Tips-Of-Mine/infrastructure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,680 Commits 15 Branches 0 Tags
b50840a2eef4164307951832f5b9c1682d25caa3
Commit Graph

99 Commits

Author SHA1 Message Date
Jake Howard 48934ad2c5 Apply gzip to everything 
The middleware is smart enough to only apply it when needed, and only when it's not already compressed, so it's fine.
 2021-09-19 22:48:48 +01:00
Jake Howard 0874158a91 Update traefik to 2.5 2021-08-22 11:16:37 +01:00
Jake Howard 33fcf1a9e5 Fix matrix federation 
Apparently this has been broken since like March...

It seems communication over port 8448 is required for server-to-server
comms, even if the client doesn't use it.
 2021-06-12 17:32:47 +01:00
Jake Howard d751a023da Promote GitLab to main git. domain 2021-06-02 19:49:28 +01:00
Jake Howard e6d029e22e Fix typo 
D'oh!
 2021-05-30 13:56:06 +01:00
Jake Howard 69abafd8c8 Put GitLab on a real domain 2021-05-29 16:21:47 +01:00
Jake Howard 03affd269f FLoC Block 
https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network
 2021-04-18 22:30:26 +01:00
Jake Howard 22d43c16a7 Correctly redirect http traffic to https 
Bug caused by https://github.com/traefik/traefik/issues/8035
 2021-04-06 11:56:05 +01:00
Jake Howard 4d218248fa Remotely connect to fail2ban to do ports 
Traefik can affect the edge, so blocks work there and prevent traffic hitting home network.
 2021-03-28 16:06:36 +01:00
Jake Howard 6973fb536f Add fail2ban for traefik 
Remote action coming soon
 2021-03-28 13:05:38 +01:00
Jake Howard 8398a2df21 Use endpoint middleware rather than hacky router 2021-03-27 23:34:34 +00:00
Jake Howard 1d997d3c33 Remove separate private and protected IP 2021-03-27 18:42:06 +00:00
Jake Howard 116e1adb50 Disable Traefik pilot on dashboard 2021-03-24 23:14:01 +00:00
Jake Howard b264e5cbcc Monitor traefik with prometheus rather than influxdb 2021-03-04 16:37:53 +00:00
Jake Howard ec0c78e6d9 Read emails from secrets 2021-02-14 12:29:14 +00:00
Jake Howard 870ac50c58 Update compose path to not be absolute 
This relies on `which` to find the correct binary instead
 2021-02-07 15:59:18 +00:00
Jake Howard c7fba8107a Move grafana to forrest 2021-01-31 16:52:24 +00:00
Jake Howard 058290b321 Keep track of IPs for PVE hosts 
Yea they're all random, I'll deal with that later
 2021-01-31 12:46:43 +00:00
Jake Howard 0f9802a46c Install duplicati on PVE docker machine 
Requires some changes to how private IPs are specified, which I really need to clean up at some point!
 2021-01-20 21:38:01 +00:00
Jake Howard 3321b852a5 Update traefik to v2.4 2021-01-20 20:33:57 +00:00
Jake Howard b992df0313 Fix variable name for traefik conditional provider 2021-01-16 23:30:09 +00:00
Jake Howard 604202fdce Add traefik pages 
Add it ready for the migration in future
 2021-01-16 23:29:55 +00:00
Jake Howard e1ea938d59 Add file providers for jellyfin and HA 2021-01-13 22:12:58 +00:00
Jake Howard fef7f2c2b4 Move docker containers to new PVE container 2021-01-09 18:02:17 +00:00
Jake Howard 2300426f0f Move default variables into role defaults rather than group vars 2020-12-28 16:23:12 +00:00
Jake Howard bdfd38c9fe Allow traefik to run on non-wireguard host 2020-12-28 15:55:45 +00:00
Jake Howard b11dbfc829 Move traefik file provider to use directory rather than single file 
This makes future composition possible
 2020-12-22 15:53:03 +00:00
Jake Howard c63506d2bc Pin traefik to patch version 2020-10-27 16:13:14 +00:00
Jake Howard 6cfaa3a03a Update traefik 2020-10-02 09:20:33 +01:00
Jake Howard 5079599b9d Require TLS 1.2 2020-09-27 12:36:49 +01:00
Jake Howard 1ecfc5b7fa Update traefik 2020-09-10 20:16:23 +01:00
Jake Howard ea54d1be69 Expose pages sites 2020-09-05 20:33:57 +01:00
Jake Howard e9aeed26ee Use cloudflare DNS challenge for Traefik 2020-09-05 18:27:04 +01:00
Jake Howard ec751ffa1a Add influxdb to monitor traefik 2020-08-30 15:58:03 +01:00
Jake Howard 969b0bd8d9 Update traefik 
Fixes GHSA-6qq8-5wq3-86rp
 2020-07-30 21:46:44 +01:00
Jake Howard 3c7c0ec3fa GZIP plausible traffic 
Plausible doesn't gzip for itself. Funnily enough the tracker is actually too small to be compressed by Traefik!
 2020-07-22 12:18:49 +01:00
Jake Howard 74d40ac915 Update traefik 2020-07-18 13:29:20 +01:00
Jake Howard 7a38207ef0 Update traefik 2020-07-15 14:53:36 +01:00
Jake Howard bb5a5b61bd Update traefik 2020-07-13 18:04:11 +01:00
Jake Howard 3c49c80ff1 Ensure traefik only listens on wireguard network 2020-07-12 19:29:18 +01:00
Jake Howard 86a398d6b4 Replace docker-compose restart hack with shell handler hack 
The docker-compose integration would start 2 of the same container, which does bad things to things like databases!
 2020-06-28 20:13:12 +01:00
Jake Howard fe5a5984c3 Remove container names from containers 
They're not needed for anything, and caused annoying weird issues when cycling containers
 2020-06-27 17:45:28 +01:00
Jake Howard e051db5e71 Remove obsolete middleware 2020-06-24 18:48:39 +01:00
Jake Howard f878866f10 Update yamllint 2020-06-18 20:49:12 +01:00
Jake Howard ca188ab1b4 Rename middleware 
It's not actually applying a HSTS header
 2020-06-13 21:09:48 +01:00
Jake Howard 7dd31c0556 Allow nextcloud to be reached over internal SSL 
This removes the need for a custom config, and means traefik is proxying HTTP2, which is nice
 2020-05-24 19:21:17 +01:00
Jake Howard 0256570f1c Update traefik 2020-04-30 21:50:18 +01:00
Jake Howard 3e523bd04b Remove traefik subdomain 2020-04-25 12:15:28 +01:00
Jake Howard 89ba23719c Move traefik into its own role 2020-04-23 20:49:43 +01:00