summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* link keytomb irclc<->tgPratyush Desai2023-08-201-0/+3
| | | | Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
* Merge pull request 'attempt at fixing the irc-tg link' (#89) from ↵Pratyush Desai2023-08-191-1/+1
|\ | | | | | | | | | | add/matterb-lcirc-tgpetals into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/89
| * attempt at fixing the irc-tg linkPratyush Desai2023-08-191-1/+1
|/ | | | Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
* Merge pull request 'add petals irccasa<->tg' (#88) from ↵Pratyush Desai2023-08-181-4/+4
|\ | | | | | | | | | | add/matterb-lcirc-tg-petals into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/88
| * add petals irccasa<->tgPratyush Desai2023-08-151-4/+4
|/ | | | Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
* Merge pull request 'fix syntax error in pull 86' (#87) from ↵Pratyush Desai2023-08-101-1/+1
|\ | | | | | | | | | | | | fix/matterb-chillnet-tgchanaddop into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/87 Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * fix syntax error in pull 86Pratyush Desai2023-08-101-1/+1
|/ | | | Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
* Merge pull request 'bridge ircdevchan tgdevchan' (#86) from ↵Pratyush Desai2023-08-101-0/+3
|\ | | | | | | | | | | | | add/matterbridge-chillnet-tgchan into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/86 Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * bridge ircdevchan tgdevchanadd/matterbridge-chillnet-tgchanPratyush Desai2023-08-101-0/+3
|/ | | | Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
* Merge pull request 'denc-webcluster: include proxy in agola' (#85) from ↵Pratyush Desai2023-07-311-0/+1
|\ | | | | | | | | | | fix/nginx/sslproxy into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/85
| * denc-webcluster: include proxy in agolaGeorg Pfuetzenreuter2023-07-311-0/+1
|/ | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Repair boolean' (#84) from fix/nginx/boolean into productionPratyush Desai2023-07-311-1/+1
|\ | | | | | | | | Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/84 Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
| * Repair booleanGeorg Pfuetzenreuter2023-07-311-1/+1
| | | | | | | | | | | | | | Follow up to b6e9f753521111919dfcf67e91e02b30fbc41b24, forgot to quote the string causing it to still be converted to a boolean. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* | Merge pull request 'denc-webcluster: exclude 949110' (#83) from ↵Pratyush Desai2023-07-311-1/+1
|\ \ | |/ |/| | | | | | | fix/bookstack/400 into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/83
| * denc-webcluster: exclude 949110Georg Pfuetzenreuter2023-07-311-1/+1
|/ | | | | | ModSecurity rule blocked Bookstack from saving some pages while editing. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Repair boolean' (#82) from ci into productionGeorg Pfuetzenreuter2023-07-211-1/+1
|\ | | | | | | Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/82
| * Repair booleanGeorg Pfuetzenreuter2023-07-211-1/+1
|/ | | | | | | | | ``` nginx: [emerg] invalid value "True" in "proxy_ssl_verify" directive, it must be "on" or "off" in /etc/nginx/vhosts.d/agola.conf:14 ``` Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Add reverse proxy for Agola' (#81) from ci into productionGeorg Pfuetzenreuter2023-07-211-0/+11
|\ | | | | | | Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/81
| * Add reverse proxy for AgolaGeorg Pfuetzenreuter2023-07-211-0/+11
|/ | | | | | New service behind ci.lysergic.dev / ci.git.com.de. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Initialize OpenBSD support' (#80) from OpenBSD into ↵Georg Pfuetzenreuter2023-07-161-0/+1
|\ | | | | | | | | | | | | production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/80 Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
| * Initialize OpenBSD supportGeorg Pfuetzenreuter2023-07-161-0/+1
| | | | | | | | | | | | No states assigned yet. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* | Merge pull request 'Optimize minion' (#79) from minion-optimization into ↵Georg Pfuetzenreuter2023-07-161-0/+2
|\ \ | |/ |/| | | | | | | | | production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/79 Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
| * Optimize minionGeorg Pfuetzenreuter2023-07-161-0/+2
|/ | | | | | Cache jobs for later reference, disable unused hardware grains. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Add http(s) to thetrip public zone' (#78) from ↵Georg Pfuetzenreuter2023-07-011-0/+6
|\ | | | | | | | | | | | | thetrip-firewall into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/78 Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
| * Add http(s) to thetrip public zoneGeorg Pfuetzenreuter2023-07-011-0/+6
|/ | | | | | Forgotten in fffbaf46988d89b9f56578ba0d97c07ea056f513. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Manage firewall on thetrip' (#77) from thetrip-firewall ↵Georg Pfuetzenreuter2023-07-011-0/+1
|\ | | | | | | | | | | | | into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/77 Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
| * Manage firewall on thetripGeorg Pfuetzenreuter2023-07-011-0/+1
|/ | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Manage firewall on derutil01' (#76) from derutil01-fw ↵Georg Pfuetzenreuter2023-06-281-0/+1
|\ | | | | | | | | | | | | into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/76 Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
| * Manage firewall on derutil01Georg Pfuetzenreuter2023-06-281-0/+1
|/ | | | | | Configuration should be imported already. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Change redis to redis7' (#75) from salt-redis7 into ↵Georg Pfuetzenreuter2023-06-281-6/+6
|\ | | | | | | | | | | | | production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/75 Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
| * Change redis to redis7Georg Pfuetzenreuter2023-06-281-6/+6
|/ | | | | | | Leap 15.5 renamed the package, "redis" will try to install Redis 6 and cause a conflict. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Remove backslashes in string' (#74) from ↵Pratyush Desai2023-06-281-3/+3
|\ | | | | | | | | | | | | fix-matterb-mediapath into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/74 Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Merge branch 'production' into fix-matterb-mediapathPratyush Desai2023-06-280-0/+0
| |\ | |/ |/|
* | Merge pull request 'Update mediapath for matterbridge' (#73) from ↵Pratyush Desai2023-06-271-2/+2
|\ \ | | | | | | | | | | | | | | | | | | fix-matterb-mediapath into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/73 Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| | * remove backslashPratyush Desai2023-06-281-3/+3
| |/ | | | | | | Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
| * update mediapath for matterbridgePratyush Desai2023-06-271-2/+2
|/ | | | Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
* Merge pull request 'Add chillnet matterbridge uploads' (#72) from ↵Pratyush Desai2023-06-242-6/+8
|\ | | | | | | | | | | | | upload-matterbridge-chillnet into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/72 Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Add chillnet matterbridge uploadsPratyush Desai2023-06-252-6/+8
|/ | | | Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
* Merge pull request 'Rename Chillnet staff channel' (#71) from matter_remap ↵Pratyush Desai2023-05-031-2/+2
|\ | | | | | | | | | | | | into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/71 Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Used /RENAME for #fightclubPratyush Desai2023-05-031-2/+2
|/
* Merge pull request 'Init psyched.dev' (#70) from psyched into productionGeorg Pfuetzenreuter2023-05-023-0/+3
|\ | | | | | | Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/70
| * Init psyched.devGeorg Pfuetzenreuter2023-05-023-0/+3
|/ | | | | | | | Add pillar IDs for theia/orpheus/selene to disable sshd management on them (machines use custom configurations for historic reasons, and we like to preserve history). Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Init dencpod01.lysergic.dev' (#68) from dencpod01 into ↵Georg Pfuetzenreuter2023-05-021-0/+1
|\ | | | | | | | | | | production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/68
| * Init dencpod01.lysergic.devGeorg Pfuetzenreuter2023-05-021-0/+1
|/ | | | | | Blank machine. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Move backup_mode to minion dict' (#67) from file-backup ↵Georg Pfuetzenreuter2023-05-021-1/+1
|\ | | | | | | | | | | into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/67
| * Move backup_mode to minion dictGeorg Pfuetzenreuter2023-05-021-1/+1
|/ | | | | | Is a minion specific option. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Enable minion file backup' (#66) from file-backup into ↵Georg Pfuetzenreuter2023-05-021-0/+1
|\ | | | | | | | | | | production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/66
| * Enable minion file backupGeorg Pfuetzenreuter2023-05-021-0/+1
|/ | | | | | https://docs.saltproject.io/en/latest/ref/states/backup_mode.html Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Import moni firewall configuration' (#65) from moni into ↵Georg Pfuetzenreuter2023-05-021-0/+11
|\ | | | | | | | | | | production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/65
| * Import moni firewall configurationGeorg Pfuetzenreuter2023-05-021-0/+11
|/ | | | | | Some ports not yet covered by a role. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Init phoebe.lysergic.dev' (#64) from phoebe into productionGeorg Pfuetzenreuter2023-05-021-0/+1
|\ | | | | | | Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/64
| * Init phoebe.lysergic.devGeorg Pfuetzenreuter2023-05-021-0/+1
|/ | | | | | Blank machine. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Add manage_sshd conditional' (#63) from sshd-optional ↵Georg Pfuetzenreuter2023-05-022-0/+3
|\ | | | | | | | | | | into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/63
| * Disable manage_sshd for philiaGeorg Pfuetzenreuter2023-05-021-0/+1
| | | | | | | | | | | | Machine uses a custom sshd configuration for $reasons. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Add manage_sshd conditionalGeorg Pfuetzenreuter2023-05-021-0/+2
|/ | | | | | | Allow sshd configuration to be skipped on "special" machines using an optional "manage_sshd: False" pillar option. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'No longer remove libX11' (#62) from libX11 into productionGeorg Pfuetzenreuter2023-05-021-5/+0
|\ | | | | | | Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/62
| * No longer remove libX11Georg Pfuetzenreuter2023-05-021-5/+0
|/ | | | | | | Multiple packages need it as a dependency, maintaining an exclusion list is not feasible. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Add users conditional for sss' (#61) from ↵Georg Pfuetzenreuter2023-05-011-0/+4
|\ | | | | | | | | | | skip-users-if-sss into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/61
| * Add users conditional for sssGeorg Pfuetzenreuter2023-05-011-0/+4
|/ | | | | | Skip failing local users management on machines using sssd. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Check files in nbroles to grains script' (#60) from ↵Georg Pfuetzenreuter2023-05-011-1/+11
|\ | | | | | | | | | | nbroles-to-grains-refactor into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/60
| * Check files in nbroles to grains scriptGeorg Pfuetzenreuter2023-05-011-1/+11
|/ | | | | | | Script is called in the Lysergic repository as well, where not all files exist. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Repair manage_firewall behavior' (#59) from ↵Georg Pfuetzenreuter2023-05-011-1/+1
|\ | | | | | | | | | | firewall-optional into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/59
| * Repair manage_firewall behaviorGeorg Pfuetzenreuter2023-05-011-1/+1
|/ | | | | | | | Fixup to b685f16c914b9fa05bda7c69ce9e157d04262d09, default value was outside of conditional - it didn't cause any errors, but did not work as expected either. :-) Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Set env_order + ping_on_rotate' (#58) from saltenv into ↵Georg Pfuetzenreuter2023-05-011-0/+2
|\ | | | | | | | | | | production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/58
| * Set ping_on_rotateGeorg Pfuetzenreuter2023-05-011-0/+1
| | | | | | | | | | | | | | Enable option to ensure minions are immediately responsive after key rotations. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Set env_orderGeorg Pfuetzenreuter2023-05-011-0/+1
|/ | | | | | | | Option was removed in d4f39e8e5f807169b790d5380c10872d1ba31710, but the default environment seems to not be set to "production" without it being present. Adding it back until a better way is found. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Repair BookStack httpd configuration' (#57) from ↵Georg Pfuetzenreuter2023-05-011-9/+9
|\ | | | | | | | | | | themis-httpd-fixup into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/57
| * Repair BookStack httpd configurationGeorg Pfuetzenreuter2023-05-011-9/+9
|/ | | | | | | | | - Replace wrong instances of RewriteCond with RewriteRule - Remove wrong quotes around rewrite conditions - Set correct options (seemingly our version of httpd does not set FollowSymLinks by default?) Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Repair PrivateBin config quoting' (#56) from ↵Georg Pfuetzenreuter2023-04-301-2/+2
|\ | | | | | | | | | | privatebin-quoting into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/56
| * Repair PrivateBin config quotingGeorg Pfuetzenreuter2023-04-301-2/+2
|/ | | | | | Ensure strings are quoted correctly. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Repair undefined id' (#55) from common-id-var into ↵Georg Pfuetzenreuter2023-04-301-1/+1
|\ | | | | | | | | | | production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/55
| * Repair undefined idGeorg Pfuetzenreuter2023-04-301-1/+1
| | | | | | | | | | | | Replace with call to grains dict. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* | Merge pull request 'Adjust themis httpd directory options' (#50) from ↵Georg Pfuetzenreuter2023-04-301-1/+1
|\ \ | |/ |/| | | | | | | themis-httpd-fixup into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/50
| * Adjust themis httpd directory optionsGeorg Pfuetzenreuter2023-04-301-1/+1
| | | | | | | | | | | | | | | | Some directory options are not needed and were listed with syntax issues. Set to false to prevent "Options" from being added, which equals "Options +FollowSymLinks". Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* | Merge pull request 'Exclude libX11 removal for FPM hosts' (#54) from ↵Georg Pfuetzenreuter2023-04-302-1/+5
|\ \ | | | | | | | | | | | | | | | libX11-php into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/54
| * | Exclude libX11 removal for FPM hostsGeorg Pfuetzenreuter2023-04-302-1/+5
|/ / | | | | | | | | | | Needed for some PHP extensions. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* | Merge pull request 'Repair BookStack quoting' (#53) from bookstack-quoting ↵Georg Pfuetzenreuter2023-04-301-1/+1
|\ \ | | | | | | | | | | | | | | | into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/53
| * | Repair BookStack quotingGeorg Pfuetzenreuter2023-04-301-1/+1
|/ / | | | | | | | | | | Re-order ending quote. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* | Merge pull request 'Repair BookStack quoting' (#52) from bookstack-quoting ↵Georg Pfuetzenreuter2023-04-301-2/+2
|\ \ | | | | | | | | | | | | | | | into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/52
| * | Repair BookStack quotingGeorg Pfuetzenreuter2023-04-301-2/+2
|/ / | | | | | | | | | | | | Attempt to repair quoting by correcting the if-condition grouping and by replacing the quote filter with manual quotes. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* | Merge pull request 'BookStack fixups' (#51) from bookstack-fixup into productionGeorg Pfuetzenreuter2023-04-302-5/+5
|\ \ | |/ |/| | | Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/51
| * Correct BookStack groupGeorg Pfuetzenreuter2023-04-301-1/+1
| | | | | | | | | | | | | | Environment file needs to be readable by the www, not the wwwrun, group for PHP-FPM to be able to access it. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Correct SAML realm capitalizationGeorg Pfuetzenreuter2023-04-301-3/+3
| | | | | | | | | | | | The Keycloak realm is named "LibertaCasa", not "libertacasa". Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Quote BookStack valuesGeorg Pfuetzenreuter2023-04-301-1/+1
|/ | | | | | Some strings contain spaces or special characters and should be quoted. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Add empty role.privatebin pillar' (#49) from ↵Georg Pfuetzenreuter2023-04-301-0/+1
|\ | | | | | | | | | | privatebin-role into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/49
| * Add empty role.privatebin pillarGeorg Pfuetzenreuter2023-04-301-0/+1
| | | | | | | | | | | | | | For some reason Salt complains about the file missing, albeit us using "ignore_missing" in the top file. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* | Merge pull request 'Add manage_firewall conditional' (#48) from ↵Georg Pfuetzenreuter2023-04-307-0/+11
|\ \ | |/ |/| | | | | | | firewall-optional into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/48
| * Add manage_firewall conditionalGeorg Pfuetzenreuter2023-04-307-0/+11
|/ | | | | | | Allow us to enroll machines in Salt which do not yet have their firewall configuration imported without having their rules overwritten. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Add empty role.bookstack pillar' (#47) from ↵Georg Pfuetzenreuter2023-04-301-0/+1
|\ | | | | | | | | | | bookstack-pillar into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/47
| * Add empty role.bookstack pillarGeorg Pfuetzenreuter2023-04-301-0/+1
|/ | | | | | | For some reason Salt complains about the file missing (albeit us using having "ignore_missing" enabled in the pillar top). Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Allow saltenv/pillarenv override' (#45) from saltenv ↵Georg Pfuetzenreuter2023-04-301-2/+2
|\ | | | | | | | | | | into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/45
| * Allow saltenv/pillarenv overrideGeorg Pfuetzenreuter2023-04-301-2/+2
|/ | | | | | | To ease development, allow saltenv=<branch>/pillarenv=<branch> instead of enforcing the production branch. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Watch httpd service for snippets' (#46) from ↵Georg Pfuetzenreuter2023-04-301-4/+1
|\ | | | | | | | | | | httpd-service into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/46
| * Watch httpd service for snippetsGeorg Pfuetzenreuter2023-04-301-4/+1
|/ | | | | | | The reload/restart module calls have been dropped from the formula. Watch the service.running state instead. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Import themis / PrivateBin' (#40) from privatebin into ↵Georg Pfuetzenreuter2023-04-303-13/+144
|\ | | | | | | | | | | production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/40
| * id.themis: import backend firewall rulesprivatebinGeorg Pfuetzenreuter2023-04-291-0/+6
| | | | | | | | | | | | Allow HTTPS traffic. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * id.themis: import PrivateBin httpd vhostGeorg Pfuetzenreuter2023-03-121-13/+37
| | | | | | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * id.themis: import PrivateBin configurationGeorg Pfuetzenreuter2023-03-121-0/+42
| | | | | | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Add privatebin profile+roleGeorg Pfuetzenreuter2023-03-122-0/+59
| | | | | | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* | Merge pull request 'Split out salt.formulas state' (#44) from ↵Georg Pfuetzenreuter2023-04-292-7/+7
|\ \ | | | | | | | | | | | | | | | profile-formulas into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/44
| * | Split out salt.formulas stateGeorg Pfuetzenreuter2023-04-292-7/+7
|/ / | | | | | | | | | | | | Allow formulas update on Salt master without applying the complete Salt master profile. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* | Merge pull request 'Add tg lucy channel mapping' (#43) from mattertgbridge ↵Georg Pfuetzenreuter2023-04-141-0/+1
|\ \ | | | | | | | | | | | | | | | | | | into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/43 Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * | Add tg lucy channel mappingPratyush Desai2023-04-141-0/+1
|/ / | | | | | | Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
* | Merge pull request 'Add ChillNet matterbridge' (#42) from chillnet into ↵Georg Pfuetzenreuter2023-04-092-6/+39
|\ \ | |/ |/| | | | | | | | | production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/42 Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Add Chillnet to matterbridgePratyush Desai2023-04-102-0/+34
| | | | | | | | Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
| * Refactor matterbridge_media macroPratyush Desai2023-04-101-6/+5
|/ | | | Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
* Merge pull request 'Import themis / BookStack' (#35) from bookstack into ↵Pratyush Desai2023-03-1111-0/+212
|\ | | | | | | | | | | | | production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/35 Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
| * profile.bookstack: quote keysbookstackGeorg Pfuetzenreuter2023-03-111-2/+6
| | | | | | | | | | | | Some keys needed quoting to pass the YAML parser. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Enable php-formulaGeorg Pfuetzenreuter2023-02-261-0/+1
| | | | | | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * role.bookstack: include php-fpmGeorg Pfuetzenreuter2023-02-261-0/+1
| | | | | | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Add php-fpm roleGeorg Pfuetzenreuter2023-02-262-0/+3
| | | | | | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Enable memcached-formulaGeorg Pfuetzenreuter2023-02-261-0/+1
| | | | | | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * role.bookstack: include memcachedGeorg Pfuetzenreuter2023-02-261-0/+1
| | | | | | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Add memcached roleGeorg Pfuetzenreuter2023-02-262-0/+4
| | | | | | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * profile.apache-httpd: manage snippetsGeorg Pfuetzenreuter2023-02-263-1/+42
| | | | | | | | | | | | | | - add apache-httpd profile with snippets configuration - add TLS snippet to apache-httpd role pillar Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * id.themis: add BookStack configurationGeorg Pfuetzenreuter2023-02-261-0/+41
| | | | | | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * id.themis: add BookStack httpd configurationGeorg Pfuetzenreuter2023-02-261-0/+36
| | | | | | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Add bookstack profile+roleGeorg Pfuetzenreuter2023-02-262-0/+73
| | | | | | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Add web.apache-httpd roleGeorg Pfuetzenreuter2023-02-262-0/+5
| | | | | | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Enable apache-formulaGeorg Pfuetzenreuter2023-02-261-0/+1
|/ | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Import moni Prometheus configuration' (#32) from ↵Georg Pfuetzenreuter2023-02-2511-10/+223
|\ | | | | | | | | | | prometheus-moni into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/32
| * Disable commit lintingGeorg Pfuetzenreuter2023-02-211-9/+9
| | | | | | | | | | | | Temporary change until imports with existing messages are finished. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Manage Prometheus firewall rulesGeorg Pfuetzenreuter2023-02-212-0/+15
| | | | | | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Moni: Read Blackbox targets as JSONGeorg Pfuetzenreuter2023-02-211-2/+2
| | | | | | | | | | | | Use uniform JSON target files instead of a JSON/YAML mix. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * p.node_exporter->p.prometheus.node_exporterGeorg Pfuetzenreuter2023-02-212-1/+1
| | | | | | | | | | | | | | | | Since the last commit introduced a new Prometheus targets profile, it makes sense to move node_exporter underneath the Prometheus tree as well. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Manage Prometheus targetsGeorg Pfuetzenreuter2023-02-214-2/+21
| | | | | | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Import Prometheus server configurationGeorg Pfuetzenreuter2023-02-217-0/+179
| | | | | | | | | | | | | | | | | | | | | | * add new roles: - monitoring.prometheus - monitoring.prometheus-alertmanager - monitoring.prometheus-exporter-blackbox * add common Prometheus and Prometheus Alertmanager pillar data * add moni.lysergic.dev specific Prometheus pillar data Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* | Merge pull request 'pipeline.gommit: allow more characters in prefix' (#38) ↵Pratyush Desai2023-02-221-1/+1
|\ \ | |/ |/| | | | | | | | | from commit-lint into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/38 Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
| * pipeline.gommit: allow more characters in prefixGeorg Pfuetzenreuter2023-02-201-1/+1
|/ | | | | | | - For profiles/roles with - or _ in their name - In the future we should rename all - to _ and adjust the regex to forbid all - Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Commmit lint: allow pipeline + more characters' (#37) ↵Pratyush Desai2023-02-201-1/+1
|\ | | | | | | | | | | from commit-lint into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/37
| * pipeline.gommit: allow pipeline + more charactersGeorg Pfuetzenreuter2023-02-191-1/+1
|/ | | | | | | - allow pipeline.* prefix - allow some special characters in summary Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Enable commit message linting' (#36) from commit-lint ↵Pratyush Desai2023-02-193-1/+73
|\ | | | | | | | | | | | | into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/36 Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
| * Enable commit lintingGeorg Pfuetzenreuter2023-02-191-1/+11
| | | | | | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Add commit lintingGeorg Pfuetzenreuter2023-02-192-0/+62
|/ | | | | | | - add gommit configuration - add wrapper script Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Linting' (#33) from linting into productionGeorg Pfuetzenreuter2023-02-158-12/+28
|\ | | | | | | Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/33
| * Address salt-lint errors/warningsGeorg Pfuetzenreuter2023-02-156-10/+12
| | | | | | | | | | | | | | - remove trailing whitespaces - format octal modes correctly Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Address yamllint errors/warningsGeorg Pfuetzenreuter2023-02-152-2/+5
| | | | | | | | | | | | | | - remove spaces, add headers - add ignore for line-lengths in .pipeline.yml Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Add linting pipelineGeorg Pfuetzenreuter2023-02-151-0/+11
|/ | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Enable prometheus-formula' (#31) from prometheus-formula ↵Georg Pfuetzenreuter2023-02-151-0/+1
|\ | | | | | | | | | | into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/31
| * Enable prometheus-formulaGeorg Pfuetzenreuter2023-02-151-0/+1
|/ | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'denc-webcluster: add ModSecurity adjustments' (#30) from ↵Georg Pfuetzenreuter2023-02-131-0/+9
|\ | | | | | | | | | | import-denc-webcluster-nginx-modsec into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/30
| * denc-webcluster: add ModSecurity adjustmentsGeorg Pfuetzenreuter2023-02-121-0/+9
|/ | | | | | | | With the rollout of our Salted configuration, ModSecurity came enforced. This adds necessary rules to PrivateBin and BookStack for correct operation. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'denc-webcluster: nginx listen on HA addresses' (#29) ↵Georg Pfuetzenreuter2023-02-121-5/+5
|\ | | | | | | | | | | from import-denc-webcluster-nginx-listen-fixup into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/29
| * denc-webcluster: nginx listen on HA addressesGeorg Pfuetzenreuter2023-02-121-5/+5
|/ | | | | | Accidentally configured to listen only internally. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'AppArmor: reload on drop-in changes' (#28) from ↵Georg Pfuetzenreuter2023-02-121-0/+13
|\ | | | | | | | | | | reload-apparmor into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/28
| * AppArmor: reload on drop-in changesGeorg Pfuetzenreuter2023-02-121-0/+13
|/ | | | | | Self-explanatory. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Manage AppArmor on web-proxie's' (#27) from ↵Georg Pfuetzenreuter2023-02-123-0/+17
|\ | | | | | | | | | | import-denc-webcluster-apparmor into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/27
| * denc-webcluster: nginx AppArmor rulesGeorg Pfuetzenreuter2023-02-121-0/+7
| | | | | | | | | | | | Allow access to client trust certificate and to static content. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * web-proxy: include apparmor.localGeorg Pfuetzenreuter2023-02-121-0/+1
| | | | | | | | | | | | | | Some web proxy servers need additional AppArmor drop-ins, for example for serving static content. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Add AppArmor profileGeorg Pfuetzenreuter2023-02-121-0/+9
|/ | | | | | | Simple profile to allow for management of local profile drop-ins using pillar values. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'denc-webcluster: nginx config fixup' (#26) from ↵Georg Pfuetzenreuter2023-02-121-5/+2
|\ | | | | | | | | | | import-denc-webcluster-iphash into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/26
| * denc-webcluster: nginx config fixupGeorg Pfuetzenreuter2023-02-121-5/+2
|/ | | | | | | | - remove keys duplicated by include - repair wrong snippets include directory - repair wrong ip_hash option syntax Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'ha-node: vrrp is a protocol' (#25) from vrrp-fixup into ↵Georg Pfuetzenreuter2023-02-121-1/+1
|\ | | | | | | | | | | production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/25
| * ha-node: vrrp is a protocolGeorg Pfuetzenreuter2023-02-121-1/+1
|/ | | | | | Accidentally added as a service. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'denc-webcluster: allow http(s) publicly' (#24) from ↵Georg Pfuetzenreuter2023-02-121-0/+8
|\ | | | | | | | | | | import-denc-webcluster-fw into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/24
| * denc-webcluster: enable keepalived script securityGeorg Pfuetzenreuter2023-02-121-0/+1
| | | | | | | | | | | | Prevent script tampering. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * denc-webcluster: allow http(s) publiclyGeorg Pfuetzenreuter2023-02-121-0/+7
|/ | | | | | Public firewall rules were missing from initial import. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Import denc webcluster (nemesis/hubris)' (#12) from ↵Georg Pfuetzenreuter2023-02-1211-0/+367
|\ | | | | | | | | | | import-denc-webcluster into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/12
| * Manage backend firewall zoneimport-denc-webclusterGeorg Pfuetzenreuter2023-02-122-0/+7
| | | | | | | | | | | | | | Configure backend firewall zones if applicable. Allow all UDP for cluster traffic. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * ha-node: allow vrrp in firewallGeorg Pfuetzenreuter2023-02-122-0/+7
| | | | | | | | | | | | Needed for keepalived operation. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Add ha-netcup roleGeorg Pfuetzenreuter2023-02-121-0/+3
| | | | | | | | | | | | | | Role managing the Netcup IP failover script plus keepalived. Requires ha-node role introduced via a8bbe056f1. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Add keepalived_script_user profileGeorg Pfuetzenreuter2023-02-121-0/+7
| | | | | | | | | | | | | | Short profile source from other profiles requiring the keepalived_script user to be present. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Add netcup_failover profileGeorg Pfuetzenreuter2023-02-123-0/+133
| | | | | | | | | | | | | | Profile managing a Netcup IP address failover script for use with keepalived. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * nemesis/hubris: import keepalived configurationGeorg Pfuetzenreuter2023-02-121-4/+61
| | | | | | | | | | | | Add shared configuration to cluster.denc.web-proxy. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * nemesis/hubris: include denc.web-proxyGeorg Pfuetzenreuter2023-02-122-0/+4
| | | | | | | | | | | | Add shared nginx configuration to nemesis/hubris HA pair nodes. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * nemesis/hubris: import nginx configurationGeorg Pfuetzenreuter2023-02-121-0/+149
|/ | | | | | Add shared configuration to cluster.denc.web-proxy. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'common-suse: add qemu-guest-agent + remove AutoYaST' ↵Georg Pfuetzenreuter2023-02-121-1/+22
|\ | | | | | | | | | | (#23) from common-suse into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/23
| * common.suse: manage qemu-guest-agentGeorg Pfuetzenreuter2023-02-121-0/+9
| | | | | | | | | | | | Ensure qemu-guest-agent is active on all KVM guests. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * common.suse: remove AutoYaSTGeorg Pfuetzenreuter2023-02-121-1/+13
| | | | | | | | | | | | | | We only use AutoYaST for the OS deployment and don't need the packages afterwards. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* | Merge pull request 'dericom02: manage web firewall zone' (#22) from ↵Georg Pfuetzenreuter2023-02-121-0/+8
|\ \ | |/ |/| | | | | | | dericom02-webfw into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/22
| * dericom02: manage web firewall zoneGeorg Pfuetzenreuter2023-02-121-0/+8
|/ | | | | | | Import locally configured web zone into Salt. This zone allows the web proxy to reach http for serving Matterbridge media. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'lighttpd: improve dependencies' (#21) from ↵Georg Pfuetzenreuter2023-02-121-0/+5
|\ | | | | | | | | | | lighttpd-watch into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/21
| * lighttpd: improve dependenciesGeorg Pfuetzenreuter2023-02-121-0/+5
|/ | | | | | | - add more explicit Salt ID dependencies - reload service on configuration changes Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'dericom02: disable matterbridge XMPP debug' (#20) from ↵Georg Pfuetzenreuter2023-02-121-1/+1
|\ | | | | | | | | | | matterbridge-xmpp-debug into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/20
| * dericom02: disable matterbridge XMPP debugGeorg Pfuetzenreuter2023-02-121-1/+1
|/ | | | | | It's very noisy - one can enable it on demand if needed. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'matterbridge: restart on changes' (#19) from ↵Georg Pfuetzenreuter2023-02-121-0/+4
|\ | | | | | | | | | | matterbridge-watch into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/19
| * matterbridge: restart on changesGeorg Pfuetzenreuter2023-02-121-0/+4
|/ | | | | | | Matterbridge does detect file changes, but seems to only apply them on a service restart. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'matterbridge: quote numbers' (#18) from ↵Georg Pfuetzenreuter2023-02-121-1/+1
|\ | | | | | | | | | | matterbridge-booleans into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/18
| * matterbridge: quote numbersGeorg Pfuetzenreuter2023-02-121-1/+1
| | | | | | | | | | | | Needed to make the TOML configuration format happy. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* | Merge pull request 'Disable "aithunder" Discord bridge' (#17) from ↵Georg Pfuetzenreuter2023-02-121-1/+3
|\ \ | |/ |/| | | | | | | matterbridge-aithunder into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/17
| * Disable "aithunder" Discord bridgeGeorg Pfuetzenreuter2023-02-121-1/+3
|/ | | | | | Discord room does not exist. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'dericom02: quote matterbridge booleans' (#16) from ↵Georg Pfuetzenreuter2023-02-121-31/+31
|\ | | | | | | | | | | matterbridge-booleans into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/16
| * dericom02: quote matterbridge booleansGeorg Pfuetzenreuter2023-02-121-31/+31
|/ | | | | | TOML configuration format needs lowercase boolean values. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Matterbridge media' (#15) from matterbridge-media into ↵Pratyush Desai2023-02-122-2/+24
|\ | | | | | | | | | | production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/15
| * dericom02: manage matterbridge mediaGeorg Pfuetzenreuter2023-02-121-2/+13
| | | | | | | | | | | | | | - move base media directory to variable - add lighttpd vhosts to pillar Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * matterbridge: manage media directoriesGeorg Pfuetzenreuter2023-02-121-0/+11
|/ | | | | | Create media directories if defined in the pillar. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'matterbridge: add role pillar' (#14) from ↵Pratyush Desai2023-02-091-0/+1
|\ | | | | | | | | | | matterbridge-pillar-fixup into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/14
| * matterbridge: add role pillarGeorg Pfuetzenreuter2023-02-091-0/+1
|/ | | | | | | Empty for now, adding for future reference and because we enforce role pillars to exist. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Merge pull request 'Import Matterbridge configuration' (#10) from ↵Pratyush Desai2023-02-091-0/+221
|\ | | | | | | | | | | import-dericom02 into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/10
| * dericom02: import Matterbridge configurationGeorg Pfuetzenreuter2023-02-071-0/+221
| | | | | | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* | Merge pull request 'Refactor Matterbridge profile' (#11) from ↵Pratyush Desai2023-02-092-23/+26
|\ \ | | | | | | | | | | | | | | | matterbridge-refactor into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/11
| * | Refactor matterbridge profileGeorg Pfuetzenreuter2023-02-072-23/+26
| |/ | | | | | | | | | | | | | | - reduce pillar calls - no longer define possible configuration options, apply settings from pillar 1:1 Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* | Merge pull request 'Add ha-node role + enable keepalived formula' (#13) from ↵Georg Pfuetzenreuter2023-02-082-0/+3
|\ \ | |/ |/| | | | | | | keepalived-formula into production Reviewed-on: https://git.com.de/LibertaCasa/salt/pulls/13
| * Add ha-node roleGeorg Pfuetzenreuter2023-02-081-0/+2
| | | | | | | | | | | | Add ha-node role for machines in a HA pair using keepalived. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| * Enable keepalived-formulaGeorg Pfuetzenreuter2023-02-081-0/+1
|/ | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* derimisc01: import Tor configurationGeorg Pfuetzenreuter2023-02-071-0/+14
| | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Add onion-router roleGeorg Pfuetzenreuter2023-02-072-0/+7
| | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Enable tor-formulaGeorg Pfuetzenreuter2023-02-061-0/+1
| | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Set webirc backend to httpsGeorg Pfuetzenreuter2023-02-061-1/+1
| | | | | | Ergo rightfully does not accept plain text websocket connections. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Include libertacasa for liberta.casaGeorg Pfuetzenreuter2023-02-061-0/+1
| | | | | | | | Fallout from 77fa39e59c15a2235f210128dab821d2e2fd6ae5 - libertacasa nginx snippet needs to be included in liberta.casa server for main website to operate on the clearnet. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-16 15:00:12 +0000