Commit graph

286 commits

Author SHA1 Message Date
Sophie Schiller
8a2ee1bd00 open firewall to rechenmonster for fossgis releasing
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-10 18:20:56 +01:00
Sophie Schiller
6c6066d93a open firewall to rechenmonster for fossgis releasing
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-09 20:31:13 +01:00
Sophie Schiller
4458afe654 open firewall to rechenmonster for fossgis releasing
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-08 15:06:42 +01:00
e3c2650a89
home.nas: add inbox
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-03-06 11:09:57 +01:00
e909144544
bw/bundles/postgresql: do not auto-detect postgresql version from debian version
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-27 12:51:53 +01:00
5de7e0245a
home.rechenmonster: fix trailing whitespace
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-19 17:46:14 +01:00
75e1ab0db4
home.rechenmonster: enable smartd, sort metadata
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 22:37:20 +01:00
Sophie Schiller
3455e6daa2 add more config to rechenmonster 2022-02-18 22:18:27 +01:00
Sophie Schiller
266fd5aaa8 home.rechenmonster: upgrade to real node
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-18 21:21:26 +01:00
8e9097a8c1
home.nas: split nas_permissions timer to multiple commands
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-02-07 07:01:50 +01:00
46e6b0f704
home.nas: move cron jobs to systemd timers 2022-02-06 13:40:54 +01:00
2a3a26c333
home.nas: system is no longer backup target, do run scrub at night 2022-02-06 08:51:44 +01:00
c43129104d
home.nas: more backup paths 2022-02-05 15:39:33 +01:00
0d865c93d4
bundles/cron: use MAILTO=, rework metadata syntax 2022-02-05 11:41:41 +01:00
c6078e566c
home.nas: uninstall youtube-dl
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-24 20:04:10 +01:00
Sophie Schiller
248133a632 bw/home.wled-wohnzimmer set new mac address
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-23 13:55:43 +01:00
0ccb983b28
bundles/apt: fix metadata key mess (unattended-upgrades vs unattended_upgrades)
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2022-01-23 05:47:42 +01:00
07157b6335
home.nas: disable automatic reboot after updates 2022-01-23 05:09:36 +01:00
05f87bad77
home.nas: do some backups 2022-01-13 15:56:57 +01:00
c9054a243a
backups: do backup rotation ourselves instead of relying on zfs-auto-snapshot 2022-01-05 09:59:09 +01:00
fd1e2690f8
remove home.octoprint-leapfrog
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 17:35:59 +01:00
3e0269ba99
bundles/backup-{client,server}: use node names, only deploy users to correct backup server
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 17:15:56 +01:00
3d90f544bf
groups/linux: change backup host to htz-hel.backup-kunsi
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-01-04 15:52:24 +01:00
5a34d9d58c
bundles/systemd-networkd: add option to enable RA for nodes without dhcp 2022-01-04 15:47:05 +01:00
956185fde1
home.nas: fix local mqtt topic for c3voc bridge 2021-12-25 20:11:09 +01:00
2b06c77439
bundles/pppd: allow dynamic configuration of nftables rules
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-14 16:18:11 +01:00
0101e0c92d
bundles/nftables: store rules in dedicated files instead of nftables.conf
All checks were successful
kunsi/bundlewrap/pipeline/pr-main This commit looks good
kunsi/bundlewrap/pipeline/head This commit looks good
2021-12-14 15:27:30 +01:00
74f5b25f0d
various fixes, remove some TODOs 2021-11-27 10:40:20 +01:00
c0b5dbe89a
home.openhab: fix backup server address
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-11-02 18:03:19 +01:00
f482874310
home.openhab: install and configure openhab
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2021-10-31 09:43:53 +01:00
980bea3351
add node home.openhab 2021-10-26 15:38:01 +02:00
f02088d9fe
nodes/home.router: enable wg_health_check
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-10-14 09:02:29 +02:00
b7482008df
home.router: add hosts entry for wireguard box
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-30 06:48:22 +02:00
13057d6f76
home.router: remove openvpn client 2021-09-29 20:36:34 +02:00
89f91f3857
nodes: add bird to wireguard nodes
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-09-29 19:47:14 +02:00
74ba98624b
home.nas: install requirements for compiling yate 2021-09-16 19:33:05 +02:00
3f38497585
bundles/vmhost: add metadata reactor to add all admins to 'libvirt' group
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-22 07:25:46 +02:00
ece7b343f9
nodes/home.router: disable sms alerts for now
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-22 07:14:47 +02:00
08485aa827
nodes/home.nas: add second bridge where LAN is available untagged 2021-08-22 07:13:32 +02:00
4167d3cb22
update to bw 4.11.2
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-08-17 18:10:35 +02:00
bd10dc578f
bundles/pppd: refactor check_dyndns_update
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
We don't care about what the DNS provider said when updating the ip
address. The only thing we care about is wether the current external ip
of the system matches the resolved ip address.
2021-08-14 08:00:43 +02:00
4082540b7d
home.nas: add one more ssh key to qcn user
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-25 09:40:49 +02:00
0d9e9ffa4b
home.nas: add read-only rsync user for movie storage
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-24 12:10:54 +02:00
46fcd1670f
fix mac address for home.winkeeinhorn-vm
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-22 16:24:51 +02:00
cee2a41771
items/zfs_pool: rewrite item to support all kinds of zfs pools
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 18:12:57 +02:00
77f785135d
groups/home: add icinga host dependencies
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
2021-07-17 09:21:43 +02:00
b5ab21549d
bundles/nginx: rename 'proxy' metadata to 'locations', support more generic options, move extras files to metadata
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-07-04 19:28:03 +02:00
b7935e59e7
nodes/home.paperless: increase max_body_size 2021-07-02 15:49:17 +02:00
bb15d1217f
nodes/home.nas: more ram
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-26 06:18:01 +02:00
a793bb5fc1
bundles/zfs: rename zfs_arc_max_mb to zfs_arc_max_gb
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-25 18:39:06 +02:00
Sophie Schiller
b949ba3e72 bw/home.kodi-wohnzimmer update to bullseye
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-23 18:07:43 +02:00
e3578e669c
nodes/home.nas: add cronjob
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-12 08:56:38 +02:00
3fc51d9eba
nodes/home.nas: move scrub to where it does not interfere with backups 2021-06-06 08:03:16 +02:00
72d4826dbb
remove bundle:netdata - we have telegraf and grafana now
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-05 13:28:25 +02:00
91cf6cd1e5
move lm-sensors to its own bundle, add to hardware systems 2021-06-05 12:23:09 +02:00
95856a2c2d
add bundle:sysctl 2021-06-04 07:28:26 +02:00
d569b00960
modify nodes and bundles for new nftables syntax 2021-06-03 13:59:36 +02:00
faf27a3940
bundles/nfs-server: support using node names for shares
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-06-03 07:45:56 +02:00
a6434bd8d0
create dedicated user for kunsi work laptop 2021-06-01 16:55:16 +02:00
79facf2409
nodes/home.paperless: set backup target
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-24 19:19:24 +02:00
Sophie Schiller
1461cf2827 bw/home.paperless-sophie add sophie's paperless host
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-24 19:04:59 +02:00
d193ec8ef3
bundles/paperless: set some options 2021-05-24 10:23:19 +02:00
fa59c547a9
nodes/home.paperless: add vhost extras for static files
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-23 18:11:57 +02:00
22c98a4206
nodes/home.paperless: introduce
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-23 17:41:19 +02:00
32826ed131
bundles/mosquitto: add telegraf stats for tasmota devices
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-05-15 08:52:37 +02:00
d51cded72d
nodes/home.router: use debian buster nginx repo for now
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-15 06:58:42 +02:00
dccdd4d97f
nodes/home.octoprint-vielschichtigkeit: remove node
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-13 09:11:33 +02:00
7775f33679
bundles/apt: move patchday to 21:00 UTC 2021-05-13 09:10:33 +02:00
c41c43cd5c
nodes/home.nas: more snapshot for storage/nas 2021-05-08 11:07:12 +02:00
8c276b53a6
nodes/home.nas: enable x11 forwarding for admins
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-01 15:18:21 +02:00
8a95dfa90a
nodes/home.downloadhelper: restrict lldp to vlan 42
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-05-01 10:05:24 +02:00
a8e07c62c3
nodes/home.router: add ssl to vnstat nginx vhost 2021-04-25 09:10:05 +02:00
019d658442
bundles/icinga2: add check_usv_snmp
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-25 08:02:04 +02:00
1360a36a95
nodes/home.router: poll switch and usv more often 2021-04-24 14:58:09 +02:00
e5c49ab172
nodes/home.router: add snmp plugin to telegraf
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-24 14:32:27 +02:00
8687cd6bfa
nodes/home.nas: set zfs snapshot settings for storage/scan
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-21 18:26:10 +02:00
0c0a8e6263
bundles/scansnap: chown files to nobody-nogroup 2021-04-21 18:18:27 +02:00
b5fb5dd6c2
bundles/scansnap: introduce, add to home.nas 2021-04-21 17:58:16 +02:00
24362768fb
bundles/dhcpd: rework metadata
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-20 18:18:17 +02:00
0028e0fcd0
nodes/home.downloadhelper: do not send hostname via dhcp
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-19 20:42:15 +02:00
0c59af2fdc
nodes/home.octoprint-vielschichtigkeit: set exclude_from_monitoring 2021-04-17 09:40:02 +02:00
4973c63e62
bundles/icinga2: remove icinga_options/downtime_also_for, add host dependencies via icinga_options/also_affected_by
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-17 09:21:51 +02:00
4d5e75df68
bundles/icinga2: introduce icinga_options/downtime_also_for
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-17 03:43:08 +02:00
ac58f2a10c
nodes/home.router: fix dhcp config for dmz 2021-04-10 12:09:24 +02:00
3a7d612c7a
nodes/home.router: update to bullseye 2021-04-10 09:20:34 +02:00
Sophie Schiller
913f2cde8f switch to new kodi with old name
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-09 21:13:24 +02:00
Sophie Schiller
995ae2f55f add new kodi minion
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-09 20:54:53 +02:00
28eb3f023c
nodes/home.openwebrx: reuse pi for home.octoprint-leapfrog
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-05 19:50:36 +02:00
68b8cf28d3
nodes/home.{nas,router}: fix firewall for netdata and nginx
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-04 11:30:50 +02:00
c418102000
bundles/netdata: fix iptables default 2021-04-04 10:30:45 +02:00
9cbf866de7
bundles/mosquitto: introduce, add to node home.nas
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-04-03 09:36:47 +02:00
6e423c24fb
bundles/wireguard: rework metadata.py
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2021-04-01 16:27:31 +02:00
d787f8b0a3
bundles/systemd-networkd: rework routes 2021-04-01 16:25:24 +02:00
b52a196c73
bundles/nginx: add configuration option for client_max_body_size
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-30 21:26:25 +02:00
72831ee386
nodes/home.nas: one cronjob for permissions instead of three
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-28 16:44:01 +02:00
83db4ba886
nodes/home.nas: add firewalling for yate sip server
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-26 18:55:20 +01:00
691c3e7bc2
iptables: add some missing rules
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-21 12:27:03 +01:00
087bc4c669
nodes: iptables for all
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-21 11:44:52 +01:00
5775001301
bundles/postfix: add iptables config 2021-03-21 11:11:49 +01:00
9e1685531c
nodes/home.router: add iptables rule for mail
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-15 11:48:35 +01:00
3fcd81960e
bundles/postfix: allow configuring mynetworks
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-15 11:41:35 +01:00
f6ecf2a465
bundles/nfs-client: support arch linux
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-11 15:24:06 +01:00
f57681b098
nodes: move wireguard stuff to 172.19.136.0/25
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-03-07 14:39:04 +01:00
74d81eb7ba
bundles/nginx: support disabling ssl for each vhost individually
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-20 14:25:27 +01:00
56ff2a794f
nodes/home.router: enable sms notifications for monitoring 2021-02-19 14:46:29 +01:00
debabe85b0 nodes/home.router: add dhcp and ipv6 to DMZ 2021-02-19 12:02:46 +00:00
d1b1ca7729
nodes/home.openwebrx: introduce
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-16 08:43:10 +01:00
5c1eba0d58
bundles: use a common metadata key for firewall restrictions, use repo.libs.tools.resolve_identifier()
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-15 14:16:35 +01:00
6527c985a7
nodes/home.router: add wg0 to allowed interfaces for netdata and nginx
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-02-14 21:42:50 +01:00
d7398135d1
nodes/home.wled-wohnzimmer: add node 2021-02-06 09:39:36 +01:00
5d1fc22813
nodes/home.downloadhelper: install netdata
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-16 15:43:42 +01:00
4e6be9b51e
nodes/home.nas: less snapshots for storage/download 2021-01-10 10:02:25 +01:00
8e54d6eb23
add monitoring for freifunk nodes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-09 11:03:23 +01:00
33b85ff0de
bundles/transmission: add bundle, add to home.downloadhelper
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-08 17:00:08 +01:00
dca13263e2
bundles/systemd-networkd: add option for setting static routes 2021-01-08 16:09:59 +01:00
c49d9ffc56
nodes/home.downloadhelper: add node, add storage on home.nas 2021-01-07 22:15:14 +01:00
Sophie Schiller
f6eeda0235 update ip-addresses and macs
All checks were successful
bundlewrap/pipeline/head This commit looks good
2021-01-04 07:24:57 +01:00
fc94e63467
nodes/{home.nas,rx300}: remove bond priority (unused) 2021-01-02 12:18:41 +01:00
379dc9e1fe
nodes/home.nas: fix LACP priority 2021-01-01 21:59:49 +01:00
ed325848ab
nodes/home.router: refine forwarding rules for enp1s0.23
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-31 22:30:10 +01:00
1a9fadce70
nodes/home.router: allow ICMP and SSH via IPv6 to all hosts behind this router
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-31 21:28:15 +01:00
55058bdfd9
nodes/home.{nas,usv01}: add comments about Dell Local Node Manager
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-25 15:26:23 +01:00
4d853c974c
nodes/home.{sw01,usv01}: add to monitoring
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-22 16:54:38 +01:00
7bf77f9a49
home.nas: add ZFS cache disk to S.M.A.R.T. checks
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-18 18:00:32 +01:00
da4b139095
bundles/{radvd,wide-dhcp6c}: remove metadata key integrate-with-pppd
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-18 16:30:17 +01:00
ec62dfdb9a
home.kodi-wohnzimmer: disable smart checks 2020-12-18 08:42:36 +01:00
3eeb253e55
bundles/unbound: introduce, add to nodes
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-13 14:59:44 +01:00
2c062761e3
nodes/home.router: add work ssh keys 2020-12-12 09:12:26 +01:00
41ff060e99
nodes/home.router: fix restart_pppd cronjob 2020-12-12 09:12:05 +01:00
bd217f0666
bundles/pppd: automatically restart pppoe (once per hour) if no public ip address can be found
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-12-10 16:14:17 +01:00
b80c0b12fe
home.router: add c3voc vpn 2020-12-08 17:45:30 +01:00
8a1a1bd8fd
home.router: sort metadata 2020-12-06 19:52:32 +01:00
295ff72b4b
bundles/smartd: introduce, add to hosts where *we* need to keep track of disk health
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-29 12:07:27 +01:00
1bfeead5e8
nodes/home.nas: change nfs-mount options for /storage/nas 2020-11-29 12:05:51 +01:00
d19f0dd5bd
nodes/home.nas: add backup target for kunsi-t470 2020-11-27 03:10:11 +01:00
c1885e20b6
nodes/home.octoprint-vielschichtigkeit: fix ifnames, fix vhost 2020-11-25 21:26:21 +01:00
4f5e462c94
bundles/octoprint: add update check 2020-11-21 20:35:29 +01:00
58ca3fa9ae
bundles/wireguard: add netdev and network files, add iptables rules
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-21 15:38:38 +01:00
70513c47fa
nodes/home.*: set icinga_options
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-21 11:31:40 +01:00
63fd31c226
bundles/icinga2: support specifying an alternative host for checks
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-21 10:58:57 +01:00
daa90a4668
move groups around 2020-11-21 10:55:09 +01:00
7d78ac9db8
bundles/vnstat: add flag to generate statistics images, add to home.router
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-16 17:07:05 +01:00
88dd587fb4
bundles/vnstat: introduce, add to home.router 2020-11-16 16:33:26 +01:00
9fa3757a96
nodes/home.nas: add zfs dataset for yate installation 2020-11-16 15:28:16 +01:00
d0b2e2fb61
nodes/home.nas: fix permissions cronjobs
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 17:33:25 +01:00
f6dafbc78e
nodes/home.router: use default settings for dhcp lease times 2020-11-15 11:58:55 +01:00
84d1984cc1
nodes/home.nas: add users to "nas" group, add cronjobs to ensure permissions on nas dataset
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 11:12:22 +01:00
9e2cb92766
nodes/home.nas: add user f2k1de 2020-11-15 10:36:40 +01:00
da39da4a5f
nodes/home.router: add user f2k1de, to allow them to do port forwarding
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-15 10:07:29 +01:00
d83dbbdd75
bundles/systemd-networkd: use some more options for bond interfaces 2020-11-15 09:39:44 +01:00