Commit graph

1680 commits

Author SHA1 Message Date
000f3d3348
Add HSTS to all nginx requests 2024-03-03 21:37:07 +00:00
0dcc3f7c30
Use regular version of nginx on Arch
All checks were successful
/ terraform (push) Successful in 30s
/ ansible (push) Successful in 1m30s
`nginx-mainline` requires modules be recompiled each time, and isn't handled automatically. It's still a very new and maintained release.
2024-02-29 19:46:32 +00:00
8a1e21c79d
Ensure headscale sees the correct IP
All checks were successful
/ terraform (push) Successful in 49s
/ ansible (push) Successful in 1m48s
2024-02-29 17:41:29 +00:00
998d798797
Set maintenance window for nextcloud
All checks were successful
/ terraform (push) Successful in 26s
/ ansible (push) Successful in 1m37s
2024-02-21 21:57:03 +00:00
11a93dac55
Update nextcloud version in config 2024-02-21 21:52:58 +00:00
97da6edc13 Update dependency ansible-lint to v24
All checks were successful
/ terraform (push) Successful in 27s
/ ansible (push) Successful in 1m36s
2024-02-21 21:47:29 +00:00
d66708b10b Update dependency artis3n.tailscale to v4.4.2
All checks were successful
/ terraform (push) Successful in 24s
/ ansible (push) Successful in 1m34s
2024-02-21 21:43:33 +00:00
7d64518840 Update matrixdotorg/synapse Docker tag to v1.101.0
Some checks failed
/ ansible (push) Has been cancelled
/ terraform (push) Has been cancelled
2024-02-21 21:43:15 +00:00
26bcf09fea Update lscr.io/linuxserver/nextcloud Docker tag to v28.0.2
Some checks failed
/ terraform (push) Has been cancelled
/ ansible (push) Has been cancelled
2024-02-21 21:42:50 +00:00
808e72553b
Add the basics of some edge caching
Some checks failed
/ ansible (push) Has been cancelled
/ terraform (push) Has been cancelled
2024-02-21 21:42:16 +00:00
b513c88774 Update vaultwarden/server Docker tag to v1.30.3
All checks were successful
/ ansible (push) Successful in 1m33s
/ terraform (push) Successful in 27s
2024-02-19 14:13:02 +00:00
7741fbc163 Update vabene1111/recipes Docker tag to v1.5.13
All checks were successful
/ terraform (push) Successful in 25s
/ ansible (push) Successful in 1m34s
2024-02-19 14:07:32 +00:00
45cf930d14 Update lscr.io/linuxserver/mastodon Docker tag to v4.2.7
All checks were successful
/ terraform (push) Successful in 49s
/ ansible (push) Successful in 1m54s
2024-02-17 08:00:21 +00:00
58c48261e7
Consolidate vikunja container
All checks were successful
/ terraform (push) Successful in 53s
/ ansible (push) Successful in 1m51s
2024-02-12 14:12:17 +00:00
91a247868b
Add routes from forrest to tailscale network
All checks were successful
/ terraform (push) Successful in 27s
/ ansible (push) Successful in 1m35s
2024-02-07 22:12:08 +00:00
df43be6f9b
Set private_ip for some other machines
All checks were successful
/ terraform (push) Successful in 36s
/ ansible (push) Successful in 1m39s
2024-02-07 19:27:48 +00:00
b6eca40ae0
Allow tailscale IP in more places 2024-02-07 18:21:16 +00:00
6c1c245c23 Update matrixdotorg/synapse Docker tag to v1.100.0
All checks were successful
/ terraform (push) Successful in 25s
/ ansible (push) Successful in 1m38s
2024-02-02 13:38:12 +00:00
379d4a26fa Update vabene1111/recipes Docker tag to v1.5.12
Some checks failed
/ ansible (push) Has been cancelled
/ terraform (push) Has been cancelled
2024-02-02 13:38:00 +00:00
f1a2694f1a Update lscr.io/linuxserver/mastodon Docker tag to v4.2.5
Some checks failed
/ terraform (push) Successful in 29s
/ ansible (push) Has been cancelled
2024-02-02 13:37:05 +00:00
02847355a7
Install tailscale
All checks were successful
/ terraform (push) Successful in 29s
/ ansible (push) Successful in 1m34s
Install, not configure
2024-02-01 19:41:47 +00:00
29cac09b48
Remove explicit port for headscale 2024-02-01 18:32:53 +00:00
dba0262801
Remove website tmpfs
All checks were successful
/ terraform (push) Successful in 29s
/ ansible (push) Successful in 1m36s
The server's disk is probably fast enough, and container restarts will nuke that storage anyway
2024-02-01 18:15:51 +00:00
0c6528f9ca
Restrict access to headscale OIDC and API
All checks were successful
/ terraform (push) Successful in 29s
/ ansible (push) Successful in 1m33s
2024-01-31 21:40:43 +00:00
dfa8328e7b
Move gateway logs to separate file 2024-01-31 21:06:19 +00:00
53c758a781
Monitor headscale with prometheus
All checks were successful
/ terraform (push) Successful in 29s
/ ansible (push) Successful in 1m38s
2024-01-27 17:40:02 +00:00
b51677b795
Back up headscale config
All checks were successful
/ terraform (push) Successful in 48s
/ ansible (push) Successful in 1m51s
2024-01-27 15:04:53 +00:00
2ceeaf091d
Deploy headscale
Some checks failed
/ terraform (push) Failing after 11m20s
/ ansible (push) Failing after 11m6s
2024-01-27 14:18:37 +00:00
06784563a7
Don't resolve ipv6
All checks were successful
/ terraform (push) Successful in 30s
/ ansible (push) Successful in 1m36s
Something about this setup doesn't like it, so I'll disable v6 for now
2024-01-26 21:43:04 +00:00
4f6f4143ce Update matrixdotorg/synapse Docker tag to v1.99.0
All checks were successful
/ terraform (push) Successful in 31s
/ ansible (push) Successful in 1m46s
2024-01-22 09:15:38 +00:00
5292785cd9 Update wallabag/wallabag Docker tag to v2.6.8
Some checks are pending
/ terraform (push) Has started running
/ ansible (push) Successful in 1m38s
2024-01-22 09:11:27 +00:00
d297674fb5 Update vabene1111/recipes Docker tag to v1.5.11
All checks were successful
/ terraform (push) Successful in 49s
/ ansible (push) Successful in 1m51s
2024-01-22 08:42:36 +00:00
88f0828153
Use primary Quad9 servers
All checks were successful
/ terraform (push) Successful in 47s
/ ansible (push) Successful in 1m39s
DNSSEC and malware blocking is probably useful, just in case
2024-01-21 23:19:49 +00:00
cfc3de61b4
Add fallback quad9 address
This aids availability, along with a healthcheck
2024-01-21 23:05:25 +00:00
c6bae0f797
Do simple endsWith matching for docker view
All checks were successful
/ terraform (push) Successful in 33s
/ ansible (push) Successful in 1m42s
This saves the need for a regex
2024-01-14 22:27:02 +00:00
4c5936b2aa
Disable Grafana analytics
All checks were successful
/ terraform (push) Successful in 32s
/ ansible (push) Successful in 1m41s
2024-01-14 15:30:12 +00:00
9d685d85aa
Update website deployment to unify containers
All checks were successful
/ terraform (push) Successful in 1m9s
/ ansible (push) Successful in 2m17s
2024-01-14 14:22:19 +00:00
ac166c3874
Start resolved to support mDNS
All checks were successful
/ terraform (push) Successful in 34s
/ ansible (push) Successful in 1m44s
2024-01-10 13:28:45 +00:00
06b9197c5b
Sync terraform state to restic
All checks were successful
/ terraform (push) Successful in 31s
/ ansible (push) Successful in 1m47s
This allows it to be backed up easily
2024-01-09 19:56:06 +00:00
4a69df1d6c
Ignore ansible-lint for nebula install block
All checks were successful
/ terraform (push) Successful in 1m28s
/ ansible (push) Successful in 1m48s
I'm smarter than it is
2024-01-08 21:49:38 +00:00
f33d19e156
Move AdGuardHome configuration to Terraform
https://git.theorangeone.net/systems/adguardhome
2024-01-08 21:45:28 +00:00
ed59458f39
Add backups to tang
Some checks failed
/ terraform (push) Successful in 1m21s
/ ansible (push) Failing after 1m37s
2024-01-08 19:20:55 +00:00
616d20e23b
Tweak some AGH settings
Some checks failed
/ terraform (push) Successful in 1m15s
/ ansible (push) Failing after 1m59s
2024-01-08 19:01:46 +00:00
383a57d1f2
Use DoH endpoint fot quad9
Seems latency is much lower
2024-01-08 18:21:03 +00:00
9f13ace88c
Use newer S3 configuration resources
Some checks failed
/ terraform (push) Successful in 1m14s
/ ansible (push) Failing after 2m3s
2024-01-07 13:49:35 +00:00
094091dd21
Add role for minio state management 2024-01-07 13:06:37 +00:00
9ac9380387
Restructure state IAM to use separate role 2024-01-07 12:58:16 +00:00
1555803d25
Move terraform state file
This lets me use the bucket for other states too
2024-01-06 21:28:57 +00:00
c8211d4756
Use Debian repo version of nginx
Some checks failed
/ terraform (push) Successful in 1m3s
/ ansible (push) Failing after 1m53s
It's older, and doesn't have `stream` compiled in, but the repo one can't link to any of the installed modules, which is a non-starter.
2024-01-04 14:17:36 +00:00
57ad143268
Set password for homeassistant SMB mount
Some checks failed
/ terraform (push) Successful in 38s
/ ansible (push) Failing after 1m40s
It had an IP restriction, but still
2024-01-03 21:23:49 +00:00