cdaa626068
Only expose socket proxy on internal networks
/ terraform (push) Successful in 37s
/ ansible (push) Successful in 1m32s
2024-09-09 12:18:09 +01:00
01c236e4e9
Remove Nebula
...
/ terraform (push) Successful in 54s
/ ansible (push) Successful in 3m34s
I'm basically all in on Tailscale now
2024-09-01 20:21:29 +01:00
3a29c327b7
Remove version key from compose files
/ terraform (push) Successful in 1m0s
/ ansible (push) Successful in 1m47s
2024-07-15 18:08:14 +01:00
393a947cb7
Remove f2b gateway bouncer
...
/ terraform (push) Successful in 36s
/ ansible (push) Successful in 1m22s
To be replaced by something more sensible
2024-07-14 22:27:58 +01:00
f717c1be78
Decommission dokku
...
I don't use it, still. I have a better plan for doing this in future anyway...
2024-07-07 15:56:29 +01:00
8929a22ce5
Use LSIO docker socket proxy
/ terraform (push) Successful in 53s
/ ansible (push) Successful in 1m31s
2024-04-23 19:52:48 +01:00
c472411801
Deploy uptime-kuma
2024-04-21 18:11:39 +01:00
7ff44ee238
Add IPv6 to proxmox internal network
2024-04-20 18:00:08 +01:00
7bc0ebeb26
Update traefik Docker tag to v2.11
/ terraform (push) Failing after 2s
/ ansible (push) Failing after 2s
2024-04-15 17:43:05 +01:00
5157940f20
Stop exposing homeassistant
/ terraform (push) Successful in 58s
/ ansible (push) Successful in 1m52s
2024-03-23 11:54:26 +00:00
eb6fe3a23b
Allow forrest to access internal services
...
/ terraform (push) Successful in 36s
/ ansible (push) Successful in 1m36s
This is mostly for monitoring
2024-03-22 18:13:25 +00:00
b2656bdf43
Make vaultwarden VPN only
...
/ terraform (push) Successful in 33s
/ ansible (push) Successful in 1m36s
The first service to go dark...
2024-03-21 23:20:27 +00:00
f88d224168
Allow only exposing services over Tailscale
...
/ terraform (push) Failing after 41s
/ ansible (push) Successful in 1m41s
This works using public DNS, so doesn't need Tailscale's magic DNS to override my local.
2024-03-07 22:30:10 +00:00
808e72553b
Add the basics of some edge caching
/ ansible (push) Has been cancelled
/ terraform (push) Has been cancelled
2024-02-21 21:42:16 +00:00
b6eca40ae0
Allow tailscale IP in more places
2024-02-07 18:21:16 +00:00
b33e19e152
Remove unnecessary extra variable definitions
...
The world could do with a bit less YAML!
2023-12-14 22:03:23 +00:00
37b8c48a77
Remove legacy short domains
...
/ terraform (push) Successful in 1m24s
/ ansible (push) Successful in 2m47s
I never used them, and the certificate renewal didn't work anyway.
2023-10-02 09:37:05 +01:00
a54a91ea44
Deploy a dokku
2023-10-01 16:34:01 +01:00
0e9e63d8b7
Use correct gandi API
2023-07-17 15:03:04 +01:00
7619e826f4
Remove deprecated traefik hub config
/ terraform (push) Successful in 1m27s
/ ansible (push) Successful in 2m31s
2023-06-26 09:27:16 +01:00
2af9f8529d
Fix new ansible-lint errors
...
/ terraform (push) Successful in 46s
/ ansible (push) Successful in 1m53s
Quite a few changes here, hopefully they work!
2023-06-15 15:16:19 +01:00
ddd6af21cf
Allow Traefik to use DNS-01 challenge to Gandi
/ ansible (push) Successful in 2m55s
/ terraform (push) Successful in 33s
2023-04-23 20:26:37 +01:00
2c9ab7fd29
Update traefik Docker tag to v2.10
2023-04-09 17:02:00 +01:00
d52f0bc8b2
Remove gitlab configuration
2023-03-30 22:56:35 +01:00
a78c4680c4
Move notes to GitLab
2023-03-29 22:36:03 +01:00
fc577f21b8
Update Traefik to 2.9
2022-11-01 20:50:30 +00:00
4c8d5ffe44
Remove all references to traefik pages
2022-11-01 20:30:16 +00:00
58730fcbeb
Move pages hosting to GitLab pages
2022-10-09 18:26:49 +01:00
491061d900
Remove shenanigans
...
It's not enabled, and it's 1 less container to deal with
2022-10-09 17:40:22 +01:00
6d890a6991
Setup slides domain
2022-10-08 17:37:28 +01:00
41582f50db
Set up GitLab pages
2022-10-08 15:51:37 +01:00
73f165c521
Revert "Update traefik to 2.8"
...
This reverts commit a695818355
.
This causes problems with traefik-pages
2022-08-16 10:17:53 +01:00
4eab0d4f01
Don't mount docker socket to traefik
...
It was already configured to use the proxy, and was running as non-root
anyway, so likely didn't have access to it in the first place.
2022-08-16 09:38:27 +01:00
a695818355
Update traefik to 2.8
2022-08-01 15:02:09 +01:00
cf763d07f2
Stop capturing logs for containers I don't care about
2022-06-20 21:25:13 +01:00
0d5913ce3c
Disable any hub integrations
2022-06-18 22:09:59 +01:00
df28b56857
Update traefik to 2.7
2022-06-18 22:09:49 +01:00
5b586f2608
Add container to extract TLS certs from traefik into standard format
...
Disable its network access, just in case
2022-06-13 21:18:45 +01:00
793506492f
No shenanigans by default
...
This causes strange problems with nextcloud
2022-03-23 19:30:22 +00:00
293aed0fd3
Enable GitLab registry
2022-02-25 21:48:13 +00:00
4562b60517
Update Traefik to 2.6
2022-02-08 08:55:50 +00:00
6db0500e1b
Provision remote f2b key with ansible
2022-01-21 22:11:49 +00:00
5cc552d0eb
Add container to automatically backup DBs
2022-01-16 17:51:03 +00:00
6c0314b758
Add an nginx container to do crazy things with traefik
2022-01-16 14:08:38 +00:00
d5c7d94ac8
Run traefik as dockeruser, and without host networking
...
This required port forwarding, a docker proxy, and a docker network, but the end result should be much more secure!
2022-01-15 23:44:06 +00:00
4cdaba4692
Swap certificates for wildcards
2021-10-18 21:59:10 +01:00
4db474034e
Ignore my VMs from a fail2ban
2021-09-27 14:49:56 +01:00
48934ad2c5
Apply gzip to everything
...
The middleware is smart enough to only apply it when needed, and only when it's not already compressed, so it's fine.
2021-09-19 22:48:48 +01:00
0874158a91
Update traefik to 2.5
2021-08-22 11:16:37 +01:00
33fcf1a9e5
Fix matrix federation
...
Apparently this has been broken since like March...
It seems communication over port 8448 is required for server-to-server
comms, even if the client doesn't use it.
2021-06-12 17:32:47 +01:00