a55ea64d4a
Remove erroneous ssl in listen_args
2021-09-18 07:46:00 -05:00
7cc869be5b
Add more nginx configuration, specifically with regard to TLS
2021-09-18 07:43:45 -05:00
6382a81f47
Remove some extraneous backup locations on web1
2021-09-18 07:27:59 -05:00
31a2371fa1
Simplify task includes
2021-09-18 07:23:03 -05:00
9b79068380
Allow for the definition of a singular proxy_pass on ingress_servers to simplify configuration
2021-09-18 07:19:26 -05:00
b5057c4064
Fix some configuration errors in ingress, make some changes to better facilitate disabling TLS
2021-09-18 07:13:33 -05:00
13149f2cb9
Add missing args to listen
...
whups
2021-09-18 07:00:07 -05:00
60bfe91947
Add role for ingress controller, move configuration into it and its data structures
2021-09-18 00:04:05 -05:00
37150bf7d1
Remove polkit.service check
...
Apparently it's completely normal behavior for this service to be not running on a fresh boot
2021-09-14 19:40:53 -05:00
fac19d3c71
Reconfigure reboot-home.yml
2021-09-14 19:06:46 -05:00
0f1fbf4fea
Allow 30 second timeouts on check_by_ssh
2021-09-14 17:26:47 -05:00
ac702380b1
Add git to the tags for monitoring-scripts
2021-09-14 17:22:50 -05:00
b4f564cade
Fix mountpoints and NFS exports for media
2021-09-13 13:59:27 -05:00
3f3c7b8392
Decom the K8s cluster, roll all its jobs into one singular machine
2021-09-13 13:50:22 -05:00
a1d5e94a2e
Revert migration to NetBox Secrets
...
The functionality is completely deprecated, now, and will need to be
replaced with similar functionality, such as that from Hashicorp Vault.
2021-09-12 15:18:00 -05:00
e49ebc583f
Upgrade Netbox to 3.0
2021-09-12 15:07:31 -05:00
e405d7bf79
Add some directives to make Nextcloud stop throwing 413s
2021-09-11 10:36:22 -05:00
3f8ecbd8f5
Fix my borked pgsql connection pooling check
2021-09-07 17:08:18 -05:00
4bf02aedd3
Add even more checks for zerotier and psql
2021-09-07 16:11:11 -05:00
3cf9b94cea
Add a quick service check for postgresql
2021-09-07 15:29:26 -05:00
b349015913
Add a ton more checks for things
2021-09-07 15:00:43 -05:00
92f26b7a0c
Add check for atd
2021-09-07 14:55:00 -05:00
60454b6331
Disable motd-news
2021-09-07 14:54:54 -05:00
c362effe2a
Remove NRPE
2021-09-07 14:33:45 -05:00
bad192e93e
Refactor Nagios checks into check_by_ssh instead of NRPE
...
I was never particularly fond of having a random one-off daemon doing my RCE. Sure, it offers some protection, but limiting my exposure to the open internet is far more ideal.
I have tremendously more trust in the OpenSSH project than I do in Nagios. And for that reason, I'll be deprecating NRPE and shredding config files once these plays clean up
2021-09-07 14:27:23 -05:00
b38bb4bf62
Fix improper tagging on NRPE role
2021-09-07 13:41:21 -05:00
1ca062d6ea
Modularize declaration of Nagios commands
2021-09-07 13:37:06 -05:00
2a7d343ef1
Move SSH check into YAML declaration of services
2021-09-07 13:29:19 -05:00
8e845b5f4e
Modularize out all our service checks
...
I want them in DATA STRUCTURES God dammit. Get them out of the config file.
2021-09-06 19:43:54 -05:00
d3e51301bb
Remove deprecated SNMP service checks
2021-09-06 19:23:54 -05:00
fc2b3cb7b3
Rename Nagios config to more appropriately reflect its role
2021-09-06 19:13:15 -05:00
85074b43d0
Remove said packages from APT
2021-09-05 12:46:34 -05:00
9f6385e90d
Move some packages to Flatpak
2021-09-05 12:45:53 -05:00
ebbacf6edd
Add Flatpak functionality to desktop role, turn OBS into a flatpak package
2021-09-04 23:56:51 -05:00
429a756a60
Add emergency disaster-recovery inventory
...
Should make it easier to recover from a broken Netbox now
2021-09-01 19:29:02 -05:00
360238fdd4
Ensure we're on a version of Netbox with secrets support
...
*sigh*
Guess I gotta set up a vault or something now.
2021-09-01 19:25:31 -05:00
6aef1be67b
Move autoremove into its own task on the common role
2021-09-01 19:16:05 -05:00
c299e505cf
Add Nextcloud auto app update cronjob
2021-08-29 23:55:56 -05:00
4bea6c2168
Add _netdev to args for pi-storage-1 mount
2021-08-29 16:43:55 -05:00
a6a8cd8590
Figure out how custom_apps works with Nextcloud
2021-08-28 11:01:44 -05:00
f681484775
More password cleanup
2021-08-26 14:45:34 -05:00
bbda71474a
Move more creds in, fix gitea using the DB pass for everything
...
Oh god
2021-08-26 14:43:01 -05:00
7e3ef62e5a
Move more secrets into Netbox
2021-08-26 14:27:03 -05:00
c87e2d4f0c
Update the name for the gulagbot DB pass
2021-08-26 03:40:41 -05:00
b10ee60b74
Dump private.pem to file before beginning a play
2021-08-26 03:39:45 -05:00
7d34d5e931
Experiment with moving secrets to NetBox
2021-08-26 03:35:11 -05:00
579b2fa296
Move "all" configuration into its own playbook
2021-08-26 02:39:17 -05:00
004bc2a612
Polish up those reboot playbooks
2021-08-25 12:20:47 -05:00
62b6a93b65
Discard cron output again
2021-08-24 21:22:11 -05:00
20e73e6fcf
I'm fucking stupid? Don't put the TTY flag on things that aren't TTYs
2021-08-24 21:21:53 -05:00