f4ded673f4
Set up fail2ban for nextcloud
...
I had to reduce the number of replicas.
2025-01-02 17:36:19 +05:00
4fb8478077
Fail2ban: ignore local IPs
2025-01-02 13:15:27 +05:00
68f2b95929
Remove unused aliases file
2025-01-02 00:46:57 +05:00
8999f0a9a9
Matrix: launch Element web, use LDAP auth ( #13 )
...
I decided to use LDAP instead of OIDC to eliminate authentication confusion
(there were multiple login methods available) and to add support for clients
that do not support OIDC.
I launched Element Web and added a redirect to Synapse.
Added SMTP settings and admin contact.
I also enabled /.well-known file hosting,
but did not remove the matrix-federation frontend in haproxy to avoid issues with federation.
2025-01-01 23:11:52 +05:00
619d440c9a
Make haproxy role more generic
2024-12-31 11:26:21 +05:00
8c99cf43f9
Update synapse to v1.121.1
2024-12-30 22:37:28 +05:00
6ca9af0d6f
Run roundcube ( #10 )
2024-12-30 21:44:06 +05:00
f723fcea4b
Run rspamd ( #8 )
2024-12-30 20:39:08 +05:00
6d2bf9f557
Run node exporter ( #7 )
2024-12-30 15:49:55 +05:00
85392d92f1
Update forgejo to v9.0.3
2024-12-30 14:51:02 +05:00
57c3947dbd
Collect maddy metrics ( #9 )
2024-12-30 13:07:16 +05:00
6b203831a1
Set up catch-all email address
...
I want to understand what spammers are trying to send.
2024-12-30 12:29:12 +05:00
5fac81c885
Set up fail2ban for maddy ( #3 )
2024-12-30 00:07:44 +05:00
3b27db1667
Use LDAP auth in maddy
2024-12-29 00:05:26 +05:00
10dd810db0
Specify dns servers for docker containers
2024-12-28 21:12:39 +05:00
e3abc62b0c
Prevent resolv.conf updates
2024-12-28 21:11:55 +05:00
87c53f6109
Improve ipv4 patch for bind9
...
Now this patch may be reverted.
2024-12-28 13:57:22 +05:00
a17382d810
Run bind9 server ( #2 )
2024-12-28 13:32:47 +05:00
fc9b4573ed
Group playbooks
2024-12-28 09:27:23 +05:00
a2c1af33b7
Split global vault into multiple local vaults
...
I'm tired of large diffs when I change even a single character.
A small bash script helps to find local vaults and decrypt them.
2024-12-27 23:57:31 +05:00
d32e250992
Update grafana to v11.4.0
2024-12-27 23:00:07 +05:00
4da886577f
Add argument specs for the monitoring role
2024-12-27 22:58:25 +05:00
e8d467402e
Scrape LDAP outpost metrics
2024-12-26 10:25:09 +05:00
7b16687078
Customize grafana
...
- Use LDAP.
- Set up SMTP.
- Configure log level.
- Configure server domain and url.
2024-12-26 10:23:37 +05:00
81c82ef4d4
Fix some issues with authentik
...
- Enable websockets.
- Reduce the number of replicas to fix minor problems.
2024-12-26 10:20:51 +05:00
4882a58a55
Automate reloads after tls certificate update
...
Services usually don't watch for file changes.
As you can see, I prefer cron to systemd timers,
it's just simpler to manage.
2024-12-24 01:59:17 +05:00
90caec2fda
Update peertube to v7.0.0
...
I also added image preloading to reduce downtime.
2024-12-21 23:30:30 +05:00
bd1191cf37
Call "restic prune" after "restic forget" command
2024-12-21 22:30:29 +05:00
07e1003538
Add service list
2024-12-16 20:16:50 +05:00
97bfb64678
Simplify common playbook, add more packages
2024-12-16 19:57:54 +05:00
565a2fbc36
Remove minio playbook
2024-12-16 19:04:24 +05:00
de6c1b4edd
Create a playbook to apply everything, everywhere, all at once
2024-12-16 19:03:49 +05:00
cc0f5eedb5
Don't wait for the authentik backend to turn off
...
I've been waiting too long.
2024-12-16 18:32:29 +05:00
2e63da4741
Add .editorconfig
2024-12-15 23:04:15 +05:00
b38a17e8f2
Forgejo: limit db connections
2024-12-15 22:03:37 +05:00
6a0d65fd61
Validate backup script before installation
2024-12-15 22:03:03 +05:00
615a786a67
Update backup script
...
Replace minio with mastodon.
2024-12-14 18:55:25 +05:00
a3d4a031eb
Remove s3 storage
...
It was only used by mastodon, but required a lot of
CPU time for some reason.
I think it's not necessary at my scale.
2024-12-14 18:18:38 +05:00
366d48f1e5
Improve the parameters of the Mastodon role
2024-12-11 22:52:21 +05:00
109083603e
Make mastodon role generic
2024-12-11 20:54:14 +05:00
30415b39f1
Schedule open webui shutdown and startup
2024-12-11 20:14:11 +05:00
19fd7afbad
Schedule minecraft server shutdown and startup
2024-12-11 20:07:24 +05:00
369551f824
Update immich to v1.122.1
2024-12-06 22:14:05 +05:00
4bf022713e
Update mastodon to v4.3.2
2024-12-03 22:57:58 +05:00
aa0ef58ef5
Disable nextcloud server in haproxy before updates
2024-11-29 16:19:28 +05:00
00fa6b31e2
Disable website server in haproxy before updates
2024-11-29 16:12:42 +05:00
95aed66fe5
Update open-webui to v0.4.6
2024-11-28 22:57:51 +05:00
daae9ed045
Simplify nextcloud load balancing
...
Nextcloud with current settings gives errors when connecting to a random
server, so we need to select a specific server for the user.
Balancing by source IP should be enough.
2024-11-28 22:40:55 +05:00
c508e400a2
Update forgejo to v9.0.2
2024-11-28 22:37:20 +05:00
ba11ce9c59
Update grafana to v11.3.1
2024-11-28 22:37:08 +05:00
