aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeLines
* Set proxied to true for paste recordGravatar Joe Banks2024-06-06-1/+1
|
* Add paste.pydis.wtf record for forwardingGravatar Joe Banks2024-06-06-0/+8
|
* Add tmpfs to King ArthurGravatar Joe Banks2024-06-05-0/+9
|
* Add automatic HBA rules for all users to connect via mTLSGravatar Joe Banks2024-06-04-3/+9
|
* Add devops user accountGravatar Joe Banks2024-06-04-42/+69
|
* Add CA file to postgresql.confGravatar Joe Banks2024-06-04-0/+2
|
* Add pg_ident.conf fileGravatar Joe Banks2024-06-04-1/+18
|
* Install PostgreSQL documentation packageGravatar Johannes Christ2024-06-04-0/+1
|
* Bump ruff from 0.4.5 to 0.4.7 (#342)Gravatar dependabot[bot]2024-06-03-21/+22
| | | | | | | | | | | | | | | | Bumps [ruff](https://github.com/astral-sh/ruff) from 0.4.5 to 0.4.7. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](https://github.com/astral-sh/ruff/compare/v0.4.5...v0.4.7) --- updated-dependencies: - dependency-name: ruff dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Add Bella to git-crypt keyringGravatar Johannes Christ2024-06-02-0/+0
| | | | | | | | | | | | New collaborators: DB1D650A Amrou Bellalouna <[email protected]> The key has been verified and signed by both Joe and me. Chris was MIA but approved it ahead of time. Approved-by: Joe Banks <[email protected]> Approved-by: Chris Lovering <[email protected]>
* Remove PostgreSQL Exporter from KubernetesGravatar Joe Banks2024-06-02-55/+0
|
* Remove Kubernetes PostgreSQL AlertsGravatar Joe Banks2024-06-02-29/+0
|
* Remove Kubernetes PostgreSQL backup from BlackboxGravatar Joe Banks2024-06-02-6/+1
|
* Remove PostgreSQL deployment from KubernetesGravatar Joe Banks2024-06-02-127/+0
|
* Update pixels environment variableGravatar Joe Banks2024-06-02-0/+0
|
* add pixels user and dbGravatar shtlrs2024-06-02-39/+60
|
* Force line-endings to LF in Ansible gitattributesGravatar Joe Banks2024-06-02-1/+1
|
* Update Metabase configuration secretGravatar Joe Banks2024-06-02-0/+0
|
* add metabase user and databaseGravatar shtlrs2024-06-02-0/+8
|
* Add PostgreSQL alerts to Ansible Prometheus configurationGravatar Joe Banks2024-06-02-0/+30
|
* Filter CNs of client certificates for PrometheusGravatar Joe Banks2024-06-02-0/+8
|
* Allow node_exporter scraping in nftablesGravatar Joe Banks2024-06-02-0/+3
|
* Fix docs lint flowGravatar Joe Banks2024-06-02-0/+3
|
* Move default server config to a templateGravatar Joe Banks2024-06-02-2/+2
|
* Issue certificate for hostname and sub-services, not both in oneGravatar Joe Banks2024-06-02-1/+2
|
* Deploy host-specific configs in NGINXGravatar Joe Banks2024-06-02-8/+20
|
* Create new reverse proxying config for PrometheusGravatar Joe Banks2024-06-02-0/+18
|
* Move files config to new NGINX turing host variablesGravatar Joe Banks2024-06-02-10/+13
|
* Add NGINX deployment to lovelaceGravatar Joe Banks2024-06-02-0/+1
|
* Remove Prometheus rules from nftablesGravatar Joe Banks2024-06-02-9/+0
|
* Revert Prometheus listen settings to HTTPGravatar Joe Banks2024-06-02-28/+0
|
* Bump ansible/roles/nftables from `015a7ed` to `4acd4ae`Gravatar dependabot[bot]2024-06-02-0/+0
| | | | | | | | | | | | Bumps [ansible/roles/nftables](https://github.com/jchristgit/ansible-role-nftables) from `015a7ed` to `4acd4ae`. - [Commits](https://github.com/jchristgit/ansible-role-nftables/compare/015a7ed269e7122dbd714c23eb6cec8a52176f0b...4acd4ae18f27c50d22d1f5db470ee561aeeb6375) --- updated-dependencies: - dependency-name: ansible/roles/nftables dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
* Update Hugo versions in CIGravatar Joe Banks2024-06-01-8/+10
|
* Update hugo-book theme to v10Gravatar Joe Banks2024-06-01-0/+0
|
* Template config instead of YAML copy for PrometheusGravatar Joe Banks2024-06-01-1/+1
|
* Update Prometheus config to include Postgres exporterGravatar Joe Banks2024-06-01-2/+15
| | | | | We dynamically fetch all hosts in the databases group and add them to the scrape targets with the PostgreSQL exporter port (9187)
* Update site secret with new database addressGravatar Joe Banks2024-06-01-0/+0
|
* add hba conf for metabase to connect to siteGravatar shtlrs2024-06-01-0/+11
|
* grant correct privileges to site and grafanaGravatar shtlrs2024-06-01-37/+75
|
* Make issuing pg grants configurable (#327)Gravatar Amrou Bellalouna2024-06-01-0/+53
| | | | | * add a task to issue pg grants for specific roles * document the postgres role
* whitelist ips of netcup and linode servers (#326)Gravatar Amrou Bellalouna2024-05-31-13/+18
|
* Add sudo.tls.pydis.wtf to allowed SANs for PrometheusGravatar Joe Banks2024-05-30-0/+1
|
* Enable mTLS SAN validationGravatar Joe Banks2024-05-30-0/+3
|
* Restart Prometheus instead of reload after web config updateGravatar Joe Banks2024-05-30-1/+1
|
* Update Prometheus web config with mTLS preferencesGravatar Joe Banks2024-05-30-0/+3
|
* Set secure modeGravatar Johannes Christ2024-05-30-0/+1
| | | | Co-authored-by: Dennis Schuster <[email protected]>
* Pleasure the style dictatorGravatar Johannes Christ2024-05-30-1/+5
| | | | Co-authored-by: Amrou Bellalouna <[email protected]>
* Install custom Prometheus versionGravatar Johannes Christ2024-05-30-2/+85
| | | | Co-authored-by: Joe William Murray Humphreys Banks <[email protected]>
* Add new users for Grafana and MetabaseGravatar Joe Banks2024-05-28-34/+73
| | | | | | Adds the new roles necessary for grafana and metabase, grants them access to the metricity table as well as giving them the pg_read_all_data role for read-only access to the metricity database.
* Update site and metricity with new metricity db user credentialsGravatar Joe Banks2024-05-28-0/+0
|
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-25 01:33:25 +0000