Tips-Of-Mine/infrastructure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,071 Commits 15 Branches 0 Tags
aa1cef47397de23756ae77680e8103b35423da84
Commit Graph

1071 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jake Howard
dcbe6e8e72 Use upstream version of ansible-role-snapraid 
https://github.com/IronicBadger/ansible-role-snapraid/pull/7 shipped
 2021-08-30 21:21:58 +01:00
Jake Howard
95216b32c4 Consolidate server blocks 2021-08-24 14:31:12 +01:00
Jake Howard
453a374801 Replace ingress proxy with nginx 
This enables HTTPS redirecting at it too much more easily, and matches the gateway configuration.

Requires using upstream versions of nginx to enable https://nginx.org/en/docs/stream/ngx_stream_realip_module.html
 2021-08-24 14:21:51 +01:00
Jake Howard
f14e723d40 Fix service name on ingress 
It's not alpine
 2021-08-24 11:52:35 +01:00
Jake Howard
601b916b43 Remove deprecated clients from wireguard server 
I use nebula now for all that
 2021-08-24 11:14:04 +01:00
Jake Howard
edc5c325b7 Correctly check hostname against PVE hosts 
Some of the hostnames have `-` in instead, which caused issues with the SSH config detecting which users to allow
 2021-08-23 19:56:04 +01:00
Jake Howard
ecb946bab4 Remove nginx version from headers 2021-08-23 16:12:34 +01:00
Jake Howard
93cba46dd1 Redirect to HTTPS at the edge 2021-08-23 16:10:37 +01:00
Jake Howard
a54d373526 Replace edge proxy with nginx 
The config makes more sense, and it has more of the features I need, which will come later.
 2021-08-22 22:35:09 +01:00
Jake Howard
23fc7bbb12 Use slightly less memory for ZFS 2021-08-22 15:58:49 +01:00
Jake Howard
1d5616a36f Update roles so they support newer Debian versions 
I'm monitoring the PRs, don't worry
 2021-08-22 15:22:11 +01:00
Jake Howard
8fabd11e31 Remove unnecessary pve role 
no-subscription is handled by the nag removal role
 2021-08-22 15:20:27 +01:00
Jake Howard
f0a3585592 Use distribution name in repo URL 2021-08-22 14:44:34 +01:00
Jake Howard
0874158a91 Update traefik to 2.5 2021-08-22 11:16:37 +01:00
Jake Howard
c04e8b628a Update synapse to 1.40.0 2021-08-22 11:16:19 +01:00
Jake Howard
c99afdd446 Disable gzip on qbittorrent egress 
It's mostly used over the internal network, so the additional gzip isn't going to gain anything when the disk is the bottleneck
 2021-08-21 16:46:21 +01:00
Jake Howard
55e3b81f06 Install release version of gitlab-dater onto GitLab server 
Rather than than hacky development one I was using before
 2021-08-10 22:51:12 +01:00
Jake Howard
e421657619 Ensure restic gets the correct permissions when it's updated 
Yes it's weird to modify the system package like this, but it's very handy.

See also https://restic.readthedocs.io/en/stable/080_examples.html#backing-up-your-system-without-running-restic-as-root
 2021-08-10 08:45:59 +01:00
Jake Howard
ab46c30df2 Start graphing some speeds 2021-08-07 10:59:42 +01:00
Jake Howard
d0e472b51a Update synapse to 1.39.0 2021-08-06 18:20:48 +01:00
Jake Howard
11bf501d8a Update nextcloud to 22.1.0 2021-08-06 18:20:38 +01:00
Jake Howard
9755974647 Update vaultwarden to 1.22.2 2021-08-06 18:17:22 +01:00
Jake Howard
f3bc72d2ba Provision uptime-kuma 2021-07-31 16:43:12 +01:00
Jake Howard
1399529a47 Move stray storage to tank 2021-07-17 20:32:26 +01:00
Jake Howard
8f831c8191 Update synapse to 1.37.1 2021-07-11 20:20:56 +01:00
Jake Howard
501fe81979 Update nextcloud to v22 2021-07-11 20:20:48 +01:00
Jake Howard
65eb6efe5a Remove GitHub CI 2021-07-11 18:30:59 +01:00
Jake Howard
322843b3c1 chmod the correct directory 2021-07-11 18:20:13 +01:00
Jake Howard
c6266728b4 Fix directory permissions before install 2021-07-11 18:12:54 +01:00
Jake Howard
0364cbade5 Ensure current directory isn't world writable 
See https://docs.ansible.com/ansible/devel/reference_appendices/config.html#cfg-in-world-writable-dir
 2021-07-11 18:07:15 +01:00
Jake Howard
b0cc416d69 OK fine use slim and install things there 
Needs a build pipeline
 2021-07-11 17:56:31 +01:00
Jake Howard
e183315f02 Explicitly add bash 
Now might as well use the alpine container
 2021-07-11 17:50:46 +01:00
Jake Howard
ec9095a117 Use a full terraform container, not just the binary 2021-07-11 17:47:56 +01:00
Jake Howard
36f33c2547 Use slim python container 2021-07-11 17:47:42 +01:00
Jake Howard
2901afe4c0 Add GitLab CI config 2021-07-11 17:02:36 +01:00
Jake Howard
3daf3ef8ed Pin clickhouse to 21.6 
21.7 doesn't work
 2021-07-11 16:11:09 +01:00
Jake Howard
b2d226300b Update nextcloud to 21.0.3 2021-07-04 21:17:03 +01:00
Jake Howard
19eb233ffa Update vaultwarden to 1.22.1 2021-07-03 11:27:27 +01:00
Jake Howard
797c44a27d Use proxy protocol v2 
Apparently it's better for chaining, and may be faster anyway
 2021-07-01 22:28:25 +01:00
Jake Howard
b6adc53746 Revert "Capture stderr in logs, too" 
This reverts commit 8696f6d93f.

Yeah, this doesn't work. Syntax and intention.
 2021-06-28 08:33:08 +01:00
Jake Howard
41a8fe3b4d Use logrotate for backrest logging rather than nuking immediately 
Just in case something goes wrong with healthchecks
 2021-06-27 10:58:01 +01:00
Jake Howard
8696f6d93f Capture stderr in logs, too 2021-06-27 10:53:13 +01:00
Jake Howard
7f597dbf87 Serve notes from dokku 2021-06-26 21:30:04 +01:00
Jake Howard
1c07534c40 Stop resetting dokku hostname to default 2021-06-26 21:27:39 +01:00
Jake Howard
40e785de38 Add yet more metric sources 2021-06-26 12:52:55 +01:00
Jake Howard
32f17908ad Collect metrics on disk usage 2021-06-26 12:36:00 +01:00
Jake Howard
77d2b82761 Add healthchecks for snapraid 2021-06-26 11:45:56 +01:00
Jake Howard
18603d726e Add username to proxmox-nag-removal role 
Makes it obviously not one of mine
 2021-06-25 22:47:21 +01:00
Jake Howard
09a010f28e Version snapraid config 
Using fork of role at https://github.com/IronicBadger/ansible-role-snapraid/pull/7
 2021-06-25 22:43:26 +01:00
Jake Howard
b82e87c04b Remove unnecessary which 
`cron` doesn't need a full path
 2021-06-25 20:57:19 +01:00