Commit graph

480 commits

Author SHA1 Message Date
969b0bd8d9
Update traefik
Fixes GHSA-6qq8-5wq3-86rp
2020-07-30 21:46:44 +01:00
ed00a0d40e
Update gitea 2020-07-29 18:26:13 +01:00
a6047da465
Use default port 2020-07-28 20:31:32 +01:00
91effbcac5
Add ZFS scrub cron job 2020-07-26 22:17:28 +01:00
6e58b07519
Remove unnecessary quotes 2020-07-26 18:22:43 +01:00
ebbd2a4015
Install zfs and sanoid 2020-07-26 18:03:09 +01:00
5cb1a470ab
Bump plausible pool size 2020-07-26 15:40:03 +01:00
f77cd1216f
Move upload server to walker 2020-07-24 17:14:39 +01:00
3c7c0ec3fa
GZIP plausible traffic
Plausible doesn't gzip for itself. Funnily enough the tracker is actually too small to be compressed by Traefik!
2020-07-22 12:18:49 +01:00
9ee4e1c14b
Add plausible analytics 2020-07-21 20:55:44 +01:00
74d40ac915
Update traefik 2020-07-18 13:29:20 +01:00
005cc528b6
Update nextcloud to 19.0.1 2020-07-17 14:48:50 +01:00
7a38207ef0
Update traefik 2020-07-15 14:53:36 +01:00
b7aebfaabd
Move statping to new machine
Also update it to the latest version. It's probably still buggy AF, but it'll do for what I need it to rigth now.
2020-07-14 19:35:55 +01:00
52e8f34198
Pin jellyfin to latest
It can update itself just fine
2020-07-13 18:09:33 +01:00
9d962c324b
Update synapse 2020-07-13 18:04:20 +01:00
bb5a5b61bd
Update traefik 2020-07-13 18:04:11 +01:00
dd8523ebdd
Update gitea 2020-07-13 18:02:51 +01:00
eed13e3727
Setup offsite storage service
My own lil' S3
2020-07-12 21:01:06 +01:00
3c49c80ff1
Ensure traefik only listens on wireguard network 2020-07-12 19:29:18 +01:00
9c0682ef9b
Restrict SSH connections to wireguard cidr
Except on home server, still handy to connect on same network.
2020-07-12 17:53:02 +01:00
e5e308fafa
Remove firewall role
firewalld does not play nice with docker!
2020-07-12 17:04:13 +01:00
f2d7d63e2d
Update nextcloud base 2020-07-10 16:15:13 +01:00
dc2b51db6b
Update synapse 2020-07-10 16:02:06 +01:00
ba486a26e4
Update duplicati 2020-07-09 19:27:53 +01:00
13a70b27a4
Add RGB LED controller 2020-07-06 20:48:57 +01:00
82bffc3538
Setup firewalld 2020-07-03 21:53:31 +01:00
fba284f9a9
Change primary gitea domain to the one I actually use 2020-07-02 19:42:51 +01:00
1c99477ce9
Move nextcloud config into root 2020-07-02 18:44:27 +01:00
c80d4b7e04
Move tt-rss config out of config directory 2020-07-02 18:24:26 +01:00
689c0cecd9
Set permissions on nextcloud data dir 2020-07-02 17:52:53 +01:00
452118e2a9
Update synapse 2020-07-02 17:41:22 +01:00
86a398d6b4
Replace docker-compose restart hack with shell handler hack
The docker-compose integration would start 2 of the same container, which does bad things to things like databases!
2020-06-28 20:13:12 +01:00
71086ca291
Do HA person management through web UI 2020-06-28 19:35:39 +01:00
e2ca9ad4a9
Don't use host hack to connect to influx
Just bind to internal port like a sane person
2020-06-28 19:16:22 +01:00
9f09554053
Set some sysctl settings so zeroconf works for HA
https://stackoverflow.com/a/46890741
2020-06-28 17:35:49 +01:00
bf2a5e9320
Add Tado and Arlo integrations 2020-06-27 21:00:18 +01:00
e4aba817cc
Fix influxdb comms
Stupid host network mode and DNS
2020-06-27 21:00:07 +01:00
cfd46ea752
I'm probably where my phone is 2020-06-27 19:53:21 +01:00
fe5a5984c3
Remove container names from containers
They're not needed for anything, and caused annoying weird issues when cycling containers
2020-06-27 17:45:28 +01:00
681d591176
Add ESPHome 2020-06-27 16:45:00 +01:00
c89715c52b
Add influxdb for homeassistant storage 2020-06-27 16:34:41 +01:00
93b4bef05d
Add home-assistant 2020-06-27 16:16:52 +01:00
e5cbae81f4
Switch from Emby to Jellyfin
Merge remote-tracking branch 'origin/jellyfin'
2020-06-25 21:39:19 +01:00
e051db5e71
Remove obsolete middleware 2020-06-24 18:48:39 +01:00
7119d5877f
Only expose deluge to internal network
And VPN
2020-06-24 18:48:30 +01:00
dd12b795b5
Remove pihole
Internal VPN server is working just perfectly instead
2020-06-24 18:46:13 +01:00
7d61282d19
Set depends_on where needed 2020-06-24 18:35:20 +01:00
7a3643f3c2
Persist mirror caches outside container 2020-06-24 18:21:14 +01:00
df54decc99
Mirror dotfiles repo 2020-06-24 16:47:31 +01:00
82a3c85263
Install git-mirror container
This also moves the canonical home of this repo to my gitea instance!
2020-06-24 16:27:13 +01:00
5f9b337c7a
Update gitea 2020-06-24 14:26:12 +01:00
2ab8928985
Update nextcloud base 2020-06-24 14:26:05 +01:00
319c96512e
Change default theme to original
Black and green looks odd
2020-06-22 21:03:08 +01:00
913ee4759f
Quote value to silence errors 2020-06-18 21:18:47 +01:00
9ba9593127
Remove debug log level for deluge 2020-06-18 20:50:04 +01:00
f878866f10
Update yamllint 2020-06-18 20:49:12 +01:00
9f59b30f1e
Update synapse 2020-06-18 20:34:23 +01:00
7f62ed43d4
Update gitea to 1.12 2020-06-18 20:33:09 +01:00
624d1b5425
Set HSTS header for nextcloud 2020-06-13 21:14:23 +01:00
ca188ab1b4
Rename middleware
It's not actually applying a HSTS header
2020-06-13 21:09:48 +01:00
d7b6abaf58
Update to nextcloud 19 2020-06-13 21:06:33 +01:00
a22f555878
Unpin the versions of things I don't care about too much
If they update and break, it's not the end of the world, however unlikely it may be
2020-06-13 19:38:42 +01:00
a3d19eba94
Update synapse 2020-06-13 19:27:53 +01:00
3969b23cd0
Keep using fancy index
Repairs breaking change from 0f036dd6d7
2020-06-11 19:24:53 +01:00
e1ae11e388
Update quassel base 2020-06-10 13:54:18 +01:00
26aba92483
DIal back emby update
Apparently that was a pre-release
2020-06-10 13:53:47 +01:00
e54ec1312c
Replace onlyoffice with collabora 2020-06-07 21:09:02 +01:00
0724ae9238
Update redis 2020-06-07 15:09:20 +01:00
61a50435c9
Update emby 2020-06-05 19:11:49 +01:00
fa41b09d83
Update deluge base 2020-06-05 17:36:09 +01:00
15720fded8
Update quassel base 2020-06-05 17:35:56 +01:00
1f9ea561df
Update calibre 2020-06-05 17:35:37 +01:00
0a13b8e34d
Update nextcloud base 2020-05-31 13:30:37 +01:00
d41d1b0d6c
Update gitea 2020-05-31 13:26:47 +01:00
605ae4f8b8
Make sure media is owned correctly 2020-05-30 15:35:55 +01:00
e5d77f23fd
Update deluge base 2020-05-29 15:37:49 +01:00
249045e4cd
Update synapse 2020-05-29 15:37:39 +01:00
cd076b871c
Update duplicati base 2020-05-29 15:36:40 +01:00
f59c625058
Move nextcloud DB to SSD
Speeeeeeeeed
2020-05-28 20:20:33 +01:00
28cdaefb05
Update nextcloud base 2020-05-27 16:17:32 +01:00
adc7611242
Only bind duplicati to wireguard interface 2020-05-25 17:38:26 +01:00
986fc50fde
Set hostname for duplicati so it's picked up correctly in the UI
This shouldn't have any negative impact. Hopefully...
2020-05-25 17:32:44 +01:00
851f750948
Move duplicati to its own role so it can be installed on grimes 2020-05-25 17:25:58 +01:00
b45d399734
Mount entire host inside duplicati 2020-05-25 17:01:29 +01:00
7dd31c0556
Allow nextcloud to be reached over internal SSL
This removes the need for a custom config, and means traefik is proxying HTTP2, which is nice
2020-05-24 19:21:17 +01:00
eac381a90a
Decrease resource limit on FaH
It's getting hot
2020-05-24 18:37:57 +01:00
d2269de4ad
Claenup docker util scripts 2020-05-23 18:25:00 +01:00
ceca641e2f
Remove deprecated options 2020-05-23 11:47:31 +01:00
c92f924faa
Harden host key 2020-05-23 11:45:53 +01:00
2fe6cf7c93
Install mobile key 2020-05-23 11:23:45 +01:00
20d5020f6b
Manually use file lookup so the terminal output looks nicer 2020-05-23 11:18:48 +01:00
09418cffb0
Provision SSH keys with ansible now 2020-05-23 11:04:50 +01:00
7e534e52e1
Merge SSH into base role 2020-05-23 10:58:09 +01:00
16881048e2
Update duplicati 2020-05-23 10:35:59 +01:00
892ac4e950
Update synapse 2020-05-22 22:34:37 +01:00
cd255f7ca2
Remove docker-rclone-mount
Seems there's some issues where having this attached which makes the duplicati container delete all its RO mounts.
2020-05-22 21:09:40 +01:00
7fbfbbb699
Ansiblize rclone mounts configs 2020-05-22 12:04:43 +01:00
251d52f1de
Add rclone mounts 2020-05-22 11:47:45 +01:00
9b9af7e90d
Set nextcloud trusted proxy to docker host IP 2020-05-21 18:11:51 +01:00
fc7b57eab9
Modify some things and cleanup gitea config 2020-05-21 17:58:38 +01:00
1c8d80e12d
Revert "Add a redis cache to gitea"
This reverts commit c0c396f008.

Causes weird stability issues as the process received sig 15 and
restarts, which is strange!
2020-05-21 12:03:45 +01:00
c0c396f008
Add a redis cache to gitea 2020-05-19 21:49:09 +01:00
b9e6e8801e
Mount a directory for restore testing
And for actual restores, should the time come...
2020-05-18 12:08:10 +01:00
9850f73a17
Deploy web-rng
https://github.com/RealOrangeOne/web-rng
2020-05-17 18:04:44 +01:00
600bc4bb58
Ensure sysctl change is persisted
See note in https://wiki.archlinux.org/index.php/Sysctl#Configuration
2020-05-16 16:15:58 +01:00
f207b2eedd
Update quassel base 2020-05-14 14:16:19 +01:00
1a51624f5f
Update nextcloud base 2020-05-14 14:16:11 +01:00
98f478a1ca
Update pihole to v5 2020-05-14 14:15:36 +01:00
825b7926af
Update duplicati base 2020-05-14 14:15:28 +01:00
851c6b167c
Remove yourls
Mariadb update broke it, but I never use it anyway.
2020-05-14 13:54:59 +01:00
6f7f7aae94
Remove TOR proxy
Wasn't actually using it, proxying through `grimes`
2020-05-12 20:43:19 +01:00
112e8ce985
Install some wireguard tools 2020-05-11 11:59:46 +01:00
93e5ce5bac
Reduce polling interval slightly so things update quicker 2020-05-10 22:20:03 +01:00
eb65e8808d
Update gitea 2020-05-10 19:38:00 +01:00
40cf931f14
Update deluge base 2020-05-10 19:37:48 +01:00
8f32d74095
Update gotify 2020-05-10 19:29:36 +01:00
2d655a3da0
Remove unnecessary strings 2020-05-10 19:23:41 +01:00
d693240eb4
Just hardcode to bash
I'm not resetting my login shell again!
2020-05-10 19:19:42 +01:00
f156bd6860
Use which to get path to bash 2020-05-09 21:06:03 +01:00
59868fc331
Install git on all hosts 2020-05-09 21:03:43 +01:00
52ae01d29f
Add user to docker group 2020-05-09 20:48:46 +01:00
59a721b243
Create user 2020-05-09 20:47:41 +01:00
5289206f14
Remove unnecessary quotes 2020-05-09 20:11:08 +01:00
1f0e33acc8
Remove fail2ban
Keeps getting hit by stats. I should fix that at some point
2020-05-09 20:09:36 +01:00
f3126e34b9
Update haproxy config for use on arch 2020-05-09 20:08:27 +01:00
059cb585db
Use OS-agnostic package install for haproxy 2020-05-09 20:08:14 +01:00
095c8c4562
Use sysctl to enable p2p comms 2020-05-09 20:07:19 +01:00
f6214f1495
Replace nginx with static server 2020-05-09 17:14:16 +01:00
bb5e489f8c
Remove the explicit enable of TLS in Traefik
Much cleaner config!
2020-05-08 22:16:24 +01:00
19fc0c0957
Add shorter URLs for upload 2020-05-08 21:45:27 +01:00
2f523075ae
Add upload server 2020-05-08 21:27:32 +01:00
2618f38c52
Update nextcloud base 2020-05-06 16:28:19 +01:00
f511f0d604
Alllow librespeed to be accessed over home network 2020-05-06 16:18:47 +01:00
56ebe2ad01
Use basic-auth to protect librespeed rather than whitelist 2020-05-06 16:11:29 +01:00
aad14a4ceb
Update calibre 2020-05-05 22:30:03 +01:00
5db68b7658
Update quassel base 2020-05-05 22:29:57 +01:00
54ec7f2332
Add a basic SOCKS proxy 2020-05-05 21:55:14 +01:00
bc545b742a
Redirect 0rng.one to website 2020-05-01 21:26:48 +01:00
ae7ee2dd81
Update deluge base 2020-04-30 21:57:10 +01:00
59e5a13cd0
Update nextcloud base 2020-04-30 21:53:34 +01:00
0256570f1c
Update traefik 2020-04-30 21:50:18 +01:00
ceeba55a83
Migrate from emby to jellyfin 2020-04-30 21:45:03 +01:00
974e0e8467
Enable services
Not just during reload
2020-04-28 20:48:15 +01:00
61136f69af
Update quassel base 2020-04-28 20:45:10 +01:00
bd8e41a1aa
Update gotify 2020-04-28 20:45:02 +01:00
68a684c7f6
Set gitea SSH domain to alias 2020-04-28 20:31:29 +01:00
957d4d7b69
Only use a single domain for YOURLS 2020-04-26 16:33:05 +01:00
bfce9e1cbf
Host statping outside home 2020-04-26 15:37:28 +01:00
7c6abc33fe
Host website outside home 2020-04-26 14:26:48 +01:00
92c85904bd
Rename role for intersect docker applications 2020-04-26 13:56:26 +01:00
05c7690b83
Make grimes a docker host 2020-04-26 13:44:06 +01:00
50cb5a56fc
OpenSSH is called something different on Arch 2020-04-26 12:16:18 +01:00
051ec43769
wg-quick can't be reloaed
This might break things!
2020-04-26 12:05:45 +01:00
4aa5a7d5a8
Use package so it's OS agnostic 2020-04-26 11:25:01 +01:00
3e523bd04b
Remove traefik subdomain 2020-04-25 12:15:28 +01:00
6695e60f8e
Update nextcloud 2020-04-24 22:12:49 +01:00
6a862f9fb3
Always restart watchtower 2020-04-24 21:38:00 +01:00
2ddde6c129
Fix task names of new roles 2020-04-23 21:54:04 +01:00
5585fb0b12
Convert watchtower into its own role 2020-04-23 21:51:01 +01:00
81ef4ad67a
Rename base role to common 2020-04-23 21:38:16 +01:00
b11ca7fe21
Convert netdata into its own role 2020-04-23 21:32:18 +01:00
975ba9a2ed
Remove netdata domain 2020-04-23 21:16:48 +01:00
89ba23719c
Move traefik into its own role 2020-04-23 20:49:43 +01:00
9962d9103f
Extract docker cleanup stuff into its own role 2020-04-23 20:17:54 +01:00
7a296c63a2
Update YOURLS 2020-04-23 17:31:43 +01:00
eba4b8226f
Update synapse 2020-04-23 17:31:21 +01:00
221bdf62ef
update quassel base 2020-04-23 17:31:11 +01:00
7113802df7
Update nextcloud base 2020-04-23 17:31:03 +01:00
303283f73e
Remove portainer 2020-04-19 21:42:57 +01:00
d87b91d5aa
Update some LSIO container bases 2020-04-18 22:53:15 +01:00
ff8beea3c4
Massively increase timeouts to prevent websocket issues 2020-04-17 23:04:20 +01:00
d2ca5a51be
Revert "Update statping and move to new container"
This reverts commit 880054eb2d.

Statping 0.90 is buggy AF, see https://github.com/statping/statping/issues/456
2020-04-17 22:10:40 +01:00
1da3ca95e7
Stop using unstable repos to install wireguard
It's in backports now, which is much easier to install from!
2020-04-17 09:08:10 +01:00
880054eb2d
Update statping and move to new container 2020-04-15 21:17:01 +01:00
853dfbf9a1
Update nextcloud base 2020-04-15 18:26:06 +01:00
be15714cca
Update quassel base 2020-04-13 19:37:16 +01:00
4f5a99263f
Remove cgit landing pages
I can use an org to make the URLs in gitea slightly nicer, which will do for now
2020-04-11 17:37:05 +01:00
17f5aa921b
Sort items in main.yml 2020-04-11 17:23:28 +01:00
df017b3ee6
Add a server-side analytics page 2020-04-10 12:33:51 +01:00
8185ad979d
Update deluge base 2020-04-10 11:35:54 +01:00
d0c36adba8
Self host my website 🎉 2020-04-10 11:31:01 +01:00
92d33a0fa7
Update emby 2020-04-09 08:45:09 +01:00
30e47836fa
Update nextcloud 2020-04-09 08:43:42 +01:00
9de6c4a515
Update quassel base 2020-04-06 19:44:39 +01:00
091fd9045b
Update emby base 2020-04-04 22:35:39 +01:00
0e79f4a7ba
Fuck isolation! 2020-04-04 11:41:41 +01:00
0ef3901ee6
Update emby 2020-04-04 11:16:57 +01:00
7b0cc0893d
Add shorter domain for whoami container 2020-04-03 23:59:07 +01:00
7322adc52a
Remove py3 suffix
It's all python3
2020-04-03 11:29:42 +01:00
94a62ba724
Update synapse 2020-04-03 11:26:56 +01:00
be068a774a
Add my user to dockeruser group
Makes debugging things so much easier!
2020-04-02 09:05:32 +01:00
f7f417b780
Update gitea 2020-04-01 19:54:25 +01:00
d91746ebeb
Update nextcloud base 2020-04-01 19:46:00 +01:00
f32e0bfe59
Only add timeout for core HTTP ports 2020-03-31 19:27:47 +01:00
335992c9e9
Restore custom middleware implementation.
This redirect doesn't work correctly, let's revert to our custom one for
now. It does exactly the same thing, anyway
2020-03-31 14:53:00 +01:00
079e58e67b
Add some automated postgres backups 2020-03-30 21:40:04 +01:00
10991def1e
Run the prune without prompt, and hard remove images 2020-03-30 18:23:11 +01:00
d1e814f097
Prune the system daily rather than weekly 2020-03-30 18:19:24 +01:00
2f17d2a9ff
Update quassel base 2020-03-30 18:07:22 +01:00