Commit graph

872 commits

Author SHA1 Message Date
9bf0b8a0b0
bundles/gitea: use zfs datasets for all data 2021-07-09 16:22:10 +02:00
82dd354f92
bundles/gitea: fix permissions for /home/git/.ssh 2021-07-09 16:15:38 +02:00
95c5e0b6ea
bundles/gitea: use generic vhost name 2021-07-09 15:55:31 +02:00
3c23de4dfa
bundles/grafana: fix nginx vhost config
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-04 20:10:19 +02:00
9021c6f853
bundles/grafana: fix permissions for some files and directories
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-04 20:06:35 +02:00
cbc0a1a927
nodes/htz.ex42-1048908: fix X-Forwarded-For header for matrix-media-repo
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-04 20:03:22 +02:00
b5ab21549d
bundles/nginx: rename 'proxy' metadata to 'locations', support more generic options, move extras files to metadata
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-04 19:28:03 +02:00
c87a8e2f15
bundles/pretalx: use pip install -e for locally existing code
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-02 18:45:59 +02:00
e091adaa64
bundles/nginx: increase buffer sizes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-02 18:21:57 +02:00
9c1b4f5dbe
move travelynx.franzi.business to rx300
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-02 16:15:31 +02:00
8ef6522ead
bundles/travelynx: needs directory to git_deploy into 2021-07-02 15:48:48 +02:00
f9e2715b30
bundles/systemd-networkd: removal of unmanaged files must also trigger restart of systemd-networkd 2021-07-02 15:03:47 +02:00
7ac7c1a2b7
bundles/cron: ensure cron is installed and running 2021-07-02 06:36:51 +02:00
9816da4f85
bundles/postgresql: only install postgresql-server-dev-* if needed 2021-07-01 18:22:38 +02:00
210ae8dd2e
bundles/zfs: debian bullseye does not need zfs from backports 2021-07-01 18:19:24 +02:00
686aa533e8
bundles/grafana: change logBase for nginx timing dashboard
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-01 16:34:17 +02:00
d32f675de7
bundles/miniflux: use vhost with generic name 2021-07-01 16:04:56 +02:00
68e79b4883
bundles/nginx: only add well-known alias for vhosts which use letsencrypt 2021-07-01 16:04:46 +02:00
20f4c182ad
bundles/pacman: ensure we have run-parts
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-30 06:22:06 +02:00
7f27762054
bundles/zfs: report *used*, not free storage space 2021-06-29 15:18:31 +02:00
f01e24f995
bundles/postgresql: wait 10s after restarting 2021-06-29 14:23:51 +02:00
7b00e7484e
fix monitoring for arch linux hosts
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-28 19:59:54 +02:00
dfbdbe73bd
bundles/icinga2: only nodes which have bundle:apt have unattended-upgrades (for now) 2021-06-28 19:48:05 +02:00
450fb3f87a
bundles/kodi: do not install libcec4
All checks were successful
bundlewrap/pipeline/head This commit looks good
It's not available in bullseye (but libcec6), but we don't need it
anyway, because we're not using cec here.
2021-06-27 07:17:05 +02:00
cd6e4b9767
bundles/influxdb2: disable atime for zfs dataset
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-26 08:19:55 +02:00
2193e0ca53
bundles/grafana: fix units for zfs panels
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-25 20:16:13 +02:00
7d4a99344b
bundles/zfs: enable autotrim on debian bullseye and above
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-25 20:05:35 +02:00
1c10be5cdc
bundles/zfs: add per-dataset metrics 2021-06-25 20:04:30 +02:00
9cc324f84c
bundles/backup-server: enable compression for backups 2021-06-25 20:04:10 +02:00
a793bb5fc1
bundles/zfs: rename zfs_arc_max_mb to zfs_arc_max_gb
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-25 18:39:06 +02:00
Sophie Schiller
b949ba3e72 bw/home.kodi-wohnzimmer update to bullseye
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-23 18:07:43 +02:00
68865895e5
bundles/grafana: set decimals=0 for fan speed info 2021-06-19 14:18:30 +02:00
8d331b0086
bundles/nginx: always use first of month for security.txt expiry
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-19 08:49:10 +02:00
fc5e163fb9
bundles/miniflux: use health check endpoint
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-12 10:11:17 +02:00
05670ac2bb
bundles/icinga2: less code for icinga statusmonitor
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-11 16:49:12 +02:00
455d4d7551
bundles/sshmon: fix occasional KeyErrors in check_cpu_stats
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-06 17:59:58 +02:00
94dba9139b
bundles/mosquitto: rewrite tasmota-telegraf-plugin using paho-mqtt library
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-06 15:17:34 +02:00
fa4fe51155
bundles/backup-client: do logging
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-06 08:05:41 +02:00
82d2e5b416
bundles/grafana: hide empty/zero values in lm-sensors dashboard row
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-05 21:39:48 +02:00
840d8228ed
bundles/grafana: fix line width for lm-sensors dashboard row
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-05 15:58:00 +02:00
db83b1614b
bundles/nginx: add anonymous timing logging for http requests
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-05 15:53:02 +02:00
72d4826dbb
remove bundle:netdata - we have telegraf and grafana now
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-05 13:28:25 +02:00
91cf6cd1e5
move lm-sensors to its own bundle, add to hardware systems 2021-06-05 12:23:09 +02:00
5dde5d1642
bundles/apt: no --force-confdef in unattended upgrades
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-05 11:13:51 +02:00
6138db1089
bundles/matrix-synapse: no statistics 2021-06-05 11:13:19 +02:00
ff85191bbe
bundles/radvd: fix typo
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-04 07:28:40 +02:00
95856a2c2d
add bundle:sysctl 2021-06-04 07:28:26 +02:00
8d21e15106
bundles/pppd: restart nftables if it isn't running 2021-06-04 07:20:59 +02:00
1fbc08f74b
bundles/nginx: add a default security.txt to all vhosts
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-03 18:57:25 +02:00
0a7e5bcdcd
move default values to libs/defaults 2021-06-03 18:27:45 +02:00
5369490b79
bundles/postfix: fix spam blocklist timeout 2021-06-03 14:31:03 +02:00
5c83287057
EOL bundle:iptables
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-03 13:59:50 +02:00
d569b00960
modify nodes and bundles for new nftables syntax 2021-06-03 13:59:36 +02:00
ecb67d012b
bundles/nftables: introduce 2021-06-03 13:57:50 +02:00
faf27a3940
bundles/nfs-server: support using node names for shares
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-03 07:45:56 +02:00
09397e2597
bundles/users: fix adding of non-admin users 2021-06-01 16:53:29 +02:00
47c18913ca
bundles/pacman: install htop 2021-06-01 16:53:14 +02:00
fba83415c7
bundles/letsencrypt: prepare for arch linux 2021-06-01 16:52:52 +02:00
cf3c45fdd5
bundles/nginx: prepare for arch linux 2021-06-01 16:52:03 +02:00
6b90d568cf
bundles/postfix: use dig in check_spam_blocklist instead of a python library
All checks were successful
bundlewrap/pipeline/head This commit looks good
The library isn't available as a debian package, so we would have to
manually install that every time the python package updates its minor
version number.
2021-05-29 09:29:40 +02:00
3468b719ed
bundles/nginx: default vhost always supports letsencrypt 2021-05-24 19:19:10 +02:00
Sophie Schiller
1461cf2827 bw/home.paperless-sophie add sophie's paperless host
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-24 19:04:59 +02:00
6bfcd87976
bundles/paperless-ng: ensure we have static files
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-24 15:02:04 +02:00
Sophie Schiller
9a60d36a03 scan bright colors
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-24 11:01:13 +02:00
5d4ca086e6
bundles/scansnap: do ocr in a separate process to speed up scanning
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-24 10:24:01 +02:00
d193ec8ef3
bundles/paperless: set some options 2021-05-24 10:23:19 +02:00
df3e18b476
bundles/paperless: fix media path
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-23 18:41:56 +02:00
22c98a4206
nodes/home.paperless: introduce
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-23 17:41:19 +02:00
3a44a9fbfb
bundles/vmhost: only install qemu-kvm for debian buster and older
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-23 14:54:47 +02:00
46f7aa93ef
bundles: fix dependencies 2021-05-23 14:54:24 +02:00
8dc66421c0
bundles/basic: don't rewrite /etc/locale.gen every time 2021-05-23 14:53:45 +02:00
5a182fadef
make some bundles arch-compatible, more default packages for arch 2021-05-23 14:36:16 +02:00
97cbef06a2
bundles/grafana: remove derivative from temperature and fan graphs
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-20 06:51:10 +02:00
8568298a4e
bundles/grafana: make sure we have backups of the grafana database
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-19 20:56:34 +02:00
e54135b014
bundles/telegraf: it's "command" for execd, not "commands", because ... who knows
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-19 20:50:18 +02:00
df192e543b
bundles/transmission: add telegraf statistics
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-05-19 20:12:52 +02:00
3b3bdeecab
bundles/pacman: add lm_sensors to telegraf, add dashboard row 2021-05-19 18:46:22 +02:00
9e07af289e
bundles/scansnap: don't try to delete output directory
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-19 06:35:18 +02:00
3e9c28b8ae
bundles/zfs: no 'set -e' in backup-pre-hook
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-16 07:53:27 +02:00
976aa251d1
bundles/zfs: actually unmount snapshots before trying to destroy them
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-16 07:43:31 +02:00
479b730be4
bundles/zfs: introduce zfs-snapshot-backups, enable backups for nodes which need zfs-snapshot-backups
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-15 20:32:23 +02:00
25b305bddf
bundles/mosquitto: fix .provides()
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-15 08:58:15 +02:00
32826ed131
bundles/mosquitto: add telegraf stats for tasmota devices
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-05-15 08:52:37 +02:00
eb6ae208cb
bundles/grafana: fix file system permissions
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-15 07:33:21 +02:00
d9595ad8e6
bundles/icinga2: fix typo in check_usv_snmp 2021-05-15 07:28:15 +02:00
07c3d93e7d
bundles/miniflux: make sure to restart process if it crashes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-15 06:50:11 +02:00
8e45b93b78
bundles/powerdnsadmin: yarn isn't installed globally any more
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-14 20:15:49 +02:00
Sophie Schiller
d3c9550463 bundle/postgresql add dependencies, remove redundant config 2021-05-14 20:06:42 +02:00
Sophie Schiller
a656eb7eb3 bundle/nodejs remove yarn install 2021-05-14 20:05:04 +02:00
Sophie Schiller
88cfbc0699 bundle/matrix-synapse update dependencies, improve postgres database
creation
2021-05-14 20:03:56 +02:00
Sophie Schiller
bd19749971 bundle/matrix-media-repo update dependencies and needs 2021-05-14 20:02:39 +02:00
Sophie Schiller
3c5e778016 bundle:/element-web install yarn from npm instead of apt 2021-05-14 20:01:19 +02:00
459c7731cb
bundles/backup-client: use --compress-level=1 instead of -z 2021-05-14 10:47:58 +02:00
7775f33679
bundles/apt: move patchday to 21:00 UTC 2021-05-13 09:10:33 +02:00
fab9a41024
bundles/c3voc-addons: use new way of doing updates, too
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-11 06:21:42 +02:00
276bd6ae8d
bundles/apt: rework upgrade-and-reboot mechanics to be more robust
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-08 08:31:04 +02:00
c976be62d7
bundles/grafana: only refresh managed dashboards every minute
All checks were successful
bundlewrap/pipeline/head This commit looks good
After all, we're only getting data every minute, so there's no point
in refreshing more often.
2021-05-02 19:57:32 +02:00
c1b1dc1a29
bundles/grafana: add support for custom managed dashboards 2021-05-02 17:49:40 +02:00
fe668fd5d4
bundles/grafana: add "traffic per interface" graphs, fix naming of values
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-02 15:01:22 +02:00
0f387102b3
bundles/postgresql: do not collect metrics for telegraf database
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-02 14:01:26 +02:00
ada87897a4
bundles/grafana: add wireguard graphs 2021-05-02 13:55:41 +02:00
40160fb25a
bundles: remove telegraf metrics from systemd-networkd and icinga2 2021-05-02 13:18:35 +02:00
3b1d1f7e94
add postgresql metrics to telegraf/grafana
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-02 13:09:01 +02:00
1bc47fa231
bundles/grafana: fix y axis for disk iops graph
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-02 12:07:49 +02:00
ae0bb8ed58
bundles/postfix: rework exporter for better usability 2021-05-02 12:06:53 +02:00
9b9465502a
bundles/grafana: add postfix graph
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-02 11:55:34 +02:00
0b972bc464
bundles/grafana: add nginx
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-02 11:34:55 +02:00
b299edbef4
bundles/grafana: add "free" to memory row
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-02 11:05:01 +02:00
68fed2439d
bundles/apt: fix "set -x" call
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-02 10:45:21 +02:00
c548a88ee7
bundles/grafana: introduce, add to htz-cloud.influxdb 2021-05-02 10:44:50 +02:00
1a1ea721d9
bundles/telegraf: also work for arch linux systems 2021-05-02 07:32:54 +02:00
8c276b53a6
nodes/home.nas: enable x11 forwarding for admins
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-01 15:18:21 +02:00
75fea7aa34
bundles/gitea: add a ssh key, enable git hooks for htz.ex42-1048908
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-01 14:27:31 +02:00
8a95dfa90a
nodes/home.downloadhelper: restrict lldp to vlan 42
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-01 10:05:24 +02:00
3de85e6717
bundles/webfs: introduce 2021-04-30 19:40:45 +02:00
30efde6eb3
bundles/apt: remove unneeded if
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-30 13:30:10 +02:00
b235519ecf
bundles/apt: "set -xeuo pipefail" for upgrade-and-reboot
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-30 12:51:09 +02:00
8fd83241ca
bundles: ensure apt/repos/*/items is a set 2021-04-30 12:49:59 +02:00
44d42de81c
bundles/nginx: only redirect to ssl for sites which actually have ssl enabled
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-25 09:20:16 +02:00
d98a1adfd9
bundles/ssl: support using a preexisting ssl certificate 2021-04-25 09:09:23 +02:00
019d658442
bundles/icinga2: add check_usv_snmp
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-25 08:02:04 +02:00
ffd899534a
bundles/telegraf: use node.metadate.get() everywhere
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-24 14:51:01 +02:00
e9ce0ce869
bundles/systemd-networkd: add missing key to .provides()
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-24 12:38:51 +02:00
966ee7dae9
bundles/unbound: set correct statistics interval 2021-04-24 12:00:09 +02:00
a9692317d2
bundles/telegraf: temporarily hardcode a repo path
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-04-24 11:47:28 +02:00
6772b3b5d0
bundles: various fixes for telegraf plugins
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-04-24 11:45:58 +02:00
a980e22ecb
bundles/telegraf: support requesting additional capabilities and/or groups 2021-04-24 11:44:55 +02:00
dc0695e38f
bundles/influxdb: introduce 2021-04-24 10:17:56 +02:00
c97d9ab948
bundles/postfix: use own postqueue exporter 2021-04-24 10:17:05 +02:00
76f46ca7d5
bundles/telegraf: add sudoers file 2021-04-24 10:12:56 +02:00
2432075f9a
bundles/telegraf: ensure telegraf is running, restart on config changes 2021-04-24 10:05:52 +02:00
f58e66f701
bundles/c3voc-addons: make sure we're not accidentially overwriting c3voc telegraf config 2021-04-24 09:44:31 +02:00
2667a2c00d
libs: replace libs.toml.dict_to_toml with libs.faults.resolve_faults
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-24 09:39:08 +02:00
a37d31973a
bundles: add some telegraf plugins 2021-04-24 09:14:25 +02:00
5e0541aef8
bundles/telegraf: introduce 2021-04-24 09:14:21 +02:00
ebb6d287b2
bundles/icinga2: add node name to automatic downtime comment
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-23 14:30:34 +02:00
8b14575657
bundles/postgresql: add metadata keys for some performance related config options 2021-04-23 14:02:04 +02:00
616feb54b2
bundles/sshmon: fix an issue where check_mounts couldn't properly detect systemd mount units 2021-04-23 14:01:24 +02:00
c0ff320281
bundles/scansnap: set proper permissions for /srv/scansnap 2021-04-21 18:25:37 +02:00
c79b3f77c2
bundles/scansnap: cleanup old scans 2021-04-21 18:20:47 +02:00
0c0a8e6263
bundles/scansnap: chown files to nobody-nogroup 2021-04-21 18:18:27 +02:00
b5fb5dd6c2
bundles/scansnap: introduce, add to home.nas 2021-04-21 17:58:16 +02:00
5e49e3204b
bundles/nfs-server: sort shares 2021-04-21 17:56:53 +02:00
24362768fb
bundles/dhcpd: rework metadata
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-20 18:18:17 +02:00
12c04cf3be
bundles/users: some more bash config 2021-04-19 20:39:57 +02:00
8536e87475
bundles/systemd-networkd: some more dhcp settings
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-18 11:05:42 +02:00
51ee9be424
bundles/radvd: advertise atleast every 30 seconds 2021-04-18 11:05:10 +02:00
4973c63e62
bundles/icinga2: remove icinga_options/downtime_also_for, add host dependencies via icinga_options/also_affected_by
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-17 09:21:51 +02:00
4d5e75df68
bundles/icinga2: introduce icinga_options/downtime_also_for
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-17 03:43:08 +02:00
6a88040826
bundles/nginx: disable Federated Learning of Cohorts for all hosts
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-16 18:36:50 +02:00