Tips-Of-Mine/infrastructure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,466 Commits 15 Branches 0 Tags
dfef31cbfade2fb72178307025cfafb2638b6030
Commit Graph

1466 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jake Howard c1319a134a Forget snapshots in groups by host 
By default, it includes the path, which means path changes result in very old snapshots

https://twitter.com/RealOrangeOne/status/1484217495124852748
 2022-01-20 17:43:56 +00:00
Jake Howard 1db289b604 Show domain in logs rather than upstream 
The upstream is always the same, and no use to us
 2022-01-19 09:00:20 +00:00
Jake Howard 619d5bfa7b Give every cloud machine its own cname 2022-01-19 08:44:21 +00:00
Jake Howard af07840de7 Harden SPF 2022-01-19 08:19:51 +00:00
Jake Howard 9404f71dc6 Remove old DB backups dir from backups 2022-01-16 17:56:45 +00:00
Jake Howard a07b1dbad5 Ensure grimes backs up its databases 2022-01-16 17:56:13 +00:00
Jake Howard 5cc552d0eb Add container to automatically backup DBs 2022-01-16 17:51:03 +00:00
Jake Howard 6c0314b758 Add an nginx container to do crazy things with traefik 2022-01-16 14:08:38 +00:00
Jake Howard d5c7d94ac8 Run traefik as dockeruser, and without host networking 
This required port forwarding, a docker proxy, and a docker network, but the end result should be much more secure!
 2022-01-15 23:44:06 +00:00
Jake Howard 1348eb8b1c Prefent yourls redirect page being indexed 2022-01-11 21:20:23 +00:00
Jake Howard 89a99d2db2 Make ansible a dev dependency 
It's required by `ansible-lint` to work properly
 2022-01-11 21:19:02 +00:00
Jake Howard c5215e330b Update yamllint to fix dependency issue 
I think this still validates everything we need it to
 2022-01-11 20:51:12 +00:00
Jake Howard db68c107d0 Decommission decker on Vultr 2022-01-11 19:25:04 +00:00
Jake Howard ceb62cc0c8 Open the right ports so web traffic will flow 2022-01-11 09:08:23 +00:00
Jake Howard cf0e718bfb Migrate decker services to linode 
Mostly just uptime-kuma
 2022-01-11 09:07:48 +00:00
Jake Howard 50398eac07 Commit the terraform lock file 
It tells you to
 2022-01-08 22:12:44 +00:00
Jake Howard e50a1f9a72 Privision a decker on linode 2022-01-08 22:12:28 +00:00
Jake Howard 0a13f78d29 Add linode to terraform setup 
Let the migration, begin!
 2022-01-08 22:11:34 +00:00
Jake Howard 41289ab359 Reduce ZFS memory usage to 5GB 
That's still more than 1GB per usable TB of space. Should really be ample
 2022-01-08 12:29:35 +00:00
Jake Howard 1f6c6858e5 Fix NTP timesyncd issue 
https://github.com/geerlingguy/ansible-role-ntp/pull/110
 2022-01-08 12:29:13 +00:00
Jake Howard 02cfd37a02 Update uptime-kuma 2022-01-08 12:18:25 +00:00
Jake Howard 1a74e05a7c Create a dedicated machine for renovate 
This way it can do what it wants with docker. Because apparently it's very picky about how it's setup
 2022-01-01 22:59:13 +00:00
Jake Howard 78b0161585 Install renovate 
It doesn't quite work, as really it needs docker to correctly update packages. But it's a start for now
 2022-01-01 18:23:32 +00:00
Jake Howard b81f250d02 Update clickhouse config to reference new tables to remove 2021-12-29 17:34:07 +00:00
Jake Howard 062c4a25fb Keep just 2 weeks of backrest logs 
That's ample
 2021-12-28 12:57:57 +00:00
Jake Howard 711d78bfd3 Only try and rotate the log files 
Previously, this was also rotating the compressed logs, for some reason
 2021-12-28 12:57:08 +00:00
Jake Howard 3a7d2194cc Update tt-rss DB to postgres 14 2021-12-22 22:39:46 +00:00
Jake Howard 66c48c4a69 Remove old domain for vaultwarden 
It's been long enough
 2021-12-22 15:41:14 +00:00
Jake Howard e6ecffdf62 Update vaultwarden DB to postgres 14 2021-12-22 15:33:40 +00:00
Jake Howard ec9ca428a3 Update synapse DB to postgres 14 2021-12-22 15:24:37 +00:00
Jake Howard fbdbc8afb5 Update quassel DB to postgres 14 2021-12-22 13:17:01 +00:00
Jake Howard da41fcd7bc Update grafana DB to postgres 14 2021-12-22 13:10:06 +00:00
Jake Howard 6681ad43fb Update plausible DB to postgres 14 2021-12-22 12:57:49 +00:00
Jake Howard 31b7811b1f Use new clickhouse docker repository 2021-12-22 12:01:25 +00:00
Jake Howard b6a0fdfd1d Unpin the version of yourls 
It's a very simple, non-critical application, which I keep forgetting to update
 2021-12-21 21:48:41 +00:00
Jake Howard 1c645fa106 Update yourls mariadb to 10.7 2021-12-21 21:40:56 +00:00
Jake Howard c5beb223be Update clickhouse to 21.12 2021-12-21 21:31:53 +00:00
Jake Howard 0734ff42d8 Move grafana variables to vault file 2021-12-21 20:22:47 +00:00
Jake Howard 7b6675a9d0 Move gitlab variables to single vault 2021-12-21 20:12:05 +00:00
Jake Howard 4cbc15fe0b Move gitlab runner secrets to dedicated vault 2021-12-21 20:00:54 +00:00
Jake Howard 66662594d0 Extract plausible secrets to dedicated vault 2021-12-21 19:57:43 +00:00
Jake Howard fcda77e750 Extract vault items from host vars 2021-12-21 19:36:52 +00:00
Jake Howard 0b352e22d1 Merge all group vars into single vault file 
This will make tracking down where a secret is defined much simpler
 2021-12-21 18:04:03 +00:00
Jake Howard dce7c782ec Move wireguard keys into a separate vault file 2021-12-21 17:58:52 +00:00
Jake Howard 3f37cd4448 Be quiet on interpreter warnings 
It works fine, I don't need to be screamed at
 2021-12-20 21:17:42 +00:00
Jake Howard 8d40a49780 Move traefik pages secret into full vault file 
Trialing a new pattern for vault storage
 2021-12-20 21:17:25 +00:00
Jake Howard e2029cf8aa Pretend vault pass script is the password 2021-12-20 17:48:14 +00:00
Jake Howard 9e473265a5 Read vault password from bitwarden instead of filesystem 
https://theorangeone.net/posts/ansible-vault-bitwarden/
 2021-12-20 17:25:18 +00:00
Jake Howard b50659ab5d Update nextcloud to 23 2021-12-19 21:18:09 +00:00
Jake Howard a5329665c0 Update vaultwarden to 1.23.1 2021-12-15 20:21:01 +00:00