systems
/
infrastructure
1
Fork 0
Code Issues 1 Pull Requests 12 Actions Activity
992 Commits 13 Branches 0 Tags 2.7 MiB
Commit Graph

992 Commits

Author SHA1 Message Date
Jake Howard 2093f72602
Add a skeleton k8s deployment setup 
DNS will come later
 2022-03-07 21:58:17 +00:00
Jake Howard 812e828862
Allow unprivileged ports to access cluster 
This is needed for ingress-nginx
 2022-03-07 20:32:14 +00:00
Jake Howard 3ad719a4e7
Init a k8s 
May god have mercy on my ~soul~.

The firewall config may not be valid, due to node recycling, but here's hoping!
 2022-03-03 21:50:24 +00:00
Jake Howard 2715161929
Make sure SSH port is exposed on `grimes` 
This is needed for dokku deployments
 2022-03-03 20:29:53 +00:00
Jake Howard 293aed0fd3
Enable GitLab registry 2022-02-25 21:48:13 +00:00
Jake Howard 47b5a2fbd3
Add renovate config 2022-02-21 21:53:22 +00:00
Jake Howard 997fb0e600
Update synapse to 1.52 2022-02-21 21:50:30 +00:00
Jake Howard 7ad6e81981
Update nextcloud to 23.0.2 2022-02-21 21:50:18 +00:00
Jake Howard 7a05e154a6
Update uptime-kuma 2022-02-21 21:50:07 +00:00
Jake Howard c34b9e48f4
Add support for building docker containers on CI 
This is easier than dind
 2022-02-14 09:09:28 +00:00
Jake Howard 6b63c2685b
Add an additional domain for matrix 
I'll migrate over to this eventually. But doing a hard migration has just wasted my entire evening...
 2022-02-13 20:54:46 +00:00
Jake Howard 722b964bc9
Add Google Search Console integration to Plausible 2022-02-13 16:43:09 +00:00
Jake Howard a075b8f252
Update Vaultwarden to 1.24 2022-02-08 08:56:28 +00:00
Jake Howard 4562b60517
Update Traefik to 2.6 2022-02-08 08:55:50 +00:00
Jake Howard af0eb65cce
Update synapse to 1.51 2022-02-08 08:55:41 +00:00
Jake Howard 151c5bc1d9
Decommission casey instance in vultr 
The end of an era, my oldest server.
 2022-01-30 21:00:38 +00:00
Jake Howard 5df4a2c79a
Rotate nebula keys 
Turns out they expired last night...
 2022-01-30 21:00:38 +00:00
Jake Howard b91072b0da
Create a pages user for user with status checks 2022-01-29 22:18:07 +00:00
Jake Howard a5d9463f80
Ensure webdav pages is also accessible to Traefik 2022-01-29 22:11:19 +00:00
Jake Howard f07b5d9b7b
Migrate `include:` to `include_tasks` 2022-01-22 20:21:32 +00:00
Jake Howard 106a89d72f
Use groups to manage sudo access rather than editing sudoers file 2022-01-22 20:10:16 +00:00
Jake Howard 7e6e630808
Don't provision occ script on every machine 
It only makes sense on 1
 2022-01-21 22:28:13 +00:00
Jake Howard 6db0500e1b
Provision remote f2b key with ansible 2022-01-21 22:11:49 +00:00
Jake Howard e8d4244946
Restart nebula, rather than reloading it 
Reloading doesn't actually work it seems
 2022-01-21 21:52:48 +00:00
Jake Howard af396a21cb
Provision a new `casey`on Linode 2022-01-21 21:52:21 +00:00
Jake Howard 188b7c9dd6
Install wireguard tools before provisioning config 2022-01-21 20:29:34 +00:00
Jake Howard c1319a134a
Forget snapshots in groups by host 
By default, it includes the path, which means path changes result in very old snapshots

https://twitter.com/RealOrangeOne/status/1484217495124852748
 2022-01-20 17:43:56 +00:00
Jake Howard 1db289b604
Show domain in logs rather than upstream 
The upstream is always the same, and no use to us
 2022-01-19 09:00:20 +00:00
Jake Howard 619d5bfa7b
Give every cloud machine its own cname 2022-01-19 08:44:21 +00:00
Jake Howard af07840de7
Harden SPF 2022-01-19 08:19:51 +00:00
Jake Howard 9404f71dc6
Remove old DB backups dir from backups 2022-01-16 17:56:45 +00:00
Jake Howard a07b1dbad5
Ensure grimes backs up its databases 2022-01-16 17:56:13 +00:00
Jake Howard 5cc552d0eb
Add container to automatically backup DBs 2022-01-16 17:51:03 +00:00
Jake Howard 6c0314b758
Add an nginx container to do crazy things with traefik 2022-01-16 14:08:38 +00:00
Jake Howard d5c7d94ac8
Run traefik as dockeruser, and without host networking 
This required port forwarding, a docker proxy, and a docker network, but the end result should be much more secure!
 2022-01-15 23:44:06 +00:00
Jake Howard 1348eb8b1c
Prefent yourls redirect page being indexed 2022-01-11 21:20:23 +00:00
Jake Howard 89a99d2db2
Make ansible a dev dependency 
It's required by `ansible-lint` to work properly
 2022-01-11 21:19:02 +00:00
Jake Howard c5215e330b
Update yamllint to fix dependency issue 
I think this still validates everything we need it to
 2022-01-11 20:51:12 +00:00
Jake Howard db68c107d0
Decommission decker on Vultr 2022-01-11 19:25:04 +00:00
Jake Howard ceb62cc0c8
Open the right ports so web traffic will flow 2022-01-11 09:08:23 +00:00
Jake Howard cf0e718bfb
Migrate decker services to linode 
Mostly just uptime-kuma
 2022-01-11 09:07:48 +00:00
Jake Howard 50398eac07
Commit the terraform lock file 
It tells you to
 2022-01-08 22:12:44 +00:00
Jake Howard e50a1f9a72
Privision a decker on linode 2022-01-08 22:12:28 +00:00
Jake Howard 0a13f78d29
Add linode to terraform setup 
Let the migration, begin!
 2022-01-08 22:11:34 +00:00
Jake Howard 41289ab359
Reduce ZFS memory usage to 5GB 
That's still more than 1GB per usable TB of space. Should really be ample
 2022-01-08 12:29:35 +00:00
Jake Howard 1f6c6858e5
Fix NTP timesyncd issue 
https://github.com/geerlingguy/ansible-role-ntp/pull/110
 2022-01-08 12:29:13 +00:00
Jake Howard 02cfd37a02
Update uptime-kuma 2022-01-08 12:18:25 +00:00
Jake Howard 1a74e05a7c
Create a dedicated machine for renovate 
This way it can do what it wants with docker. Because apparently it's very picky about how it's setup
 2022-01-01 22:59:13 +00:00
Jake Howard 78b0161585
Install renovate 
It doesn't quite work, as really it needs docker to correctly update packages. But it's a start for now
 2022-01-01 18:23:32 +00:00
Jake Howard b81f250d02
Update clickhouse config to reference new tables to remove 2021-12-29 17:34:07 +00:00