25863241da
Add backblaze storage for gitea
...
/ terraform (push) Successful in 28s
/ ansible (push) Successful in 1m32s
Skip LFS, as repo data is easier to store on-disk
2023-04-27 21:12:57 +01:00
ddd6af21cf
Allow Traefik to use DNS-01 challenge to Gandi
/ ansible (push) Successful in 2m55s
/ terraform (push) Successful in 33s
2023-04-23 20:26:37 +01:00
f14b16ec26
Monitor YOURLS
2023-04-23 20:24:55 +01:00
1fbb1ec668
Update gitea/gitea Docker tag to v1.19.1
2023-04-13 08:00:30 +01:00
4cfebbc987
Update lscr.io/linuxserver/mastodon Docker tag to v4.1.2
2023-04-10 13:36:26 +01:00
6c01cb2cf9
Update vaultwarden/server Docker tag to v1.28.1
2023-04-10 13:36:01 +01:00
2c9ab7fd29
Update traefik Docker tag to v2.10
2023-04-09 17:02:00 +01:00
f64fe53983
Add email config for gitea
2023-04-07 17:32:00 +01:00
19c32996c2
Listen to X-Forwarded-* headers from everyone
2023-04-07 17:20:59 +01:00
f82078c4ae
Allow concurrent builds
2023-04-07 16:20:00 +01:00
547e6dcbb1
Add Plausible to Gitea
...
https://theorangeone.net/posts/plausible-gitea/
2023-04-07 11:29:12 +01:00
ae544a3a6b
Update URL for custom gitea branding
2023-04-07 11:28:52 +01:00
fcf0a373c3
Monitor gitea
2023-04-06 20:31:57 +01:00
5a2311bd8a
Point renovate to gitea
2023-03-30 23:12:17 +01:00
d52f0bc8b2
Remove gitlab configuration
2023-03-30 22:56:35 +01:00
4c443d67d1
Move website to gitlab.com
...
This means I can shut down my GitLab, without having to rewrite the CI quite yet
2023-03-30 22:43:14 +01:00
a78c4680c4
Move notes to GitLab
2023-03-29 22:36:03 +01:00
72267db739
Update gitea actions default to GitHub
...
If I need my own, I'll define them
2023-03-29 22:35:50 +01:00
79bf1ea8f8
Update nextcloud to 26
2023-03-28 20:21:59 +01:00
e792aa1332
Merge branch 'renovate/vaultwarden-server-1.x' into 'master'
...
Update vaultwarden/server Docker tag to v1.28.0
See merge request sys/infrastructure!125
2023-03-28 19:59:28 +01:00
882f2707aa
Update matrixdotorg/synapse Docker tag to v1.80.0
2023-03-28 14:00:53 +01:00
67f11e8134
Only log warning and above in gitea
2023-03-27 20:52:12 +01:00
3f4d48bdcc
Update vaultwarden/server Docker tag to v1.28.0
2023-03-26 22:00:51 +01:00
0c9a2aab0a
Add custom branding to gitea
2023-03-26 20:52:54 +01:00
c0fd7ea3ac
Allow imports from local IPs
...
Namely from other git servers on my network
2023-03-26 14:47:30 +01:00
a6a6fd9e76
Deploy gitea's runner
...
Unofficial container, because there isn't an official one
2023-03-26 00:01:55 +00:00
23c2f7bcec
Scale down mastodon a bit more
...
Fewer web and sidekiq threads
2023-03-25 14:21:44 +00:00
d6bc1f3bf9
Run the media cleanup script as a user with access to the docker socket
...
Woops!
2023-03-25 13:37:45 +00:00
07ff8820e9
Enable gitea actions
2023-03-21 13:36:34 +00:00
64a0bd58b0
Update gitea/gitea Docker tag to v1.19.0
2023-03-20 10:01:32 +00:00
d1a7b9e9e0
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
...
Update matrixdotorg/synapse Docker tag to v1.79.0
See merge request sys/infrastructure!117
2023-03-19 17:27:45 +00:00
7879e3f380
Merge branch 'renovate/vabene1111-recipes-1.x' into 'master'
...
Update vabene1111/recipes Docker tag to v1.4.8
See merge request sys/infrastructure!118
2023-03-19 17:27:01 +00:00
4f91976c72
Update lscr.io/linuxserver/mastodon Docker tag to v4.1.1
2023-03-17 08:00:47 +00:00
3634be6a31
Update vabene1111/recipes Docker tag to v1.4.8
2023-03-15 08:00:49 +00:00
577da22dab
Update matrixdotorg/synapse Docker tag to v1.79.0
2023-03-14 18:00:45 +00:00
7db08defcb
Update renovate/renovate Docker tag to v35
2023-03-10 14:02:08 +00:00
dd3930c12e
Update matrixdotorg/synapse Docker tag to v1.78.0
2023-02-28 18:00:48 +00:00
2f3958b3e6
Reduce speedtest interval
...
I don't need it to run that often
2023-02-28 08:40:26 +00:00
d76ad472bc
Make sure git commands are run as the correct user
2023-02-23 21:50:34 +00:00
49c77c611c
Update nextcloud config file version, too
2023-02-23 21:43:28 +00:00
7882a5b035
Merge branch 'renovate/lscr.io-linuxserver-nextcloud-25.x' into 'master'
...
Update lscr.io/linuxserver/nextcloud Docker tag to v25.0.4
See merge request sys/infrastructure!112
2023-02-23 21:37:55 +00:00
92012a42e1
Remove authentik
...
It's a bigger application than I need, and I wasn't actually using it for anything anyway
2023-02-23 19:50:44 +00:00
316e7de07a
Update lscr.io/linuxserver/nextcloud Docker tag to v25.0.4
2023-02-23 18:01:07 +00:00
b0cf6c2680
Merge branch 'renovate/gitea-gitea-1.x' into 'master'
...
Update gitea/gitea Docker tag to v1.18.5
See merge request sys/infrastructure!111
2023-02-23 17:52:01 +00:00
1764b66d2f
Update website hosting for it being fronted by nginx
2023-02-22 10:41:49 +00:00
9d57206263
Update gitea/gitea Docker tag to v1.18.5
2023-02-21 20:01:39 +00:00
030481b287
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
...
Update matrixdotorg/synapse Docker tag to v1.77.0
See merge request sys/infrastructure!108
2023-02-20 08:34:30 +00:00
ba684d1002
Update gitea/gitea Docker tag to v1.18.4
2023-02-20 08:01:35 +00:00
11eb833f44
Add some prometheus alerts
2023-02-19 18:31:52 +00:00
4332989e6f
Update matrixdotorg/synapse Docker tag to v1.77.0
2023-02-14 14:02:16 +00:00
ac86cfaab0
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
...
Update matrixdotorg/synapse Docker tag to v1.76.0
See merge request sys/infrastructure!103
2023-02-13 08:48:54 +00:00
bfb7e41549
Merge branch 'renovate/wallabag-wallabag-2.x' into 'master'
...
Update wallabag/wallabag Docker tag to v2.5.4
See merge request sys/infrastructure!104
2023-02-13 08:47:24 +00:00
67568cf3b1
Merge branch 'renovate/vabene1111-recipes-1.x' into 'master'
...
Update vabene1111/recipes Docker tag to v1.4.7
See merge request sys/infrastructure!105
2023-02-13 08:46:35 +00:00
64c1f7b90e
Update vabene1111/recipes Docker tag to v1.4.7
2023-02-12 22:01:39 +00:00
1655cd1e17
Update lscr.io/linuxserver/mastodon Docker tag to v4.1.0
2023-02-11 08:02:19 +00:00
af2d9e9e45
Update wallabag/wallabag Docker tag to v2.5.4
2023-02-07 22:01:41 +00:00
f2f9e194c5
Install node-exporter on pi-hole
2023-01-31 23:10:31 +00:00
e4fba8208e
Add speedtest exporter
2023-01-31 21:45:59 +00:00
d68175705c
Update matrixdotorg/synapse Docker tag to v1.76.0
2023-01-31 18:02:16 +00:00
051b5b0e19
Add ICMP checks
2023-01-31 14:29:27 +00:00
ddc91059b5
Replace telegraf with prometheus exporters
...
Still missing SMART and ping, but those can come later.
Swapped as the polling model for prometheus doesn't play especially well with telegraf, and leads to gaps in data
2023-01-31 09:11:09 +00:00
0322291557
Use better DNS servers from quad9
...
Mostly using more
2023-01-30 20:15:44 +00:00
5017b3ad78
Add mastodon cleanup script
2023-01-29 19:46:47 +00:00
f063b09540
Enable gitea federation
2023-01-29 17:45:39 +00:00
360a250b4a
Merge branch 'renovate/ghcr.io-goauthentik-server-2023.x' into 'master'
...
Update ghcr.io/goauthentik/server Docker tag to v2023.1.2
See merge request sys/infrastructure!100
2023-01-28 22:03:15 +00:00
c0b179c312
Merge branch 'renovate/gitea-gitea-1.x' into 'master'
...
Update gitea/gitea Docker tag to v1.18.3
See merge request sys/infrastructure!102
2023-01-28 22:02:58 +00:00
4fd3945c47
Add robots.txt for gitea
2023-01-28 15:32:34 +00:00
848c0f03e1
Update gitea/gitea Docker tag to v1.18.3
2023-01-27 18:01:57 +00:00
a443d56a1c
Add a gitea deployment
...
Yep, it's that time of year _again_
2023-01-27 17:28:45 +00:00
5e9c5f7683
Version pihole settings
2023-01-24 20:15:21 +00:00
66c900f76e
Update ghcr.io/goauthentik/server Docker tag to v2023.1.2
2023-01-23 16:01:09 +00:00
7edf6899f3
Update nextcloud to 25.0.3
2023-01-19 22:43:09 +00:00
37af66e944
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
...
Update matrixdotorg/synapse Docker tag to v1.75.0
See merge request sys/infrastructure!98
2023-01-19 22:28:59 +00:00
81d2194d5a
Update ghcr.io/goauthentik/server Docker tag to v2023
2023-01-18 16:01:52 +00:00
23eccb6d73
Update matrixdotorg/synapse Docker tag to v1.75.0
2023-01-17 14:02:10 +00:00
ad50176ee9
Add internal alias to pihole
2023-01-08 18:36:03 +00:00
e8ac8b304e
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
...
Update matrixdotorg/synapse Docker tag to v1.74.0
See merge request sys/infrastructure!94
2023-01-06 09:00:01 +00:00
bd929f28e5
Update ghcr.io/goauthentik/server Docker tag to v2022.12.2
2023-01-05 10:01:45 +00:00
905f0f2b08
Update vaultwarden/server Docker tag to v1.27.0
2022-12-24 18:01:58 +00:00
49372f7c8e
Update matrixdotorg/synapse Docker tag to v1.74.0
2022-12-20 18:02:55 +00:00
6d5570b0f2
Update YOURLS' mariadb to 10.10
2022-12-13 09:14:06 +00:00
b6705788e6
Update nextcloud's mariadb to 10.6
...
This is the latest it supports
2022-12-13 09:14:06 +00:00
167b8bd140
Keep GitLab backups for 2 weeks
2022-12-13 09:14:06 +00:00
7c168fd28c
Update plausible to 1.5
...
Update Clickhouse at the same time
2022-12-13 09:14:06 +00:00
6fc6366c33
Update nextcloud to 25.0.2
2022-12-13 09:14:06 +00:00
6c2c87e43e
Merge branch 'renovate/ghcr.io-goauthentik-server-2022.x' into 'master'
...
Update ghcr.io/goauthentik/server Docker tag to v2022.11.3
See merge request sys/infrastructure!77
2022-12-13 08:55:08 +00:00
55764ada6c
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
...
Update matrixdotorg/synapse Docker tag to v1.73.0
See merge request sys/infrastructure!79
2022-12-13 08:54:50 +00:00
e86ed81102
Decommission decker
server
...
It's been replaced by prometheus running internally, and uptimerobot checking.
2022-12-09 19:04:54 +00:00
f1c9e10d9a
Use IPv4 on blackbox
...
The docker networks they're running on are v4 only at the moment, so the DNS resolution passes by the connection fails.
2022-12-06 20:46:43 +00:00
2fb21223aa
Update matrixdotorg/synapse Docker tag to v1.73.0
2022-12-06 14:01:43 +00:00
bb4361e25f
Use a blackbox with custom DNS rather than proxy
...
This makes timing information more relevant and should improve reliability
2022-12-06 10:04:23 +00:00
772cf7536a
Run prometheus stack as docker user
2022-12-05 21:17:23 +00:00
53c969f2b8
Make prometheus config files read only
2022-12-05 21:12:55 +00:00
3e5b00d176
Add alertmanager
2022-12-05 21:10:41 +00:00
60514d191a
Exclude python stats for HA
2022-12-05 20:36:57 +00:00
ed7faf4678
Scrape healthchecks.io with prometheus and use it for outbound monitoring of prometheus scrapes
2022-12-05 14:41:48 +00:00
8e3b381b8d
Remove unused prometheus network
2022-12-04 22:12:55 +00:00
75862dbaf9
Setup blackbox for some HTTP monitoring
2022-12-04 22:11:49 +00:00
9d4eceab29
Update ghcr.io/goauthentik/server Docker tag to v2022.11.3
2022-12-03 14:02:05 +00:00
e89f13b8a9
Add collabora
2022-12-02 22:37:42 +00:00
ebfe057658
Add support for public dashboards in Grafana
2022-12-01 13:48:36 +00:00
41a853db55
Define tmpfs for website /tmp
...
This is needed for imagemagick to function correctly without consuming all disk space on the system
2022-11-30 14:08:10 +00:00
d5c08bd493
Update redis Docker tag to v7
2022-11-21 16:02:19 +00:00
8f78f24ea8
Unpin redis minor version on website
2022-11-21 15:21:33 +00:00
8076c62198
Merge branch 'renovate/vabene1111-recipes-1.x' into 'master'
...
Update vabene1111/recipes Docker tag to v1.4.5
See merge request sys/infrastructure!90
2022-11-21 14:51:06 +00:00
c388e6bbe1
Add more nginx processes for mastodon
2022-11-20 23:21:09 +00:00
406d9dbf09
Reduce mastodon streaming threads and run 1 thread per core
2022-11-20 23:00:58 +00:00
9b69b419a7
Reduce sidekiq threads on GitLab
2022-11-20 23:00:33 +00:00
a51854f48c
Shuffle around cron jobs to run earlier at night
2022-11-20 22:52:00 +00:00
3ec359ed0e
Deploy me a mastodon
2022-11-18 09:12:28 +00:00
88e3eee059
Prune containers more regularly
2022-11-17 20:37:24 +00:00
a1a153977e
Only keep 2 package versions
...
3 is the default
2022-11-17 20:36:58 +00:00
c91b1ba871
Allow website to handle traffic to second domain
2022-11-16 14:56:17 +00:00
330e7e9305
Clear pacman cache
2022-11-14 09:04:53 +00:00
a8b8c88f27
Update vabene1111/recipes Docker tag to v1.4.5
2022-11-09 14:01:00 +00:00
77e83fec6d
Fix synapse-admin URL
...
It no longer supports being run on a subdirectory with the stock container
2022-11-07 13:57:14 +00:00
b513858893
Update nextcloud to 25.0.1
2022-11-07 09:03:40 +00:00
2bbd1c681b
Allow proxying to any ports
...
On the assumption they're HTTP, it's probably fine to route to anything. We're not trying to act as a firewall
2022-11-06 22:16:48 +00:00
b9283ec445
Set port for HTTP proxies
2022-11-06 21:55:05 +00:00
041f791b60
Add squid as a forwarding proxy so containers are exposed through a VPN
...
Implementation isn't perfect, but as `qbittorrent` already had an outbound VPN connection, it makes sense to just reuse it.
2022-11-06 18:26:09 +00:00
fc577f21b8
Update Traefik to 2.9
2022-11-01 20:50:30 +00:00
4c8d5ffe44
Remove all references to traefik pages
2022-11-01 20:30:16 +00:00
d81ed290d7
Put the new website live
2022-10-30 12:04:15 +00:00
08afdd951e
Add hosting for new website
...
Top sneaky
2022-10-29 18:09:30 +01:00
8dd1f6cddf
Add nextcloud email config
2022-10-26 14:23:08 +01:00
0d24bd7e0c
Use correct location for nextcloud config file
2022-10-26 14:10:26 +01:00
d0cef763e1
Update Nextcloud to 25
2022-10-26 14:09:47 +01:00
27069281dc
Update renovate/renovate Docker tag to v34
2022-10-25 14:05:25 +01:00
bfacd3b6df
Merge branch 'renovate/wallabag-wallabag-2.x' into 'master'
...
Update wallabag/wallabag Docker tag to v2.5.2
See merge request sys/infrastructure!50
2022-10-25 08:46:19 +01:00
d4053908ab
Update renovate/renovate Docker tag to v33
2022-10-23 08:02:08 +01:00
f90e167774
Update wallabag/wallabag Docker tag to v2.5.2
2022-10-21 14:01:20 +01:00
4e77f0165a
Use persistent storage for tt-rss
...
Otherwise the container fails to find the cache directory due to how updates are handled.
2022-10-17 13:44:06 +01:00
d13d49447e
Merge branch 'renovate/louislam-uptime-kuma-1.x' into 'master'
...
Update louislam/uptime-kuma Docker tag to v1.18.5
See merge request sys/infrastructure!45
2022-10-17 13:33:41 +01:00
cecf9f03a2
Update vaultwarden/server Docker tag to v1.26.0
2022-10-15 18:09:57 +01:00
ed2414954e
Update louislam/uptime-kuma Docker tag to v1.18.5
2022-10-10 20:01:07 +01:00
7adda6ed1c
Update nextcloud to 24.0.6
2022-10-09 19:41:17 +01:00
2188c59372
Merge branch 'renovate/louislam-uptime-kuma-1.x' into 'master'
...
Update louislam/uptime-kuma Docker tag to v1.18.4
See merge request sys/infrastructure!44
2022-10-09 19:33:07 +01:00
58730fcbeb
Move pages hosting to GitLab pages
2022-10-09 18:26:49 +01:00
491061d900
Remove shenanigans
...
It's not enabled, and it's 1 less container to deal with
2022-10-09 17:40:22 +01:00
77bc6947ab
Update louislam/uptime-kuma Docker tag to v1.18.4
2022-10-09 10:01:04 +01:00
6d890a6991
Setup slides domain
2022-10-08 17:37:28 +01:00
41582f50db
Set up GitLab pages
2022-10-08 15:51:37 +01:00
2dc13c6f40
Update nebula to 1.6.1
2022-10-05 08:42:01 +01:00
521e6320fd
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
...
Update matrixdotorg/synapse Docker tag to v1.68.0
See merge request sys/infrastructure!39
2022-10-04 13:42:30 +01:00
681cff5ea7
Merge branch 'renovate/louislam-uptime-kuma-1.x' into 'master'
...
Update louislam/uptime-kuma Docker tag to v1.18.2
See merge request sys/infrastructure!42
2022-10-04 13:40:52 +01:00
62aab30dc8
Update louislam/uptime-kuma Docker tag to v1.18.2
2022-10-04 12:01:00 +01:00
81b302459e
Update vabene1111/recipes Docker tag to v1.4.4
2022-09-30 16:01:02 +01:00
b32b7ca629
Update matrixdotorg/synapse Docker tag to v1.68.0
2022-09-27 14:01:34 +01:00
02d5b2d8d3
Upgrade sanoid
2022-09-26 19:32:55 +01:00
67b890d639
Merge branch 'renovate/vabene1111-recipes-1.x' into 'master'
...
Update vabene1111/recipes Docker tag to v1.4.2
See merge request sys/infrastructure!37
2022-09-26 13:56:40 +01:00
5be1078639
Update vabene1111/recipes Docker tag to v1.4.2
2022-09-23 18:01:17 +01:00
bcc2bfd417
Update ghcr.io/goauthentik/server Docker tag to v2022.9.0
2022-09-23 12:01:29 +01:00
cf6cc7de7a
Add email to tandoor
2022-09-22 09:13:28 +01:00
356e04c005
Fewer workers / threads for authentik
2022-09-22 08:52:41 +01:00
92fdfd252a
Add email to authentik
2022-09-22 08:47:01 +01:00
98f2eea59b
Add email to plausible
2022-09-22 08:37:00 +01:00
9098fec232
Disable erlang multi-node distribution
2022-09-22 08:23:30 +01:00
2b590a55c9
Update vabene1111/recipes Docker tag to v1.4.1
2022-09-21 20:01:33 +01:00
71732b7b7c
Don't keep quite so many backups
...
This results in a huge index which some smaller VMs can't handle
2022-09-21 08:48:05 +01:00
eccefcd7e0
Replace Cloudflare's DNS with Quad9 where it makes sense
2022-09-18 19:55:35 +01:00
60e9454efe
Disable authentik startup analytics
2022-09-18 18:55:24 +01:00
f49b26c6f0
Deploy authentik
...
Not integrated into other services quite yet. But it's there
2022-09-18 18:49:17 +01:00
4f0ee78b7e
Update grafana to use mailgun
2022-09-18 15:27:58 +01:00
8300d6dbf3
Update commento to use mailgun
2022-09-18 15:01:16 +01:00
63c1bc29db
Update nextcloud to 24.0.5
2022-09-18 14:35:39 +01:00
259ab3aae8
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
...
Update matrixdotorg/synapse Docker tag to v1.67.0
See merge request sys/infrastructure!32
2022-09-18 14:22:13 +01:00
128689aed3
Merge branch 'renovate/louislam-uptime-kuma-1.x' into 'master'
...
Update louislam/uptime-kuma Docker tag to v1.18.0
See merge request sys/infrastructure!33
2022-09-18 14:20:38 +01:00
218d6a48cf
Use mailgun for GitLab emails
2022-09-16 17:43:01 +01:00
5f8a4d7b78
Use supercronic to schedule renovate
...
This makes it easier to restart, and makes more creative scheduling possible
2022-09-13 20:01:37 +01:00
7575a57e6b
Update matrixdotorg/synapse Docker tag to v1.67.0
2022-09-13 11:14:16 +01:00
c7d5056f2a
Scrape homeassistant metrics into prometheus
2022-09-06 21:29:11 +01:00
aa1cef4739
Update louislam/uptime-kuma Docker tag to v1.18.0
2022-09-05 11:03:55 +01:00
0b69388f2c
Remove tmpfs mounts for tt-rss
...
These don't get created with the correct user permissions, and so breaks
2022-08-29 10:37:13 +01:00
cc3f980d34
Deploy tandoor
2022-08-24 22:17:29 +01:00
dcc3055e93
Use official distribution of tt-rss
...
The previous one hasn't been updated in about a year. This one requires a couple extra containers, but is officially supported and maintained.
2022-08-24 15:23:21 +01:00
475215f33a
Run as many CI jobs as there are cores
2022-08-17 20:03:37 +01:00
73f165c521
Revert "Update traefik to 2.8"
...
This reverts commit a695818355
.
This causes problems with traefik-pages
2022-08-16 10:17:53 +01:00
4eab0d4f01
Don't mount docker socket to traefik
...
It was already configured to use the proxy, and was running as non-root
anyway, so likely didn't have access to it in the first place.
2022-08-16 09:38:27 +01:00
8b21b9e6f2
Monitor decker Traefik with prometheus
2022-08-14 15:04:55 +01:00
461cd8fe3c
Update config version of nextcloud
2022-08-14 14:50:14 +01:00
4ccde9cfaf
Merge branch 'renovate/lscr.io-linuxserver-nextcloud-24.x' into 'master'
...
Update dependency lscr.io/linuxserver/nextcloud to v24.0.4
See merge request sys/infrastructure!29
2022-08-14 14:37:13 +01:00
b8953745a6
Update dependency lscr.io/linuxserver/nextcloud to v24.0.4
2022-08-12 09:47:44 +00:00
7577b35755
Update dependency matrixdotorg/synapse to v1.64.0
2022-08-02 10:42:13 +00:00
a695818355
Update traefik to 2.8
2022-08-01 15:02:09 +01:00
9a89dddda3
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
...
Update dependency matrixdotorg/synapse to v1.63.1
See merge request sys/infrastructure!27
2022-08-01 14:36:14 +01:00
84e27c9d61
Merge branch 'renovate/vaultwarden-server-1.x' into 'master'
...
Update dependency vaultwarden/server to v1.25.2
See merge request sys/infrastructure!28
2022-08-01 14:35:33 +01:00
6d7a147b74
Don't bind docker socket in CI
...
Use dind instead, as it's more secure and isolated
https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#use-docker-in-docker
2022-07-28 17:47:02 +01:00
4311382033
Update dependency vaultwarden/server to v1.25.2
2022-07-27 20:03:05 +00:00
8734ad8ce1
Update dependency matrixdotorg/synapse to v1.63.1
2022-07-20 13:50:49 +00:00
e65b3ec605
Update nextcloud to 24.0.2
2022-06-28 19:28:46 +01:00
6844bbfe99
Merge branch 'renovate/louislam-uptime-kuma-1.x' into 'master'
...
Update dependency louislam/uptime-kuma to v1.17.1
See merge request sys/infrastructure!25
2022-06-28 19:13:55 +01:00
7b38760196
Update dependency matrixdotorg/synapse to v1.61.1
2022-06-28 14:41:39 +00:00
c502ee57f7
Set nginx to use automatic number of workers
...
See https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/6895
2022-06-27 17:52:06 +01:00
9632f9aa90
Update dependency louislam/uptime-kuma to v1.17.1
2022-06-23 08:23:24 +00:00
cf763d07f2
Stop capturing logs for containers I don't care about
2022-06-20 21:25:13 +01:00
0d5913ce3c
Disable any hub integrations
2022-06-18 22:09:59 +01:00
df28b56857
Update traefik to 2.7
2022-06-18 22:09:49 +01:00
f1835aecdd
Merge branch 'renovate/vaultwarden-server-1.x' into 'master'
...
Update dependency vaultwarden/server to v1.25.0
See merge request sys/infrastructure!20
2022-06-18 21:53:52 +01:00
fd6a8be593
Merge branch 'renovate/wallabag-wallabag-2.x' into 'master'
...
Update dependency wallabag/wallabag to v2.5.1
See merge request sys/infrastructure!23
2022-06-18 21:43:45 +01:00
7b779f6ff7
Update dependency matrixdotorg/synapse to v1.61.0
2022-06-14 11:45:06 +00:00
c54ce7b209
For migrate grafana plugins
2022-06-13 21:52:40 +01:00
5b586f2608
Add container to extract TLS certs from traefik into standard format
...
Disable its network access, just in case
2022-06-13 21:18:45 +01:00
f8e4e6302d
Update dependency wallabag/wallabag to v2.5.1
2022-06-09 08:05:42 +00:00
4ba1ab0a28
Update yourls mariadb to 10.8
2022-06-06 22:33:26 +01:00
b62f8001bb
Deploy commento++
2022-06-05 15:44:49 +01:00
14de6fee84
Use socket proxy for DB backups
2022-06-04 23:03:41 +01:00
0fd891f988
Update dependency louislam/uptime-kuma to v1.16.1
2022-05-29 05:48:38 +00:00
c159a157c3
Update download location for qbittorrent
2022-05-25 08:46:37 +01:00
565e1a156c
Update nextcloud to 24.0.1
2022-05-24 20:22:18 +01:00
1015a0ebc1
Merge branch 'renovate/matrixdotorg-synapse-1.x' into 'master'
...
Update dependency matrixdotorg/synapse to v1.59.1
See merge request sys/infrastructure!16
2022-05-24 20:12:51 +01:00
07f19ec509
Update dependency vaultwarden/server to v1.25.0
2022-05-23 18:01:20 +00:00
284bed5e90
Update dependency wallabag/wallabag to v2.5.0
2022-05-21 20:38:08 +00:00
6116eed775
Use external DNS for monitoring
...
This avoids potential issues with host DNS jitters
2022-05-19 09:39:30 +01:00
6a60e7284e
Update dependency matrixdotorg/synapse to v1.59.1
2022-05-18 12:16:59 +00:00
e176ba371c
Move my settings out of default
2022-05-17 18:09:03 +01:00
f2290aafa6
Reduce usage and reliance on downsampled snapshots
...
Keep more at a lower resolution, as really those are the most useful
2022-05-17 18:09:03 +01:00
1c14c10b74
Allow 2 cores per runner job for concurrency
...
Allowing 2 clear cores runs fewer jobs, but should run them a lot faster
2022-05-07 12:34:57 +01:00
306d2368c1
Update dependency wallabag/wallabag to v2.4.3
2022-05-07 12:21:21 +01:00
26b4b18737
Update synapse to 1.58.1
2022-05-07 11:38:46 +01:00
15b56971a1
Update uptime-kuma to 1.15.1
2022-05-07 11:37:49 +01:00
d7056861b9
Keep data for a bit longer
...
Don't ask me why I did this...
2022-05-07 11:34:46 +01:00
208c605f05
Update uptime-kuma to 1.15.0
2022-04-26 20:40:33 +01:00
679cd5eba1
Update synapse to 1.57.1
2022-04-26 20:39:16 +01:00
b8c5d40c73
Update nextcloud to 23.0.4
2022-04-26 20:39:05 +01:00
54b8191754
Update uptime-kuma to 1.13.1
2022-03-24 22:20:29 +00:00
72c54029cd
Update synapse to 1.55.2
2022-03-24 22:13:52 +00:00
793506492f
No shenanigans by default
...
This causes strange problems with nextcloud
2022-03-23 19:30:22 +00:00
cccfa8bf51
Remove version prefix from nextcloud tag
...
Apparently that's not needed anymore
2022-03-22 21:22:07 +00:00
e0df63e3c9
Update nextcloud to 23.0.3
2022-03-22 21:19:43 +00:00
b8736e1c65
Create VPN for port 53
2022-03-18 19:44:06 +00:00
bd49c1c869
Update renovate to v32
2022-03-18 18:06:07 +00:00
ffe9a13ff1
Update uptime-kuma to 1.12.1
2022-03-13 15:59:37 +00:00
5d136a8a2f
Update synapse to 1.54
2022-03-13 15:59:24 +00:00
293aed0fd3
Enable GitLab registry
2022-02-25 21:48:13 +00:00
997fb0e600
Update synapse to 1.52
2022-02-21 21:50:30 +00:00
7ad6e81981
Update nextcloud to 23.0.2
2022-02-21 21:50:18 +00:00
7a05e154a6
Update uptime-kuma
2022-02-21 21:50:07 +00:00
c34b9e48f4
Add support for building docker containers on CI
...
This is easier than dind
2022-02-14 09:09:28 +00:00
6b63c2685b
Add an additional domain for matrix
...
I'll migrate over to this eventually. But doing a hard migration has just wasted my entire evening...
2022-02-13 20:54:46 +00:00
722b964bc9
Add Google Search Console integration to Plausible
2022-02-13 16:43:09 +00:00
a075b8f252
Update Vaultwarden to 1.24
2022-02-08 08:56:28 +00:00
4562b60517
Update Traefik to 2.6
2022-02-08 08:55:50 +00:00
af0eb65cce
Update synapse to 1.51
2022-02-08 08:55:41 +00:00
5df4a2c79a
Rotate nebula keys
...
Turns out they expired last night...
2022-01-30 21:00:38 +00:00
b91072b0da
Create a pages user for user with status checks
2022-01-29 22:18:07 +00:00
a5d9463f80
Ensure webdav pages is also accessible to Traefik
2022-01-29 22:11:19 +00:00
f07b5d9b7b
Migrate include:
to include_tasks
2022-01-22 20:21:32 +00:00
106a89d72f
Use groups to manage sudo access rather than editing sudoers file
2022-01-22 20:10:16 +00:00
7e6e630808
Don't provision occ script on every machine
...
It only makes sense on 1
2022-01-21 22:28:13 +00:00
6db0500e1b
Provision remote f2b key with ansible
2022-01-21 22:11:49 +00:00
e8d4244946
Restart nebula, rather than reloading it
...
Reloading doesn't actually work it seems
2022-01-21 21:52:48 +00:00
188b7c9dd6
Install wireguard tools before provisioning config
2022-01-21 20:29:34 +00:00
c1319a134a
Forget snapshots in groups by host
...
By default, it includes the path, which means path changes result in very old snapshots
https://twitter.com/RealOrangeOne/status/1484217495124852748
2022-01-20 17:43:56 +00:00
1db289b604
Show domain in logs rather than upstream
...
The upstream is always the same, and no use to us
2022-01-19 09:00:20 +00:00
5cc552d0eb
Add container to automatically backup DBs
2022-01-16 17:51:03 +00:00
6c0314b758
Add an nginx container to do crazy things with traefik
2022-01-16 14:08:38 +00:00
d5c7d94ac8
Run traefik as dockeruser, and without host networking
...
This required port forwarding, a docker proxy, and a docker network, but the end result should be much more secure!
2022-01-15 23:44:06 +00:00
1348eb8b1c
Prefent yourls redirect page being indexed
2022-01-11 21:20:23 +00:00
c5215e330b
Update yamllint to fix dependency issue
...
I think this still validates everything we need it to
2022-01-11 20:51:12 +00:00
02cfd37a02
Update uptime-kuma
2022-01-08 12:18:25 +00:00
1a74e05a7c
Create a dedicated machine for renovate
...
This way it can do what it wants with docker. Because apparently it's very picky about how it's setup
2022-01-01 22:59:13 +00:00
78b0161585
Install renovate
...
It doesn't quite work, as really it needs docker to correctly update packages. But it's a start for now
2022-01-01 18:23:32 +00:00
b81f250d02
Update clickhouse config to reference new tables to remove
2021-12-29 17:34:07 +00:00
062c4a25fb
Keep just 2 weeks of backrest logs
...
That's ample
2021-12-28 12:57:57 +00:00
711d78bfd3
Only try and rotate the log files
...
Previously, this was also rotating the compressed logs, for some reason
2021-12-28 12:57:08 +00:00
3a7d2194cc
Update tt-rss DB to postgres 14
2021-12-22 22:39:46 +00:00
66c48c4a69
Remove old domain for vaultwarden
...
It's been long enough
2021-12-22 15:41:14 +00:00
e6ecffdf62
Update vaultwarden DB to postgres 14
2021-12-22 15:33:40 +00:00
ec9ca428a3
Update synapse DB to postgres 14
2021-12-22 15:24:37 +00:00
fbdbc8afb5
Update quassel DB to postgres 14
2021-12-22 13:17:01 +00:00
da41fcd7bc
Update grafana DB to postgres 14
2021-12-22 13:10:06 +00:00
6681ad43fb
Update plausible DB to postgres 14
2021-12-22 12:57:49 +00:00
31b7811b1f
Use new clickhouse docker repository
2021-12-22 12:01:25 +00:00
b6a0fdfd1d
Unpin the version of yourls
...
It's a very simple, non-critical application, which I keep forgetting to update
2021-12-21 21:48:41 +00:00
1c645fa106
Update yourls mariadb to 10.7
2021-12-21 21:40:56 +00:00
c5beb223be
Update clickhouse to 21.12
2021-12-21 21:31:53 +00:00
0734ff42d8
Move grafana variables to vault file
2021-12-21 20:22:47 +00:00
7b6675a9d0
Move gitlab variables to single vault
2021-12-21 20:12:05 +00:00
4cbc15fe0b
Move gitlab runner secrets to dedicated vault
2021-12-21 20:00:54 +00:00
66662594d0
Extract plausible secrets to dedicated vault
2021-12-21 19:57:43 +00:00
8d40a49780
Move traefik pages secret into full vault file
...
Trialing a new pattern for vault storage
2021-12-20 21:17:25 +00:00
b50659ab5d
Update nextcloud to 23
2021-12-19 21:18:09 +00:00
a5329665c0
Update vaultwarden to 1.23.1
2021-12-15 20:21:01 +00:00
9834a45ec5
Update uptime-kuma to 1.11.1
2021-12-15 20:20:50 +00:00
699673c3b5
Update Synapse to 1.49.0
2021-12-15 20:19:51 +00:00
9e899d0f52
Update nebula to 1.5.2
2021-12-15 20:18:25 +00:00
4452cc4eeb
Update synapse to 1.47.1
2021-11-23 22:04:42 +00:00
eed75d8648
Mount homeassistant data into restic for external backup
2021-11-21 21:53:35 +00:00
47bcbd855e
Update nextcloud to 22.2.3
2021-11-16 21:04:54 +00:00
5c0987de4d
Update uptime-kuma
2021-11-15 20:26:29 +00:00
e1205564cb
Update nebula to 1.5.0
2021-11-15 20:26:20 +00:00
ef22a43293
Update uptime-kuma to fix security issue
2021-10-29 21:52:09 +01:00
1b4d5de701
Rename plausible embed router
...
There's nothing really "bare" about it
2021-10-29 20:47:02 +01:00
0cb2a70d24
Upgrade Plausible to 1.4
2021-10-29 20:46:28 +01:00
090745456f
Update vaultwarden to 1.23.0
2021-10-23 16:24:42 +01:00
41fadd892e
Update uptime-kuma
2021-10-23 16:24:29 +01:00
4cdaba4692
Swap certificates for wildcards
2021-10-18 21:59:10 +01:00
ebb571bf20
Increase GC frequenc to work around restic's high memory usage
...
https://github.com/restic/restic/issues/1988
2021-10-15 12:39:16 +01:00
6cc7d0b89e
Update synapse
2021-10-14 18:34:49 +01:00
31208856c2
Pin uptime-kuma version
...
It's pretty important now
2021-10-14 18:34:00 +01:00
6f0d4b60df
Run more web processes for tt-rss
2021-10-03 16:45:18 +01:00
c867efbe3b
Use alternative container registries where available
2021-10-03 16:26:10 +01:00
3727dd473c
Update synapse to 1.43
2021-10-01 21:17:13 +01:00
7fd176466d
Update nextcloud to 22.2.0
...
Required quite some hacks around federatedfilesharing app not wanting to update
2021-10-01 20:52:07 +01:00
4db474034e
Ignore my VMs from a fail2ban
2021-09-27 14:49:56 +01:00
7e2d01c612
Change domain
...
Now there's a status page, we can consider it public
2021-09-25 21:34:18 +01:00
3daf939b32
Update uptime-kuma container
...
Now does user management itself
2021-09-25 21:08:42 +01:00
a135aae5f3
Provision new VM
...
This will be used for monitoring
2021-09-25 16:59:23 +01:00
48934ad2c5
Apply gzip to everything
...
The middleware is smart enough to only apply it when needed, and only when it's not already compressed, so it's fine.
2021-09-19 22:48:48 +01:00
83ed8879dc
Correctly set smtp user for GitLab
...
The user and from are different in my case.
2021-09-19 22:34:40 +01:00
178ca6b2c4
Add privatebin config
...
Disable super long expirations, among other things
2021-09-19 19:29:05 +01:00
d70f450e2d
Change forget resolution to 30d
...
Restic is really annoying with its retention arguments, not really allowing what I want, so this is the easiest way to get decent retention.
2021-09-07 22:04:23 +01:00
0a8167c839
Remove stray expose
...
Traefik picks up the port just fine
2021-09-07 21:04:19 +01:00
eedba465c4
Update synapse
2021-09-07 21:04:04 +01:00
a278443850
Use auto
on nginx configs
...
Let nginx work it out, and default to 1 per core
2021-09-04 22:41:30 +01:00
6e25403b3d
Update synapse to 1.41.1
2021-08-31 19:08:38 +01:00
86e9d12ce6
Update nextcloud to 22.1.1
2021-08-31 19:03:19 +01:00
07b2ea2ccb
Add the ability to exclude certain paths from backup
2021-08-30 21:49:58 +01:00
95216b32c4
Consolidate server blocks
2021-08-24 14:31:12 +01:00
453a374801
Replace ingress proxy with nginx
...
This enables HTTPS redirecting at it too much more easily, and matches the gateway configuration.
Requires using upstream versions of nginx to enable https://nginx.org/en/docs/stream/ngx_stream_realip_module.html
2021-08-24 14:21:51 +01:00
f14e723d40
Fix service name on ingress
...
It's not alpine
2021-08-24 11:52:35 +01:00
edc5c325b7
Correctly check hostname against PVE hosts
...
Some of the hostnames have `-` in instead, which caused issues with the SSH config detecting which users to allow
2021-08-23 19:56:04 +01:00
ecb946bab4
Remove nginx version from headers
2021-08-23 16:12:34 +01:00
93cba46dd1
Redirect to HTTPS at the edge
2021-08-23 16:10:37 +01:00
a54d373526
Replace edge proxy with nginx
...
The config makes more sense, and it has more of the features I need, which will come later.
2021-08-22 22:35:09 +01:00
8fabd11e31
Remove unnecessary pve role
...
no-subscription is handled by the nag removal role
2021-08-22 15:20:27 +01:00
f0a3585592
Use distribution name in repo URL
2021-08-22 14:44:34 +01:00
0874158a91
Update traefik to 2.5
2021-08-22 11:16:37 +01:00
c04e8b628a
Update synapse to 1.40.0
2021-08-22 11:16:19 +01:00
c99afdd446
Disable gzip on qbittorrent egress
...
It's mostly used over the internal network, so the additional gzip isn't going to gain anything when the disk is the bottleneck
2021-08-21 16:46:21 +01:00
55e3b81f06
Install release version of gitlab-dater
onto GitLab server
...
Rather than than hacky development one I was using before
2021-08-10 22:51:12 +01:00
e421657619
Ensure restic gets the correct permissions when it's updated
...
Yes it's weird to modify the system package like this, but it's very handy.
See also https://restic.readthedocs.io/en/stable/080_examples.html#backing-up-your-system-without-running-restic-as-root
2021-08-10 08:45:59 +01:00
ab46c30df2
Start graphing some speeds
2021-08-07 10:59:42 +01:00
d0e472b51a
Update synapse to 1.39.0
2021-08-06 18:20:48 +01:00
11bf501d8a
Update nextcloud to 22.1.0
2021-08-06 18:20:38 +01:00
9755974647
Update vaultwarden to 1.22.2
2021-08-06 18:17:22 +01:00
f3bc72d2ba
Provision uptime-kuma
2021-07-31 16:43:12 +01:00
1399529a47
Move stray storage to tank
2021-07-17 20:32:26 +01:00
8f831c8191
Update synapse to 1.37.1
2021-07-11 20:20:56 +01:00
501fe81979
Update nextcloud to v22
2021-07-11 20:20:48 +01:00
3daf3ef8ed
Pin clickhouse to 21.6
...
21.7 doesn't work
2021-07-11 16:11:09 +01:00
b2d226300b
Update nextcloud to 21.0.3
2021-07-04 21:17:03 +01:00
19eb233ffa
Update vaultwarden to 1.22.1
2021-07-03 11:27:27 +01:00
797c44a27d
Use proxy protocol v2
...
Apparently it's better for chaining, and may be faster anyway
2021-07-01 22:28:25 +01:00
b6adc53746
Revert "Capture stderr in logs, too"
...
This reverts commit 8696f6d93f
.
Yeah, this doesn't work. Syntax and intention.
2021-06-28 08:33:08 +01:00
41a8fe3b4d
Use logrotate for backrest logging rather than nuking immediately
...
Just in case something goes wrong with healthchecks
2021-06-27 10:58:01 +01:00
8696f6d93f
Capture stderr in logs, too
2021-06-27 10:53:13 +01:00
40e785de38
Add yet more metric sources
2021-06-26 12:52:55 +01:00
32f17908ad
Collect metrics on disk usage
2021-06-26 12:36:00 +01:00
b82e87c04b
Remove unnecessary which
...
`cron` doesn't need a full path
2021-06-25 20:57:19 +01:00