5993a
bundles/users: ensure we have kitty terminfo
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 20:45:57 +01:00
6944da6769
fix syntaxerrors
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 07:56:51 +01:00
33d2d5beff
bundles/pacman: fix unattended-upgrades
2022-02-14 07:54:44 +01:00
1ee0b38133
bundles/telegraf: properly support arch linux
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 07:11:14 +01:00
e45237d70e
bundles/icinga2: do not check scam blocklists
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-13 09:51:03 +01:00
3c4700eb6d
bundles/openhab: clean up old backups before doing new ones
2022-02-13 09:48:37 +01:00
60c31d2d11
bundles/pacman: add opt-in unattended-upgrades
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-13 09:43:52 +01:00
14b402cdf3
bundles/backup-server: fix TypeError in check_backup_for_node
2022-02-13 09:42:59 +01:00
e4c317f677
add bundle:systemd-boot
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-13 09:24:11 +01:00
3c763820ed
bundles/pacman: ensure we have man
2022-02-13 09:23:30 +01:00
77e152f8ce
bundles/pacman: enable paccache.timer to clean up old package versions
2022-02-13 08:55:26 +01:00
5d7872042b
bundles/backup-server: add metadata backup-client/one_backup_every_hours
2022-02-12 19:04:15 +01:00
9a8e7abef4
kunsi-p14s: do backups
2022-02-12 18:56:54 +01:00
5be2610a86
bundles/systemd-networkd: don't manage resolv.conf if using resolved
2022-02-12 18:54:56 +01:00
03d1ada220
bundles/zfs: explicitely set mountpoint for all datasets
2022-02-12 18:09:40 +01:00
32b732e509
bundles/arch-with-gui: add some backup paths
2022-02-12 18:08:04 +01:00
c073599f6f
add kunsi-p14s, add bundle:arch-with-gui
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-12 14:06:53 +01:00
87bf6fac68
bundles/zfs: use systemd-timers for zfs snapshots
kunsi/bundlewrap/pipeline/head This commit looks good
2022-02-12 11:29:26 +01:00
c1bb43286d
bundles/zfs: support arch linux
2022-02-12 11:24:50 +01:00
961a2891a0
bundles/systemd-networkd: fix systemd-resolved not getting started
2022-02-12 11:24:19 +01:00
40485ced8a
bundles/systemd-timers: add support for multiple commands in timer
2022-02-07 07:01:19 +01:00
bc4f6e507a
bundles/c3voc-addons: fix .provides()
kunsi/bundlewrap/pipeline/head This commit looks good
2022-02-06 15:31:28 +01:00
6d1a24b034
bundles/gitea: use github releases instead of dl.gitea.io (which is slow)
2022-02-06 15:25:33 +01:00
a627437fce
bundles/systemd-timers: fix shebang in check
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-06 13:42:08 +01:00
0674b3f8db
bundles/netbox: move housekeeping to systemd timers
2022-02-06 13:40:33 +01:00
0599c4dae0
add bundle:systemd-timers
2022-02-06 13:39:52 +01:00
d51d7316d0
bundles/backup-client: remove duplicate space
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-05 15:39:55 +01:00
12af28cb13
bundles/pretalx: specifying a revision is now mandatory
2022-02-05 11:42:18 +01:00
0d865c93d4
bundles/cron: use MAILTO=, rework metadata syntax
2022-02-05 11:41:41 +01:00
4cfbdb32d6
bundles/apt: check for "reboot required" in icinga check only
...
kunsi/bundlewrap/pipeline/head There was a failure building this commit
This avoids the need to manually adjust the status file after a reboot of
the server.
2022-01-30 11:43:14 +01:00
11969b6064
bundles/travelynx: changing the imprint does not require restarting the worker process
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-29 09:24:23 +01:00
8a24af27ee
bundles/openhab: backup-client/pre-hooks must not be a list
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-24 07:29:36 +01:00
b14f5aea58
bundles/openhab: also include /usr/share/openhab/addons in backups
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-24 07:28:26 +01:00
031d647864
bundles/openhab: do full backup in backup-pre-hooks
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-24 07:26:34 +01:00
0ccb983b28
bundles/apt: fix metadata key mess (unattended-upgrades vs unattended_upgrades)
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-23 05:47:42 +01:00
b21c8f6dbb
bundles/pacman: fix SyntaxError
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-13 16:04:37 +01:00
0dd9b061b9
bundles/scansnap: fix backup metadata
2022-01-13 15:54:49 +01:00
5b2e5fc838
bundles/backup-server: do not alert for one missing day of backups
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-09 08:26:08 +01:00
5df546754f
bundles/pacman: fix install_gui package definition
2022-01-09 08:23:59 +01:00
40a9ac4523
bundles/sshmon: add check if OOM killer was active
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-07 18:07:33 +01:00
14e4415e5f
bundles/backup-client: rework backup generation
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-07 08:29:34 +01:00
b20e729298
bundles/backup-server: add option to disable "last backup" check
2022-01-05 22:57:30 +01:00
c535ce24a4
bundles/backup-client: show timezone in backup check
2022-01-05 22:57:26 +01:00
35104cb8ce
bundles/backup-client: add check for last backup of specific client
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-05 22:44:55 +01:00
b5f93ceb48
bundles/zfs: fix typo
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-05 10:03:54 +01:00
c9054a243a
backups: do backup rotation ourselves instead of relying on zfs-auto-snapshot
2022-01-05 09:59:09 +01:00
b6eb12ed90
bundles/zfs: add option to disable snapshots for dataset tree
2022-01-05 09:52:20 +01:00
a3300cde98
bundles/paperless: ensure we're doing backups of the actual data, too
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-05 07:50:22 +01:00
3e0269ba99
bundles/backup-{client,server}: use node names, only deploy users to correct backup server
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 17:15:56 +01:00
5a34d9d58c
bundles/systemd-networkd: add option to enable RA for nodes without dhcp
2022-01-04 15:47:05 +01:00
245b2219ee
bundles/backup-client: spread backups further apart
2022-01-04 15:34:53 +01:00
2c4eb03214
bundles/backup-server: auto-import pool after decrypting
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 15:24:22 +01:00
fb931df4f0
bundles/apt: add flag to disable automatic rebooting
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 15:15:19 +01:00
4c59479d5c
bundles/backup-server: add option for encrypted devices
2022-01-04 15:15:16 +01:00
d0b8ccef64
add bundle:dm-crypt
2022-01-04 15:15:13 +01:00
906b63b123
move hostname stuff to libs.tools.resolve_identifier
2022-01-04 15:15:11 +01:00
36a4ebcdd6
bundles/powerdns: also try to use node.hostname for dns generation
2022-01-04 15:15:03 +01:00
dc2b2ae86b
bundles/check-mail-received: move check source to icinga2 itself
2022-01-02 14:50:32 +01:00
59fd71ac6f
update mautrix-telegram to 0.11.0
2022-01-02 13:38:23 +01:00
390f18a3a4
hooks: test zfs metadata consistency
2021-12-29 13:23:07 +01:00
0b4f0e142f
bundles/zfs: explicitely set canmount and mountpoint if not specified
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-28 16:58:42 +01:00
803e1dc411
bundles/mautrix-whatsapp: no need for regular restarts any more
2021-12-28 16:48:43 +01:00
7cfe080e6f
bundles/sshmon: add check_pypi_for_new_release
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-25 11:40:23 +01:00
0ac0fe072d
bundles/pretalx: wait for migrations before regenerating css and rebuilding stuff
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-25 10:00:26 +01:00
44fcdc7d11
bundles/icinga: set cascade_skip=False for icinga_notification_wrapper
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 16:29:18 +01:00
Sophie Schiller
d6ec8de7c6
cleanup duplicated metadata
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 15:39:28 +01:00
6292dd4c71
bundles/infobeamer-cms: config is toml now, deploy to src/
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 15:30:25 +01:00
Sophie Schiller
b39d87f33f
infobeamer-cms: set sensible start time
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 14:56:02 +01:00
cda1dc2095
bundles/infobeamer-cms: use curl -s
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 13:04:31 +01:00
7dc584d8cb
bundles/infobeamer-cms: adjust config to new version
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 12:17:14 +01:00
ba294f6a6c
Merge pull request 'Add new Node and bundle for infobeamer-cms' ( #49 ) from sschi-infobeamer-cms into main
...
kunsi/bundlewrap/pipeline/head This commit looks good
Reviewed-on: #49
2021-12-24 10:57:58 +00:00
caf2ff6a30
update matrix-media-repo to 1.2.10
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 09:23:58 +01:00
0383fa0a67
bundles/{rspamd,netbox}: update redis database number
2021-12-24 09:09:28 +01:00
Sophie Schiller
678f558f4a
infobeamer-cms: WHITESPACE
kunsi/bundlewrap/pipeline/head This commit looks good
kunsi/bundlewrap/pipeline/pr-main This commit looks good
2021-12-23 19:45:24 +01:00
Sophie Schiller
18e30178a4
letsencrypt: add openssl package
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-12-23 19:39:12 +01:00
Sophie Schiller
bac2a369c4
infobeamer-cms: make usable
2021-12-23 19:39:12 +01:00
Sophie Schiller
bf125a73b1
infobeamer-cms: initial commit
2021-12-23 19:39:06 +01:00
d288923969
get redis database mapping from libs.defaults
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-23 07:39:08 +01:00
b6b5beaa27
bundles/netbox: send update notification mails
2021-12-22 11:12:34 +01:00
b8a109efb0
bundles/sshmon: rewrite check_github_for_new_release
2021-12-22 11:09:26 +01:00
38b449af35
bundles/letsencrypt: only run dehydrated after installing it
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-19 14:17:41 +01:00
de3580a7d3
bundles/letsencrypt: ensure-some-certificate shouldn't create 10-year-certs
2021-12-19 06:36:11 +01:00
04450d4b4c
bundles/sudo: disable syslog spam
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-19 06:23:05 +01:00
5261375574
bundles/pppd: add systemd-timer to automatically update dyndns
2021-12-19 06:21:04 +01:00
376dba347f
bundles/php: allow configuring of memory_limit and clear_env
2021-12-18 18:54:00 +01:00
2b06c77439
bundles/pppd: allow dynamic configuration of nftables rules
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-14 16:18:11 +01:00
0101e0c92d
bundles/nftables: store rules in dedicated files instead of nftables.conf
kunsi/bundlewrap/pipeline/pr-main This commit looks good
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-14 15:27:30 +01:00
c6c5d40084
bundles/nftables: add support for restricting to "all ipv6" and "all ipv4"
2021-12-14 12:40:54 +01:00
e2efe87308
rx300: update netbox to 3.1.0
2021-12-12 08:36:18 +01:00
7eec5c42e3
bundles/icinga2: do not send sms or mail for services when sms/mail was disabled for host
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-04 20:07:36 +01:00
0531ecd217
bundles/gitea: downloading gitea does not need restarting
...
kunsi/bundlewrap/pipeline/head This commit looks good
we're stopping gitea beforehand, then start it again afterwards. No need
to restart it again.
2021-12-04 20:01:35 +01:00
d44c87e8a7
move SPAM BLOCKLIST check to icinga2 itself
...
kunsi/bundlewrap/pipeline/head This commit looks good
somehow, we tend to get false positives if we run that check on the
node itself.
2021-11-28 07:26:41 +01:00
74f5b25f0d
various fixes, remove some TODOs
2021-11-27 10:40:20 +01:00
a76c60f881
bundles/nftables: fix shebang
2021-11-26 18:36:16 +01:00
632a1f6e75
voc,pretalx: install plugin lower_thirds
kunsi/bundlewrap/pipeline/head This commit looks good
2021-11-21 09:42:02 +01:00
998b776b9f
bundles/kodi: fix .provides()
kunsi/bundlewrap/pipeline/head This commit looks good
2021-11-15 21:45:41 +01:00
e4e340e431
bundles/grafana: fix spanning for battery row
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:36:45 +01:00
52fbcfb43e
bundles/grafana: add some filling to battery row
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:31:15 +01:00
7969ae9ebe
bundles/grafana: fix value for battery dashboard row
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:26:23 +01:00
e17d1ab02f
add bundle:telegraf-battery-usage
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:18:42 +01:00
e10ac0e57f
bundles/matrix-{media-repo,synapse}: catch all them metrics into influxdb
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-09 18:26:52 +01:00
8f6b8632f5
bundles/{element-web,hedgedoc,powerdnsadmin}: use 'yarn install --ignore-scripts'
2021-11-09 18:10:22 +01:00
33b6700848
bundles/mautrix-whatsapp: use precompiled binary
2021-11-09 18:10:17 +01:00
Sophie Schiller
eef463afbd
hedgedoc: forbid access to metrics and stats
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-09 11:58:11 +01:00
Sophie Schiller
55798ac704
hedgedoc: add telegraf config for hedgedoc metrics
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-09 11:48:03 +01:00
0398df8f3a
bundles/openhab: fix website_check_string
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-10-31 10:31:13 +01:00
0412c9042a
bundles/wireguard: fix stderr handling of wg_health_check
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-10-31 09:49:37 +01:00
f482874310
home.openhab: install and configure openhab
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-10-31 09:43:53 +01:00
2f885e7bfb
bundles/kodi: allow websocket port in firewall
2021-10-31 09:43:07 +01:00
ee86b5a121
bundles/wireguard: less spammy output for wg_health_check
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-30 19:36:20 +02:00
0a131b4248
bundles/grafana: add voltages and power usage to ipmitool
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-18 19:48:19 +02:00
8300f48541
add bundle:ipmitool, add grafana dashboard row
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-18 19:42:27 +02:00
92b2e19e44
bundles/grafana: fix line width for fans
2021-10-18 19:41:16 +02:00
3775bcb9db
bundles/telegraf: add cache directory
2021-10-18 19:34:20 +02:00
5885e4b043
bundles/users: add lsb_release and local date to status line
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-16 07:42:19 +02:00
29eef9ec59
htop: fix sorting
2021-10-16 07:38:57 +02:00
94cba4283b
bundles/pretalx: fixup cron
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-15 20:10:46 +02:00
86953e60bd
bundles/pretalx: add script to automatically set is_administrator and is_staff based on group membership
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-15 20:03:15 +02:00
095d425de1
bundles/wireguard: do not run wg_health_check during bw apply
2021-10-14 09:02:01 +02:00
9188b28b7a
bundles/wireguard: add wg_health_check
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-14 08:54:54 +02:00
61e5591628
bundles/systemd-networkd: fix bridge-in-bridge-setup on home.nas not working properly
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-11 20:46:07 +02:00
8656f99f8e
bundles/wireguard: re-add reconnect script for added resiliency
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-30 06:37:42 +02:00
30d4d989fc
add bundle:bird
2021-09-29 19:45:18 +02:00
fe44417b14
bundles/systemd-networkd: add dummy interfaces
2021-09-29 19:44:37 +02:00
996ef6e115
bundles/nftables: more sorted()
2021-09-29 19:44:13 +02:00
5f1f4fd654
bundles/wireguard: add option 'snat_to' for connections
2021-09-29 19:43:29 +02:00
902840ee7f
bundles/wireguard: use one wireguard connection per peer instead of one for all
2021-09-29 19:27:13 +02:00
2b0e3a4bf0
bundles/powerdns: use only public ips or those attached to physical interfaces to create dns records
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-25 11:08:18 +02:00
b81153e957
bundles/netbox: fix upgrade command
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-22 16:43:59 +02:00
05d69c1f12
bundles/powerdns: use named-checkzone to verify zone integrity
2021-09-22 16:42:26 +02:00
bb8910d15f
bundles/gitea: use metadata.get()
2021-09-22 16:38:27 +02:00
b21f7c856a
bundles/gitea: switch to new file type 'download'
2021-09-21 07:55:15 +02:00
ed2bb66e3e
bundles/basic: add links to icinga, grafana and nginx vhosts to login message
2021-09-16 19:33:11 +02:00
5a7d0b0afd
bundles/icinga2: don't skip everything if check_sipgate_account_balance can't get applied
2021-09-16 19:33:08 +02:00
Sophie Schiller
c9f9a27096
bundle/hedgedoc add new csp defaults
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-14 20:23:01 +02:00
Sophie Schiller
738dbd94a0
bundle/hedgedoc improve dependencies
2021-09-14 20:23:01 +02:00
Sophie Schiller
481c1c85e5
bundle/nginx set instead of HTTPS
2021-09-14 20:23:01 +02:00
Sophie Schiller
77a14a0017
bundle/hedgedoc remove quoting inconsistencies
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-11 20:24:10 +02:00
Sophie Schiller
09da9a8d92
bundle/hedgedoc improve config rendering to not produce errors with faults
kunsi/bundlewrap/pipeline/head This commit looks good
kunsi/bundlewrap/pipeline/pr-main Build started...
2021-09-11 20:07:52 +02:00
Sophie Schiller
3d3994789e
bundle/hedgedoc update wbsite check
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-09-11 19:56:49 +02:00
Sophie Schiller
478a8da9f4
bundles/hedgedoc add new bundle
2021-09-11 19:47:28 +02:00
f77d6df1e5
bundles/matrix-dimension: fix dependencies
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-08 15:16:00 +02:00
05f9712b24
bundles/rspamd: change dmarc reporting sender to working address
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-08 14:43:22 +02:00
de6249c65d
dns: fix some errors
2021-09-06 16:42:14 +02:00
78fda4f9e9
bundles/rspamd: do not try to resolve faults in items.py
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-06 09:28:30 +02:00
3039a0900e
bundles/rspamd: add alias for dmarc reports
2021-09-06 09:14:18 +02:00
4ca0926546
bundles/rspamd: send dmarc reports
2021-09-06 09:11:36 +02:00
43bcd75e87
update netbox to 3.0.1
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-09-02 07:52:11 +02:00
c7fd6ee041
bundles/grafana: make rspamd row more pretty
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-08-25 15:15:09 +02:00
2940bfd3d8
bundles/rspamd: add telegraf metrics
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-08-23 22:24:59 +02:00
3f38497585
bundles/vmhost: add metadata reactor to add all admins to 'libvirt' group
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-22 07:25:46 +02:00
65462ca536
bundles/nginx: default redirect mode should be 308
2021-08-22 07:20:45 +02:00
d94df613c5
bundles/netbox: fix ADMINS
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-21 12:46:55 +02:00
c6fe9d5eb2
bundles/postfix: fix .provides()
2021-08-21 12:32:47 +02:00
b0d2503f08
add bundle:netbox
2021-08-21 12:32:40 +02:00
4cb89d699c
bundles/grafana: fix missing derivative() in dovecot row
2021-08-21 08:39:39 +02:00
12ca6f4ff7
bundles/postfix: open up SMTPS
2021-08-21 08:12:21 +02:00
3da3c00310
bundles/rspamd: changing of .map files does not need restarting
2021-08-21 07:48:02 +02:00
ea9abc5f73
bundles/grafana: add dashboard row for dovecot
2021-08-21 07:47:24 +02:00
96f1604879
bundles/dovecot: some fixes
...
- fix postfix/myhostname default
- ensure old_stats plugin is enabled
- ensure permissions for old_stats plugin
- ensure /etc/dovecot/ssl exists
- remove unneeded configuration files
2021-08-21 07:31:22 +02:00
8301664d9a
bundles/{grafana,influxdb2}: fix more permissions
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-20 13:33:28 +02:00
72d91767ec
bundles/influxdb: fix INFLUXDB PROCESS check
2021-08-20 13:25:40 +02:00
949e139978
bundles/telegraf: influxdata has bullseye repos now
2021-08-20 13:25:22 +02:00
f0987ccb44
bundles/unbound: automatically restart unbound if dns resolution fails for more than five minutes
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-19 20:03:24 +02:00
35938ead04
bundles/unbound: less caching of negative results
2021-08-19 20:02:27 +02:00
4167d3cb22
update to bw 4.11.2
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-17 18:10:35 +02:00
5bbd188b0b
bundles/pretalx: no sudo for rebuilding
2021-08-17 16:46:58 +02:00
d507f6794f
bundles/apt: ensure we have ncurses-term
...
If that's not installed, we get weird drawing issues in tmux.
2021-08-17 16:42:26 +02:00
25ea5af2db
bundles/smartd: add cronjob to schedule a monthly long test
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-08-15 16:22:34 +02:00
bd10dc578f
bundles/pppd: refactor check_dyndns_update
...
kunsi/bundlewrap/pipeline/head There was a failure building this commit
We don't care about what the DNS provider said when updating the ip
address. The only thing we care about is wether the current external ip
of the system matches the resolved ip address.
2021-08-14 08:00:43 +02:00
bb519adb2c
bundles/backup-client: more logging, fix wrong variable name
2021-08-08 07:47:07 +02:00
c14bb43993
bundles/grafana: fix derivative for wireguard last handshake time
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-07 23:32:39 +02:00
Sophie Schiller
e8d1582ed4
bw/nginx i hate whitespace
kunsi/bundlewrap/pipeline/head This commit looks good
kunsi/bundlewrap/pipeline/pr-main This commit looks good
2021-08-07 22:01:40 +02:00
Sophie Schiller
6e3603553f
bw/nginx retab everything
kunsi/bundlewrap/pipeline/head There was a failure building this commit
kunsi/bundlewrap/pipeline/pr-main There was a failure building this commit
2021-08-07 21:59:07 +02:00
Sophie Schiller
ab21983a4f
bw/nginx add not found page and deployment of error pages
kunsi/bundlewrap/pipeline/pr-main There was a failure building this commit
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-08-07 21:52:39 +02:00
d9d98116e6
bundles/grafana: increase proxy_read_timeout for /api/ds/query
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-07 20:02:57 +02:00