|
3318656730
|
Update dependency geerlingguy.ntp to v2.4.0
/ ansible (push) Failing after 24s
/ terraform (push) Failing after 31s
|
2024-04-15 15:06:23 +01:00 |
|
|
9d98d88089
|
Update lscr.io/linuxserver/nextcloud Docker tag to v28.0.4
/ terraform (push) Failing after 2s
/ ansible (push) Failing after 2s
|
2024-04-15 15:02:53 +01:00 |
|
|
67af033fcd
|
Update dependency dokku_bot.ansible_dokku to v2024
/ terraform (push) Failing after 2s
/ ansible (push) Failing after 2s
|
2024-04-15 14:36:50 +01:00 |
|
|
5330fdc56f
|
Update ghcr.io/goauthentik/server Docker tag to v2024
/ terraform (push) Failing after 2s
/ ansible (push) Failing after 2s
|
2024-04-15 14:11:11 +01:00 |
|
|
2e0b562f5d
|
Update matrixdotorg/synapse Docker tag to v1.104.0
/ terraform (push) Failing after 2s
/ ansible (push) Failing after 2s
|
2024-04-15 13:58:20 +01:00 |
|
|
989a804bad
|
Update wallabag/wallabag Docker tag to v2.6.9
/ terraform (push) Failing after 51s
/ ansible (push) Failing after 46s
|
2024-04-03 12:00:18 +01:00 |
|
|
8424b3211b
|
Allow ingress to serve as tailscale exit node
/ terraform (push) Successful in 38s
/ ansible (push) Successful in 1m46s
|
2024-03-28 23:30:24 +00:00 |
|
|
5157940f20
|
Stop exposing homeassistant
/ terraform (push) Successful in 58s
/ ansible (push) Successful in 1m52s
|
2024-03-23 11:54:26 +00:00 |
|
|
eb6fe3a23b
|
Allow forrest to access internal services
/ terraform (push) Successful in 36s
/ ansible (push) Successful in 1m36s
This is mostly for monitoring
|
2024-03-22 18:13:25 +00:00 |
|
|
b2656bdf43
|
Make vaultwarden VPN only
/ terraform (push) Successful in 33s
/ ansible (push) Successful in 1m36s
The first service to go dark...
|
2024-03-21 23:20:27 +00:00 |
|
|
0295507d0b
|
Increase frequency of snapshots
/ terraform (push) Failing after 34s
/ ansible (push) Successful in 1m34s
|
2024-03-19 21:31:27 +00:00 |
|
|
f88d224168
|
Allow only exposing services over Tailscale
/ terraform (push) Failing after 41s
/ ansible (push) Successful in 1m41s
This works using public DNS, so doesn't need Tailscale's magic DNS to override my local.
|
2024-03-07 22:30:10 +00:00 |
|
|
451a114262
|
Add IPv6 support for internal DNS overrides
CoreDNS 1.11.2 finally shipped!
|
2024-03-07 20:02:39 +00:00 |
|
|
119b3212a9
|
Remove robots.txt for gitea
/ terraform (push) Successful in 27s
/ ansible (push) Successful in 1m30s
|
2024-03-04 08:38:16 +00:00 |
|
|
5aae711cb8
|
Update vaultwarden/server Docker tag to v1.30.5
/ terraform (push) Successful in 46s
/ ansible (push) Successful in 1m45s
|
2024-03-04 08:33:59 +00:00 |
|
|
f552332598
|
Update lscr.io/linuxserver/mastodon Docker tag to v4.2.8
/ ansible (push) Has been cancelled
/ terraform (push) Has been cancelled
|
2024-03-04 08:33:51 +00:00 |
|
|
82451784a8
|
Deploy slides hosting
/ terraform (push) Successful in 50s
/ ansible (push) Successful in 1m49s
|
2024-03-03 21:39:22 +00:00 |
|
|
000f3d3348
|
Add HSTS to all nginx requests
|
2024-03-03 21:37:07 +00:00 |
|
|
0dcc3f7c30
|
Use regular version of nginx on Arch
/ terraform (push) Successful in 30s
/ ansible (push) Successful in 1m30s
`nginx-mainline` requires modules be recompiled each time, and isn't handled automatically. It's still a very new and maintained release.
|
2024-02-29 19:46:32 +00:00 |
|
|
8a1e21c79d
|
Ensure headscale sees the correct IP
/ terraform (push) Successful in 49s
/ ansible (push) Successful in 1m48s
|
2024-02-29 17:41:29 +00:00 |
|
|
998d798797
|
Set maintenance window for nextcloud
/ terraform (push) Successful in 26s
/ ansible (push) Successful in 1m37s
|
2024-02-21 21:57:03 +00:00 |
|
|
11a93dac55
|
Update nextcloud version in config
|
2024-02-21 21:52:58 +00:00 |
|
|
97da6edc13
|
Update dependency ansible-lint to v24
/ terraform (push) Successful in 27s
/ ansible (push) Successful in 1m36s
|
2024-02-21 21:47:29 +00:00 |
|
|
d66708b10b
|
Update dependency artis3n.tailscale to v4.4.2
/ terraform (push) Successful in 24s
/ ansible (push) Successful in 1m34s
|
2024-02-21 21:43:33 +00:00 |
|
|
7d64518840
|
Update matrixdotorg/synapse Docker tag to v1.101.0
/ ansible (push) Has been cancelled
/ terraform (push) Has been cancelled
|
2024-02-21 21:43:15 +00:00 |
|
|
26bcf09fea
|
Update lscr.io/linuxserver/nextcloud Docker tag to v28.0.2
/ terraform (push) Has been cancelled
/ ansible (push) Has been cancelled
|
2024-02-21 21:42:50 +00:00 |
|
|
808e72553b
|
Add the basics of some edge caching
/ ansible (push) Has been cancelled
/ terraform (push) Has been cancelled
|
2024-02-21 21:42:16 +00:00 |
|
|
b513c88774
|
Update vaultwarden/server Docker tag to v1.30.3
/ ansible (push) Successful in 1m33s
/ terraform (push) Successful in 27s
|
2024-02-19 14:13:02 +00:00 |
|
|
7741fbc163
|
Update vabene1111/recipes Docker tag to v1.5.13
/ terraform (push) Successful in 25s
/ ansible (push) Successful in 1m34s
|
2024-02-19 14:07:32 +00:00 |
|
|
45cf930d14
|
Update lscr.io/linuxserver/mastodon Docker tag to v4.2.7
/ terraform (push) Successful in 49s
/ ansible (push) Successful in 1m54s
|
2024-02-17 08:00:21 +00:00 |
|
|
58c48261e7
|
Consolidate vikunja container
/ terraform (push) Successful in 53s
/ ansible (push) Successful in 1m51s
|
2024-02-12 14:12:17 +00:00 |
|
|
91a247868b
|
Add routes from forrest to tailscale network
/ terraform (push) Successful in 27s
/ ansible (push) Successful in 1m35s
|
2024-02-07 22:12:08 +00:00 |
|
|
df43be6f9b
|
Set private_ip for some other machines
/ terraform (push) Successful in 36s
/ ansible (push) Successful in 1m39s
|
2024-02-07 19:27:48 +00:00 |
|
|
b6eca40ae0
|
Allow tailscale IP in more places
|
2024-02-07 18:21:16 +00:00 |
|
|
6c1c245c23
|
Update matrixdotorg/synapse Docker tag to v1.100.0
/ terraform (push) Successful in 25s
/ ansible (push) Successful in 1m38s
|
2024-02-02 13:38:12 +00:00 |
|
|
379d4a26fa
|
Update vabene1111/recipes Docker tag to v1.5.12
/ ansible (push) Has been cancelled
/ terraform (push) Has been cancelled
|
2024-02-02 13:38:00 +00:00 |
|
|
f1a2694f1a
|
Update lscr.io/linuxserver/mastodon Docker tag to v4.2.5
/ terraform (push) Successful in 29s
/ ansible (push) Has been cancelled
|
2024-02-02 13:37:05 +00:00 |
|
|
02847355a7
|
Install tailscale
/ terraform (push) Successful in 29s
/ ansible (push) Successful in 1m34s
Install, not configure
|
2024-02-01 19:41:47 +00:00 |
|
|
29cac09b48
|
Remove explicit port for headscale
|
2024-02-01 18:32:53 +00:00 |
|
|
dba0262801
|
Remove website tmpfs
/ terraform (push) Successful in 29s
/ ansible (push) Successful in 1m36s
The server's disk is probably fast enough, and container restarts will nuke that storage anyway
|
2024-02-01 18:15:51 +00:00 |
|
|
0c6528f9ca
|
Restrict access to headscale OIDC and API
/ terraform (push) Successful in 29s
/ ansible (push) Successful in 1m33s
|
2024-01-31 21:40:43 +00:00 |
|
|
dfa8328e7b
|
Move gateway logs to separate file
|
2024-01-31 21:06:19 +00:00 |
|
|
53c758a781
|
Monitor headscale with prometheus
/ terraform (push) Successful in 29s
/ ansible (push) Successful in 1m38s
|
2024-01-27 17:40:02 +00:00 |
|
|
b51677b795
|
Back up headscale config
/ terraform (push) Successful in 48s
/ ansible (push) Successful in 1m51s
|
2024-01-27 15:04:53 +00:00 |
|
|
2ceeaf091d
|
Deploy headscale
/ terraform (push) Failing after 11m20s
/ ansible (push) Failing after 11m6s
|
2024-01-27 14:18:37 +00:00 |
|
|
06784563a7
|
Don't resolve ipv6
/ terraform (push) Successful in 30s
/ ansible (push) Successful in 1m36s
Something about this setup doesn't like it, so I'll disable v6 for now
|
2024-01-26 21:43:04 +00:00 |
|
|
4f6f4143ce
|
Update matrixdotorg/synapse Docker tag to v1.99.0
/ terraform (push) Successful in 31s
/ ansible (push) Successful in 1m46s
|
2024-01-22 09:15:38 +00:00 |
|
|
5292785cd9
|
Update wallabag/wallabag Docker tag to v2.6.8
/ terraform (push) Has started running
/ ansible (push) Successful in 1m38s
|
2024-01-22 09:11:27 +00:00 |
|
|
d297674fb5
|
Update vabene1111/recipes Docker tag to v1.5.11
/ terraform (push) Successful in 49s
/ ansible (push) Successful in 1m51s
|
2024-01-22 08:42:36 +00:00 |
|
|
88f0828153
|
Use primary Quad9 servers
/ terraform (push) Successful in 47s
/ ansible (push) Successful in 1m39s
DNSSEC and malware blocking is probably useful, just in case
|
2024-01-21 23:19:49 +00:00 |
|
|
cfc3de61b4
|
Add fallback quad9 address
This aids availability, along with a healthcheck
|
2024-01-21 23:05:25 +00:00 |
|
|
c6bae0f797
|
Do simple endsWith matching for docker view
/ terraform (push) Successful in 33s
/ ansible (push) Successful in 1m42s
This saves the need for a regex
|
2024-01-14 22:27:02 +00:00 |
|
|
4c5936b2aa
|
Disable Grafana analytics
/ terraform (push) Successful in 32s
/ ansible (push) Successful in 1m41s
|
2024-01-14 15:30:12 +00:00 |
|
|
9d685d85aa
|
Update website deployment to unify containers
/ terraform (push) Successful in 1m9s
/ ansible (push) Successful in 2m17s
|
2024-01-14 14:22:19 +00:00 |
|
|
ac166c3874
|
Start resolved to support mDNS
/ terraform (push) Successful in 34s
/ ansible (push) Successful in 1m44s
|
2024-01-10 13:28:45 +00:00 |
|
|
06b9197c5b
|
Sync terraform state to restic
/ terraform (push) Successful in 31s
/ ansible (push) Successful in 1m47s
This allows it to be backed up easily
|
2024-01-09 19:56:06 +00:00 |
|
|
4a69df1d6c
|
Ignore ansible-lint for nebula install block
/ terraform (push) Successful in 1m28s
/ ansible (push) Successful in 1m48s
I'm smarter than it is
|
2024-01-08 21:49:38 +00:00 |
|
|
f33d19e156
|
Move AdGuardHome configuration to Terraform
https://git.theorangeone.net/systems/adguardhome
|
2024-01-08 21:45:28 +00:00 |
|
|
ed59458f39
|
Add backups to tang
/ terraform (push) Successful in 1m21s
/ ansible (push) Failing after 1m37s
|
2024-01-08 19:20:55 +00:00 |
|
|
616d20e23b
|
Tweak some AGH settings
/ terraform (push) Successful in 1m15s
/ ansible (push) Failing after 1m59s
|
2024-01-08 19:01:46 +00:00 |
|
|
383a57d1f2
|
Use DoH endpoint fot quad9
Seems latency is much lower
|
2024-01-08 18:21:03 +00:00 |
|
|
c8211d4756
|
Use Debian repo version of nginx
/ terraform (push) Successful in 1m3s
/ ansible (push) Failing after 1m53s
It's older, and doesn't have `stream` compiled in, but the repo one can't link to any of the installed modules, which is a non-starter.
|
2024-01-04 14:17:36 +00:00 |
|
|
57ad143268
|
Set password for homeassistant SMB mount
/ terraform (push) Successful in 38s
/ ansible (push) Failing after 1m40s
It had an IP restriction, but still
|
2024-01-03 21:23:49 +00:00 |
|
|
16e9952b2f
|
Replace custom restic logs with runitor
|
2024-01-03 21:09:07 +00:00 |
|
|
f5154d1683
|
Use CoreDNS to do recursive CNAME aliasing for AGH
/ terraform (push) Successful in 47s
/ ansible (push) Failing after 1m38s
|
2024-01-02 17:48:47 +00:00 |
|
|
3ed7074af6
|
Rename coredns role
|
2024-01-02 17:02:34 +00:00 |
|
|
5581bbc01a
|
Replace pihole with adguardhome
/ terraform (push) Successful in 1m13s
/ ansible (push) Successful in 2m19s
AGH is much simpler to install and manage, and does DoH natively.
|
2024-01-01 15:48:14 +00:00 |
|
|
56bfe544e4
|
nginx HTTPS redirect on ipv6
|
2023-12-31 22:49:11 +00:00 |
|
|
83543fe081
|
Update lscr.io/linuxserver/nextcloud Docker tag to v28.0.1
/ terraform (push) Successful in 33s
/ ansible (push) Successful in 1m49s
|
2023-12-28 21:39:28 +00:00 |
|
|
0e0d0c9b82
|
walker doesn't have a traefik anymore
/ terraform (push) Successful in 1m8s
/ ansible (push) Successful in 2m15s
|
2023-12-26 22:31:12 +00:00 |
|
|
026d8db13e
|
Be root when generating dhparams
/ terraform (push) Successful in 37s
/ ansible (push) Successful in 1m50s
This is needed to write to the destination
|
2023-12-24 19:44:30 +00:00 |
|
|
593a945c5c
|
Install nginx from package manager if available
|
2023-12-24 19:44:30 +00:00 |
|
|
bd15946f3b
|
Update Nebula
|
2023-12-24 19:44:30 +00:00 |
|
|
f4b96afcfa
|
Deploy ntfy
/ terraform (push) Successful in 1m15s
/ ansible (push) Successful in 2m22s
|
2023-12-23 16:40:53 +00:00 |
|
|
c0c7f393e3
|
Only pin to minor versions of gitea
/ terraform (push) Successful in 32s
/ ansible (push) Successful in 1m48s
|
2023-12-21 16:43:18 +00:00 |
|
|
5fd952be4c
|
Only pin to minor version of Authentik
|
2023-12-21 16:42:02 +00:00 |
|
|
1e798ac5ce
|
Don't require role variables to be prefixed
|
2023-12-21 16:38:24 +00:00 |
|
|
39899cd1e0
|
Use certbot to issue certificates
|
2023-12-21 16:38:07 +00:00 |
|
|
8e1a203df2
|
Add helper map for better websocket support
|
2023-12-21 16:38:07 +00:00 |
|
|
a3baf8be1e
|
Use nginx as reverse proxy on walker, removing traefik
SSL coming soon
|
2023-12-21 16:38:07 +00:00 |
|
|
a7eb372899
|
Fix HTTPS redirect hostname
|
2023-12-21 14:58:19 +00:00 |
|
|
80a770f399
|
Add include files before main nginx config
|
2023-12-21 14:58:04 +00:00 |
|
|
ef432642dd
|
Unify nginx module tasks
/ terraform (push) Successful in 1m8s
/ ansible (push) Failing after 2m0s
|
2023-12-20 22:35:11 +00:00 |
|
|
b32a63bd72
|
Add helpful includes
Along with ensuring there are dhparams
|
2023-12-20 22:29:42 +00:00 |
|
|
2336e4dd5b
|
Add brotli
/ terraform (push) Successful in 1m5s
/ ansible (push) Successful in 2m19s
|
2023-12-17 18:12:33 +00:00 |
|
|
46eda36515
|
Fully block Server header
/ terraform (push) Successful in 31s
/ ansible (push) Successful in 1m46s
|
2023-12-16 21:57:19 +00:00 |
|
|
cfb498d7c6
|
Only add HTTPS redirect when it's needed
/ terraform (push) Successful in 1m3s
/ ansible (push) Successful in 2m7s
|
2023-12-16 18:13:49 +00:00 |
|
|
48efcf4d91
|
Use mainline nginx release on Arch
|
2023-12-16 18:03:01 +00:00 |
|
|
930cf87084
|
gzip as much as makes sense
|
2023-12-16 17:58:15 +00:00 |
|
|
92052a3d0a
|
Unify nginx configuration
This creates a simple base configuration skeleton, that other configuration can be easily loaded into.
|
2023-12-16 17:47:04 +00:00 |
|
|
943c141d59
|
Ensure ingress proxy doesn't terminate connections
/ terraform (push) Successful in 1m6s
/ ansible (push) Successful in 2m16s
This mostly works around a weird issues with Jellyfin
|
2023-12-14 22:08:02 +00:00 |
|
|
2ff2128330
|
Set pihole temp unit
|
2023-12-14 22:04:14 +00:00 |
|
|
b33e19e152
|
Remove unnecessary extra variable definitions
The world could do with a bit less YAML!
|
2023-12-14 22:03:23 +00:00 |
|
|
7ad5d6e51e
|
Deploy coredns as a proxy to Docker's internal DNS
|
2023-12-14 21:04:26 +00:00 |
|
|
7381c1f10a
|
Update nextcloud version in config.php
/ terraform (push) Successful in 27s
/ ansible (push) Successful in 1m41s
|
2023-12-13 17:48:46 +00:00 |
|
|
18fd0631e1
|
Update lscr.io/linuxserver/nextcloud Docker tag to v28
/ terraform (push) Successful in 29s
/ ansible (push) Successful in 1m37s
|
2023-12-13 17:38:40 +00:00 |
|
|
05eee3f4de
|
Update gitea/gitea Docker tag to v1.21.2
/ terraform (push) Successful in 31s
/ ansible (push) Has been cancelled
|
2023-12-13 17:37:11 +00:00 |
|
|
e0f7b47961
|
Update lscr.io/linuxserver/mastodon Docker tag to v4.2.3
/ terraform (push) Successful in 1m4s
/ ansible (push) Successful in 2m6s
|
2023-12-05 18:00:28 +00:00 |
|
|
c0df505f70
|
Disable browser updates for nextcloud
/ terraform (push) Successful in 27s
/ ansible (push) Successful in 1m36s
|
2023-12-04 09:39:14 +00:00 |
|
|
aecd7c0a18
|
Upgrade nextcloud version in config
|
2023-12-04 09:38:43 +00:00 |
|