Stefan Bethke
7a0935cecf
Make sure anacron is installed
2024-08-11 21:08:57 +02:00
Stefan Bethke
343a67e0e7
Add auto-update
...
* for all hosts, use debops.unattended_upgrades
* for docker compose, install a cron job pulling new images and restarting affected containers
2024-08-11 20:49:21 +02:00
christian
6ad42219c0
Pull nextcloud image from our own image registry
2024-07-29 20:23:17 +02:00
June
11bbf187c6
Ensure NGINX repo and install before apt update, so that it works
...
Ensure NGINX repo and install on nginx_hosts before apt update, so that
the latest NGINX key is deployed and apt update won't fail on an invalid
signature on these hosts.
Also only run the gnupg install if gnupg isn't present in the nginx
repo_setup.yaml to make that work.
2024-06-18 01:14:00 +02:00
Stefan Bethke
78837e45fe
Use Forgejo instead of Gitlab
2024-05-10 19:18:54 +02:00
Stefan Bethke
e96f25cc4d
Add seconf foobazdmx for workshop
2024-02-26 23:07:36 +01:00
June
04d74b5c50
nginx: restart nginx on nginx.conf change
...
This also fixes the problem mentioned in the README.
2024-01-28 04:11:27 +01:00
June
0fb059e6bf
Add nginx reload command on new cert for all VMs with certbot and nginx
2024-01-28 04:01:06 +01:00
June
95a3901935
certbot: add possibility to specify commands to run on new certs
...
This makes it possible to e.g. reload nginx when new certificates are
present.
2024-01-28 03:29:39 +01:00
Stefan Bethke
e53da90160
Enable standalone nginx/certbox config
2024-01-26 20:46:26 +01:00
Stefan Bethke
5c4ee01e71
certbot für mumble dazu
2024-01-23 21:24:31 +01:00
June
bb95923807
Add a role for deploying infrastructure authorized keys and use it
2023-11-11 00:23:20 +01:00
June
7da6549727
Remove send_only_mailserver role, since its not needed anymore
2023-11-09 19:27:03 +01:00
June
b29eaba5f9
Remove hacky override for send-only-mailserver
2023-11-09 19:26:36 +01:00
yuri
6a023f5433
Remove esphome host and role since it has been migrated to NixOS
2023-11-04 22:46:01 +01:00
June
d99874935f
comment out another instance of non-working code
2023-10-23 21:40:46 +02:00
June
16a5d35fb0
comment out non-working code
2023-10-23 21:40:03 +02:00
June
ce75ba0f70
Fix smtpd.conf. listen on 127.0.0.1 and 0.0.0.0 doesn't work
2023-09-25 20:12:13 +02:00
June
718b6906c5
Allow uploading of stl files to dokuwiki
2023-09-25 18:29:06 +02:00
June
7468b4d8f6
Fix OpenSMTPD annoyingness
...
Co-authored-by: yuri <yuri@nekover.se>
2023-09-25 03:03:14 +02:00
June
b295690ad5
Add playbook and accompanying role for doing maintenance
2023-09-25 02:57:30 +02:00
jtbx
804becdd31
Wiki: Fix oauth, create role from playbook
2023-09-15 22:06:46 +02:00
June
62b4f93218
Introduce Nextcloud role and deploy Cloud on Chaosknoten
...
Co-authored-by: Max <max@mlem.cloud>
2023-08-25 20:50:46 +02:00
Stefan Bethke
099bbe0e66
Nextcloud-Config weiter entwickeln
2023-08-05 18:59:58 +02:00
June
4d12d802b8
Add link to relevant wiki page to certbot role README
2023-08-03 05:07:36 +02:00
June
f0c5c2b265
Convert certbot role to use standalone instead of webroot
...
Do this to not have dependencies on an NGINX setup.
With those dependencies in place setting up the certificates initially
would be quite painful, since a half-configured NGINX would need to be
there for the challenge and then only after the certificates are
present, the full NGINX configuration could be deployed successfully.
2023-08-02 22:46:01 +02:00
June
5341f9dfba
Add role for deploying certbot and setting up certificate using it
2023-08-02 20:47:22 +02:00
June
c6926b0a0f
Remove incorrect check from deploy_ssh_server_config role
2023-07-30 05:49:46 +02:00
June
c2a183c013
Add missing "become: true"
2023-07-30 05:25:43 +02:00
June
2efdfcad6d
Setup repo pin. to ensure nginx package gets installed from NGINX repos
2023-07-30 05:19:22 +02:00
June
38fc33ce70
Don't use apt-key anymore, since it's deprecated
2023-07-30 01:21:43 +02:00
jtbx
efc72f70f6
audiopi: Update role
2023-07-30 01:04:25 +02:00
June
23deedf0d6
Update deploy_ssh_server_config role for Debian 12 support
2023-07-29 20:17:22 +02:00
June
69edb75112
Use correct variable for initial config in zigbee2mqtt role
2023-07-29 01:16:49 +02:00
June
2f7e3ae893
Build on docker compose up as well
2023-07-28 23:16:27 +02:00
yuri
18990b3b5f
Bump zigbee2mqtt to 1.32.1
2023-07-27 18:26:47 +02:00
yuri
1570b0c04e
Bump esphome to 2023.7.0
2023-07-27 18:22:58 +02:00
June
b536e5c2fb
Fix: Add necessary becomes
2023-07-09 00:26:20 +02:00
jtbx
b2e9c22821
cert, nginx: Update for debian 12
2023-07-09 00:03:38 +02:00
jtbx
67483ece20
docker roles: Support debian 12
2023-07-08 23:47:04 +02:00
June
82b64e24c6
Fix variable name
...
Thanks jtbx for pointing that out!
2023-07-08 23:41:12 +02:00
June
8bc60e42a8
Extend distribution_check role to account for Ansible changes reg. facts
...
Somewhere between ansible [core 2.14.4] and ansible [core 2.15.0] the
logic for the distribution_version Ansible fact got changed. With the
newer Ansible version Debians distribution_version gets reported as 11.7
as opposed to getting reported as 11 with the old Ansible version. To
still allow for useful distribution checks, extend the
distribution_check role by allowing the specification of
distribution_major_versions and distribution_releases as well.
This way you can check for an Ubuntu version by using
distribution_version (which for example resolves to 18.04, while
distribution_major_version would resolve to 18 in that case) and check
for a Debian version by using distribution_major_version (which for
example resolves to 11, while distribution_version would resolve to 11.7
in that case).
2023-07-08 19:58:02 +02:00
June
0c62a8f3e0
Add role for deploying SSH config and also add mailserver-endpoint host
2023-06-06 23:37:42 +02:00
June
55506a003a
Make Rspamd configs world-readable
2023-05-26 03:27:56 +02:00
Dario
e37d84c60d
clean up foobazdmx role
...
make git repo url and version to check out a variable instead of a
hard-coded value the role, and update host_vars to match.
2023-05-21 15:12:42 +02:00
yuri
2d5f116ff3
Use access token with Reporter role for foobazdmx
2023-05-21 03:03:02 +02:00
Dario
a6db315138
Update foobazdmx repository url and release target
...
Update foobazdmx repository url in foobazdmx role to main repo.
Change commit to be checked out by ansible to latest commit on main.
2023-05-20 22:58:24 +02:00
yuri
33d1cfca1f
Move become: true into esphome role
...
Move become: true into zigbee2mqtt role
Remove become: true from deploy_public_reverse_proxy playbook
Remove become: true from deploy_dokuwiki playbook
Move become: true from deploy_audio_pi and deploy_light playbooks into roles
Remove become: true from deploy_keycloak playbook
Move become: true from deploy_automation playbook to mosquitto role
2023-05-10 18:02:10 +02:00
June
b56ca3899d
Add send_only_mailserver
role and deploy Send-Only-Mailserver with it
...
Co-authored-by: yuri <yuri@nekover.se>
2023-05-09 23:01:57 +02:00
June
f4a79fb4e2
Make it possible to set custom permissions for certificate files
...
This is in preparation for a role using OpenSMTPD.
2023-05-09 22:07:44 +02:00