Tips-Of-Mine/infrastructure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,589 Commits 15 Branches 0 Tags
124b83526d0ff8da59e035706c1fe9f28c0f94dc
Commit Graph

79 Commits

Author SHA1 Message Date
Jake Howard
f88d224168 Allow only exposing services over Tailscale 
This works using public DNS, so doesn't need Tailscale's magic DNS to override my local.
 2024-03-07 22:30:10 +00:00
Jake Howard
808e72553b Add the basics of some edge caching 2024-02-21 21:42:16 +00:00
Jake Howard
b6eca40ae0 Allow tailscale IP in more places 2024-02-07 18:21:16 +00:00
Jake Howard
b33e19e152 Remove unnecessary extra variable definitions 
The world could do with a bit less YAML!
 2023-12-14 22:03:23 +00:00
Jake Howard
37b8c48a77 Remove legacy short domains 
I never used them, and the certificate renewal didn't work anyway.
 2023-10-02 09:37:05 +01:00
Jake Howard
a54a91ea44 Deploy a dokku 2023-10-01 16:34:01 +01:00
Jake Howard
0e9e63d8b7 Use correct gandi API 2023-07-17 15:03:04 +01:00
Jake Howard
7619e826f4 Remove deprecated traefik hub config 2023-06-26 09:27:16 +01:00
Jake Howard
2af9f8529d Fix new ansible-lint errors 
Quite a few changes here, hopefully they work!
 2023-06-15 15:16:19 +01:00
Jake Howard
ddd6af21cf Allow Traefik to use DNS-01 challenge to Gandi 2023-04-23 20:26:37 +01:00
Renovate
2c9ab7fd29 Update traefik Docker tag to v2.10 2023-04-09 17:02:00 +01:00
Jake Howard
d52f0bc8b2 Remove gitlab configuration 2023-03-30 22:56:35 +01:00
Jake Howard
a78c4680c4 Move notes to GitLab 2023-03-29 22:36:03 +01:00
Jake Howard
fc577f21b8 Update Traefik to 2.9 2022-11-01 20:50:30 +00:00
Jake Howard
4c8d5ffe44 Remove all references to traefik pages 2022-11-01 20:30:16 +00:00
Jake Howard
58730fcbeb Move pages hosting to GitLab pages 2022-10-09 18:26:49 +01:00
Jake Howard
491061d900 Remove shenanigans 
It's not enabled, and it's 1 less container to deal with
 2022-10-09 17:40:22 +01:00
Jake Howard
6d890a6991 Setup slides domain 2022-10-08 17:37:28 +01:00
Jake Howard
41582f50db Set up GitLab pages 2022-10-08 15:51:37 +01:00
Jake Howard
73f165c521 Revert "Update traefik to 2.8" 
This reverts commit a695818355.

This causes problems with traefik-pages
 2022-08-16 10:17:53 +01:00
Jake Howard
4eab0d4f01 Don't mount docker socket to traefik 
It was already configured to use the proxy, and was running as non-root
anyway, so likely didn't have access to it in the first place.
 2022-08-16 09:38:27 +01:00
Jake Howard
a695818355 Update traefik to 2.8 2022-08-01 15:02:09 +01:00
Jake Howard
cf763d07f2 Stop capturing logs for containers I don't care about 2022-06-20 21:25:13 +01:00
Jake Howard
0d5913ce3c Disable any hub integrations 2022-06-18 22:09:59 +01:00
Jake Howard
df28b56857 Update traefik to 2.7 2022-06-18 22:09:49 +01:00
Jake Howard
5b586f2608 Add container to extract TLS certs from traefik into standard format 
Disable its network access, just in case
 2022-06-13 21:18:45 +01:00
Jake Howard
793506492f No shenanigans by default 
This causes strange problems with nextcloud
 2022-03-23 19:30:22 +00:00
Jake Howard
293aed0fd3 Enable GitLab registry 2022-02-25 21:48:13 +00:00
Jake Howard
4562b60517 Update Traefik to 2.6 2022-02-08 08:55:50 +00:00
Jake Howard
6db0500e1b Provision remote f2b key with ansible 2022-01-21 22:11:49 +00:00
Jake Howard
5cc552d0eb Add container to automatically backup DBs 2022-01-16 17:51:03 +00:00
Jake Howard
6c0314b758 Add an nginx container to do crazy things with traefik 2022-01-16 14:08:38 +00:00
Jake Howard
d5c7d94ac8 Run traefik as dockeruser, and without host networking 
This required port forwarding, a docker proxy, and a docker network, but the end result should be much more secure!
 2022-01-15 23:44:06 +00:00
Jake Howard
4cdaba4692 Swap certificates for wildcards 2021-10-18 21:59:10 +01:00
Jake Howard
4db474034e Ignore my VMs from a fail2ban 2021-09-27 14:49:56 +01:00
Jake Howard
48934ad2c5 Apply gzip to everything 
The middleware is smart enough to only apply it when needed, and only when it's not already compressed, so it's fine.
 2021-09-19 22:48:48 +01:00
Jake Howard
0874158a91 Update traefik to 2.5 2021-08-22 11:16:37 +01:00
Jake Howard
33fcf1a9e5 Fix matrix federation 
Apparently this has been broken since like March...

It seems communication over port 8448 is required for server-to-server
comms, even if the client doesn't use it.
 2021-06-12 17:32:47 +01:00
Jake Howard
d751a023da Promote GitLab to main git. domain 2021-06-02 19:49:28 +01:00
Jake Howard
69abafd8c8 Put GitLab on a real domain 2021-05-29 16:21:47 +01:00
Jake Howard
03affd269f FLoC Block 
https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network
 2021-04-18 22:30:26 +01:00
Jake Howard
22d43c16a7 Correctly redirect http traffic to https 
Bug caused by https://github.com/traefik/traefik/issues/8035
 2021-04-06 11:56:05 +01:00
Jake Howard
4d218248fa Remotely connect to fail2ban to do ports 
Traefik can affect the edge, so blocks work there and prevent traffic hitting home network.
 2021-03-28 16:06:36 +01:00
Jake Howard
6973fb536f Add fail2ban for traefik 
Remote action coming soon
 2021-03-28 13:05:38 +01:00
Jake Howard
8398a2df21 Use endpoint middleware rather than hacky router 2021-03-27 23:34:34 +00:00
Jake Howard
1d997d3c33 Remove separate private and protected IP 2021-03-27 18:42:06 +00:00
Jake Howard
116e1adb50 Disable Traefik pilot on dashboard 2021-03-24 23:14:01 +00:00
Jake Howard
b264e5cbcc Monitor traefik with prometheus rather than influxdb 2021-03-04 16:37:53 +00:00
Jake Howard
ec0c78e6d9 Read emails from secrets 2021-02-14 12:29:14 +00:00
Jake Howard
c7fba8107a Move grafana to forrest 2021-01-31 16:52:24 +00:00