|
|
2b590a55c9
|
Update vabene1111/recipes Docker tag to v1.4.1
|
2022-09-21 20:01:33 +01:00 |
|
|
|
71732b7b7c
|
Don't keep quite so many backups
This results in a huge index which some smaller VMs can't handle
|
2022-09-21 08:48:05 +01:00 |
|
|
|
eccefcd7e0
|
Replace Cloudflare's DNS with Quad9 where it makes sense
|
2022-09-18 19:55:35 +01:00 |
|
|
|
60e9454efe
|
Disable authentik startup analytics
|
2022-09-18 18:55:24 +01:00 |
|
|
|
f49b26c6f0
|
Deploy authentik
Not integrated into other services quite yet. But it's there
|
2022-09-18 18:49:17 +01:00 |
|
|
|
4f0ee78b7e
|
Update grafana to use mailgun
|
2022-09-18 15:27:58 +01:00 |
|
|
|
8300d6dbf3
|
Update commento to use mailgun
|
2022-09-18 15:01:16 +01:00 |
|
|
|
63c1bc29db
|
Update nextcloud to 24.0.5
|
2022-09-18 14:35:39 +01:00 |
|
|
|
259ab3aae8
|
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
Update matrixdotorg/synapse Docker tag to v1.67.0
See merge request sys/infrastructure!32
|
2022-09-18 14:22:13 +01:00 |
|
|
|
128689aed3
|
Merge branch 'renovate/louislam-uptime-kuma-1.x' into 'master'
Update louislam/uptime-kuma Docker tag to v1.18.0
See merge request sys/infrastructure!33
|
2022-09-18 14:20:38 +01:00 |
|
|
|
218d6a48cf
|
Use mailgun for GitLab emails
|
2022-09-16 17:43:01 +01:00 |
|
|
|
5f8a4d7b78
|
Use supercronic to schedule renovate
This makes it easier to restart, and makes more creative scheduling possible
|
2022-09-13 20:01:37 +01:00 |
|
|
|
7575a57e6b
|
Update matrixdotorg/synapse Docker tag to v1.67.0
|
2022-09-13 11:14:16 +01:00 |
|
|
|
c7d5056f2a
|
Scrape homeassistant metrics into prometheus
|
2022-09-06 21:29:11 +01:00 |
|
|
|
aa1cef4739
|
Update louislam/uptime-kuma Docker tag to v1.18.0
|
2022-09-05 11:03:55 +01:00 |
|
|
|
0b69388f2c
|
Remove tmpfs mounts for tt-rss
These don't get created with the correct user permissions, and so breaks
|
2022-08-29 10:37:13 +01:00 |
|
|
|
cc3f980d34
|
Deploy tandoor
|
2022-08-24 22:17:29 +01:00 |
|
|
|
10f43bc38d
|
Prioritise OS-drive's snapraid content file over ZFS
Reads are much faster as it's SSD based, and it avoids unnecessary reads on the pool
|
2022-08-24 15:24:36 +01:00 |
|
|
|
dcc3055e93
|
Use official distribution of tt-rss
The previous one hasn't been updated in about a year. This one requires a couple extra containers, but is officially supported and maintained.
|
2022-08-24 15:23:21 +01:00 |
|
|
|
475215f33a
|
Run as many CI jobs as there are cores
|
2022-08-17 20:03:37 +01:00 |
|
|
|
73f165c521
|
Revert "Update traefik to 2.8"
This reverts commit a695818355.
This causes problems with traefik-pages
|
2022-08-16 10:17:53 +01:00 |
|
|
|
4eab0d4f01
|
Don't mount docker socket to traefik
It was already configured to use the proxy, and was running as non-root
anyway, so likely didn't have access to it in the first place.
|
2022-08-16 09:38:27 +01:00 |
|
|
|
8b21b9e6f2
|
Monitor decker Traefik with prometheus
|
2022-08-14 15:04:55 +01:00 |
|
|
|
461cd8fe3c
|
Update config version of nextcloud
|
2022-08-14 14:50:14 +01:00 |
|
|
|
4ccde9cfaf
|
Merge branch 'renovate/lscr.io-linuxserver-nextcloud-24.x' into 'master'
Update dependency lscr.io/linuxserver/nextcloud to v24.0.4
See merge request sys/infrastructure!29
|
2022-08-14 14:37:13 +01:00 |
|
|
|
b8953745a6
|
Update dependency lscr.io/linuxserver/nextcloud to v24.0.4
|
2022-08-12 09:47:44 +00:00 |
|
|
|
7577b35755
|
Update dependency matrixdotorg/synapse to v1.64.0
|
2022-08-02 10:42:13 +00:00 |
|
|
|
a695818355
|
Update traefik to 2.8
|
2022-08-01 15:02:09 +01:00 |
|
|
|
9a89dddda3
|
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
Update dependency matrixdotorg/synapse to v1.63.1
See merge request sys/infrastructure!27
|
2022-08-01 14:36:14 +01:00 |
|
|
|
84e27c9d61
|
Merge branch 'renovate/vaultwarden-server-1.x' into 'master'
Update dependency vaultwarden/server to v1.25.2
See merge request sys/infrastructure!28
|
2022-08-01 14:35:33 +01:00 |
|
|
|
6d7a147b74
|
Don't bind docker socket in CI
Use dind instead, as it's more secure and isolated
https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#use-docker-in-docker
|
2022-07-28 17:47:02 +01:00 |
|
|
|
4311382033
|
Update dependency vaultwarden/server to v1.25.2
|
2022-07-27 20:03:05 +00:00 |
|
|
|
8734ad8ce1
|
Update dependency matrixdotorg/synapse to v1.63.1
|
2022-07-20 13:50:49 +00:00 |
|
|
|
e65b3ec605
|
Update nextcloud to 24.0.2
|
2022-06-28 19:28:46 +01:00 |
|
|
|
6844bbfe99
|
Merge branch 'renovate/louislam-uptime-kuma-1.x' into 'master'
Update dependency louislam/uptime-kuma to v1.17.1
See merge request sys/infrastructure!25
|
2022-06-28 19:13:55 +01:00 |
|
|
|
7b38760196
|
Update dependency matrixdotorg/synapse to v1.61.1
|
2022-06-28 14:41:39 +00:00 |
|
|
|
c502ee57f7
|
Set nginx to use automatic number of workers
See https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/6895
|
2022-06-27 17:52:06 +01:00 |
|
|
|
9632f9aa90
|
Update dependency louislam/uptime-kuma to v1.17.1
|
2022-06-23 08:23:24 +00:00 |
|
|
|
cf763d07f2
|
Stop capturing logs for containers I don't care about
|
2022-06-20 21:25:13 +01:00 |
|
|
|
0d5913ce3c
|
Disable any hub integrations
|
2022-06-18 22:09:59 +01:00 |
|
|
|
df28b56857
|
Update traefik to 2.7
|
2022-06-18 22:09:49 +01:00 |
|
|
|
f1835aecdd
|
Merge branch 'renovate/vaultwarden-server-1.x' into 'master'
Update dependency vaultwarden/server to v1.25.0
See merge request sys/infrastructure!20
|
2022-06-18 21:53:52 +01:00 |
|
|
|
fd6a8be593
|
Merge branch 'renovate/wallabag-wallabag-2.x' into 'master'
Update dependency wallabag/wallabag to v2.5.1
See merge request sys/infrastructure!23
|
2022-06-18 21:43:45 +01:00 |
|
|
|
7b779f6ff7
|
Update dependency matrixdotorg/synapse to v1.61.0
|
2022-06-14 11:45:06 +00:00 |
|
|
|
c54ce7b209
|
For migrate grafana plugins
|
2022-06-13 21:52:40 +01:00 |
|
|
|
5b586f2608
|
Add container to extract TLS certs from traefik into standard format
Disable its network access, just in case
|
2022-06-13 21:18:45 +01:00 |
|
|
|
f8e4e6302d
|
Update dependency wallabag/wallabag to v2.5.1
|
2022-06-09 08:05:42 +00:00 |
|
|
|
4ba1ab0a28
|
Update yourls mariadb to 10.8
|
2022-06-06 22:33:26 +01:00 |
|
|
|
b62f8001bb
|
Deploy commento++
|
2022-06-05 15:44:49 +01:00 |
|
|
|
14de6fee84
|
Use socket proxy for DB backups
|
2022-06-04 23:03:41 +01:00 |
|
|
|
a15c300856
|
Ensure forrest saves DB backups to the correct place
|
2022-06-04 22:24:53 +01:00 |
|
|
|
0fd891f988
|
Update dependency louislam/uptime-kuma to v1.16.1
|
2022-05-29 05:48:38 +00:00 |
|
|
|
c159a157c3
|
Update download location for qbittorrent
|
2022-05-25 08:46:37 +01:00 |
|
|
|
0c11079246
|
Update geerlingguy.docker to fix issue installing on Arch
https://github.com/geerlingguy/ansible-role-docker/issues/346
|
2022-05-25 08:35:12 +01:00 |
|
|
|
565e1a156c
|
Update nextcloud to 24.0.1
|
2022-05-24 20:22:18 +01:00 |
|
|
|
1015a0ebc1
|
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
Update dependency matrixdotorg/synapse to v1.59.1
See merge request sys/infrastructure!16
|
2022-05-24 20:12:51 +01:00 |
|
|
|
07f19ec509
|
Update dependency vaultwarden/server to v1.25.0
|
2022-05-23 18:01:20 +00:00 |
|
|
|
284bed5e90
|
Update dependency wallabag/wallabag to v2.5.0
|
2022-05-21 20:38:08 +00:00 |
|
|
|
6116eed775
|
Use external DNS for monitoring
This avoids potential issues with host DNS jitters
|
2022-05-19 09:39:30 +01:00 |
|
|
|
6a60e7284e
|
Update dependency matrixdotorg/synapse to v1.59.1
|
2022-05-18 12:16:59 +00:00 |
|
|
|
b23b5e130e
|
Keep a few frequent backups in case of screw ups
|
2022-05-17 18:09:03 +01:00 |
|
|
|
e176ba371c
|
Move my settings out of default
|
2022-05-17 18:09:03 +01:00 |
|
|
|
f2290aafa6
|
Reduce usage and reliance on downsampled snapshots
Keep more at a lower resolution, as really those are the most useful
|
2022-05-17 18:09:03 +01:00 |
|
|
|
82040a5c85
|
Move qbittorrent to be a LXC
|
2022-05-16 22:02:01 +01:00 |
|
|
|
1c14c10b74
|
Allow 2 cores per runner job for concurrency
Allowing 2 clear cores runs fewer jobs, but should run them a lot faster
|
2022-05-07 12:34:57 +01:00 |
|
|
|
306d2368c1
|
Update dependency wallabag/wallabag to v2.4.3
|
2022-05-07 12:21:21 +01:00 |
|
|
|
8eae7b69e0
|
Pin versions of galaxy requirements
|
2022-05-07 12:21:21 +01:00 |
|
|
|
26b4b18737
|
Update synapse to 1.58.1
|
2022-05-07 11:38:46 +01:00 |
|
|
|
15b56971a1
|
Update uptime-kuma to 1.15.1
|
2022-05-07 11:37:49 +01:00 |
|
|
|
d7056861b9
|
Keep data for a bit longer
Don't ask me why I did this...
|
2022-05-07 11:34:46 +01:00 |
|
|
|
2c7e4e5532
|
Unpin fork of proxmox-nag-removal
|
2022-05-04 22:32:33 +01:00 |
|
|
|
51779a1f7e
|
Use released version of ntp role
Now https://github.com/geerlingguy/ansible-role-ntp/pull/110 has
shipped.
|
2022-04-27 08:40:17 +01:00 |
|
|
|
588152461e
|
Pin to released version of ansible-role-snapraid
Now https://github.com/IronicBadger/ansible-role-snapraid/pull/9 has
been merged.
|
2022-04-27 08:39:24 +01:00 |
|
|
|
208c605f05
|
Update uptime-kuma to 1.15.0
|
2022-04-26 20:40:33 +01:00 |
|
|
|
679cd5eba1
|
Update synapse to 1.57.1
|
2022-04-26 20:39:16 +01:00 |
|
|
|
b8c5d40c73
|
Update nextcloud to 23.0.4
|
2022-04-26 20:39:05 +01:00 |
|
|
|
54b8191754
|
Update uptime-kuma to 1.13.1
|
2022-03-24 22:20:29 +00:00 |
|
|
|
72c54029cd
|
Update synapse to 1.55.2
|
2022-03-24 22:13:52 +00:00 |
|
|
|
793506492f
|
No shenanigans by default
This causes strange problems with nextcloud
|
2022-03-23 19:30:22 +00:00 |
|
|
|
cccfa8bf51
|
Remove version prefix from nextcloud tag
Apparently that's not needed anymore
|
2022-03-22 21:22:07 +00:00 |
|
|
|
e0df63e3c9
|
Update nextcloud to 23.0.3
|
2022-03-22 21:19:43 +00:00 |
|
|
|
81116998b1
|
Fix symbolic link for yamllint config
|
2022-03-18 19:44:57 +00:00 |
|
|
|
b8736e1c65
|
Create VPN for port 53
|
2022-03-18 19:44:06 +00:00 |
|
|
|
bd49c1c869
|
Update renovate to v32
|
2022-03-18 18:06:07 +00:00 |
|
|
|
ffe9a13ff1
|
Update uptime-kuma to 1.12.1
|
2022-03-13 15:59:37 +00:00 |
|
|
|
5d136a8a2f
|
Update synapse to 1.54
|
2022-03-13 15:59:24 +00:00 |
|
|
|
2093f72602
|
Add a skeleton k8s deployment setup
DNS will come later
|
2022-03-07 21:58:17 +00:00 |
|
|
|
293aed0fd3
|
Enable GitLab registry
|
2022-02-25 21:48:13 +00:00 |
|
|
|
997fb0e600
|
Update synapse to 1.52
|
2022-02-21 21:50:30 +00:00 |
|
|
|
7ad6e81981
|
Update nextcloud to 23.0.2
|
2022-02-21 21:50:18 +00:00 |
|
|
|
7a05e154a6
|
Update uptime-kuma
|
2022-02-21 21:50:07 +00:00 |
|
|
|
c34b9e48f4
|
Add support for building docker containers on CI
This is easier than dind
|
2022-02-14 09:09:28 +00:00 |
|
|
|
6b63c2685b
|
Add an additional domain for matrix
I'll migrate over to this eventually. But doing a hard migration has just wasted my entire evening...
|
2022-02-13 20:54:46 +00:00 |
|
|
|
722b964bc9
|
Add Google Search Console integration to Plausible
|
2022-02-13 16:43:09 +00:00 |
|
|
|
a075b8f252
|
Update Vaultwarden to 1.24
|
2022-02-08 08:56:28 +00:00 |
|
|
|
4562b60517
|
Update Traefik to 2.6
|
2022-02-08 08:55:50 +00:00 |
|
|
|
af0eb65cce
|
Update synapse to 1.51
|
2022-02-08 08:55:41 +00:00 |
|
|
|
5df4a2c79a
|
Rotate nebula keys
Turns out they expired last night...
|
2022-01-30 21:00:38 +00:00 |
|
|
|
b91072b0da
|
Create a pages user for user with status checks
|
2022-01-29 22:18:07 +00:00 |
|
|
|
a5d9463f80
|
Ensure webdav pages is also accessible to Traefik
|
2022-01-29 22:11:19 +00:00 |
|
|
|
f07b5d9b7b
|
Migrate include: to include_tasks
|
2022-01-22 20:21:32 +00:00 |
|
|
|
106a89d72f
|
Use groups to manage sudo access rather than editing sudoers file
|
2022-01-22 20:10:16 +00:00 |
|
|
|
7e6e630808
|
Don't provision occ script on every machine
It only makes sense on 1
|
2022-01-21 22:28:13 +00:00 |
|
|
|
6db0500e1b
|
Provision remote f2b key with ansible
|
2022-01-21 22:11:49 +00:00 |
|
|
|
e8d4244946
|
Restart nebula, rather than reloading it
Reloading doesn't actually work it seems
|
2022-01-21 21:52:48 +00:00 |
|
|
|
af396a21cb
|
Provision a new caseyon Linode
|
2022-01-21 21:52:21 +00:00 |
|
|
|
188b7c9dd6
|
Install wireguard tools before provisioning config
|
2022-01-21 20:29:34 +00:00 |
|
|
|
c1319a134a
|
Forget snapshots in groups by host
By default, it includes the path, which means path changes result in very old snapshots
https://twitter.com/RealOrangeOne/status/1484217495124852748
|
2022-01-20 17:43:56 +00:00 |
|
|
|
1db289b604
|
Show domain in logs rather than upstream
The upstream is always the same, and no use to us
|
2022-01-19 09:00:20 +00:00 |
|
|
|
9404f71dc6
|
Remove old DB backups dir from backups
|
2022-01-16 17:56:45 +00:00 |
|
|
|
a07b1dbad5
|
Ensure grimes backs up its databases
|
2022-01-16 17:56:13 +00:00 |
|
|
|
5cc552d0eb
|
Add container to automatically backup DBs
|
2022-01-16 17:51:03 +00:00 |
|
|
|
6c0314b758
|
Add an nginx container to do crazy things with traefik
|
2022-01-16 14:08:38 +00:00 |
|
|
|
d5c7d94ac8
|
Run traefik as dockeruser, and without host networking
This required port forwarding, a docker proxy, and a docker network, but the end result should be much more secure!
|
2022-01-15 23:44:06 +00:00 |
|
|
|
1348eb8b1c
|
Prefent yourls redirect page being indexed
|
2022-01-11 21:20:23 +00:00 |
|
|
|
89a99d2db2
|
Make ansible a dev dependency
It's required by `ansible-lint` to work properly
|
2022-01-11 21:19:02 +00:00 |
|
|
|
c5215e330b
|
Update yamllint to fix dependency issue
I think this still validates everything we need it to
|
2022-01-11 20:51:12 +00:00 |
|
|
|
cf0e718bfb
|
Migrate decker services to linode
Mostly just uptime-kuma
|
2022-01-11 09:07:48 +00:00 |
|
|
|
41289ab359
|
Reduce ZFS memory usage to 5GB
That's still more than 1GB per usable TB of space. Should really be ample
|
2022-01-08 12:29:35 +00:00 |
|
|
|
1f6c6858e5
|
Fix NTP timesyncd issue
https://github.com/geerlingguy/ansible-role-ntp/pull/110
|
2022-01-08 12:29:13 +00:00 |
|
|
|
02cfd37a02
|
Update uptime-kuma
|
2022-01-08 12:18:25 +00:00 |
|
|
|
1a74e05a7c
|
Create a dedicated machine for renovate
This way it can do what it wants with docker. Because apparently it's very picky about how it's setup
|
2022-01-01 22:59:13 +00:00 |
|
|
|
78b0161585
|
Install renovate
It doesn't quite work, as really it needs docker to correctly update packages. But it's a start for now
|
2022-01-01 18:23:32 +00:00 |
|
|
|
b81f250d02
|
Update clickhouse config to reference new tables to remove
|
2021-12-29 17:34:07 +00:00 |
|
|
|
062c4a25fb
|
Keep just 2 weeks of backrest logs
That's ample
|
2021-12-28 12:57:57 +00:00 |
|
|
|
711d78bfd3
|
Only try and rotate the log files
Previously, this was also rotating the compressed logs, for some reason
|
2021-12-28 12:57:08 +00:00 |
|
|
|
3a7d2194cc
|
Update tt-rss DB to postgres 14
|
2021-12-22 22:39:46 +00:00 |
|
|
|
66c48c4a69
|
Remove old domain for vaultwarden
It's been long enough
|
2021-12-22 15:41:14 +00:00 |
|
|
|
e6ecffdf62
|
Update vaultwarden DB to postgres 14
|
2021-12-22 15:33:40 +00:00 |
|
|
|
ec9ca428a3
|
Update synapse DB to postgres 14
|
2021-12-22 15:24:37 +00:00 |
|
|
|
fbdbc8afb5
|
Update quassel DB to postgres 14
|
2021-12-22 13:17:01 +00:00 |
|
|
|
da41fcd7bc
|
Update grafana DB to postgres 14
|
2021-12-22 13:10:06 +00:00 |
|
|
|
6681ad43fb
|
Update plausible DB to postgres 14
|
2021-12-22 12:57:49 +00:00 |
|
|
|
31b7811b1f
|
Use new clickhouse docker repository
|
2021-12-22 12:01:25 +00:00 |
|
|
|
b6a0fdfd1d
|
Unpin the version of yourls
It's a very simple, non-critical application, which I keep forgetting to update
|
2021-12-21 21:48:41 +00:00 |
|
|
|
1c645fa106
|
Update yourls mariadb to 10.7
|
2021-12-21 21:40:56 +00:00 |
|
|
|
c5beb223be
|
Update clickhouse to 21.12
|
2021-12-21 21:31:53 +00:00 |
|
|
|
0734ff42d8
|
Move grafana variables to vault file
|
2021-12-21 20:22:47 +00:00 |
|
|
|
7b6675a9d0
|
Move gitlab variables to single vault
|
2021-12-21 20:12:05 +00:00 |
|
|
|
4cbc15fe0b
|
Move gitlab runner secrets to dedicated vault
|
2021-12-21 20:00:54 +00:00 |
|
|
|
66662594d0
|
Extract plausible secrets to dedicated vault
|
2021-12-21 19:57:43 +00:00 |
|
|
|
fcda77e750
|
Extract vault items from host vars
|
2021-12-21 19:36:52 +00:00 |
|
|
|
0b352e22d1
|
Merge all group vars into single vault file
This will make tracking down where a secret is defined much simpler
|
2021-12-21 18:04:03 +00:00 |
|
|
|
dce7c782ec
|
Move wireguard keys into a separate vault file
|
2021-12-21 17:58:52 +00:00 |
|
|
|
3f37cd4448
|
Be quiet on interpreter warnings
It works fine, I don't need to be screamed at
|
2021-12-20 21:17:42 +00:00 |
|
|
|
8d40a49780
|
Move traefik pages secret into full vault file
Trialing a new pattern for vault storage
|
2021-12-20 21:17:25 +00:00 |
|
|
|
9e473265a5
|
Read vault password from bitwarden instead of filesystem
https://theorangeone.net/posts/ansible-vault-bitwarden/
|
2021-12-20 17:25:18 +00:00 |
|
|
|
b50659ab5d
|
Update nextcloud to 23
|
2021-12-19 21:18:09 +00:00 |
|
|
|
a5329665c0
|
Update vaultwarden to 1.23.1
|
2021-12-15 20:21:01 +00:00 |
|
|
|
9834a45ec5
|
Update uptime-kuma to 1.11.1
|
2021-12-15 20:20:50 +00:00 |
|
