Commit Graph

527 Commits

Author SHA1 Message Date
8d2142b259 make upgrade and reboot window more liberal 2023-03-01 15:12:19 +02:00
77941cb0dc coturn denylist ips 2023-03-01 15:05:58 +02:00
0a021dc80f coturn watches for changed certs 2023-03-01 14:55:57 +02:00
f6b37127f6 reduce logging; add sshguard 2023-03-01 14:39:48 +02:00
17bb90dca0 stop logging refused connections 2023-03-01 14:17:27 +02:00
5f1f3e1bfc add coturn to firewall 2023-03-01 13:06:53 +02:00
f537b43a0d coturn: add tls key and cert 2023-03-01 13:00:27 +02:00
2e970a22ce patched systemd
that passes secrets in `ExecStartPre`.
2023-02-28 15:30:17 +02:00
e4c39bf857 Add password for secrets/hel1-a/turn/static-auth-secret using nvim. 2023-02-28 14:25:32 +02:00
f2f51f2a87 hardcode gitea and motiejus uid 2023-02-26 07:44:06 +02:00
48309ce908 auto-upgrade at 1am UTC 2023-02-25 17:29:53 +02:00
ea7f4a2577 cosmetics 2023-02-25 17:23:21 +02:00
6e9cdf04ba fix unit-status after actual test 2023-02-25 17:20:01 +02:00
065172836c add sr.ht pubkey 2023-02-25 15:55:08 +02:00
06866ad6fb change backup path 2023-02-25 15:52:23 +02:00
c7bd826234 unit-status-mail for backups 2023-02-25 15:49:39 +02:00
4d21eda97f wip gitea mailer 2023-02-23 15:43:16 +02:00
0cc0fd09b6 fix pubkey of dl.jakstys.lt 2023-02-21 15:21:37 +02:00
ef2b04e583 gc no older than 14d instead of 30d 2023-02-19 22:21:14 +02:00
f574122be0 fix dl.jakstys.lt pubkey 2023-02-19 22:08:36 +02:00
Motiejus Jakštys
8a8ff9513b nix.gc 2023-02-19 19:23:55 +02:00
997463191b Remove secrets/hel1-a/restic from store. 2023-02-06 06:26:22 +02:00
463b625e01 postfix
compiles and sends, does not receive (yet)
2023-02-06 06:25:43 +02:00
9c997adb45 Add given password for secrets/hel1-a/postfix/sasl_passwd to store. 2023-02-06 06:07:08 +02:00
cf25ada8d2 fix caddy backup paths 2023-01-31 08:32:51 -08:00
c99480b357 borg: prune + more frequent copies 2023-01-26 10:57:45 -08:00
4fb7ed8d2a fix up borg backups 2023-01-26 10:26:58 -08:00
26ee5592ac make-snapshot-dirs 2023-01-26 13:08:41 -05:00
9411df0162 properly add mosh 2023-01-26 12:11:13 -05:00
7ca87d396e wip moving to borgbackup 2023-01-26 12:05:59 -05:00
3cb53fb324 Add generated password for secrets/hel1-a/borgbackup/password. 2023-01-23 13:26:58 +02:00
f4d306cd7d a bit more robust backups; not done yet 2023-01-22 16:31:18 +02:00
b6e854b1c3 auto reboots come after backups 2023-01-17 16:00:41 +02:00
dd2349f604 back up caddy logs too 2023-01-17 15:43:21 +02:00
e1c6dc068f caddy log rotation 2023-01-17 15:12:08 +02:00
cee3366daa logrotate for /var/log/caddy/access-beta.jakstys.lt.log 2023-01-17 14:07:05 +02:00
e3d98c6537 beta.jakstys.lt with matrix and blog hosting 2023-01-17 12:10:13 +02:00
3abc743961 headscale: ipv6 subnet
no effect yet, but at least will be configured.
2023-01-15 20:44:22 +02:00
7d4a3acb94 auto-prune backups 2023-01-15 20:05:56 +02:00
e3d1d34f5b fine-tune backup repo 2023-01-15 20:03:31 +02:00
c2bcbd7ba2 restic backups of /var/lib 2023-01-15 18:54:39 +02:00
1a0dc2438f add some known hosts 2023-01-11 09:47:50 +02:00
7c8e062d51 sanoid: make non-verbose again 2023-01-11 05:40:48 +02:00
bf22b73244 remove snaplink 2023-01-11 05:39:17 +02:00
930949b4ac pass: use standard paths 2023-01-11 05:38:02 +02:00
90c512cf84 Add generated password for hel1-a/restic/password. 2023-01-11 05:34:28 +02:00
fde8ed629d client secret is in an accessible file, for now 2023-01-10 16:38:36 +02:00
766d7db1d1 will be backing up /var/lib 2023-01-08 17:01:26 +02:00
604a83cdee Revert "sanoid: replace paths with mountpoints"
This reverts commit 32f7869460.
2023-01-05 14:59:24 +02:00
0d59d3ae81 Revert "shorten snaplink"
This reverts commit a51090514e.
2023-01-05 14:59:12 +02:00