07b2ea2ccb
Add the ability to exclude certain paths from backup
2021-08-30 21:49:58 +01:00
259b0ca7a6
Use upstream telegraf role
...
https://github.com/rossmcdonald/telegraf/pull/54 shipped
2021-08-30 21:22:26 +01:00
dcbe6e8e72
Use upstream version of ansible-role-snapraid
...
https://github.com/IronicBadger/ansible-role-snapraid/pull/7 shipped
2021-08-30 21:21:58 +01:00
95216b32c4
Consolidate server blocks
2021-08-24 14:31:12 +01:00
453a374801
Replace ingress proxy with nginx
...
This enables HTTPS redirecting at it too much more easily, and matches the gateway configuration.
Requires using upstream versions of nginx to enable https://nginx.org/en/docs/stream/ngx_stream_realip_module.html
2021-08-24 14:21:51 +01:00
f14e723d40
Fix service name on ingress
...
It's not alpine
2021-08-24 11:52:35 +01:00
601b916b43
Remove deprecated clients from wireguard server
...
I use nebula now for all that
2021-08-24 11:14:04 +01:00
edc5c325b7
Correctly check hostname against PVE hosts
...
Some of the hostnames have `-` in instead, which caused issues with the SSH config detecting which users to allow
2021-08-23 19:56:04 +01:00
ecb946bab4
Remove nginx version from headers
2021-08-23 16:12:34 +01:00
93cba46dd1
Redirect to HTTPS at the edge
2021-08-23 16:10:37 +01:00
a54d373526
Replace edge proxy with nginx
...
The config makes more sense, and it has more of the features I need, which will come later.
2021-08-22 22:35:09 +01:00
23fc7bbb12
Use slightly less memory for ZFS
2021-08-22 15:58:49 +01:00
1d5616a36f
Update roles so they support newer Debian versions
...
I'm monitoring the PRs, don't worry
2021-08-22 15:22:11 +01:00
8fabd11e31
Remove unnecessary pve role
...
no-subscription is handled by the nag removal role
2021-08-22 15:20:27 +01:00
f0a3585592
Use distribution name in repo URL
2021-08-22 14:44:34 +01:00
0874158a91
Update traefik to 2.5
2021-08-22 11:16:37 +01:00
c04e8b628a
Update synapse to 1.40.0
2021-08-22 11:16:19 +01:00
c99afdd446
Disable gzip on qbittorrent egress
...
It's mostly used over the internal network, so the additional gzip isn't going to gain anything when the disk is the bottleneck
2021-08-21 16:46:21 +01:00
55e3b81f06
Install release version of gitlab-dater onto GitLab server
...
Rather than than hacky development one I was using before
2021-08-10 22:51:12 +01:00
e421657619
Ensure restic gets the correct permissions when it's updated
...
Yes it's weird to modify the system package like this, but it's very handy.
See also https://restic.readthedocs.io/en/stable/080_examples.html#backing-up-your-system-without-running-restic-as-root
2021-08-10 08:45:59 +01:00
ab46c30df2
Start graphing some speeds
2021-08-07 10:59:42 +01:00
d0e472b51a
Update synapse to 1.39.0
2021-08-06 18:20:48 +01:00
11bf501d8a
Update nextcloud to 22.1.0
2021-08-06 18:20:38 +01:00
9755974647
Update vaultwarden to 1.22.2
2021-08-06 18:17:22 +01:00
f3bc72d2ba
Provision uptime-kuma
2021-07-31 16:43:12 +01:00
1399529a47
Move stray storage to tank
2021-07-17 20:32:26 +01:00
8f831c8191
Update synapse to 1.37.1
2021-07-11 20:20:56 +01:00
501fe81979
Update nextcloud to v22
2021-07-11 20:20:48 +01:00
3daf3ef8ed
Pin clickhouse to 21.6
...
21.7 doesn't work
2021-07-11 16:11:09 +01:00
b2d226300b
Update nextcloud to 21.0.3
2021-07-04 21:17:03 +01:00
19eb233ffa
Update vaultwarden to 1.22.1
2021-07-03 11:27:27 +01:00
797c44a27d
Use proxy protocol v2
...
Apparently it's better for chaining, and may be faster anyway
2021-07-01 22:28:25 +01:00
b6adc53746
Revert "Capture stderr in logs, too"
...
This reverts commit 8696f6d93f
2021-06-28 08:33:08 +01:00
41a8fe3b4d
Use logrotate for backrest logging rather than nuking immediately
...
Just in case something goes wrong with healthchecks
2021-06-27 10:58:01 +01:00
8696f6d93f
Capture stderr in logs, too
2021-06-27 10:53:13 +01:00
1c07534c40
Stop resetting dokku hostname to default
2021-06-26 21:27:39 +01:00
40e785de38
Add yet more metric sources
2021-06-26 12:52:55 +01:00
32f17908ad
Collect metrics on disk usage
2021-06-26 12:36:00 +01:00
77d2b82761
Add healthchecks for snapraid
2021-06-26 11:45:56 +01:00
18603d726e
Add username to proxmox-nag-removal role
...
Makes it obviously not one of mine
2021-06-25 22:47:21 +01:00
09a010f28e
Version snapraid config
...
Using fork of role at https://github.com/IronicBadger/ansible-role-snapraid/pull/7
2021-06-25 22:43:26 +01:00
b82e87c04b
Remove unnecessary which
...
`cron` doesn't need a full path
2021-06-25 20:57:19 +01:00
50c5ed68e3
Install some dokku plugins
2021-06-22 22:57:02 +01:00
83c84abc62
Use dokku role to install it
...
I also switched the host to debian, as the arch install didn't quite work.
2021-06-22 22:08:01 +01:00
9296c88ae4
Remove date from DB backups
2021-06-20 15:23:15 +01:00
bb5bbf16f5
Remove alpine special case
...
https://github.com/ansible-collections/community.general/pull/1722 has shipped.
2021-06-20 12:43:59 +01:00
8948437b66
Use official extension
2021-06-20 12:39:58 +01:00
e3502ae1e0
Provision dokku server
2021-06-20 12:12:34 +01:00
b20ffb27c4
Remove gotify
...
Never used it
2021-06-12 19:00:39 +01:00
4e5fa59c58
Add redis
...
This isn't really used as a cache, but it is for a couple bits, so nice to enable it anyway, and it might become so in future
2021-06-12 18:53:50 +01:00
290b147821
Thin out synapse config
...
Previously it was the vast majority of code in the whole repo. Now we only define the necessary keys, and rely much more on defaults, which is nice!
2021-06-12 18:49:29 +01:00
47e546d51a
Add synapse-admin
...
Useful to see what's going on on the server
2021-06-12 18:09:18 +01:00
3485f8e1f0
Actually version the ingress haproxy config
2021-06-12 17:32:47 +01:00
33fcf1a9e5
Fix matrix federation
...
Apparently this has been broken since like March...
It seems communication over port 8448 is required for server-to-server
comms, even if the client doesn't use it.
2021-06-12 17:32:47 +01:00
94e4592db6
Update synapse to 1.35.1
2021-06-12 16:46:16 +01:00
5d4817e840
Move some larger gitlab storage off tank
...
Means they'll be backed up less, but they're less important anyway
2021-06-07 20:24:59 +01:00
3c3f69a776
Remove unnecessary influxdb instance
...
Never used it anyway
2021-06-03 20:50:54 +01:00
d59e86a8e8
Remove unnecessary private_ip var from forrest
...
It was redundant
2021-06-03 20:47:33 +01:00
f1f2c620b0
Replace DHCP on PVE for static IPs
...
So much easier to deal with!
2021-06-03 20:47:08 +01:00
d751a023da
Promote GitLab to main git. domain
2021-06-02 19:49:28 +01:00
6c23180591
Remove gitea
...
I use GitLab now
2021-06-02 19:27:09 +01:00
9c2ebd60e8
Remove duplicati
...
We're a restic shop now!
2021-06-02 19:18:21 +01:00
51b3ffd33a
Allow containers to be cached on CI
...
There's an existing task to clean them up, and being out of date by a week isn't the end of the world
2021-06-01 21:51:18 +01:00
a867df04a5
Add a GitLab runner
...
Woo CI!
2021-06-01 19:29:21 +01:00
64ebaa67d0
Setup email for gitlab
...
Not super useful, but nice to enable it
2021-05-30 21:30:03 +01:00
e6d029e22e
Fix typo
...
D'oh!
2021-05-30 13:56:06 +01:00
bf5c95fbe2
Stop running everything at midnight
2021-05-30 13:55:44 +01:00
9a6eef0320
Use correct cidr for GitLab auth
2021-05-29 22:49:57 +01:00
d922bf30ef
Allow git user to authenticate over SSH
2021-05-29 22:01:28 +01:00
8610be3ac3
Rename host
...
"gitlab" sounds more like the hosted service, not mine
2021-05-29 22:01:01 +01:00
69abafd8c8
Put GitLab on a real domain
2021-05-29 16:21:47 +01:00
9118938fea
Remove some GitLab constraints
...
I don't need things that constrained. The defaults are probably fine, and better tested.
2021-05-29 15:44:01 +01:00
f063af2478
Reconfigure gitlab on machine start
2021-05-29 11:21:20 +01:00
c7bde8b3dd
Init a GitLab server
...
Some day i'll make up my mind on which server to use, honest!
2021-05-28 22:49:48 +01:00
5ac5e2f8ab
Stagger backup times
2021-05-23 20:37:41 +01:00
7063e55ea9
Increase line length
2021-05-22 20:28:36 +01:00
ee55100016
Update gitea
2021-05-21 21:57:16 +01:00
e6dbe08ce0
Update nextcloud
2021-05-21 21:48:15 +01:00
420ef3b95c
Update synapse
2021-05-21 21:47:32 +01:00
830bd862d9
Update nebula
2021-05-21 21:34:13 +01:00
48e07d2a7e
Rename more bitwarden things
...
Serving on both domains currently, i'll migrate clients and fix that
2021-05-18 22:18:05 +01:00
ae597a7359
Backup plain DB backups on walker
2021-05-16 15:36:56 +01:00
a124bff473
Add scheduling for backup and forgetting
...
Only forget on 1 machine
2021-05-16 15:34:37 +01:00
91725d5876
Add forget and prune commands
2021-05-16 14:39:44 +01:00
5f6dc6e177
Support backing up clickhouse to file
...
It's janky, but it works
2021-05-16 12:25:32 +01:00
b4936f5780
Revert "Store DB files compressed"
...
This reverts commit f4a289ae98
2021-05-16 11:16:25 +01:00
1431f7a30a
Add restic to walker
2021-05-09 14:26:21 +01:00
7fc67ca8d4
Put files in the root of the role
2021-05-08 16:47:25 +01:00
f4a289ae98
Store DB files compressed
...
Means external backups can still be compressed a bit
2021-05-08 16:45:08 +01:00
26cd35785c
Fix DB backup location
2021-05-08 16:45:08 +01:00
48c88347a9
Add some healthchecks integration to backup
2021-05-08 16:45:08 +01:00
781aa93892
Add some restic wrapper things
2021-05-08 16:45:08 +01:00
e7c2a7fb34
Provision a restic container
2021-05-07 19:38:11 +01:00
407e59ec5a
Use variables in prometheus config
...
Also replace grimes with walker
2021-05-05 18:12:42 +01:00
9b31efbf43
Destroy grimes
...
And the entire Linode integration
2021-05-05 18:11:14 +01:00
52429e0bc2
walker isn't a PVE VM
2021-05-04 20:41:19 +01:00
3da14e67dd
Replace minio with webdav for upload
...
Also made sure it all ran as the correct user
2021-05-04 14:08:08 +01:00
f62a1e8374
Replace minio with webdav
...
Much simpler and easier, and lower resources
2021-05-04 11:25:52 +01:00
ad415c2b53
Move website to walker
2021-05-02 17:24:10 +01:00
86482246b3
Move plausible to walker
2021-05-02 16:07:25 +01:00
