|
|
5a0a18fa7e
|
hosts/ni: add wireguard-tools to system packages
|
2023-01-20 13:15:53 +08:00 |
|
|
|
33206698c0
|
hosts: update Wireguard network setup
|
2023-01-19 20:16:01 +08:00 |
|
|
|
5fab811812
|
hosts/plover: update networking setup
|
2023-01-19 20:12:14 +08:00 |
|
|
|
2ee3f755fd
|
hosts/plover: fix erroneous function
I haven't obviously tested the related changes since the server was down
at the time.
|
2023-01-19 07:57:26 +08:00 |
|
|
|
875c910e61
|
hosts/ni: add netboot.xyz bootloader entry
|
2023-01-19 00:37:43 +08:00 |
|
|
|
9b03f4d4aa
|
hosts/plover: simplify networking setup
It is simple anyways requiring only one of the ethernet interfaces to be
present to the global network while the rest can be in the local
network.
|
2023-01-18 20:29:16 +08:00 |
|
|
|
ceb821f2c0
|
hosts/plover: update Keycloak reverse proxy config
Now that a tunneling service is here, there's not much need to expose
the whole thing.
|
2023-01-18 20:24:49 +08:00 |
|
|
|
9a941dc543
|
hosts/plover: update Gitea mirroring interval
|
2023-01-18 20:18:40 +08:00 |
|
|
|
cdfe983969
|
docs: update "Deploying to Hetzner Cloud" section on Plover
|
2023-01-18 15:43:30 +08:00 |
|
|
|
ecd8313011
|
hosts/plover: update routes to main router
|
2023-01-18 15:42:33 +08:00 |
|
|
|
04e460142a
|
chore: format the codebase
|
2023-01-18 11:41:12 +08:00 |
|
|
|
f2cdf732cb
|
hosts/plover: disable firewall service
It's not working well for now. I'll have to make some tests with simpler
configurations (even though it's already simple?).
|
2023-01-18 11:10:40 +08:00 |
|
|
|
6ae080c68d
|
hosts/ni: enable nftables-based firewall
|
2023-01-18 11:10:31 +08:00 |
|
|
|
55547bddc7
|
hosts/ni: update LDAP-related settings
- Add OpenLDAP to the system packages.
- Fix the file permission for the LDAP password secret.
|
2023-01-18 11:10:11 +08:00 |
|
|
|
effdc8d927
|
hosts/plover: refactor secrets owner
|
2023-01-17 21:34:54 +08:00 |
|
|
|
00f5c34a92
|
docs: update the READMEs
|
2023-01-17 21:34:54 +08:00 |
|
|
|
6bf2642ffc
|
hosts: add Wireguard services to related peers
Among other things, Plover now ignores certain IP for fail2ban. This is
for the VPN users that are placed in that range.
|
2023-01-17 21:34:54 +08:00 |
|
|
|
c3a5778d3f
|
hosts/ni: convert to systemd-networkd for network config
I thought it is pretty neat. Also, I've created a bond interface for the
network devices.
|
2023-01-17 21:33:20 +08:00 |
|
|
|
333adf0ce6
|
hosts/plover: update Gitea Asciidoctor markup to be embedded
|
2023-01-17 16:09:28 +08:00 |
|
|
|
002b65250c
|
hosts/plover: add default server to reverse proxy
|
2023-01-17 16:09:28 +08:00 |
|
|
|
6d9c43bafa
|
hosts/plover: initialize OpenVPN service
|
2023-01-17 16:09:28 +08:00 |
|
|
|
8e07223c97
|
hosts/plover: move into systemd-networkd for network setup
|
2023-01-17 16:09:28 +08:00 |
|
|
|
2e466e4561
|
hosts/plover: move hardware config to be hosting provider-specific
|
2023-01-15 14:39:44 +08:00 |
|
|
|
62d220eb2d
|
docs: add deploying firewall and networking on Plover README
|
2023-01-15 14:39:44 +08:00 |
|
|
|
5341024d96
|
hosts/plover: update comments and systemd journal matches for fail2ban
|
2023-01-15 14:39:44 +08:00 |
|
|
|
7de5c14ef5
|
hosts/plover: move hcloud-related files into a dedicated folder
|
2023-01-15 14:39:44 +08:00 |
|
|
|
6fe30acf2b
|
hosts/plover: fix formatting of files
|
2023-01-15 14:39:44 +08:00 |
|
|
|
02cfaaf362
|
hosts/plover: modularize PostgreSQL service
|
2023-01-15 14:39:44 +08:00 |
|
|
|
8bd05bf2a3
|
hosts/plover: modularize config
|
2023-01-12 22:37:52 +08:00 |
|
|
|
14a6a94d8f
|
docs: update README for Plover
|
2023-01-12 22:03:03 +08:00 |
|
|
|
f3b3666c67
|
hosts/plover: update gitea-dump pre-start script
|
2023-01-12 22:03:03 +08:00 |
|
|
|
98e452c047
|
hosts/plover: add Portunus seed
This is for defining users and groups. Pretty handy feature.
|
2023-01-12 22:03:03 +08:00 |
|
|
|
d9e4dbcb52
|
hosts/plover: update fail2ban configuration
|
2023-01-12 22:03:03 +08:00 |
|
|
|
10fe6c33af
|
hosts/plover: update Gitea home template
|
2023-01-10 12:13:51 +08:00 |
|
|
|
a8b66b67ea
|
hosts/plover: update Gitea logo
|
2023-01-09 13:12:32 +08:00 |
|
|
|
7dc523903c
|
hosts/plover: create separate passwords for different repos
|
2023-01-07 17:19:45 +08:00 |
|
|
|
d9908d2d8c
|
hosts/plover: fix the borg jobs function
|
2023-01-07 16:58:47 +08:00 |
|
|
|
4c34a87366
|
chore: reformat codebase
|
2023-01-07 16:06:34 +08:00 |
|
|
|
d9e7f7c67e
|
hosts/plover: add the dedicated borg SSH public key
|
2023-01-07 14:43:07 +08:00 |
|
|
|
c9182102be
|
hosts/plover: separate borg repos for different jobs
Makes it easier to manage them repos.
|
2023-01-07 11:39:20 +08:00 |
|
|
|
85e1914025
|
config: replace Borgbase with Hetzner storage box for Borg repos
|
2023-01-07 10:52:31 +08:00 |
|
|
|
e9aa875c6a
|
hosts/plover: fix hcloud user data
|
2023-01-07 10:52:30 +08:00 |
|
|
|
90177118b0
|
hosts/plover: use nftables as firewall
|
2023-01-07 10:52:30 +08:00 |
|
|
|
e90a719ca8
|
hosts/plover: update hardware config according to Hetzner Cloud defaults
|
2023-01-07 10:52:30 +08:00 |
|
|
|
533995eb09
|
docs: update various READMEs
|
2023-01-07 10:52:30 +08:00 |
|
|
|
4359c4d579
|
hosts/plover: enable firewall for Hetzner Cloud config
|
2023-01-05 19:48:54 +08:00 |
|
|
|
a046192bca
|
hosts/plover: add pre-service script for atuin service
|
2023-01-05 19:48:41 +08:00 |
|
|
|
affd08e3c1
|
hosts/plover: add Atuin sync server
|
2023-01-05 12:52:57 +08:00 |
|
|
|
5d02976d2c
|
hosts/plover: correct Keycloak virtual host location
|
2023-01-05 12:36:58 +08:00 |
|
|
|
451cb4e72d
|
hosts/plover: update hardware configuration
|
2023-01-05 11:08:51 +08:00 |
|
