Commit graph

1167 commits

Author SHA1 Message Date
4fd3945c47
Add robots.txt for gitea 2023-01-28 15:32:34 +00:00
848c0f03e1 Update gitea/gitea Docker tag to v1.18.3 2023-01-27 18:01:57 +00:00
a443d56a1c
Add a gitea deployment
Yep, it's that time of year _again_
2023-01-27 17:28:45 +00:00
5e9c5f7683
Version pihole settings 2023-01-24 20:15:21 +00:00
66c900f76e Update ghcr.io/goauthentik/server Docker tag to v2023.1.2 2023-01-23 16:01:09 +00:00
7edf6899f3
Update nextcloud to 25.0.3 2023-01-19 22:43:09 +00:00
37af66e944 Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
Update matrixdotorg/synapse Docker tag to v1.75.0

See merge request sys/infrastructure!98
2023-01-19 22:28:59 +00:00
81d2194d5a Update ghcr.io/goauthentik/server Docker tag to v2023 2023-01-18 16:01:52 +00:00
23eccb6d73 Update matrixdotorg/synapse Docker tag to v1.75.0 2023-01-17 14:02:10 +00:00
d7ae77247b
Setup NTP on tang 2023-01-16 09:11:15 +00:00
4ba92cb08f Update dependency yamllint to v1.29.0 2023-01-10 18:01:24 +00:00
ad50176ee9
Add internal alias to pihole 2023-01-08 18:36:03 +00:00
5753cd2cf1
Provision my pi with ansible now
It's insanely slow, but works
2023-01-08 17:59:22 +00:00
e8ac8b304e Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
Update matrixdotorg/synapse Docker tag to v1.74.0

See merge request sys/infrastructure!94
2023-01-06 09:00:01 +00:00
bd929f28e5 Update ghcr.io/goauthentik/server Docker tag to v2022.12.2 2023-01-05 10:01:45 +00:00
905f0f2b08 Update vaultwarden/server Docker tag to v1.27.0 2022-12-24 18:01:58 +00:00
49372f7c8e Update matrixdotorg/synapse Docker tag to v1.74.0 2022-12-20 18:02:55 +00:00
6d5570b0f2
Update YOURLS' mariadb to 10.10 2022-12-13 09:14:06 +00:00
b6705788e6
Update nextcloud's mariadb to 10.6
This is the latest it supports
2022-12-13 09:14:06 +00:00
167b8bd140
Keep GitLab backups for 2 weeks 2022-12-13 09:14:06 +00:00
7c168fd28c
Update plausible to 1.5
Update Clickhouse at the same time
2022-12-13 09:14:06 +00:00
6fc6366c33
Update nextcloud to 25.0.2 2022-12-13 09:14:06 +00:00
6c2c87e43e Merge branch 'renovate/ghcr.io-goauthentik-server-2022.x' into 'master'
Update ghcr.io/goauthentik/server Docker tag to v2022.11.3

See merge request sys/infrastructure!77
2022-12-13 08:55:08 +00:00
55764ada6c Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
Update matrixdotorg/synapse Docker tag to v1.73.0

See merge request sys/infrastructure!79
2022-12-13 08:54:50 +00:00
e86ed81102
Decommission decker server
It's been replaced by prometheus running internally, and uptimerobot checking.
2022-12-09 19:04:54 +00:00
f1c9e10d9a
Use IPv4 on blackbox
The docker networks they're running on are v4 only at the moment, so the DNS resolution passes by the connection fails.
2022-12-06 20:46:43 +00:00
2fb21223aa Update matrixdotorg/synapse Docker tag to v1.73.0 2022-12-06 14:01:43 +00:00
bb4361e25f
Use a blackbox with custom DNS rather than proxy
This makes timing information more relevant and should improve reliability
2022-12-06 10:04:23 +00:00
772cf7536a
Run prometheus stack as docker user 2022-12-05 21:17:23 +00:00
53c969f2b8
Make prometheus config files read only 2022-12-05 21:12:55 +00:00
3e5b00d176
Add alertmanager 2022-12-05 21:10:41 +00:00
60514d191a
Exclude python stats for HA 2022-12-05 20:36:57 +00:00
ed7faf4678
Scrape healthchecks.io with prometheus and use it for outbound monitoring of prometheus scrapes 2022-12-05 14:41:48 +00:00
8e3b381b8d
Remove unused prometheus network 2022-12-04 22:12:55 +00:00
75862dbaf9
Setup blackbox for some HTTP monitoring 2022-12-04 22:11:49 +00:00
9d4eceab29 Update ghcr.io/goauthentik/server Docker tag to v2022.11.3 2022-12-03 14:02:05 +00:00
e89f13b8a9
Add collabora 2022-12-02 22:37:42 +00:00
ebfe057658
Add support for public dashboards in Grafana 2022-12-01 13:48:36 +00:00
41a853db55
Define tmpfs for website /tmp
This is needed for imagemagick to function correctly without consuming all disk space on the system
2022-11-30 14:08:10 +00:00
d5c08bd493 Update redis Docker tag to v7 2022-11-21 16:02:19 +00:00
8f78f24ea8
Unpin redis minor version on website 2022-11-21 15:21:33 +00:00
8076c62198 Merge branch 'renovate/vabene1111-recipes-1.x' into 'master'
Update vabene1111/recipes Docker tag to v1.4.5

See merge request sys/infrastructure!90
2022-11-21 14:51:06 +00:00
c388e6bbe1
Add more nginx processes for mastodon 2022-11-20 23:21:09 +00:00
406d9dbf09
Reduce mastodon streaming threads and run 1 thread per core 2022-11-20 23:00:58 +00:00
9b69b419a7
Reduce sidekiq threads on GitLab 2022-11-20 23:00:33 +00:00
a51854f48c
Shuffle around cron jobs to run earlier at night 2022-11-20 22:52:00 +00:00
3ec359ed0e
Deploy me a mastodon 2022-11-18 09:12:28 +00:00
88e3eee059
Prune containers more regularly 2022-11-17 20:37:24 +00:00
a1a153977e
Only keep 2 package versions
3 is the default
2022-11-17 20:36:58 +00:00
c91b1ba871
Allow website to handle traffic to second domain 2022-11-16 14:56:17 +00:00
330e7e9305
Clear pacman cache 2022-11-14 09:04:53 +00:00
a8b8c88f27 Update vabene1111/recipes Docker tag to v1.4.5 2022-11-09 14:01:00 +00:00
77e83fec6d
Fix synapse-admin URL
It no longer supports being run on a subdirectory with the stock container
2022-11-07 13:57:14 +00:00
b513858893
Update nextcloud to 25.0.1 2022-11-07 09:03:40 +00:00
2bbd1c681b
Allow proxying to any ports
On the assumption they're HTTP, it's probably fine to route to anything. We're not trying to act as a firewall
2022-11-06 22:16:48 +00:00
b9283ec445
Set port for HTTP proxies 2022-11-06 21:55:05 +00:00
041f791b60
Add squid as a forwarding proxy so containers are exposed through a VPN
Implementation isn't perfect, but as `qbittorrent` already had an outbound VPN connection, it makes sense to just reuse it.
2022-11-06 18:26:09 +00:00
fc577f21b8
Update Traefik to 2.9 2022-11-01 20:50:30 +00:00
4c8d5ffe44
Remove all references to traefik pages 2022-11-01 20:30:16 +00:00
d81ed290d7
Put the new website live 2022-10-30 12:04:15 +00:00
08afdd951e
Add hosting for new website
Top sneaky
2022-10-29 18:09:30 +01:00
8dd1f6cddf
Add nextcloud email config 2022-10-26 14:23:08 +01:00
0d24bd7e0c
Use correct location for nextcloud config file 2022-10-26 14:10:26 +01:00
d0cef763e1
Update Nextcloud to 25 2022-10-26 14:09:47 +01:00
27069281dc Update renovate/renovate Docker tag to v34 2022-10-25 14:05:25 +01:00
bfacd3b6df Merge branch 'renovate/wallabag-wallabag-2.x' into 'master'
Update wallabag/wallabag Docker tag to v2.5.2

See merge request sys/infrastructure!50
2022-10-25 08:46:19 +01:00
d4053908ab Update renovate/renovate Docker tag to v33 2022-10-23 08:02:08 +01:00
f90e167774 Update wallabag/wallabag Docker tag to v2.5.2 2022-10-21 14:01:20 +01:00
4e77f0165a
Use persistent storage for tt-rss
Otherwise the container fails to find the cache directory due to how updates are handled.
2022-10-17 13:44:06 +01:00
c0a4c35e5b Merge branch 'renovate/ansible-lint-5.x' into 'master'
Update dependency ansible-lint to v5.4.0

See merge request sys/infrastructure!40
2022-10-17 13:43:39 +01:00
d13d49447e Merge branch 'renovate/louislam-uptime-kuma-1.x' into 'master'
Update louislam/uptime-kuma Docker tag to v1.18.5

See merge request sys/infrastructure!45
2022-10-17 13:33:41 +01:00
cecf9f03a2 Update vaultwarden/server Docker tag to v1.26.0 2022-10-15 18:09:57 +01:00
ed2414954e Update louislam/uptime-kuma Docker tag to v1.18.5 2022-10-10 20:01:07 +01:00
7adda6ed1c
Update nextcloud to 24.0.6 2022-10-09 19:41:17 +01:00
2188c59372 Merge branch 'renovate/louislam-uptime-kuma-1.x' into 'master'
Update louislam/uptime-kuma Docker tag to v1.18.4

See merge request sys/infrastructure!44
2022-10-09 19:33:07 +01:00
58730fcbeb
Move pages hosting to GitLab pages 2022-10-09 18:26:49 +01:00
491061d900
Remove shenanigans
It's not enabled, and it's 1 less container to deal with
2022-10-09 17:40:22 +01:00
77bc6947ab Update louislam/uptime-kuma Docker tag to v1.18.4 2022-10-09 10:01:04 +01:00
6d890a6991
Setup slides domain 2022-10-08 17:37:28 +01:00
41582f50db
Set up GitLab pages 2022-10-08 15:51:37 +01:00
2dc13c6f40
Update nebula to 1.6.1 2022-10-05 08:42:01 +01:00
521e6320fd Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
Update matrixdotorg/synapse Docker tag to v1.68.0

See merge request sys/infrastructure!39
2022-10-04 13:42:30 +01:00
681cff5ea7 Merge branch 'renovate/louislam-uptime-kuma-1.x' into 'master'
Update louislam/uptime-kuma Docker tag to v1.18.2

See merge request sys/infrastructure!42
2022-10-04 13:40:52 +01:00
62aab30dc8 Update louislam/uptime-kuma Docker tag to v1.18.2 2022-10-04 12:01:00 +01:00
81b302459e Update vabene1111/recipes Docker tag to v1.4.4 2022-09-30 16:01:02 +01:00
d4830ae9c2 Update dependency ansible-lint to v5.4.0 2022-09-29 10:01:27 +01:00
b32b7ca629 Update matrixdotorg/synapse Docker tag to v1.68.0 2022-09-27 14:01:34 +01:00
02d5b2d8d3
Upgrade sanoid 2022-09-26 19:32:55 +01:00
67b890d639 Merge branch 'renovate/vabene1111-recipes-1.x' into 'master'
Update vabene1111/recipes Docker tag to v1.4.2

See merge request sys/infrastructure!37
2022-09-26 13:56:40 +01:00
5be1078639 Update vabene1111/recipes Docker tag to v1.4.2 2022-09-23 18:01:17 +01:00
bcc2bfd417 Update ghcr.io/goauthentik/server Docker tag to v2022.9.0 2022-09-23 12:01:29 +01:00
cf6cc7de7a
Add email to tandoor 2022-09-22 09:13:28 +01:00
356e04c005
Fewer workers / threads for authentik 2022-09-22 08:52:41 +01:00
92fdfd252a
Add email to authentik 2022-09-22 08:47:01 +01:00
98f2eea59b
Add email to plausible 2022-09-22 08:37:00 +01:00
9098fec232
Disable erlang multi-node distribution 2022-09-22 08:23:30 +01:00
2b590a55c9 Update vabene1111/recipes Docker tag to v1.4.1 2022-09-21 20:01:33 +01:00
71732b7b7c
Don't keep quite so many backups
This results in a huge index which some smaller VMs can't handle
2022-09-21 08:48:05 +01:00
eccefcd7e0
Replace Cloudflare's DNS with Quad9 where it makes sense 2022-09-18 19:55:35 +01:00
60e9454efe
Disable authentik startup analytics 2022-09-18 18:55:24 +01:00
f49b26c6f0
Deploy authentik
Not integrated into other services quite yet. But it's there
2022-09-18 18:49:17 +01:00
4f0ee78b7e
Update grafana to use mailgun 2022-09-18 15:27:58 +01:00
8300d6dbf3
Update commento to use mailgun 2022-09-18 15:01:16 +01:00
63c1bc29db
Update nextcloud to 24.0.5 2022-09-18 14:35:39 +01:00
259ab3aae8 Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
Update matrixdotorg/synapse Docker tag to v1.67.0

See merge request sys/infrastructure!32
2022-09-18 14:22:13 +01:00
128689aed3 Merge branch 'renovate/louislam-uptime-kuma-1.x' into 'master'
Update louislam/uptime-kuma Docker tag to v1.18.0

See merge request sys/infrastructure!33
2022-09-18 14:20:38 +01:00
218d6a48cf
Use mailgun for GitLab emails 2022-09-16 17:43:01 +01:00
5f8a4d7b78
Use supercronic to schedule renovate
This makes it easier to restart, and makes more creative scheduling possible
2022-09-13 20:01:37 +01:00
7575a57e6b Update matrixdotorg/synapse Docker tag to v1.67.0 2022-09-13 11:14:16 +01:00
c7d5056f2a
Scrape homeassistant metrics into prometheus 2022-09-06 21:29:11 +01:00
aa1cef4739 Update louislam/uptime-kuma Docker tag to v1.18.0 2022-09-05 11:03:55 +01:00
0b69388f2c
Remove tmpfs mounts for tt-rss
These don't get created with the correct user permissions, and so breaks
2022-08-29 10:37:13 +01:00
cc3f980d34
Deploy tandoor 2022-08-24 22:17:29 +01:00
10f43bc38d
Prioritise OS-drive's snapraid content file over ZFS
Reads are much faster as it's SSD based, and it avoids unnecessary reads on the pool
2022-08-24 15:24:36 +01:00
dcc3055e93
Use official distribution of tt-rss
The previous one hasn't been updated in about a year. This one requires a couple extra containers, but is officially supported and maintained.
2022-08-24 15:23:21 +01:00
475215f33a
Run as many CI jobs as there are cores 2022-08-17 20:03:37 +01:00
73f165c521
Revert "Update traefik to 2.8"
This reverts commit a695818355.

This causes problems with traefik-pages
2022-08-16 10:17:53 +01:00
4eab0d4f01
Don't mount docker socket to traefik
It was already configured to use the proxy, and was running as non-root
anyway, so likely didn't have access to it in the first place.
2022-08-16 09:38:27 +01:00
8b21b9e6f2
Monitor decker Traefik with prometheus 2022-08-14 15:04:55 +01:00
461cd8fe3c
Update config version of nextcloud 2022-08-14 14:50:14 +01:00
4ccde9cfaf Merge branch 'renovate/lscr.io-linuxserver-nextcloud-24.x' into 'master'
Update dependency lscr.io/linuxserver/nextcloud to v24.0.4

See merge request sys/infrastructure!29
2022-08-14 14:37:13 +01:00
b8953745a6 Update dependency lscr.io/linuxserver/nextcloud to v24.0.4 2022-08-12 09:47:44 +00:00
7577b35755 Update dependency matrixdotorg/synapse to v1.64.0 2022-08-02 10:42:13 +00:00
a695818355
Update traefik to 2.8 2022-08-01 15:02:09 +01:00
9a89dddda3 Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
Update dependency matrixdotorg/synapse to v1.63.1

See merge request sys/infrastructure!27
2022-08-01 14:36:14 +01:00
84e27c9d61 Merge branch 'renovate/vaultwarden-server-1.x' into 'master'
Update dependency vaultwarden/server to v1.25.2

See merge request sys/infrastructure!28
2022-08-01 14:35:33 +01:00
6d7a147b74
Don't bind docker socket in CI
Use dind instead, as it's more secure and isolated

https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#use-docker-in-docker
2022-07-28 17:47:02 +01:00
4311382033 Update dependency vaultwarden/server to v1.25.2 2022-07-27 20:03:05 +00:00
8734ad8ce1 Update dependency matrixdotorg/synapse to v1.63.1 2022-07-20 13:50:49 +00:00
e65b3ec605
Update nextcloud to 24.0.2 2022-06-28 19:28:46 +01:00
6844bbfe99 Merge branch 'renovate/louislam-uptime-kuma-1.x' into 'master'
Update dependency louislam/uptime-kuma to v1.17.1

See merge request sys/infrastructure!25
2022-06-28 19:13:55 +01:00
7b38760196 Update dependency matrixdotorg/synapse to v1.61.1 2022-06-28 14:41:39 +00:00
c502ee57f7
Set nginx to use automatic number of workers
See https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/6895
2022-06-27 17:52:06 +01:00
9632f9aa90 Update dependency louislam/uptime-kuma to v1.17.1 2022-06-23 08:23:24 +00:00
cf763d07f2
Stop capturing logs for containers I don't care about 2022-06-20 21:25:13 +01:00
0d5913ce3c
Disable any hub integrations 2022-06-18 22:09:59 +01:00
df28b56857
Update traefik to 2.7 2022-06-18 22:09:49 +01:00
f1835aecdd Merge branch 'renovate/vaultwarden-server-1.x' into 'master'
Update dependency vaultwarden/server to v1.25.0

See merge request sys/infrastructure!20
2022-06-18 21:53:52 +01:00
fd6a8be593 Merge branch 'renovate/wallabag-wallabag-2.x' into 'master'
Update dependency wallabag/wallabag to v2.5.1

See merge request sys/infrastructure!23
2022-06-18 21:43:45 +01:00
7b779f6ff7 Update dependency matrixdotorg/synapse to v1.61.0 2022-06-14 11:45:06 +00:00
c54ce7b209
For migrate grafana plugins 2022-06-13 21:52:40 +01:00
5b586f2608
Add container to extract TLS certs from traefik into standard format
Disable its network access, just in case
2022-06-13 21:18:45 +01:00
f8e4e6302d Update dependency wallabag/wallabag to v2.5.1 2022-06-09 08:05:42 +00:00
4ba1ab0a28
Update yourls mariadb to 10.8 2022-06-06 22:33:26 +01:00
b62f8001bb
Deploy commento++ 2022-06-05 15:44:49 +01:00
14de6fee84
Use socket proxy for DB backups 2022-06-04 23:03:41 +01:00
a15c300856
Ensure forrest saves DB backups to the correct place 2022-06-04 22:24:53 +01:00
0fd891f988 Update dependency louislam/uptime-kuma to v1.16.1 2022-05-29 05:48:38 +00:00
c159a157c3
Update download location for qbittorrent 2022-05-25 08:46:37 +01:00
0c11079246
Update geerlingguy.docker to fix issue installing on Arch
https://github.com/geerlingguy/ansible-role-docker/issues/346
2022-05-25 08:35:12 +01:00