Tips-Of-Mine/infrastructure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,066 Commits 15 Branches 0 Tags
475215f33ab51faa562ba13e7f1a1b44fe99f1eb
Commit Graph

1066 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jake Howard
c1319a134a Forget snapshots in groups by host 
By default, it includes the path, which means path changes result in very old snapshots

https://twitter.com/RealOrangeOne/status/1484217495124852748
 2022-01-20 17:43:56 +00:00
Jake Howard
1db289b604 Show domain in logs rather than upstream 
The upstream is always the same, and no use to us
 2022-01-19 09:00:20 +00:00
Jake Howard
619d5bfa7b Give every cloud machine its own cname 2022-01-19 08:44:21 +00:00
Jake Howard
af07840de7 Harden SPF 2022-01-19 08:19:51 +00:00
Jake Howard
9404f71dc6 Remove old DB backups dir from backups 2022-01-16 17:56:45 +00:00
Jake Howard
a07b1dbad5 Ensure grimes backs up its databases 2022-01-16 17:56:13 +00:00
Jake Howard
5cc552d0eb Add container to automatically backup DBs 2022-01-16 17:51:03 +00:00
Jake Howard
6c0314b758 Add an nginx container to do crazy things with traefik 2022-01-16 14:08:38 +00:00
Jake Howard
d5c7d94ac8 Run traefik as dockeruser, and without host networking 
This required port forwarding, a docker proxy, and a docker network, but the end result should be much more secure!
 2022-01-15 23:44:06 +00:00
Jake Howard
1348eb8b1c Prefent yourls redirect page being indexed 2022-01-11 21:20:23 +00:00
Jake Howard
89a99d2db2 Make ansible a dev dependency 
It's required by `ansible-lint` to work properly
 2022-01-11 21:19:02 +00:00
Jake Howard
c5215e330b Update yamllint to fix dependency issue 
I think this still validates everything we need it to
 2022-01-11 20:51:12 +00:00
Jake Howard
db68c107d0 Decommission decker on Vultr 2022-01-11 19:25:04 +00:00
Jake Howard
ceb62cc0c8 Open the right ports so web traffic will flow 2022-01-11 09:08:23 +00:00
Jake Howard
cf0e718bfb Migrate decker services to linode 
Mostly just uptime-kuma
 2022-01-11 09:07:48 +00:00
Jake Howard
50398eac07 Commit the terraform lock file 
It tells you to
 2022-01-08 22:12:44 +00:00
Jake Howard
e50a1f9a72 Privision a decker on linode 2022-01-08 22:12:28 +00:00
Jake Howard
0a13f78d29 Add linode to terraform setup 
Let the migration, begin!
 2022-01-08 22:11:34 +00:00
Jake Howard
41289ab359 Reduce ZFS memory usage to 5GB 
That's still more than 1GB per usable TB of space. Should really be ample
 2022-01-08 12:29:35 +00:00
Jake Howard
1f6c6858e5 Fix NTP timesyncd issue 
https://github.com/geerlingguy/ansible-role-ntp/pull/110
 2022-01-08 12:29:13 +00:00
Jake Howard
02cfd37a02 Update uptime-kuma 2022-01-08 12:18:25 +00:00
Jake Howard
1a74e05a7c Create a dedicated machine for renovate 
This way it can do what it wants with docker. Because apparently it's very picky about how it's setup
 2022-01-01 22:59:13 +00:00
Jake Howard
78b0161585 Install renovate 
It doesn't quite work, as really it needs docker to correctly update packages. But it's a start for now
 2022-01-01 18:23:32 +00:00
Jake Howard
b81f250d02 Update clickhouse config to reference new tables to remove 2021-12-29 17:34:07 +00:00
Jake Howard
062c4a25fb Keep just 2 weeks of backrest logs 
That's ample
 2021-12-28 12:57:57 +00:00
Jake Howard
711d78bfd3 Only try and rotate the log files 
Previously, this was also rotating the compressed logs, for some reason
 2021-12-28 12:57:08 +00:00
Jake Howard
3a7d2194cc Update tt-rss DB to postgres 14 2021-12-22 22:39:46 +00:00
Jake Howard
66c48c4a69 Remove old domain for vaultwarden 
It's been long enough
 2021-12-22 15:41:14 +00:00
Jake Howard
e6ecffdf62 Update vaultwarden DB to postgres 14 2021-12-22 15:33:40 +00:00
Jake Howard
ec9ca428a3 Update synapse DB to postgres 14 2021-12-22 15:24:37 +00:00
Jake Howard
fbdbc8afb5 Update quassel DB to postgres 14 2021-12-22 13:17:01 +00:00
Jake Howard
da41fcd7bc Update grafana DB to postgres 14 2021-12-22 13:10:06 +00:00
Jake Howard
6681ad43fb Update plausible DB to postgres 14 2021-12-22 12:57:49 +00:00
Jake Howard
31b7811b1f Use new clickhouse docker repository 2021-12-22 12:01:25 +00:00
Jake Howard
b6a0fdfd1d Unpin the version of yourls 
It's a very simple, non-critical application, which I keep forgetting to update
 2021-12-21 21:48:41 +00:00
Jake Howard
1c645fa106 Update yourls mariadb to 10.7 2021-12-21 21:40:56 +00:00
Jake Howard
c5beb223be Update clickhouse to 21.12 2021-12-21 21:31:53 +00:00
Jake Howard
0734ff42d8 Move grafana variables to vault file 2021-12-21 20:22:47 +00:00
Jake Howard
7b6675a9d0 Move gitlab variables to single vault 2021-12-21 20:12:05 +00:00
Jake Howard
4cbc15fe0b Move gitlab runner secrets to dedicated vault 2021-12-21 20:00:54 +00:00
Jake Howard
66662594d0 Extract plausible secrets to dedicated vault 2021-12-21 19:57:43 +00:00
Jake Howard
fcda77e750 Extract vault items from host vars 2021-12-21 19:36:52 +00:00
Jake Howard
0b352e22d1 Merge all group vars into single vault file 
This will make tracking down where a secret is defined much simpler
 2021-12-21 18:04:03 +00:00
Jake Howard
dce7c782ec Move wireguard keys into a separate vault file 2021-12-21 17:58:52 +00:00
Jake Howard
3f37cd4448 Be quiet on interpreter warnings 
It works fine, I don't need to be screamed at
 2021-12-20 21:17:42 +00:00
Jake Howard
8d40a49780 Move traefik pages secret into full vault file 
Trialing a new pattern for vault storage
 2021-12-20 21:17:25 +00:00
Jake Howard
e2029cf8aa Pretend vault pass script is the password 2021-12-20 17:48:14 +00:00
Jake Howard
9e473265a5 Read vault password from bitwarden instead of filesystem 
https://theorangeone.net/posts/ansible-vault-bitwarden/
 2021-12-20 17:25:18 +00:00
Jake Howard
b50659ab5d Update nextcloud to 23 2021-12-19 21:18:09 +00:00
Jake Howard
a5329665c0 Update vaultwarden to 1.23.1 2021-12-15 20:21:01 +00:00