Compare commits
29 Commits
445ae92a37
...
049fc28cc6
Author | SHA1 | Date |
---|---|---|
Renovate | 049fc28cc6 | |
Jake Howard | c93c7b5c16 | |
Jake Howard | 2a799d6b03 | |
Jake Howard | afa926c767 | |
Jake Howard | 5481554e15 | |
Jake Howard | e2a94b6302 | |
Renovate | 6c8cab3ce7 | |
Jake Howard | 670ad78d44 | |
Jake Howard | 8929a22ce5 | |
Jake Howard | ee96e6ab08 | |
Jake Howard | ffbba254fb | |
Jake Howard | c472411801 | |
Jake Howard | 7564911da3 | |
Jake Howard | 7ff44ee238 | |
Jake Howard | 7c8d224c4a | |
Renovate | 7bc0ebeb26 | |
Jake Howard | 33f9c544fd | |
Jake Howard | b6583cc823 | |
Jake Howard | 9c02017fed | |
Renovate | 91ec56717f | |
Renovate | 3318656730 | |
Renovate | 9d98d88089 | |
Renovate | c882e246ab | |
Renovate | 67af033fcd | |
Renovate | cee3679504 | |
Renovate | 5330fdc56f | |
Renovate | 2e0b562f5d | |
Renovate | 989a804bad | |
Jake Howard | 8424b3211b |
|
@ -10,15 +10,15 @@ roles:
|
|||
- src: geerlingguy.docker
|
||||
version: 6.2.0
|
||||
- src: geerlingguy.ntp
|
||||
version: 2.3.3
|
||||
version: 2.4.0
|
||||
- src: realorangeone.reflector
|
||||
- src: ironicbadger.proxmox_nag_removal
|
||||
version: 1.0.2
|
||||
- src: ironicbadger.snapraid
|
||||
version: 1.0.0
|
||||
- src: dokku_bot.ansible_dokku
|
||||
version: v2022.10.17
|
||||
version: v2024.4.11
|
||||
- src: geerlingguy.certbot
|
||||
version: 5.1.0
|
||||
- src: artis3n.tailscale
|
||||
version: v4.4.2
|
||||
version: v4.4.4
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
pve_hosts:
|
||||
internal_cidr: 10.23.1.0/24
|
||||
internal_cidr_ipv6: fde3:15e9:e883::1/48
|
||||
pve:
|
||||
ip: 10.23.1.1
|
||||
external_ip: 192.168.2.200
|
||||
|
@ -7,17 +8,19 @@ pve_hosts:
|
|||
ip: 10.23.1.11
|
||||
forrest:
|
||||
ip: 10.23.1.13
|
||||
ipv6: fde3:15e9:e883::103
|
||||
jellyfin:
|
||||
ip: 10.23.1.101
|
||||
dokku:
|
||||
ip: 10.23.1.102
|
||||
docker:
|
||||
ip: 10.23.1.103
|
||||
ipv6: fde3:15e9:e883::203
|
||||
ingress:
|
||||
ip: 10.23.1.10
|
||||
external_ip: 192.168.2.201
|
||||
external_ipv6: "{{ vault_ingress_ipv6 }}"
|
||||
link_local: fe80::d4e4:22ff:fe8b:429d
|
||||
ipv6: fde3:15e9:e883::100
|
||||
homeassistant:
|
||||
ip: 192.168.2.203
|
||||
qbittorrent:
|
||||
|
|
|
@ -4,6 +4,7 @@ traefik_provider_jellyfin: true
|
|||
traefik_provider_homeassistant: true
|
||||
traefik_provider_grafana: true
|
||||
traefik_provider_dokku: true
|
||||
traefik_provider_uptime_kuma: true
|
||||
|
||||
with_fail2ban: true
|
||||
|
||||
|
|
|
@ -17,6 +17,7 @@
|
|||
- fail2ban_ssh
|
||||
- restic
|
||||
- artis3n.tailscale
|
||||
- glinet_vpn
|
||||
|
||||
- hosts:
|
||||
- pve
|
||||
|
@ -43,6 +44,7 @@
|
|||
become: true
|
||||
vars:
|
||||
docker_install_compose_plugin: "{{ ansible_os_family == 'Debian' }}"
|
||||
docker_install_compose: "{{ ansible_os_family == 'Debian' }}"
|
||||
docker_users:
|
||||
- "{{ me.user }}"
|
||||
- docker_cleanup
|
||||
|
@ -95,7 +97,8 @@
|
|||
|
||||
- hosts: forrest
|
||||
roles:
|
||||
- forrest
|
||||
- prometheus
|
||||
- uptime_kuma
|
||||
- pve_nebula_route
|
||||
- pve_tailscale_route
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@ x-env: &env
|
|||
|
||||
services:
|
||||
server:
|
||||
image: ghcr.io/goauthentik/server:2023.10
|
||||
image: ghcr.io/goauthentik/server:2024.2
|
||||
restart: unless-stopped
|
||||
command: server
|
||||
user: "{{ docker_user.id }}"
|
||||
|
@ -44,7 +44,7 @@ services:
|
|||
- traefik
|
||||
|
||||
worker:
|
||||
image: ghcr.io/goauthentik/server:2023.10
|
||||
image: ghcr.io/goauthentik/server:2024.2
|
||||
restart: unless-stopped
|
||||
command: worker
|
||||
user: "{{ docker_user.id }}"
|
||||
|
|
|
@ -4,4 +4,4 @@ bantime = 600
|
|||
findtime = 30
|
||||
maxretry = 5
|
||||
port = {{ ssh_port }},ssh
|
||||
ignoreip = {{ wireguard.cidr }},{{ nebula.cidr }},{{ pve_hosts.internal_cidr }},{{ tailscale_cidr }}
|
||||
ignoreip = {{ wireguard.cidr }},{{ nebula.cidr }},{{ pve_hosts.internal_cidr }},{{ pve_hosts.internal_cidr_ipv6 }},{{ tailscale_cidr }}
|
||||
|
|
|
@ -13,7 +13,7 @@ services:
|
|||
- docker_proxy
|
||||
|
||||
docker_proxy:
|
||||
image: tecnativa/docker-socket-proxy:latest
|
||||
image: lscr.io/linuxserver/socket-proxy:latest
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- POST=1
|
||||
|
|
|
@ -1,52 +0,0 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
36623535313964653161353330663436356239613837653837393939373034353031646535333535
|
||||
6439313832316239616233306632373934616134616466380a316361363263373938636161666535
|
||||
31613461333637373732626233623434316335353964353433643635653566613933393361336139
|
||||
3864373963396264320a376634346331373762313733323961386566646338633936303631303566
|
||||
66616534326430653266396635353932623661363533356537636662636537656434363562646230
|
||||
30613831336561376639393466373739373138313931333163353061633465623362666564313631
|
||||
66623235353531613737643937613430323934376433393836346339626137616561313062663234
|
||||
63363736326439623661376132613136383465393761653236663631613339653066356436653630
|
||||
66623865303735616335373231643233386639323838353534613337316161633765396234366533
|
||||
33616631663530643764373937346262633734366339303837393737666665363465333239343933
|
||||
35613962396534336232623833303034643639323931633966396439383463396261313862626335
|
||||
31323434613838353961336136613966636635646632393839663664376632373834313265643338
|
||||
30663132633362323831313231333164643665386535323231646262656631383631393539616639
|
||||
34343563353064303833383236626136666264316236316537333965313162616637323966363335
|
||||
32353936663162316564306337353861396634353935353935306135343665316262643831396537
|
||||
61393266383538666563363261646534636632303332343662636631316663343930303766623638
|
||||
35376565343638316339623061396536643636313966383633346231633631353032356661386132
|
||||
66623439336338616666626431303635373833666137326234653161336434346133636261363662
|
||||
39313732303736386137656664303365363234336265643064306562643435633838373864353862
|
||||
33366635333630373162656630666232333563623066333461653963363961623435646631373561
|
||||
64643738346138366566303233326663383835386132663034313461383161616164636332396332
|
||||
37663131386135393833373461663432666264363065666630646164633134303439663435616235
|
||||
35656234313761376532306264393637653433623863383830323935316332383338623134323366
|
||||
31336665386137323132363962363335623635336131373930353635353663333366363266303138
|
||||
35626262613261636561373730626635303836623561643436646430653365663432323938393863
|
||||
63633331663462323163646237386262376337313330323036613434383165616530643362616131
|
||||
63616562353964316634646434653138333266646633616631653663663838306163616633643234
|
||||
61333230373237613436343662363434303766383336376232353066313231666330613761643366
|
||||
36326638326439653966643430313366376661633636366565393461623438323366373333663633
|
||||
61633763623631333665363333646433656166633364303836623566333336343761613435353138
|
||||
37366165613263653564386334303030623333646164303662363065333831376334656537613130
|
||||
33373864663237383064653461616165653834393063663332643235316139333539623463343161
|
||||
38636564626466633631393938653066373764663935353763626133623762306164383831663061
|
||||
34333065326666373337663931313763383739383763333235333939376133363236643136346233
|
||||
62643833376631643036613963643939333133343036613332313866373032646332363231313139
|
||||
61373365653665343066636162356336373833393363373866343436323639623435383831363335
|
||||
30333033326638363930613030356664333233633339666366643062353634333161343838666231
|
||||
32346332663538653937623136653438636463323463376263303962353562313833373937303066
|
||||
65303037323030653434313164393766633134306435633263363335636561356264376665363639
|
||||
35613731373437386566663266656266343639326334303239613862353963323436633836383766
|
||||
35323930633039396535616265643234303639393035363865643236623838333337626135343665
|
||||
36373038666332376663333565623362303631663830336131343438353764653831633433363436
|
||||
36333839303433623966363561313564303037393165383732323763353232653564346138666438
|
||||
30653836626139356133346538616135313034633966373036303461393562363336386633626365
|
||||
33393565643730383634346238356462313435366538636234656237613864656165656439363061
|
||||
32626235323362333239373631383830653035383164646364343461376562636564343063353139
|
||||
61306535333466653937303635353962376162376431336563316130343530636431623537633332
|
||||
65373333376338353930316561636530343062653964323463653632653332376432343237656465
|
||||
63333437613064313438353134333566303033313339323162643061363836643931343135396130
|
||||
32623435653533326563616263323938343332306362383034663139653965626231336637383939
|
||||
313534343431303739396263303737303365
|
|
@ -6,9 +6,9 @@ maxretry = 100
|
|||
filter = nginx-tcp
|
||||
logpath = /var/log/nginx/ips.log
|
||||
port = http,https,8448
|
||||
ignoreip = {{ wireguard.cidr }},{{ nebula.cidr }},{{ pve_hosts.internal_cidr }},{{ vps_hosts.values()|sort|join(",") }},{{ tailscale_cidr }}
|
||||
ignoreip = {{ wireguard.cidr }},{{ nebula.cidr }},{{ pve_hosts.internal_cidr }},{{ pve_hosts.internal_cidr_ipv6 }},{{ vps_hosts.values()|sort|join(",") }},{{ tailscale_cidr }}
|
||||
|
||||
[traefik]
|
||||
enabled = true
|
||||
port = http,https,8448
|
||||
ignoreip = {{ wireguard.cidr }},{{ nebula.cidr }},{{ pve_hosts.internal_cidr }},{{ vps_hosts.values()|sort|join(",") }},{{ tailscale_cidr }}
|
||||
ignoreip = {{ wireguard.cidr }},{{ nebula.cidr }},{{ pve_hosts.internal_cidr }},{{ pve_hosts.internal_cidr_ipv6 }},{{ vps_hosts.values()|sort|join(",") }},{{ tailscale_cidr }}
|
||||
|
|
|
@ -0,0 +1,10 @@
|
|||
[Interface]
|
||||
Address = {{ client_cidr }}
|
||||
PrivateKey = {{ client_private_key }}
|
||||
|
||||
[Peer]
|
||||
PublicKey = {{ server_public_key }}
|
||||
Endpoint = {{ server_public_ip }}:53
|
||||
AllowedIPs = 0.0.0.0/0 ::/0
|
||||
|
||||
PersistentKeepalive = 25
|
|
@ -0,0 +1,14 @@
|
|||
[Interface]
|
||||
Address = {{ server_ip }}
|
||||
PrivateKey = {{ server_private_key }}
|
||||
ListenPort = 53
|
||||
|
||||
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
||||
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
|
||||
|
||||
PostUp = ip6tables -A FORWARD -i %i -j ACCEPT; ip6tables -A FORWARD -o %i -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
||||
PostDown = ip6tables -D FORWARD -i %i -j ACCEPT; ip6tables -D FORWARD -o %i -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
|
||||
|
||||
[Peer]
|
||||
PublicKey = {{ client_public_key }}
|
||||
AllowedIPs = {{ client_cidr }}
|
|
@ -0,0 +1,5 @@
|
|||
- name: restart wireguard
|
||||
service:
|
||||
name: wg-quick@glinet
|
||||
state: restarted
|
||||
become: true
|
|
@ -0,0 +1,34 @@
|
|||
- name: Include vault
|
||||
include_vars: vault.yml
|
||||
|
||||
- name: Install wireguard tools
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
become: true
|
||||
loop:
|
||||
- wireguard-tools
|
||||
- qrencode
|
||||
|
||||
- name: Wireguard server config
|
||||
template:
|
||||
src: files/server.conf
|
||||
dest: /etc/wireguard/glinet.conf
|
||||
mode: "0600"
|
||||
backup: true
|
||||
become: true
|
||||
notify: restart wireguard
|
||||
|
||||
- name: Wireguard client config
|
||||
template:
|
||||
src: files/client.conf
|
||||
dest: "{{ me.home }}/glinet-vpn.conf"
|
||||
mode: "0600"
|
||||
owner: "{{ me.user }}"
|
||||
become: true
|
||||
notify: restart wireguard
|
||||
|
||||
- name: Enable wireguard
|
||||
service:
|
||||
name: wg-quick@glinet
|
||||
enabled: true
|
||||
become: true
|
|
@ -0,0 +1,8 @@
|
|||
client_public_key: "{{ vault_client_public_key }}"
|
||||
client_private_key: "{{ vault_client_private_key }}"
|
||||
client_cidr: 10.23.4.2/24
|
||||
|
||||
server_public_key: "{{ vault_server_public_key }}"
|
||||
server_private_key: "{{ vault_server_private_key }}"
|
||||
server_public_ip: "{{ ansible_default_ipv4.address }}"
|
||||
server_ip: 10.23.4.1
|
|
@ -0,0 +1,19 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
35366163656631633636333937333238346539653236323463316333356637623263326436623130
|
||||
3333616234643935306337386165623734333265663237610a326538636532643835373137316333
|
||||
30363133343035353235616639613637353435303863393130396261623063633836383430326530
|
||||
3634313639353264310a393266313230646132656561393737363834646566313765633235343139
|
||||
36303834353039303134393061386634373735316135656564386464363863376265633239313037
|
||||
62616535313239353233376163343437303933346264323266386533336138656135663664356164
|
||||
65643262303436343164613133333361393438616234616566336131636461383538326130623264
|
||||
62313134386430636665646539306661383039323339373838346164653836326536386332616634
|
||||
34313331623166356137363131356130623863313339663938386138643538323666616239656662
|
||||
36313534323237306631663931633830346565616139313864333762356330643131343630653535
|
||||
62323939376163363436336633386433323435316535623462353138386430333332653966383262
|
||||
33636534346466326631333362343638616332633163623533613364326665376565643739666261
|
||||
34646533613133313034366636623134613336623134356562393335313337336336623634336633
|
||||
66623365353866396564386536386330353537383866616665373762306530356333643265326537
|
||||
38353138626331623433643636623130613766616638343034633536306232316133303133356463
|
||||
36616665643264396137336234316466306238303461363531653461623834376361653334326235
|
||||
31366530636565383062313562663639393534373737363465656538393266363936333136636161
|
||||
3239303565613865633433313237393932306632633633373261
|
|
@ -0,0 +1,13 @@
|
|||
{
|
||||
"tagOwners": {
|
||||
"tag:client": []
|
||||
|
||||
},
|
||||
"acls": [
|
||||
{
|
||||
"action": "accept",
|
||||
"src": ["tag:client"],
|
||||
"dst": ["*:*"]
|
||||
}
|
||||
]
|
||||
}
|
|
@ -188,7 +188,7 @@ log:
|
|||
# Path to a file containg ACL policies.
|
||||
# ACLs can be defined as YAML or HUJSON.
|
||||
# https://tailscale.com/kb/1018/acls/
|
||||
acl_policy_path: ""
|
||||
acl_policy_path: /etc/headscale/acls.json
|
||||
|
||||
## DNS
|
||||
#
|
||||
|
|
|
@ -11,7 +11,16 @@
|
|||
src: files/headscale.yml
|
||||
dest: /etc/headscale/config.yaml
|
||||
owner: headscale
|
||||
mode: "0644"
|
||||
mode: "0600"
|
||||
notify: restart headscale
|
||||
become: true
|
||||
|
||||
- name: Install ACLs
|
||||
template:
|
||||
src: files/acls.json
|
||||
dest: /etc/headscale/acls.json
|
||||
owner: headscale
|
||||
mode: "0600"
|
||||
notify: restart headscale
|
||||
become: true
|
||||
|
||||
|
|
|
@ -30,7 +30,7 @@ table inet filter {
|
|||
|
||||
# NAT - because the proxmox machines may not have routes back
|
||||
ip saddr {{ nebula.cidr }} ip daddr {{ pve_hosts.internal_cidr }} counter masquerade
|
||||
ip saddr {{ tailscale_cidr }} ip daddr {{ pve_hosts.internal_cidr }} counter masquerade
|
||||
ip saddr {{ tailscale_cidr }} counter masquerade
|
||||
}
|
||||
|
||||
chain FORWARD {
|
||||
|
@ -44,8 +44,9 @@ table inet filter {
|
|||
# Allow monitoring of nebula network
|
||||
ip saddr {{ pve_hosts.forrest.ip }}/32 ip daddr {{ nebula.cidr }} accept
|
||||
|
||||
# Allow traffic from Tailscale to proxmox network
|
||||
ip saddr {{ tailscale_cidr }} ip daddr {{ pve_hosts.internal_cidr }} accept
|
||||
ip saddr {{ pve_hosts.internal_cidr }} ip daddr {{ tailscale_cidr }} ct state related,established accept
|
||||
# Allow Tailscale exit node
|
||||
ip saddr {{ tailscale_cidr }} ip daddr 192.168.0.0/16 drop
|
||||
ip saddr {{ tailscale_cidr }} accept
|
||||
ip daddr {{ tailscale_cidr }} ct state related,established accept
|
||||
}
|
||||
}
|
||||
|
|
|
@ -30,7 +30,7 @@ services:
|
|||
- SMTP_HOST_SSL_ENABLED=true
|
||||
|
||||
clickhouse:
|
||||
image: clickhouse/clickhouse-server:24.3-alpine
|
||||
image: clickhouse/clickhouse-server:24.4-alpine
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- ./clickhouse:/var/lib/clickhouse
|
||||
|
|
|
@ -2,8 +2,6 @@ modules:
|
|||
http:
|
||||
prober: http
|
||||
timeout: 10s
|
||||
http:
|
||||
preferred_ip_protocol: ip4 # Docker network is v4 only
|
||||
|
||||
https_redir:
|
||||
prober: http
|
||||
|
@ -16,7 +14,6 @@ modules:
|
|||
fail_if_header_not_matches:
|
||||
- header: Location
|
||||
regexp: ^https
|
||||
preferred_ip_protocol: ip4 # Docker network is v4 only
|
||||
|
||||
icmp:
|
||||
prober: icmp
|
|
@ -1,12 +1,5 @@
|
|||
version: "2.3"
|
||||
|
||||
x-blackbox: &blackbox
|
||||
image: prom/blackbox-exporter:latest
|
||||
restart: unless-stopped
|
||||
user: "{{ docker_user.id }}"
|
||||
volumes:
|
||||
- ./blackbox.yml:/etc/blackbox_exporter/config.yml:ro
|
||||
|
||||
services:
|
||||
prometheus:
|
||||
image: prom/prometheus:latest
|
||||
|
@ -23,14 +16,11 @@ services:
|
|||
- "{{ pve_hosts.forrest.ip }}:9090:9090"
|
||||
|
||||
blackbox:
|
||||
<<: *blackbox
|
||||
|
||||
blackbox-external:
|
||||
<<: *blackbox
|
||||
# Don't use my internal DNS servers
|
||||
dns:
|
||||
- 9.9.9.9
|
||||
- 149.112.112.112
|
||||
image: prom/blackbox-exporter:latest
|
||||
restart: unless-stopped
|
||||
user: "{{ docker_user.id }}"
|
||||
volumes:
|
||||
- ./blackbox.yml:/etc/blackbox_exporter/config.yml:ro
|
||||
|
||||
alertmanager:
|
||||
image: prom/alertmanager:latest
|
||||
|
@ -56,3 +46,5 @@ services:
|
|||
networks:
|
||||
grafana:
|
||||
external: true
|
||||
default:
|
||||
enable_ipv6: true
|
|
@ -41,48 +41,6 @@ scrape_configs:
|
|||
static_configs:
|
||||
- targets: ["{{ pve_hosts.homeassistant.ip }}:8123"]
|
||||
|
||||
- job_name: blackbox_http_external
|
||||
scrape_interval: 1m
|
||||
metrics_path: /probe
|
||||
params:
|
||||
module: [http]
|
||||
static_configs:
|
||||
- targets:
|
||||
- https://0rng.one
|
||||
- https://auth.jakehoward.tech/-/health/ready/
|
||||
- https://bin.theorangeone.net
|
||||
- https://git.theorangeone.net/api/healthz
|
||||
- https://grafana.jakehoward.tech/api/health
|
||||
- https://headscale.jakehoward.tech/health
|
||||
- https://homeassistant.jakehoward.tech
|
||||
- https://intersect.jakehoward.tech
|
||||
- https://mastodon.theorangeone.net/health
|
||||
- https://matrix.jakehoward.tech:8448/_matrix/federation/v1/version
|
||||
- https://matrix.jakehoward.tech/_matrix/federation/v1/version
|
||||
- https://media.jakehoward.tech
|
||||
- https://minio.jakehoward.tech/minio/health/live
|
||||
- https://notes.theorangeone.net
|
||||
- https://ntfy.jakehoward.tech/v1/health
|
||||
- https://plausible.theorangeone.net
|
||||
- https://recipes.jakehoward.tech
|
||||
- https://s3.jakehoward.tech/minio/health/live
|
||||
- https://tasks.jakehoward.tech/health
|
||||
- https://theorangeone.net
|
||||
- https://tt-rss.jakehoward.tech
|
||||
- https://vaultwarden.jakehoward.tech/alive
|
||||
- https://whoami-cdn.theorangeone.net
|
||||
- https://whoami.theorangeone.net
|
||||
relabel_configs:
|
||||
- source_labels: [__address__]
|
||||
target_label: __param_target
|
||||
- source_labels: [__param_target]
|
||||
target_label: instance
|
||||
- target_label: __address__
|
||||
replacement: blackbox-external:9115
|
||||
- source_labels: [instance]
|
||||
regex: https?://([^/]+)/?.*
|
||||
target_label: hostname
|
||||
|
||||
- job_name: blackbox_icmp
|
||||
scrape_interval: 10m
|
||||
metrics_path: /probe
|
||||
|
@ -115,7 +73,7 @@ scrape_configs:
|
|||
- source_labels: [__param_target]
|
||||
target_label: instance
|
||||
- target_label: __address__
|
||||
replacement: blackbox-external:9115
|
||||
replacement: blackbox:9115
|
||||
|
||||
- job_name: blackbox_healthcheck
|
||||
scrape_interval: 10m
|
||||
|
@ -167,3 +125,19 @@ scrape_configs:
|
|||
- source_labels: [__name__]
|
||||
regex: go_.+
|
||||
action: drop
|
||||
|
||||
- job_name: uptime_kuma
|
||||
basic_auth:
|
||||
username: ""
|
||||
password: "{{ vault_uptime_kuma_token }}"
|
||||
metrics_path: /metrics
|
||||
static_configs:
|
||||
- targets:
|
||||
- uptime.jakehoward.tech
|
||||
metric_relabel_configs:
|
||||
- source_labels: [__name__]
|
||||
regex: nodejs_.+
|
||||
action: drop
|
||||
- source_labels: [__name__]
|
||||
regex: process_.+
|
||||
action: drop
|
|
@ -28,7 +28,7 @@
|
|||
- add
|
||||
- "{{ vps_hosts.private_ipv6_range }}"
|
||||
- via
|
||||
- "{{ pve_hosts.ingress.link_local }}"
|
||||
- "{{ pve_hosts.ingress.ipv6 }}"
|
||||
- dev
|
||||
- eth0
|
||||
become: true
|
|
@ -0,0 +1,55 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
33643431356363646630383866316263343363653765613339633264643432646531623637643938
|
||||
6536623536306263633239616234646636383635623532620a613333623433333566353135393233
|
||||
62343564363234626563353031656430633335376464303633376336636132383936343265303665
|
||||
3234636332313763340a326632303834633338333866313831616533393061336137613036393235
|
||||
62343864316530646639363161626463643435353864373332323330623337666234386463626266
|
||||
66353137303466353234373332666638303862393135666664616565666534633133376166646234
|
||||
38643631366131396231343964656262636466653731333839643739313237383765646437353862
|
||||
62323032313738636266616366333034363037343232373063363934306339663165346366396165
|
||||
61303436393231393533653535383534386432383736613034313333336236643938393661323435
|
||||
37326536643366323862633962316366316233643962303961613038316330643662636262316238
|
||||
34666463353662663231373061643438386664373863666463653332326238616264393736326336
|
||||
33646166356437653833343234653032636239386339383638333339346264646634613234663832
|
||||
38636631386336633465623966653630353734316566626666376566376436373936636338373131
|
||||
65646562356238396161323266316331623531353061346666633531663362646238653662393765
|
||||
38636136386534366434333431626430303962366637316562383439653666306630656137633664
|
||||
61326635643336623139306331323538366536613266613834326435656336623630326266643935
|
||||
36356538343765616235353932613932333934623465633238353733633332353736326137653063
|
||||
35666330653239306230323063383234373335366466626234336536366466626266376466346239
|
||||
34623133643962656236666563663161623361383032336138626334653961353030666237396331
|
||||
33613631346433376462356333623333643537656433643331353938303263656563633234376366
|
||||
65653237366333323737323438613335333537343139653632323032313964313030663136313734
|
||||
35353237316133306664636138376664343638356530336137323665626665336136343235373234
|
||||
64353161393735356562396533396462356162333937616339336466616232666565613037626235
|
||||
32313232646237663837353934323365333961306266663033353861346662383235386339313465
|
||||
65623138376264343462636130303231626663313565343961616438356236373833363038626463
|
||||
61333532313938636237613839643230646337323035336231383032323235633731343066663133
|
||||
63653036383736623733653438333039393565643334396265616134353163646161396564633561
|
||||
35663832373466316439646238356566333733343237343564326437356335316161633739343930
|
||||
66666563623038386632363036646230333233303439616165303162636364386662633039316237
|
||||
35633437643231336533626461656564303663633461643236626134643430656464346237356363
|
||||
32346531386439613830343532636164396432626264623134666637653665343866643139326339
|
||||
30346165663666313436393466353463303139393465373433663336313366643435363163316539
|
||||
30353836383432343164633563643131396438353838313138623531643533306138323765613335
|
||||
39373533393166643236376462613439653466383966376161316538636635383035333663643333
|
||||
61393036356330653663376635643539366139313132383665383932656131346364666532383433
|
||||
61626665396531316665396663653763333164623631376636386234633636373636323233336263
|
||||
38333965346563363030396330303063313563643665353064356462666339396330396333363335
|
||||
61633131383562303137386265313330336137353730626563653666316531363661613865326566
|
||||
64613333633966333064383762306634323335353638646130366534386636363332373266393839
|
||||
66636532303563393563633762366665616631656639643763366331336237663532303631313836
|
||||
30373966616334633562353030373462373131666439666662393536323066643264616565306537
|
||||
36396439363636613636386662623337643631646461653965663239313363636362333931656364
|
||||
36653663663534623638356636653534393239336663353530346662396634383430333133313739
|
||||
36333265653866306464646361323163363134643732303337333137653434643432643034366661
|
||||
38656631366132613863626363613334656462363834323162383634616532633861663232326362
|
||||
61373765306231626137363934643761316338363431626666363437373061366439306361396366
|
||||
62383239316330636534303063333937336136346161633061656439353932373930633766383463
|
||||
38353538353737613434316563386533373663613434653761356238633438383532316639343431
|
||||
32353161633036333730386164393166633762386637653736616262383064333864363136353534
|
||||
66643362313539333030663331313165353936663861616336306636633035323230653039313363
|
||||
37393137636431313164346561353334613331663361383835643732663139373162363636316365
|
||||
64376366643537643531333462346166653432313331316366396530633035616337396461393863
|
||||
62343465316235663366616637393734343638626230623932663666323961643633383462646334
|
||||
3034366430643531366664326330323639306631656462646238
|
|
@ -19,7 +19,7 @@ $CONFIG = array (
|
|||
0 => 'intersect.jakehoward.tech',
|
||||
),
|
||||
'dbtype' => 'mysql',
|
||||
'version' => '28.0.2.5',
|
||||
'version' => '28.0.4.1',
|
||||
'overwrite.cli.url' => 'https://intersect.jakehoward.tech',
|
||||
'dbname' => 'nextcloud',
|
||||
'dbhost' => 'mariadb',
|
||||
|
|
|
@ -2,7 +2,7 @@ version: "2.3"
|
|||
|
||||
services:
|
||||
nextcloud:
|
||||
image: lscr.io/linuxserver/nextcloud:28.0.2
|
||||
image: lscr.io/linuxserver/nextcloud:28.0.4
|
||||
environment:
|
||||
- PUID={{ docker_user.id }}
|
||||
- PGID={{ docker_user.id }}
|
||||
|
|
|
@ -3,7 +3,7 @@ version: "2.3"
|
|||
services:
|
||||
|
||||
synapse:
|
||||
image: matrixdotorg/synapse:v1.101.0
|
||||
image: matrixdotorg/synapse:v1.104.0
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- SYNAPSE_CONFIG_PATH=/etc/homeserver.yaml
|
||||
|
|
|
@ -7,7 +7,7 @@ x-app: &app
|
|||
- TTRSS_DB_USER=tt-rss
|
||||
- TTRSS_DB_NAME=tt-rss
|
||||
- TTRSS_DB_PASS=tt-rss
|
||||
- TTRSS_SELF_URL_PATH=https://tt-rss.jakehoward.tech/tt-rss/
|
||||
- TTRSS_SELF_URL_PATH=https://tt-rss.jakehoward.tech
|
||||
- TTRSS_ENABLE_REGISTRATION=false
|
||||
- TTRSS_CHECK_FOR_UPDATES=false
|
||||
- TTRSS_ENABLE_GZIP_OUTPUT=true
|
||||
|
@ -16,6 +16,8 @@ x-app: &app
|
|||
- OWNER_GID={{ docker_user.id }}
|
||||
- PHP_WORKER_MAX_CHILDREN=50
|
||||
- PHP_WORKER_MEMORY_LIMIT=512M
|
||||
- APP_WEB_ROOT=/var/www/html/tt-rss
|
||||
- APP_BASE=
|
||||
volumes:
|
||||
- ./tt-rss:/var/www/html
|
||||
- "{{ app_data_dir }}/tt-rss/feed-icons:/var/www/html/tt-rss/feed-icons"
|
||||
|
|
|
@ -2,7 +2,7 @@ version: "2.3"
|
|||
|
||||
services:
|
||||
wallabag:
|
||||
image: wallabag/wallabag:2.6.8
|
||||
image: wallabag/wallabag:2.6.9
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- SYMFONY__ENV__SECRET={{ wallabag_secret }}
|
||||
|
|
|
@ -25,7 +25,7 @@ services:
|
|||
- ./redis:/data
|
||||
|
||||
docker_proxy:
|
||||
image: tecnativa/docker-socket-proxy:latest
|
||||
image: lscr.io/linuxserver/socket-proxy:latest
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- POST=1
|
||||
|
|
|
@ -2,7 +2,7 @@ version: "2.3"
|
|||
|
||||
services:
|
||||
tandoor:
|
||||
image: vabene1111/recipes:1.5.13
|
||||
image: vabene1111/recipes:latest
|
||||
environment:
|
||||
- TIMEZONE={{ timezone }}
|
||||
- DEBUG=0
|
||||
|
|
|
@ -2,5 +2,6 @@ traefik_provider_jellyfin: false
|
|||
traefik_provider_homeassistant: false
|
||||
traefik_provider_grafana: false
|
||||
traefik_provider_dokku: false
|
||||
traefik_provider_uptime_kuma: false
|
||||
|
||||
with_fail2ban: false
|
||||
|
|
|
@ -2,7 +2,7 @@ version: "2.3"
|
|||
|
||||
services:
|
||||
traefik:
|
||||
image: traefik:v2.10
|
||||
image: traefik:v2.11
|
||||
user: "{{ docker_user.id }}"
|
||||
environment:
|
||||
- CF_DNS_API_TOKEN={{ vault_cloudflare_api_token }}
|
||||
|
@ -23,7 +23,7 @@ services:
|
|||
- proxy_private
|
||||
|
||||
docker_proxy:
|
||||
image: tecnativa/docker-socket-proxy:latest
|
||||
image: lscr.io/linuxserver/socket-proxy:latest
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
|
|
|
@ -6,5 +6,5 @@ maxretry = 5
|
|||
filter = traefik
|
||||
logpath = /tmp/traefik-logs/access.log
|
||||
port = http,https
|
||||
ignoreip = {{ wireguard.cidr }},{{ nebula.cidr }},{{ pve_hosts.internal_cidr }},{{ vps_hosts.values()|sort|join(",") }},{{ tailscale_cidr }}
|
||||
ignoreip = {{ wireguard.cidr }},{{ nebula.cidr }},{{ pve_hosts.internal_cidr }},{{ pve_hosts.internal_cidr_ipv6 }},{{ vps_hosts.values()|sort|join(",") }},{{ tailscale_cidr }}
|
||||
action = gateway
|
||||
|
|
|
@ -15,6 +15,7 @@ http:
|
|||
- "{{ tailscale_cidr }}"
|
||||
- "{{ tailscale_cidr_ipv6 }}"
|
||||
- "{{ pve_hosts.forrest.ip }}"
|
||||
- "{{ pve_hosts.forrest.ipv6 }}"
|
||||
|
||||
private-access:
|
||||
ipWhiteList:
|
||||
|
@ -23,3 +24,4 @@ http:
|
|||
- "{{ tailscale_cidr_ipv6 }}"
|
||||
- "{{ nebula.cidr }}"
|
||||
- "{{ pve_hosts.internal_cidr }}"
|
||||
- "{{ pve_hosts.internal_cidr_ipv6 }}"
|
||||
|
|
|
@ -0,0 +1,10 @@
|
|||
http:
|
||||
routers:
|
||||
router-uptime-kuma:
|
||||
rule: Host(`uptime.jakehoward.tech`)
|
||||
service: service-uptime-kuma
|
||||
services:
|
||||
service-uptime-kuma:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: http://{{ pve_hosts.forrest.ip }}:3001
|
|
@ -101,6 +101,16 @@
|
|||
when: traefik_provider_dokku
|
||||
become: true
|
||||
|
||||
- name: Install dokku provider
|
||||
template:
|
||||
src: files/file-provider-uptime-kuma.yml
|
||||
dest: /opt/traefik/traefik/conf/uptime-kuma.yml
|
||||
mode: "{{ docker_compose_file_mask }}"
|
||||
owner: "{{ docker_user.name }}"
|
||||
notify: restart traefik
|
||||
when: traefik_provider_uptime_kuma
|
||||
become: true
|
||||
|
||||
- name: logrotate config
|
||||
template:
|
||||
src: files/logrotate.conf
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
version: "2.3"
|
||||
|
||||
services:
|
||||
uptime-kuma:
|
||||
image: louislam/uptime-kuma:1.23.13-alpine
|
||||
environment:
|
||||
- TZ={{ timezone }}
|
||||
- PUID={{ docker_user.id }}
|
||||
- PGID={{ docker_user.id }}
|
||||
dns:
|
||||
- 9.9.9.9
|
||||
- 149.112.112.112
|
||||
ports:
|
||||
- "{{ pve_hosts.forrest.ip }}:3001:3001"
|
||||
volumes:
|
||||
- "{{ app_data_dir }}/uptime-kuma:/app/data"
|
||||
restart: unless-stopped
|
||||
|
||||
networks:
|
||||
default:
|
||||
enable_ipv6: true
|
|
@ -0,0 +1,4 @@
|
|||
- name: restart uptime-kuma
|
||||
shell:
|
||||
chdir: /opt/uptime-kuma
|
||||
cmd: "{{ docker_update_command }}"
|
|
@ -0,0 +1,17 @@
|
|||
- name: Create install directory
|
||||
file:
|
||||
path: /opt/uptime-kuma
|
||||
state: directory
|
||||
owner: "{{ docker_user.name }}"
|
||||
mode: "{{ docker_compose_directory_mask }}"
|
||||
become: true
|
||||
|
||||
- name: Install compose file
|
||||
template:
|
||||
src: files/docker-compose.yml
|
||||
dest: /opt/uptime-kuma/docker-compose.yml
|
||||
mode: "{{ docker_compose_file_mask }}"
|
||||
owner: "{{ docker_user.name }}"
|
||||
validate: docker-compose -f %s config
|
||||
notify: restart uptime-kuma
|
||||
become: true
|
|
@ -2,17 +2,17 @@
|
|||
# Manual edits may be lost in future updates.
|
||||
|
||||
provider "registry.terraform.io/backblaze/b2" {
|
||||
version = "0.8.7"
|
||||
constraints = "0.8.7"
|
||||
version = "0.8.9"
|
||||
constraints = "0.8.9"
|
||||
hashes = [
|
||||
"h1:00oWKpRLaWlwNwebBlsy4ZDN9dsYPZv6G3VoYxz5SSE=",
|
||||
"h1:GLJrlMQ3CxORGarOlpbdKNjfdVxwWF7D1Sa5Svtsi2Q=",
|
||||
"h1:R+Ota2rVe+KaYwJIrlVGgRxtTGgkqXgsMRApg6r/+5M=",
|
||||
"h1:hSsgVZdn6G7G8Zp03Ij9lLQYEQ0aWGy3j3loEsjkJMQ=",
|
||||
"zh:832081241cdf62ea27af5e9999c7c94bbec1816dc552c53da1caa8a2ff7b987f",
|
||||
"zh:c130917d8da3e85392fb3c8c7b2be3b2fd1d1eb5023993d33e3d0838e8375d05",
|
||||
"zh:f9f7dbf09d818c5a05570d73facaf0bb840c541de07439b0891381df4c75875a",
|
||||
"zh:fc142bb2370c541ae14ea4f8f8c5437efa07911a8c36be60820cba6671fa6c81",
|
||||
"h1:2I1FrwnkverfdRHyoCMHeoLJcWIdoLw0uSyvFJDj+40=",
|
||||
"h1:Gp0no9DUhxEAPPED0/AG8wSaaT6023dtA1Q8oIPmgz0=",
|
||||
"h1:N5oxkisGmkDIdAmncwcmcN5KilDdOG1kJu2+k0ARj80=",
|
||||
"h1:PSLTea0VOv61sttOED7lEvonSQuIik2CFDXyljVpeHU=",
|
||||
"zh:3534b7737d5d555187faec4db6abeb202a90559f2f68e569e48b0acbbdaabe9d",
|
||||
"zh:372e97f55308babb98e175e3464d7088c8182d649e899e3067bb042e655a62c8",
|
||||
"zh:59935a938882daccf93a76ddfdd24113aac7349e0ae555028f340acb211cbaff",
|
||||
"zh:da2d510b081ed9683acd201318f096ea6848843f325eaf8db555702244149532",
|
||||
]
|
||||
}
|
||||
|
||||
|
@ -52,22 +52,33 @@ provider "registry.terraform.io/cloudflare/cloudflare" {
|
|||
}
|
||||
|
||||
provider "registry.terraform.io/go-gandi/gandi" {
|
||||
version = "2.2.3"
|
||||
constraints = "2.2.3"
|
||||
version = "2.3.0"
|
||||
constraints = "2.3.0"
|
||||
hashes = [
|
||||
"h1:2SFGp4KWheP2bjuD0sIzbcuM91uSFiMVr2qYBRUJ7HU=",
|
||||
"zh:1059865208c4ce9a827d0e1fa09a74297476d064d5aebd598633b10036cdff5d",
|
||||
"zh:1e912145a1819fc7516353369332a41558a3c6e9edac8bdcc09aa8c2735d29e3",
|
||||
"zh:2977e335cb1df04baa200933679048a7b4151f48cbd551917abe45dc3b62f85d",
|
||||
"zh:4211fa55947c3b7841931a2f944fe02fa50d2dca5fe850113d7dc5713574c0de",
|
||||
"zh:509f2262f4d682504eb412eeb58968c23208ddab8ebd0b0371a9eb1332b57f33",
|
||||
"zh:784ee8dd57193dfcb38fe06fedc2931b02a887ce887744ce92b856f121d6fb50",
|
||||
"zh:81a9bcbae602d32d71fa8ff3b2140c3d86692736a4c3379ebcfa06c858fae549",
|
||||
"zh:9e296c6b33a4b3042c030a44368a45c95a531b7c6c369db30a7fd2e9503bb4d8",
|
||||
"zh:a030027413d3dc7695691917f328fecb9b15d6b9e0d72b35439534cc22abb782",
|
||||
"zh:a5019df0ce14c20483f397eef4e91d9f60ad78644acb3134130c4ebbc26059b5",
|
||||
"zh:d03f6bd478f2b57091f2e82dde17a4adfe0b423eaaa0f99c59838fc64dd965ab",
|
||||
"zh:e1b23742e9d98391fb84a4fad4e577ca2827bb25c40e310f3faaa3dcbde3a508",
|
||||
"h1:+QRivNRiQfXbOzSJwIKOmpqRLjfSbgGTVIot5HHaxzU=",
|
||||
"h1:9kqWL+eFk/ogrQSltL9zVqjMcOqbvs3EgIJEeyNPb8U=",
|
||||
"h1:Fv/rdRU74oVDL6Tmu63qNl3fUrlOfMVPUFeLaPfWAGY=",
|
||||
"h1:GC+kfSRx3FdF0dhh0LZrWXV+hLSFQd3cQ3mjQ3lBloU=",
|
||||
"h1:M6MNub0wFKc/2MKOns9uWsgkFEjqNx1oucz+wGemBRM=",
|
||||
"h1:Os/cyXb2LCyYLvaQ7inZPBdgjR7Ie5AsyIIHvYaMZB4=",
|
||||
"h1:PH6KI61eli5OL/aN3Oi7NV9qkNbjGLoOYjJK3gvULj4=",
|
||||
"h1:ZYWkA1hdIjQySftM5bWAQjiH50V5qMl9nJroYzCoqb0=",
|
||||
"h1:aRZN5KmJwfLJ+sSYo4xd6MHS2oNk3Zlk417md3e9ry0=",
|
||||
"h1:iTw/xbYXtScXLdhbjzF15Bf9wWu/r41ZertHYl9vDec=",
|
||||
"h1:q/JXh50l2WZKxRpVTXzWp7nToqaU4TXD883k6Xi+8Jk=",
|
||||
"h1:sSjatD9sHwGI8jJYF7Ps7BTBbmmCmLAdlUPDs3i/vQA=",
|
||||
"zh:0936d011cf75bb5162c6027d00575a586807adc9008f4152def157b6ad22bae9",
|
||||
"zh:2170e671f04d3346ea416fcc404be6d05f637eab7df77e289a6898a928885f0b",
|
||||
"zh:250329baae3cb09cfb88dd004d45f003ba76fbe7b8daf9d18fd640b93a2b7252",
|
||||
"zh:2ccd9f253424738ca5fbbcb2127bf3713c20e87bfb3829f8c4565569424fd0bd",
|
||||
"zh:3607b48bc4691cd209528f9ffe16a6cc666bd284b0d0bdfe8c4e1d538559a408",
|
||||
"zh:3bc1d2b770fe0f50027da59c405b2468d1322243235367014f75f765124f458d",
|
||||
"zh:6c8a9092847ee2e2890825432b54424c456638d494e49b7d1845f055214714f5",
|
||||
"zh:8e0b62a330876005d52bcd65d7b1d9a679a7ac79c626e0f86661519e8f9b5698",
|
||||
"zh:8f44f4d52583ff249e2001ea2a8b8841010489dd43e1a01a9ec3a6813d121c28",
|
||||
"zh:9a617927d4a3a2897ff10999a19a6d1f0ef634b8c6b8fc3be12cf53948cfd9cf",
|
||||
"zh:cab3c82c54e38e6001eed5b80a2d16b7824921f8f8b3909049e174c48e6e8804",
|
||||
"zh:f78cc685aa4ba5056ea53a7f8ce585f87a911f0a8a387a44a33d7dfb69db7663",
|
||||
]
|
||||
}
|
||||
|
||||
|
@ -126,6 +137,28 @@ provider "registry.terraform.io/hashicorp/local" {
|
|||
]
|
||||
}
|
||||
|
||||
provider "registry.terraform.io/hetznercloud/hcloud" {
|
||||
version = "1.46.1"
|
||||
constraints = "1.46.1"
|
||||
hashes = [
|
||||
"h1:cDJWhw9W+qj4ner9QX/+FBB6YvK9pnTVOugSAM+ejcM=",
|
||||
"zh:0d8fb959c331b7cd9a13800198d65f61c604221b2fb05e0681c9cd432a6e2242",
|
||||
"zh:31ab652fb504bff3fdee0de8e06cb4c7d08805f4d3e8430dac6a4ee8a52b949f",
|
||||
"zh:493770ce314fc4f7b9536da077b217aa5af77b1d8c969639a257fda3dbd3e38b",
|
||||
"zh:4c25ee2977d359db15c044a8bfeb00f64ca94a6bdea00774307768a9bad97996",
|
||||
"zh:605c8e776cb69b1928c516ab1a9be9ea793c9405f038f224de5586db4983e621",
|
||||
"zh:8c9b966a881f177199738253003dc1ee4944034598be4dfbb5465f6d28349c66",
|
||||
"zh:8e6ec6e0f0572222f5a2d5748948c229a426408418c6500707711b1ae82fff1c",
|
||||
"zh:a63e3ac7f84f0ad0c27399fb2ae4469570d9b216bbc06a89edeca6ff569f0ea0",
|
||||
"zh:b03e6050ce2054665d824a02fcbe450cdfad29c082cf1d8adb29f8c138023457",
|
||||
"zh:b40e03710694792cff0eb5ca3f7dc80ff0befd2957b0af3b248d36a4ac77293e",
|
||||
"zh:bbd264b083a3f5e80a90c02ea3ec377231d030f4d9035bb0f1627f3b09504b00",
|
||||
"zh:de2b119e4c39b3454199c34f4ce0fd60af11bd9012c46e2c907db53fd5969278",
|
||||
"zh:e845750317897e45ab68e71326a43a7f143e0b5312aa9eba4fec907a3800a7f2",
|
||||
"zh:eebc0085e7fa25d4eaf4e47be00dd7f64259f725ed86581d0acef8b8fde31b49",
|
||||
]
|
||||
}
|
||||
|
||||
provider "registry.terraform.io/linode/linode" {
|
||||
version = "1.30.0"
|
||||
constraints = "1.30.0"
|
||||
|
|
|
@ -101,15 +101,6 @@ resource "linode_firewall" "casey" {
|
|||
ipv4 = ["0.0.0.0/0"]
|
||||
ipv6 = ["::/0"]
|
||||
}
|
||||
|
||||
inbound {
|
||||
label = "allow-inbound-tailscale"
|
||||
action = "ACCEPT"
|
||||
protocol = "UDP"
|
||||
ports = "41641"
|
||||
ipv4 = ["0.0.0.0/0"]
|
||||
ipv6 = ["::/0"]
|
||||
}
|
||||
}
|
||||
|
||||
resource "linode_rdns" "casey_reverse_ipv4" {
|
||||
|
|
|
@ -261,6 +261,14 @@ resource "cloudflare_record" "jakehowardtech_slides" {
|
|||
ttl = 1
|
||||
}
|
||||
|
||||
resource "cloudflare_record" "jakehowardtech_uptime" {
|
||||
zone_id = cloudflare_zone.jakehowardtech.id
|
||||
name = "uptime"
|
||||
value = cloudflare_record.sys_domain_pve.hostname
|
||||
type = "CNAME"
|
||||
ttl = 1
|
||||
}
|
||||
|
||||
resource "cloudflare_record" "jakehowardtech_caa" {
|
||||
zone_id = cloudflare_zone.jakehowardtech.id
|
||||
name = "@"
|
||||
|
|
|
@ -18,11 +18,15 @@ terraform {
|
|||
}
|
||||
gandi = {
|
||||
source = "go-gandi/gandi"
|
||||
version = "2.2.3"
|
||||
version = "2.3.0"
|
||||
}
|
||||
b2 = {
|
||||
source = "Backblaze/b2"
|
||||
version = "0.8.7"
|
||||
version = "0.8.9"
|
||||
}
|
||||
hetzner = {
|
||||
source = "hetznercloud/hcloud"
|
||||
version = "1.46.1"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -25,3 +25,7 @@ variable "backblaze_application_key" {
|
|||
variable "backblaze_application_key_id" {
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "hetzner_token" {
|
||||
sensitive = true
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue