Tips-Of-Mine/infrastructure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,673 Commits 15 Branches 0 Tags
01c236e4e975afd28e71323a51d6d8272da22dc8
Commit Graph

1294 Commits

Author SHA1 Message Date
Jake Howard 7564911da3 Add IPv6 to blackbox 
This is needed to monitor private services
 2024-04-20 18:12:38 +01:00
Jake Howard 7ff44ee238 Add IPv6 to proxmox internal network 2024-04-20 18:00:08 +01:00
Jake Howard 7c8d224c4a Add headscale ACLs 
Tags are managed entirely server side, so there's no priv esc issues.

This lets my devices do what they want, and server style devices can't do anything.
 2024-04-20 15:46:21 +01:00
Renovate 7bc0ebeb26 Update traefik Docker tag to v2.11 2024-04-15 17:43:05 +01:00
Jake Howard 33f9c544fd Remove /tt-rss/ path from URL 2024-04-15 17:33:36 +01:00
Jake Howard b6583cc823 Update Nextcloud version in config 2024-04-15 15:28:16 +01:00
Jake Howard 9c02017fed Unpin tandoor 2024-04-15 15:28:16 +01:00
Renovate 9d98d88089 Update lscr.io/linuxserver/nextcloud Docker tag to v28.0.4 2024-04-15 15:02:53 +01:00
Renovate 5330fdc56f Update ghcr.io/goauthentik/server Docker tag to v2024 2024-04-15 14:11:11 +01:00
Renovate 2e0b562f5d Update matrixdotorg/synapse Docker tag to v1.104.0 2024-04-15 13:58:20 +01:00
Renovate 989a804bad Update wallabag/wallabag Docker tag to v2.6.9 2024-04-03 12:00:18 +01:00
Jake Howard 8424b3211b Allow ingress to serve as tailscale exit node 2024-03-28 23:30:24 +00:00
Jake Howard 5157940f20 Stop exposing homeassistant 2024-03-23 11:54:26 +00:00
Jake Howard eb6fe3a23b Allow forrest to access internal services 
This is mostly for monitoring
 2024-03-22 18:13:25 +00:00
Jake Howard b2656bdf43 Make vaultwarden VPN only 
The first service to go dark...
 2024-03-21 23:20:27 +00:00
Jake Howard f88d224168 Allow only exposing services over Tailscale 
This works using public DNS, so doesn't need Tailscale's magic DNS to override my local.
 2024-03-07 22:30:10 +00:00
Jake Howard 451a114262 Add IPv6 support for internal DNS overrides 
CoreDNS 1.11.2 finally shipped!
 2024-03-07 20:02:39 +00:00
Jake Howard 119b3212a9 Remove robots.txt for gitea 2024-03-04 08:38:16 +00:00
Renovate 5aae711cb8 Update vaultwarden/server Docker tag to v1.30.5 2024-03-04 08:33:59 +00:00
Renovate f552332598 Update lscr.io/linuxserver/mastodon Docker tag to v4.2.8 2024-03-04 08:33:51 +00:00
Jake Howard 82451784a8 Deploy slides hosting 2024-03-03 21:39:22 +00:00
Jake Howard 000f3d3348 Add HSTS to all nginx requests 2024-03-03 21:37:07 +00:00
Jake Howard 0dcc3f7c30 Use regular version of nginx on Arch 
`nginx-mainline` requires modules be recompiled each time, and isn't handled automatically. It's still a very new and maintained release.
 2024-02-29 19:46:32 +00:00
Jake Howard 8a1e21c79d Ensure headscale sees the correct IP 2024-02-29 17:41:29 +00:00
Jake Howard 998d798797 Set maintenance window for nextcloud 2024-02-21 21:57:03 +00:00
Jake Howard 11a93dac55 Update nextcloud version in config 2024-02-21 21:52:58 +00:00
Renovate 7d64518840 Update matrixdotorg/synapse Docker tag to v1.101.0 2024-02-21 21:43:15 +00:00
Renovate 26bcf09fea Update lscr.io/linuxserver/nextcloud Docker tag to v28.0.2 2024-02-21 21:42:50 +00:00
Jake Howard 808e72553b Add the basics of some edge caching 2024-02-21 21:42:16 +00:00
Renovate b513c88774 Update vaultwarden/server Docker tag to v1.30.3 2024-02-19 14:13:02 +00:00
Renovate 7741fbc163 Update vabene1111/recipes Docker tag to v1.5.13 2024-02-19 14:07:32 +00:00
Renovate 45cf930d14 Update lscr.io/linuxserver/mastodon Docker tag to v4.2.7 2024-02-17 08:00:21 +00:00
Jake Howard 58c48261e7 Consolidate vikunja container 2024-02-12 14:12:17 +00:00
Jake Howard 91a247868b Add routes from forrest to tailscale network 2024-02-07 22:12:08 +00:00
Jake Howard b6eca40ae0 Allow tailscale IP in more places 2024-02-07 18:21:16 +00:00
Renovate 6c1c245c23 Update matrixdotorg/synapse Docker tag to v1.100.0 2024-02-02 13:38:12 +00:00
Renovate 379d4a26fa Update vabene1111/recipes Docker tag to v1.5.12 2024-02-02 13:38:00 +00:00
Renovate f1a2694f1a Update lscr.io/linuxserver/mastodon Docker tag to v4.2.5 2024-02-02 13:37:05 +00:00
Jake Howard 02847355a7 Install tailscale 
Install, not configure
 2024-02-01 19:41:47 +00:00
Jake Howard 29cac09b48 Remove explicit port for headscale 2024-02-01 18:32:53 +00:00
Jake Howard dba0262801 Remove website tmpfs 
The server's disk is probably fast enough, and container restarts will nuke that storage anyway
 2024-02-01 18:15:51 +00:00
Jake Howard 0c6528f9ca Restrict access to headscale OIDC and API 2024-01-31 21:40:43 +00:00
Jake Howard dfa8328e7b Move gateway logs to separate file 2024-01-31 21:06:19 +00:00
Jake Howard 53c758a781 Monitor headscale with prometheus 2024-01-27 17:40:02 +00:00
Jake Howard 2ceeaf091d Deploy headscale 2024-01-27 14:18:37 +00:00
Jake Howard 06784563a7 Don't resolve ipv6 
Something about this setup doesn't like it, so I'll disable v6 for now
 2024-01-26 21:43:04 +00:00
Renovate 4f6f4143ce Update matrixdotorg/synapse Docker tag to v1.99.0 2024-01-22 09:15:38 +00:00
Renovate 5292785cd9 Update wallabag/wallabag Docker tag to v2.6.8 2024-01-22 09:11:27 +00:00
Renovate d297674fb5 Update vabene1111/recipes Docker tag to v1.5.11 2024-01-22 08:42:36 +00:00
Jake Howard 88f0828153 Use primary Quad9 servers 
DNSSEC and malware blocking is probably useful, just in case
 2024-01-21 23:19:49 +00:00