| Commit message (Collapse) | Author | Age | Lines | ||
|---|---|---|---|---|---|
| ... | |||||
| * | Install dependencies using poetry |  shtlrs | 2024-05-01 | -8/+14 | |
| | | |||||
| * | bump the debian version used | shtlrs | 2024-05-01 | -4/+3 | |
| | | | | | This also explicitly specifies the sync type to rsync | ||||
| * | Stop alerting for slow GitHub webhook filter endpoint calls (#235) |  jchristgit | 2024-04-29 | -2/+2 | |
| | | | | | | These are directly forwarded to GitHub with no time-consuming processing done on the site. We would therefore be alerting for GitHub's slowness, which is rather useless. | ||||
| * | Whitelist possible LKE addresses to PostgreSQL on lovelace | Johannes Christ | 2024-04-29 | -8/+26 | |
| | | | | | | | | | This allows us to connect to PostgreSQL on lovelace from any possible LKE node location, whilst not opening up our PostgreSQL instances to the world. This has already been rolled out. | ||||
| * | Add LKE addresses to group variables | Johannes Christ | 2024-04-29 | -0/+9 | |
| | | |||||
| * | Update nftables role | Johannes Christ | 2024-04-29 | -0/+0 | |
| | | | | | | The new commit includes automatic validation of the `nft` configuration to ensure that any deployed config is valid. | ||||
| * | Remove UFW and make ansible-lint happy | Johannes Christ | 2024-04-29 | -33/+2 | |
| | | |||||
| * | Use nftables for firewalling | Johannes Christ | 2024-04-29 | -39/+86 | |
| | | | | | | | | | | nftables is the modern replacement for iptables, which ufw uses under the hood. It allows us to specify firewall rules in a simple text file (with as much or as little abstraction as we want) and is quick to update and read. The text-file format allows more liberty with commenting compared to UFW. The existing `ufw` role has been converted to simply remove UFW. This has already been deployed on lovelace. | ||||
| * | Updated postgres config from PGTune |  Chris Lovering | 2024-04-29 | -2/+11 | |
| | | |||||
| * | update access table to netcup servers | Amrou Bellalouna | 2024-04-29 | -1/+1 | |
| | | |||||
| * | Add ops site DNS |  Joe Banks | 2024-04-28 | -0/+8 | |
| | | |||||
| * | Connect netcup Prometheus to Kubernetes Alertmanager | Johannes Christ | 2024-04-28 | -1/+3 | |
| | | | | | Closes #240. | ||||
| * | Add new zone entries for pydis.wtf service migration | Joe Banks | 2024-04-28 | -0/+64 | |
| | | | | | Adds the necessary DNS entries for issue #230 | ||||
| * | Add AAAA records for our box domains | Joe Banks | 2024-04-28 | -12/+24 | |
| | | |||||
| * | Bump actions/configure-pages from 4 to 5 |  dependabot[bot] | 2024-04-28 | -1/+1 | |
| | | | | | | | | | | | | | | | Bumps [actions/configure-pages](https://github.com/actions/configure-pages) from 4 to 5. - [Release notes](https://github.com/actions/configure-pages/releases) - [Commits](https://github.com/actions/configure-pages/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/configure-pages dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> | ||||
| * | Bump HassanAbouelela/actions from setup-python_v1.4.2 to 1.5.0 | dependabot[bot] | 2024-04-28 | -4/+4 | |
| | | | | | | | | | | | | | | Bumps [HassanAbouelela/actions](https://github.com/hassanabouelela/actions) from setup-python_v1.4.2 to 1.5.0. This release includes the previously tagged commit. - [Release notes](https://github.com/hassanabouelela/actions/releases) - [Commits](https://github.com/hassanabouelela/actions/compare/setup-python_v1.4.2...setup-python_v1.5.0) --- updated-dependencies: - dependency-name: HassanAbouelela/actions dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> | ||||
| * | Document how to use Ansible on Windows (#247) | jchristgit | 2024-04-28 | -4/+9 | |
| | | |||||
| * | Update hugo theme submodule with dependabot (#246) | jchristgit | 2024-04-28 | -0/+7 | |
| | | |||||
| * | Do not use vault token for linting branches (#245) | jchristgit | 2024-04-28 | -9/+4 | |
| | | | | | Prevent security problems from exposing the vault token on non-main branches. | ||||
| * | Install hugo properly | Johannes Christ | 2024-04-27 | -1/+2 | |
| | | |||||
| * | Move documentation to Hugo | Johannes Christ | 2024-04-27 | -372/+185 | |
| | | | | | | | Shortly before merge, the repository settings need to be updated to set GitHub Actions as the deployment source, to prevent GitHub from trying to build with Jekyll. | ||||
| * | Use same indent for all fail2ban options | Johannes Christ | 2024-04-27 | -1/+1 | |
| | | |||||
| * | Document the DNS system in dns/README.md | Joe Banks | 2024-04-27 | -1/+22 | |
| | | |||||
| * | Add DNS folders to README.md | Joe Banks | 2024-04-27 | -1/+4 | |
| | | |||||
| * | Don't run DNS comment workflow if no planned changes | Joe Banks | 2024-04-27 | -0/+1 | |
| | | |||||
| * | Modify actions to use poetry install instead of requirements.txt | Joe Banks | 2024-04-27 | -12/+8 | |
| | | |||||
| * | Add dependencies to new dns group in pyproject.toml | Joe Banks | 2024-04-27 | -5/+258 | |
| | | |||||
| * | Add workflow to deploy DNS changes to providers | Joe Banks | 2024-04-27 | -0/+27 | |
| | | |||||
| * | Update all versions in the dry run workflow | Joe Banks | 2024-04-27 | -6/+6 | |
| | | |||||
| * | Use a read-only token to generate the DNS plan | Joe Banks | 2024-04-27 | -1/+1 | |
| | | |||||
| * | Add GitHub Actions workflow for DNS plan | Joe Banks | 2024-04-27 | -1/+50 | |
| | | |||||
| * | Add zone files for all our domains | Joe Banks | 2024-04-27 | -0/+474 | |
| | | |||||
| * | Add OctoDNS configuration and documentation | Joe Banks | 2024-04-27 | -0/+29 | |
| | | |||||
| * | Add .env files to gitignore | Joe Banks | 2024-04-27 | -0/+1 | |
| | | |||||
| * | Bump ansible to 9.5.1 | Chris Lovering | 2024-04-27 | -46/+46 | |
| | | |||||
| * | Bump ruff from 0.3.7 to 0.4.1 | dependabot[bot] | 2024-04-27 | -20/+21 | |
| | | | | | | | | | | | | | | | | | Bumps [ruff](https://github.com/astral-sh/ruff) from 0.3.7 to 0.4.1. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](https://github.com/astral-sh/ruff/compare/v0.3.7...v0.4.1) --- updated-dependencies: - dependency-name: ruff dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> | ||||
| * | Merge remote-tracking branch 'origin/update-onboarding-document' | Chris Lovering | 2024-04-27 | -1/+2 | |
| |\ | |||||
| | * | Include Ansible Vault in onboarding document | Johannes Christ | 2024-04-27 | -1/+2 | |
| | | | |||||
| * | | Remove debug command from status embed workflow | Johannes Christ | 2024-04-27 | -1/+1 | |
| | | | |||||
| * | | Use curl for sending status embed | Chris Lovering | 2024-04-27 | -1/+1 | |
| |/ | | | | Using `wget` this fails occasionally for unknown reasons. | ||||
| * | Remove fallback service in favour of DNS logging | Joe Banks | 2024-04-27 | -14/+0 | |
| | | |||||
| * | Log all failed PostgreSQL queries to CoreDNS | Joe Banks | 2024-04-27 | -0/+10 | |
| | | |||||
| * | Update all secrets to new PostgreSQL service | Joe Banks | 2024-04-27 | -1/+1 | |
| | | |||||
| * | Upgrade to PostgreSQL 16 and move to databases namespace | Joe Banks | 2024-04-27 | -13/+31 | |
| | | |||||
| * | Update pixels redis secret | Chris Lovering | 2024-04-26 | -0/+0 | |
| | | |||||
| * | Exclude home and tag views from latency alerts | Johannes Christ | 2024-04-24 | -2/+2 | |
| | | | | | | These are known issues and we probably won't do anything about them, so stop alerting us about it. | ||||
| * | Add bellas user | Chris Lovering | 2024-04-24 | -53/+99 | |
| | | |||||
| * | Update black-knight constant key names | Chris Lovering | 2024-04-18 | -0/+0 | |
| | | |||||
| * | Update ContainerOOMEvent alert | Joe Banks | 2024-04-17 | -4/+4 | |
| | | |||||
| * | Move mongodb to databases namespace | Joe Banks | 2024-04-16 | -2/+5 | |
| | | |||||
 |
index : infra | |
| The PyDis DevOps boiler house, the engine room, where the magic happens. |
| aboutsummaryrefslogtreecommitdiffstats |