Commit graph

834 commits

Author SHA1 Message Date
3c8d9fe940
Block all ports 2021-03-28 16:28:07 +01:00
4d218248fa
Remotely connect to fail2ban to do ports
Traefik can affect the edge, so blocks work there and prevent traffic hitting home network.
2021-03-28 16:06:36 +01:00
ac186f42e0
Keep fewer fail2ban logs 2021-03-28 13:06:01 +01:00
6973fb536f
Add fail2ban for traefik
Remote action coming soon
2021-03-28 13:05:38 +01:00
8398a2df21
Use endpoint middleware rather than hacky router 2021-03-27 23:34:34 +00:00
a5af5bea6c
Force bitwarden to use public DNS
It doesn't like creating icons for local IP spaces, so my overriden DNS doesn't play well
2021-03-27 18:45:06 +00:00
1d997d3c33
Remove separate private and protected IP 2021-03-27 18:42:06 +00:00
7580c0fd59
Remove walker for now
Tried to use alpine, Nebula doesn't like it. Will use Debian, and recreate the machine when I have more time
2021-03-26 21:58:24 +00:00
116e1adb50
Disable Traefik pilot on dashboard 2021-03-24 23:14:01 +00:00
36f6bd62bb
Update gitea to 1.13.6 2021-03-24 22:57:45 +00:00
5084bfecdf
Ignore PVE interface from f2b jails 2021-03-24 22:35:28 +00:00
f436e4660b
Remove intersect host config
is dead
2021-03-24 22:19:50 +00:00
e67e4565d3
Remove expose_ssh and support SSH listening on nebula and PVE
No more wireguard SSH for me
2021-03-24 22:19:29 +00:00
e80bcb5a8b
Move generic vultr firewall stuff into module
Modules are pretty nice!
2021-03-23 22:33:10 +00:00
95e97ef757
Iterate over firewall ports
I'll convert this to a module some day, honest!
2021-03-23 22:09:48 +00:00
70829dc617
Provision walker server
This will eventually replace `grimes`
2021-03-23 21:31:31 +00:00
ba8220cff2
Remove minecraft port forward 2021-03-23 21:23:45 +00:00
bbfe85b2c8
Update vultr provider
This was a pretty breaking change which required re-importing most of its state
2021-03-23 21:22:31 +00:00
3c06eb748d
Update gitea to 1.13.5 2021-03-23 17:22:13 +00:00
a43dac3a80
Actually add bitwarden DNS 2021-03-21 21:03:47 +00:00
ece0c841b2
Fix compose version
Mostly fix quotes, but also standardize
2021-03-21 18:51:38 +00:00
d4477c4bea
Add bitwarden_rs 2021-03-21 18:47:20 +00:00
65f9206b95
Fix NTP updates
Manually apply https://github.com/geerlingguy/ansible-role-ntp/pull/84, so machines actually update themselves via NTP
2021-03-13 18:46:45 +00:00
f6559ff1bd
Remove collabora
It doesn't seem to like being run inside LXC. I barely used it, anyway.
2021-03-12 23:35:39 +00:00
ab1e2fbae2
Increase ZFS RAM usage
If i've got a load of RAM free, it might as well be being used to cache ZFS!
2021-03-06 21:38:21 +00:00
3eb286c9bd
Move envrironment variables to docker
Using the `TTRSS_` prefix to follow upstream standard rather than container's

https://github.com/lunik1/docker-tt-rss/issues/3
2021-03-06 12:11:08 +00:00
8d136f0b55
Set default phone region for Nextcloud 2021-03-06 11:19:11 +00:00
9d6ed88e13
Monitor proxmox stats 2021-03-05 22:14:21 +00:00
d43d3433fa
Collect SMART metrics for disks 2021-03-05 20:50:08 +00:00
6b95b75fc2
Move telegraf to host
This makes metric collection for SMART much simpler. I'll still be using the prometheus node exporter for actual system metrics, though.
2021-03-05 20:39:11 +00:00
aa3da3cf10
Upgrade gitea to 1.13.3 2021-03-05 20:05:51 +00:00
89dbbc71e5
Move files into application directories 2021-03-05 14:40:17 +00:00
8e977edba1
Ignore go metrics 2021-03-05 14:27:33 +00:00
b264e5cbcc
Monitor traefik with prometheus rather than influxdb 2021-03-04 16:37:53 +00:00
e8960ebf27
Connect forrest to nebula hosts 2021-03-04 16:08:53 +00:00
2e05ed08fa
Use hostname rather than fqdn 2021-03-04 16:06:43 +00:00
a4eb26b129
Use Nebula as the primary private interface rather than wireguard 2021-03-04 16:02:42 +00:00
c6d9102e1e
Don't install NTP on LXC containers
This can cause issues with containers trying to sync the system clock, and getting it wrong
2021-03-04 15:45:47 +00:00
aba81f79bc
Add telegraf
And input to ping and output via prometheus
2021-03-04 15:16:54 +00:00
914676d209
Add prometheus for metrics 2021-03-04 14:53:03 +00:00
fe2450d43b
Add grafana docker network and restrict port binds 2021-03-04 14:39:40 +00:00
155bc837a8
Update synapse to 1.28 2021-03-02 12:31:07 +00:00
9d5c7e56e8
Move nextcloud things back to tank 2021-03-02 12:26:23 +00:00
21a2532f8a
Update nextcloud to 21 2021-03-02 12:03:13 +00:00
63d156c0a0
Stop always restarting whoami
whoami never sets `config_file`, so it's shadowed by whatever set it before
2021-02-27 22:09:24 +00:00
1413efdd19
Copy feed icons and DB to tank 2021-02-27 22:08:01 +00:00
a2fe3ca37a
Fix TT-RSS config
It needs to be environment variables now, but there's a bug where it doesn't read docker ones for some reason
2021-02-27 21:29:24 +00:00
b3a72eb8f1
Add influxdb server for metrics 2021-02-14 16:24:45 +00:00
ec0c78e6d9
Read emails from secrets 2021-02-14 12:29:14 +00:00
872471ef52
Setup email for grafana 2021-02-14 12:19:51 +00:00