Commit Graph

73 Commits

Author SHA1 Message Date
a2a741d27e fmt and formatting; nsd-acme is less verbose 2023-08-10 10:48:34 +03:00
fa435f65d0 zones don't need to be sanitized
it's DNS!
2023-08-10 10:46:06 +03:00
7bedc09abb deployerbot: do not restart if changed
leads to interesting deadlocks when upgrading self
2023-08-10 10:40:07 +03:00
4878c42ca9 cron + alerting for cert updates 2023-08-10 00:46:36 +03:00
9059f84632 uacme can return 1 when cert is up to date 2023-08-10 00:37:21 +03:00
76a748e086 grafana is now prod 2023-08-10 00:29:56 +03:00
98816538d2 trying grafana1 2023-08-10 00:24:36 +03:00
69e6734eb7 nsd-acme: misc fixes 2023-08-09 15:55:05 +03:00
9a456192af nsd-acme 2023-08-09 15:34:44 +03:00
3e66f95668 zfsunlock nitpick 2023-08-09 14:26:49 +03:00
9a7e42b95d nsd: ConditionPathExists all files 2023-08-07 14:50:32 +03:00
5ae9886929 deployerbot: set PATH in systemd service definition 2023-08-07 14:39:38 +03:00
c8525b4e6b node_exporter on hel1-a 2023-08-06 01:00:02 +03:00
665e79a984 prometheus: beginnings 2023-08-05 18:32:28 +03:00
f4e04faef3 friendlyport 2023-08-05 18:18:30 +03:00
43d6d25dd0 sysdig: enable everywhere 2023-08-05 17:27:13 +03:00
cf6eeb6f29 deployerbot: start action at 23:30 UTC
According to 'nixos infra status' finding a good time of day to run the
updates for nixos release non-small is futile.
2023-08-02 15:41:07 +03:00
07921f1eaa nix flake update: schedule at 16:00 UTC 2023-08-01 14:24:32 +03:00
7a224096ba set PATH once 2023-07-30 09:01:27 +03:00
c99adbbaa1 bring back exec 2023-07-30 08:59:58 +03:00
d536eb5656 set OLD_PATH once 2023-07-30 08:56:38 +03:00
afd7743f37 deployerbot: push after a successful deploy 2023-07-30 08:53:19 +03:00
482f01bb01 deployer: set -x 2023-07-30 07:36:12 +03:00
36bbceac03 limit deployerbot-follower to our vpn 2023-07-30 07:23:43 +03:00
d1b19e6cf6 deployerbot: do not set -x 2023-07-30 07:00:10 +03:00
a9e8904d28 add deployerbot-follower to trusted users 2023-07-30 06:55:04 +03:00
ef050725c1 deploy-rs can deploy multiple targets with --targets 2023-07-30 06:50:06 +03:00
69ee6c9caa add comment re calendar time 2023-07-30 06:45:54 +03:00
f18a2ff855 deploy updates regularly 2023-07-30 06:41:13 +03:00
9de5120cc3 updaterbot: move all to deployer 2023-07-30 06:30:52 +03:00
9e0bd48a22 clean up old paths -- untested 2023-07-28 16:15:59 +03:00
49b9cc8351 vno1-oh2: enable deployerbot master 2023-07-28 16:09:41 +03:00
bff8cef210 fixes in deployment script 2023-07-28 15:55:16 +03:00
e588514c07 updater 2023-07-28 15:43:23 +03:00
a030ae0879 fix syntax error 2023-07-28 14:25:36 +03:00
579f21b0d1 hel1-a: make initrd consistent with vno1-oh2 2023-07-28 14:25:14 +03:00
bddb20cd13 updater: move to it's own service 2023-07-28 14:22:40 +03:00
e9c8320f72 unitstatus: unit status cmd is more robust 2023-07-28 14:04:26 +03:00
3237810611 unitstatus: remove escaping
Otherwise:

    Invalid unit name "borgbackup/job//home" escaped as "borgbackup-job--home" (maybe you should use systemd-escape?).
2023-07-28 13:56:52 +03:00
45724064d1 add M-R 2023-07-28 09:10:40 +03:00
89f7838c93 add Irenos folder 2023-07-26 22:24:51 +03:00
0677c8eb2a a few network traffic observability programs 2023-07-26 15:42:10 +03:00
8cecf18f43 mount zfs snapshots read-only 2023-07-26 15:36:11 +03:00
4522af453b start/stop firewall commands 2023-07-26 15:14:12 +03:00
ab11ee31f2 vno1-oh2: pass ssh key to borg 2023-07-26 14:49:34 +03:00
bb5ae6d2f7 sshguard: whitelist all known public ips 2023-07-26 14:17:14 +03:00
99488618ce enable sshguard and plocate 2023-07-26 14:12:09 +03:00
cff18bfb8f move common zfs settings to modules/base 2023-07-26 14:01:57 +03:00
d4527c24a6 mailutils comes with postfix 2023-07-26 13:32:03 +03:00
bac191ef2f postfix: add to vno1-oh2 2023-07-26 13:27:15 +03:00