7ff44ee238
Add IPv6 to proxmox internal network
2024-04-20 18:00:08 +01:00
b6eca40ae0
Allow tailscale IP in more places
2024-02-07 18:21:16 +00:00
9f83efa53b
Use nftables for firewall on ingress
...
See ya never, iptables!
2023-10-26 21:34:06 +01:00
2af9f8529d
Fix new ansible-lint errors
...
/ terraform (push) Successful in 46s
/ ansible (push) Successful in 1m53s
Quite a few changes here, hopefully they work!
2023-06-15 15:16:19 +01:00
f07b5d9b7b
Migrate include: to include_tasks
2022-01-22 20:21:32 +00:00
106a89d72f
Use groups to manage sudo access rather than editing sudoers file
2022-01-22 20:10:16 +00:00
c5215e330b
Update yamllint to fix dependency issue
...
I think this still validates everything we need it to
2022-01-11 20:51:12 +00:00
edc5c325b7
Correctly check hostname against PVE hosts
...
Some of the hostnames have `-` in instead, which caused issues with the SSH config detecting which users to allow
2021-08-23 19:56:04 +01:00
ac186f42e0
Keep fewer fail2ban logs
2021-03-28 13:06:01 +01:00
6973fb536f
Add fail2ban for traefik
...
Remote action coming soon
2021-03-28 13:05:38 +01:00
5084bfecdf
Ignore PVE interface from f2b jails
2021-03-24 22:35:28 +00:00
e67e4565d3
Remove expose_ssh and support SSH listening on nebula and PVE
...
No more wireguard SSH for me
2021-03-24 22:19:29 +00:00
f7a0877e72
Exclude nebula from fail2ban
2021-02-14 11:39:01 +00:00
c4999d7b25
Use ansible collections for things
2021-02-07 13:02:14 +00:00
41915ec69c
Replace gitlab with gitea
...
Leave gitlab in place for a bit in case I need to get at data
2021-01-18 20:14:38 +00:00
2300426f0f
Move default variables into role defaults rather than group vars
2020-12-28 16:23:12 +00:00
4f1e54baab
Actually enable timer
2020-12-28 15:14:50 +00:00
58879d2e1d
Ensure fail2ban and logrotate are available on all machines
2020-12-27 22:39:33 +00:00
2a4b3ec3e6
Increase timeout for SSH sessions
...
Stll check relatively often the client is still there, but check many times so the connection stays open a decent amount of time. Especially useful for long-running commands.
2020-11-08 22:04:30 +00:00
24d11deeae
Update ansible-lint
...
Required a lot of renaming :(
2020-09-26 17:53:47 +01:00
fcd4dbf657
Fix casing
...
Turns out it's a lower case "l"
2020-08-19 17:59:56 +01:00
9c0682ef9b
Restrict SSH connections to wireguard cidr
...
Except on home server, still handy to connect on same network.
2020-07-12 17:53:02 +01:00
ceca641e2f
Remove deprecated options
2020-05-23 11:47:31 +01:00
c92f924faa
Harden host key
2020-05-23 11:45:53 +01:00
2fe6cf7c93
Install mobile key
2020-05-23 11:23:45 +01:00
20d5020f6b
Manually use file lookup so the terminal output looks nicer
2020-05-23 11:18:48 +01:00
09418cffb0
Provision SSH keys with ansible now
2020-05-23 11:04:50 +01:00
7e534e52e1
Merge SSH into base role
2020-05-23 10:58:09 +01:00
81ef4ad67a
Rename base role to common
2020-04-23 21:38:16 +01:00
1afc28ec17
Standardize string quotes in yaml
2020-03-25 21:27:15 +00:00
35bd63d12b
Add pv to handy tools
2020-03-25 20:52:41 +00:00
7eda50239c
Remove reference to become_user: root
...
This was the default anyway
2020-03-17 21:11:02 +00:00
fa929cbca5
Install ntp from galaxy
2020-03-02 19:45:16 +00:00
9a770df6dc
Fix NTP permissions
2020-02-02 20:19:51 +00:00
eb796ce1f9
Set timezone as root
2020-01-28 20:03:20 +00:00
aaee2b443d
Add base packages
2019-12-09 20:55:47 +00:00
