Commit graph

477 commits

Author SHA1 Message Date
febcacdfe3
icinga2: enable mails for update checks 2020-12-05 09:17:21 +01:00
67d8293201
bundles/wireguard: one icinga2 check per peer
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-30 06:43:46 +01:00
295ff72b4b
bundles/smartd: introduce, add to hosts where *we* need to keep track of disk health
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-29 12:07:27 +01:00
8456ac43c6
bundles/nfs-client: don't try to start automount units 2020-11-29 12:06:34 +01:00
1bfeead5e8
nodes/home.nas: change nfs-mount options for /storage/nas 2020-11-29 12:05:51 +01:00
a549936e09
bundles/nfs-server: ensure nfs-kernel-server is started 2020-11-28 15:48:27 +01:00
014b37082c
bundles/wireguard: send pings over vpn, if pppd reconnects 2020-11-27 03:09:37 +01:00
c1885e20b6
nodes/home.octoprint-vielschichtigkeit: fix ifnames, fix vhost 2020-11-25 21:26:21 +01:00
dc9e378908
bundles/icinga2: add icinga statusmonitor
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 18:56:04 +01:00
12ce8d8f6e
bundles/icinga2: add automatic downtime for upgrade-and-reboot
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 13:28:14 +01:00
3a56b0425c
bundles/icinga2: add default for vars.notification.mail, enable mail for check_sipgate_account_balance
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 11:44:09 +01:00
9651d740ae
bundles/icinga2: add check_sipgate_account_balance, adjust check_interval
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 11:38:53 +01:00
9cace7dace
bundles/icinga2: only include service_name in sms if it actually is a service
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 11:09:44 +01:00
54219928e4
bundles/icinga2: only add user to on-call group if they have atleast one of (email, phone) set
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 11:07:02 +01:00
8c6c691e5e
bundles/icinga2: implement SMS notifications 2020-11-22 10:34:49 +01:00
22d5ba12ee
bundles/octoprint: don't try to resolve faults in metadata.py
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-22 09:07:28 +01:00
15826c73b0
bundles/icinga2: send notifications
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-22 09:04:24 +01:00
d26b8ade45
remove some comments 2020-11-22 08:27:37 +01:00
4a57926577
bundles/icinga2: set some notification options for checks 2020-11-22 08:24:44 +01:00
b114ba3ff8
bundles/postgresql: fix typo
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-22 07:40:34 +01:00
d428572461
bundles/icinga2: add servicegroup for every service which has checks
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-21 23:04:15 +01:00
0bc4b5439c
bundles/icinga2: add hostgroup for every bw group
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-21 22:46:29 +01:00
12cf03e03f
bundles/icinga2: generate icinga_users from users.json
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-21 21:46:41 +01:00
c77856f97a
bundles/vmhost: add info line to QEMU VM STATUS 2020-11-21 21:01:37 +01:00
5639da4954
bundles/vmhost: add QEMU VM STATUS check
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-21 20:58:55 +01:00
325f483a26
bundles/{gitea,mautrix-telegram}: add update check
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-21 20:35:51 +01:00
4f5e462c94
bundles/octoprint: add update check 2020-11-21 20:35:29 +01:00
91f2fd839b
bundles/sshmon: add check_github_for_new_release 2020-11-21 20:03:50 +01:00
a4ca98e79e
bundles/rspamd: add monitoring
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-21 18:55:45 +01:00
e6acda1f52
bundles/powerdns: add monitoring 2020-11-21 18:55:34 +01:00
2fdeeca9c3
bundles/postgresql: add monitoring 2020-11-21 18:55:21 +01:00
2f7f35c85a
bundles/matrix*: add monitoring 2020-11-21 18:55:06 +01:00
1d450b9829
bundles/apt: fix statusfile output of unattended upgrades
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-21 18:07:01 +01:00
35025b40f6
bundles/sshmon: increase timeout for INTERNET check
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-21 16:17:16 +01:00
5aee050c5d
bundles/wireguard: add icinga check 2020-11-21 16:15:34 +01:00
58ca3fa9ae
bundles/wireguard: add netdev and network files, add iptables rules
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-21 15:38:38 +01:00
63fd31c226
bundles/icinga2: support specifying an alternative host for checks
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-21 10:58:57 +01:00
5419bf31fb
bundles: fix some icinga checks 2020-11-21 10:30:05 +01:00
11071914e0
bundles/icinga2: initial working draft 2020-11-21 10:29:36 +01:00
d3de7a27be
bundles/icinga2: add dependencies for icingaweb2 setup 2020-11-21 08:57:46 +01:00
6ad28bb375
bundles/vnstat: add graph for "yesterday" 2020-11-19 16:52:45 +01:00
fd99334a66
bundles/vnstat: improve usability of web dashboard for mobile devices
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-16 21:43:51 +01:00
6b11a7b2a8
bundles/vnstat: redirect cron output to /dev/null
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-16 17:10:14 +01:00
7d78ac9db8
bundles/vnstat: add flag to generate statistics images, add to home.router
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-16 17:07:05 +01:00
2d856a1e9a
bundles/nginx: add iptables rules
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-16 16:43:57 +01:00
88dd587fb4
bundles/vnstat: introduce, add to home.router 2020-11-16 16:33:26 +01:00
8343838dc6
bundles/nfs-client: don't touch permissions of mount directory by default
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 13:37:13 +01:00
sophie
75e199ae0d Merge pull request 'bundle/dhcpd: improvements' (#19) from kunsi-dhcpd-improvements into main
All checks were successful
bundlewrap/pipeline/head This commit looks good
Reviewed-on: https://git.kunsmann.eu/kunsi/bundlewrap/pulls/19
2020-11-15 12:34:41 +00:00
c9e5ae87a1
bundles/users: sort ssh keys
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 13:26:10 +01:00
121dfb692c
bundles/netdata: use correct metadatum name
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 13:25:15 +01:00
9df5cb1f16
bundles/dhcpd: remove hardcoded group in metadata reactor get_static_allocations()
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 13:23:24 +01:00
c597244a9d
bundles/dhcpd: adjust spacing in metadata processor for static leases
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 12:07:02 +01:00
d5bca495e0
bundles/dhcpd: remove some .get()
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 12:06:03 +01:00
ad569f073e
bundles/dhcpd: add iptables rules 2020-11-15 12:01:14 +01:00
cdef8cdb13
bundles/dhcpd: adjust indentation in dhcpd.conf 2020-11-15 12:00:58 +01:00
4f9281a4a4
bundles/dhcpd: download oui.txt
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 11:40:33 +01:00
2457d5b435
bundles/backup-client: redirect stderr to /dev/null
All checks were successful
bundlewrap/pipeline/head This commit looks good
We have monitoring to determine wether the backup succeeded or not.
No need for E-Mails, too.
2020-11-15 11:15:53 +01:00
84d1984cc1
nodes/home.nas: add users to "nas" group, add cronjobs to ensure permissions on nas dataset
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 11:12:22 +01:00
ccfa56ad5e
bundles/pppd: also wait for ppp interface to vanish before restarting
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 10:02:13 +01:00
0aafeb96cd
bundles/pppd: make sure dependent services are stopped before restarting pppoe session 2020-11-15 09:56:06 +01:00
d83dbbdd75
bundles/systemd-networkd: use some more options for bond interfaces 2020-11-15 09:39:44 +01:00
5319cd1e8b
bundles/netdata: disable health checks 2020-11-14 16:55:29 +01:00
6d58f2387f
bundles/openssh: introduce, add to all nodes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-14 14:46:59 +01:00
e56e875433
bundles/rspamd: switch to automatically-generated dkim key 2020-11-14 14:35:27 +01:00
3213e462c5
bundles/netdata: only save to ram, keep less history 2020-11-14 14:34:38 +01:00
1339564dc4
bundles/netdata: introduce, add to home.nas and home.router
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-14 14:05:28 +01:00
ff607777ce
bundles/backup-client: support using a non-standard ssh port
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-14 12:52:18 +01:00
f405dca771
bundles/pppd: add dyndns capability 2020-11-14 12:46:19 +01:00
0ca8edf656
bundles/apt: move patchday to metadata reactor, make patchday configurable 2020-11-14 12:24:55 +01:00
32b7dda61f
bundles/iptables: add newline to rules files 2020-11-14 12:24:12 +01:00
877744b0ba
bundles/pppd: send out a Router Solicitation on ifup
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-14 12:11:51 +01:00
a14580944b
bundles/{radvd,wide-dhcp6c}: improve handling of non-properly terminated ip-down scripts 2020-11-14 11:57:01 +01:00
644eb37b82
bundles/radvd: introduce, add to home.router 2020-11-14 11:47:44 +01:00
fa224a9939
bundles/wide-dhcp6c: introduce, add to home.router 2020-11-14 11:34:16 +01:00
00ba7e49d6
bundles/pppd: accept RA on ppp interface 2020-11-13 23:56:59 +01:00
Sophie Schiller
cbfc8c75ad bundles/dhcpd add defaults file and some escaping
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-13 23:30:49 +01:00
Sophie Schiller
ef211f7356 update gitignore 2020-11-13 23:30:49 +01:00
Sophie Schiller
dcf944b198 bundles/dhcpd add initial items, metadata and template 2020-11-13 23:30:49 +01:00
6ba0f6df1d
bundles/systemd: make sure we're using UTC and NTP
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-13 23:26:13 +01:00
870a5252e5
bundles/pppd: add iptables rules on ifup/ifdown 2020-11-13 23:04:43 +01:00
f65e216828
bundles/iptables: introduce, add to home.router
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-13 22:47:23 +01:00
df9863ef31
bundles/openvpn-client: add 2020-11-13 22:15:36 +01:00
e515378497
bundles/backup-server: dummy nodes never do backups
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-13 21:58:35 +01:00
3b829caaf6
bundles/pppd: introduce 2020-11-13 21:41:02 +01:00
b1860b7e01
bundles/systemd-networkd: add option to only create a .netdev file for interfaces 2020-11-13 21:40:44 +01:00
75d86f3339
bundles/systemd-networkd: support vlans 2020-11-13 16:29:17 +01:00
4213b60052
bundles/lldp: introduce, add to all nodes at home 2020-11-13 16:28:43 +01:00
b9b0a9c5ca
bundles/vmhost: install correct packages 2020-11-13 14:47:40 +01:00
df63f8c732
bundles/nginx: make sure /var/www exists 2020-11-13 13:35:02 +01:00
e91ac7e457
bundles/backup-client: fix detection of rsync errors
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-13 13:34:21 +01:00
d31910368c
icinga2: install packages and dependencies 2020-11-13 13:19:26 +01:00
6bac83def2
bundles/rspamd: fix automatic generation of dkim key
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-13 13:11:26 +01:00
cff0870e63
bundles/rspamd: refine auto-generation of dkim signing keys 2020-11-13 13:09:37 +01:00
56f1b1a6c6
bundles/rspamd: first draft for automatically-rotating dkim keys 2020-11-13 13:09:34 +01:00
f04dac11e5
Merge branch 'kunsi-icinga2' into main
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-13 13:03:16 +01:00
741f3b0032
bundles/backup-client: fix cronjob 2020-11-13 12:57:50 +01:00
0749fc75c5
bundles: add backup paths 2020-11-13 12:37:26 +01:00
f71653e3ce
bundles/backup-{client,server}: introduce 2020-11-13 12:36:52 +01:00
30ee0c8bdf
bundles/mx-puppet-discord: restart service after building new version 2020-11-13 09:26:34 +01:00
e5c12f0628
bundles/nginx: create webroot directories after bundle:zfs is done 2020-11-12 22:59:46 +01:00
2274e7aa37
bundles/nfs-server: introduce
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-12 19:59:02 +01:00
f2a0f0b46a
bundles/systemd-networkd: support bond and bridge interfaces 2020-11-12 19:38:10 +01:00
633ccb97fd
bundles/zfs: rename zed -> zfs-zed 2020-11-12 19:36:28 +01:00
d01d89d432
bundles/apt: support debian 11 2020-11-12 18:40:19 +01:00
e395a42160
bundles/apt: no need to have apt-daily.timer running
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-12 15:10:59 +01:00
087f4bb74d
groups/{gce,home}: send mail via mx0.kunbox.net
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-11 13:31:01 +01:00
11701a67c8
dns: deploy MTA-STS
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-11 11:41:06 +01:00
d47c39185b
bundles/php: no need to restart php if just installing the base packages
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-11 08:37:29 +01:00
652fb72ccc
bundles/postfix: fix metadata reactor for letsencrypt 2020-11-11 08:35:36 +01:00
9dd7589f12
bundles/postfix: add submission_header_cleanup file 2020-11-10 20:34:27 +01:00
8180769120
bundles/postfix: add postmaster alias 2020-11-10 20:32:39 +01:00
f9bd2d695d
bundles/postfix: add SPAM BLOCKLISt for every non-private IP attached to the server
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 14:28:12 +01:00
aad1a742b7
bundles/icinga2: add ipv6-capable check_rbl script 2020-11-10 14:26:07 +01:00
f30aa48eca
bundles/icinga2: add sshmon private key
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 13:43:46 +01:00
a176a1aa65
bundles/icinga2: introduce, install checks, install sources.list, create postgres database
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 13:37:27 +01:00
a9c00409b4
bundles/mautrix-telegram: fix item dependency error
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 13:26:03 +01:00
6cd02dc563
bundles: move non-login users to items.py
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-11-10 13:24:07 +01:00
cca4fec761
bundles/users: get default user data from users.json 2020-11-10 13:12:36 +01:00
c090a9c2c2
bundles/users: move root user to metadata 2020-11-10 12:50:08 +01:00
3fbe32518a
bundles/postgresql: rename users -> roles
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 12:37:58 +01:00
d087cea869
bundles/gitea: add monitoring 2020-11-10 11:32:59 +01:00
985f47ca99
bundles/miniflux: add monitoring 2020-11-10 11:28:40 +01:00
8cb997133a
bundles/nginx: add monitoring
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 10:57:04 +01:00
65a8efc97f
bundles/zfs: fix monitoring metadata
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 10:35:01 +01:00
f80896fa3b
bundles/postfix: add monitoring 2020-11-10 10:21:37 +01:00
420cea15d2
bundles/apt: add monitoring for unattended upgrades 2020-11-10 09:50:20 +01:00
6ca0d863b1
bundles/sudo: use sudoers.d
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 20:39:35 +01:00
c7362df6c4
bundles/sshmon: import from work repository 2020-11-09 20:31:06 +01:00
eaf268aea9
libs/tools: change resolve_identifier() to return ipv4 and ipv6 separately
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 18:46:37 +01:00
67386d9efa
bundles/cron: provide some environment, also manage /etc/crontab
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 18:24:01 +01:00
a58c5877bf
bundles/gce-workaround: uninstall gce-disk-expand, too
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 16:48:28 +01:00
4921e0b74f
bundles/systemd-networkd: use correct syntax for resolv.conf 2020-11-09 16:47:56 +01:00
6f87a1d240
bundles/systemd-networkd: also deploy resolv.conf 2020-11-09 16:38:59 +01:00
394424951f
bundles/systemd-networkd: fix naming of GatewayOnlink 2020-11-09 16:38:35 +01:00
78047da04a
bundles/postgresql: only install packages after we have a zfs dataset 2020-11-09 16:37:00 +01:00
5bd642236c
bundles/postfix: only call newaliases if we already have postfix installed 2020-11-09 16:36:26 +01:00
607da9d39b
bundles/powerdns: user resolve_identifier() for node-dns-entries 2020-11-09 15:37:48 +01:00
91fd33cfa0
bundles/systemd-networkd: better dhcp support 2020-11-09 14:58:09 +01:00
5e7c7671e0
bundles/systemd-networkd: proper config 2020-11-09 14:48:19 +01:00
fbb4e2f7a5
systemd-networkd: first draft 2020-11-09 14:08:32 +01:00
c3c510c609
bundles/mautrix-telegram: disable parallel file transfers for now 2020-11-09 13:17:38 +01:00
af97226512
nodes/htz.ex42-1048908: update mautrix-telegram to 0.9.2-rc2
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 12:16:06 +01:00
06e30cf23c
bundles/mautrix-telegram: also upgrade pip when upgrading bridge 2020-11-09 12:15:37 +01:00
90e3bb7fb2
bundles/mautrix-telegram: no need to provide our own alembic.ini 2020-11-09 12:12:04 +01:00
c0986eb956
bundles/mautrix-telegram: fix database migration
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 12:09:17 +01:00
614b920890
bundles/mautrix-telegram: pin version until database migration is fixed
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 11:27:34 +01:00
3ff5d8a7dd
bundles/postfix: add alias database
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-09 10:52:24 +01:00
64cffad6a7
bundles/rspamd: silence clamav cronjob 2020-11-08 15:03:26 +01:00
0eca42d188
bundles/dovecot: fix home directory for virtual mailboxes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-08 13:00:44 +01:00
b4b988e5f2
bundles/postfix: disable TLS1.0 and 1.1, disable weak ciphers
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-08 12:24:37 +01:00