c535ce24a4
bundles/backup-client: show timezone in backup check
2022-01-05 22:57:26 +01:00
35104cb8ce
bundles/backup-client: add check for last backup of specific client
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-05 22:44:55 +01:00
b5f93ceb48
bundles/zfs: fix typo
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-05 10:03:54 +01:00
c9054a243a
backups: do backup rotation ourselves instead of relying on zfs-auto-snapshot
2022-01-05 09:59:09 +01:00
b6eb12ed90
bundles/zfs: add option to disable snapshots for dataset tree
2022-01-05 09:52:20 +01:00
a3300cde98
bundles/paperless: ensure we're doing backups of the actual data, too
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-05 07:50:22 +01:00
3e0269ba99
bundles/backup-{client,server}: use node names, only deploy users to correct backup server
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 17:15:56 +01:00
5a34d9d58c
bundles/systemd-networkd: add option to enable RA for nodes without dhcp
2022-01-04 15:47:05 +01:00
245b2219ee
bundles/backup-client: spread backups further apart
2022-01-04 15:34:53 +01:00
2c4eb03214
bundles/backup-server: auto-import pool after decrypting
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 15:24:22 +01:00
fb931df4f0
bundles/apt: add flag to disable automatic rebooting
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 15:15:19 +01:00
4c59479d5c
bundles/backup-server: add option for encrypted devices
2022-01-04 15:15:16 +01:00
d0b8ccef64
add bundle:dm-crypt
2022-01-04 15:15:13 +01:00
906b63b123
move hostname stuff to libs.tools.resolve_identifier
2022-01-04 15:15:11 +01:00
36a4ebcdd6
bundles/powerdns: also try to use node.hostname for dns generation
2022-01-04 15:15:03 +01:00
dc2b2ae86b
bundles/check-mail-received: move check source to icinga2 itself
2022-01-02 14:50:32 +01:00
59fd71ac6f
update mautrix-telegram to 0.11.0
2022-01-02 13:38:23 +01:00
390f18a3a4
hooks: test zfs metadata consistency
2021-12-29 13:23:07 +01:00
0b4f0e142f
bundles/zfs: explicitely set canmount and mountpoint if not specified
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-28 16:58:42 +01:00
803e1dc411
bundles/mautrix-whatsapp: no need for regular restarts any more
2021-12-28 16:48:43 +01:00
7cfe080e6f
bundles/sshmon: add check_pypi_for_new_release
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-25 11:40:23 +01:00
0ac0fe072d
bundles/pretalx: wait for migrations before regenerating css and rebuilding stuff
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-25 10:00:26 +01:00
44fcdc7d11
bundles/icinga: set cascade_skip=False for icinga_notification_wrapper
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 16:29:18 +01:00
Sophie Schiller
d6ec8de7c6
cleanup duplicated metadata
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 15:39:28 +01:00
6292dd4c71
bundles/infobeamer-cms: config is toml now, deploy to src/
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 15:30:25 +01:00
Sophie Schiller
b39d87f33f
infobeamer-cms: set sensible start time
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 14:56:02 +01:00
cda1dc2095
bundles/infobeamer-cms: use curl -s
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 13:04:31 +01:00
7dc584d8cb
bundles/infobeamer-cms: adjust config to new version
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 12:17:14 +01:00
ba294f6a6c
Merge pull request 'Add new Node and bundle for infobeamer-cms' ( #49 ) from sschi-infobeamer-cms into main
...
kunsi/bundlewrap/pipeline/head This commit looks good
Reviewed-on: #49
2021-12-24 10:57:58 +00:00
caf2ff6a30
update matrix-media-repo to 1.2.10
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 09:23:58 +01:00
0383fa0a67
bundles/{rspamd,netbox}: update redis database number
2021-12-24 09:09:28 +01:00
Sophie Schiller
678f558f4a
infobeamer-cms: WHITESPACE
kunsi/bundlewrap/pipeline/head This commit looks good
kunsi/bundlewrap/pipeline/pr-main This commit looks good
2021-12-23 19:45:24 +01:00
Sophie Schiller
18e30178a4
letsencrypt: add openssl package
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-12-23 19:39:12 +01:00
Sophie Schiller
bac2a369c4
infobeamer-cms: make usable
2021-12-23 19:39:12 +01:00
Sophie Schiller
bf125a73b1
infobeamer-cms: initial commit
2021-12-23 19:39:06 +01:00
d288923969
get redis database mapping from libs.defaults
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-23 07:39:08 +01:00
b6b5beaa27
bundles/netbox: send update notification mails
2021-12-22 11:12:34 +01:00
b8a109efb0
bundles/sshmon: rewrite check_github_for_new_release
2021-12-22 11:09:26 +01:00
38b449af35
bundles/letsencrypt: only run dehydrated after installing it
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-19 14:17:41 +01:00
de3580a7d3
bundles/letsencrypt: ensure-some-certificate shouldn't create 10-year-certs
2021-12-19 06:36:11 +01:00
04450d4b4c
bundles/sudo: disable syslog spam
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-19 06:23:05 +01:00
5261375574
bundles/pppd: add systemd-timer to automatically update dyndns
2021-12-19 06:21:04 +01:00
376dba347f
bundles/php: allow configuring of memory_limit and clear_env
2021-12-18 18:54:00 +01:00
2b06c77439
bundles/pppd: allow dynamic configuration of nftables rules
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-14 16:18:11 +01:00
0101e0c92d
bundles/nftables: store rules in dedicated files instead of nftables.conf
kunsi/bundlewrap/pipeline/pr-main This commit looks good
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-14 15:27:30 +01:00
c6c5d40084
bundles/nftables: add support for restricting to "all ipv6" and "all ipv4"
2021-12-14 12:40:54 +01:00
e2efe87308
rx300: update netbox to 3.1.0
2021-12-12 08:36:18 +01:00
7eec5c42e3
bundles/icinga2: do not send sms or mail for services when sms/mail was disabled for host
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-04 20:07:36 +01:00
0531ecd217
bundles/gitea: downloading gitea does not need restarting
...
kunsi/bundlewrap/pipeline/head This commit looks good
we're stopping gitea beforehand, then start it again afterwards. No need
to restart it again.
2021-12-04 20:01:35 +01:00
d44c87e8a7
move SPAM BLOCKLIST check to icinga2 itself
...
kunsi/bundlewrap/pipeline/head This commit looks good
somehow, we tend to get false positives if we run that check on the
node itself.
2021-11-28 07:26:41 +01:00
74f5b25f0d
various fixes, remove some TODOs
2021-11-27 10:40:20 +01:00
a76c60f881
bundles/nftables: fix shebang
2021-11-26 18:36:16 +01:00
632a1f6e75
voc,pretalx: install plugin lower_thirds
kunsi/bundlewrap/pipeline/head This commit looks good
2021-11-21 09:42:02 +01:00
998b776b9f
bundles/kodi: fix .provides()
kunsi/bundlewrap/pipeline/head This commit looks good
2021-11-15 21:45:41 +01:00
e4e340e431
bundles/grafana: fix spanning for battery row
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:36:45 +01:00
52fbcfb43e
bundles/grafana: add some filling to battery row
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:31:15 +01:00
7969ae9ebe
bundles/grafana: fix value for battery dashboard row
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:26:23 +01:00
e17d1ab02f
add bundle:telegraf-battery-usage
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:18:42 +01:00
e10ac0e57f
bundles/matrix-{media-repo,synapse}: catch all them metrics into influxdb
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-09 18:26:52 +01:00
8f6b8632f5
bundles/{element-web,hedgedoc,powerdnsadmin}: use 'yarn install --ignore-scripts'
2021-11-09 18:10:22 +01:00
33b6700848
bundles/mautrix-whatsapp: use precompiled binary
2021-11-09 18:10:17 +01:00
Sophie Schiller
eef463afbd
hedgedoc: forbid access to metrics and stats
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-09 11:58:11 +01:00
Sophie Schiller
55798ac704
hedgedoc: add telegraf config for hedgedoc metrics
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-09 11:48:03 +01:00
0398df8f3a
bundles/openhab: fix website_check_string
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-10-31 10:31:13 +01:00
0412c9042a
bundles/wireguard: fix stderr handling of wg_health_check
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-10-31 09:49:37 +01:00
f482874310
home.openhab: install and configure openhab
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-10-31 09:43:53 +01:00
2f885e7bfb
bundles/kodi: allow websocket port in firewall
2021-10-31 09:43:07 +01:00
ee86b5a121
bundles/wireguard: less spammy output for wg_health_check
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-30 19:36:20 +02:00
0a131b4248
bundles/grafana: add voltages and power usage to ipmitool
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-18 19:48:19 +02:00
8300f48541
add bundle:ipmitool, add grafana dashboard row
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-18 19:42:27 +02:00
92b2e19e44
bundles/grafana: fix line width for fans
2021-10-18 19:41:16 +02:00
3775bcb9db
bundles/telegraf: add cache directory
2021-10-18 19:34:20 +02:00
5885e4b043
bundles/users: add lsb_release and local date to status line
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-16 07:42:19 +02:00
29eef9ec59
htop: fix sorting
2021-10-16 07:38:57 +02:00
94cba4283b
bundles/pretalx: fixup cron
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-15 20:10:46 +02:00
86953e60bd
bundles/pretalx: add script to automatically set is_administrator and is_staff based on group membership
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-15 20:03:15 +02:00
095d425de1
bundles/wireguard: do not run wg_health_check during bw apply
2021-10-14 09:02:01 +02:00
9188b28b7a
bundles/wireguard: add wg_health_check
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-14 08:54:54 +02:00
61e5591628
bundles/systemd-networkd: fix bridge-in-bridge-setup on home.nas not working properly
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-11 20:46:07 +02:00
8656f99f8e
bundles/wireguard: re-add reconnect script for added resiliency
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-30 06:37:42 +02:00
30d4d989fc
add bundle:bird
2021-09-29 19:45:18 +02:00
fe44417b14
bundles/systemd-networkd: add dummy interfaces
2021-09-29 19:44:37 +02:00
996ef6e115
bundles/nftables: more sorted()
2021-09-29 19:44:13 +02:00
5f1f4fd654
bundles/wireguard: add option 'snat_to' for connections
2021-09-29 19:43:29 +02:00
902840ee7f
bundles/wireguard: use one wireguard connection per peer instead of one for all
2021-09-29 19:27:13 +02:00
2b0e3a4bf0
bundles/powerdns: use only public ips or those attached to physical interfaces to create dns records
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-25 11:08:18 +02:00
b81153e957
bundles/netbox: fix upgrade command
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-22 16:43:59 +02:00
05d69c1f12
bundles/powerdns: use named-checkzone to verify zone integrity
2021-09-22 16:42:26 +02:00
bb8910d15f
bundles/gitea: use metadata.get()
2021-09-22 16:38:27 +02:00
b21f7c856a
bundles/gitea: switch to new file type 'download'
2021-09-21 07:55:15 +02:00
ed2bb66e3e
bundles/basic: add links to icinga, grafana and nginx vhosts to login message
2021-09-16 19:33:11 +02:00
5a7d0b0afd
bundles/icinga2: don't skip everything if check_sipgate_account_balance can't get applied
2021-09-16 19:33:08 +02:00
Sophie Schiller
c9f9a27096
bundle/hedgedoc add new csp defaults
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-14 20:23:01 +02:00
Sophie Schiller
738dbd94a0
bundle/hedgedoc improve dependencies
2021-09-14 20:23:01 +02:00
Sophie Schiller
481c1c85e5
bundle/nginx set instead of HTTPS
2021-09-14 20:23:01 +02:00
Sophie Schiller
77a14a0017
bundle/hedgedoc remove quoting inconsistencies
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-11 20:24:10 +02:00
Sophie Schiller
09da9a8d92
bundle/hedgedoc improve config rendering to not produce errors with faults
kunsi/bundlewrap/pipeline/head This commit looks good
kunsi/bundlewrap/pipeline/pr-main Build started...
2021-09-11 20:07:52 +02:00
Sophie Schiller
3d3994789e
bundle/hedgedoc update wbsite check
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-09-11 19:56:49 +02:00
Sophie Schiller
478a8da9f4
bundles/hedgedoc add new bundle
2021-09-11 19:47:28 +02:00
f77d6df1e5
bundles/matrix-dimension: fix dependencies
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-08 15:16:00 +02:00
05f9712b24
bundles/rspamd: change dmarc reporting sender to working address
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-08 14:43:22 +02:00
de6249c65d
dns: fix some errors
2021-09-06 16:42:14 +02:00
78fda4f9e9
bundles/rspamd: do not try to resolve faults in items.py
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-06 09:28:30 +02:00
3039a0900e
bundles/rspamd: add alias for dmarc reports
2021-09-06 09:14:18 +02:00
4ca0926546
bundles/rspamd: send dmarc reports
2021-09-06 09:11:36 +02:00
43bcd75e87
update netbox to 3.0.1
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-09-02 07:52:11 +02:00
c7fd6ee041
bundles/grafana: make rspamd row more pretty
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-08-25 15:15:09 +02:00
2940bfd3d8
bundles/rspamd: add telegraf metrics
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-08-23 22:24:59 +02:00
3f38497585
bundles/vmhost: add metadata reactor to add all admins to 'libvirt' group
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-22 07:25:46 +02:00
65462ca536
bundles/nginx: default redirect mode should be 308
2021-08-22 07:20:45 +02:00
d94df613c5
bundles/netbox: fix ADMINS
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-21 12:46:55 +02:00
c6fe9d5eb2
bundles/postfix: fix .provides()
2021-08-21 12:32:47 +02:00
b0d2503f08
add bundle:netbox
2021-08-21 12:32:40 +02:00
4cb89d699c
bundles/grafana: fix missing derivative() in dovecot row
2021-08-21 08:39:39 +02:00
12ca6f4ff7
bundles/postfix: open up SMTPS
2021-08-21 08:12:21 +02:00
3da3c00310
bundles/rspamd: changing of .map files does not need restarting
2021-08-21 07:48:02 +02:00
ea9abc5f73
bundles/grafana: add dashboard row for dovecot
2021-08-21 07:47:24 +02:00
96f1604879
bundles/dovecot: some fixes
...
- fix postfix/myhostname default
- ensure old_stats plugin is enabled
- ensure permissions for old_stats plugin
- ensure /etc/dovecot/ssl exists
- remove unneeded configuration files
2021-08-21 07:31:22 +02:00
8301664d9a
bundles/{grafana,influxdb2}: fix more permissions
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-20 13:33:28 +02:00
72d91767ec
bundles/influxdb: fix INFLUXDB PROCESS check
2021-08-20 13:25:40 +02:00
949e139978
bundles/telegraf: influxdata has bullseye repos now
2021-08-20 13:25:22 +02:00
f0987ccb44
bundles/unbound: automatically restart unbound if dns resolution fails for more than five minutes
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-19 20:03:24 +02:00
35938ead04
bundles/unbound: less caching of negative results
2021-08-19 20:02:27 +02:00
4167d3cb22
update to bw 4.11.2
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-17 18:10:35 +02:00
5bbd188b0b
bundles/pretalx: no sudo for rebuilding
2021-08-17 16:46:58 +02:00
d507f6794f
bundles/apt: ensure we have ncurses-term
...
If that's not installed, we get weird drawing issues in tmux.
2021-08-17 16:42:26 +02:00
25ea5af2db
bundles/smartd: add cronjob to schedule a monthly long test
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-08-15 16:22:34 +02:00
bd10dc578f
bundles/pppd: refactor check_dyndns_update
...
kunsi/bundlewrap/pipeline/head There was a failure building this commit
We don't care about what the DNS provider said when updating the ip
address. The only thing we care about is wether the current external ip
of the system matches the resolved ip address.
2021-08-14 08:00:43 +02:00
bb519adb2c
bundles/backup-client: more logging, fix wrong variable name
2021-08-08 07:47:07 +02:00
c14bb43993
bundles/grafana: fix derivative for wireguard last handshake time
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-07 23:32:39 +02:00
Sophie Schiller
e8d1582ed4
bw/nginx i hate whitespace
kunsi/bundlewrap/pipeline/head This commit looks good
kunsi/bundlewrap/pipeline/pr-main This commit looks good
2021-08-07 22:01:40 +02:00
Sophie Schiller
6e3603553f
bw/nginx retab everything
kunsi/bundlewrap/pipeline/head There was a failure building this commit
kunsi/bundlewrap/pipeline/pr-main There was a failure building this commit
2021-08-07 21:59:07 +02:00
Sophie Schiller
ab21983a4f
bw/nginx add not found page and deployment of error pages
kunsi/bundlewrap/pipeline/pr-main There was a failure building this commit
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-08-07 21:52:39 +02:00
d9d98116e6
bundles/grafana: increase proxy_read_timeout for /api/ds/query
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-07 20:02:57 +02:00
0a77b72cd3
update mautrix-whatsapp to 0.1.8
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-07 18:57:31 +02:00
05de574471
bundles/backup-client: sleep a bit if backup did finish non-zero to increase chances of success
2021-08-07 10:30:19 +02:00
04cee2b4c3
bundles/icinga2: fix file permissions
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-07 07:13:41 +02:00
b677eaf187
bundles/grafana: fix file permissions
2021-08-07 07:03:15 +02:00
da49a907f7
bundles/nftables: set RemainAfterExit=yes
2021-08-07 07:01:00 +02:00
8eb7cbf6fd
bundles/mautrix-whatsapp: don't restart so often
2021-08-07 07:00:27 +02:00
8fd73e09de
bundles/backup-client: retry backups
...
rsync just fails too often in the last couple of days. I don't want to
babysit this every morning.
2021-08-07 06:59:33 +02:00
3c105d3295
bundles/mautrix-*: repository has moved
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-06 16:25:21 +02:00
ffefb56f83
bundles/chekc-mail-received: increase sshmon timeout
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-04 16:07:13 +02:00
0f425036b2
bundles/backup-client: fix newlines
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-04 15:55:14 +02:00
91a527c35a
bundles/mautrix-telegram: change animated stickers to webm
2021-08-01 12:41:47 +02:00
b94ab9de9c
bundles/nodejs: fix type for apt repo items
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-01 08:20:06 +02:00
58d2576ec9
bundles/backup-server: fix dependencies
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-01 07:57:48 +02:00
e596b45344
bundles/backup-client: actually show which rsync call produced which error
2021-08-01 07:57:22 +02:00
9f8878ae8f
bundles/pacman: manage pacman.conf
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-30 14:27:30 +02:00
407d84a8c6
bundles/matrix-synapse: add option to automatically provision other nginx vhosts with wellknown data
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-29 17:33:48 +02:00
2f79f55da5
bundles/mautrix-whatsapp: fix cronjob
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-29 17:13:08 +02:00
df137f73a6
bundles/apt: symlink /usr/bin/python to python3
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-25 13:32:59 +02:00
e51e1113bb
bundles/sysctl: work around debian bug
...
The debian systemd will silently overwrite /etc/sysctl.d/99-sysctl.conf
with a symlink to /etc/sysctl.conf. We don't want that.
2021-07-25 13:31:00 +02:00
4666f1c923
bundles/users: remove duplicate keys from ssh pubkeys
2021-07-24 12:10:03 +02:00
9aa389ea28
bundles/matrix-media-repo: less strict rate limits
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-23 20:17:06 +02:00
e7023d087b
bundles/matrix-dimension: add zfs
2021-07-23 19:53:49 +02:00
79e6c841a7
bundles/grafana: add dashboard row for unbound
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-23 19:34:55 +02:00
d4d353f0b6
move radicale to rx300
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-23 13:03:47 +02:00
ff90f8cbca
bundles/radicale: add metadata reactor for nginx vhost
2021-07-23 12:56:29 +02:00
905a7917f8
bundles/matrix*: fix directories/repos
2021-07-23 07:58:15 +02:00
66fce8e076
bundles/rspamd: fix some dependencies
2021-07-18 07:56:26 +02:00
c9a1de5a8e
bundles/postfixadmin: fix backup path to be able to use zfs snapshots
2021-07-18 07:55:52 +02:00
6cadf33ae3
bundles/postfix: support having postfixadmin without setting myhostname
2021-07-18 07:55:19 +02:00
84d55c246a
items/zfs_dataset: remove automatic dependency detection for now
...
kunsi/bundlewrap/pipeline/head This commit looks good
This basically reverts commit 1086ed28c3
2021-07-17 19:40:41 +02:00
cee2a41771
items/zfs_pool: rewrite item to support all kinds of zfs pools
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 18:12:57 +02:00
9111d49bf4
bundles: fix missing stuff
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 16:59:39 +02:00
fc0495f13a
bundles/rspamd: dkim key can be a string, too
2021-07-17 16:18:18 +02:00
61062c8312
bundles/matrix-dimension: disable update check until there are releases
...
kunsi/bundlewrap/pipeline/head This commit looks good
... we're using 'master' for now.
2021-07-17 13:06:49 +02:00
32c0ad3bd6
bundles/matrix-synapse: auto-configure nginx vhost
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 12:38:04 +02:00
ff526a7f7f
Merge pull request 'matrix-dimension' ( #44 ) from matrix-dimension into main
...
kunsi/bundlewrap/pipeline/head This commit looks good
Reviewed-on: #44
2021-07-17 09:58:18 +00:00
6a144cf991
bundles/users: add option to enable lingering
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 11:33:43 +02:00
ce9f6dd7ba
bundles: add zfs dataset to bundles
2021-07-17 10:17:39 +02:00
337b660f5a
bundles/matrix-synapse: ensure matrix-synapse does not mess with our homeserver.yaml
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 09:32:49 +02:00
cbeb42c8ae
bundles/matrix-media-repo: add zfs
2021-07-17 09:12:11 +02:00
1086ed28c3
items/zfs_dataset: add automatic dependency for all files, directories and git_deploy of a dataset
2021-07-17 09:10:56 +02:00
Sophie Schiller
58691904fc
bw/matrix-dimension repair syntax errors
2021-07-17 01:09:33 +02:00
Sophie Schiller
d076384ead
bw/matrix-dimension remove unneeded metadata
2021-07-17 01:09:33 +02:00
Sophie Schiller
6ceb47a92e
bw/matrix-dimension get all the things
2021-07-17 01:09:33 +02:00
Sophie Schiller
2b1c53e47a
bw/matrix-dimension disable logfile
2021-07-17 01:09:33 +02:00
Sophie Schiller
aa639dc913
bw/matrix-dimension switch to generic vhost name
2021-07-17 01:09:33 +02:00
Sophie Schiller
71a1a4d59b
bw/matrix-dimension enable process monitoring
2021-07-17 01:09:33 +02:00
Sophie Schiller
f40036422f
bw/matrix-dimensions fix typos
2021-07-17 01:09:33 +02:00
Sophie Schiller
568a73efaf
bw/matrix-dimension switch listening port
2021-07-17 01:09:33 +02:00
Sophie Schiller
9fb5293c80
bw/matrix-dimension switch to dedicated user
2021-07-17 01:09:33 +02:00
Sophie Schiller
ebee3b3de5
bw/matrix-dimension witespaaaaaaaace
2021-07-17 01:09:33 +02:00
Sophie Schiller
8ee59cd036
bundle/matrix-dimension enable backups
2021-07-17 01:09:33 +02:00
Sophie Schiller
a5b6250c86
bw/bundle matrix-dimension this might actually work
2021-07-17 01:09:33 +02:00
Sophie Schiller
c52482e98b
bw/bundle matrix-dimension add first draft
2021-07-17 01:09:33 +02:00
6022bac0ef
have more bundles provide nginx metadata for themselves
2021-07-16 14:20:01 +02:00
9e305fc854
bundles/element-web: fix nginx webroot path
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-15 18:44:02 +02:00
f7098b0d35
bundles/element-web: move to /opt (and zfs, if we have that)
2021-07-15 18:40:48 +02:00
133627ace2
bundles/unbound: prefer ipv4 if using pppoe
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-13 20:51:58 +02:00
3c2f245b71
bundles/mx-puppet-discord: remove "Discord" in room name for now
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-11 16:38:59 +02:00
72f148425a
bundles/jenkins-ci: add ssh keys and config
bundlewrap/pipeline/head This commit looks good
2021-07-11 15:47:45 +02:00
0a14d46cf2
bundles/jenkins: add zfs dataset
2021-07-11 15:29:42 +02:00
8da40eab67
nodes/rx300: add php 8.0
2021-07-11 15:23:49 +02:00
a66d9c5765
bundles/mx-puppet-discord: add (Discord) to room and user names
bundlewrap/pipeline/head This commit looks good
2021-07-11 12:29:05 +02:00
b193971625
bundles/postfix: fix some needed files not being present in chroot on arch
bundlewrap/pipeline/head This commit looks good
2021-07-10 16:16:56 +02:00
8f4db6f2ba
bundles/postfix: install pkg_pacman:s-nail
2021-07-10 15:59:03 +02:00
3351767d56
add bundle:check-mail-received
bundlewrap/pipeline/head This commit looks good
2021-07-10 14:22:19 +02:00
6c9809b165
bundles/grafana: add guest cpu time to cpu graph
bundlewrap/pipeline/head This commit looks good
2021-07-10 10:05:26 +02:00
6a4b24c0f2
fix git urls in repo
bundlewrap/pipeline/head This commit looks good
2021-07-09 17:27:12 +02:00
1927837205
bundles/gitea: add /var/lib/gitea to backups
2021-07-09 16:22:37 +02:00
9bf0b8a0b0
bundles/gitea: use zfs datasets for all data
2021-07-09 16:22:10 +02:00
82dd354f92
bundles/gitea: fix permissions for /home/git/.ssh
2021-07-09 16:15:38 +02:00
95c5e0b6ea
bundles/gitea: use generic vhost name
2021-07-09 15:55:31 +02:00
3c23de4dfa
bundles/grafana: fix nginx vhost config
bundlewrap/pipeline/head This commit looks good
2021-07-04 20:10:19 +02:00
9021c6f853
bundles/grafana: fix permissions for some files and directories
bundlewrap/pipeline/head This commit looks good
2021-07-04 20:06:35 +02:00
cbc0a1a927
nodes/htz.ex42-1048908: fix X-Forwarded-For header for matrix-media-repo
bundlewrap/pipeline/head This commit looks good
2021-07-04 20:03:22 +02:00
b5ab21549d
bundles/nginx: rename 'proxy' metadata to 'locations', support more generic options, move extras files to metadata
bundlewrap/pipeline/head This commit looks good
2021-07-04 19:28:03 +02:00
c87a8e2f15
bundles/pretalx: use pip install -e
for locally existing code
bundlewrap/pipeline/head This commit looks good
2021-07-02 18:45:59 +02:00
e091adaa64
bundles/nginx: increase buffer sizes
bundlewrap/pipeline/head This commit looks good
2021-07-02 18:21:57 +02:00
9c1b4f5dbe
move travelynx.franzi.business to rx300
bundlewrap/pipeline/head This commit looks good
2021-07-02 16:15:31 +02:00
8ef6522ead
bundles/travelynx: needs directory to git_deploy into
2021-07-02 15:48:48 +02:00
f9e2715b30
bundles/systemd-networkd: removal of unmanaged files must also trigger restart of systemd-networkd
2021-07-02 15:03:47 +02:00
7ac7c1a2b7
bundles/cron: ensure cron is installed and running
2021-07-02 06:36:51 +02:00
9816da4f85
bundles/postgresql: only install postgresql-server-dev-* if needed
2021-07-01 18:22:38 +02:00
210ae8dd2e
bundles/zfs: debian bullseye does not need zfs from backports
2021-07-01 18:19:24 +02:00
686aa533e8
bundles/grafana: change logBase for nginx timing dashboard
bundlewrap/pipeline/head This commit looks good
2021-07-01 16:34:17 +02:00
d32f675de7
bundles/miniflux: use vhost with generic name
2021-07-01 16:04:56 +02:00
68e79b4883
bundles/nginx: only add well-known alias for vhosts which use letsencrypt
2021-07-01 16:04:46 +02:00
20f4c182ad
bundles/pacman: ensure we have run-parts
bundlewrap/pipeline/head This commit looks good
2021-06-30 06:22:06 +02:00
7f27762054
bundles/zfs: report *used*, not free storage space
2021-06-29 15:18:31 +02:00
f01e24f995
bundles/postgresql: wait 10s after restarting
2021-06-29 14:23:51 +02:00
7b00e7484e
fix monitoring for arch linux hosts
bundlewrap/pipeline/head This commit looks good
2021-06-28 19:59:54 +02:00
dfbdbe73bd
bundles/icinga2: only nodes which have bundle:apt have unattended-upgrades (for now)
2021-06-28 19:48:05 +02:00
450fb3f87a
bundles/kodi: do not install libcec4
...
bundlewrap/pipeline/head This commit looks good
It's not available in bullseye (but libcec6), but we don't need it
anyway, because we're not using cec here.
2021-06-27 07:17:05 +02:00
cd6e4b9767
bundles/influxdb2: disable atime for zfs dataset
bundlewrap/pipeline/head This commit looks good
2021-06-26 08:19:55 +02:00
2193e0ca53
bundles/grafana: fix units for zfs panels
bundlewrap/pipeline/head This commit looks good
2021-06-25 20:16:13 +02:00
7d4a99344b
bundles/zfs: enable autotrim on debian bullseye and above
bundlewrap/pipeline/head This commit looks good
2021-06-25 20:05:35 +02:00
1c10be5cdc
bundles/zfs: add per-dataset metrics
2021-06-25 20:04:30 +02:00
9cc324f84c
bundles/backup-server: enable compression for backups
2021-06-25 20:04:10 +02:00
a793bb5fc1
bundles/zfs: rename zfs_arc_max_mb to zfs_arc_max_gb
bundlewrap/pipeline/head This commit looks good
2021-06-25 18:39:06 +02:00
Sophie Schiller
b949ba3e72
bw/home.kodi-wohnzimmer update to bullseye
bundlewrap/pipeline/head This commit looks good
2021-06-23 18:07:43 +02:00
68865895e5
bundles/grafana: set decimals=0 for fan speed info
2021-06-19 14:18:30 +02:00
8d331b0086
bundles/nginx: always use first of month for security.txt expiry
bundlewrap/pipeline/head This commit looks good
2021-06-19 08:49:10 +02:00
fc5e163fb9
bundles/miniflux: use health check endpoint
bundlewrap/pipeline/head This commit looks good
2021-06-12 10:11:17 +02:00
05670ac2bb
bundles/icinga2: less code for icinga statusmonitor
bundlewrap/pipeline/head This commit looks good
2021-06-11 16:49:12 +02:00
455d4d7551
bundles/sshmon: fix occasional KeyErrors in check_cpu_stats
bundlewrap/pipeline/head This commit looks good
2021-06-06 17:59:58 +02:00
94dba9139b
bundles/mosquitto: rewrite tasmota-telegraf-plugin using paho-mqtt library
bundlewrap/pipeline/head This commit looks good
2021-06-06 15:17:34 +02:00
fa4fe51155
bundles/backup-client: do logging
bundlewrap/pipeline/head This commit looks good
2021-06-06 08:05:41 +02:00
82d2e5b416
bundles/grafana: hide empty/zero values in lm-sensors dashboard row
bundlewrap/pipeline/head This commit looks good
2021-06-05 21:39:48 +02:00
840d8228ed
bundles/grafana: fix line width for lm-sensors dashboard row
bundlewrap/pipeline/head This commit looks good
2021-06-05 15:58:00 +02:00
db83b1614b
bundles/nginx: add anonymous timing logging for http requests
bundlewrap/pipeline/head This commit looks good
2021-06-05 15:53:02 +02:00
72d4826dbb
remove bundle:netdata - we have telegraf and grafana now
bundlewrap/pipeline/head This commit looks good
2021-06-05 13:28:25 +02:00
91cf6cd1e5
move lm-sensors to its own bundle, add to hardware systems
2021-06-05 12:23:09 +02:00
5dde5d1642
bundles/apt: no --force-confdef in unattended upgrades
bundlewrap/pipeline/head This commit looks good
2021-06-05 11:13:51 +02:00
6138db1089
bundles/matrix-synapse: no statistics
2021-06-05 11:13:19 +02:00
ff85191bbe
bundles/radvd: fix typo
bundlewrap/pipeline/head This commit looks good
2021-06-04 07:28:40 +02:00
95856a2c2d
add bundle:sysctl
2021-06-04 07:28:26 +02:00
8d21e15106
bundles/pppd: restart nftables if it isn't running
2021-06-04 07:20:59 +02:00
1fbc08f74b
bundles/nginx: add a default security.txt to all vhosts
bundlewrap/pipeline/head This commit looks good
2021-06-03 18:57:25 +02:00
0a7e5bcdcd
move default values to libs/defaults
2021-06-03 18:27:45 +02:00
5369490b79
bundles/postfix: fix spam blocklist timeout
2021-06-03 14:31:03 +02:00
5c83287057
EOL bundle:iptables
bundlewrap/pipeline/head This commit looks good
2021-06-03 13:59:50 +02:00
d569b00960
modify nodes and bundles for new nftables syntax
2021-06-03 13:59:36 +02:00
ecb67d012b
bundles/nftables: introduce
2021-06-03 13:57:50 +02:00
faf27a3940
bundles/nfs-server: support using node names for shares
bundlewrap/pipeline/head This commit looks good
2021-06-03 07:45:56 +02:00
09397e2597
bundles/users: fix adding of non-admin users
2021-06-01 16:53:29 +02:00
47c18913ca
bundles/pacman: install htop
2021-06-01 16:53:14 +02:00
fba83415c7
bundles/letsencrypt: prepare for arch linux
2021-06-01 16:52:52 +02:00
cf3c45fdd5
bundles/nginx: prepare for arch linux
2021-06-01 16:52:03 +02:00
6b90d568cf
bundles/postfix: use dig
in check_spam_blocklist instead of a python library
...
bundlewrap/pipeline/head This commit looks good
The library isn't available as a debian package, so we would have to
manually install that every time the python package updates its minor
version number.
2021-05-29 09:29:40 +02:00
3468b719ed
bundles/nginx: default vhost always supports letsencrypt
2021-05-24 19:19:10 +02:00
Sophie Schiller
1461cf2827
bw/home.paperless-sophie add sophie's paperless host
bundlewrap/pipeline/head This commit looks good
2021-05-24 19:04:59 +02:00
6bfcd87976
bundles/paperless-ng: ensure we have static files
bundlewrap/pipeline/head This commit looks good
2021-05-24 15:02:04 +02:00
Sophie Schiller
9a60d36a03
scan bright colors
bundlewrap/pipeline/head This commit looks good
2021-05-24 11:01:13 +02:00
5d4ca086e6
bundles/scansnap: do ocr in a separate process to speed up scanning
bundlewrap/pipeline/head This commit looks good
2021-05-24 10:24:01 +02:00
d193ec8ef3
bundles/paperless: set some options
2021-05-24 10:23:19 +02:00
df3e18b476
bundles/paperless: fix media path
bundlewrap/pipeline/head This commit looks good
2021-05-23 18:41:56 +02:00
22c98a4206
nodes/home.paperless: introduce
bundlewrap/pipeline/head This commit looks good
2021-05-23 17:41:19 +02:00
3a44a9fbfb
bundles/vmhost: only install qemu-kvm for debian buster and older
bundlewrap/pipeline/head This commit looks good
2021-05-23 14:54:47 +02:00
46f7aa93ef
bundles: fix dependencies
2021-05-23 14:54:24 +02:00
8dc66421c0
bundles/basic: don't rewrite /etc/locale.gen every time
2021-05-23 14:53:45 +02:00
5a182fadef
make some bundles arch-compatible, more default packages for arch
2021-05-23 14:36:16 +02:00
97cbef06a2
bundles/grafana: remove derivative from temperature and fan graphs
bundlewrap/pipeline/head This commit looks good
2021-05-20 06:51:10 +02:00
8568298a4e
bundles/grafana: make sure we have backups of the grafana database
bundlewrap/pipeline/head This commit looks good
2021-05-19 20:56:34 +02:00
e54135b014
bundles/telegraf: it's "command" for execd, not "commands", because ... who knows
bundlewrap/pipeline/head This commit looks good
2021-05-19 20:50:18 +02:00
df192e543b
bundles/transmission: add telegraf statistics
bundlewrap/pipeline/head There was a failure building this commit
2021-05-19 20:12:52 +02:00
3b3bdeecab
bundles/pacman: add lm_sensors to telegraf, add dashboard row
2021-05-19 18:46:22 +02:00
9e07af289e
bundles/scansnap: don't try to delete output directory
bundlewrap/pipeline/head This commit looks good
2021-05-19 06:35:18 +02:00
3e9c28b8ae
bundles/zfs: no 'set -e' in backup-pre-hook
bundlewrap/pipeline/head This commit looks good
2021-05-16 07:53:27 +02:00
976aa251d1
bundles/zfs: actually unmount snapshots before trying to destroy them
bundlewrap/pipeline/head This commit looks good
2021-05-16 07:43:31 +02:00
479b730be4
bundles/zfs: introduce zfs-snapshot-backups, enable backups for nodes which need zfs-snapshot-backups
bundlewrap/pipeline/head This commit looks good
2021-05-15 20:32:23 +02:00
25b305bddf
bundles/mosquitto: fix .provides()
bundlewrap/pipeline/head This commit looks good
2021-05-15 08:58:15 +02:00
32826ed131
bundles/mosquitto: add telegraf stats for tasmota devices
bundlewrap/pipeline/head There was a failure building this commit
2021-05-15 08:52:37 +02:00
eb6ae208cb
bundles/grafana: fix file system permissions
bundlewrap/pipeline/head This commit looks good
2021-05-15 07:33:21 +02:00
d9595ad8e6
bundles/icinga2: fix typo in check_usv_snmp
2021-05-15 07:28:15 +02:00
07c3d93e7d
bundles/miniflux: make sure to restart process if it crashes
bundlewrap/pipeline/head This commit looks good
2021-05-15 06:50:11 +02:00
8e45b93b78
bundles/powerdnsadmin: yarn isn't installed globally any more
bundlewrap/pipeline/head This commit looks good
2021-05-14 20:15:49 +02:00
Sophie Schiller
d3c9550463
bundle/postgresql add dependencies, remove redundant config
2021-05-14 20:06:42 +02:00
Sophie Schiller
a656eb7eb3
bundle/nodejs remove yarn install
2021-05-14 20:05:04 +02:00
Sophie Schiller
88cfbc0699
bundle/matrix-synapse update dependencies, improve postgres database
...
creation
2021-05-14 20:03:56 +02:00
Sophie Schiller
bd19749971
bundle/matrix-media-repo update dependencies and needs
2021-05-14 20:02:39 +02:00
Sophie Schiller
3c5e778016
bundle:/element-web install yarn from npm instead of apt
2021-05-14 20:01:19 +02:00
459c7731cb
bundles/backup-client: use --compress-level=1 instead of -z
2021-05-14 10:47:58 +02:00
7775f33679
bundles/apt: move patchday to 21:00 UTC
2021-05-13 09:10:33 +02:00
fab9a41024
bundles/c3voc-addons: use new way of doing updates, too
bundlewrap/pipeline/head This commit looks good
2021-05-11 06:21:42 +02:00
276bd6ae8d
bundles/apt: rework upgrade-and-reboot mechanics to be more robust
bundlewrap/pipeline/head This commit looks good
2021-05-08 08:31:04 +02:00
c976be62d7
bundles/grafana: only refresh managed dashboards every minute
...
bundlewrap/pipeline/head This commit looks good
After all, we're only getting data every minute, so there's no point
in refreshing more often.
2021-05-02 19:57:32 +02:00
c1b1dc1a29
bundles/grafana: add support for custom managed dashboards
2021-05-02 17:49:40 +02:00
fe668fd5d4
bundles/grafana: add "traffic per interface" graphs, fix naming of values
bundlewrap/pipeline/head This commit looks good
2021-05-02 15:01:22 +02:00
0f387102b3
bundles/postgresql: do not collect metrics for telegraf database
bundlewrap/pipeline/head This commit looks good
2021-05-02 14:01:26 +02:00
ada87897a4
bundles/grafana: add wireguard graphs
2021-05-02 13:55:41 +02:00
40160fb25a
bundles: remove telegraf metrics from systemd-networkd and icinga2
2021-05-02 13:18:35 +02:00
3b1d1f7e94
add postgresql metrics to telegraf/grafana
bundlewrap/pipeline/head This commit looks good
2021-05-02 13:09:01 +02:00
1bc47fa231
bundles/grafana: fix y axis for disk iops graph
bundlewrap/pipeline/head This commit looks good
2021-05-02 12:07:49 +02:00
ae0bb8ed58
bundles/postfix: rework exporter for better usability
2021-05-02 12:06:53 +02:00
9b9465502a
bundles/grafana: add postfix graph
bundlewrap/pipeline/head This commit looks good
2021-05-02 11:55:34 +02:00
0b972bc464
bundles/grafana: add nginx
bundlewrap/pipeline/head This commit looks good
2021-05-02 11:34:55 +02:00
b299edbef4
bundles/grafana: add "free" to memory row
bundlewrap/pipeline/head This commit looks good
2021-05-02 11:05:01 +02:00
68fed2439d
bundles/apt: fix "set -x" call
bundlewrap/pipeline/head This commit looks good
2021-05-02 10:45:21 +02:00
c548a88ee7
bundles/grafana: introduce, add to htz-cloud.influxdb
2021-05-02 10:44:50 +02:00
1a1ea721d9
bundles/telegraf: also work for arch linux systems
2021-05-02 07:32:54 +02:00
8c276b53a6
nodes/home.nas: enable x11 forwarding for admins
bundlewrap/pipeline/head This commit looks good
2021-05-01 15:18:21 +02:00
75fea7aa34
bundles/gitea: add a ssh key, enable git hooks for htz.ex42-1048908
bundlewrap/pipeline/head This commit looks good
2021-05-01 14:27:31 +02:00
8a95dfa90a
nodes/home.downloadhelper: restrict lldp to vlan 42
bundlewrap/pipeline/head This commit looks good
2021-05-01 10:05:24 +02:00
3de85e6717
bundles/webfs: introduce
2021-04-30 19:40:45 +02:00
30efde6eb3
bundles/apt: remove unneeded if
bundlewrap/pipeline/head This commit looks good
2021-04-30 13:30:10 +02:00
b235519ecf
bundles/apt: "set -xeuo pipefail" for upgrade-and-reboot
bundlewrap/pipeline/head This commit looks good
2021-04-30 12:51:09 +02:00
8fd83241ca
bundles: ensure apt/repos/*/items is a set
2021-04-30 12:49:59 +02:00
44d42de81c
bundles/nginx: only redirect to ssl for sites which actually have ssl enabled
bundlewrap/pipeline/head This commit looks good
2021-04-25 09:20:16 +02:00
d98a1adfd9
bundles/ssl: support using a preexisting ssl certificate
2021-04-25 09:09:23 +02:00
019d658442
bundles/icinga2: add check_usv_snmp
bundlewrap/pipeline/head This commit looks good
2021-04-25 08:02:04 +02:00
ffd899534a
bundles/telegraf: use node.metadate.get() everywhere
bundlewrap/pipeline/head This commit looks good
2021-04-24 14:51:01 +02:00
e9ce0ce869
bundles/systemd-networkd: add missing key to .provides()
bundlewrap/pipeline/head This commit looks good
2021-04-24 12:38:51 +02:00
966ee7dae9
bundles/unbound: set correct statistics interval
2021-04-24 12:00:09 +02:00
a9692317d2
bundles/telegraf: temporarily hardcode a repo path
bundlewrap/pipeline/head There was a failure building this commit
2021-04-24 11:47:28 +02:00
6772b3b5d0
bundles: various fixes for telegraf plugins
bundlewrap/pipeline/head There was a failure building this commit
2021-04-24 11:45:58 +02:00
a980e22ecb
bundles/telegraf: support requesting additional capabilities and/or groups
2021-04-24 11:44:55 +02:00
dc0695e38f
bundles/influxdb: introduce
2021-04-24 10:17:56 +02:00
c97d9ab948
bundles/postfix: use own postqueue exporter
2021-04-24 10:17:05 +02:00
76f46ca7d5
bundles/telegraf: add sudoers file
2021-04-24 10:12:56 +02:00
2432075f9a
bundles/telegraf: ensure telegraf is running, restart on config changes
2021-04-24 10:05:52 +02:00
f58e66f701
bundles/c3voc-addons: make sure we're not accidentially overwriting c3voc telegraf config
2021-04-24 09:44:31 +02:00
2667a2c00d
libs: replace libs.toml.dict_to_toml with libs.faults.resolve_faults
bundlewrap/pipeline/head This commit looks good
2021-04-24 09:39:08 +02:00
a37d31973a
bundles: add some telegraf plugins
2021-04-24 09:14:25 +02:00
5e0541aef8
bundles/telegraf: introduce
2021-04-24 09:14:21 +02:00
ebb6d287b2
bundles/icinga2: add node name to automatic downtime comment
bundlewrap/pipeline/head This commit looks good
2021-04-23 14:30:34 +02:00
8b14575657
bundles/postgresql: add metadata keys for some performance related config options
2021-04-23 14:02:04 +02:00
616feb54b2
bundles/sshmon: fix an issue where check_mounts couldn't properly detect systemd mount units
2021-04-23 14:01:24 +02:00
c0ff320281
bundles/scansnap: set proper permissions for /srv/scansnap
2021-04-21 18:25:37 +02:00
c79b3f77c2
bundles/scansnap: cleanup old scans
2021-04-21 18:20:47 +02:00
0c0a8e6263
bundles/scansnap: chown files to nobody-nogroup
2021-04-21 18:18:27 +02:00
b5fb5dd6c2
bundles/scansnap: introduce, add to home.nas
2021-04-21 17:58:16 +02:00
5e49e3204b
bundles/nfs-server: sort shares
2021-04-21 17:56:53 +02:00
24362768fb
bundles/dhcpd: rework metadata
bundlewrap/pipeline/head This commit looks good
2021-04-20 18:18:17 +02:00
12c04cf3be
bundles/users: some more bash config
2021-04-19 20:39:57 +02:00
8536e87475
bundles/systemd-networkd: some more dhcp settings
bundlewrap/pipeline/head This commit looks good
2021-04-18 11:05:42 +02:00
51ee9be424
bundles/radvd: advertise atleast every 30 seconds
2021-04-18 11:05:10 +02:00
4973c63e62
bundles/icinga2: remove icinga_options/downtime_also_for, add host dependencies via icinga_options/also_affected_by
bundlewrap/pipeline/head This commit looks good
2021-04-17 09:21:51 +02:00
4d5e75df68
bundles/icinga2: introduce icinga_options/downtime_also_for
bundlewrap/pipeline/head This commit looks good
2021-04-17 03:43:08 +02:00
6a88040826
bundles/nginx: disable Federated Learning of Cohorts for all hosts
bundlewrap/pipeline/head This commit looks good
2021-04-16 18:36:50 +02:00
bc8050cd3c
bundles/postfix: fix connection limits for smtpd
bundlewrap/pipeline/head This commit looks good
2021-04-11 21:56:37 +02:00
b04a207262
nodes/htz.ex42-1048908: add some blocked email domains
bundlewrap/pipeline/head This commit looks good
2021-04-11 18:20:16 +02:00
f0eb6f0d1b
bundles/vnstat: add favicon to web dashboard
...
bundlewrap/pipeline/head This commit looks good
As requested by sophie
2021-04-11 14:35:49 +02:00
e809ed4859
bundles/vnstat: changes in systemd unit files must trigger daemon-reload
bundlewrap/pipeline/head This commit looks good
2021-04-11 11:18:42 +02:00
dca56140aa
bundles/simple-icinga-dashboard: use systemd-timers, use virtualenv
bundlewrap/pipeline/head This commit looks good
2021-04-11 11:17:09 +02:00
26c2be07cf
bundles/vnstat: adjust vnstati calls for debian bullseye
bundlewrap/pipeline/head This commit looks good
2021-04-11 09:01:58 +02:00
69279ba34f
bundles/postfix: be a bit more relaxed when checking for smtp errors
bundlewrap/pipeline/head This commit looks good
2021-04-10 16:50:16 +02:00
018bdb2f83
bundles/matrix*: better monitoring
bundlewrap/pipeline/head This commit looks good
2021-04-10 16:40:44 +02:00
9618e388c3
bundles/simple-icinga-dashboard: only resolve faults when rendering the template, not earlier
bundlewrap/pipeline/head This commit looks good
2021-04-10 16:33:32 +02:00
36bd6f5755
bundles/simple-icinga-dashboard: config is a toml file now
bundlewrap/pipeline/head There was a failure building this commit
2021-04-10 16:08:52 +02:00
b33ddaadb5
bundles/simple-icinga-dashboard: add replacements
2021-04-10 15:43:37 +02:00
fc7655469f
icinga2: add pretty_name for status page
bundlewrap/pipeline/head This commit looks good
2021-04-10 15:05:29 +02:00
efd2875b17
bundles/c3voc-addons: add sms to NGINX VHOST checks
2021-04-10 15:04:34 +02:00
8b2771cd63
Revert "bundles/systemd-networkd: fix vlan support for bridges and bonds"
...
bundlewrap/pipeline/head This commit looks good
This reverts commit 02146a81d6
.
2021-04-10 13:34:49 +02:00
ef84b3f889
Revert "bundles/systemd-networkd: no need for a specific order in /etc/systemd/network/"
...
bundlewrap/pipeline/head This commit looks good
This reverts commit b679f568eb
.
Documentation says order is irrelevant, but it is not. If we do not use
ordering, vlan interfaces are defined before the parent interfaces, which
leads to systemd-networkd not applying config for the parent interfaces.
2021-04-10 12:22:08 +02:00
0d1a220b7b
bundles/systemd-networkd: generate unique mac address for vlan interfaces
2021-04-10 12:18:23 +02:00
197ebe2e38
bundles/systemd-networkd: add BindCarrier to bridges
bundlewrap/pipeline/head This commit looks good
2021-04-10 11:41:23 +02:00
00d46cb1b1
bundles/pppd: fix typo in restart-pppoe-if-no-public-ip
2021-04-10 09:49:40 +02:00
af6b16cc35
bundles/pppd: fix KeyError in restart-pppoe-if-no-public-ip
bundlewrap/pipeline/head This commit looks good
2021-04-10 09:38:47 +02:00
02146a81d6
bundles/systemd-networkd: fix vlan support for bridges and bonds
2021-04-10 09:18:45 +02:00
24f04e59aa
nodes/voc.pretalx: work around content-security-policy issues
bundlewrap/pipeline/head This commit looks good
2021-04-05 08:18:21 +02:00
aad27851bb
bundles/miniflux: proxy all images
bundlewrap/pipeline/head This commit looks good
2021-04-04 22:16:14 +02:00
e36a352a42
bundles: fix usage of set() vs {}
bundlewrap/pipeline/head This commit looks good
2021-04-04 10:34:55 +02:00
c418102000
bundles/netdata: fix iptables default
2021-04-04 10:30:45 +02:00
513eb4bed6
bundles/mosquitto: add monitoring
bundlewrap/pipeline/head This commit looks good
2021-04-03 09:43:24 +02:00
2027308249
bundles/zfs: fix typo in check_zpool_space
2021-04-03 09:41:17 +02:00
9cbf866de7
bundles/mosquitto: introduce, add to node home.nas
bundlewrap/pipeline/head This commit looks good
2021-04-03 09:36:47 +02:00
f8bbe00d47
overall better handling and usage of exceptions
bundlewrap/pipeline/head This commit looks good
2021-04-02 18:57:13 +02:00
5d5930265a
bundles/postfix: remove print statement
2021-04-02 18:29:33 +02:00
61cf881a03
bundles/pretalx: add bash_alias for manage.py
bundlewrap/pipeline/head This commit looks good
2021-04-02 14:59:56 +02:00
4a3be10add
bundles/apt: fix if in upgrade-and-reboot
2021-04-02 13:40:55 +02:00
a24fb12c21
bundles/apt: introduce restart_triggers (restart services if another service has been upgraded)
bundlewrap/pipeline/head There was a failure building this commit
2021-04-02 08:12:51 +02:00
7ca24d27d3
bundles/apt: add a bit of code to remove old, unused kernel images
2021-04-02 08:11:17 +02:00
8a0c8f32ae
bundles: less Restart=on-failure, more Restart=always
2021-04-02 08:05:33 +02:00
5b276368b8
bundles/wireguard: iptables/bundle_rules should be a list
bundlewrap/pipeline/head This commit looks good
2021-04-01 17:13:24 +02:00
17f9aa9c3e
bundles/icinga2: disable command module
bundlewrap/pipeline/head This commit looks good
2021-04-01 17:12:35 +02:00
c5eb2f4f70
bundles/icinga2: do not send recovery emails
2021-04-01 17:11:42 +02:00
957cac5ebc
bundles/postfix: disable SPAM BLOCKLIST check if relayhost is set
2021-04-01 17:00:53 +02:00
61c6188454
bundles/postfix: mynetworks now supports identifiers
2021-04-01 16:59:49 +02:00
b7222e2cd1
bundles/systemd-networkd: fix typo in routes
bundlewrap/pipeline/head This commit looks good
2021-04-01 16:31:57 +02:00
6e423c24fb
bundles/wireguard: rework metadata.py
bundlewrap/pipeline/head There was a failure building this commit
2021-04-01 16:27:31 +02:00
b679f568eb
bundles/systemd-networkd: no need for a specific order in /etc/systemd/network/
2021-04-01 16:26:06 +02:00
d787f8b0a3
bundles/systemd-networkd: rework routes
2021-04-01 16:25:24 +02:00
b52a196c73
bundles/nginx: add configuration option for client_max_body_size
bundlewrap/pipeline/head This commit looks good
2021-03-30 21:26:25 +02:00
da9fe36646
bundles/pretalx: support installing plugins
2021-03-30 19:52:03 +02:00
7345543fa2
bundles/mx-puppet-discord: remove logging to files, disable presence logging
bundlewrap/pipeline/head This commit looks good
2021-03-28 11:29:16 +02:00
c388d5ea1e
bundles/postgresql: fix restart dependencies
bundlewrap/pipeline/head This commit looks good
2021-03-28 09:39:08 +02:00
35e4bbf04b
bundles/postfix: remove postscreen usage
...
bundlewrap/pipeline/head This commit looks good
postscreen isn't able to share its cache file between
instances, which leads to the server simply accepting
mails for the port on which postscreen starts up later.
Since we can't predict which port this will be, we
simply remove postscreen alltogether.
Yes, i know i could just remove postscreen for port 2525.
2021-03-28 09:00:37 +02:00
ce39850bda
bundles/postfix: fix .provides() for iptables reactor
bundlewrap/pipeline/head This commit looks good
2021-03-28 08:56:22 +02:00
9fe4e2933d
bundles/postfix: add firewalling for port 2525
bundlewrap/pipeline/head There was a failure building this commit
2021-03-28 08:37:51 +02:00
a4b2dc29a9
bundles/miniflux: don't clean up old entries
bundlewrap/pipeline/head This commit looks good
2021-03-28 08:04:41 +02:00
39c1d34bbb
bundles/sshmon: fix disk space usage limits
2021-03-27 12:07:49 +01:00
8f0f635484
bundles/basic: change load graph for cpu graph
2021-03-27 12:06:12 +01:00
568a31586f
bundles/apt: fix permissions for /etc/kernel/postinst.d/unattended-upgrades
bundlewrap/pipeline/head This commit looks good
2021-03-27 08:31:29 +01:00
f514e200f0
bundles/mautrix-whatsapp: restart bridge daily again
...
bundlewrap/pipeline/head This commit looks good
It seems neither WhatsApp nor WhatsApp Web are designed for 24/7
connections, thus leading to all kinds of weird side effects like
"Bridge thinks it's connected, but no messages get through at all"
or "WhatsApp is running, but the Bridge can't connect to it"
2021-03-27 08:21:41 +01:00
f98720b57b
bundles/dhcpd: sort dchp leases by ip in bash alias
bundlewrap/pipeline/head This commit looks good
2021-03-26 09:27:52 +01:00
65490b1d20
bundles/apt: log stdout and stderr separately in upgrade-and-reboot
bundlewrap/pipeline/head This commit looks good
2021-03-26 09:02:48 +01:00
27753d50c4
bundles/postfix: use threading in check_spam_blocklist
bundlewrap/pipeline/head This commit looks good
2021-03-25 17:42:59 +01:00
fdcec012f3
bundles/postfix: add SPAM BLOCKLIST check for every non-private IP attached to the server
bundlewrap/pipeline/head This commit looks good
2021-03-22 20:24:14 +01:00
b99176be49
bundles/kodi: add iptables rules
bundlewrap/pipeline/head This commit looks good
2021-03-21 19:10:49 +01:00
28dd9694af
add bundle:oidentd
bundlewrap/pipeline/head This commit looks good
2021-03-21 17:40:58 +01:00
6a6198c9b9
bundles/wireguard: move iptables rules to metadata reactor
bundlewrap/pipeline/head This commit looks good
2021-03-21 15:26:29 +01:00
3bc5e55400
bundles/iptables: don't apply iptables rules if a rules file is missing
2021-03-21 11:44:27 +01:00
4b00c8b55a
bundles/unbound: do not bind to 0.0.0.0 if qemu is installed
2021-03-21 11:43:53 +01:00
5a0aa82ec9
bundles/powerdns: fix missing imports
2021-03-21 11:43:17 +01:00
62f7080db9
bundles/nfs-server: add iptables config
2021-03-21 11:24:21 +01:00
850d860d59
bundles/powerdns: add iptables config
2021-03-21 11:12:18 +01:00
31ddea7649
bundles/dovecot: add iptables config
2021-03-21 11:12:03 +01:00
5775001301
bundles/postfix: add iptables config
2021-03-21 11:11:49 +01:00
c9f008ad82
bundles/openssh: move iptables rules to metadata reactor
bundlewrap/pipeline/head This commit looks good
2021-03-21 10:37:28 +01:00
b943d2d465
rework iptables configuration
bundlewrap/pipeline/head This commit looks good
2021-03-21 10:30:04 +01:00
3fcd81960e
bundles/postfix: allow configuring mynetworks
bundlewrap/pipeline/head This commit looks good
2021-03-15 11:41:35 +01:00
52cab71fec
bundles/wireguard: also allow outgoing traffic
...
How did this ever work without this rule?
2021-03-15 09:00:35 +01:00
adb808a683
bundles/users: more colourful bash for everyone
bundlewrap/pipeline/head This commit looks good
2021-03-14 17:14:08 +01:00
f6ecf2a465
bundles/nfs-client: support arch linux
bundlewrap/pipeline/head This commit looks good
2021-03-11 15:24:06 +01:00
Sophie Schiller
c87611c2e2
bw/kodi add backports repo
bundlewrap/pipeline/head This commit looks good
2021-03-08 21:06:25 +01:00
8b07fce738
bundles/unbound: decrease statistics-interval until debian has 1.19 and we're actually able to use them
2021-03-06 10:03:22 +01:00
f214f70cd4
bundles/basic: add textual cpu stats to htop
2021-03-06 09:58:22 +01:00
7e57c0f03e
bundles/basic: current htop version in debian does not support DiskIO nor NetworkIO
bundlewrap/pipeline/head This commit looks good
2021-03-06 09:56:05 +01:00
ebcf8e4445
bundles/matrix-media-repo: also restart matrix-media-repo after updating
bundlewrap/pipeline/head This commit looks good
2021-03-05 07:21:23 +01:00
2adf3c6a72
bundles/sshmon: increase acceptable amount of cpu steal
bundlewrap/pipeline/head This commit looks good
2021-03-01 15:52:55 +01:00
e435ae582a
bundles/icinga2: add monitoring for IdoPgsqlConnection
bundlewrap/pipeline/head This commit looks good
2021-03-01 15:36:29 +01:00
3adfb9779a
bundles/molly-guard: introduce, add to systems
bundlewrap/pipeline/head This commit looks good
2021-02-26 17:58:20 +01:00
51ca74549e
bundles/basic: add htoprc
bundlewrap/pipeline/head This commit looks good
2021-02-24 19:24:56 +01:00
836f065382
bundles/pleroma: add website content check
bundlewrap/pipeline/head This commit looks good
2021-02-20 22:11:19 +01:00
b470fddc12
bundles/nginx: add gdpr-compatible log format
2021-02-20 21:11:12 +01:00
8cb172a1c1
bundles/pleroma: remove NoNewPrivileges=true, interferes with mail delivery
2021-02-20 20:57:00 +01:00
017c2c3421
bundles/pleroma: allow database configuration
bundlewrap/pipeline/head There was a failure building this commit
2021-02-20 20:18:34 +01:00
f8c157ce50
bundles/pleroma: get it working
bundlewrap/pipeline/head This commit looks good
2021-02-20 19:37:33 +01:00
1f3e7afb2c
bundles/pleroma: initial NON-WORKING version
2021-02-20 19:14:20 +01:00
5433859a86
bundles/letsencrypt: also check for chain.pem, nginx needs this
bundlewrap/pipeline/head This commit looks good
2021-02-20 17:38:11 +01:00
e2d7d05783
bundles/systemd-networkd: manage apt packages via bundle:apt
bundlewrap/pipeline/head This commit looks good
2021-02-20 17:35:45 +01:00
ad5c8cc0ab
bundles/postfix: only get certificate if actually needed
bundlewrap/pipeline/head This commit looks good
2021-02-20 17:30:38 +01:00
97a1b3ae85
bundles/zfs: add comment to action:modprobe-zfs
bundlewrap/pipeline/head This commit looks good
2021-02-20 16:51:34 +01:00
1c0a3ee8e7
bundles/postgresql: fix postgresql config path
2021-02-20 16:50:38 +01:00
194de9ef2d
bundles/letsencrypt: fix some errors in letsencrypt-ensure-some-certificate
bundlewrap/pipeline/head This commit looks good
2021-02-20 15:48:17 +01:00
3fa81ddc85
bundles/gitea: use canned stop action
2021-02-20 15:47:35 +01:00