Commit Graph

235 Commits

Author SHA1 Message Date
Motiejus Jakštys 4b9674d7c6 starting with some scala 2023-10-08 23:00:52 +03:00
Motiejus Jakštys 1dd4f04725 statix: fix bugs with inherit
now I know better what it does.
2023-10-02 00:00:30 +03:00
Motiejus Jakštys 25e8191177 enable statx 2023-10-02 00:00:30 +03:00
Motiejus Jakštys f298984998 Revert "grafana.jakstys.lt: use http"
This reverts commit f98db66b64.

Android Firefox says "this website is redirecting incorrectly"
2023-09-30 06:01:09 +03:00
Motiejus Jakštys f98db66b64 grafana.jakstys.lt: use http 2023-09-23 23:11:48 +03:00
Motiejus Jakštys 96388ab0d9 nsd-acme: add hdd.jakstys.lt 2023-09-23 22:26:33 +03:00
Motiejus Jakštys 91f7ccfb14 add hacotest 2023-09-22 14:48:31 +03:00
Motiejus Jakštys 07e61adc1e firewall: reject packets on some hosts 2023-09-22 09:34:23 +03:00
Motiejus Jakštys 0507fb3328 deployerbot and backups: move time around so they don't ovelap 2023-09-21 06:55:17 +03:00
Motiejus Jakštys 4290a541ef all backups in UTC 2023-09-21 06:44:26 +03:00
Motiejus Jakštys 21e96199bb deployerbot: use vpn for actual deploying anyway 2023-09-20 14:43:04 +03:00
Motiejus Jakštys 4973a1cdd4 deployerbot: fwminex allows vno1 2023-09-18 20:49:17 +03:00
Motiejus Jakštys 5a5ffd6f00 upgrading fwminex too 2023-09-18 19:50:24 +03:00
Motiejus Jakštys 9cd5d406cf enable node_exporter for fwminex 2023-09-18 19:31:45 +03:00
Motiejus Jakštys 0208e59595 grafana: assign viewer role for new people 2023-09-17 22:41:51 +03:00
Motiejus Jakštys 7ee6a0de71 zfsborg: remove the ${mountpoint}/.snapshot-latest prefix
The path in the filesystem is quite clear from the archive name.
2023-09-15 11:05:05 +03:00
Motiejus Jakštys 9eb8147660 tailscale: silence logs on some machines 2023-09-14 14:37:55 +03:00
Motiejus Jakštys aad4502030 rename vno1-rp3b to vno3-rp3b
ready for deployment
2023-09-14 13:27:05 +03:00
Motiejus Jakštys 85917635fd sshguard is now optional 2023-09-14 06:41:16 +03:00
Motiejus Jakštys 2dd8cda85a open up samba 2023-09-12 16:08:32 +03:00
Motiejus Jakštys e61944dfde rewrite firewall rules 2023-09-12 15:46:44 +03:00
Motiejus Jakštys 5cfc0a62b9 vno1-oh2: mitigating the NIC 2023-09-12 09:59:55 +03:00
Motiejus Jakštys 94253212c6 networking.firewall.checkReversePath = "loose" for tailscale 2023-09-11 22:38:44 +03:00
Motiejus Jakštys 05b7858035 borgstor: add remaining paths 2023-09-11 17:50:59 +03:00
Motiejus Jakštys d1a7aebfc9 borgstor: add /var/log for testing 2023-09-11 17:40:47 +03:00
Motiejus Jakštys 583f74cf3f zfsborg: restructure config
Preparing for 2 repo destinations.
2023-09-11 17:25:12 +03:00
Motiejus Jakštys 866347b042 add borgstor 2023-09-11 15:51:33 +03:00
Motiejus Jakštys b0bf88169f move grafana logs to /var/log/grafana 2023-09-08 07:42:22 +03:00
Motiejus Jakštys c80e72a450 backup caddy lib dir 2023-09-08 07:41:51 +03:00
Motiejus Jakštys ee36768b0e minidlna: open up /home/motiejus/video 2023-09-07 22:31:02 +03:00
Motiejus Jakštys fc3308a2e9 minidlna 2023-09-07 22:24:00 +03:00
Motiejus Jakštys 11b3894d6f vaultwarden: PUSH_INSTALLATION_ID and PUSH_INSTALLATION_KEY 2023-09-07 14:29:55 +03:00
Motiejus Jakštys 8ab980d059 signups and logging 2023-09-07 14:26:00 +03:00
Motiejus Jakštys a41c0743ab backups: add bitwarden_rs, nsd-acme, tailscale 2023-09-07 14:20:21 +03:00
Motiejus Jakštys d8aa8e5748 fix smtp 2023-09-07 13:51:47 +03:00
Motiejus Jakštys 633e093969 vaultwarden: smtp and secrets 2023-09-07 13:04:38 +03:00
Motiejus Jakštys 83a20aa69a vaultwarden: fix typo 2023-09-07 10:59:14 +03:00
Motiejus Jakštys 721a9b2c5c vaultwarden: add admin secret 2023-09-07 10:57:43 +03:00
Motiejus Jakštys 9163143204 vaultwarden 2023-09-07 09:29:20 +03:00
Motiejus Jakštys 6783a3fb0e update grafana's timeInterval to 10s 2023-09-06 22:59:48 +03:00
Motiejus Jakštys 980b7b0449 prometheus: scrape/evaluation intervals 2023-09-06 22:18:44 +03:00
Motiejus Jakštys cdbbdaaa45 prometheus/caddy 2023-09-06 17:44:30 +03:00
Motiejus Jakštys 810064ebbd prometheus meta scraper 2023-09-06 16:38:38 +03:00
Motiejus Jakštys 49dcbd3d51 prometheus: retention time is 1y 2023-09-06 16:32:11 +03:00
Motiejus Jakštys 44c6bccca6 snmp: add some routers 2023-09-05 15:29:20 +03:00
Motiejus Jakštys 5c1cccb8a4 snmp: from package back to module 2023-09-05 14:41:52 +03:00
Motiejus Jakštys e9d709f507 add motiejus_bk2 properly 2023-09-01 13:42:26 +03:00
Motiejus Jakštys fe30f6c32a Add dl.jakstys.lt 2023-08-29 15:41:57 +03:00
Motiejus Jakštys 97ef691743 grafana.jakstys.lt: abort non-private ips 2023-08-27 15:32:49 +03:00
Motiejus Jakštys cc11726ed7 remove hel1-a 2023-08-27 15:17:54 +03:00
Motiejus Jakštys 617b829589 deployerbot: add fra1-a 2023-08-27 01:04:09 +03:00
Motiejus Jakštys ba821ff7f3 node_exporter: add fra1-a 2023-08-27 00:55:33 +03:00
Motiejus Jakštys de4b47b929 zfsunlock between fra1-a and vno1-oh2 2023-08-26 23:48:18 +03:00
Motiejus Jakštys 3a5b1e5951 preparing to move headscale to vno1-oh2 2023-08-25 19:53:21 +03:00
Motiejus Jakštys b886b752e0 caddy: snapshot and backup access logs 2023-08-25 19:41:26 +03:00
Motiejus Jakštys 95dfd6d143 caddy: disable on hel1-a, enable logrotate on vno1-oh2 2023-08-25 17:03:01 +03:00
Motiejus Jakštys 23347f6952 matrix-synapse: listen on 127.0.0.1
reverse proxying is over
2023-08-25 17:00:30 +03:00
Motiejus Jakštys c5bfc43b4d matrix: do not encode in caddy 2023-08-25 16:53:44 +03:00
Motiejus Jakštys cc6af1c68f caddy: move to vno1-oh2 2023-08-25 16:44:41 +03:00
Motiejus Jakštys eca5765e8f remove matrix-synapse from hel1-a 2023-08-25 16:27:39 +03:00
Motiejus Jakštys 3687d7cd73 matrix-synapse listen on 0.0.0.0 2023-08-25 16:14:12 +03:00
Motiejus Jakštys ac50f832da moving synapse to vno1-oh2 2023-08-25 15:55:06 +03:00
Motiejus Jakštys e677966c3d remove gitea from hel1-b 2023-08-25 10:35:49 +03:00
Motiejus Jakštys f10cfb1147 enable acme for caddy 2023-08-25 10:14:10 +03:00
Motiejus Jakštys 1b6c35ed76 vno1-oh2: enable gitea 2023-08-25 09:27:24 +03:00
Motiejus Jakštys 6cf894ee68 move logRefusedConnections to base 2023-08-24 23:49:21 +03:00
Motiejus Jakštys ef14233811 vno1-oh2: backup /var/lib/{grafana,soju} 2023-08-22 15:18:24 +03:00
Motiejus Jakštys 5ea92ad8ab soju: store logs to files 2023-08-22 15:13:33 +03:00
Motiejus Jakštys 6f5240a53c soju: add unix+admin 2023-08-22 14:39:42 +03:00
Motiejus Jakštys e082b2cd40 fix soju config 2023-08-22 14:35:54 +03:00
Motiejus Jakštys d812f5f91d nsd-acme is now a requirement for services 2023-08-22 14:32:09 +03:00
Motiejus Jakštys 833b2bd1cf nsd-acme fixes
- remove obsolete conditions (that's what After is for)
- irc.jakstys.lt is no longer staging
2023-08-22 14:30:08 +03:00
Motiejus Jakštys 2e1af09789 enable soju 2023-08-22 14:28:59 +03:00
Motiejus Jakštys c4bd57c47d acme for irc.jakstys.lt 2023-08-22 14:26:47 +03:00
Motiejus Jakštys 407024dfa9 zfsunlock: use IP addresses + zfsunlock 2023-08-22 14:14:20 +03:00
Motiejus Jakštys 7063b1d84e vim nitpicks 2023-08-18 18:50:39 +03:00
Motiejus Jakštys e1378a3617 start with vim 2023-08-18 18:43:34 +03:00
Motiejus Jakštys bbf562d205 move node_exporter to its own module 2023-08-18 09:32:01 +03:00
Motiejus Jakštys 3f4399017c rp3b: add node_exporter 2023-08-16 16:54:17 +03:00
Motiejus Jakštys 8626cb4bd1 deployerbot: do .#vno1-rp3b too 2023-08-16 16:49:45 +03:00
Motiejus Jakštys 16a71b2abd Revert "Revert "vno1-oh2: emulate aarch64-linux""
This reverts commit d77bcd5063.
2023-08-15 23:37:06 +03:00
Motiejus Jakštys d77bcd5063 Revert "vno1-oh2: emulate aarch64-linux"
This reverts commit 146b9ef33d.
2023-08-15 23:08:41 +03:00
Motiejus Jakštys 146b9ef33d vno1-oh2: emulate aarch64-linux 2023-08-15 22:52:58 +03:00
Motiejus Jakštys ac2cdc0696 GrafanaAdmin is our default 2023-08-14 17:10:37 +03:00
Motiejus Jakštys cfc116439c grafana: temporarily disable auto_login 2023-08-14 17:07:30 +03:00
Motiejus Jakštys c387151307 oauth: auto_login 2023-08-14 17:05:44 +03:00
Motiejus Jakštys 267e8879de auto assign roles 2023-08-14 17:00:03 +03:00
Motiejus Jakštys c8caae7d99 configure grafana oidc
client id: 5349c113-467d-4b95-a61b-264f2d844da8
2023-08-14 16:56:59 +03:00
Motiejus Jakštys 5a7a32f1e0 grafana: gzip itself 2023-08-14 15:27:55 +03:00
Motiejus Jakštys 98a4ad79f8 grafana now on https://grafana.jakstys.lt, over vpn 2023-08-14 09:04:09 +03:00
Motiejus Jakštys 76a748e086 grafana is now prod 2023-08-10 00:29:56 +03:00
Motiejus Jakštys 98816538d2 trying grafana1 2023-08-10 00:24:36 +03:00
Motiejus Jakštys 6b795bd6f4 Revert "grafana.jakstys.lt: non-staging"
This reverts commit b8435f3d97.
2023-08-09 16:08:04 +03:00
Motiejus Jakštys b8435f3d97 grafana.jakstys.lt: non-staging 2023-08-09 15:57:08 +03:00
Motiejus Jakštys 9a456192af nsd-acme 2023-08-09 15:34:44 +03:00
Motiejus Jakštys 4cd41382c2 nsd-control-setup: try to fix triggering conditions 2023-08-07 14:55:45 +03:00
Motiejus Jakštys 9a7e42b95d nsd: ConditionPathExists all files 2023-08-07 14:50:32 +03:00
Motiejus Jakštys afb9c5f309 nsd: acme pattern zonefile 2023-08-07 09:28:28 +03:00
Motiejus Jakštys 132669d69d nsd: add acme pattern 2023-08-07 09:12:57 +03:00
Motiejus Jakštys efa76812e8 remove _acme-endpoint.grafana.jakstys.lt. from main config 2023-08-07 09:05:02 +03:00
Motiejus Jakštys b7908a51fb nsd: nsd_control.pem is the last thing in nsd-control-setup 2023-08-07 08:26:48 +03:00
Motiejus Jakštys a8bf8d7504 nsd: enable remote-control 2023-08-07 01:36:28 +03:00
Motiejus Jakštys 275c4ee8ca _acme-theone 2023-08-07 01:15:36 +03:00
Motiejus Jakštys a783e84e0b _acme-challenge points to _acme 2023-08-07 00:46:26 +03:00
Motiejus Jakštys 5041d4d262 vno1-oh2: allow port 53 2023-08-07 00:33:37 +03:00
Motiejus Jakštys 36280e1624 wip playing with acme-challenge 2023-08-07 00:27:33 +03:00
Motiejus Jakštys a1c1310184 prometheus: change scrape_interval to 15s 2023-08-06 21:18:14 +03:00
Motiejus Jakštys d8fb8a618d grafana listen on wildcard 2023-08-06 20:39:48 +03:00
Motiejus Jakštys c8525b4e6b node_exporter on hel1-a 2023-08-06 01:00:02 +03:00
Motiejus Jakštys e1581adf18 node_exporter collect processes too 2023-08-06 00:32:23 +03:00
Motiejus Jakštys 7c74d8c1ed expose more ports to self 2023-08-06 00:15:13 +03:00
Motiejus Jakštys a5b1b4637f grafana/prometheus provisioning 2023-08-06 00:11:16 +03:00
Motiejus Jakštys 665e79a984 prometheus: beginnings 2023-08-05 18:32:28 +03:00
Motiejus Jakštys f4e04faef3 friendlyport 2023-08-05 18:18:30 +03:00
Motiejus Jakštys e62cbb9bed deploy hel1-a too 2023-07-30 06:43:43 +03:00
Motiejus Jakštys f18a2ff855 deploy updates regularly 2023-07-30 06:41:13 +03:00
Motiejus Jakštys 9de5120cc3 updaterbot: move all to deployer 2023-07-30 06:30:52 +03:00
Motiejus Jakštys 49b9cc8351 vno1-oh2: enable deployerbot master 2023-07-28 16:09:41 +03:00
Motiejus Jakštys e588514c07 updater 2023-07-28 15:43:23 +03:00
Motiejus Jakštys bddb20cd13 updater: move to it's own service 2023-07-28 14:22:40 +03:00
Motiejus Jakštys 936286a847 backup syncthing keys too 2023-07-26 15:31:05 +03:00
Motiejus Jakštys ab11ee31f2 vno1-oh2: pass ssh key to borg 2023-07-26 14:49:34 +03:00
Motiejus Jakštys e1b1715a48 vno1-oh2: backup /home/motiejus/annex2 2023-07-26 14:24:20 +03:00
Motiejus Jakštys 6200488e32 remove nixos-upgrade 2023-07-26 14:04:45 +03:00
Motiejus Jakštys cff18bfb8f move common zfs settings to modules/base 2023-07-26 14:01:57 +03:00
Motiejus Jakštys bac191ef2f postfix: add to vno1-oh2 2023-07-26 13:27:15 +03:00
Motiejus Jakštys 60936605c9 vno1-oh2: snapshot /home 2023-07-26 13:09:40 +03:00
Motiejus Jakštys 4f1aa85659 syncthing 2023-07-26 12:55:15 +03:00
Motiejus Jakštys e85cfd5d08 add TODO 2023-07-24 16:46:35 +03:00
Motiejus Jakštys 69fe567b00 vno1-oh2: trust updaterbot 2023-07-24 16:46:35 +03:00
Motiejus Jakštys 71fd71cb6b vno1-oh2: add updaterbot 2023-07-24 16:46:35 +03:00
Motiejus Jakštys 4611c08d4f cleanup ips; nix fmt 2023-07-24 12:36:34 +03:00
Motiejus Jakštys 679226b60f zfsunlock 2023-07-24 10:31:29 +03:00
Motiejus Jakštys dd60e07a14 wip more intitrd unlockers 2023-07-23 15:24:38 +03:00
Motiejus Jakštys f4446cb506 wip vno1-oh2 2023-07-22 16:51:34 +03:00