Commit graph

934 commits

Author SHA1 Message Date
8948437b66
Use official extension 2021-06-20 12:39:58 +01:00
e3502ae1e0
Provision dokku server 2021-06-20 12:12:34 +01:00
b20ffb27c4
Remove gotify
Never used it
2021-06-12 19:00:39 +01:00
4e5fa59c58
Add redis
This isn't really used as a cache, but it is for a couple bits, so nice to enable it anyway, and it might become so in future
2021-06-12 18:53:50 +01:00
290b147821
Thin out synapse config
Previously it was the vast majority of code in the whole repo. Now we only define the necessary keys, and rely much more on defaults, which is nice!
2021-06-12 18:49:29 +01:00
47e546d51a
Add synapse-admin
Useful to see what's going on on the server
2021-06-12 18:09:18 +01:00
3485f8e1f0
Actually version the ingress haproxy config 2021-06-12 17:32:47 +01:00
33fcf1a9e5
Fix matrix federation
Apparently this has been broken since like March...

It seems communication over port 8448 is required for server-to-server
comms, even if the client doesn't use it.
2021-06-12 17:32:47 +01:00
94e4592db6
Update synapse to 1.35.1 2021-06-12 16:46:16 +01:00
5d4817e840
Move some larger gitlab storage off tank
Means they'll be backed up less, but they're less important anyway
2021-06-07 20:24:59 +01:00
3c3f69a776
Remove unnecessary influxdb instance
Never used it anyway
2021-06-03 20:50:54 +01:00
d59e86a8e8
Remove unnecessary private_ip var from forrest
It was redundant
2021-06-03 20:47:33 +01:00
f1f2c620b0
Replace DHCP on PVE for static IPs
So much easier to deal with!
2021-06-03 20:47:08 +01:00
d751a023da
Promote GitLab to main git. domain 2021-06-02 19:49:28 +01:00
6c23180591
Remove gitea
I use GitLab now
2021-06-02 19:27:09 +01:00
9c2ebd60e8
Remove duplicati
We're a restic shop now!
2021-06-02 19:18:21 +01:00
51b3ffd33a
Allow containers to be cached on CI
There's an existing task to clean them up, and being out of date by a week isn't the end of the world
2021-06-01 21:51:18 +01:00
a867df04a5
Add a GitLab runner
Woo CI!
2021-06-01 19:29:21 +01:00
64ebaa67d0
Setup email for gitlab
Not super useful, but nice to enable it
2021-05-30 21:30:03 +01:00
e6d029e22e
Fix typo
D'oh!
2021-05-30 13:56:06 +01:00
bf5c95fbe2
Stop running everything at midnight 2021-05-30 13:55:44 +01:00
9a6eef0320
Use correct cidr for GitLab auth 2021-05-29 22:49:57 +01:00
d922bf30ef
Allow git user to authenticate over SSH 2021-05-29 22:01:28 +01:00
8610be3ac3
Rename host
"gitlab" sounds more like the hosted service, not mine
2021-05-29 22:01:01 +01:00
69abafd8c8
Put GitLab on a real domain 2021-05-29 16:21:47 +01:00
9118938fea
Remove some GitLab constraints
I don't need things that constrained. The defaults are probably fine, and better tested.
2021-05-29 15:44:01 +01:00
f063af2478
Reconfigure gitlab on machine start 2021-05-29 11:21:20 +01:00
c7bde8b3dd
Init a GitLab server
Some day i'll make up my mind on which server to use, honest!
2021-05-28 22:49:48 +01:00
5ac5e2f8ab
Stagger backup times 2021-05-23 20:37:41 +01:00
7063e55ea9
Increase line length 2021-05-22 20:28:36 +01:00
ee55100016
Update gitea 2021-05-21 21:57:16 +01:00
e6dbe08ce0
Update nextcloud 2021-05-21 21:48:15 +01:00
420ef3b95c
Update synapse 2021-05-21 21:47:32 +01:00
830bd862d9
Update nebula 2021-05-21 21:34:13 +01:00
48e07d2a7e
Rename more bitwarden things
Serving on both domains currently, i'll migrate clients and fix that
2021-05-18 22:18:05 +01:00
ae597a7359
Backup plain DB backups on walker 2021-05-16 15:36:56 +01:00
a124bff473
Add scheduling for backup and forgetting
Only forget on 1 machine
2021-05-16 15:34:37 +01:00
91725d5876
Add forget and prune commands 2021-05-16 14:39:44 +01:00
5f6dc6e177
Support backing up clickhouse to file
It's janky, but it works
2021-05-16 12:25:32 +01:00
b4936f5780
Revert "Store DB files compressed"
This reverts commit f4a289ae98.

Incremental backups work much better with plaintext
2021-05-16 11:16:25 +01:00
1431f7a30a
Add restic to walker 2021-05-09 14:26:21 +01:00
7fc67ca8d4
Put files in the root of the role 2021-05-08 16:47:25 +01:00
f4a289ae98
Store DB files compressed
Means external backups can still be compressed a bit
2021-05-08 16:45:08 +01:00
26cd35785c
Fix DB backup location 2021-05-08 16:45:08 +01:00
48c88347a9
Add some healthchecks integration to backup 2021-05-08 16:45:08 +01:00
781aa93892
Add some restic wrapper things 2021-05-08 16:45:08 +01:00
e7c2a7fb34
Provision a restic container 2021-05-07 19:38:11 +01:00
407e59ec5a
Use variables in prometheus config
Also replace grimes with walker
2021-05-05 18:12:42 +01:00
9b31efbf43
Destroy grimes
And the entire Linode integration
2021-05-05 18:11:14 +01:00
52429e0bc2
walker isn't a PVE VM 2021-05-04 20:41:19 +01:00
3da14e67dd
Replace minio with webdav for upload
Also made sure it all ran as the correct user
2021-05-04 14:08:08 +01:00
f62a1e8374
Replace minio with webdav
Much simpler and easier, and lower resources
2021-05-04 11:25:52 +01:00
ad415c2b53
Move website to walker 2021-05-02 17:24:10 +01:00
86482246b3
Move plausible to walker 2021-05-02 16:07:25 +01:00
fe748bfda7
Set permissions on media dir 2021-05-02 12:04:58 +01:00
4a0f7b701b
Install jellyfin through Ansible 2021-05-02 12:04:48 +01:00
a669e34f57
Update bitwarden_rs to vaultwarden
I'll do the full rename of everything another time
2021-05-01 23:00:37 +01:00
f2d3cb0835
Add a bash script to backup all database containers as text 2021-04-25 21:39:21 +01:00
8ab0d7cd80
Add duplicati to walker 2021-04-24 22:25:40 +01:00
1fcc63a5da
Move upload 2021-04-24 22:14:29 +01:00
c048e6d20e
Provision walker 2021-04-24 21:59:53 +01:00
03affd269f
FLoC Block
https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network
2021-04-18 22:30:26 +01:00
9ad64b444a
Update gotify 2021-04-16 22:19:27 +01:00
cd31c5f8a5
Update gitea 2021-04-16 22:12:08 +01:00
5d9ee7190d
Swap out deluge for qbittorrent
Just run on arch instead of docker, too. Much simpler.
2021-04-16 21:49:00 +01:00
943087b6ad
Fix the stupid postgres path for plausible
A lay over from when it was at home
2021-04-15 18:28:24 +01:00
5dc3db5dce
Remove need for geoip database
Apparently partial functionality is built-in to the container now
2021-04-15 18:21:18 +01:00
a25c0751fb
Update Plausible
Also required updating Clickhouse, due to syntax errors in migrations. It's also nice it's alpine now, and newer
2021-04-15 18:11:44 +01:00
4eec3292a6
Update wallabag 2021-04-11 12:54:59 +01:00
b6f23b31a9
Stop unnecessarily restarting tt-rss 2021-04-11 12:52:48 +01:00
3ce4626e29
Update synapse 2021-04-11 12:52:10 +01:00
62373bf352
Update nextcloud to 21.0.1 2021-04-11 12:48:02 +01:00
796375446e
Update gitea to 1.13.7 2021-04-11 12:42:15 +01:00
1c424cb2ef
Update some IP addresses
I really need to stop using these external addresses somewhen...
2021-04-07 22:11:24 +01:00
22d43c16a7
Correctly redirect http traffic to https
Bug caused by https://github.com/traefik/traefik/issues/8035
2021-04-06 11:56:05 +01:00
f0193b5807
Scale up bitwarden slightly
Should be able to handle a bit more, faster
2021-04-02 12:32:33 +01:00
e0311111af
Update bitwarden
Send functionality, woohoo!
2021-03-29 08:23:48 +01:00
ad6bab108a
Keep backups for slightly longer
This makes my occasional syncs less likely to do bad things
2021-03-28 19:47:34 +01:00
a1307ff3a5
Remove obsolete port 2021-03-28 16:30:07 +01:00
3c8d9fe940
Block all ports 2021-03-28 16:28:07 +01:00
4d218248fa
Remotely connect to fail2ban to do ports
Traefik can affect the edge, so blocks work there and prevent traffic hitting home network.
2021-03-28 16:06:36 +01:00
ac186f42e0
Keep fewer fail2ban logs 2021-03-28 13:06:01 +01:00
6973fb536f
Add fail2ban for traefik
Remote action coming soon
2021-03-28 13:05:38 +01:00
8398a2df21
Use endpoint middleware rather than hacky router 2021-03-27 23:34:34 +00:00
a5af5bea6c
Force bitwarden to use public DNS
It doesn't like creating icons for local IP spaces, so my overriden DNS doesn't play well
2021-03-27 18:45:06 +00:00
1d997d3c33
Remove separate private and protected IP 2021-03-27 18:42:06 +00:00
116e1adb50
Disable Traefik pilot on dashboard 2021-03-24 23:14:01 +00:00
36f6bd62bb
Update gitea to 1.13.6 2021-03-24 22:57:45 +00:00
5084bfecdf
Ignore PVE interface from f2b jails 2021-03-24 22:35:28 +00:00
f436e4660b
Remove intersect host config
is dead
2021-03-24 22:19:50 +00:00
e67e4565d3
Remove expose_ssh and support SSH listening on nebula and PVE
No more wireguard SSH for me
2021-03-24 22:19:29 +00:00
3c06eb748d
Update gitea to 1.13.5 2021-03-23 17:22:13 +00:00
ece0c841b2
Fix compose version
Mostly fix quotes, but also standardize
2021-03-21 18:51:38 +00:00
d4477c4bea
Add bitwarden_rs 2021-03-21 18:47:20 +00:00
65f9206b95
Fix NTP updates
Manually apply https://github.com/geerlingguy/ansible-role-ntp/pull/84, so machines actually update themselves via NTP
2021-03-13 18:46:45 +00:00
f6559ff1bd
Remove collabora
It doesn't seem to like being run inside LXC. I barely used it, anyway.
2021-03-12 23:35:39 +00:00
ab1e2fbae2
Increase ZFS RAM usage
If i've got a load of RAM free, it might as well be being used to cache ZFS!
2021-03-06 21:38:21 +00:00
3eb286c9bd
Move envrironment variables to docker
Using the `TTRSS_` prefix to follow upstream standard rather than container's

https://github.com/lunik1/docker-tt-rss/issues/3
2021-03-06 12:11:08 +00:00
8d136f0b55
Set default phone region for Nextcloud 2021-03-06 11:19:11 +00:00
9d6ed88e13
Monitor proxmox stats 2021-03-05 22:14:21 +00:00
d43d3433fa
Collect SMART metrics for disks 2021-03-05 20:50:08 +00:00
6b95b75fc2
Move telegraf to host
This makes metric collection for SMART much simpler. I'll still be using the prometheus node exporter for actual system metrics, though.
2021-03-05 20:39:11 +00:00
aa3da3cf10
Upgrade gitea to 1.13.3 2021-03-05 20:05:51 +00:00
89dbbc71e5
Move files into application directories 2021-03-05 14:40:17 +00:00
8e977edba1
Ignore go metrics 2021-03-05 14:27:33 +00:00
b264e5cbcc
Monitor traefik with prometheus rather than influxdb 2021-03-04 16:37:53 +00:00
e8960ebf27
Connect forrest to nebula hosts 2021-03-04 16:08:53 +00:00
2e05ed08fa
Use hostname rather than fqdn 2021-03-04 16:06:43 +00:00
a4eb26b129
Use Nebula as the primary private interface rather than wireguard 2021-03-04 16:02:42 +00:00
c6d9102e1e
Don't install NTP on LXC containers
This can cause issues with containers trying to sync the system clock, and getting it wrong
2021-03-04 15:45:47 +00:00
aba81f79bc
Add telegraf
And input to ping and output via prometheus
2021-03-04 15:16:54 +00:00
914676d209
Add prometheus for metrics 2021-03-04 14:53:03 +00:00
fe2450d43b
Add grafana docker network and restrict port binds 2021-03-04 14:39:40 +00:00
155bc837a8
Update synapse to 1.28 2021-03-02 12:31:07 +00:00
9d5c7e56e8
Move nextcloud things back to tank 2021-03-02 12:26:23 +00:00
21a2532f8a
Update nextcloud to 21 2021-03-02 12:03:13 +00:00
63d156c0a0
Stop always restarting whoami
whoami never sets `config_file`, so it's shadowed by whatever set it before
2021-02-27 22:09:24 +00:00
1413efdd19
Copy feed icons and DB to tank 2021-02-27 22:08:01 +00:00
a2fe3ca37a
Fix TT-RSS config
It needs to be environment variables now, but there's a bug where it doesn't read docker ones for some reason
2021-02-27 21:29:24 +00:00
b3a72eb8f1
Add influxdb server for metrics 2021-02-14 16:24:45 +00:00
ec0c78e6d9
Read emails from secrets 2021-02-14 12:29:14 +00:00
872471ef52
Setup email for grafana 2021-02-14 12:19:51 +00:00
f7a0877e72
Exclude nebula from fail2ban 2021-02-14 11:39:01 +00:00
d8f2a83dfe
Move grafana data back to pool 2021-02-14 11:33:46 +00:00
385917ba4e
Decrease find time
Hopefully reduce false-positive catches
2021-02-14 11:22:32 +00:00
3014e5d052
Provision privatebin 2021-02-12 23:32:31 +00:00
47df8164fa
Define timezone as variable 2021-02-10 09:12:42 +00:00
635f55d7bf
Update gitea to 1.13.2 2021-02-09 17:36:06 +00:00
149d01165f
Restore dockerized grafana setup
It's stil on a separate machine, but in docker to allow more applications to be run easier and tied together.
2021-02-09 09:16:52 +00:00
b940d22373
Install docker on forrest
I'll be migrating it to docker, so I can run more things simply under Docker
2021-02-08 21:56:06 +00:00
44a3fd4bc5
Only chown when the repos change
This keeps claiming it's changing things, even when nothing should have changed
2021-02-07 16:14:56 +00:00
870ac50c58
Update compose path to not be absolute
This relies on `which` to find the correct binary instead
2021-02-07 15:59:18 +00:00
a95ceb348f
Install docker from binary on debian distros
This is because the repos are usually super out of date, or at least can stray quite a bit
2021-02-07 15:56:25 +00:00
c4999d7b25
Use ansible collections for things 2021-02-07 13:02:14 +00:00
e8496ddced
Deploy deluge in docker
Makes version managing so much easier!
2021-02-01 17:24:36 +00:00
ac68b36841
Initially provision deluge machine
Based on Docker, so deluge itself is easier to install and keep updated. Until such time it's in the repos
2021-02-01 15:40:06 +00:00
54eee03524
Fix YAML linting and service name 2021-01-31 17:27:44 +00:00
7b9bab14fa
Remove stray variables file 2021-01-31 16:56:25 +00:00
c7fba8107a
Move grafana to forrest 2021-01-31 16:52:24 +00:00
a79e54d45a
Add forrest instance 2021-01-31 15:18:20 +00:00
058290b321
Keep track of IPs for PVE hosts
Yea they're all random, I'll deal with that later
2021-01-31 12:46:43 +00:00
9023b269eb
Allow PVE VMs to access nebula hosts via ingress 2021-01-31 12:19:33 +00:00
643d843bfb
Enable unsafe routing to PVE network over nebula 2021-01-30 22:59:56 +00:00
da301eb7dd
Provision remaining nebula instances 2021-01-30 20:47:11 +00:00
08ff5dcf94
Provision nebula certs using Ansible 2021-01-30 20:06:31 +00:00
92815a6f76
Add platform-agnostic installation of nebula 2021-01-30 19:10:52 +00:00
723372dd09
Name keys after hostname 2021-01-30 18:16:28 +00:00
703b3b194f
Make index read-only so it's not always reowned 2021-01-29 21:52:22 +00:00
062742bc5e
Update synapse 2021-01-29 21:44:34 +00:00
e1f3572a7c
Set pages install directory correctly 2021-01-29 21:35:01 +00:00
c5050381fc
Update plausible to v1.2 2021-01-29 21:34:44 +00:00
698804ff38
Remove gitlab 2021-01-28 19:54:03 +00:00
89a6c7680c
Decommission walker
Kimsufi is just too annoying of a host. Everything has either been moved off, killed, or has further plans.
2021-01-28 18:56:39 +00:00
b339cb0e2d
Move upload to grimes 2021-01-28 14:04:55 +00:00
909f693cba
Fix location of zpool command
TIL lookups are executed on the host
2021-01-26 22:02:58 +00:00
3de14efd9e
Remove heimdall
I've literally not used it since setting it up
2021-01-26 21:53:52 +00:00
a44a79031a
Init some skeleton nebula stuff 2021-01-25 21:53:04 +00:00
0ecd884a9a
Deploy yourls 2021-01-22 21:29:27 +00:00
2a8f715eca
Add redis cache for gitea 2021-01-22 18:59:52 +00:00
cc847a069c
Resolve zpool location
Hopefully this means they actually run
2021-01-22 15:29:41 +00:00
a2c6d7c276
Swap out alpine for debian on ingress
Mostly for future nebula deployment
2021-01-22 14:53:02 +00:00
0f9802a46c
Install duplicati on PVE docker machine
Requires some changes to how private IPs are specified, which I really need to clean up at some point!
2021-01-20 21:38:01 +00:00
f6c176d2f0
Ensure duplicati base is always updated 2021-01-20 21:30:25 +00:00
fce8cf3768
Update nextcloud 2021-01-20 20:58:28 +00:00
76eeeec260
Update wallabag 2021-01-20 20:39:27 +00:00
3321b852a5
Update traefik to v2.4 2021-01-20 20:33:57 +00:00
700360eb96
Update synapse 2021-01-20 20:20:09 +00:00
3e8a3b2c6b
Update gotify 2021-01-20 20:02:01 +00:00
48c507e0c3
Up page sizes for gitea stuff
Screw paginating!
2021-01-19 21:20:00 +00:00
26905e245b
Hide heatmap on gitea
It's kinda useless at this scale
2021-01-19 17:42:10 +00:00
41915ec69c
Replace gitlab with gitea
Leave gitlab in place for a bit in case I need to get at data
2021-01-18 20:14:38 +00:00
f9187109c7
Correct router name for pages 2021-01-17 20:03:02 +00:00
ac4a93e0ed
Setup DNS for pages 2021-01-17 12:49:23 +00:00
b992df0313
Fix variable name for traefik conditional provider 2021-01-16 23:30:09 +00:00
604202fdce
Add traefik pages
Add it ready for the migration in future
2021-01-16 23:29:55 +00:00
e1ea938d59
Add file providers for jellyfin and HA 2021-01-13 22:12:58 +00:00
969674772c
Snapshot PVE root pool too 2021-01-10 13:23:36 +00:00
7672d99aa8
Remove homeassistant configuration
It's now in its own VM, and i'll deal with version control using the git integration there directly I suspect.
2021-01-10 13:12:19 +00:00
b40266b276
Add roles to handle PVE nag and repos 2021-01-09 23:21:35 +00:00
6dd86ea870
Limit ZFS ARC size on PVE 2021-01-09 22:32:55 +00:00
d87ec89887
Persist arc size
Modprobe only loads the module, it doesn't ensure the ARC value persists correctly.
2021-01-09 22:25:29 +00:00
0c6e9969bc
Give myself passwordless sudo access to zfs stuff
This is needed for syncoid pulls
2021-01-09 21:36:09 +00:00
c3053e9378
Fix location for sanoid install
This makes it sync up with where the systemd services expect them to be
2021-01-09 21:28:16 +00:00
7d235e67e0
Add ZFS configuration for PVE 2021-01-09 21:27:52 +00:00
decf5176f7
Use systemd rather than cron for sanoid
It's more reliable and easier to get logs
2021-01-09 20:57:47 +00:00
57d9c9d288
Allow configuring of pools to scrub 2021-01-09 20:52:51 +00:00
721bdf60b3
Fix quotes 2021-01-09 18:32:16 +00:00
1b72afdd29
Remove scrutiny role
SMART checks are handeld by PVE / something else in future
2021-01-09 18:30:28 +00:00
0506a78d02
Listen on public port
Makes connection so much easier
2021-01-09 18:25:08 +00:00
8fe8788458
Move ARC size to defaults so it can be easily changed 2021-01-09 18:24:52 +00:00
5b495688cd
Remove intersect wireguard keys 2021-01-09 18:23:10 +00:00
c38ecfebd7
Update gateway to point to ingress instance 2021-01-09 18:17:54 +00:00
fef7f2c2b4
Move docker containers to new PVE container 2021-01-09 18:02:17 +00:00
a35f2f91ff
Default to using python3 over "legacy python" 2021-01-09 17:55:29 +00:00
0355b6b214
Remove jellyfin docker config
It'll be replaced by something else later, don't worry.
2021-01-09 17:17:12 +00:00
2300426f0f
Move default variables into role defaults rather than group vars 2020-12-28 16:23:12 +00:00
422062ae63
Fix lint warning around missing mode
This only applies to directories https://stackoverflow.com/a/29793833
2020-12-28 16:16:35 +00:00
3338a1f898
Add jellyfin host
Role TBC
2020-12-28 16:08:15 +00:00
6267363ab0
Provision docker VM 2020-12-28 15:57:44 +00:00
bdfd38c9fe
Allow traefik to run on non-wireguard host 2020-12-28 15:55:45 +00:00
4f1e54baab
Actually enable timer 2020-12-28 15:14:50 +00:00
58879d2e1d
Ensure fail2ban and logrotate are available on all machines 2020-12-27 22:39:33 +00:00
b11dbfc829
Move traefik file provider to use directory rather than single file
This makes future composition possible
2020-12-22 15:53:03 +00:00
0353887590
Add override to ensure ZFS starts before docker
Stolen with love from 7dda0bc7cb
2020-12-21 21:37:46 +00:00
30cb9e52e7
Install and provision wireguard client on ingress server 2020-12-21 18:24:35 +00:00
3197953796
Provision PVE and ingress VM 2020-12-21 17:11:38 +00:00
44fb8f5380
Set some image resizing preferences
This stops the thumbnailing being quite as intensive
2020-12-11 17:39:58 +00:00
2bfad84071
Pin wallabag to newer version
2.4.0 came out *finally*
2020-12-11 17:39:35 +00:00
5a808e90e0
Update synapse 2020-12-11 17:36:06 +00:00
af1b7f754c
Update nextcloud to 20.0.3 2020-12-11 17:35:50 +00:00
8e6a3324a1
Install duplicati on grimes
Makes backing up website things a bit easier
2020-12-07 18:09:29 +00:00
6d75272d34
Move plausible to new server 2020-12-05 12:33:50 +00:00
e1dd6c4c05
Init new web server on Linode
I'll terraform it later, honest!
2020-12-04 23:02:19 +00:00
08bb8f22ca
Add feediron plugin for tt-rss 2020-11-25 13:16:13 +00:00
b5d676b6fe
Install fever plugin for tt-rss
Had to chown the directory afterwards, as git wouldn't play nice with `become_user`
2020-11-25 13:00:06 +00:00
48762bcfcd
Remove redundant quoting 2020-11-25 11:41:26 +00:00
a35ee7c824
Change base URL to default so the tracker script still uses disguised domain 2020-11-25 11:40:54 +00:00
2b291548f9
Just do plain path replacement 2020-11-25 11:38:47 +00:00
a81e2793f8
Add a secondary domain for plausible less likely to match blockers
Might change things, might not. But it's a fun experiment to try anyway.

Using a custom middleware to override the path due to https://github.com/plausible/analytics/pull/340
2020-11-25 11:11:29 +00:00
e8d3a72ea8
Update nextcloud to 20.0.2 2020-11-22 15:40:23 +00:00
1d8f54c778
Update synapse 2020-11-22 15:32:17 +00:00
3ddfd77bdf
Stop running synapse as root 2020-11-22 15:08:08 +00:00
310feaf332
Use correct args to build synapse DB 2020-11-22 15:07:34 +00:00
367de37fab
Actually disable unnecessary logging rather than change level
Also disable even more of them
2020-11-12 23:01:32 +00:00
2a4b3ec3e6
Increase timeout for SSH sessions
Stll check relatively often the client is still there, but check many times so the connection stays open a decent amount of time. Especially useful for long-running commands.
2020-11-08 22:04:30 +00:00
f5c7c094d3
Fix gotify container name
Gotify != duplicati
2020-11-08 11:07:57 +00:00
5c1f17e2aa
Update synapse 2020-10-28 18:22:30 +00:00
0fc57049e4
Update nextcloud to 20.0.1 2020-10-28 15:22:49 +00:00
f450d4a8f2
Pin jellyfin version 2020-10-27 17:38:10 +00:00
f414781182
Use new whoami container 2020-10-27 16:13:14 +00:00
c63506d2bc
Pin traefik to patch version 2020-10-27 16:13:14 +00:00
6ae8d0febe
Pin plausible versions 2020-10-27 16:13:14 +00:00
f665b87965
Allow NTP role to manage config
Hopefully this closes the port
2020-10-24 17:36:39 +01:00
ff72f5a25e
Move nextcloud data dir to ZFS 2020-10-24 14:26:30 +01:00
5eb3870fbe
Set mode on fail2ban filter and jail 2020-10-24 12:10:54 +01:00
8932ac828f
Add geoip database for plausible 2020-10-24 12:10:37 +01:00
47ad40bb52
Remove watchtower, and do updates manually from now on
Keeps @IronicBadger happy!
2020-10-22 18:07:48 +01:00
efd22010b7
Use new LSIO mod which does more 2020-10-19 17:29:28 +01:00
a46525aa80
Move configuration for custom port to Traefik config rather than custom container expose
Still a work-around for https://github.com/plausible/analytics/pull/237
2020-10-18 22:31:23 +01:00
0ca3f36f7a
Move some more nextcloud components to ZFS 2020-10-18 18:02:48 +01:00
58605c1c24
Don't snapshot tank root
This makes syncoid unhappy, and is generally unnecessary
2020-10-18 17:45:49 +01:00
bedbb0f5f4
Fix service to restart 2020-10-16 19:16:42 +01:00
1930cc83e8
Use generic package module 2020-10-16 19:16:42 +01:00
b2e91d7d6d
Update haproxy fail2ban jail to use systemd for logs 2020-10-16 19:16:42 +01:00
4890c3d3e5
Revert "Remove fail2ban"
This reverts commit 1f0e33acc8.
2020-10-16 19:16:42 +01:00
30baed441e
Mount external files into nextcloud
Means some bits can live outside the nextcloud dir
2020-10-10 18:01:27 +01:00
b8ea056455
Remove netdata
Don't use it anyway
2020-10-09 23:39:55 +01:00
6852b84406
Change watchtower to run daily
A holdover until less of the containers are using `:latest`
2020-10-09 23:20:07 +01:00
5496744428
Remove web-rng 2020-10-09 23:11:53 +01:00
f7afaacbdc
Move website to be hosted on GitLab pages 2020-10-09 21:35:57 +01:00