Sam A.
|
fc7ca37b07
|
Make TCP the default allowed firewall protocol
Custom protocol can still be specified by adding `proto: "proto"` to a
loop item.
|
2022-11-22 21:40:21 +01:00 |
|
Sam A.
|
71cc3e2241
|
Fix firewall ports format
|
2022-11-22 21:22:23 +01:00 |
|
Sam A.
|
d53c6d41dc
|
Merge pull request 'Firewall (UFW)' (#107) from samsapti/ansible:main into main
Reviewed-on: #107
|
2022-11-22 20:05:00 +00:00 |
|
Sam A.
|
9852a42470
|
Upgrade Element to 1.11.8
|
2022-11-22 18:59:34 +01:00 |
|
Sam A.
|
efbdcc9a5a
|
Add missing postfix network to Nextcloud container
|
2022-11-22 17:45:13 +01:00 |
|
Sam A.
|
e0c0163aae
|
Add cron container to Nextcloud
|
2022-11-22 17:40:55 +01:00 |
|
Sam A.
|
fe4b3ede81
|
Add Redis memcache to Nextcloud
|
2022-11-22 17:15:59 +01:00 |
|
Sam A.
|
8180a736f7
|
Use Alpine-based nginx-proxy Docker image
|
2022-11-22 16:53:34 +01:00 |
|
reynir
|
728cffc453
|
Expose mastodon streaming api (#124)
Co-authored-by: Reynir Björnsson <reynir@reynir.dk>
Co-authored-by: Víðir Valberg Guðmundsson <valberg@orn.li>
Reviewed-on: #124
Co-authored-by: reynir <data.coop@reynir.dk>
Co-committed-by: reynir <data.coop@reynir.dk>
|
2022-11-22 13:38:46 +00:00 |
|
Víðir Valberg Guðmundsson
|
31a73f48fb
|
Upgrade and pin nginx-proxy and acme-companion.
|
2022-11-22 14:37:31 +01:00 |
|
Víðir Valberg Guðmundsson
|
d467084fb7
|
Bump mastodon sidekiq threads to 32.
|
2022-11-22 09:36:36 +01:00 |
|
Sam A.
|
20b977eacb
|
Upgrade Nextcloud to version 25
|
2022-11-21 23:42:20 +01:00 |
|
Sam A.
|
e917636d05
|
Upgrade Nextcloud to 24
|
2022-11-21 23:37:07 +01:00 |
|
Sam A.
|
1ebfab5abf
|
Upgrade one major version at a time, 23 now
|
2022-11-21 23:31:22 +01:00 |
|
Sam A.
|
12effe5673
|
Upgrade Nextcloud to 25.x.x
|
2022-11-21 21:34:07 +01:00 |
|
Sam A.
|
c9ab9f0c66
|
Watchtower doesn't need external_services network
|
2022-11-19 18:20:10 +01:00 |
|
Sam A.
|
e5dcfea003
|
Pin Watchtower version
|
2022-11-19 18:19:43 +01:00 |
|
Sam A.
|
27b918b46b
|
Remove labels
|
2022-11-18 21:07:12 +01:00 |
|
Sam A.
|
5d26e1cdea
|
Fix mount point for Watchtower
The auth file created by the registry login task doesn't need to be
stored in a non-default path.
|
2022-11-18 20:58:22 +01:00 |
|
Sam A.
|
a4a06d8a58
|
Upgrade Watchtower and disable filter by enable label
|
2022-11-18 18:59:00 +01:00 |
|
Víðir Valberg Guðmundsson
|
2c9dce8600
|
Upgrade gitea to 1.17.3.
|
2022-11-17 20:50:38 +01:00 |
|
Víðir Valberg Guðmundsson
|
4bc69b49bb
|
Upgrade mastodon to 4.0.2
|
2022-11-17 20:40:59 +01:00 |
|
reynir
|
bcbe0a8285
|
Set up vhost for both {riot,element}.data.coop (#121)
A fix for #115.
Co-authored-by: Reynir Björnsson <reynir@reynir.dk>
Reviewed-on: #121
Co-authored-by: reynir <data.coop@reynir.dk>
Co-committed-by: reynir <data.coop@reynir.dk>
|
2022-11-16 19:13:45 +00:00 |
|
reynir
|
a92d840ce0
|
Merge pull request 'Add root keys for all users' (#120) from fix-root-keys into main
Reviewed-on: #120
|
2022-11-16 15:24:44 +00:00 |
|
Reynir Björnsson
|
5a54eb6b1e
|
Flatten the list
|
2022-11-16 16:24:22 +01:00 |
|
Reynir Björnsson
|
c802777867
|
Add root keys for all users
And not just the last user.
|
2022-11-16 16:10:10 +01:00 |
|
Reynir Björnsson
|
a03263b1f5
|
riot/element: expose port 8080
nginx-proxy uses this information to determine if the (in nginx
parlance) server is up.
|
2022-11-16 13:45:58 +01:00 |
|
Sam A.
|
52ead4fee5
|
Remove volume_root_folder from vars.yml
It is defined later in the docker role already.
|
2022-11-15 20:52:38 +01:00 |
|
Sam A.
|
58dbf9ff22
|
Allow only TCP traffic on specified ports
|
2022-11-15 20:42:18 +01:00 |
|
Sam A.
|
ba44677cf3
|
Avoid conflicts with built-in function name keys
|
2022-11-15 20:28:34 +01:00 |
|
Sam A.
|
fc0c0c5036
|
Always update password and overwrite keys
|
2022-11-15 19:57:17 +01:00 |
|
valberg
|
5b2e2c0f60
|
Merge pull request 'Lock account 'graffen'' (#102) from lock-graffen into main
Reviewed-on: #102
|
2022-11-13 12:28:38 +00:00 |
|
Sam A.
|
42e1900715
|
Delete unused secrets
|
2022-11-12 23:06:45 +01:00 |
|
Sam A.
|
d597a956ff
|
Add installation of community modules to deploy.sh
|
2022-11-12 19:41:57 +01:00 |
|
Sam A.
|
5f718e1027
|
Add firewall setup with UFW
|
2022-11-12 19:41:55 +01:00 |
|
Reynir Björnsson
|
536441d24b
|
Fix 2022.slides, and use git.data.coop repo
The ocaml-git fix has been released, and don't call the container
new-new.data.coop_website D:
|
2022-11-12 19:30:38 +01:00 |
|
Sam A.
|
bf60417904
|
Fix FIDO2 authentication in Passit
|
2022-11-12 19:21:58 +01:00 |
|
Víðir Valberg Guðmundsson
|
aecb929dbb
|
Add a way to only run the base role.
|
2022-11-11 22:16:22 +01:00 |
|
valberg
|
f905696264
|
Add admin user (#108)
Welcome aboard!
|
2022-11-11 18:05:10 +00:00 |
|
Sam A.
|
d4f8fbcebe
|
Add Sam as admin user
|
2022-11-11 18:33:18 +01:00 |
|
Víðir Valberg Guðmundsson
|
0e7cc20bce
|
Update portainer to use the ee version.
|
2022-11-10 21:15:42 +01:00 |
|
valberg
|
57f05d7d81
|
Merge pull request 'Security hardening: Don't expose unnecessary ports to the public' (#106) from samsapti/ansible:main into main
Reviewed-on: #106
|
2022-11-10 19:19:00 +00:00 |
|
Sam A.
|
cc2fab6ad7
|
Ports and domain fixes
|
2022-11-10 19:32:39 +01:00 |
|
Víðir Valberg Guðmundsson
|
a81862fd8b
|
Small fixes for rallly.
|
2022-11-09 20:58:32 +01:00 |
|
Víðir Valberg Guðmundsson
|
e85b119bfe
|
Small fixes to get rallly working.
|
2022-11-09 20:41:41 +01:00 |
|
Víðir Valberg Guðmundsson
|
dcb2e8be05
|
Upgrade mastodon to 3.5.3.
|
2022-11-09 20:29:31 +01:00 |
|
valberg
|
f0ca964c5b
|
Merge pull request 'Add Rallly' (#103) from samsapti/ansible:main into main
Reviewed-on: #103
|
2022-11-09 19:28:57 +00:00 |
|
Sam A.
|
dc51b62872
|
Capitalization fix
|
2022-11-09 20:18:08 +01:00 |
|
Sam A.
|
dd6b29bccd
|
Add secrets and env file for Rally
|
2022-11-09 20:18:07 +01:00 |
|
Sam A.
|
f71d534afe
|
Add Rallly
|
2022-11-09 20:17:58 +01:00 |
|