Commit Graph

210 Commits

Author SHA1 Message Date
03effee58e STS for *.jakstys.lt
- do not includeSubDomains
- do not preload
2024-01-15 13:35:20 +02:00
091380a691 vno1-oh2: add yt-dlp 2024-01-14 18:23:17 +02:00
42aa3ca768 photoprism: add admin password 2023-12-28 23:33:47 +02:00
ac8e5f1c50 photoprism: make work 2023-12-28 23:29:36 +02:00
dce813c55b photoprism: disable for now
Dec 28 00:03:54 vno1-oh2 (re-start)[1055134]: photoprism.service: Failed to set up mount namespacing: /run/systemd/mount-rootfs/data: No such file or directory
    Dec 28 00:03:54 vno1-oh2 (re-start)[1055134]: photoprism.service: Failed at step NAMESPACE spawning /nix/store/000qvz8dblxpd0hdp3iylj8gj9lg43wg-unit-script-photoprism-pre-start/bin/photoprism-pre-start: No such file or directory
2023-12-28 00:06:12 +02:00
c8a02dbb57 the service starts 2023-12-27 23:58:51 +02:00
105c211406 vno1-oh2: try photoprism 2023-12-27 23:41:00 +02:00
7cb014cf89 MX: migrate to migadu.com 2023-12-26 11:09:17 +02:00
57f551dc73 beta.jakstys.lt handle well-known/caldav|carddav 2023-12-25 17:42:01 +02:00
84be8520dd move beta to it's own zone 2023-12-16 00:20:26 +02:00
821f770dd7 add geoipWithDatabase 2023-12-08 19:53:04 +02:00
4c80004870 grafana: Viewer -> Editor 2023-12-07 22:29:26 +02:00
fb310f9e29 23.11: get rid of most warnings 2023-11-28 19:59:32 +02:00
8e78a31f20 statix 2023-11-28 01:00:10 +02:00
e4bd3b201f vno1-oh2: backup hass too 2023-11-22 22:19:20 +02:00
de939d45cd hass 2023-11-14 09:47:11 +02:00
c3bb5e41d6 hass 2023-11-14 09:18:08 +02:00
f0f2daebb9 Revert "vno1-oh2: grafana-image-renderer"
This reverts commit 3510e2c1e0.

Not that useful.
2023-10-24 13:08:03 +03:00
3510e2c1e0 vno1-oh2: grafana-image-renderer 2023-10-24 13:00:27 +03:00
35145243bd tailscaled: silence logs by default
it works.
2023-10-22 20:14:25 +03:00
dffa085e47 cosmetics 2023-10-22 09:10:09 +03:00
e5ebea558c remove hacotest, add sbt 2023-10-20 09:27:49 +03:00
7600a4ad2b mtwork: scrape the right port 2023-10-16 15:57:58 +03:00
Motiejus Jakštys
668ef2b952 node_exporter: add mtwork 2023-10-16 14:52:06 +03:00
c3e68e5122 deployerbot: make deployment of vno3-rp3b optional
I don't control it as much.
2023-10-15 22:56:49 +03:00
4b9674d7c6 starting with some scala 2023-10-08 23:00:52 +03:00
1dd4f04725 statix: fix bugs with inherit
now I know better what it does.
2023-10-02 00:00:30 +03:00
25e8191177 enable statx 2023-10-02 00:00:30 +03:00
f298984998 Revert "grafana.jakstys.lt: use http"
This reverts commit f98db66b64.

Android Firefox says "this website is redirecting incorrectly"
2023-09-30 06:01:09 +03:00
f98db66b64 grafana.jakstys.lt: use http 2023-09-23 23:11:48 +03:00
96388ab0d9 nsd-acme: add hdd.jakstys.lt 2023-09-23 22:26:33 +03:00
91f7ccfb14 add hacotest 2023-09-22 14:48:31 +03:00
07e61adc1e firewall: reject packets on some hosts 2023-09-22 09:34:23 +03:00
0507fb3328 deployerbot and backups: move time around so they don't ovelap 2023-09-21 06:55:17 +03:00
4290a541ef all backups in UTC 2023-09-21 06:44:26 +03:00
21e96199bb deployerbot: use vpn for actual deploying anyway 2023-09-20 14:43:04 +03:00
4973a1cdd4 deployerbot: fwminex allows vno1 2023-09-18 20:49:17 +03:00
5a5ffd6f00 upgrading fwminex too 2023-09-18 19:50:24 +03:00
9cd5d406cf enable node_exporter for fwminex 2023-09-18 19:31:45 +03:00
0208e59595 grafana: assign viewer role for new people 2023-09-17 22:41:51 +03:00
7ee6a0de71 zfsborg: remove the ${mountpoint}/.snapshot-latest prefix
The path in the filesystem is quite clear from the archive name.
2023-09-15 11:05:05 +03:00
9eb8147660 tailscale: silence logs on some machines 2023-09-14 14:37:55 +03:00
aad4502030 rename vno1-rp3b to vno3-rp3b
ready for deployment
2023-09-14 13:27:05 +03:00
85917635fd sshguard is now optional 2023-09-14 06:41:16 +03:00
2dd8cda85a open up samba 2023-09-12 16:08:32 +03:00
e61944dfde rewrite firewall rules 2023-09-12 15:46:44 +03:00
5cfc0a62b9 vno1-oh2: mitigating the NIC 2023-09-12 09:59:55 +03:00
94253212c6 networking.firewall.checkReversePath = "loose" for tailscale 2023-09-11 22:38:44 +03:00
05b7858035 borgstor: add remaining paths 2023-09-11 17:50:59 +03:00
d1a7aebfc9 borgstor: add /var/log for testing 2023-09-11 17:40:47 +03:00
583f74cf3f zfsborg: restructure config
Preparing for 2 repo destinations.
2023-09-11 17:25:12 +03:00
866347b042 add borgstor 2023-09-11 15:51:33 +03:00
b0bf88169f move grafana logs to /var/log/grafana 2023-09-08 07:42:22 +03:00
c80e72a450 backup caddy lib dir 2023-09-08 07:41:51 +03:00
ee36768b0e minidlna: open up /home/motiejus/video 2023-09-07 22:31:02 +03:00
fc3308a2e9 minidlna 2023-09-07 22:24:00 +03:00
11b3894d6f vaultwarden: PUSH_INSTALLATION_ID and PUSH_INSTALLATION_KEY 2023-09-07 14:29:55 +03:00
8ab980d059 signups and logging 2023-09-07 14:26:00 +03:00
a41c0743ab backups: add bitwarden_rs, nsd-acme, tailscale 2023-09-07 14:20:21 +03:00
d8aa8e5748 fix smtp 2023-09-07 13:51:47 +03:00
633e093969 vaultwarden: smtp and secrets 2023-09-07 13:04:38 +03:00
83a20aa69a vaultwarden: fix typo 2023-09-07 10:59:14 +03:00
721a9b2c5c vaultwarden: add admin secret 2023-09-07 10:57:43 +03:00
9163143204 vaultwarden 2023-09-07 09:29:20 +03:00
6783a3fb0e update grafana's timeInterval to 10s 2023-09-06 22:59:48 +03:00
980b7b0449 prometheus: scrape/evaluation intervals 2023-09-06 22:18:44 +03:00
cdbbdaaa45 prometheus/caddy 2023-09-06 17:44:30 +03:00
810064ebbd prometheus meta scraper 2023-09-06 16:38:38 +03:00
49dcbd3d51 prometheus: retention time is 1y 2023-09-06 16:32:11 +03:00
44c6bccca6 snmp: add some routers 2023-09-05 15:29:20 +03:00
5c1cccb8a4 snmp: from package back to module 2023-09-05 14:41:52 +03:00
e9d709f507 add motiejus_bk2 properly 2023-09-01 13:42:26 +03:00
fe30f6c32a Add dl.jakstys.lt 2023-08-29 15:41:57 +03:00
97ef691743 grafana.jakstys.lt: abort non-private ips 2023-08-27 15:32:49 +03:00
cc11726ed7 remove hel1-a 2023-08-27 15:17:54 +03:00
617b829589 deployerbot: add fra1-a 2023-08-27 01:04:09 +03:00
ba821ff7f3 node_exporter: add fra1-a 2023-08-27 00:55:33 +03:00
de4b47b929 zfsunlock between fra1-a and vno1-oh2 2023-08-26 23:48:18 +03:00
3a5b1e5951 preparing to move headscale to vno1-oh2 2023-08-25 19:53:21 +03:00
b886b752e0 caddy: snapshot and backup access logs 2023-08-25 19:41:26 +03:00
95dfd6d143 caddy: disable on hel1-a, enable logrotate on vno1-oh2 2023-08-25 17:03:01 +03:00
23347f6952 matrix-synapse: listen on 127.0.0.1
reverse proxying is over
2023-08-25 17:00:30 +03:00
c5bfc43b4d matrix: do not encode in caddy 2023-08-25 16:53:44 +03:00
cc6af1c68f caddy: move to vno1-oh2 2023-08-25 16:44:41 +03:00
eca5765e8f remove matrix-synapse from hel1-a 2023-08-25 16:27:39 +03:00
3687d7cd73 matrix-synapse listen on 0.0.0.0 2023-08-25 16:14:12 +03:00
ac50f832da moving synapse to vno1-oh2 2023-08-25 15:55:06 +03:00
e677966c3d remove gitea from hel1-b 2023-08-25 10:35:49 +03:00
f10cfb1147 enable acme for caddy 2023-08-25 10:14:10 +03:00
1b6c35ed76 vno1-oh2: enable gitea 2023-08-25 09:27:24 +03:00
6cf894ee68 move logRefusedConnections to base 2023-08-24 23:49:21 +03:00
ef14233811 vno1-oh2: backup /var/lib/{grafana,soju} 2023-08-22 15:18:24 +03:00
5ea92ad8ab soju: store logs to files 2023-08-22 15:13:33 +03:00
6f5240a53c soju: add unix+admin 2023-08-22 14:39:42 +03:00
e082b2cd40 fix soju config 2023-08-22 14:35:54 +03:00
d812f5f91d nsd-acme is now a requirement for services 2023-08-22 14:32:09 +03:00
833b2bd1cf nsd-acme fixes
- remove obsolete conditions (that's what After is for)
- irc.jakstys.lt is no longer staging
2023-08-22 14:30:08 +03:00
2e1af09789 enable soju 2023-08-22 14:28:59 +03:00
c4bd57c47d acme for irc.jakstys.lt 2023-08-22 14:26:47 +03:00
407024dfa9 zfsunlock: use IP addresses + zfsunlock 2023-08-22 14:14:20 +03:00