214ea6fa6d
hosts/plover: fix erroneous secret for Keycloak service
2023-07-14 14:43:28 +08:00
8c08db2eb2
hosts/plover: use fail2ban jails settings
...
It is nicer compared to the traditional setting with strings.
2023-07-14 14:41:58 +08:00
c3bec31b86
chore: reformat codebase
2023-07-05 16:42:15 +08:00
2e7cdeacf3
hosts: remove host path prefix for sops keys
...
It is more explicit and elegant but more of a pain to manage especially
with the new function. It was structured that way for other hosts'
secrets but it isn't really used in practice. We could just enforce a
convention such as a `hosts` prefix to contain those secrets.
2023-07-05 13:11:47 +08:00
fdd723ca33
config: convert to lib.getSecrets
2023-07-05 11:38:58 +08:00
f27b7e045c
hosts/plover: modularize Borg backup paths
2023-07-02 12:23:50 +08:00
dd1b2b0638
hosts/plover: fix Gitea dump cleanup
2023-07-01 16:29:29 +08:00
33b8dfe9c6
hosts/plover: enable DNS-over-TLS for Bind
2023-06-30 10:48:10 +08:00
ffad85fa70
hosts/plover: enable nginx-bad-request jail
2023-06-30 10:47:02 +08:00
53f7cf6e83
chore: reformat codebase
2023-06-29 14:17:38 +08:00
9c3d3901ab
hosts/plover: update Bind secrets permission
2023-06-29 09:46:35 +08:00
a8aef35c5c
hosts/plover: update Bind server config
2023-06-29 09:44:55 +08:00
94c94be9a4
hosts/plover: harden Vaultwarden service
2023-06-28 14:01:18 +08:00
8043b8d16c
hosts/plover: update Bind hardening settings
2023-06-28 14:01:02 +08:00
38321152f0
hosts/plover: remove CoreDNS module
...
Bind works well enough for now so no need for this service.
2023-06-28 09:12:56 +08:00
8a84eb2445
hosts/plover: move Wireguard secrets to appropriate location
2023-06-27 20:52:57 +08:00
e76a881aee
hosts/plover: update Wireguard routing
2023-06-27 12:54:29 +08:00
4dcb82c72b
hosts/plover: update PostgreSQL cert config
2023-06-27 12:53:50 +08:00
1e2d251e1d
hosts/plover: harden Bind systemd service
2023-06-28 00:19:06 +08:00
d98527c89b
hosts/plover: update Bind config for dynamic updates
2023-06-27 22:56:18 +08:00
36e2a817ae
hosts/plover: fix Wireguard firewall settings
2023-06-22 23:17:28 +08:00
2688064651
hosts/plover: add TLS support for PostgreSQL
2023-06-22 18:05:54 +08:00
4b2777cda2
hosts/plover: change network attribute name
...
It is somewhat not great naming at first.
2023-06-22 18:01:19 +08:00
eb1003f7e6
hosts/plover: change DNS server to Bind9
...
CoreDNS doesn't have dynamic updates available yet (though there are PRs
and discussions for it) so we'll have to go with something that has it.
Also, it provides an opportunity for me to use the de-facto software for
this.
2023-06-22 17:56:47 +08:00
4022f9b43c
hosts/plover: open custom Atuin sync server
2023-06-22 11:12:58 +08:00
805ef47f70
hosts/plover: update Wireguard firewall rules
2023-06-13 13:20:00 +08:00
9f91d78294
hosts/plover: update DNS server with loopback device
2023-06-12 15:32:38 +08:00
5949475aee
hosts/plover: update Wireguard "server" configuration
2023-06-11 14:11:35 +08:00
bfb4837627
hosts/plover: update DNS server settings
2023-06-11 12:26:59 +08:00
1bdda28ffe
chore: reformat codebase
2023-06-08 21:19:17 +08:00
ab8ab4921c
config: add more comments
2023-06-08 19:53:20 +08:00
29d990f33c
hosts/plover: improve firewall settings for Wireguard service
2023-06-08 19:52:29 +08:00
b9e05dd1fa
hosts/plover: update Gitea configuration
2023-05-02 12:34:24 +08:00
00e0258c2e
hosts/ni: update Gitea log level
2023-02-25 10:02:27 +08:00
41fd659453
hosts/plover: update DNS server setup
2023-02-22 11:28:59 +08:00
b3ce46ccf9
hosts/plover: update DNS zone and server configuration
2023-02-17 23:10:52 +08:00
2106292bbe
hosts/plover: add local area network to firewall
2023-02-14 11:01:29 +08:00
60ab954c74
hosts/plover: update Wireguard "server" configuration
2023-02-13 09:51:30 +08:00
a0e0dc5870
hosts/plover: update Keycloak service locations
2023-02-13 09:50:50 +08:00
5e8c65b70e
hosts/plover: automate the admin creation on Gitea
2023-02-13 09:49:45 +08:00
fc7ec80933
hosts/plover: update foodogsquared.one DNS zone
2023-02-13 00:28:41 +08:00
0991e1a44d
hosts/plover: update firewall settings
...
Firewalls... the cause of most frustrations...
2023-02-11 15:21:18 +08:00
9b15f5f4dd
hosts/plover: update Wireguard setup
2023-02-10 23:45:11 +08:00
4c62274145
hosts/plover: update DNS-related configuration
2023-02-10 21:09:05 +08:00
7aca74924c
hosts/plover: improve DNS server configuration
2023-02-10 15:58:36 +08:00
cc4d62af9f
hosts/plover: update Portunus config
2023-02-10 10:15:14 +08:00
5ba2b6d846
hosts/plover: update Keycloak service config
2023-02-09 18:10:46 +08:00
1c609f5e95
chore: reformat the codebase
2023-02-09 14:51:22 +08:00
ae787f8fcc
config: update comments on config
2023-02-09 14:50:11 +08:00
9a07f06512
hosts/plover: update networking setup
2023-02-09 14:17:59 +08:00
