|
f063b09540
|
Enable gitea federation
|
2023-01-29 17:45:39 +00:00 |
|
|
360a250b4a
|
Merge branch 'renovate/ghcr.io-goauthentik-server-2023.x' into 'master'
Update ghcr.io/goauthentik/server Docker tag to v2023.1.2
See merge request sys/infrastructure!100
|
2023-01-28 22:03:15 +00:00 |
|
|
c0b179c312
|
Merge branch 'renovate/gitea-gitea-1.x' into 'master'
Update gitea/gitea Docker tag to v1.18.3
See merge request sys/infrastructure!102
|
2023-01-28 22:02:58 +00:00 |
|
|
4fd3945c47
|
Add robots.txt for gitea
|
2023-01-28 15:32:34 +00:00 |
|
|
848c0f03e1
|
Update gitea/gitea Docker tag to v1.18.3
|
2023-01-27 18:01:57 +00:00 |
|
|
a443d56a1c
|
Add a gitea deployment
Yep, it's that time of year _again_
|
2023-01-27 17:28:45 +00:00 |
|
|
5e9c5f7683
|
Version pihole settings
|
2023-01-24 20:15:21 +00:00 |
|
|
66c900f76e
|
Update ghcr.io/goauthentik/server Docker tag to v2023.1.2
|
2023-01-23 16:01:09 +00:00 |
|
|
7edf6899f3
|
Update nextcloud to 25.0.3
|
2023-01-19 22:43:09 +00:00 |
|
|
37af66e944
|
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
Update matrixdotorg/synapse Docker tag to v1.75.0
See merge request sys/infrastructure!98
|
2023-01-19 22:28:59 +00:00 |
|
|
81d2194d5a
|
Update ghcr.io/goauthentik/server Docker tag to v2023
|
2023-01-18 16:01:52 +00:00 |
|
|
23eccb6d73
|
Update matrixdotorg/synapse Docker tag to v1.75.0
|
2023-01-17 14:02:10 +00:00 |
|
|
d7ae77247b
|
Setup NTP on tang
|
2023-01-16 09:11:15 +00:00 |
|
|
4ba92cb08f
|
Update dependency yamllint to v1.29.0
|
2023-01-10 18:01:24 +00:00 |
|
|
ad50176ee9
|
Add internal alias to pihole
|
2023-01-08 18:36:03 +00:00 |
|
|
5753cd2cf1
|
Provision my pi with ansible now
It's insanely slow, but works
|
2023-01-08 17:59:22 +00:00 |
|
|
e8ac8b304e
|
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
Update matrixdotorg/synapse Docker tag to v1.74.0
See merge request sys/infrastructure!94
|
2023-01-06 09:00:01 +00:00 |
|
|
bd929f28e5
|
Update ghcr.io/goauthentik/server Docker tag to v2022.12.2
|
2023-01-05 10:01:45 +00:00 |
|
|
905f0f2b08
|
Update vaultwarden/server Docker tag to v1.27.0
|
2022-12-24 18:01:58 +00:00 |
|
|
49372f7c8e
|
Update matrixdotorg/synapse Docker tag to v1.74.0
|
2022-12-20 18:02:55 +00:00 |
|
|
6d5570b0f2
|
Update YOURLS' mariadb to 10.10
|
2022-12-13 09:14:06 +00:00 |
|
|
b6705788e6
|
Update nextcloud's mariadb to 10.6
This is the latest it supports
|
2022-12-13 09:14:06 +00:00 |
|
|
167b8bd140
|
Keep GitLab backups for 2 weeks
|
2022-12-13 09:14:06 +00:00 |
|
|
7c168fd28c
|
Update plausible to 1.5
Update Clickhouse at the same time
|
2022-12-13 09:14:06 +00:00 |
|
|
6fc6366c33
|
Update nextcloud to 25.0.2
|
2022-12-13 09:14:06 +00:00 |
|
|
6c2c87e43e
|
Merge branch 'renovate/ghcr.io-goauthentik-server-2022.x' into 'master'
Update ghcr.io/goauthentik/server Docker tag to v2022.11.3
See merge request sys/infrastructure!77
|
2022-12-13 08:55:08 +00:00 |
|
|
55764ada6c
|
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
Update matrixdotorg/synapse Docker tag to v1.73.0
See merge request sys/infrastructure!79
|
2022-12-13 08:54:50 +00:00 |
|
|
e86ed81102
|
Decommission decker server
It's been replaced by prometheus running internally, and uptimerobot checking.
|
2022-12-09 19:04:54 +00:00 |
|
|
f1c9e10d9a
|
Use IPv4 on blackbox
The docker networks they're running on are v4 only at the moment, so the DNS resolution passes by the connection fails.
|
2022-12-06 20:46:43 +00:00 |
|
|
2fb21223aa
|
Update matrixdotorg/synapse Docker tag to v1.73.0
|
2022-12-06 14:01:43 +00:00 |
|
|
bb4361e25f
|
Use a blackbox with custom DNS rather than proxy
This makes timing information more relevant and should improve reliability
|
2022-12-06 10:04:23 +00:00 |
|
|
772cf7536a
|
Run prometheus stack as docker user
|
2022-12-05 21:17:23 +00:00 |
|
|
53c969f2b8
|
Make prometheus config files read only
|
2022-12-05 21:12:55 +00:00 |
|
|
3e5b00d176
|
Add alertmanager
|
2022-12-05 21:10:41 +00:00 |
|
|
60514d191a
|
Exclude python stats for HA
|
2022-12-05 20:36:57 +00:00 |
|
|
ed7faf4678
|
Scrape healthchecks.io with prometheus and use it for outbound monitoring of prometheus scrapes
|
2022-12-05 14:41:48 +00:00 |
|
|
8e3b381b8d
|
Remove unused prometheus network
|
2022-12-04 22:12:55 +00:00 |
|
|
75862dbaf9
|
Setup blackbox for some HTTP monitoring
|
2022-12-04 22:11:49 +00:00 |
|
|
9d4eceab29
|
Update ghcr.io/goauthentik/server Docker tag to v2022.11.3
|
2022-12-03 14:02:05 +00:00 |
|
|
e89f13b8a9
|
Add collabora
|
2022-12-02 22:37:42 +00:00 |
|
|
ebfe057658
|
Add support for public dashboards in Grafana
|
2022-12-01 13:48:36 +00:00 |
|
|
41a853db55
|
Define tmpfs for website /tmp
This is needed for imagemagick to function correctly without consuming all disk space on the system
|
2022-11-30 14:08:10 +00:00 |
|
|
d5c08bd493
|
Update redis Docker tag to v7
|
2022-11-21 16:02:19 +00:00 |
|
|
8f78f24ea8
|
Unpin redis minor version on website
|
2022-11-21 15:21:33 +00:00 |
|
|
8076c62198
|
Merge branch 'renovate/vabene1111-recipes-1.x' into 'master'
Update vabene1111/recipes Docker tag to v1.4.5
See merge request sys/infrastructure!90
|
2022-11-21 14:51:06 +00:00 |
|
|
c388e6bbe1
|
Add more nginx processes for mastodon
|
2022-11-20 23:21:09 +00:00 |
|
|
406d9dbf09
|
Reduce mastodon streaming threads and run 1 thread per core
|
2022-11-20 23:00:58 +00:00 |
|
|
9b69b419a7
|
Reduce sidekiq threads on GitLab
|
2022-11-20 23:00:33 +00:00 |
|
|
a51854f48c
|
Shuffle around cron jobs to run earlier at night
|
2022-11-20 22:52:00 +00:00 |
|
|
3ec359ed0e
|
Deploy me a mastodon
|
2022-11-18 09:12:28 +00:00 |
|
|
88e3eee059
|
Prune containers more regularly
|
2022-11-17 20:37:24 +00:00 |
|
|
a1a153977e
|
Only keep 2 package versions
3 is the default
|
2022-11-17 20:36:58 +00:00 |
|
|
c91b1ba871
|
Allow website to handle traffic to second domain
|
2022-11-16 14:56:17 +00:00 |
|
|
330e7e9305
|
Clear pacman cache
|
2022-11-14 09:04:53 +00:00 |
|
|
a8b8c88f27
|
Update vabene1111/recipes Docker tag to v1.4.5
|
2022-11-09 14:01:00 +00:00 |
|
|
77e83fec6d
|
Fix synapse-admin URL
It no longer supports being run on a subdirectory with the stock container
|
2022-11-07 13:57:14 +00:00 |
|
|
b513858893
|
Update nextcloud to 25.0.1
|
2022-11-07 09:03:40 +00:00 |
|
|
2bbd1c681b
|
Allow proxying to any ports
On the assumption they're HTTP, it's probably fine to route to anything. We're not trying to act as a firewall
|
2022-11-06 22:16:48 +00:00 |
|
|
b9283ec445
|
Set port for HTTP proxies
|
2022-11-06 21:55:05 +00:00 |
|
|
041f791b60
|
Add squid as a forwarding proxy so containers are exposed through a VPN
Implementation isn't perfect, but as `qbittorrent` already had an outbound VPN connection, it makes sense to just reuse it.
|
2022-11-06 18:26:09 +00:00 |
|
|
fc577f21b8
|
Update Traefik to 2.9
|
2022-11-01 20:50:30 +00:00 |
|
|
4c8d5ffe44
|
Remove all references to traefik pages
|
2022-11-01 20:30:16 +00:00 |
|
|
d81ed290d7
|
Put the new website live
|
2022-10-30 12:04:15 +00:00 |
|
|
08afdd951e
|
Add hosting for new website
Top sneaky
|
2022-10-29 18:09:30 +01:00 |
|
|
8dd1f6cddf
|
Add nextcloud email config
|
2022-10-26 14:23:08 +01:00 |
|
|
0d24bd7e0c
|
Use correct location for nextcloud config file
|
2022-10-26 14:10:26 +01:00 |
|
|
d0cef763e1
|
Update Nextcloud to 25
|
2022-10-26 14:09:47 +01:00 |
|
|
27069281dc
|
Update renovate/renovate Docker tag to v34
|
2022-10-25 14:05:25 +01:00 |
|
|
bfacd3b6df
|
Merge branch 'renovate/wallabag-wallabag-2.x' into 'master'
Update wallabag/wallabag Docker tag to v2.5.2
See merge request sys/infrastructure!50
|
2022-10-25 08:46:19 +01:00 |
|
|
d4053908ab
|
Update renovate/renovate Docker tag to v33
|
2022-10-23 08:02:08 +01:00 |
|
|
f90e167774
|
Update wallabag/wallabag Docker tag to v2.5.2
|
2022-10-21 14:01:20 +01:00 |
|
|
4e77f0165a
|
Use persistent storage for tt-rss
Otherwise the container fails to find the cache directory due to how updates are handled.
|
2022-10-17 13:44:06 +01:00 |
|
|
c0a4c35e5b
|
Merge branch 'renovate/ansible-lint-5.x' into 'master'
Update dependency ansible-lint to v5.4.0
See merge request sys/infrastructure!40
|
2022-10-17 13:43:39 +01:00 |
|
|
d13d49447e
|
Merge branch 'renovate/louislam-uptime-kuma-1.x' into 'master'
Update louislam/uptime-kuma Docker tag to v1.18.5
See merge request sys/infrastructure!45
|
2022-10-17 13:33:41 +01:00 |
|
|
cecf9f03a2
|
Update vaultwarden/server Docker tag to v1.26.0
|
2022-10-15 18:09:57 +01:00 |
|
|
ed2414954e
|
Update louislam/uptime-kuma Docker tag to v1.18.5
|
2022-10-10 20:01:07 +01:00 |
|
|
7adda6ed1c
|
Update nextcloud to 24.0.6
|
2022-10-09 19:41:17 +01:00 |
|
|
2188c59372
|
Merge branch 'renovate/louislam-uptime-kuma-1.x' into 'master'
Update louislam/uptime-kuma Docker tag to v1.18.4
See merge request sys/infrastructure!44
|
2022-10-09 19:33:07 +01:00 |
|
|
58730fcbeb
|
Move pages hosting to GitLab pages
|
2022-10-09 18:26:49 +01:00 |
|
|
491061d900
|
Remove shenanigans
It's not enabled, and it's 1 less container to deal with
|
2022-10-09 17:40:22 +01:00 |
|
|
77bc6947ab
|
Update louislam/uptime-kuma Docker tag to v1.18.4
|
2022-10-09 10:01:04 +01:00 |
|
|
6d890a6991
|
Setup slides domain
|
2022-10-08 17:37:28 +01:00 |
|
|
41582f50db
|
Set up GitLab pages
|
2022-10-08 15:51:37 +01:00 |
|
|
2dc13c6f40
|
Update nebula to 1.6.1
|
2022-10-05 08:42:01 +01:00 |
|
|
521e6320fd
|
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
Update matrixdotorg/synapse Docker tag to v1.68.0
See merge request sys/infrastructure!39
|
2022-10-04 13:42:30 +01:00 |
|
|
681cff5ea7
|
Merge branch 'renovate/louislam-uptime-kuma-1.x' into 'master'
Update louislam/uptime-kuma Docker tag to v1.18.2
See merge request sys/infrastructure!42
|
2022-10-04 13:40:52 +01:00 |
|
|
62aab30dc8
|
Update louislam/uptime-kuma Docker tag to v1.18.2
|
2022-10-04 12:01:00 +01:00 |
|
|
81b302459e
|
Update vabene1111/recipes Docker tag to v1.4.4
|
2022-09-30 16:01:02 +01:00 |
|
|
d4830ae9c2
|
Update dependency ansible-lint to v5.4.0
|
2022-09-29 10:01:27 +01:00 |
|
|
b32b7ca629
|
Update matrixdotorg/synapse Docker tag to v1.68.0
|
2022-09-27 14:01:34 +01:00 |
|
|
02d5b2d8d3
|
Upgrade sanoid
|
2022-09-26 19:32:55 +01:00 |
|
|
67b890d639
|
Merge branch 'renovate/vabene1111-recipes-1.x' into 'master'
Update vabene1111/recipes Docker tag to v1.4.2
See merge request sys/infrastructure!37
|
2022-09-26 13:56:40 +01:00 |
|
|
5be1078639
|
Update vabene1111/recipes Docker tag to v1.4.2
|
2022-09-23 18:01:17 +01:00 |
|
|
bcc2bfd417
|
Update ghcr.io/goauthentik/server Docker tag to v2022.9.0
|
2022-09-23 12:01:29 +01:00 |
|
|
cf6cc7de7a
|
Add email to tandoor
|
2022-09-22 09:13:28 +01:00 |
|
|
356e04c005
|
Fewer workers / threads for authentik
|
2022-09-22 08:52:41 +01:00 |
|
|
92fdfd252a
|
Add email to authentik
|
2022-09-22 08:47:01 +01:00 |
|
|
98f2eea59b
|
Add email to plausible
|
2022-09-22 08:37:00 +01:00 |
|
|
9098fec232
|
Disable erlang multi-node distribution
|
2022-09-22 08:23:30 +01:00 |
|
|
2b590a55c9
|
Update vabene1111/recipes Docker tag to v1.4.1
|
2022-09-21 20:01:33 +01:00 |
|
|
71732b7b7c
|
Don't keep quite so many backups
This results in a huge index which some smaller VMs can't handle
|
2022-09-21 08:48:05 +01:00 |
|
|
eccefcd7e0
|
Replace Cloudflare's DNS with Quad9 where it makes sense
|
2022-09-18 19:55:35 +01:00 |
|
|
60e9454efe
|
Disable authentik startup analytics
|
2022-09-18 18:55:24 +01:00 |
|
|
f49b26c6f0
|
Deploy authentik
Not integrated into other services quite yet. But it's there
|
2022-09-18 18:49:17 +01:00 |
|
|
4f0ee78b7e
|
Update grafana to use mailgun
|
2022-09-18 15:27:58 +01:00 |
|
|
8300d6dbf3
|
Update commento to use mailgun
|
2022-09-18 15:01:16 +01:00 |
|
|
63c1bc29db
|
Update nextcloud to 24.0.5
|
2022-09-18 14:35:39 +01:00 |
|
|
259ab3aae8
|
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
Update matrixdotorg/synapse Docker tag to v1.67.0
See merge request sys/infrastructure!32
|
2022-09-18 14:22:13 +01:00 |
|
|
128689aed3
|
Merge branch 'renovate/louislam-uptime-kuma-1.x' into 'master'
Update louislam/uptime-kuma Docker tag to v1.18.0
See merge request sys/infrastructure!33
|
2022-09-18 14:20:38 +01:00 |
|
|
218d6a48cf
|
Use mailgun for GitLab emails
|
2022-09-16 17:43:01 +01:00 |
|
|
5f8a4d7b78
|
Use supercronic to schedule renovate
This makes it easier to restart, and makes more creative scheduling possible
|
2022-09-13 20:01:37 +01:00 |
|
|
7575a57e6b
|
Update matrixdotorg/synapse Docker tag to v1.67.0
|
2022-09-13 11:14:16 +01:00 |
|
|
c7d5056f2a
|
Scrape homeassistant metrics into prometheus
|
2022-09-06 21:29:11 +01:00 |
|
|
aa1cef4739
|
Update louislam/uptime-kuma Docker tag to v1.18.0
|
2022-09-05 11:03:55 +01:00 |
|
|
0b69388f2c
|
Remove tmpfs mounts for tt-rss
These don't get created with the correct user permissions, and so breaks
|
2022-08-29 10:37:13 +01:00 |
|
|
cc3f980d34
|
Deploy tandoor
|
2022-08-24 22:17:29 +01:00 |
|
|
10f43bc38d
|
Prioritise OS-drive's snapraid content file over ZFS
Reads are much faster as it's SSD based, and it avoids unnecessary reads on the pool
|
2022-08-24 15:24:36 +01:00 |
|
|
dcc3055e93
|
Use official distribution of tt-rss
The previous one hasn't been updated in about a year. This one requires a couple extra containers, but is officially supported and maintained.
|
2022-08-24 15:23:21 +01:00 |
|
|
475215f33a
|
Run as many CI jobs as there are cores
|
2022-08-17 20:03:37 +01:00 |
|
|
73f165c521
|
Revert "Update traefik to 2.8"
This reverts commit a695818355 .
This causes problems with traefik-pages
|
2022-08-16 10:17:53 +01:00 |
|
|
4eab0d4f01
|
Don't mount docker socket to traefik
It was already configured to use the proxy, and was running as non-root
anyway, so likely didn't have access to it in the first place.
|
2022-08-16 09:38:27 +01:00 |
|
|
8b21b9e6f2
|
Monitor decker Traefik with prometheus
|
2022-08-14 15:04:55 +01:00 |
|
|
461cd8fe3c
|
Update config version of nextcloud
|
2022-08-14 14:50:14 +01:00 |
|
|
4ccde9cfaf
|
Merge branch 'renovate/lscr.io-linuxserver-nextcloud-24.x' into 'master'
Update dependency lscr.io/linuxserver/nextcloud to v24.0.4
See merge request sys/infrastructure!29
|
2022-08-14 14:37:13 +01:00 |
|
|
b8953745a6
|
Update dependency lscr.io/linuxserver/nextcloud to v24.0.4
|
2022-08-12 09:47:44 +00:00 |
|
|
7577b35755
|
Update dependency matrixdotorg/synapse to v1.64.0
|
2022-08-02 10:42:13 +00:00 |
|
|
a695818355
|
Update traefik to 2.8
|
2022-08-01 15:02:09 +01:00 |
|
|
9a89dddda3
|
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
Update dependency matrixdotorg/synapse to v1.63.1
See merge request sys/infrastructure!27
|
2022-08-01 14:36:14 +01:00 |
|
|
84e27c9d61
|
Merge branch 'renovate/vaultwarden-server-1.x' into 'master'
Update dependency vaultwarden/server to v1.25.2
See merge request sys/infrastructure!28
|
2022-08-01 14:35:33 +01:00 |
|
|
6d7a147b74
|
Don't bind docker socket in CI
Use dind instead, as it's more secure and isolated
https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#use-docker-in-docker
|
2022-07-28 17:47:02 +01:00 |
|
|
4311382033
|
Update dependency vaultwarden/server to v1.25.2
|
2022-07-27 20:03:05 +00:00 |
|
|
8734ad8ce1
|
Update dependency matrixdotorg/synapse to v1.63.1
|
2022-07-20 13:50:49 +00:00 |
|
|
e65b3ec605
|
Update nextcloud to 24.0.2
|
2022-06-28 19:28:46 +01:00 |
|
|
6844bbfe99
|
Merge branch 'renovate/louislam-uptime-kuma-1.x' into 'master'
Update dependency louislam/uptime-kuma to v1.17.1
See merge request sys/infrastructure!25
|
2022-06-28 19:13:55 +01:00 |
|
|
7b38760196
|
Update dependency matrixdotorg/synapse to v1.61.1
|
2022-06-28 14:41:39 +00:00 |
|
|
c502ee57f7
|
Set nginx to use automatic number of workers
See https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/6895
|
2022-06-27 17:52:06 +01:00 |
|
|
9632f9aa90
|
Update dependency louislam/uptime-kuma to v1.17.1
|
2022-06-23 08:23:24 +00:00 |
|
|
cf763d07f2
|
Stop capturing logs for containers I don't care about
|
2022-06-20 21:25:13 +01:00 |
|
|
0d5913ce3c
|
Disable any hub integrations
|
2022-06-18 22:09:59 +01:00 |
|
|
df28b56857
|
Update traefik to 2.7
|
2022-06-18 22:09:49 +01:00 |
|
|
f1835aecdd
|
Merge branch 'renovate/vaultwarden-server-1.x' into 'master'
Update dependency vaultwarden/server to v1.25.0
See merge request sys/infrastructure!20
|
2022-06-18 21:53:52 +01:00 |
|
|
fd6a8be593
|
Merge branch 'renovate/wallabag-wallabag-2.x' into 'master'
Update dependency wallabag/wallabag to v2.5.1
See merge request sys/infrastructure!23
|
2022-06-18 21:43:45 +01:00 |
|
|
7b779f6ff7
|
Update dependency matrixdotorg/synapse to v1.61.0
|
2022-06-14 11:45:06 +00:00 |
|
|
c54ce7b209
|
For migrate grafana plugins
|
2022-06-13 21:52:40 +01:00 |
|
|
5b586f2608
|
Add container to extract TLS certs from traefik into standard format
Disable its network access, just in case
|
2022-06-13 21:18:45 +01:00 |
|
|
f8e4e6302d
|
Update dependency wallabag/wallabag to v2.5.1
|
2022-06-09 08:05:42 +00:00 |
|
|
4ba1ab0a28
|
Update yourls mariadb to 10.8
|
2022-06-06 22:33:26 +01:00 |
|
|
b62f8001bb
|
Deploy commento++
|
2022-06-05 15:44:49 +01:00 |
|
|
14de6fee84
|
Use socket proxy for DB backups
|
2022-06-04 23:03:41 +01:00 |
|
|
a15c300856
|
Ensure forrest saves DB backups to the correct place
|
2022-06-04 22:24:53 +01:00 |
|
|
0fd891f988
|
Update dependency louislam/uptime-kuma to v1.16.1
|
2022-05-29 05:48:38 +00:00 |
|
|
c159a157c3
|
Update download location for qbittorrent
|
2022-05-25 08:46:37 +01:00 |
|
|
0c11079246
|
Update geerlingguy.docker to fix issue installing on Arch
https://github.com/geerlingguy/ansible-role-docker/issues/346
|
2022-05-25 08:35:12 +01:00 |
|
|
565e1a156c
|
Update nextcloud to 24.0.1
|
2022-05-24 20:22:18 +01:00 |
|
|
1015a0ebc1
|
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
Update dependency matrixdotorg/synapse to v1.59.1
See merge request sys/infrastructure!16
|
2022-05-24 20:12:51 +01:00 |
|
|
07f19ec509
|
Update dependency vaultwarden/server to v1.25.0
|
2022-05-23 18:01:20 +00:00 |
|
|
284bed5e90
|
Update dependency wallabag/wallabag to v2.5.0
|
2022-05-21 20:38:08 +00:00 |
|
|
6116eed775
|
Use external DNS for monitoring
This avoids potential issues with host DNS jitters
|
2022-05-19 09:39:30 +01:00 |
|
|
6a60e7284e
|
Update dependency matrixdotorg/synapse to v1.59.1
|
2022-05-18 12:16:59 +00:00 |
|
|
b23b5e130e
|
Keep a few frequent backups in case of screw ups
|
2022-05-17 18:09:03 +01:00 |
|
|
e176ba371c
|
Move my settings out of default
|
2022-05-17 18:09:03 +01:00 |
|
|
f2290aafa6
|
Reduce usage and reliance on downsampled snapshots
Keep more at a lower resolution, as really those are the most useful
|
2022-05-17 18:09:03 +01:00 |
|
|
82040a5c85
|
Move qbittorrent to be a LXC
|
2022-05-16 22:02:01 +01:00 |
|
|
1c14c10b74
|
Allow 2 cores per runner job for concurrency
Allowing 2 clear cores runs fewer jobs, but should run them a lot faster
|
2022-05-07 12:34:57 +01:00 |
|
|
306d2368c1
|
Update dependency wallabag/wallabag to v2.4.3
|
2022-05-07 12:21:21 +01:00 |
|
|
8eae7b69e0
|
Pin versions of galaxy requirements
|
2022-05-07 12:21:21 +01:00 |
|
|
26b4b18737
|
Update synapse to 1.58.1
|
2022-05-07 11:38:46 +01:00 |
|
|
15b56971a1
|
Update uptime-kuma to 1.15.1
|
2022-05-07 11:37:49 +01:00 |
|
|
d7056861b9
|
Keep data for a bit longer
Don't ask me why I did this...
|
2022-05-07 11:34:46 +01:00 |
|
|
2c7e4e5532
|
Unpin fork of proxmox-nag-removal
|
2022-05-04 22:32:33 +01:00 |
|
|
51779a1f7e
|
Use released version of ntp role
Now https://github.com/geerlingguy/ansible-role-ntp/pull/110 has
shipped.
|
2022-04-27 08:40:17 +01:00 |
|
|
588152461e
|
Pin to released version of ansible-role-snapraid
Now https://github.com/IronicBadger/ansible-role-snapraid/pull/9 has
been merged.
|
2022-04-27 08:39:24 +01:00 |
|
|
208c605f05
|
Update uptime-kuma to 1.15.0
|
2022-04-26 20:40:33 +01:00 |
|
|
679cd5eba1
|
Update synapse to 1.57.1
|
2022-04-26 20:39:16 +01:00 |
|
|
b8c5d40c73
|
Update nextcloud to 23.0.4
|
2022-04-26 20:39:05 +01:00 |
|
|
54b8191754
|
Update uptime-kuma to 1.13.1
|
2022-03-24 22:20:29 +00:00 |
|
|
72c54029cd
|
Update synapse to 1.55.2
|
2022-03-24 22:13:52 +00:00 |
|
|
793506492f
|
No shenanigans by default
This causes strange problems with nextcloud
|
2022-03-23 19:30:22 +00:00 |
|
|
cccfa8bf51
|
Remove version prefix from nextcloud tag
Apparently that's not needed anymore
|
2022-03-22 21:22:07 +00:00 |
|
|
e0df63e3c9
|
Update nextcloud to 23.0.3
|
2022-03-22 21:19:43 +00:00 |
|
|
81116998b1
|
Fix symbolic link for yamllint config
|
2022-03-18 19:44:57 +00:00 |
|
|
b8736e1c65
|
Create VPN for port 53
|
2022-03-18 19:44:06 +00:00 |
|
|
bd49c1c869
|
Update renovate to v32
|
2022-03-18 18:06:07 +00:00 |
|
|
ffe9a13ff1
|
Update uptime-kuma to 1.12.1
|
2022-03-13 15:59:37 +00:00 |
|
|
5d136a8a2f
|
Update synapse to 1.54
|
2022-03-13 15:59:24 +00:00 |
|
|
2093f72602
|
Add a skeleton k8s deployment setup
DNS will come later
|
2022-03-07 21:58:17 +00:00 |
|
|
293aed0fd3
|
Enable GitLab registry
|
2022-02-25 21:48:13 +00:00 |
|
|
997fb0e600
|
Update synapse to 1.52
|
2022-02-21 21:50:30 +00:00 |
|
|
7ad6e81981
|
Update nextcloud to 23.0.2
|
2022-02-21 21:50:18 +00:00 |
|
|
7a05e154a6
|
Update uptime-kuma
|
2022-02-21 21:50:07 +00:00 |
|
|
c34b9e48f4
|
Add support for building docker containers on CI
This is easier than dind
|
2022-02-14 09:09:28 +00:00 |
|
|
6b63c2685b
|
Add an additional domain for matrix
I'll migrate over to this eventually. But doing a hard migration has just wasted my entire evening...
|
2022-02-13 20:54:46 +00:00 |
|
|
722b964bc9
|
Add Google Search Console integration to Plausible
|
2022-02-13 16:43:09 +00:00 |
|
|
a075b8f252
|
Update Vaultwarden to 1.24
|
2022-02-08 08:56:28 +00:00 |
|
|
4562b60517
|
Update Traefik to 2.6
|
2022-02-08 08:55:50 +00:00 |
|
|
af0eb65cce
|
Update synapse to 1.51
|
2022-02-08 08:55:41 +00:00 |
|
|
5df4a2c79a
|
Rotate nebula keys
Turns out they expired last night...
|
2022-01-30 21:00:38 +00:00 |
|
|
b91072b0da
|
Create a pages user for user with status checks
|
2022-01-29 22:18:07 +00:00 |
|
|
a5d9463f80
|
Ensure webdav pages is also accessible to Traefik
|
2022-01-29 22:11:19 +00:00 |
|
|
f07b5d9b7b
|
Migrate include: to include_tasks
|
2022-01-22 20:21:32 +00:00 |
|
|
106a89d72f
|
Use groups to manage sudo access rather than editing sudoers file
|
2022-01-22 20:10:16 +00:00 |
|
|
7e6e630808
|
Don't provision occ script on every machine
It only makes sense on 1
|
2022-01-21 22:28:13 +00:00 |
|
|
6db0500e1b
|
Provision remote f2b key with ansible
|
2022-01-21 22:11:49 +00:00 |
|
|
e8d4244946
|
Restart nebula, rather than reloading it
Reloading doesn't actually work it seems
|
2022-01-21 21:52:48 +00:00 |
|
|
af396a21cb
|
Provision a new casey on Linode
|
2022-01-21 21:52:21 +00:00 |
|
|
188b7c9dd6
|
Install wireguard tools before provisioning config
|
2022-01-21 20:29:34 +00:00 |
|
|
c1319a134a
|
Forget snapshots in groups by host
By default, it includes the path, which means path changes result in very old snapshots
https://twitter.com/RealOrangeOne/status/1484217495124852748
|
2022-01-20 17:43:56 +00:00 |
|
|
1db289b604
|
Show domain in logs rather than upstream
The upstream is always the same, and no use to us
|
2022-01-19 09:00:20 +00:00 |
|
|
9404f71dc6
|
Remove old DB backups dir from backups
|
2022-01-16 17:56:45 +00:00 |
|
|
a07b1dbad5
|
Ensure grimes backs up its databases
|
2022-01-16 17:56:13 +00:00 |
|
|
5cc552d0eb
|
Add container to automatically backup DBs
|
2022-01-16 17:51:03 +00:00 |
|
|
6c0314b758
|
Add an nginx container to do crazy things with traefik
|
2022-01-16 14:08:38 +00:00 |
|
|
d5c7d94ac8
|
Run traefik as dockeruser, and without host networking
This required port forwarding, a docker proxy, and a docker network, but the end result should be much more secure!
|
2022-01-15 23:44:06 +00:00 |
|
|
1348eb8b1c
|
Prefent yourls redirect page being indexed
|
2022-01-11 21:20:23 +00:00 |
|
|
89a99d2db2
|
Make ansible a dev dependency
It's required by `ansible-lint` to work properly
|
2022-01-11 21:19:02 +00:00 |
|
|
c5215e330b
|
Update yamllint to fix dependency issue
I think this still validates everything we need it to
|
2022-01-11 20:51:12 +00:00 |
|
|
cf0e718bfb
|
Migrate decker services to linode
Mostly just uptime-kuma
|
2022-01-11 09:07:48 +00:00 |
|
|
41289ab359
|
Reduce ZFS memory usage to 5GB
That's still more than 1GB per usable TB of space. Should really be ample
|
2022-01-08 12:29:35 +00:00 |
|
|
1f6c6858e5
|
Fix NTP timesyncd issue
https://github.com/geerlingguy/ansible-role-ntp/pull/110
|
2022-01-08 12:29:13 +00:00 |
|
|
02cfd37a02
|
Update uptime-kuma
|
2022-01-08 12:18:25 +00:00 |
|
|
1a74e05a7c
|
Create a dedicated machine for renovate
This way it can do what it wants with docker. Because apparently it's very picky about how it's setup
|
2022-01-01 22:59:13 +00:00 |
|
|
78b0161585
|
Install renovate
It doesn't quite work, as really it needs docker to correctly update packages. But it's a start for now
|
2022-01-01 18:23:32 +00:00 |
|
|
b81f250d02
|
Update clickhouse config to reference new tables to remove
|
2021-12-29 17:34:07 +00:00 |
|
|
062c4a25fb
|
Keep just 2 weeks of backrest logs
That's ample
|
2021-12-28 12:57:57 +00:00 |
|
|
711d78bfd3
|
Only try and rotate the log files
Previously, this was also rotating the compressed logs, for some reason
|
2021-12-28 12:57:08 +00:00 |
|
|
3a7d2194cc
|
Update tt-rss DB to postgres 14
|
2021-12-22 22:39:46 +00:00 |
|
|
66c48c4a69
|
Remove old domain for vaultwarden
It's been long enough
|
2021-12-22 15:41:14 +00:00 |
|
|
e6ecffdf62
|
Update vaultwarden DB to postgres 14
|
2021-12-22 15:33:40 +00:00 |
|
|
ec9ca428a3
|
Update synapse DB to postgres 14
|
2021-12-22 15:24:37 +00:00 |
|
|
fbdbc8afb5
|
Update quassel DB to postgres 14
|
2021-12-22 13:17:01 +00:00 |
|
|
da41fcd7bc
|
Update grafana DB to postgres 14
|
2021-12-22 13:10:06 +00:00 |
|
|
6681ad43fb
|
Update plausible DB to postgres 14
|
2021-12-22 12:57:49 +00:00 |
|
|
31b7811b1f
|
Use new clickhouse docker repository
|
2021-12-22 12:01:25 +00:00 |
|
|
b6a0fdfd1d
|
Unpin the version of yourls
It's a very simple, non-critical application, which I keep forgetting to update
|
2021-12-21 21:48:41 +00:00 |
|
|
1c645fa106
|
Update yourls mariadb to 10.7
|
2021-12-21 21:40:56 +00:00 |
|
|
c5beb223be
|
Update clickhouse to 21.12
|
2021-12-21 21:31:53 +00:00 |
|
|
0734ff42d8
|
Move grafana variables to vault file
|
2021-12-21 20:22:47 +00:00 |
|
|
7b6675a9d0
|
Move gitlab variables to single vault
|
2021-12-21 20:12:05 +00:00 |
|
|
4cbc15fe0b
|
Move gitlab runner secrets to dedicated vault
|
2021-12-21 20:00:54 +00:00 |
|
|
66662594d0
|
Extract plausible secrets to dedicated vault
|
2021-12-21 19:57:43 +00:00 |
|
|
fcda77e750
|
Extract vault items from host vars
|
2021-12-21 19:36:52 +00:00 |
|
|
0b352e22d1
|
Merge all group vars into single vault file
This will make tracking down where a secret is defined much simpler
|
2021-12-21 18:04:03 +00:00 |
|
|
dce7c782ec
|
Move wireguard keys into a separate vault file
|
2021-12-21 17:58:52 +00:00 |
|
|
3f37cd4448
|
Be quiet on interpreter warnings
It works fine, I don't need to be screamed at
|
2021-12-20 21:17:42 +00:00 |
|
|
8d40a49780
|
Move traefik pages secret into full vault file
Trialing a new pattern for vault storage
|
2021-12-20 21:17:25 +00:00 |
|
|
9e473265a5
|
Read vault password from bitwarden instead of filesystem
https://theorangeone.net/posts/ansible-vault-bitwarden/
|
2021-12-20 17:25:18 +00:00 |
|
|
b50659ab5d
|
Update nextcloud to 23
|
2021-12-19 21:18:09 +00:00 |
|
|
a5329665c0
|
Update vaultwarden to 1.23.1
|
2021-12-15 20:21:01 +00:00 |
|
|
9834a45ec5
|
Update uptime-kuma to 1.11.1
|
2021-12-15 20:20:50 +00:00 |
|
|
699673c3b5
|
Update Synapse to 1.49.0
|
2021-12-15 20:19:51 +00:00 |
|
|
9e899d0f52
|
Update nebula to 1.5.2
|
2021-12-15 20:18:25 +00:00 |
|
|
bbfd872a24
|
Mount the whole host into the restic LXC, so I can backup PVE config
|
2021-12-11 13:17:58 +00:00 |
|
|
4452cc4eeb
|
Update synapse to 1.47.1
|
2021-11-23 22:04:42 +00:00 |
|
|
eed75d8648
|
Mount homeassistant data into restic for external backup
|
2021-11-21 21:53:35 +00:00 |
|
|
47bcbd855e
|
Update nextcloud to 22.2.3
|
2021-11-16 21:04:54 +00:00 |
|
|
5c0987de4d
|
Update uptime-kuma
|
2021-11-15 20:26:29 +00:00 |
|
|
e1205564cb
|
Update nebula to 1.5.0
|
2021-11-15 20:26:20 +00:00 |
|
|
ccaff503da
|
Move decker from AMS to Paris
The AMS DC has a bit of a flaky network connection, which isn't what you want for monitoring.
|
2021-11-06 16:45:09 +00:00 |
|
|
64695c3be1
|
Don't pipe dat ainto curl for healthchecks
See https://github.com/IronicBadger/ansible-role-snapraid/pull/9
|
2021-11-04 16:46:59 +00:00 |
|
|
ef22a43293
|
Update uptime-kuma to fix security issue
|
2021-10-29 21:52:09 +01:00 |
|
|
1b4d5de701
|
Rename plausible embed router
There's nothing really "bare" about it
|
2021-10-29 20:47:02 +01:00 |
|
|
0cb2a70d24
|
Upgrade Plausible to 1.4
|
2021-10-29 20:46:28 +01:00 |
|
|
090745456f
|
Update vaultwarden to 1.23.0
|
2021-10-23 16:24:42 +01:00 |
|
|
41fadd892e
|
Update uptime-kuma
|
2021-10-23 16:24:29 +01:00 |
|
|
4cdaba4692
|
Swap certificates for wildcards
|
2021-10-18 21:59:10 +01:00 |
|
|
ebb571bf20
|
Increase GC frequenc to work around restic's high memory usage
https://github.com/restic/restic/issues/1988
|
2021-10-15 12:39:16 +01:00 |
|
|
6cc7d0b89e
|
Update synapse
|
2021-10-14 18:34:49 +01:00 |
|
|
31208856c2
|
Pin uptime-kuma version
It's pretty important now
|
2021-10-14 18:34:00 +01:00 |
|
|
6f0d4b60df
|
Run more web processes for tt-rss
|
2021-10-03 16:45:18 +01:00 |
|
|
c867efbe3b
|
Use alternative container registries where available
|
2021-10-03 16:26:10 +01:00 |
|
|
3727dd473c
|
Update synapse to 1.43
|
2021-10-01 21:17:13 +01:00 |
|
|
7fd176466d
|
Update nextcloud to 22.2.0
Required quite some hacks around federatedfilesharing app not wanting to update
|
2021-10-01 20:52:07 +01:00 |
|
|
4293d030d4
|
Don't lint globally installed roles
|
2021-09-27 14:50:08 +01:00 |
|
|
4db474034e
|
Ignore my VMs from a fail2ban
|
2021-09-27 14:49:56 +01:00 |
|
|
7e2d01c612
|
Change domain
Now there's a status page, we can consider it public
|
2021-09-25 21:34:18 +01:00 |
|
|
3daf939b32
|
Update uptime-kuma container
Now does user management itself
|
2021-09-25 21:08:42 +01:00 |
|
|
8a37a9d41b
|
Move uptime-kuma to decker
|
2021-09-25 21:03:56 +01:00 |
|
|
a135aae5f3
|
Provision new VM
This will be used for monitoring
|
2021-09-25 16:59:23 +01:00 |
|
|
48934ad2c5
|
Apply gzip to everything
The middleware is smart enough to only apply it when needed, and only when it's not already compressed, so it's fine.
|
2021-09-19 22:48:48 +01:00 |
|
|
83ed8879dc
|
Correctly set smtp user for GitLab
The user and from are different in my case.
|
2021-09-19 22:34:40 +01:00 |
|
|
178ca6b2c4
|
Add privatebin config
Disable super long expirations, among other things
|
2021-09-19 19:29:05 +01:00 |
|
|
d70f450e2d
|
Change forget resolution to 30d
Restic is really annoying with its retention arguments, not really allowing what I want, so this is the easiest way to get decent retention.
|
2021-09-07 22:04:23 +01:00 |
|
|
0a8167c839
|
Remove stray expose
Traefik picks up the port just fine
|
2021-09-07 21:04:19 +01:00 |
|
|
eedba465c4
|
Update synapse
|
2021-09-07 21:04:04 +01:00 |
|
|
a866938207
|
Fix hostname of restic server
|
2021-09-06 21:07:10 +01:00 |
|
|
2db8ca5059
|
Add basic auth to dokku
|
2021-09-05 23:11:28 +01:00 |
|
|
a278443850
|
Use auto on nginx configs
Let nginx work it out, and default to 1 per core
|
2021-09-04 22:41:30 +01:00 |
|
|
6e25403b3d
|
Update synapse to 1.41.1
|
2021-08-31 19:08:38 +01:00 |
|
|
86e9d12ce6
|
Update nextcloud to 22.1.1
|
2021-08-31 19:03:19 +01:00 |
|
|
c2cd2e6e34
|
Add backups for grimes
|
2021-08-30 21:50:55 +01:00 |
|
|
07b2ea2ccb
|
Add the ability to exclude certain paths from backup
|
2021-08-30 21:49:58 +01:00 |
|
|
259b0ca7a6
|
Use upstream telegraf role
https://github.com/rossmcdonald/telegraf/pull/54 shipped
|
2021-08-30 21:22:26 +01:00 |
|
|
dcbe6e8e72
|
Use upstream version of ansible-role-snapraid
https://github.com/IronicBadger/ansible-role-snapraid/pull/7 shipped
|
2021-08-30 21:21:58 +01:00 |
|
|
95216b32c4
|
Consolidate server blocks
|
2021-08-24 14:31:12 +01:00 |
|
|
453a374801
|
Replace ingress proxy with nginx
This enables HTTPS redirecting at it too much more easily, and matches the gateway configuration.
Requires using upstream versions of nginx to enable https://nginx.org/en/docs/stream/ngx_stream_realip_module.html
|
2021-08-24 14:21:51 +01:00 |
|
|
f14e723d40
|
Fix service name on ingress
It's not alpine
|
2021-08-24 11:52:35 +01:00 |
|
|
601b916b43
|
Remove deprecated clients from wireguard server
I use nebula now for all that
|
2021-08-24 11:14:04 +01:00 |
|
|
edc5c325b7
|
Correctly check hostname against PVE hosts
Some of the hostnames have `-` in instead, which caused issues with the SSH config detecting which users to allow
|
2021-08-23 19:56:04 +01:00 |
|
|
ecb946bab4
|
Remove nginx version from headers
|
2021-08-23 16:12:34 +01:00 |
|
|
93cba46dd1
|
Redirect to HTTPS at the edge
|
2021-08-23 16:10:37 +01:00 |
|