summaryrefslogtreecommitdiff
path: root/roles
Commit message (Collapse)AuthorAgeFilesLines
...
* uacme: eab hmac key is most likely already encoded and doesn't need ↵Christian Pointner2023-09-212-27/+1
| | | | additional encoding
* grafana: fix race condition for admin password check after first startChristian Pointner2023-09-191-0/+3
|
* uacme: make eab config more generic and ensure the right base64 encoding is usedChristian Pointner2023-09-143-2/+30
|
* x509/(selfsinged|ownca): add renew handlingChristian Pointner2023-09-124-0/+32
|
* x509/certificates: generic config handlingChristian Pointner2023-09-129-4/+22
|
* monitoring/grafana: add automatic handling for admin password and additonal ↵Christian Pointner2023-09-094-0/+84
| | | | users
* vm/guest: add support for UEFI booted guestsChristian Pointner2023-09-027-2/+668
|
* since bookworm wget is no longer in debian base - make sure it is installedChristian Pointner2023-08-311-0/+1
|
* replace remaining old-school assertions with assert and undefChristian Pointner2023-08-313-10/+4
|
* no more pyhton-openssl and use pyhton-cryptography insteadChristian Pointner2023-08-314-4/+4
|
* fix variable usage in x509 rolesChristian Pointner2023-08-303-7/+8
|
* fix tls config for monitoring/landingpageChristian Pointner2023-08-302-2/+3
|
* prometheus: all host have now been migrated to use chrony-exporter and ↵Christian Pointner2023-08-305-63/+1
| | | | renamed apt-info collector
* gitolite: allow custom user to be defined and refactor handling of http roleChristian Pointner2023-08-309-108/+126
|
* prometheus/smartmon textfile collector: since this unit needs CAP_SYS_ADMIN ↵Christian Pointner2023-08-291-0/+1
| | | | we need to forbid @mount syscalls to prevent the process from escaping the sandbox
* grafana: delete automatically installed dashboards that are no longer neededChristian Pointner2023-08-291-1/+16
|
* promeheus/exporter: update chrony and make dns lookups optionalChristian Pointner2023-08-262-1/+3
|
* prometheus/exporter/snmp: switch to new config format (0.23.0+)Christian Pointner2023-08-264-5/+49
|
* upgrade prometheus componentsChristian Pointner2023-08-261-1/+1
|
* prometheus/nftables exporter: fix sytemd service unitChristian Pointner2023-08-251-2/+1
|
* update repo key for grafana apt repoChristian Pointner2023-08-251-0/+0
|
* vm/guest: make cpu mode/model/... configurableChristian Pointner2023-08-251-0/+15
|
* add nftables prometheus exporterChristian Pointner2023-08-248-0/+116
|
* cloud/hetzner: add support for arm64 based machinesChristian Pointner2023-08-234-11/+6
|
* add ownca x509/certifcate providerChristian Pointner2023-08-226-0/+137
|
* some more cleanup for acme specific variablesChristian Pointner2023-08-223-3/+4
|
* apps/coturn: move to new generic certificate rolesChristian Pointner2023-08-224-60/+34
|
* x509/uacme: add support for special renewal actionsChristian Pointner2023-08-214-11/+54
|
* apps/mumble: add new generic certificate renewal supportChristian Pointner2023-08-216-58/+98
|
* sk-testvm: prepare mumble for new tls cert rolesChristian Pointner2023-08-202-1/+4
|
* monitoring/landingpage: slight improvement in vhost config generationChristian Pointner2023-08-201-5/+2
|
* uacme: add automatic refresh timer/serviceChristian Pointner2023-08-203-1/+42
|
* revamp x509 service reloadingChristian Pointner2023-08-2011-23/+73
|
* uacme roles almost doneChristian Pointner2023-08-2011-56/+161
|
* add role: x509/selfsignedChristian Pointner2023-08-206-1/+122
|
* add role: x509/staticChristian Pointner2023-08-207-0/+127
|
* always use include_role for nginx/vhostChristian Pointner2023-08-201-2/+2
|
* monitoring/graphite/web: make sure to render nginx vhost config template ↵Christian Pointner2023-08-202-2/+6
| | | | before calling nginx/vhost role
* coturn: move to generic nginx-vhost templateChristian Pointner2023-08-202-28/+4
|
* etherpad-lite: move to generic nginx-vhost templateChristian Pointner2023-08-204-66/+53
|
* collabora/code: move to generic nginx-vhost templateChristian Pointner2023-08-205-130/+130
|
* nginx/vhost: fix some template indentation errorsChristian Pointner2023-08-201-10/+10
|
* gitolite/http: use generic template for vhostChristian Pointner2023-08-204-73/+81
|
* monitoring/landingpage: fix tls config and make config changableChristian Pointner2023-08-203-5/+34
|
* nginx/vhost: major change in certifcate/tls handling (WIP)Christian Pointner2023-08-2026-39/+86
|
* make acmetool cert role more generic (WIP - needs more testing)Christian Pointner2023-08-2012-24/+41
|
* fix docker for debian bookworm+Christian Pointner2023-08-201-2/+2
|
* monitoring/prometheus: ingore remote filesystems for diskfull alertsChristian Pointner2023-08-201-4/+4
|
* elevate/media: fix calls to nextcloud-occChristian Pointner2023-08-141-0/+4
|
* debian/bookworm: don't install microcode updates for VMsChristian Pointner2023-08-061-0/+6
|