eb6fe3a23b
Allow forrest to access internal services
...
/ terraform (push) Successful in 36s
/ ansible (push) Successful in 1m36s
This is mostly for monitoring
2024-03-22 18:13:25 +00:00
f88d224168
Allow only exposing services over Tailscale
...
/ terraform (push) Failing after 41s
/ ansible (push) Successful in 1m41s
This works using public DNS, so doesn't need Tailscale's magic DNS to override my local.
2024-03-07 22:30:10 +00:00
451a114262
Add IPv6 support for internal DNS overrides
...
CoreDNS 1.11.2 finally shipped!
2024-03-07 20:02:39 +00:00
df43be6f9b
Set private_ip
for some other machines
/ terraform (push) Successful in 36s
/ ansible (push) Successful in 1m39s
2024-02-07 19:27:48 +00:00
02847355a7
Install tailscale
...
/ terraform (push) Successful in 29s
/ ansible (push) Successful in 1m34s
Install, not configure
2024-02-01 19:41:47 +00:00
39899cd1e0
Use certbot to issue certificates
2023-12-21 16:38:07 +00:00
9f83efa53b
Use nftables for firewall on ingress
...
See ya never, iptables!
2023-10-26 21:34:06 +01:00
28a5089190
Bootstrap a new dokku machine on PVE
/ terraform (push) Successful in 41s
/ ansible (push) Failing after 2m3s
2023-09-29 22:03:23 +01:00
12c46e50b5
Decommission grimes
...
/ terraform (push) Successful in 41s
/ ansible (push) Successful in 2m10s
Dokku will return, soon...
2023-09-29 21:42:05 +01:00
6224b8f675
Remove aurto
...
/ terraform (push) Successful in 47s
/ ansible (push) Successful in 2m0s
I never used it, and trust chaotic-aur enough for AUR things
2023-07-30 19:09:34 +01:00
2af9f8529d
Fix new ansible-lint errors
...
/ terraform (push) Successful in 46s
/ ansible (push) Successful in 1m53s
Quite a few changes here, hopefully they work!
2023-06-15 15:16:19 +01:00
f577a5e296
Add aurto server for AUR caching
/ terraform (push) Successful in 1m12s
/ ansible (push) Successful in 2m1s
2023-05-14 15:33:07 +01:00
d52f0bc8b2
Remove gitlab configuration
2023-03-30 22:56:35 +01:00
a6a6fd9e76
Deploy gitea's runner
...
Unofficial container, because there isn't an official one
2023-03-26 00:01:55 +00:00
ddc91059b5
Replace telegraf with prometheus exporters
...
Still missing SMART and ping, but those can come later.
Swapped as the polling model for prometheus doesn't play especially well with telegraf, and leads to gaps in data
2023-01-31 09:11:09 +00:00
ad50176ee9
Add internal alias to pihole
2023-01-08 18:36:03 +00:00
e86ed81102
Decommission decker
server
...
It's been replaced by prometheus running internally, and uptimerobot checking.
2022-12-09 19:04:54 +00:00
4c8d5ffe44
Remove all references to traefik pages
2022-11-01 20:30:16 +00:00
af396a21cb
Provision a new casey
on Linode
2022-01-21 21:52:21 +00:00
c5215e330b
Update yamllint to fix dependency issue
...
I think this still validates everything we need it to
2022-01-11 20:51:12 +00:00
cf0e718bfb
Migrate decker services to linode
...
Mostly just uptime-kuma
2022-01-11 09:07:48 +00:00
1a74e05a7c
Create a dedicated machine for renovate
...
This way it can do what it wants with docker. Because apparently it's very picky about how it's setup
2022-01-01 22:59:13 +00:00
0b352e22d1
Merge all group vars into single vault file
...
This will make tracking down where a secret is defined much simpler
2021-12-21 18:04:03 +00:00
dce7c782ec
Move wireguard keys into a separate vault file
2021-12-21 17:58:52 +00:00
8d40a49780
Move traefik pages secret into full vault file
...
Trialing a new pattern for vault storage
2021-12-20 21:17:25 +00:00
ccaff503da
Move decker from AMS to Paris
...
The AMS DC has a bit of a flaky network connection, which isn't what you want for monitoring.
2021-11-06 16:45:09 +00:00
4db474034e
Ignore my VMs from a fail2ban
2021-09-27 14:49:56 +01:00
a135aae5f3
Provision new VM
...
This will be used for monitoring
2021-09-25 16:59:23 +01:00
a866938207
Fix hostname of restic server
2021-09-06 21:07:10 +01:00
601b916b43
Remove deprecated clients from wireguard server
...
I use nebula now for all that
2021-08-24 11:14:04 +01:00
edc5c325b7
Correctly check hostname against PVE hosts
...
Some of the hostnames have `-` in instead, which caused issues with the SSH config detecting which users to allow
2021-08-23 19:56:04 +01:00
a54d373526
Replace edge proxy with nginx
...
The config makes more sense, and it has more of the features I need, which will come later.
2021-08-22 22:35:09 +01:00
e3502ae1e0
Provision dokku server
2021-06-20 12:12:34 +01:00
f1f2c620b0
Replace DHCP on PVE for static IPs
...
So much easier to deal with!
2021-06-03 20:47:08 +01:00
a867df04a5
Add a GitLab runner
...
Woo CI!
2021-06-01 19:29:21 +01:00
c7bde8b3dd
Init a GitLab server
...
Some day i'll make up my mind on which server to use, honest!
2021-05-28 22:49:48 +01:00
9b31efbf43
Destroy grimes
...
And the entire Linode integration
2021-05-05 18:11:14 +01:00
c048e6d20e
Provision walker
2021-04-24 21:59:53 +01:00
5d9ee7190d
Swap out deluge for qbittorrent
...
Just run on arch instead of docker, too. Much simpler.
2021-04-16 21:49:00 +01:00
1c424cb2ef
Update some IP addresses
...
I really need to stop using these external addresses somewhen...
2021-04-07 22:11:24 +01:00
a1307ff3a5
Remove obsolete port
2021-03-28 16:30:07 +01:00
1d997d3c33
Remove separate private and protected IP
2021-03-27 18:42:06 +00:00
6b95b75fc2
Move telegraf to host
...
This makes metric collection for SMART much simpler. I'll still be using the prometheus node exporter for actual system metrics, though.
2021-03-05 20:39:11 +00:00
2e05ed08fa
Use hostname rather than fqdn
2021-03-04 16:06:43 +00:00
a4eb26b129
Use Nebula as the primary private interface rather than wireguard
2021-03-04 16:02:42 +00:00
47df8164fa
Define timezone as variable
2021-02-10 09:12:42 +00:00
e8496ddced
Deploy deluge in docker
...
Makes version managing so much easier!
2021-02-01 17:24:36 +00:00
a79e54d45a
Add forrest
instance
2021-01-31 15:18:20 +00:00
058290b321
Keep track of IPs for PVE hosts
...
Yea they're all random, I'll deal with that later
2021-01-31 12:46:43 +00:00
da301eb7dd
Provision remaining nebula instances
2021-01-30 20:47:11 +00:00