Commit graph

78 commits

Author SHA1 Message Date
2af9f8529d
Fix new ansible-lint errors
All checks were successful
/ terraform (push) Successful in 46s
/ ansible (push) Successful in 1m53s
Quite a few changes here, hopefully they work!
2023-06-15 15:16:19 +01:00
ddd6af21cf
Allow Traefik to use DNS-01 challenge to Gandi
All checks were successful
/ ansible (push) Successful in 2m55s
/ terraform (push) Successful in 33s
2023-04-23 20:26:37 +01:00
2c9ab7fd29 Update traefik Docker tag to v2.10
All checks were successful
terraform
ansible
2023-04-09 17:02:00 +01:00
d52f0bc8b2
Remove gitlab configuration 2023-03-30 22:56:35 +01:00
a78c4680c4
Move notes to GitLab
All checks were successful
ansible
terraform
2023-03-29 22:36:03 +01:00
fc577f21b8
Update Traefik to 2.9 2022-11-01 20:50:30 +00:00
4c8d5ffe44
Remove all references to traefik pages 2022-11-01 20:30:16 +00:00
58730fcbeb
Move pages hosting to GitLab pages 2022-10-09 18:26:49 +01:00
491061d900
Remove shenanigans
It's not enabled, and it's 1 less container to deal with
2022-10-09 17:40:22 +01:00
6d890a6991
Setup slides domain 2022-10-08 17:37:28 +01:00
41582f50db
Set up GitLab pages 2022-10-08 15:51:37 +01:00
73f165c521
Revert "Update traefik to 2.8"
This reverts commit a695818355.

This causes problems with traefik-pages
2022-08-16 10:17:53 +01:00
4eab0d4f01
Don't mount docker socket to traefik
It was already configured to use the proxy, and was running as non-root
anyway, so likely didn't have access to it in the first place.
2022-08-16 09:38:27 +01:00
a695818355
Update traefik to 2.8 2022-08-01 15:02:09 +01:00
cf763d07f2
Stop capturing logs for containers I don't care about 2022-06-20 21:25:13 +01:00
0d5913ce3c
Disable any hub integrations 2022-06-18 22:09:59 +01:00
df28b56857
Update traefik to 2.7 2022-06-18 22:09:49 +01:00
5b586f2608
Add container to extract TLS certs from traefik into standard format
Disable its network access, just in case
2022-06-13 21:18:45 +01:00
793506492f
No shenanigans by default
This causes strange problems with nextcloud
2022-03-23 19:30:22 +00:00
293aed0fd3
Enable GitLab registry 2022-02-25 21:48:13 +00:00
4562b60517
Update Traefik to 2.6 2022-02-08 08:55:50 +00:00
f07b5d9b7b
Migrate include: to include_tasks 2022-01-22 20:21:32 +00:00
6db0500e1b
Provision remote f2b key with ansible 2022-01-21 22:11:49 +00:00
5cc552d0eb
Add container to automatically backup DBs 2022-01-16 17:51:03 +00:00
6c0314b758
Add an nginx container to do crazy things with traefik 2022-01-16 14:08:38 +00:00
d5c7d94ac8
Run traefik as dockeruser, and without host networking
This required port forwarding, a docker proxy, and a docker network, but the end result should be much more secure!
2022-01-15 23:44:06 +00:00
8d40a49780
Move traefik pages secret into full vault file
Trialing a new pattern for vault storage
2021-12-20 21:17:25 +00:00
4cdaba4692
Swap certificates for wildcards 2021-10-18 21:59:10 +01:00
4db474034e
Ignore my VMs from a fail2ban 2021-09-27 14:49:56 +01:00
48934ad2c5
Apply gzip to everything
The middleware is smart enough to only apply it when needed, and only when it's not already compressed, so it's fine.
2021-09-19 22:48:48 +01:00
0874158a91
Update traefik to 2.5 2021-08-22 11:16:37 +01:00
33fcf1a9e5
Fix matrix federation
Apparently this has been broken since like March...

It seems communication over port 8448 is required for server-to-server
comms, even if the client doesn't use it.
2021-06-12 17:32:47 +01:00
d751a023da
Promote GitLab to main git. domain 2021-06-02 19:49:28 +01:00
e6d029e22e
Fix typo
D'oh!
2021-05-30 13:56:06 +01:00
69abafd8c8
Put GitLab on a real domain 2021-05-29 16:21:47 +01:00
03affd269f
FLoC Block
https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network
2021-04-18 22:30:26 +01:00
22d43c16a7
Correctly redirect http traffic to https
Bug caused by https://github.com/traefik/traefik/issues/8035
2021-04-06 11:56:05 +01:00
4d218248fa
Remotely connect to fail2ban to do ports
Traefik can affect the edge, so blocks work there and prevent traffic hitting home network.
2021-03-28 16:06:36 +01:00
6973fb536f
Add fail2ban for traefik
Remote action coming soon
2021-03-28 13:05:38 +01:00
8398a2df21
Use endpoint middleware rather than hacky router 2021-03-27 23:34:34 +00:00
1d997d3c33
Remove separate private and protected IP 2021-03-27 18:42:06 +00:00
116e1adb50
Disable Traefik pilot on dashboard 2021-03-24 23:14:01 +00:00
b264e5cbcc
Monitor traefik with prometheus rather than influxdb 2021-03-04 16:37:53 +00:00
ec0c78e6d9
Read emails from secrets 2021-02-14 12:29:14 +00:00
870ac50c58
Update compose path to not be absolute
This relies on `which` to find the correct binary instead
2021-02-07 15:59:18 +00:00
c7fba8107a
Move grafana to forrest 2021-01-31 16:52:24 +00:00
058290b321
Keep track of IPs for PVE hosts
Yea they're all random, I'll deal with that later
2021-01-31 12:46:43 +00:00
0f9802a46c
Install duplicati on PVE docker machine
Requires some changes to how private IPs are specified, which I really need to clean up at some point!
2021-01-20 21:38:01 +00:00
3321b852a5
Update traefik to v2.4 2021-01-20 20:33:57 +00:00
b992df0313
Fix variable name for traefik conditional provider 2021-01-16 23:30:09 +00:00