670ad78d44
Add wireguard config for glinet router
/ terraform (push) Successful in 44s
/ ansible (push) Successful in 1m34s
2024-04-23 22:19:57 +01:00
8929a22ce5
Use LSIO docker socket proxy
/ terraform (push) Successful in 53s
/ ansible (push) Successful in 1m31s
2024-04-23 19:52:48 +01:00
ee96e6ab08
Rename forrest role to prometheus
...
/ ansible (push) Failing after 1m35s
/ terraform (push) Failing after 12m54s
Makes organising much simpler
2024-04-21 19:47:02 +01:00
ffbba254fb
Remove redundant quotes
2024-04-21 18:11:57 +01:00
c472411801
Deploy uptime-kuma
2024-04-21 18:11:39 +01:00
7564911da3
Add IPv6 to blackbox
...
/ terraform (push) Failing after 3s
/ ansible (push) Failing after 2s
This is needed to monitor private services
2024-04-20 18:12:38 +01:00
7ff44ee238
Add IPv6 to proxmox internal network
2024-04-20 18:00:08 +01:00
7c8d224c4a
Add headscale ACLs
...
/ ansible (push) Failing after 39s
/ terraform (push) Failing after 46s
Tags are managed entirely server side, so there's no priv esc issues.
This lets my devices do what they want, and server style devices can't do anything.
2024-04-20 15:46:21 +01:00
7bc0ebeb26
Update traefik Docker tag to v2.11
/ terraform (push) Failing after 2s
/ ansible (push) Failing after 2s
2024-04-15 17:43:05 +01:00
33f9c544fd
Remove /tt-rss/ path from URL
/ terraform (push) Failing after 3s
/ ansible (push) Failing after 2s
2024-04-15 17:33:36 +01:00
b6583cc823
Update Nextcloud version in config
/ terraform (push) Failing after 2s
/ ansible (push) Failing after 2s
2024-04-15 15:28:16 +01:00
9c02017fed
Unpin tandoor
2024-04-15 15:28:16 +01:00
91ec56717f
Update dependency artis3n.tailscale to v4.4.4
/ terraform (push) Failing after 16s
/ ansible (push) Failing after 13s
2024-04-15 15:07:14 +01:00
3318656730
Update dependency geerlingguy.ntp to v2.4.0
/ ansible (push) Failing after 24s
/ terraform (push) Failing after 31s
2024-04-15 15:06:23 +01:00
9d98d88089
Update lscr.io/linuxserver/nextcloud Docker tag to v28.0.4
/ terraform (push) Failing after 2s
/ ansible (push) Failing after 2s
2024-04-15 15:02:53 +01:00
67af033fcd
Update dependency dokku_bot.ansible_dokku to v2024
/ terraform (push) Failing after 2s
/ ansible (push) Failing after 2s
2024-04-15 14:36:50 +01:00
5330fdc56f
Update ghcr.io/goauthentik/server Docker tag to v2024
/ terraform (push) Failing after 2s
/ ansible (push) Failing after 2s
2024-04-15 14:11:11 +01:00
2e0b562f5d
Update matrixdotorg/synapse Docker tag to v1.104.0
/ terraform (push) Failing after 2s
/ ansible (push) Failing after 2s
2024-04-15 13:58:20 +01:00
989a804bad
Update wallabag/wallabag Docker tag to v2.6.9
/ terraform (push) Failing after 51s
/ ansible (push) Failing after 46s
2024-04-03 12:00:18 +01:00
8424b3211b
Allow ingress
to serve as tailscale exit node
/ terraform (push) Successful in 38s
/ ansible (push) Successful in 1m46s
2024-03-28 23:30:24 +00:00
5157940f20
Stop exposing homeassistant
/ terraform (push) Successful in 58s
/ ansible (push) Successful in 1m52s
2024-03-23 11:54:26 +00:00
eb6fe3a23b
Allow forrest to access internal services
...
/ terraform (push) Successful in 36s
/ ansible (push) Successful in 1m36s
This is mostly for monitoring
2024-03-22 18:13:25 +00:00
b2656bdf43
Make vaultwarden VPN only
...
/ terraform (push) Successful in 33s
/ ansible (push) Successful in 1m36s
The first service to go dark...
2024-03-21 23:20:27 +00:00
0295507d0b
Increase frequency of snapshots
/ terraform (push) Failing after 34s
/ ansible (push) Successful in 1m34s
2024-03-19 21:31:27 +00:00
f88d224168
Allow only exposing services over Tailscale
...
/ terraform (push) Failing after 41s
/ ansible (push) Successful in 1m41s
This works using public DNS, so doesn't need Tailscale's magic DNS to override my local.
2024-03-07 22:30:10 +00:00
451a114262
Add IPv6 support for internal DNS overrides
...
CoreDNS 1.11.2 finally shipped!
2024-03-07 20:02:39 +00:00
119b3212a9
Remove robots.txt for gitea
/ terraform (push) Successful in 27s
/ ansible (push) Successful in 1m30s
2024-03-04 08:38:16 +00:00
5aae711cb8
Update vaultwarden/server Docker tag to v1.30.5
/ terraform (push) Successful in 46s
/ ansible (push) Successful in 1m45s
2024-03-04 08:33:59 +00:00
f552332598
Update lscr.io/linuxserver/mastodon Docker tag to v4.2.8
/ ansible (push) Has been cancelled
/ terraform (push) Has been cancelled
2024-03-04 08:33:51 +00:00
82451784a8
Deploy slides hosting
/ terraform (push) Successful in 50s
/ ansible (push) Successful in 1m49s
2024-03-03 21:39:22 +00:00
000f3d3348
Add HSTS to all nginx requests
2024-03-03 21:37:07 +00:00
0dcc3f7c30
Use regular version of nginx on Arch
...
/ terraform (push) Successful in 30s
/ ansible (push) Successful in 1m30s
`nginx-mainline` requires modules be recompiled each time, and isn't handled automatically. It's still a very new and maintained release.
2024-02-29 19:46:32 +00:00
8a1e21c79d
Ensure headscale sees the correct IP
/ terraform (push) Successful in 49s
/ ansible (push) Successful in 1m48s
2024-02-29 17:41:29 +00:00
998d798797
Set maintenance window for nextcloud
/ terraform (push) Successful in 26s
/ ansible (push) Successful in 1m37s
2024-02-21 21:57:03 +00:00
11a93dac55
Update nextcloud version in config
2024-02-21 21:52:58 +00:00
97da6edc13
Update dependency ansible-lint to v24
/ terraform (push) Successful in 27s
/ ansible (push) Successful in 1m36s
2024-02-21 21:47:29 +00:00
d66708b10b
Update dependency artis3n.tailscale to v4.4.2
/ terraform (push) Successful in 24s
/ ansible (push) Successful in 1m34s
2024-02-21 21:43:33 +00:00
7d64518840
Update matrixdotorg/synapse Docker tag to v1.101.0
/ ansible (push) Has been cancelled
/ terraform (push) Has been cancelled
2024-02-21 21:43:15 +00:00
26bcf09fea
Update lscr.io/linuxserver/nextcloud Docker tag to v28.0.2
/ terraform (push) Has been cancelled
/ ansible (push) Has been cancelled
2024-02-21 21:42:50 +00:00
808e72553b
Add the basics of some edge caching
/ ansible (push) Has been cancelled
/ terraform (push) Has been cancelled
2024-02-21 21:42:16 +00:00
b513c88774
Update vaultwarden/server Docker tag to v1.30.3
/ ansible (push) Successful in 1m33s
/ terraform (push) Successful in 27s
2024-02-19 14:13:02 +00:00
7741fbc163
Update vabene1111/recipes Docker tag to v1.5.13
/ terraform (push) Successful in 25s
/ ansible (push) Successful in 1m34s
2024-02-19 14:07:32 +00:00
45cf930d14
Update lscr.io/linuxserver/mastodon Docker tag to v4.2.7
/ terraform (push) Successful in 49s
/ ansible (push) Successful in 1m54s
2024-02-17 08:00:21 +00:00
58c48261e7
Consolidate vikunja container
/ terraform (push) Successful in 53s
/ ansible (push) Successful in 1m51s
2024-02-12 14:12:17 +00:00
91a247868b
Add routes from forrest to tailscale network
/ terraform (push) Successful in 27s
/ ansible (push) Successful in 1m35s
2024-02-07 22:12:08 +00:00
df43be6f9b
Set private_ip
for some other machines
/ terraform (push) Successful in 36s
/ ansible (push) Successful in 1m39s
2024-02-07 19:27:48 +00:00
b6eca40ae0
Allow tailscale IP in more places
2024-02-07 18:21:16 +00:00
6c1c245c23
Update matrixdotorg/synapse Docker tag to v1.100.0
/ terraform (push) Successful in 25s
/ ansible (push) Successful in 1m38s
2024-02-02 13:38:12 +00:00
379d4a26fa
Update vabene1111/recipes Docker tag to v1.5.12
/ ansible (push) Has been cancelled
/ terraform (push) Has been cancelled
2024-02-02 13:38:00 +00:00
f1a2694f1a
Update lscr.io/linuxserver/mastodon Docker tag to v4.2.5
/ terraform (push) Successful in 29s
/ ansible (push) Has been cancelled
2024-02-02 13:37:05 +00:00
02847355a7
Install tailscale
...
/ terraform (push) Successful in 29s
/ ansible (push) Successful in 1m34s
Install, not configure
2024-02-01 19:41:47 +00:00
29cac09b48
Remove explicit port for headscale
2024-02-01 18:32:53 +00:00
dba0262801
Remove website tmpfs
...
/ terraform (push) Successful in 29s
/ ansible (push) Successful in 1m36s
The server's disk is probably fast enough, and container restarts will nuke that storage anyway
2024-02-01 18:15:51 +00:00
0c6528f9ca
Restrict access to headscale OIDC and API
/ terraform (push) Successful in 29s
/ ansible (push) Successful in 1m33s
2024-01-31 21:40:43 +00:00
dfa8328e7b
Move gateway logs to separate file
2024-01-31 21:06:19 +00:00
53c758a781
Monitor headscale with prometheus
/ terraform (push) Successful in 29s
/ ansible (push) Successful in 1m38s
2024-01-27 17:40:02 +00:00
b51677b795
Back up headscale config
/ terraform (push) Successful in 48s
/ ansible (push) Successful in 1m51s
2024-01-27 15:04:53 +00:00
2ceeaf091d
Deploy headscale
/ terraform (push) Failing after 11m20s
/ ansible (push) Failing after 11m6s
2024-01-27 14:18:37 +00:00
06784563a7
Don't resolve ipv6
...
/ terraform (push) Successful in 30s
/ ansible (push) Successful in 1m36s
Something about this setup doesn't like it, so I'll disable v6 for now
2024-01-26 21:43:04 +00:00
4f6f4143ce
Update matrixdotorg/synapse Docker tag to v1.99.0
/ terraform (push) Successful in 31s
/ ansible (push) Successful in 1m46s
2024-01-22 09:15:38 +00:00
5292785cd9
Update wallabag/wallabag Docker tag to v2.6.8
/ terraform (push) Has started running
/ ansible (push) Successful in 1m38s
2024-01-22 09:11:27 +00:00
d297674fb5
Update vabene1111/recipes Docker tag to v1.5.11
/ terraform (push) Successful in 49s
/ ansible (push) Successful in 1m51s
2024-01-22 08:42:36 +00:00
88f0828153
Use primary Quad9 servers
...
/ terraform (push) Successful in 47s
/ ansible (push) Successful in 1m39s
DNSSEC and malware blocking is probably useful, just in case
2024-01-21 23:19:49 +00:00
cfc3de61b4
Add fallback quad9 address
...
This aids availability, along with a healthcheck
2024-01-21 23:05:25 +00:00
c6bae0f797
Do simple endsWith
matching for docker view
...
/ terraform (push) Successful in 33s
/ ansible (push) Successful in 1m42s
This saves the need for a regex
2024-01-14 22:27:02 +00:00
4c5936b2aa
Disable Grafana analytics
/ terraform (push) Successful in 32s
/ ansible (push) Successful in 1m41s
2024-01-14 15:30:12 +00:00
9d685d85aa
Update website deployment to unify containers
/ terraform (push) Successful in 1m9s
/ ansible (push) Successful in 2m17s
2024-01-14 14:22:19 +00:00
ac166c3874
Start resolved to support mDNS
/ terraform (push) Successful in 34s
/ ansible (push) Successful in 1m44s
2024-01-10 13:28:45 +00:00
06b9197c5b
Sync terraform state to restic
...
/ terraform (push) Successful in 31s
/ ansible (push) Successful in 1m47s
This allows it to be backed up easily
2024-01-09 19:56:06 +00:00
4a69df1d6c
Ignore ansible-lint for nebula install block
...
/ terraform (push) Successful in 1m28s
/ ansible (push) Successful in 1m48s
I'm smarter than it is
2024-01-08 21:49:38 +00:00
f33d19e156
Move AdGuardHome configuration to Terraform
...
https://git.theorangeone.net/systems/adguardhome
2024-01-08 21:45:28 +00:00
ed59458f39
Add backups to tang
/ terraform (push) Successful in 1m21s
/ ansible (push) Failing after 1m37s
2024-01-08 19:20:55 +00:00
616d20e23b
Tweak some AGH settings
/ terraform (push) Successful in 1m15s
/ ansible (push) Failing after 1m59s
2024-01-08 19:01:46 +00:00
383a57d1f2
Use DoH endpoint fot quad9
...
Seems latency is much lower
2024-01-08 18:21:03 +00:00
c8211d4756
Use Debian repo version of nginx
...
/ terraform (push) Successful in 1m3s
/ ansible (push) Failing after 1m53s
It's older, and doesn't have `stream` compiled in, but the repo one can't link to any of the installed modules, which is a non-starter.
2024-01-04 14:17:36 +00:00
57ad143268
Set password for homeassistant SMB mount
...
/ terraform (push) Successful in 38s
/ ansible (push) Failing after 1m40s
It had an IP restriction, but still
2024-01-03 21:23:49 +00:00
16e9952b2f
Replace custom restic logs with runitor
2024-01-03 21:09:07 +00:00
f5154d1683
Use CoreDNS to do recursive CNAME aliasing for AGH
/ terraform (push) Successful in 47s
/ ansible (push) Failing after 1m38s
2024-01-02 17:48:47 +00:00
3ed7074af6
Rename coredns role
2024-01-02 17:02:34 +00:00
5581bbc01a
Replace pihole with adguardhome
...
/ terraform (push) Successful in 1m13s
/ ansible (push) Successful in 2m19s
AGH is much simpler to install and manage, and does DoH natively.
2024-01-01 15:48:14 +00:00
56bfe544e4
nginx HTTPS redirect on ipv6
2023-12-31 22:49:11 +00:00
83543fe081
Update lscr.io/linuxserver/nextcloud Docker tag to v28.0.1
/ terraform (push) Successful in 33s
/ ansible (push) Successful in 1m49s
2023-12-28 21:39:28 +00:00
0e0d0c9b82
walker
doesn't have a traefik
anymore
/ terraform (push) Successful in 1m8s
/ ansible (push) Successful in 2m15s
2023-12-26 22:31:12 +00:00
026d8db13e
Be root when generating dhparams
...
/ terraform (push) Successful in 37s
/ ansible (push) Successful in 1m50s
This is needed to write to the destination
2023-12-24 19:44:30 +00:00
593a945c5c
Install nginx from package manager if available
2023-12-24 19:44:30 +00:00
bd15946f3b
Update Nebula
2023-12-24 19:44:30 +00:00
f4b96afcfa
Deploy ntfy
/ terraform (push) Successful in 1m15s
/ ansible (push) Successful in 2m22s
2023-12-23 16:40:53 +00:00
c0c7f393e3
Only pin to minor versions of gitea
/ terraform (push) Successful in 32s
/ ansible (push) Successful in 1m48s
2023-12-21 16:43:18 +00:00
5fd952be4c
Only pin to minor version of Authentik
2023-12-21 16:42:02 +00:00
1e798ac5ce
Don't require role variables to be prefixed
2023-12-21 16:38:24 +00:00
39899cd1e0
Use certbot to issue certificates
2023-12-21 16:38:07 +00:00
8e1a203df2
Add helper map for better websocket support
2023-12-21 16:38:07 +00:00
a3baf8be1e
Use nginx as reverse proxy on walker, removing traefik
...
SSL coming soon
2023-12-21 16:38:07 +00:00
a7eb372899
Fix HTTPS redirect hostname
2023-12-21 14:58:19 +00:00
80a770f399
Add include files before main nginx config
2023-12-21 14:58:04 +00:00
ef432642dd
Unify nginx module tasks
/ terraform (push) Successful in 1m8s
/ ansible (push) Failing after 2m0s
2023-12-20 22:35:11 +00:00
b32a63bd72
Add helpful includes
...
Along with ensuring there are dhparams
2023-12-20 22:29:42 +00:00
2336e4dd5b
Add brotli
/ terraform (push) Successful in 1m5s
/ ansible (push) Successful in 2m19s
2023-12-17 18:12:33 +00:00
46eda36515
Fully block Server header
/ terraform (push) Successful in 31s
/ ansible (push) Successful in 1m46s
2023-12-16 21:57:19 +00:00
cfb498d7c6
Only add HTTPS redirect when it's needed
/ terraform (push) Successful in 1m3s
/ ansible (push) Successful in 2m7s
2023-12-16 18:13:49 +00:00
48efcf4d91
Use mainline nginx release on Arch
2023-12-16 18:03:01 +00:00
930cf87084
gzip as much as makes sense
2023-12-16 17:58:15 +00:00
92052a3d0a
Unify nginx configuration
...
This creates a simple base configuration skeleton, that other configuration can be easily loaded into.
2023-12-16 17:47:04 +00:00
943c141d59
Ensure ingress proxy doesn't terminate connections
...
/ terraform (push) Successful in 1m6s
/ ansible (push) Successful in 2m16s
This mostly works around a weird issues with Jellyfin
2023-12-14 22:08:02 +00:00
2ff2128330
Set pihole temp unit
2023-12-14 22:04:14 +00:00
b33e19e152
Remove unnecessary extra variable definitions
...
The world could do with a bit less YAML!
2023-12-14 22:03:23 +00:00
7ad5d6e51e
Deploy coredns as a proxy to Docker's internal DNS
2023-12-14 21:04:26 +00:00
7381c1f10a
Update nextcloud version in config.php
/ terraform (push) Successful in 27s
/ ansible (push) Successful in 1m41s
2023-12-13 17:48:46 +00:00
18fd0631e1
Update lscr.io/linuxserver/nextcloud Docker tag to v28
/ terraform (push) Successful in 29s
/ ansible (push) Successful in 1m37s
2023-12-13 17:38:40 +00:00
05eee3f4de
Update gitea/gitea Docker tag to v1.21.2
/ terraform (push) Successful in 31s
/ ansible (push) Has been cancelled
2023-12-13 17:37:11 +00:00
e0f7b47961
Update lscr.io/linuxserver/mastodon Docker tag to v4.2.3
/ terraform (push) Successful in 1m4s
/ ansible (push) Successful in 2m6s
2023-12-05 18:00:28 +00:00
c0df505f70
Disable browser updates for nextcloud
/ terraform (push) Successful in 27s
/ ansible (push) Successful in 1m36s
2023-12-04 09:39:14 +00:00
aecd7c0a18
Upgrade nextcloud version in config
2023-12-04 09:38:43 +00:00
b9c5c7ce01
Update lscr.io/linuxserver/nextcloud Docker tag to v27.1.4
/ terraform (push) Successful in 26s
/ ansible (push) Successful in 1m34s
2023-12-04 09:35:32 +00:00
e815fcb2be
Pin all redis versions to 7
...
/ terraform (push) Successful in 28s
/ ansible (push) Successful in 1m34s
Keeps them all in sync
2023-12-04 09:22:51 +00:00
ad7bd24fec
Update dependency ansible-lint to v6.22.1
/ terraform (push) Successful in 25s
/ ansible (push) Successful in 2m38s
2023-12-04 09:10:46 +00:00
85352014ab
Update matrixdotorg/synapse Docker tag to v1.97.0
/ terraform (push) Successful in 27s
/ ansible (push) Has been cancelled
2023-12-04 09:09:07 +00:00
01eb469ac8
Update vabene1111/recipes Docker tag to v1.5.10
/ terraform (push) Successful in 26s
/ ansible (push) Has been cancelled
2023-12-03 14:00:28 +00:00
461ec71b12
Update gitea branding path
/ terraform (push) Successful in 32s
/ ansible (push) Successful in 1m46s
2023-11-27 19:19:58 +00:00
2fe093668d
Update ghcr.io/goauthentik/server Docker tag to v2023.10.4
/ terraform (push) Successful in 26s
/ ansible (push) Successful in 1m36s
2023-11-27 08:37:21 +00:00
58c14c7f94
Update vaultwarden/server Docker tag to v1.30.1
/ terraform (push) Successful in 26s
/ ansible (push) Successful in 1m36s
2023-11-27 08:35:50 +00:00
d0a994198c
Update gitea/gitea Docker tag to v1.21.1
/ terraform (push) Successful in 1m4s
/ ansible (push) Successful in 2m7s
2023-11-26 18:00:27 +00:00
5e8918221f
Update gitea/gitea Docker tag to v1.21.0
/ terraform (push) Successful in 31s
/ ansible (push) Successful in 1m38s
2023-11-19 18:04:14 +00:00
0d970d276d
Update matrixdotorg/synapse Docker tag to v1.96.1
/ terraform (push) Successful in 31s
/ ansible (push) Successful in 1m37s
2023-11-19 17:59:53 +00:00
8666933bfb
Revert "Use OIDC to log in to tt-rss"
...
/ terraform (push) Successful in 1m5s
/ ansible (push) Successful in 2m11s
OIDC breaks any kind of API integration, which is very annoying
This reverts commit 66ddef96e2
.
2023-11-18 21:57:16 +00:00
3df1e1d46b
Update Nextcloud version in config.php
/ terraform (push) Successful in 24s
/ ansible (push) Successful in 1m41s
2023-11-13 18:22:42 +00:00
e3da2710a7
Update lscr.io/linuxserver/nextcloud Docker tag to v27.1.3
/ terraform (push) Successful in 28s
/ ansible (push) Successful in 1m39s
2023-11-13 18:22:06 +00:00
19febd9c35
Update matrixdotorg/synapse Docker tag to v1.95.1
/ terraform (push) Successful in 29s
/ ansible (push) Successful in 1m41s
2023-11-13 18:19:38 +00:00
f0c0b6d4b4
Update vaultwarden/server Docker tag to v1.30.0
/ terraform (push) Successful in 28s
/ ansible (push) Successful in 1m41s
2023-11-13 18:17:52 +00:00
d76ff190b3
Update dependency yamllint to v1.33.0
/ terraform (push) Successful in 25s
/ ansible (push) Successful in 1m36s
2023-11-13 18:15:52 +00:00
a4958e619a
Update ghcr.io/goauthentik/server Docker tag to v2023.10.3
/ terraform (push) Successful in 28s
/ ansible (push) Successful in 1m45s
2023-11-13 18:15:28 +00:00
e4b2318c82
Monitor authentik
/ terraform (push) Successful in 37s
/ ansible (push) Successful in 1m42s
2023-11-12 21:25:02 +00:00
dfef31cbfa
Deploy minio
...
My own S3, for various things
2023-11-12 21:23:54 +00:00
38840402b9
Disable repo units I don't use by default
/ terraform (push) Successful in 31s
/ ansible (push) Successful in 1m41s
2023-11-12 18:28:01 +00:00
5f31a39804
Ensure Nextcloud can talk to local servers
...
/ terraform (push) Successful in 30s
/ ansible (push) Successful in 1m40s
Needed for Authentik
2023-11-08 19:51:16 +00:00
66ddef96e2
Use OIDC to log in to tt-rss
2023-11-08 19:46:16 +00:00
935b099c4f
Decommission upload
...
/ terraform (push) Successful in 30s
/ ansible (push) Successful in 1m38s
It was never really used for anything, and I want to replace it with something better eventually
2023-11-07 21:17:21 +00:00
dbbfe55975
Deploy authentik
...
_again_.
2023-11-07 21:17:21 +00:00
48dbaeed99
Deploy remark42
...
/ terraform (push) Successful in 29s
/ ansible (push) Successful in 1m43s
To soon replace Commento
2023-11-06 21:29:28 +00:00
5fb605231d
Allow pings to ingress
...
/ terraform (push) Successful in 33s
/ ansible (push) Successful in 1m50s
This makes testing connections much simpler
2023-11-05 21:48:25 +00:00
dd1558bafa
Set sensible permissions on nftables config
2023-11-05 21:43:16 +00:00
b0347fc037
Remove redundant quotes
2023-11-05 21:43:02 +00:00
64f5763571
Ensure nginx role is actually installed
/ terraform (push) Successful in 33s
/ ansible (push) Failing after 1m36s
2023-11-05 21:37:33 +00:00
f1ac40f432
Reduce pihole cache size
...
/ terraform (push) Successful in 1m9s
/ ansible (push) Failing after 2m11s
This is still a lot of records, and pihole complains with values any larger
2023-11-05 13:22:05 +00:00
850278ab19
Allow nebula through firewall
/ terraform (push) Successful in 1m6s
/ ansible (push) Failing after 2m8s
2023-11-03 18:06:36 +00:00
b1284877a3
Update blackbox configuration for not following redirects
/ terraform (push) Successful in 30s
/ ansible (push) Failing after 1m23s
2023-11-01 22:14:35 +00:00
6b4285a264
Let alertmanager run as its own user
...
It's already not-root, and can't access the filesystem anyway
2023-11-01 22:13:37 +00:00
3ed786336e
Remove wireguard_53
...
/ terraform (push) Successful in 34s
/ ansible (push) Failing after 1m25s
I never used it - no reason to maintain it
2023-10-26 21:50:22 +01:00
9f83efa53b
Use nftables for firewall on ingress
...
See ya never, iptables!
2023-10-26 21:34:06 +01:00
54e2205e48
Don't bother renaming speedtest metrics
/ terraform (push) Successful in 32s
/ ansible (push) Failing after 1m20s
2023-10-23 22:09:25 +01:00