 Jack Henschel
|
fad6fc402f
|
Fix puppetlint issues
continuous-integration/drone/push Build is passing
Details
|
2 years ago |
|
Jack Henschel
|
5e8a43056a
|
Fix yamllint issues
|
2 years ago |
|
Jack Henschel
|
804ddfa89d
|
Add and enable k3s profile with namespace for jack
https://computingforgeeks.com/restrict-kubernetes-service-account-users-to-a-namespace-with-rbac/
|
2 years ago |
|
Jack Henschel
|
157346f2db
|
Upgrade puppetlabs-firewall to 2.8.1
> puppet module upgrade --modulepath 'modules' --version=2.8.1
'puppetlabs-firewall'
Fixes kubernetes iptables rule parsing errors
https://github.com/puppetlabs/puppetlabs-firewall/blob/main/CHANGELOG.md
|
2 years ago |
|
Jack Henschel
|
5d29272303
|
Various updates
|
2 years ago |
|
Jack Henschel
|
c451d35804
|
Move node-exporter to a dedicated swarm service and upgrade to 1.1.2
|
2 years ago |
|
Jack Henschel
|
9e76cd4bf7
|
Refactor restic backups and add custom prometheus exporter
|
2 years ago |
|
Jack Henschel
|
bbdf30a0cf
|
Update Nextcloud to v21.0.1
https://nextcloud.com/changelog/#latest21
|
2 years ago |
|
Jack Henschel
|
65c234908a
|
Add Minio Console Dashboard to Swarm
https://github.com/minio/console
|
2 years ago |
|
Jack Henschel
|
3f6e2d16a4
|
Make grafana its own class and upgrade to version 7
|
2 years ago |
|
Jack Henschel
|
2558678c62
|
Add exclude and ignore files to antivirus scans
|
2 years ago |
|
Jack Henschel
|
a75ade55f0
|
Add av-scan service with regular intervals
|
2 years ago |
|
Jack Henschel
|
4be98af95b
|
Install clamav on ht2 and enable scans for Nextcloud
https://docs.nextcloud.com/server/stable/admin_manual/configuration_server/antivirus_configuration.html
https://github.com/edestecd/puppet-clamav
|
2 years ago |
|
Jack Henschel
|
f3668588cd
|
Add Puppet module edestecd/clamav version 2.0.0
|
2 years ago |
|
Jack Henschel
|
1756f0ed19
|
Add Prometheus monitoring of Nextcloud (nextcloud-exporter)
https://github.com/xperimental/nextcloud-exporter
|
2 years ago |
|
Jack Henschel
|
fc7f54193e
|
Fix read_only deployments of u9k and minio
|
2 years ago |
|
Jack Henschel
|
466e8b5936
|
Update minor version of several services
|
2 years ago |
|
Jack Henschel
|
63182f9874
|
Add user login notifications for ht2
|
2 years ago |
|
Jack Henschel
|
59fdbe82e1
|
Add new Nginx vHost and redirect for adeles.cooking
|
2 years ago |
|
Jack Henschel
|
39449f3dc0
|
Add HTTP security headers for web services
|
2 years ago |
|
Jack Henschel
|
e53b1a7508
|
Upgrade ejabberd to latest version (21.01)
|
2 years ago |
|
Jack Henschel
|
5912823b3b
|
Set CPU and memory constraints for swarm services
|
2 years ago |
|
Jack Henschel
|
5fb0ea5668
|
Generate main cubieserver.de cert with traefik and pass it to ejabberd
|
2 years ago |
|
Jack Henschel
|
ebc96d1a9b
|
Add prometheus monitoring for Traefik and Minio
|
2 years ago |
|
Jack Henschel
|
0794cf915e
|
Upgrade version of several services
|
2 years ago |
|
Jack Henschel
|
a93f7bca59
|
Adjust application labels for Traefik v2
|
2 years ago |
|
Jack Henschel
|
1e97c32cc8
|
Migrate to Traefik v2
|
2 years ago |
|
Jack Henschel
|
93d606efda
|
Disable tor and wireguard service for now
Still need to figure out the best way to run these
|
2 years ago |
|
Jack Henschel
|
7ea8b51fbf
|
Upgrade u9k version to v0.11
|
2 years ago |
|
Jack Henschel
|
6fea102248
|
Backup improvements
|
2 years ago |
|
Jack Henschel
|
b7be6bc8ac
|
Move Drone CI runners external, requires RPC secret for communication
|
2 years ago |
|
Jack Henschel
|
2d8f9abe4d
|
[WIP] Wireguard + wg_gen_web
|
2 years ago |
|
Jack Henschel
|
ef81f5aea1
|
Implement dedicated cockroachdb backups
Also move cockroach data directory to local directory
|
3 years ago |
|
Jack Henschel
|
3a78c0aeba
|
Move prometheus data to local, non-backup volume
The data prometheus collects does not need to be replicated or backed up
|
3 years ago |
|
Jack Henschel
|
b58def7e18
|
Fix last active timestamp for restic-backup
|
3 years ago |
|
Jack Henschel
|
bc7e345caf
|
Tighten up default firewall rules
|
3 years ago |
|
Jack Henschel
|
4bc2d5ca42
|
Add option for logging dropped packets to firewall module
|
3 years ago |
|
Jack Henschel
|
406dd26138
|
Add proper configuration of DNS servers with systemd-resolved
|
3 years ago |
|
Jack Henschel
|
c1260c0d76
|
Upgrade u9k to version 0.9.1 (adds email support)
|
3 years ago |
|
Jack Henschel
|
ec5c2e887f
|
Add firewall rules for IPv6 support
|
3 years ago |
|
Jack Henschel
|
7570834afc
|
Restic backup emails only when job fails
|
3 years ago |
|
Jack Henschel
|
d5aa75be83
|
Do not purge LXC firewall rules on ht2
|
3 years ago |
|
Jack Henschel
|
de709fc347
|
Delete obsolete docker stack compose template
|
3 years ago |
|
Jack Henschel
|
3257ad2911
|
Upgrade Drone to 1.9.1
continuous-integration/drone/push Build is failing
Details
|
3 years ago |
|
Jack Henschel
|
900c033c23
|
Implement monitoring setup with Prometheus and Grafana
based on https://github.com/stefanprodan/swarmprom
|
3 years ago |
|
Jack Henschel
|
e3a4453a52
|
Expose Traefik and Cockroach Dashboards at infra.cubieserver.de with basic auth
|
3 years ago |
|
Jack Henschel
|
6b6e86690f
|
Fix more yamllint issues
|
3 years ago |
|
Jack Henschel
|
81e199e94a
|
Refactor old 'config' classes into new 'swarm' type
continuous-integration/drone/push Build is failing
Details
|
3 years ago |
|
Jack Henschel
|
ad146b23d1
|
Fix lint issues
continuous-integration/drone/push Build is passing
Details
|
3 years ago |
|
Jack Henschel
|
60daf0a5e1
|
Add profiles for u9k and cockroachdb
continuous-integration/drone/push Build is failing
Details
|
3 years ago |