Commit graph

951 commits

Author SHA1 Message Date
41fadd892e
Update uptime-kuma 2021-10-23 16:24:29 +01:00
4cdaba4692
Swap certificates for wildcards 2021-10-18 21:59:10 +01:00
ebb571bf20
Increase GC frequenc to work around restic's high memory usage
https://github.com/restic/restic/issues/1988
2021-10-15 12:39:16 +01:00
6cc7d0b89e
Update synapse 2021-10-14 18:34:49 +01:00
31208856c2
Pin uptime-kuma version
It's pretty important now
2021-10-14 18:34:00 +01:00
6f0d4b60df
Run more web processes for tt-rss 2021-10-03 16:45:18 +01:00
c867efbe3b
Use alternative container registries where available 2021-10-03 16:26:10 +01:00
3727dd473c
Update synapse to 1.43 2021-10-01 21:17:13 +01:00
7fd176466d
Update nextcloud to 22.2.0
Required quite some hacks around federatedfilesharing app not wanting to update
2021-10-01 20:52:07 +01:00
4293d030d4
Don't lint globally installed roles 2021-09-27 14:50:08 +01:00
4db474034e
Ignore my VMs from a fail2ban 2021-09-27 14:49:56 +01:00
7e2d01c612
Change domain
Now there's a status page, we can consider it public
2021-09-25 21:34:18 +01:00
3daf939b32
Update uptime-kuma container
Now does user management itself
2021-09-25 21:08:42 +01:00
8a37a9d41b
Move uptime-kuma to decker 2021-09-25 21:03:56 +01:00
bf73cfa846
Close some ports which don't need to be open 2021-09-25 17:04:28 +01:00
a135aae5f3
Provision new VM
This will be used for monitoring
2021-09-25 16:59:23 +01:00
48934ad2c5
Apply gzip to everything
The middleware is smart enough to only apply it when needed, and only when it's not already compressed, so it's fine.
2021-09-19 22:48:48 +01:00
83ed8879dc
Correctly set smtp user for GitLab
The user and from are different in my case.
2021-09-19 22:34:40 +01:00
178ca6b2c4
Add privatebin config
Disable super long expirations, among other things
2021-09-19 19:29:05 +01:00
d70f450e2d
Change forget resolution to 30d
Restic is really annoying with its retention arguments, not really allowing what I want, so this is the easiest way to get decent retention.
2021-09-07 22:04:23 +01:00
0a8167c839
Remove stray expose
Traefik picks up the port just fine
2021-09-07 21:04:19 +01:00
eedba465c4
Update synapse 2021-09-07 21:04:04 +01:00
a866938207
Fix hostname of restic server 2021-09-06 21:07:10 +01:00
2db8ca5059
Add basic auth to dokku 2021-09-05 23:11:28 +01:00
a278443850
Use auto on nginx configs
Let nginx work it out, and default to 1 per core
2021-09-04 22:41:30 +01:00
6e25403b3d
Update synapse to 1.41.1 2021-08-31 19:08:38 +01:00
86e9d12ce6
Update nextcloud to 22.1.1 2021-08-31 19:03:19 +01:00
c2cd2e6e34
Add backups for grimes 2021-08-30 21:50:55 +01:00
07b2ea2ccb
Add the ability to exclude certain paths from backup 2021-08-30 21:49:58 +01:00
259b0ca7a6
Use upstream telegraf role
https://github.com/rossmcdonald/telegraf/pull/54 shipped
2021-08-30 21:22:26 +01:00
dcbe6e8e72
Use upstream version of ansible-role-snapraid
https://github.com/IronicBadger/ansible-role-snapraid/pull/7 shipped
2021-08-30 21:21:58 +01:00
95216b32c4
Consolidate server blocks 2021-08-24 14:31:12 +01:00
453a374801
Replace ingress proxy with nginx
This enables HTTPS redirecting at it too much more easily, and matches the gateway configuration.

Requires using upstream versions of nginx to enable https://nginx.org/en/docs/stream/ngx_stream_realip_module.html
2021-08-24 14:21:51 +01:00
f14e723d40
Fix service name on ingress
It's not alpine
2021-08-24 11:52:35 +01:00
601b916b43
Remove deprecated clients from wireguard server
I use nebula now for all that
2021-08-24 11:14:04 +01:00
edc5c325b7
Correctly check hostname against PVE hosts
Some of the hostnames have `-` in instead, which caused issues with the SSH config detecting which users to allow
2021-08-23 19:56:04 +01:00
ecb946bab4
Remove nginx version from headers 2021-08-23 16:12:34 +01:00
93cba46dd1
Redirect to HTTPS at the edge 2021-08-23 16:10:37 +01:00
a54d373526
Replace edge proxy with nginx
The config makes more sense, and it has more of the features I need, which will come later.
2021-08-22 22:35:09 +01:00
23fc7bbb12
Use slightly less memory for ZFS 2021-08-22 15:58:49 +01:00
1d5616a36f
Update roles so they support newer Debian versions
I'm monitoring the PRs, don't worry
2021-08-22 15:22:11 +01:00
8fabd11e31
Remove unnecessary pve role
no-subscription is handled by the nag removal role
2021-08-22 15:20:27 +01:00
f0a3585592
Use distribution name in repo URL 2021-08-22 14:44:34 +01:00
0874158a91
Update traefik to 2.5 2021-08-22 11:16:37 +01:00
c04e8b628a
Update synapse to 1.40.0 2021-08-22 11:16:19 +01:00
c99afdd446
Disable gzip on qbittorrent egress
It's mostly used over the internal network, so the additional gzip isn't going to gain anything when the disk is the bottleneck
2021-08-21 16:46:21 +01:00
55e3b81f06
Install release version of gitlab-dater onto GitLab server
Rather than than hacky development one I was using before
2021-08-10 22:51:12 +01:00
e421657619
Ensure restic gets the correct permissions when it's updated
Yes it's weird to modify the system package like this, but it's very handy.

See also https://restic.readthedocs.io/en/stable/080_examples.html#backing-up-your-system-without-running-restic-as-root
2021-08-10 08:45:59 +01:00
ab46c30df2
Start graphing some speeds 2021-08-07 10:59:42 +01:00
d0e472b51a
Update synapse to 1.39.0 2021-08-06 18:20:48 +01:00