Commit graph

101 commits

Author SHA1 Message Date
b3f00724d8 Update traefik Docker tag to v3
All checks were successful
/ terraform (push) Successful in 1m2s
/ ansible (push) Successful in 1m27s
2024-10-03 08:00:23 +01:00
d5a7a61171
Remove unnecessary use of become from some roles
All checks were successful
/ terraform (push) Successful in 38s
/ ansible (push) Successful in 1m30s
This should make execution much faster
2024-09-09 17:09:03 +01:00
cdaa626068
Only expose socket proxy on internal networks
All checks were successful
/ terraform (push) Successful in 37s
/ ansible (push) Successful in 1m32s
2024-09-09 12:18:09 +01:00
01c236e4e9 Remove Nebula
All checks were successful
/ terraform (push) Successful in 54s
/ ansible (push) Successful in 3m34s
I'm basically all in on Tailscale now
2024-09-01 20:21:29 +01:00
3a29c327b7
Remove version key from compose files
All checks were successful
/ terraform (push) Successful in 1m0s
/ ansible (push) Successful in 1m47s
2024-07-15 18:08:14 +01:00
393a947cb7
Remove f2b gateway bouncer
All checks were successful
/ terraform (push) Successful in 36s
/ ansible (push) Successful in 1m22s
To be replaced by something more sensible
2024-07-14 22:27:58 +01:00
f717c1be78
Decommission dokku
I don't use it, still. I have a better plan for doing this in future anyway...
2024-07-07 15:56:29 +01:00
8929a22ce5
Use LSIO docker socket proxy
All checks were successful
/ terraform (push) Successful in 53s
/ ansible (push) Successful in 1m31s
2024-04-23 19:52:48 +01:00
c472411801
Deploy uptime-kuma 2024-04-21 18:11:39 +01:00
7ff44ee238
Add IPv6 to proxmox internal network 2024-04-20 18:00:08 +01:00
7bc0ebeb26 Update traefik Docker tag to v2.11
Some checks failed
/ terraform (push) Failing after 2s
/ ansible (push) Failing after 2s
2024-04-15 17:43:05 +01:00
5157940f20
Stop exposing homeassistant
All checks were successful
/ terraform (push) Successful in 58s
/ ansible (push) Successful in 1m52s
2024-03-23 11:54:26 +00:00
eb6fe3a23b
Allow forrest to access internal services
All checks were successful
/ terraform (push) Successful in 36s
/ ansible (push) Successful in 1m36s
This is mostly for monitoring
2024-03-22 18:13:25 +00:00
b2656bdf43
Make vaultwarden VPN only
All checks were successful
/ terraform (push) Successful in 33s
/ ansible (push) Successful in 1m36s
The first service to go dark...
2024-03-21 23:20:27 +00:00
f88d224168
Allow only exposing services over Tailscale
Some checks failed
/ terraform (push) Failing after 41s
/ ansible (push) Successful in 1m41s
This works using public DNS, so doesn't need Tailscale's magic DNS to override my local.
2024-03-07 22:30:10 +00:00
808e72553b
Add the basics of some edge caching
Some checks failed
/ ansible (push) Has been cancelled
/ terraform (push) Has been cancelled
2024-02-21 21:42:16 +00:00
b6eca40ae0
Allow tailscale IP in more places 2024-02-07 18:21:16 +00:00
b33e19e152
Remove unnecessary extra variable definitions
The world could do with a bit less YAML!
2023-12-14 22:03:23 +00:00
37b8c48a77
Remove legacy short domains
All checks were successful
/ terraform (push) Successful in 1m24s
/ ansible (push) Successful in 2m47s
I never used them, and the certificate renewal didn't work anyway.
2023-10-02 09:37:05 +01:00
a54a91ea44
Deploy a dokku 2023-10-01 16:34:01 +01:00
4de69e3955
Rotate Gandi API key
All checks were successful
/ terraform (push) Successful in 41s
/ ansible (push) Successful in 1m53s
Had to regenerate it to debug an issue
2023-07-17 15:03:04 +01:00
0e9e63d8b7
Use correct gandi API 2023-07-17 15:03:04 +01:00
7619e826f4
Remove deprecated traefik hub config
All checks were successful
/ terraform (push) Successful in 1m27s
/ ansible (push) Successful in 2m31s
2023-06-26 09:27:16 +01:00
2af9f8529d
Fix new ansible-lint errors
All checks were successful
/ terraform (push) Successful in 46s
/ ansible (push) Successful in 1m53s
Quite a few changes here, hopefully they work!
2023-06-15 15:16:19 +01:00
ddd6af21cf
Allow Traefik to use DNS-01 challenge to Gandi
All checks were successful
/ ansible (push) Successful in 2m55s
/ terraform (push) Successful in 33s
2023-04-23 20:26:37 +01:00
2c9ab7fd29 Update traefik Docker tag to v2.10
All checks were successful
terraform
ansible
2023-04-09 17:02:00 +01:00
d52f0bc8b2
Remove gitlab configuration 2023-03-30 22:56:35 +01:00
a78c4680c4
Move notes to GitLab
All checks were successful
ansible
terraform
2023-03-29 22:36:03 +01:00
fc577f21b8
Update Traefik to 2.9 2022-11-01 20:50:30 +00:00
4c8d5ffe44
Remove all references to traefik pages 2022-11-01 20:30:16 +00:00
58730fcbeb
Move pages hosting to GitLab pages 2022-10-09 18:26:49 +01:00
491061d900
Remove shenanigans
It's not enabled, and it's 1 less container to deal with
2022-10-09 17:40:22 +01:00
6d890a6991
Setup slides domain 2022-10-08 17:37:28 +01:00
41582f50db
Set up GitLab pages 2022-10-08 15:51:37 +01:00
73f165c521
Revert "Update traefik to 2.8"
This reverts commit a695818355.

This causes problems with traefik-pages
2022-08-16 10:17:53 +01:00
4eab0d4f01
Don't mount docker socket to traefik
It was already configured to use the proxy, and was running as non-root
anyway, so likely didn't have access to it in the first place.
2022-08-16 09:38:27 +01:00
a695818355
Update traefik to 2.8 2022-08-01 15:02:09 +01:00
cf763d07f2
Stop capturing logs for containers I don't care about 2022-06-20 21:25:13 +01:00
0d5913ce3c
Disable any hub integrations 2022-06-18 22:09:59 +01:00
df28b56857
Update traefik to 2.7 2022-06-18 22:09:49 +01:00
5b586f2608
Add container to extract TLS certs from traefik into standard format
Disable its network access, just in case
2022-06-13 21:18:45 +01:00
793506492f
No shenanigans by default
This causes strange problems with nextcloud
2022-03-23 19:30:22 +00:00
293aed0fd3
Enable GitLab registry 2022-02-25 21:48:13 +00:00
4562b60517
Update Traefik to 2.6 2022-02-08 08:55:50 +00:00
f07b5d9b7b
Migrate include: to include_tasks 2022-01-22 20:21:32 +00:00
6db0500e1b
Provision remote f2b key with ansible 2022-01-21 22:11:49 +00:00
5cc552d0eb
Add container to automatically backup DBs 2022-01-16 17:51:03 +00:00
6c0314b758
Add an nginx container to do crazy things with traefik 2022-01-16 14:08:38 +00:00
d5c7d94ac8
Run traefik as dockeruser, and without host networking
This required port forwarding, a docker proxy, and a docker network, but the end result should be much more secure!
2022-01-15 23:44:06 +00:00
8d40a49780
Move traefik pages secret into full vault file
Trialing a new pattern for vault storage
2021-12-20 21:17:25 +00:00