|
6b3f073b5b
|
secrets for fwminex
|
2023-09-15 13:28:15 +03:00 |
|
|
e3c5f37b43
|
add some packages
|
2023-09-15 13:05:56 +03:00 |
|
|
93b95af851
|
borgstor: allow motiejus to read borg backups
|
2023-09-15 11:17:40 +03:00 |
|
|
7ee6a0de71
|
zfsborg: remove the ${mountpoint}/.snapshot-latest prefix
The path in the filesystem is quite clear from the archive name.
|
2023-09-15 11:05:05 +03:00 |
|
|
331ffa9450
|
vno3-rp3b: add borgbackup app
|
2023-09-15 10:49:27 +03:00 |
|
|
09f1b62cc8
|
add a desktop profile
|
2023-09-14 21:53:59 +03:00 |
|
|
0389fa709a
|
vno1-rp3b: enable zfs misc
|
2023-09-14 21:38:29 +03:00 |
|
|
350c9a8d49
|
disable zfs-mount
|
2023-09-14 15:26:16 +03:00 |
|
|
8b0573409d
|
fwminex: enable firewall
|
2023-09-14 15:25:08 +03:00 |
|
|
fb3c39d7dc
|
re-enable tailscale, oops
|
2023-09-14 14:48:54 +03:00 |
|
|
9eb8147660
|
tailscale: silence logs on some machines
|
2023-09-14 14:37:55 +03:00 |
|
|
aad4502030
|
rename vno1-rp3b to vno3-rp3b
ready for deployment
|
2023-09-14 13:27:05 +03:00 |
|
|
45a9b7475b
|
vno1-rp3b: dhcp
|
2023-09-14 13:24:40 +03:00 |
|
|
4a5893ae73
|
fwminex: some hardware updates
|
2023-09-14 09:42:14 +00:00 |
|
|
8e32a16f01
|
add iwlwifi to early-ish boot
|
2023-09-14 11:35:29 +03:00 |
|
|
e341092306
|
fwminex: enable redistributable firmware, remove docker volume
|
2023-09-14 11:31:53 +03:00 |
|
|
280b8cf3ad
|
fwminex: fix mountpoint to /var/lib/docker
|
2023-09-14 10:40:23 +03:00 |
|
|
1430bf9d6d
|
fwminex: swap
|
2023-09-14 07:43:18 +03:00 |
|
|
90be8b6e5f
|
fwminex: fix typo
|
2023-09-14 06:42:44 +03:00 |
|
|
62e00f3bc7
|
fwminex: firewall and swap devices
|
2023-09-14 06:41:37 +03:00 |
|
|
85917635fd
|
sshguard is now optional
|
2023-09-14 06:41:16 +03:00 |
|
|
182a87b0b9
|
another fix for swap devices
|
2023-09-13 15:18:25 +03:00 |
|
|
e617dbf55f
|
fwminex: fix swap and docker
|
2023-09-13 15:13:44 +03:00 |
|
|
2220be3c81
|
fwminex: set hostid
|
2023-09-13 14:46:58 +03:00 |
|
|
b5a3e29e6f
|
force no legacy grub (now)
|
2023-09-13 14:14:25 +03:00 |
|
|
7775c760fa
|
fwminex: update partition scheme
|
2023-09-13 13:54:22 +03:00 |
|
|
8a01703bb1
|
fwminex: disable postfix temporarily
|
2023-09-13 13:30:16 +03:00 |
|
|
e38f446793
|
add fwminex
|
2023-09-13 13:04:40 +03:00 |
|
|
bef137b967
|
wsdd: specify existing hostname
|
2023-09-12 23:18:46 +03:00 |
|
|
2dd8cda85a
|
open up samba
|
2023-09-12 16:08:32 +03:00 |
|
|
e61944dfde
|
rewrite firewall rules
|
2023-09-12 15:46:44 +03:00 |
|
|
2b5b9bc57f
|
samba some progress
|
2023-09-12 13:31:46 +03:00 |
|
|
dea3eef575
|
fra1-a: disable zfsunlock
|
2023-09-12 12:25:30 +03:00 |
|
|
5cfc0a62b9
|
vno1-oh2: mitigating the NIC
|
2023-09-12 09:59:55 +03:00 |
|
|
92e940e1d4
|
wip samba
|
2023-09-12 09:42:20 +03:00 |
|
|
94253212c6
|
networking.firewall.checkReversePath = "loose" for tailscale
|
2023-09-11 22:38:44 +03:00 |
|
|
05b7858035
|
borgstor: add remaining paths
|
2023-09-11 17:50:59 +03:00 |
|
|
d1a7aebfc9
|
borgstor: add /var/log for testing
|
2023-09-11 17:40:47 +03:00 |
|
|
583f74cf3f
|
zfsborg: restructure config
Preparing for 2 repo destinations.
|
2023-09-11 17:25:12 +03:00 |
|
|
866347b042
|
add borgstor
|
2023-09-11 15:51:33 +03:00 |
|
|
31f1d6d669
|
vno1-rp3b: some mountpoints
|
2023-09-11 14:20:07 +03:00 |
|
|
0246f9fd69
|
vno1-rp3b: remove audio/video
|
2023-09-11 13:25:46 +03:00 |
|
|
ae7b12a04f
|
vno1-rp3b: move datapool-passphrase to /etc
|
2023-09-11 13:05:42 +03:00 |
|
|
03728838f4
|
vno1-rp3b: support zfs
|
2023-09-11 11:01:33 +03:00 |
|
|
b0bf88169f
|
move grafana logs to /var/log/grafana
|
2023-09-08 07:42:22 +03:00 |
|
|
c80e72a450
|
backup caddy lib dir
|
2023-09-08 07:41:51 +03:00 |
|
|
ee36768b0e
|
minidlna: open up /home/motiejus/video
|
2023-09-07 22:31:02 +03:00 |
|
|
fc3308a2e9
|
minidlna
|
2023-09-07 22:24:00 +03:00 |
|
|
11b3894d6f
|
vaultwarden: PUSH_INSTALLATION_ID and PUSH_INSTALLATION_KEY
|
2023-09-07 14:29:55 +03:00 |
|
|
8ab980d059
|
signups and logging
|
2023-09-07 14:26:00 +03:00 |
|
|
a41c0743ab
|
backups: add bitwarden_rs, nsd-acme, tailscale
|
2023-09-07 14:20:21 +03:00 |
|
|
d8aa8e5748
|
fix smtp
|
2023-09-07 13:51:47 +03:00 |
|
|
633e093969
|
vaultwarden: smtp and secrets
|
2023-09-07 13:04:38 +03:00 |
|
|
83a20aa69a
|
vaultwarden: fix typo
|
2023-09-07 10:59:14 +03:00 |
|
|
721a9b2c5c
|
vaultwarden: add admin secret
|
2023-09-07 10:57:43 +03:00 |
|
|
9163143204
|
vaultwarden
|
2023-09-07 09:29:20 +03:00 |
|
|
6783a3fb0e
|
update grafana's timeInterval to 10s
|
2023-09-06 22:59:48 +03:00 |
|
|
980b7b0449
|
prometheus: scrape/evaluation intervals
|
2023-09-06 22:18:44 +03:00 |
|
|
cdbbdaaa45
|
prometheus/caddy
|
2023-09-06 17:44:30 +03:00 |
|
|
810064ebbd
|
prometheus meta scraper
|
2023-09-06 16:38:38 +03:00 |
|
|
49dcbd3d51
|
prometheus: retention time is 1y
|
2023-09-06 16:32:11 +03:00 |
|
|
44c6bccca6
|
snmp: add some routers
|
2023-09-05 15:29:20 +03:00 |
|
|
5c1cccb8a4
|
snmp: from package back to module
|
2023-09-05 14:41:52 +03:00 |
|
|
e9d709f507
|
add motiejus_bk2 properly
|
2023-09-01 13:42:26 +03:00 |
|
|
fe30f6c32a
|
Add dl.jakstys.lt
|
2023-08-29 15:41:57 +03:00 |
|
|
97ef691743
|
grafana.jakstys.lt: abort non-private ips
|
2023-08-27 15:32:49 +03:00 |
|
|
cc11726ed7
|
remove hel1-a
|
2023-08-27 15:17:54 +03:00 |
|
|
617b829589
|
deployerbot: add fra1-a
|
2023-08-27 01:04:09 +03:00 |
|
|
ba821ff7f3
|
node_exporter: add fra1-a
|
2023-08-27 00:55:33 +03:00 |
|
|
de4b47b929
|
zfsunlock between fra1-a and vno1-oh2
|
2023-08-26 23:48:18 +03:00 |
|
|
1db9253ae6
|
fra1-a
|
2023-08-26 23:37:16 +03:00 |
|
|
3a5b1e5951
|
preparing to move headscale to vno1-oh2
|
2023-08-25 19:53:21 +03:00 |
|
|
b886b752e0
|
caddy: snapshot and backup access logs
|
2023-08-25 19:41:26 +03:00 |
|
|
95dfd6d143
|
caddy: disable on hel1-a, enable logrotate on vno1-oh2
|
2023-08-25 17:03:01 +03:00 |
|
|
23347f6952
|
matrix-synapse: listen on 127.0.0.1
reverse proxying is over
|
2023-08-25 17:00:30 +03:00 |
|
|
c5bfc43b4d
|
matrix: do not encode in caddy
|
2023-08-25 16:53:44 +03:00 |
|
|
cc6af1c68f
|
caddy: move to vno1-oh2
|
2023-08-25 16:44:41 +03:00 |
|
|
eca5765e8f
|
remove matrix-synapse from hel1-a
|
2023-08-25 16:27:39 +03:00 |
|
|
4ef5ac515e
|
matrix-synapse: redirect to vno1-oh2
|
2023-08-25 16:16:28 +03:00 |
|
|
3687d7cd73
|
matrix-synapse listen on 0.0.0.0
|
2023-08-25 16:14:12 +03:00 |
|
|
ac50f832da
|
moving synapse to vno1-oh2
|
2023-08-25 15:55:06 +03:00 |
|
|
355d8c21cc
|
move matrix-synapse to it's module
|
2023-08-25 15:49:37 +03:00 |
|
|
afdc532d8d
|
update comment
|
2023-08-25 15:43:25 +03:00 |
|
|
565c64062a
|
access-jakstys.lt: do not rotate logs at all
|
2023-08-25 15:38:07 +03:00 |
|
|
cd632db944
|
access-jakstys.lt: do not rotate logs at all
|
2023-08-25 11:32:16 +03:00 |
|
|
5a81bacfac
|
remove obsolete domain
|
2023-08-25 10:40:28 +03:00 |
|
|
e677966c3d
|
remove gitea from hel1-b
|
2023-08-25 10:35:49 +03:00 |
|
|
f10cfb1147
|
enable acme for caddy
|
2023-08-25 10:14:10 +03:00 |
|
|
1b6c35ed76
|
vno1-oh2: enable gitea
|
2023-08-25 09:27:24 +03:00 |
|
|
6cf894ee68
|
move logRefusedConnections to base
|
2023-08-24 23:49:21 +03:00 |
|
|
c3168bb2d3
|
headscale
|
2023-08-24 23:46:45 +03:00 |
|
|
be4df58cbb
|
move gitea to its own module
|
2023-08-24 23:34:48 +03:00 |
|
|
6263f88887
|
Revert "gitea: enable email"
This reverts commit bcf8b365c8 .
Failed to send a testing email to 'motiejus@jakstys.lt': gomail: could not send email 1: signal: aborted (core dumped)
|
2023-08-24 23:21:07 +03:00 |
|
|
bcf8b365c8
|
gitea: enable email
|
2023-08-24 23:19:06 +03:00 |
|
|
f159d9d89e
|
vno1-rp3b: journald logs to memory
|
2023-08-24 15:11:19 +03:00 |
|
|
ef14233811
|
vno1-oh2: backup /var/lib/{grafana,soju}
|
2023-08-22 15:18:24 +03:00 |
|
|
5ea92ad8ab
|
soju: store logs to files
|
2023-08-22 15:13:33 +03:00 |
|
|
6f5240a53c
|
soju: add unix+admin
|
2023-08-22 14:39:42 +03:00 |
|
|
e082b2cd40
|
fix soju config
|
2023-08-22 14:35:54 +03:00 |
|
|
d812f5f91d
|
nsd-acme is now a requirement for services
|
2023-08-22 14:32:09 +03:00 |
|
|
833b2bd1cf
|
nsd-acme fixes
- remove obsolete conditions (that's what After is for)
- irc.jakstys.lt is no longer staging
|
2023-08-22 14:30:08 +03:00 |
|
|
2e1af09789
|
enable soju
|
2023-08-22 14:28:59 +03:00 |
|
|
c4bd57c47d
|
acme for irc.jakstys.lt
|
2023-08-22 14:26:47 +03:00 |
|
|
407024dfa9
|
zfsunlock: use IP addresses + zfsunlock
|
2023-08-22 14:14:20 +03:00 |
|
|
7063b1d84e
|
vim nitpicks
|
2023-08-18 18:50:39 +03:00 |
|
|
e1378a3617
|
start with vim
|
2023-08-18 18:43:34 +03:00 |
|
|
bbf562d205
|
move node_exporter to its own module
|
2023-08-18 09:32:01 +03:00 |
|
|
5eb2772356
|
install kodi
|
2023-08-17 21:47:32 +03:00 |
|
|
0bf61ad07c
|
disable cage
want stdout/stderr
|
2023-08-17 15:23:49 +03:00 |
|
|
76f3d529da
|
kodi: enable custom launcher
youtube cannot be found
|
2023-08-17 15:10:17 +03:00 |
|
|
3b33358739
|
kodi on Xorg works: enable wayland now
|
2023-08-17 15:07:48 +03:00 |
|
|
101ef65d00
|
semicolon
|
2023-08-17 14:58:21 +03:00 |
|
|
174c0b569e
|
cma=320M?
|
2023-08-17 14:56:56 +03:00 |
|
|
a0ff2577e9
|
gpu_mem: 256MB
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980536
|
2023-08-17 14:45:03 +03:00 |
|
|
024db330c8
|
reduce gpu_mem to 96
https://forums.raspberrypi.com/viewtopic.php?t=285068#p1728536
|
2023-08-17 14:38:51 +03:00 |
|
|
d84cf8a396
|
getting back to X
that one had a proper stack trace
|
2023-08-17 12:56:19 +03:00 |
|
|
b78dad3f78
|
kodi: on wayland again
|
2023-08-17 12:50:06 +03:00 |
|
|
dac4422f99
|
headscale: disable MagicDNS
https://github.com/tailscale/tailscale/issues/915#issuecomment-749225697
|
2023-08-17 06:07:28 +00:00 |
|
|
03c9f144e0
|
temporarily disable kodi
|
2023-08-16 23:12:50 +03:00 |
|
|
e5bcb08695
|
rp3b: moving to xorg
blank screen otherwise
|
2023-08-16 23:06:59 +03:00 |
|
|
51a24ccfcf
|
rp3b: add kodi
|
2023-08-16 23:00:55 +03:00 |
|
|
4a393204e2
|
vno1-rpb3: enable deployerbot follower
|
2023-08-16 20:06:09 +03:00 |
|
|
3f4399017c
|
rp3b: add node_exporter
|
2023-08-16 16:54:17 +03:00 |
|
|
8626cb4bd1
|
deployerbot: do .#vno1-rp3b too
|
2023-08-16 16:49:45 +03:00 |
|
|
9cd2a76c2e
|
rp3b: change interface name
|
2023-08-16 16:38:47 +03:00 |
|
|
16a71b2abd
|
Revert "Revert "vno1-oh2: emulate aarch64-linux""
This reverts commit d77bcd5063 .
|
2023-08-15 23:37:06 +03:00 |
|
|
d77bcd5063
|
Revert "vno1-oh2: emulate aarch64-linux"
This reverts commit 146b9ef33d .
|
2023-08-15 23:08:41 +03:00 |
|
|
146b9ef33d
|
vno1-oh2: emulate aarch64-linux
|
2023-08-15 22:52:58 +03:00 |
|
|
2e3c92e4dc
|
rpi3b+: add host platform
|
2023-08-15 17:14:40 +03:00 |
|
|
5c2e00d517
|
rpi3b+ changes
|
2023-08-15 16:20:41 +03:00 |
|
|
4354cde55e
|
vno1-rp3b
|
2023-08-15 07:18:26 +03:00 |
|
|
ac2cdc0696
|
GrafanaAdmin is our default
|
2023-08-14 17:10:37 +03:00 |
|
|
cfc116439c
|
grafana: temporarily disable auto_login
|
2023-08-14 17:07:30 +03:00 |
|
|
c387151307
|
oauth: auto_login
|
2023-08-14 17:05:44 +03:00 |
|
|
267e8879de
|
auto assign roles
|
2023-08-14 17:00:03 +03:00 |
|
|
c8caae7d99
|
configure grafana oidc
client id: 5349c113-467d-4b95-a61b-264f2d844da8
|
2023-08-14 16:56:59 +03:00 |
|
|
5a7a32f1e0
|
grafana: gzip itself
|
2023-08-14 15:27:55 +03:00 |
|
|
1d95ecf211
|
headscale: use a different oidc key
|
2023-08-14 15:13:21 +03:00 |
|
|
83cc04f545
|
matrix-synapse: being more verbose
|
2023-08-14 14:50:53 +03:00 |
|
|
92c8136ce4
|
secrets: move to blocks
|
2023-08-14 09:30:04 +03:00 |
|
|
eae289f94e
|
remove coturn
|
2023-08-14 09:09:14 +03:00 |
|
|
98a4ad79f8
|
grafana now on https://grafana.jakstys.lt, over vpn
|
2023-08-14 09:04:09 +03:00 |
|
|
76a748e086
|
grafana is now prod
|
2023-08-10 00:29:56 +03:00 |
|
|
98816538d2
|
trying grafana1
|
2023-08-10 00:24:36 +03:00 |
|
|
6b795bd6f4
|
Revert "grafana.jakstys.lt: non-staging"
This reverts commit b8435f3d97 .
|
2023-08-09 16:08:04 +03:00 |
|
|
b8435f3d97
|
grafana.jakstys.lt: non-staging
|
2023-08-09 15:57:08 +03:00 |
|
|
9a456192af
|
nsd-acme
|
2023-08-09 15:34:44 +03:00 |
|
|
4cd41382c2
|
nsd-control-setup: try to fix triggering conditions
|
2023-08-07 14:55:45 +03:00 |
|
|
9a7e42b95d
|
nsd: ConditionPathExists all files
|
2023-08-07 14:50:32 +03:00 |
|
|
afb9c5f309
|
nsd: acme pattern zonefile
|
2023-08-07 09:28:28 +03:00 |
|