453a374801
Replace ingress proxy with nginx
...
This enables HTTPS redirecting at it too much more easily, and matches the gateway configuration.
Requires using upstream versions of nginx to enable https://nginx.org/en/docs/stream/ngx_stream_realip_module.html
2021-08-24 14:21:51 +01:00
f14e723d40
Fix service name on ingress
...
It's not alpine
2021-08-24 11:52:35 +01:00
edc5c325b7
Correctly check hostname against PVE hosts
...
Some of the hostnames have `-` in instead, which caused issues with the SSH config detecting which users to allow
2021-08-23 19:56:04 +01:00
ecb946bab4
Remove nginx version from headers
2021-08-23 16:12:34 +01:00
93cba46dd1
Redirect to HTTPS at the edge
2021-08-23 16:10:37 +01:00
a54d373526
Replace edge proxy with nginx
...
The config makes more sense, and it has more of the features I need, which will come later.
2021-08-22 22:35:09 +01:00
8fabd11e31
Remove unnecessary pve role
...
no-subscription is handled by the nag removal role
2021-08-22 15:20:27 +01:00
f0a3585592
Use distribution name in repo URL
2021-08-22 14:44:34 +01:00
0874158a91
Update traefik to 2.5
2021-08-22 11:16:37 +01:00
c04e8b628a
Update synapse to 1.40.0
2021-08-22 11:16:19 +01:00
c99afdd446
Disable gzip on qbittorrent egress
...
It's mostly used over the internal network, so the additional gzip isn't going to gain anything when the disk is the bottleneck
2021-08-21 16:46:21 +01:00
55e3b81f06
Install release version of gitlab-dater onto GitLab server
...
Rather than than hacky development one I was using before
2021-08-10 22:51:12 +01:00
e421657619
Ensure restic gets the correct permissions when it's updated
...
Yes it's weird to modify the system package like this, but it's very handy.
See also https://restic.readthedocs.io/en/stable/080_examples.html#backing-up-your-system-without-running-restic-as-root
2021-08-10 08:45:59 +01:00
ab46c30df2
Start graphing some speeds
2021-08-07 10:59:42 +01:00
d0e472b51a
Update synapse to 1.39.0
2021-08-06 18:20:48 +01:00
11bf501d8a
Update nextcloud to 22.1.0
2021-08-06 18:20:38 +01:00
9755974647
Update vaultwarden to 1.22.2
2021-08-06 18:17:22 +01:00
f3bc72d2ba
Provision uptime-kuma
2021-07-31 16:43:12 +01:00
1399529a47
Move stray storage to tank
2021-07-17 20:32:26 +01:00
8f831c8191
Update synapse to 1.37.1
2021-07-11 20:20:56 +01:00
501fe81979
Update nextcloud to v22
2021-07-11 20:20:48 +01:00
3daf3ef8ed
Pin clickhouse to 21.6
...
21.7 doesn't work
2021-07-11 16:11:09 +01:00
b2d226300b
Update nextcloud to 21.0.3
2021-07-04 21:17:03 +01:00
19eb233ffa
Update vaultwarden to 1.22.1
2021-07-03 11:27:27 +01:00
797c44a27d
Use proxy protocol v2
...
Apparently it's better for chaining, and may be faster anyway
2021-07-01 22:28:25 +01:00
b6adc53746
Revert "Capture stderr in logs, too"
...
This reverts commit 8696f6d93f
2021-06-28 08:33:08 +01:00
41a8fe3b4d
Use logrotate for backrest logging rather than nuking immediately
...
Just in case something goes wrong with healthchecks
2021-06-27 10:58:01 +01:00
8696f6d93f
Capture stderr in logs, too
2021-06-27 10:53:13 +01:00
40e785de38
Add yet more metric sources
2021-06-26 12:52:55 +01:00
32f17908ad
Collect metrics on disk usage
2021-06-26 12:36:00 +01:00
b82e87c04b
Remove unnecessary which
...
`cron` doesn't need a full path
2021-06-25 20:57:19 +01:00
9296c88ae4
Remove date from DB backups
2021-06-20 15:23:15 +01:00
e3502ae1e0
Provision dokku server
2021-06-20 12:12:34 +01:00
b20ffb27c4
Remove gotify
...
Never used it
2021-06-12 19:00:39 +01:00
4e5fa59c58
Add redis
...
This isn't really used as a cache, but it is for a couple bits, so nice to enable it anyway, and it might become so in future
2021-06-12 18:53:50 +01:00
290b147821
Thin out synapse config
...
Previously it was the vast majority of code in the whole repo. Now we only define the necessary keys, and rely much more on defaults, which is nice!
2021-06-12 18:49:29 +01:00
47e546d51a
Add synapse-admin
...
Useful to see what's going on on the server
2021-06-12 18:09:18 +01:00
3485f8e1f0
Actually version the ingress haproxy config
2021-06-12 17:32:47 +01:00
33fcf1a9e5
Fix matrix federation
...
Apparently this has been broken since like March...
It seems communication over port 8448 is required for server-to-server
comms, even if the client doesn't use it.
2021-06-12 17:32:47 +01:00
94e4592db6
Update synapse to 1.35.1
2021-06-12 16:46:16 +01:00
5d4817e840
Move some larger gitlab storage off tank
...
Means they'll be backed up less, but they're less important anyway
2021-06-07 20:24:59 +01:00
3c3f69a776
Remove unnecessary influxdb instance
...
Never used it anyway
2021-06-03 20:50:54 +01:00
d59e86a8e8
Remove unnecessary private_ip var from forrest
...
It was redundant
2021-06-03 20:47:33 +01:00
f1f2c620b0
Replace DHCP on PVE for static IPs
...
So much easier to deal with!
2021-06-03 20:47:08 +01:00
d751a023da
Promote GitLab to main git. domain
2021-06-02 19:49:28 +01:00
6c23180591
Remove gitea
...
I use GitLab now
2021-06-02 19:27:09 +01:00
9c2ebd60e8
Remove duplicati
...
We're a restic shop now!
2021-06-02 19:18:21 +01:00
51b3ffd33a
Allow containers to be cached on CI
...
There's an existing task to clean them up, and being out of date by a week isn't the end of the world
2021-06-01 21:51:18 +01:00
a867df04a5
Add a GitLab runner
...
Woo CI!
2021-06-01 19:29:21 +01:00
64ebaa67d0
Setup email for gitlab
...
Not super useful, but nice to enable it
2021-05-30 21:30:03 +01:00
