|
|
c159a157c3
|
Update download location for qbittorrent
|
2022-05-25 08:46:37 +01:00 |
|
|
|
565e1a156c
|
Update nextcloud to 24.0.1
|
2022-05-24 20:22:18 +01:00 |
|
|
|
1015a0ebc1
|
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
Update dependency matrixdotorg/synapse to v1.59.1
See merge request sys/infrastructure!16
|
2022-05-24 20:12:51 +01:00 |
|
|
|
07f19ec509
|
Update dependency vaultwarden/server to v1.25.0
|
2022-05-23 18:01:20 +00:00 |
|
|
|
284bed5e90
|
Update dependency wallabag/wallabag to v2.5.0
|
2022-05-21 20:38:08 +00:00 |
|
|
|
6116eed775
|
Use external DNS for monitoring
This avoids potential issues with host DNS jitters
|
2022-05-19 09:39:30 +01:00 |
|
|
|
6a60e7284e
|
Update dependency matrixdotorg/synapse to v1.59.1
|
2022-05-18 12:16:59 +00:00 |
|
|
|
e176ba371c
|
Move my settings out of default
|
2022-05-17 18:09:03 +01:00 |
|
|
|
f2290aafa6
|
Reduce usage and reliance on downsampled snapshots
Keep more at a lower resolution, as really those are the most useful
|
2022-05-17 18:09:03 +01:00 |
|
|
|
1c14c10b74
|
Allow 2 cores per runner job for concurrency
Allowing 2 clear cores runs fewer jobs, but should run them a lot faster
|
2022-05-07 12:34:57 +01:00 |
|
|
|
306d2368c1
|
Update dependency wallabag/wallabag to v2.4.3
|
2022-05-07 12:21:21 +01:00 |
|
|
|
26b4b18737
|
Update synapse to 1.58.1
|
2022-05-07 11:38:46 +01:00 |
|
|
|
15b56971a1
|
Update uptime-kuma to 1.15.1
|
2022-05-07 11:37:49 +01:00 |
|
|
|
d7056861b9
|
Keep data for a bit longer
Don't ask me why I did this...
|
2022-05-07 11:34:46 +01:00 |
|
|
|
208c605f05
|
Update uptime-kuma to 1.15.0
|
2022-04-26 20:40:33 +01:00 |
|
|
|
679cd5eba1
|
Update synapse to 1.57.1
|
2022-04-26 20:39:16 +01:00 |
|
|
|
b8c5d40c73
|
Update nextcloud to 23.0.4
|
2022-04-26 20:39:05 +01:00 |
|
|
|
54b8191754
|
Update uptime-kuma to 1.13.1
|
2022-03-24 22:20:29 +00:00 |
|
|
|
72c54029cd
|
Update synapse to 1.55.2
|
2022-03-24 22:13:52 +00:00 |
|
|
|
793506492f
|
No shenanigans by default
This causes strange problems with nextcloud
|
2022-03-23 19:30:22 +00:00 |
|
|
|
cccfa8bf51
|
Remove version prefix from nextcloud tag
Apparently that's not needed anymore
|
2022-03-22 21:22:07 +00:00 |
|
|
|
e0df63e3c9
|
Update nextcloud to 23.0.3
|
2022-03-22 21:19:43 +00:00 |
|
|
|
b8736e1c65
|
Create VPN for port 53
|
2022-03-18 19:44:06 +00:00 |
|
|
|
bd49c1c869
|
Update renovate to v32
|
2022-03-18 18:06:07 +00:00 |
|
|
|
ffe9a13ff1
|
Update uptime-kuma to 1.12.1
|
2022-03-13 15:59:37 +00:00 |
|
|
|
5d136a8a2f
|
Update synapse to 1.54
|
2022-03-13 15:59:24 +00:00 |
|
|
|
293aed0fd3
|
Enable GitLab registry
|
2022-02-25 21:48:13 +00:00 |
|
|
|
997fb0e600
|
Update synapse to 1.52
|
2022-02-21 21:50:30 +00:00 |
|
|
|
7ad6e81981
|
Update nextcloud to 23.0.2
|
2022-02-21 21:50:18 +00:00 |
|
|
|
7a05e154a6
|
Update uptime-kuma
|
2022-02-21 21:50:07 +00:00 |
|
|
|
c34b9e48f4
|
Add support for building docker containers on CI
This is easier than dind
|
2022-02-14 09:09:28 +00:00 |
|
|
|
6b63c2685b
|
Add an additional domain for matrix
I'll migrate over to this eventually. But doing a hard migration has just wasted my entire evening...
|
2022-02-13 20:54:46 +00:00 |
|
|
|
722b964bc9
|
Add Google Search Console integration to Plausible
|
2022-02-13 16:43:09 +00:00 |
|
|
|
a075b8f252
|
Update Vaultwarden to 1.24
|
2022-02-08 08:56:28 +00:00 |
|
|
|
4562b60517
|
Update Traefik to 2.6
|
2022-02-08 08:55:50 +00:00 |
|
|
|
af0eb65cce
|
Update synapse to 1.51
|
2022-02-08 08:55:41 +00:00 |
|
|
|
5df4a2c79a
|
Rotate nebula keys
Turns out they expired last night...
|
2022-01-30 21:00:38 +00:00 |
|
|
|
b91072b0da
|
Create a pages user for user with status checks
|
2022-01-29 22:18:07 +00:00 |
|
|
|
a5d9463f80
|
Ensure webdav pages is also accessible to Traefik
|
2022-01-29 22:11:19 +00:00 |
|
|
|
f07b5d9b7b
|
Migrate include: to include_tasks
|
2022-01-22 20:21:32 +00:00 |
|
|
|
106a89d72f
|
Use groups to manage sudo access rather than editing sudoers file
|
2022-01-22 20:10:16 +00:00 |
|
|
|
7e6e630808
|
Don't provision occ script on every machine
It only makes sense on 1
|
2022-01-21 22:28:13 +00:00 |
|
|
|
6db0500e1b
|
Provision remote f2b key with ansible
|
2022-01-21 22:11:49 +00:00 |
|
|
|
e8d4244946
|
Restart nebula, rather than reloading it
Reloading doesn't actually work it seems
|
2022-01-21 21:52:48 +00:00 |
|
|
|
188b7c9dd6
|
Install wireguard tools before provisioning config
|
2022-01-21 20:29:34 +00:00 |
|
|
|
c1319a134a
|
Forget snapshots in groups by host
By default, it includes the path, which means path changes result in very old snapshots
https://twitter.com/RealOrangeOne/status/1484217495124852748
|
2022-01-20 17:43:56 +00:00 |
|
|
|
1db289b604
|
Show domain in logs rather than upstream
The upstream is always the same, and no use to us
|
2022-01-19 09:00:20 +00:00 |
|
|
|
5cc552d0eb
|
Add container to automatically backup DBs
|
2022-01-16 17:51:03 +00:00 |
|
|
|
6c0314b758
|
Add an nginx container to do crazy things with traefik
|
2022-01-16 14:08:38 +00:00 |
|
|
|
d5c7d94ac8
|
Run traefik as dockeruser, and without host networking
This required port forwarding, a docker proxy, and a docker network, but the end result should be much more secure!
|
2022-01-15 23:44:06 +00:00 |
|
|
|
1348eb8b1c
|
Prefent yourls redirect page being indexed
|
2022-01-11 21:20:23 +00:00 |
|
|
|
c5215e330b
|
Update yamllint to fix dependency issue
I think this still validates everything we need it to
|
2022-01-11 20:51:12 +00:00 |
|
|
|
02cfd37a02
|
Update uptime-kuma
|
2022-01-08 12:18:25 +00:00 |
|
|
|
1a74e05a7c
|
Create a dedicated machine for renovate
This way it can do what it wants with docker. Because apparently it's very picky about how it's setup
|
2022-01-01 22:59:13 +00:00 |
|
|
|
78b0161585
|
Install renovate
It doesn't quite work, as really it needs docker to correctly update packages. But it's a start for now
|
2022-01-01 18:23:32 +00:00 |
|
|
|
b81f250d02
|
Update clickhouse config to reference new tables to remove
|
2021-12-29 17:34:07 +00:00 |
|
|
|
062c4a25fb
|
Keep just 2 weeks of backrest logs
That's ample
|
2021-12-28 12:57:57 +00:00 |
|
|
|
711d78bfd3
|
Only try and rotate the log files
Previously, this was also rotating the compressed logs, for some reason
|
2021-12-28 12:57:08 +00:00 |
|
|
|
3a7d2194cc
|
Update tt-rss DB to postgres 14
|
2021-12-22 22:39:46 +00:00 |
|
|
|
66c48c4a69
|
Remove old domain for vaultwarden
It's been long enough
|
2021-12-22 15:41:14 +00:00 |
|
|
|
e6ecffdf62
|
Update vaultwarden DB to postgres 14
|
2021-12-22 15:33:40 +00:00 |
|
|
|
ec9ca428a3
|
Update synapse DB to postgres 14
|
2021-12-22 15:24:37 +00:00 |
|
|
|
fbdbc8afb5
|
Update quassel DB to postgres 14
|
2021-12-22 13:17:01 +00:00 |
|
|
|
da41fcd7bc
|
Update grafana DB to postgres 14
|
2021-12-22 13:10:06 +00:00 |
|
|
|
6681ad43fb
|
Update plausible DB to postgres 14
|
2021-12-22 12:57:49 +00:00 |
|
|
|
31b7811b1f
|
Use new clickhouse docker repository
|
2021-12-22 12:01:25 +00:00 |
|
|
|
b6a0fdfd1d
|
Unpin the version of yourls
It's a very simple, non-critical application, which I keep forgetting to update
|
2021-12-21 21:48:41 +00:00 |
|
|
|
1c645fa106
|
Update yourls mariadb to 10.7
|
2021-12-21 21:40:56 +00:00 |
|
|
|
c5beb223be
|
Update clickhouse to 21.12
|
2021-12-21 21:31:53 +00:00 |
|
|
|
0734ff42d8
|
Move grafana variables to vault file
|
2021-12-21 20:22:47 +00:00 |
|
|
|
7b6675a9d0
|
Move gitlab variables to single vault
|
2021-12-21 20:12:05 +00:00 |
|
|
|
4cbc15fe0b
|
Move gitlab runner secrets to dedicated vault
|
2021-12-21 20:00:54 +00:00 |
|
|
|
66662594d0
|
Extract plausible secrets to dedicated vault
|
2021-12-21 19:57:43 +00:00 |
|
|
|
8d40a49780
|
Move traefik pages secret into full vault file
Trialing a new pattern for vault storage
|
2021-12-20 21:17:25 +00:00 |
|
|
|
b50659ab5d
|
Update nextcloud to 23
|
2021-12-19 21:18:09 +00:00 |
|
|
|
a5329665c0
|
Update vaultwarden to 1.23.1
|
2021-12-15 20:21:01 +00:00 |
|
|
|
9834a45ec5
|
Update uptime-kuma to 1.11.1
|
2021-12-15 20:20:50 +00:00 |
|
|
|
699673c3b5
|
Update Synapse to 1.49.0
|
2021-12-15 20:19:51 +00:00 |
|
|
|
9e899d0f52
|
Update nebula to 1.5.2
|
2021-12-15 20:18:25 +00:00 |
|
|
|
4452cc4eeb
|
Update synapse to 1.47.1
|
2021-11-23 22:04:42 +00:00 |
|
|
|
eed75d8648
|
Mount homeassistant data into restic for external backup
|
2021-11-21 21:53:35 +00:00 |
|
|
|
47bcbd855e
|
Update nextcloud to 22.2.3
|
2021-11-16 21:04:54 +00:00 |
|
|
|
5c0987de4d
|
Update uptime-kuma
|
2021-11-15 20:26:29 +00:00 |
|
|
|
e1205564cb
|
Update nebula to 1.5.0
|
2021-11-15 20:26:20 +00:00 |
|
|
|
ef22a43293
|
Update uptime-kuma to fix security issue
|
2021-10-29 21:52:09 +01:00 |
|
|
|
1b4d5de701
|
Rename plausible embed router
There's nothing really "bare" about it
|
2021-10-29 20:47:02 +01:00 |
|
|
|
0cb2a70d24
|
Upgrade Plausible to 1.4
|
2021-10-29 20:46:28 +01:00 |
|
|
|
090745456f
|
Update vaultwarden to 1.23.0
|
2021-10-23 16:24:42 +01:00 |
|
|
|
41fadd892e
|
Update uptime-kuma
|
2021-10-23 16:24:29 +01:00 |
|
|
|
4cdaba4692
|
Swap certificates for wildcards
|
2021-10-18 21:59:10 +01:00 |
|
|
|
ebb571bf20
|
Increase GC frequenc to work around restic's high memory usage
https://github.com/restic/restic/issues/1988
|
2021-10-15 12:39:16 +01:00 |
|
|
|
6cc7d0b89e
|
Update synapse
|
2021-10-14 18:34:49 +01:00 |
|
|
|
31208856c2
|
Pin uptime-kuma version
It's pretty important now
|
2021-10-14 18:34:00 +01:00 |
|
|
|
6f0d4b60df
|
Run more web processes for tt-rss
|
2021-10-03 16:45:18 +01:00 |
|
|
|
c867efbe3b
|
Use alternative container registries where available
|
2021-10-03 16:26:10 +01:00 |
|
|
|
3727dd473c
|
Update synapse to 1.43
|
2021-10-01 21:17:13 +01:00 |
|
|
|
7fd176466d
|
Update nextcloud to 22.2.0
Required quite some hacks around federatedfilesharing app not wanting to update
|
2021-10-01 20:52:07 +01:00 |
|
|
|
4db474034e
|
Ignore my VMs from a fail2ban
|
2021-09-27 14:49:56 +01:00 |
|
|
|
7e2d01c612
|
Change domain
Now there's a status page, we can consider it public
|
2021-09-25 21:34:18 +01:00 |
|
|
|
3daf939b32
|
Update uptime-kuma container
Now does user management itself
|
2021-09-25 21:08:42 +01:00 |
|
|
|
a135aae5f3
|
Provision new VM
This will be used for monitoring
|
2021-09-25 16:59:23 +01:00 |
|
|
|
48934ad2c5
|
Apply gzip to everything
The middleware is smart enough to only apply it when needed, and only when it's not already compressed, so it's fine.
|
2021-09-19 22:48:48 +01:00 |
|
|
|
83ed8879dc
|
Correctly set smtp user for GitLab
The user and from are different in my case.
|
2021-09-19 22:34:40 +01:00 |
|
|
|
178ca6b2c4
|
Add privatebin config
Disable super long expirations, among other things
|
2021-09-19 19:29:05 +01:00 |
|
|
|
d70f450e2d
|
Change forget resolution to 30d
Restic is really annoying with its retention arguments, not really allowing what I want, so this is the easiest way to get decent retention.
|
2021-09-07 22:04:23 +01:00 |
|
|
|
0a8167c839
|
Remove stray expose
Traefik picks up the port just fine
|
2021-09-07 21:04:19 +01:00 |
|
|
|
eedba465c4
|
Update synapse
|
2021-09-07 21:04:04 +01:00 |
|
|
|
a278443850
|
Use auto on nginx configs
Let nginx work it out, and default to 1 per core
|
2021-09-04 22:41:30 +01:00 |
|
|
|
6e25403b3d
|
Update synapse to 1.41.1
|
2021-08-31 19:08:38 +01:00 |
|
|
|
86e9d12ce6
|
Update nextcloud to 22.1.1
|
2021-08-31 19:03:19 +01:00 |
|
|
|
07b2ea2ccb
|
Add the ability to exclude certain paths from backup
|
2021-08-30 21:49:58 +01:00 |
|
|
|
95216b32c4
|
Consolidate server blocks
|
2021-08-24 14:31:12 +01:00 |
|
|
|
453a374801
|
Replace ingress proxy with nginx
This enables HTTPS redirecting at it too much more easily, and matches the gateway configuration.
Requires using upstream versions of nginx to enable https://nginx.org/en/docs/stream/ngx_stream_realip_module.html
|
2021-08-24 14:21:51 +01:00 |
|
|
|
f14e723d40
|
Fix service name on ingress
It's not alpine
|
2021-08-24 11:52:35 +01:00 |
|
|
|
edc5c325b7
|
Correctly check hostname against PVE hosts
Some of the hostnames have `-` in instead, which caused issues with the SSH config detecting which users to allow
|
2021-08-23 19:56:04 +01:00 |
|
|
|
ecb946bab4
|
Remove nginx version from headers
|
2021-08-23 16:12:34 +01:00 |
|
|
|
93cba46dd1
|
Redirect to HTTPS at the edge
|
2021-08-23 16:10:37 +01:00 |
|
|
|
a54d373526
|
Replace edge proxy with nginx
The config makes more sense, and it has more of the features I need, which will come later.
|
2021-08-22 22:35:09 +01:00 |
|
|
|
8fabd11e31
|
Remove unnecessary pve role
no-subscription is handled by the nag removal role
|
2021-08-22 15:20:27 +01:00 |
|
|
|
f0a3585592
|
Use distribution name in repo URL
|
2021-08-22 14:44:34 +01:00 |
|
|
|
0874158a91
|
Update traefik to 2.5
|
2021-08-22 11:16:37 +01:00 |
|
|
|
c04e8b628a
|
Update synapse to 1.40.0
|
2021-08-22 11:16:19 +01:00 |
|
|
|
c99afdd446
|
Disable gzip on qbittorrent egress
It's mostly used over the internal network, so the additional gzip isn't going to gain anything when the disk is the bottleneck
|
2021-08-21 16:46:21 +01:00 |
|
|
|
55e3b81f06
|
Install release version of gitlab-dater onto GitLab server
Rather than than hacky development one I was using before
|
2021-08-10 22:51:12 +01:00 |
|
|
|
e421657619
|
Ensure restic gets the correct permissions when it's updated
Yes it's weird to modify the system package like this, but it's very handy.
See also https://restic.readthedocs.io/en/stable/080_examples.html#backing-up-your-system-without-running-restic-as-root
|
2021-08-10 08:45:59 +01:00 |
|
|
|
ab46c30df2
|
Start graphing some speeds
|
2021-08-07 10:59:42 +01:00 |
|
|
|
d0e472b51a
|
Update synapse to 1.39.0
|
2021-08-06 18:20:48 +01:00 |
|
|
|
11bf501d8a
|
Update nextcloud to 22.1.0
|
2021-08-06 18:20:38 +01:00 |
|
|
|
9755974647
|
Update vaultwarden to 1.22.2
|
2021-08-06 18:17:22 +01:00 |
|
|
|
f3bc72d2ba
|
Provision uptime-kuma
|
2021-07-31 16:43:12 +01:00 |
|
|
|
1399529a47
|
Move stray storage to tank
|
2021-07-17 20:32:26 +01:00 |
|
|
|
8f831c8191
|
Update synapse to 1.37.1
|
2021-07-11 20:20:56 +01:00 |
|
|
|
501fe81979
|
Update nextcloud to v22
|
2021-07-11 20:20:48 +01:00 |
|
|
|
3daf3ef8ed
|
Pin clickhouse to 21.6
21.7 doesn't work
|
2021-07-11 16:11:09 +01:00 |
|
|
|
b2d226300b
|
Update nextcloud to 21.0.3
|
2021-07-04 21:17:03 +01:00 |
|
|
|
19eb233ffa
|
Update vaultwarden to 1.22.1
|
2021-07-03 11:27:27 +01:00 |
|
|
|
797c44a27d
|
Use proxy protocol v2
Apparently it's better for chaining, and may be faster anyway
|
2021-07-01 22:28:25 +01:00 |
|
|
|
b6adc53746
|
Revert "Capture stderr in logs, too"
This reverts commit 8696f6d93f.
Yeah, this doesn't work. Syntax and intention.
|
2021-06-28 08:33:08 +01:00 |
|
|
|
41a8fe3b4d
|
Use logrotate for backrest logging rather than nuking immediately
Just in case something goes wrong with healthchecks
|
2021-06-27 10:58:01 +01:00 |
|
|
|
8696f6d93f
|
Capture stderr in logs, too
|
2021-06-27 10:53:13 +01:00 |
|
|
|
40e785de38
|
Add yet more metric sources
|
2021-06-26 12:52:55 +01:00 |
|
|
|
32f17908ad
|
Collect metrics on disk usage
|
2021-06-26 12:36:00 +01:00 |
|
|
|
b82e87c04b
|
Remove unnecessary which
`cron` doesn't need a full path
|
2021-06-25 20:57:19 +01:00 |
|
|
|
9296c88ae4
|
Remove date from DB backups
|
2021-06-20 15:23:15 +01:00 |
|
|
|
e3502ae1e0
|
Provision dokku server
|
2021-06-20 12:12:34 +01:00 |
|
|
|
b20ffb27c4
|
Remove gotify
Never used it
|
2021-06-12 19:00:39 +01:00 |
|
|
|
4e5fa59c58
|
Add redis
This isn't really used as a cache, but it is for a couple bits, so nice to enable it anyway, and it might become so in future
|
2021-06-12 18:53:50 +01:00 |
|
|
|
290b147821
|
Thin out synapse config
Previously it was the vast majority of code in the whole repo. Now we only define the necessary keys, and rely much more on defaults, which is nice!
|
2021-06-12 18:49:29 +01:00 |
|
|
|
47e546d51a
|
Add synapse-admin
Useful to see what's going on on the server
|
2021-06-12 18:09:18 +01:00 |
|
|
|
3485f8e1f0
|
Actually version the ingress haproxy config
|
2021-06-12 17:32:47 +01:00 |
|
