18603d726e
Add username to proxmox-nag-removal role
...
Makes it obviously not one of mine
2021-06-25 22:47:21 +01:00
09a010f28e
Version snapraid config
...
Using fork of role at https://github.com/IronicBadger/ansible-role-snapraid/pull/7
2021-06-25 22:43:26 +01:00
b82e87c04b
Remove unnecessary which
...
`cron` doesn't need a full path
2021-06-25 20:57:19 +01:00
50c5ed68e3
Install some dokku plugins
2021-06-22 22:57:02 +01:00
83c84abc62
Use dokku role to install it
...
I also switched the host to debian, as the arch install didn't quite work.
2021-06-22 22:08:01 +01:00
9296c88ae4
Remove date from DB backups
2021-06-20 15:23:15 +01:00
bb5bbf16f5
Remove alpine special case
...
https://github.com/ansible-collections/community.general/pull/1722 has shipped.
2021-06-20 12:43:59 +01:00
8948437b66
Use official extension
2021-06-20 12:39:58 +01:00
e3502ae1e0
Provision dokku server
2021-06-20 12:12:34 +01:00
b20ffb27c4
Remove gotify
...
Never used it
2021-06-12 19:00:39 +01:00
4e5fa59c58
Add redis
...
This isn't really used as a cache, but it is for a couple bits, so nice to enable it anyway, and it might become so in future
2021-06-12 18:53:50 +01:00
290b147821
Thin out synapse config
...
Previously it was the vast majority of code in the whole repo. Now we only define the necessary keys, and rely much more on defaults, which is nice!
2021-06-12 18:49:29 +01:00
47e546d51a
Add synapse-admin
...
Useful to see what's going on on the server
2021-06-12 18:09:18 +01:00
3485f8e1f0
Actually version the ingress haproxy config
2021-06-12 17:32:47 +01:00
33fcf1a9e5
Fix matrix federation
...
Apparently this has been broken since like March...
It seems communication over port 8448 is required for server-to-server
comms, even if the client doesn't use it.
2021-06-12 17:32:47 +01:00
94e4592db6
Update synapse to 1.35.1
2021-06-12 16:46:16 +01:00
5d4817e840
Move some larger gitlab storage off tank
...
Means they'll be backed up less, but they're less important anyway
2021-06-07 20:24:59 +01:00
3c3f69a776
Remove unnecessary influxdb instance
...
Never used it anyway
2021-06-03 20:50:54 +01:00
d59e86a8e8
Remove unnecessary private_ip
var from forrest
...
It was redundant
2021-06-03 20:47:33 +01:00
f1f2c620b0
Replace DHCP on PVE for static IPs
...
So much easier to deal with!
2021-06-03 20:47:08 +01:00
d751a023da
Promote GitLab to main git.
domain
2021-06-02 19:49:28 +01:00
6c23180591
Remove gitea
...
I use GitLab now
2021-06-02 19:27:09 +01:00
9c2ebd60e8
Remove duplicati
...
We're a restic shop now!
2021-06-02 19:18:21 +01:00
51b3ffd33a
Allow containers to be cached on CI
...
There's an existing task to clean them up, and being out of date by a week isn't the end of the world
2021-06-01 21:51:18 +01:00
a867df04a5
Add a GitLab runner
...
Woo CI!
2021-06-01 19:29:21 +01:00
64ebaa67d0
Setup email for gitlab
...
Not super useful, but nice to enable it
2021-05-30 21:30:03 +01:00
e6d029e22e
Fix typo
...
D'oh!
2021-05-30 13:56:06 +01:00
bf5c95fbe2
Stop running everything at midnight
2021-05-30 13:55:44 +01:00
9a6eef0320
Use correct cidr for GitLab auth
2021-05-29 22:49:57 +01:00
d922bf30ef
Allow git
user to authenticate over SSH
2021-05-29 22:01:28 +01:00
8610be3ac3
Rename host
...
"gitlab" sounds more like the hosted service, not mine
2021-05-29 22:01:01 +01:00
69abafd8c8
Put GitLab on a real domain
2021-05-29 16:21:47 +01:00
9118938fea
Remove some GitLab constraints
...
I don't need things that constrained. The defaults are probably fine, and better tested.
2021-05-29 15:44:01 +01:00
f063af2478
Reconfigure gitlab on machine start
2021-05-29 11:21:20 +01:00
c7bde8b3dd
Init a GitLab server
...
Some day i'll make up my mind on which server to use, honest!
2021-05-28 22:49:48 +01:00
5ac5e2f8ab
Stagger backup times
2021-05-23 20:37:41 +01:00
7063e55ea9
Increase line length
2021-05-22 20:28:36 +01:00
ee55100016
Update gitea
2021-05-21 21:57:16 +01:00
e6dbe08ce0
Update nextcloud
2021-05-21 21:48:15 +01:00
420ef3b95c
Update synapse
2021-05-21 21:47:32 +01:00
830bd862d9
Update nebula
2021-05-21 21:34:13 +01:00
48e07d2a7e
Rename more bitwarden things
...
Serving on both domains currently, i'll migrate clients and fix that
2021-05-18 22:18:05 +01:00
ae597a7359
Backup plain DB backups on walker
2021-05-16 15:36:56 +01:00
a124bff473
Add scheduling for backup and forgetting
...
Only forget on 1 machine
2021-05-16 15:34:37 +01:00
91725d5876
Add forget and prune commands
2021-05-16 14:39:44 +01:00
5f6dc6e177
Support backing up clickhouse to file
...
It's janky, but it works
2021-05-16 12:25:32 +01:00
b4936f5780
Revert "Store DB files compressed"
...
This reverts commit f4a289ae98
.
Incremental backups work much better with plaintext
2021-05-16 11:16:25 +01:00
1431f7a30a
Add restic to walker
2021-05-09 14:26:21 +01:00
7fc67ca8d4
Put files in the root of the role
2021-05-08 16:47:25 +01:00
f4a289ae98
Store DB files compressed
...
Means external backups can still be compressed a bit
2021-05-08 16:45:08 +01:00
26cd35785c
Fix DB backup location
2021-05-08 16:45:08 +01:00
48c88347a9
Add some healthchecks integration to backup
2021-05-08 16:45:08 +01:00
781aa93892
Add some restic wrapper things
2021-05-08 16:45:08 +01:00
e7c2a7fb34
Provision a restic container
2021-05-07 19:38:11 +01:00
407e59ec5a
Use variables in prometheus config
...
Also replace grimes with walker
2021-05-05 18:12:42 +01:00
9b31efbf43
Destroy grimes
...
And the entire Linode integration
2021-05-05 18:11:14 +01:00
52429e0bc2
walker
isn't a PVE VM
2021-05-04 20:41:19 +01:00
3da14e67dd
Replace minio with webdav for upload
...
Also made sure it all ran as the correct user
2021-05-04 14:08:08 +01:00
f62a1e8374
Replace minio with webdav
...
Much simpler and easier, and lower resources
2021-05-04 11:25:52 +01:00
ad415c2b53
Move website to walker
2021-05-02 17:24:10 +01:00
86482246b3
Move plausible to walker
2021-05-02 16:07:25 +01:00
fe748bfda7
Set permissions on media dir
2021-05-02 12:04:58 +01:00
4a0f7b701b
Install jellyfin through Ansible
2021-05-02 12:04:48 +01:00
a669e34f57
Update bitwarden_rs to vaultwarden
...
I'll do the full rename of everything another time
2021-05-01 23:00:37 +01:00
f2d3cb0835
Add a bash script to backup all database containers as text
2021-04-25 21:39:21 +01:00
8ab0d7cd80
Add duplicati to walker
2021-04-24 22:25:40 +01:00
1fcc63a5da
Move upload
2021-04-24 22:14:29 +01:00
c048e6d20e
Provision walker
2021-04-24 21:59:53 +01:00
03affd269f
FLoC Block
...
https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network
2021-04-18 22:30:26 +01:00
9ad64b444a
Update gotify
2021-04-16 22:19:27 +01:00
cd31c5f8a5
Update gitea
2021-04-16 22:12:08 +01:00
5d9ee7190d
Swap out deluge for qbittorrent
...
Just run on arch instead of docker, too. Much simpler.
2021-04-16 21:49:00 +01:00
943087b6ad
Fix the stupid postgres path for plausible
...
A lay over from when it was at home
2021-04-15 18:28:24 +01:00
5dc3db5dce
Remove need for geoip database
...
Apparently partial functionality is built-in to the container now
2021-04-15 18:21:18 +01:00
a25c0751fb
Update Plausible
...
Also required updating Clickhouse, due to syntax errors in migrations. It's also nice it's alpine now, and newer
2021-04-15 18:11:44 +01:00
4eec3292a6
Update wallabag
2021-04-11 12:54:59 +01:00
b6f23b31a9
Stop unnecessarily restarting tt-rss
2021-04-11 12:52:48 +01:00
3ce4626e29
Update synapse
2021-04-11 12:52:10 +01:00
62373bf352
Update nextcloud to 21.0.1
2021-04-11 12:48:02 +01:00
796375446e
Update gitea to 1.13.7
2021-04-11 12:42:15 +01:00
1c424cb2ef
Update some IP addresses
...
I really need to stop using these external addresses somewhen...
2021-04-07 22:11:24 +01:00
22d43c16a7
Correctly redirect http traffic to https
...
Bug caused by https://github.com/traefik/traefik/issues/8035
2021-04-06 11:56:05 +01:00
f0193b5807
Scale up bitwarden slightly
...
Should be able to handle a bit more, faster
2021-04-02 12:32:33 +01:00
e0311111af
Update bitwarden
...
Send functionality, woohoo!
2021-03-29 08:23:48 +01:00
ad6bab108a
Keep backups for slightly longer
...
This makes my occasional syncs less likely to do bad things
2021-03-28 19:47:34 +01:00
a1307ff3a5
Remove obsolete port
2021-03-28 16:30:07 +01:00
3c8d9fe940
Block all ports
2021-03-28 16:28:07 +01:00
4d218248fa
Remotely connect to fail2ban to do ports
...
Traefik can affect the edge, so blocks work there and prevent traffic hitting home network.
2021-03-28 16:06:36 +01:00
ac186f42e0
Keep fewer fail2ban logs
2021-03-28 13:06:01 +01:00
6973fb536f
Add fail2ban for traefik
...
Remote action coming soon
2021-03-28 13:05:38 +01:00
8398a2df21
Use endpoint middleware rather than hacky router
2021-03-27 23:34:34 +00:00
a5af5bea6c
Force bitwarden to use public DNS
...
It doesn't like creating icons for local IP spaces, so my overriden DNS doesn't play well
2021-03-27 18:45:06 +00:00
1d997d3c33
Remove separate private and protected IP
2021-03-27 18:42:06 +00:00
116e1adb50
Disable Traefik pilot on dashboard
2021-03-24 23:14:01 +00:00
36f6bd62bb
Update gitea to 1.13.6
2021-03-24 22:57:45 +00:00
5084bfecdf
Ignore PVE interface from f2b jails
2021-03-24 22:35:28 +00:00
f436e4660b
Remove intersect host config
...
is dead
2021-03-24 22:19:50 +00:00
e67e4565d3
Remove expose_ssh
and support SSH listening on nebula and PVE
...
No more wireguard SSH for me
2021-03-24 22:19:29 +00:00
3c06eb748d
Update gitea to 1.13.5
2021-03-23 17:22:13 +00:00
ece0c841b2
Fix compose version
...
Mostly fix quotes, but also standardize
2021-03-21 18:51:38 +00:00