e6c4a20b83
hosts/plover: update miscellaneous parts of the services
2023-10-17 18:32:23 +08:00
107241f553
hosts/plover: fix duplicate nginx shared memory zone
2023-10-14 11:14:09 +08:00
2632b75bf2
hosts/plover: properly add nginx upstreams
...
Even though this is unlikely to be scaled further, we're just being good
sysadmins (or at least roleplaying as one).
2023-10-13 16:48:02 +08:00
5f5dc2a14e
hosts/plover: add kTLS for various services
2023-10-03 15:52:42 +08:00
4c71c61768
hosts/plover: add nginx content caching for select services
2023-10-03 15:50:46 +08:00
a2ab1f09a8
hosts/plover: fix Vaultwarden hardened service
2023-07-20 10:42:43 +08:00
8c08db2eb2
hosts/plover: use fail2ban jails settings
...
It is nicer compared to the traditional setting with strings.
2023-07-14 14:41:58 +08:00
2e7cdeacf3
hosts: remove host path prefix for sops keys
...
It is more explicit and elegant but more of a pain to manage especially
with the new function. It was structured that way for other hosts'
secrets but it isn't really used in practice. We could just enforce a
convention such as a `hosts` prefix to contain those secrets.
2023-07-05 13:11:47 +08:00
fdd723ca33
config: convert to lib.getSecrets
2023-07-05 11:38:58 +08:00
f27b7e045c
hosts/plover: modularize Borg backup paths
2023-07-02 12:23:50 +08:00
94c94be9a4
hosts/plover: harden Vaultwarden service
2023-06-28 14:01:18 +08:00
eb1003f7e6
hosts/plover: change DNS server to Bind9
...
CoreDNS doesn't have dynamic updates available yet (though there are PRs
and discussions for it) so we'll have to go with something that has it.
Also, it provides an opportunity for me to use the de-facto software for
this.
2023-06-22 17:56:47 +08:00
93355b3c67
hosts/plover: add comments to various parts
2023-02-08 18:03:20 +08:00
46dac540c1
hosts/plover: comply services to PostgreSQL secure schema usage
2023-02-07 09:45:37 +08:00
8429b280ce
hosts/plover: remove extra configuration
2023-02-05 16:28:18 +08:00
04e460142a
chore: format the codebase
2023-01-18 11:41:12 +08:00
5341024d96
hosts/plover: update comments and systemd journal matches for fail2ban
2023-01-15 14:39:44 +08:00
6fe30acf2b
hosts/plover: fix formatting of files
2023-01-15 14:39:44 +08:00
8bd05bf2a3
hosts/plover: modularize config
2023-01-12 22:37:52 +08:00
