Commit graph

1129 commits

Author SHA1 Message Date
07d5a8cdae
bundles/systemd-networkd: add BindCarrier to bonds
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 11:29:29 +01:00
7e58e9c667
bundles/icinga2: simplify template
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 09:23:00 +01:00
8434eacd94
bundles/{lldp,nfs-server,smartd}: move package dependencies to metadata 2022-02-18 22:37:07 +01:00
Sophie Schiller
a01c28da21 various bundles: fix dependencies
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 22:18:44 +01:00
14fed8bc6e
bundles/zfs: move scrub to systemd-timer
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 21:10:50 +01:00
19dee89039
rx300: pin version of mx-puppet-discord for now
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 19:02:57 +01:00
94eff087a0
bundles/users: remove PROMPT_COMMAND from bashrc 2022-02-18 17:03:54 +01:00
468a0b0023
bundles/icinga2: remove unused code in hosts_template
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 16:25:59 +01:00
d35770c122
bundles/icinga2: rework config generation - use one file per host instead of one per bundle
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 12:25:34 +01:00
1f6520ac02
bundles/sshmon: ignore prereleases and drafts 2022-02-17 18:08:02 +01:00
22759ca52a
bundles/postfix: enable smtps
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-15 18:21:12 +01:00
83d58791bb
bundles/postgresql: set recordsize=8K for zfs
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 22:05:09 +01:00
e51ad5993a
bundles/users: ensure we have kitty terminfo
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 20:45:57 +01:00
6944da6769
fix syntaxerrors
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 07:56:51 +01:00
33d2d5beff
bundles/pacman: fix unattended-upgrades 2022-02-14 07:54:44 +01:00
1ee0b38133
bundles/telegraf: properly support arch linux
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-14 07:11:14 +01:00
e45237d70e
bundles/icinga2: do not check scam blocklists
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-13 09:51:03 +01:00
3c4700eb6d
bundles/openhab: clean up old backups before doing new ones 2022-02-13 09:48:37 +01:00
60c31d2d11
bundles/pacman: add opt-in unattended-upgrades
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-13 09:43:52 +01:00
14b402cdf3
bundles/backup-server: fix TypeError in check_backup_for_node 2022-02-13 09:42:59 +01:00
e4c317f677
add bundle:systemd-boot
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-13 09:24:11 +01:00
3c763820ed
bundles/pacman: ensure we have man 2022-02-13 09:23:30 +01:00
77e152f8ce
bundles/pacman: enable paccache.timer to clean up old package versions 2022-02-13 08:55:26 +01:00
5d7872042b
bundles/backup-server: add metadata backup-client/one_backup_every_hours 2022-02-12 19:04:15 +01:00
9a8e7abef4
kunsi-p14s: do backups 2022-02-12 18:56:54 +01:00
5be2610a86
bundles/systemd-networkd: don't manage resolv.conf if using resolved 2022-02-12 18:54:56 +01:00
03d1ada220
bundles/zfs: explicitely set mountpoint for all datasets 2022-02-12 18:09:40 +01:00
32b732e509
bundles/arch-with-gui: add some backup paths 2022-02-12 18:08:04 +01:00
c073599f6f
add kunsi-p14s, add bundle:arch-with-gui
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-12 14:06:53 +01:00
87bf6fac68
bundles/zfs: use systemd-timers for zfs snapshots
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-02-12 11:29:26 +01:00
c1bb43286d
bundles/zfs: support arch linux 2022-02-12 11:24:50 +01:00
961a2891a0
bundles/systemd-networkd: fix systemd-resolved not getting started 2022-02-12 11:24:19 +01:00
40485ced8a
bundles/systemd-timers: add support for multiple commands in timer 2022-02-07 07:01:19 +01:00
bc4f6e507a
bundles/c3voc-addons: fix .provides()
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-02-06 15:31:28 +01:00
6d1a24b034
bundles/gitea: use github releases instead of dl.gitea.io (which is slow) 2022-02-06 15:25:33 +01:00
a627437fce
bundles/systemd-timers: fix shebang in check
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-06 13:42:08 +01:00
0674b3f8db
bundles/netbox: move housekeeping to systemd timers 2022-02-06 13:40:33 +01:00
0599c4dae0
add bundle:systemd-timers 2022-02-06 13:39:52 +01:00
d51d7316d0
bundles/backup-client: remove duplicate space
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-05 15:39:55 +01:00
12af28cb13
bundles/pretalx: specifying a revision is now mandatory 2022-02-05 11:42:18 +01:00
0d865c93d4
bundles/cron: use MAILTO=, rework metadata syntax 2022-02-05 11:41:41 +01:00
4cfbdb32d6
bundles/apt: check for "reboot required" in icinga check only
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
This avoids the need to manually adjust the status file after a reboot of
the server.
2022-01-30 11:43:14 +01:00
11969b6064
bundles/travelynx: changing the imprint does not require restarting the worker process
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-29 09:24:23 +01:00
8a24af27ee
bundles/openhab: backup-client/pre-hooks must not be a list
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-24 07:29:36 +01:00
b14f5aea58
bundles/openhab: also include /usr/share/openhab/addons in backups
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-24 07:28:26 +01:00
031d647864
bundles/openhab: do full backup in backup-pre-hooks
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-24 07:26:34 +01:00
0ccb983b28
bundles/apt: fix metadata key mess (unattended-upgrades vs unattended_upgrades)
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-23 05:47:42 +01:00
b21c8f6dbb
bundles/pacman: fix SyntaxError
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-13 16:04:37 +01:00
0dd9b061b9
bundles/scansnap: fix backup metadata 2022-01-13 15:54:49 +01:00
5b2e5fc838
bundles/backup-server: do not alert for one missing day of backups
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-09 08:26:08 +01:00
5df546754f
bundles/pacman: fix install_gui package definition 2022-01-09 08:23:59 +01:00
40a9ac4523
bundles/sshmon: add check if OOM killer was active
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-07 18:07:33 +01:00
14e4415e5f
bundles/backup-client: rework backup generation
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-07 08:29:34 +01:00
b20e729298
bundles/backup-server: add option to disable "last backup" check 2022-01-05 22:57:30 +01:00
c535ce24a4
bundles/backup-client: show timezone in backup check 2022-01-05 22:57:26 +01:00
35104cb8ce
bundles/backup-client: add check for last backup of specific client
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-05 22:44:55 +01:00
b5f93ceb48
bundles/zfs: fix typo
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-05 10:03:54 +01:00
c9054a243a
backups: do backup rotation ourselves instead of relying on zfs-auto-snapshot 2022-01-05 09:59:09 +01:00
b6eb12ed90
bundles/zfs: add option to disable snapshots for dataset tree 2022-01-05 09:52:20 +01:00
a3300cde98
bundles/paperless: ensure we're doing backups of the actual data, too
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-05 07:50:22 +01:00
3e0269ba99
bundles/backup-{client,server}: use node names, only deploy users to correct backup server
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 17:15:56 +01:00
5a34d9d58c
bundles/systemd-networkd: add option to enable RA for nodes without dhcp 2022-01-04 15:47:05 +01:00
245b2219ee
bundles/backup-client: spread backups further apart 2022-01-04 15:34:53 +01:00
2c4eb03214
bundles/backup-server: auto-import pool after decrypting
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 15:24:22 +01:00
fb931df4f0
bundles/apt: add flag to disable automatic rebooting
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 15:15:19 +01:00
4c59479d5c
bundles/backup-server: add option for encrypted devices 2022-01-04 15:15:16 +01:00
d0b8ccef64
add bundle:dm-crypt 2022-01-04 15:15:13 +01:00
906b63b123
move hostname stuff to libs.tools.resolve_identifier 2022-01-04 15:15:11 +01:00
36a4ebcdd6
bundles/powerdns: also try to use node.hostname for dns generation 2022-01-04 15:15:03 +01:00
dc2b2ae86b
bundles/check-mail-received: move check source to icinga2 itself 2022-01-02 14:50:32 +01:00
59fd71ac6f
update mautrix-telegram to 0.11.0 2022-01-02 13:38:23 +01:00
390f18a3a4
hooks: test zfs metadata consistency 2021-12-29 13:23:07 +01:00
0b4f0e142f
bundles/zfs: explicitely set canmount and mountpoint if not specified
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-28 16:58:42 +01:00
803e1dc411
bundles/mautrix-whatsapp: no need for regular restarts any more 2021-12-28 16:48:43 +01:00
7cfe080e6f
bundles/sshmon: add check_pypi_for_new_release
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-25 11:40:23 +01:00
0ac0fe072d
bundles/pretalx: wait for migrations before regenerating css and rebuilding stuff
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-25 10:00:26 +01:00
44fcdc7d11
bundles/icinga: set cascade_skip=False for icinga_notification_wrapper
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 16:29:18 +01:00
Sophie Schiller
d6ec8de7c6 cleanup duplicated metadata
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 15:39:28 +01:00
6292dd4c71
bundles/infobeamer-cms: config is toml now, deploy to src/
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 15:30:25 +01:00
Sophie Schiller
b39d87f33f infobeamer-cms: set sensible start time
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 14:56:02 +01:00
cda1dc2095
bundles/infobeamer-cms: use curl -s
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 13:04:31 +01:00
7dc584d8cb
bundles/infobeamer-cms: adjust config to new version
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 12:17:14 +01:00
ba294f6a6c Merge pull request 'Add new Node and bundle for infobeamer-cms' (#49) from sschi-infobeamer-cms into main
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
Reviewed-on: #49
2021-12-24 10:57:58 +00:00
caf2ff6a30
update matrix-media-repo to 1.2.10
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-24 09:23:58 +01:00
0383fa0a67
bundles/{rspamd,netbox}: update redis database number 2021-12-24 09:09:28 +01:00
Sophie Schiller
678f558f4a infobeamer-cms: WHITESPACE
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
kunsi/bundlewrap/pipeline/pr-main This commit looks good
2021-12-23 19:45:24 +01:00
Sophie Schiller
18e30178a4 letsencrypt: add openssl package
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-12-23 19:39:12 +01:00
Sophie Schiller
bac2a369c4 infobeamer-cms: make usable 2021-12-23 19:39:12 +01:00
Sophie Schiller
bf125a73b1 infobeamer-cms: initial commit 2021-12-23 19:39:06 +01:00
d288923969
get redis database mapping from libs.defaults
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-23 07:39:08 +01:00
b6b5beaa27
bundles/netbox: send update notification mails 2021-12-22 11:12:34 +01:00
b8a109efb0
bundles/sshmon: rewrite check_github_for_new_release 2021-12-22 11:09:26 +01:00
38b449af35
bundles/letsencrypt: only run dehydrated after installing it
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-19 14:17:41 +01:00
de3580a7d3
bundles/letsencrypt: ensure-some-certificate shouldn't create 10-year-certs 2021-12-19 06:36:11 +01:00
04450d4b4c
bundles/sudo: disable syslog spam
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-19 06:23:05 +01:00
5261375574
bundles/pppd: add systemd-timer to automatically update dyndns 2021-12-19 06:21:04 +01:00
376dba347f
bundles/php: allow configuring of memory_limit and clear_env 2021-12-18 18:54:00 +01:00
2b06c77439
bundles/pppd: allow dynamic configuration of nftables rules
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-14 16:18:11 +01:00
0101e0c92d
bundles/nftables: store rules in dedicated files instead of nftables.conf
All checks were successful
kunsi/bundlewrap/pipeline/pr-main This commit looks good
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-14 15:27:30 +01:00
c6c5d40084
bundles/nftables: add support for restricting to "all ipv6" and "all ipv4" 2021-12-14 12:40:54 +01:00
e2efe87308
rx300: update netbox to 3.1.0 2021-12-12 08:36:18 +01:00
7eec5c42e3
bundles/icinga2: do not send sms or mail for services when sms/mail was disabled for host
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-04 20:07:36 +01:00
0531ecd217
bundles/gitea: downloading gitea does not need restarting
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
we're stopping gitea beforehand, then start it again afterwards. No need
to restart it again.
2021-12-04 20:01:35 +01:00
d44c87e8a7
move SPAM BLOCKLIST check to icinga2 itself
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
somehow, we tend to get false positives if we run that check on the
node itself.
2021-11-28 07:26:41 +01:00
74f5b25f0d
various fixes, remove some TODOs 2021-11-27 10:40:20 +01:00
a76c60f881
bundles/nftables: fix shebang 2021-11-26 18:36:16 +01:00
632a1f6e75
voc,pretalx: install plugin lower_thirds
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-11-21 09:42:02 +01:00
998b776b9f
bundles/kodi: fix .provides()
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-11-15 21:45:41 +01:00
e4e340e431
bundles/grafana: fix spanning for battery row
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:36:45 +01:00
52fbcfb43e
bundles/grafana: add some filling to battery row
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:31:15 +01:00
7969ae9ebe
bundles/grafana: fix value for battery dashboard row
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:26:23 +01:00
e17d1ab02f
add bundle:telegraf-battery-usage
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-15 21:18:42 +01:00
e10ac0e57f
bundles/matrix-{media-repo,synapse}: catch all them metrics into influxdb
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-09 18:26:52 +01:00
8f6b8632f5
bundles/{element-web,hedgedoc,powerdnsadmin}: use 'yarn install --ignore-scripts' 2021-11-09 18:10:22 +01:00
33b6700848
bundles/mautrix-whatsapp: use precompiled binary 2021-11-09 18:10:17 +01:00
Sophie Schiller
eef463afbd hedgedoc: forbid access to metrics and stats
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-09 11:58:11 +01:00
Sophie Schiller
55798ac704 hedgedoc: add telegraf config for hedgedoc metrics
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-09 11:48:03 +01:00
0398df8f3a
bundles/openhab: fix website_check_string
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-10-31 10:31:13 +01:00
0412c9042a
bundles/wireguard: fix stderr handling of wg_health_check
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-10-31 09:49:37 +01:00
f482874310
home.openhab: install and configure openhab
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-10-31 09:43:53 +01:00
2f885e7bfb
bundles/kodi: allow websocket port in firewall 2021-10-31 09:43:07 +01:00
ee86b5a121
bundles/wireguard: less spammy output for wg_health_check
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-30 19:36:20 +02:00
0a131b4248
bundles/grafana: add voltages and power usage to ipmitool
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-18 19:48:19 +02:00
8300f48541
add bundle:ipmitool, add grafana dashboard row
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-18 19:42:27 +02:00
92b2e19e44
bundles/grafana: fix line width for fans 2021-10-18 19:41:16 +02:00
3775bcb9db
bundles/telegraf: add cache directory 2021-10-18 19:34:20 +02:00
5885e4b043
bundles/users: add lsb_release and local date to status line
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-16 07:42:19 +02:00
29eef9ec59
htop: fix sorting 2021-10-16 07:38:57 +02:00
94cba4283b
bundles/pretalx: fixup cron
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-15 20:10:46 +02:00
86953e60bd
bundles/pretalx: add script to automatically set is_administrator and is_staff based on group membership
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-15 20:03:15 +02:00
095d425de1
bundles/wireguard: do not run wg_health_check during bw apply 2021-10-14 09:02:01 +02:00
9188b28b7a
bundles/wireguard: add wg_health_check
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-14 08:54:54 +02:00
61e5591628
bundles/systemd-networkd: fix bridge-in-bridge-setup on home.nas not working properly
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-11 20:46:07 +02:00
8656f99f8e
bundles/wireguard: re-add reconnect script for added resiliency
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-30 06:37:42 +02:00
30d4d989fc
add bundle:bird 2021-09-29 19:45:18 +02:00
fe44417b14
bundles/systemd-networkd: add dummy interfaces 2021-09-29 19:44:37 +02:00
996ef6e115
bundles/nftables: more sorted() 2021-09-29 19:44:13 +02:00
5f1f4fd654
bundles/wireguard: add option 'snat_to' for connections 2021-09-29 19:43:29 +02:00
902840ee7f
bundles/wireguard: use one wireguard connection per peer instead of one for all 2021-09-29 19:27:13 +02:00
2b0e3a4bf0
bundles/powerdns: use only public ips or those attached to physical interfaces to create dns records
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-25 11:08:18 +02:00
b81153e957
bundles/netbox: fix upgrade command
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-22 16:43:59 +02:00
05d69c1f12
bundles/powerdns: use named-checkzone to verify zone integrity 2021-09-22 16:42:26 +02:00
bb8910d15f
bundles/gitea: use metadata.get() 2021-09-22 16:38:27 +02:00
b21f7c856a
bundles/gitea: switch to new file type 'download' 2021-09-21 07:55:15 +02:00
ed2bb66e3e
bundles/basic: add links to icinga, grafana and nginx vhosts to login message 2021-09-16 19:33:11 +02:00
5a7d0b0afd
bundles/icinga2: don't skip everything if check_sipgate_account_balance can't get applied 2021-09-16 19:33:08 +02:00
Sophie Schiller
c9f9a27096 bundle/hedgedoc add new csp defaults
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-14 20:23:01 +02:00
Sophie Schiller
738dbd94a0 bundle/hedgedoc improve dependencies 2021-09-14 20:23:01 +02:00
Sophie Schiller
481c1c85e5 bundle/nginx set instead of HTTPS 2021-09-14 20:23:01 +02:00
Sophie Schiller
77a14a0017
bundle/hedgedoc remove quoting inconsistencies
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-11 20:24:10 +02:00