Commit graph

733 commits

Author SHA1 Message Date
4d218248fa
Remotely connect to fail2ban to do ports
Traefik can affect the edge, so blocks work there and prevent traffic hitting home network.
2021-03-28 16:06:36 +01:00
ac186f42e0
Keep fewer fail2ban logs 2021-03-28 13:06:01 +01:00
6973fb536f
Add fail2ban for traefik
Remote action coming soon
2021-03-28 13:05:38 +01:00
8398a2df21
Use endpoint middleware rather than hacky router 2021-03-27 23:34:34 +00:00
a5af5bea6c
Force bitwarden to use public DNS
It doesn't like creating icons for local IP spaces, so my overriden DNS doesn't play well
2021-03-27 18:45:06 +00:00
1d997d3c33
Remove separate private and protected IP 2021-03-27 18:42:06 +00:00
7580c0fd59
Remove walker for now
Tried to use alpine, Nebula doesn't like it. Will use Debian, and recreate the machine when I have more time
2021-03-26 21:58:24 +00:00
116e1adb50
Disable Traefik pilot on dashboard 2021-03-24 23:14:01 +00:00
36f6bd62bb
Update gitea to 1.13.6 2021-03-24 22:57:45 +00:00
5084bfecdf
Ignore PVE interface from f2b jails 2021-03-24 22:35:28 +00:00
f436e4660b
Remove intersect host config
is dead
2021-03-24 22:19:50 +00:00
e67e4565d3
Remove expose_ssh and support SSH listening on nebula and PVE
No more wireguard SSH for me
2021-03-24 22:19:29 +00:00
e80bcb5a8b
Move generic vultr firewall stuff into module
Modules are pretty nice!
2021-03-23 22:33:10 +00:00
95e97ef757
Iterate over firewall ports
I'll convert this to a module some day, honest!
2021-03-23 22:09:48 +00:00
70829dc617
Provision walker server
This will eventually replace `grimes`
2021-03-23 21:31:31 +00:00
ba8220cff2
Remove minecraft port forward 2021-03-23 21:23:45 +00:00
bbfe85b2c8
Update vultr provider
This was a pretty breaking change which required re-importing most of its state
2021-03-23 21:22:31 +00:00
3c06eb748d
Update gitea to 1.13.5 2021-03-23 17:22:13 +00:00
a43dac3a80
Actually add bitwarden DNS 2021-03-21 21:03:47 +00:00
ece0c841b2
Fix compose version
Mostly fix quotes, but also standardize
2021-03-21 18:51:38 +00:00
d4477c4bea
Add bitwarden_rs 2021-03-21 18:47:20 +00:00
65f9206b95
Fix NTP updates
Manually apply https://github.com/geerlingguy/ansible-role-ntp/pull/84, so machines actually update themselves via NTP
2021-03-13 18:46:45 +00:00
f6559ff1bd
Remove collabora
It doesn't seem to like being run inside LXC. I barely used it, anyway.
2021-03-12 23:35:39 +00:00
ab1e2fbae2
Increase ZFS RAM usage
If i've got a load of RAM free, it might as well be being used to cache ZFS!
2021-03-06 21:38:21 +00:00
3eb286c9bd
Move envrironment variables to docker
Using the `TTRSS_` prefix to follow upstream standard rather than container's

https://github.com/lunik1/docker-tt-rss/issues/3
2021-03-06 12:11:08 +00:00
8d136f0b55
Set default phone region for Nextcloud 2021-03-06 11:19:11 +00:00
9d6ed88e13
Monitor proxmox stats 2021-03-05 22:14:21 +00:00
d43d3433fa
Collect SMART metrics for disks 2021-03-05 20:50:08 +00:00
6b95b75fc2
Move telegraf to host
This makes metric collection for SMART much simpler. I'll still be using the prometheus node exporter for actual system metrics, though.
2021-03-05 20:39:11 +00:00
aa3da3cf10
Upgrade gitea to 1.13.3 2021-03-05 20:05:51 +00:00
89dbbc71e5
Move files into application directories 2021-03-05 14:40:17 +00:00
8e977edba1
Ignore go metrics 2021-03-05 14:27:33 +00:00
b264e5cbcc
Monitor traefik with prometheus rather than influxdb 2021-03-04 16:37:53 +00:00
e8960ebf27
Connect forrest to nebula hosts 2021-03-04 16:08:53 +00:00
2e05ed08fa
Use hostname rather than fqdn 2021-03-04 16:06:43 +00:00
a4eb26b129
Use Nebula as the primary private interface rather than wireguard 2021-03-04 16:02:42 +00:00
c6d9102e1e
Don't install NTP on LXC containers
This can cause issues with containers trying to sync the system clock, and getting it wrong
2021-03-04 15:45:47 +00:00
aba81f79bc
Add telegraf
And input to ping and output via prometheus
2021-03-04 15:16:54 +00:00
914676d209
Add prometheus for metrics 2021-03-04 14:53:03 +00:00
fe2450d43b
Add grafana docker network and restrict port binds 2021-03-04 14:39:40 +00:00
155bc837a8
Update synapse to 1.28 2021-03-02 12:31:07 +00:00
9d5c7e56e8
Move nextcloud things back to tank 2021-03-02 12:26:23 +00:00
21a2532f8a
Update nextcloud to 21 2021-03-02 12:03:13 +00:00
63d156c0a0
Stop always restarting whoami
whoami never sets `config_file`, so it's shadowed by whatever set it before
2021-02-27 22:09:24 +00:00
1413efdd19
Copy feed icons and DB to tank 2021-02-27 22:08:01 +00:00
a2fe3ca37a
Fix TT-RSS config
It needs to be environment variables now, but there's a bug where it doesn't read docker ones for some reason
2021-02-27 21:29:24 +00:00
b3a72eb8f1
Add influxdb server for metrics 2021-02-14 16:24:45 +00:00
ec0c78e6d9
Read emails from secrets 2021-02-14 12:29:14 +00:00
872471ef52
Setup email for grafana 2021-02-14 12:19:51 +00:00
f7a0877e72
Exclude nebula from fail2ban 2021-02-14 11:39:01 +00:00