| Commit message (Collapse) | Author | Age | Lines | ||
|---|---|---|---|---|---|
| ... | |||||
| * | Install emacs-nox |  Johannes Christ | 2024-06-18 | -0/+8 | |
| | | | | | As requested by Joe. | ||||
| * | Install tmux | Johannes Christ | 2024-06-18 | -1/+3 | |
| | | |||||
| * | Install vim | Johannes Christ | 2024-06-17 | -0/+7 | |
| | | |||||
| * | Update Grafana repository to use explicit keyring |  Joe Banks | 2024-06-07 | -3/+3 | |
| | | |||||
| * | Add systemd overrides with new security preferences | Joe Banks | 2024-06-07 | -0/+38 | |
| | | |||||
| * | Add NGINX access and error logs | Joe Banks | 2024-06-07 | -0/+10 | |
| | | |||||
| * | Add relabing stages to name custom log extractors | Joe Banks | 2024-06-07 | -0/+11 | |
| | | |||||
| * | Update configuration template with authentication | Joe Banks | 2024-06-07 | -9/+18 | |
| | | |||||
| * | Update documentation for Alloy with Loki configuration | Joe Banks | 2024-06-07 | -3/+4 | |
| | | |||||
| * | Add Alloy vars file with endpoint and authentication | Joe Banks | 2024-06-07 | -0/+14 | |
| | | |||||
| * | Add host vars for database host to export PostgreSQL log | Joe Banks | 2024-06-07 | -0/+4 | |
| | | |||||
| * | Extend Alloy configuration to include some default files + extra files | Joe Banks | 2024-06-07 | -0/+27 | |
| | | |||||
| * | Update default variables for Alloy with empty extra files list | Joe Banks | 2024-06-07 | -0/+2 | |
| | | |||||
| * | Update Alloy README to document extra files | Joe Banks | 2024-06-07 | -0/+7 | |
| | | |||||
| * | Add Alloy role to all host deployment section | Joe Banks | 2024-06-07 | -0/+1 | |
| | | |||||
| * | Add role to install and template configuration for Alloy | Joe Banks | 2024-06-07 | -0/+85 | |
| | | |||||
| * | Remove become_ask_pass preference from Ansible configuration | Joe Banks | 2024-06-07 | -1/+0 | |
| | | |||||
| * | Add new sudoers rule for NOPASSWD sudo | Joe Banks | 2024-06-07 | -0/+2 | |
| | | |||||
| * | Add PostgreSQL user to cert reader group | Joe Banks | 2024-06-06 | -0/+1 | |
| | | |||||
| * | Update directory permissions of certbot generated certificates | Joe Banks | 2024-06-06 | -1/+2 | |
| | | |||||
| * | use host issued certs for postgres server instead of snakeoil's |  shtlrs | 2024-06-06 | -4/+4 | |
| | | |||||
| * | Add automatic HBA rules for all users to connect via mTLS | Joe Banks | 2024-06-04 | -3/+9 | |
| | | |||||
| * | Add devops user account | Joe Banks | 2024-06-04 | -42/+69 | |
| | | |||||
| * | Add CA file to postgresql.conf | Joe Banks | 2024-06-04 | -0/+2 | |
| | | |||||
| * | Add pg_ident.conf file | Joe Banks | 2024-06-04 | -1/+18 | |
| | | |||||
| * | Install PostgreSQL documentation package | Johannes Christ | 2024-06-04 | -0/+1 | |
| | | |||||
| * | add pixels user and db | shtlrs | 2024-06-02 | -39/+60 | |
| | | |||||
| * | Force line-endings to LF in Ansible gitattributes | Joe Banks | 2024-06-02 | -1/+1 | |
| | | |||||
| * | add metabase user and database | shtlrs | 2024-06-02 | -0/+8 | |
| | | |||||
| * | Add PostgreSQL alerts to Ansible Prometheus configuration | Joe Banks | 2024-06-02 | -0/+30 | |
| | | |||||
| * | Filter CNs of client certificates for Prometheus | Joe Banks | 2024-06-02 | -0/+8 | |
| | | |||||
| * | Allow node_exporter scraping in nftables | Joe Banks | 2024-06-02 | -0/+3 | |
| | | |||||
| * | Move default server config to a template | Joe Banks | 2024-06-02 | -2/+2 | |
| | | |||||
| * | Issue certificate for hostname and sub-services, not both in one | Joe Banks | 2024-06-02 | -1/+2 | |
| | | |||||
| * | Deploy host-specific configs in NGINX | Joe Banks | 2024-06-02 | -8/+20 | |
| | | |||||
| * | Create new reverse proxying config for Prometheus | Joe Banks | 2024-06-02 | -0/+18 | |
| | | |||||
| * | Move files config to new NGINX turing host variables | Joe Banks | 2024-06-02 | -10/+13 | |
| | | |||||
| * | Add NGINX deployment to lovelace | Joe Banks | 2024-06-02 | -0/+1 | |
| | | |||||
| * | Remove Prometheus rules from nftables | Joe Banks | 2024-06-02 | -9/+0 | |
| | | |||||
| * | Revert Prometheus listen settings to HTTP | Joe Banks | 2024-06-02 | -28/+0 | |
| | | |||||
| * | Bump ansible/roles/nftables from `015a7ed` to `4acd4ae` |  dependabot[bot] | 2024-06-02 | -0/+0 | |
| | | | | | | | | | | | | | Bumps [ansible/roles/nftables](https://github.com/jchristgit/ansible-role-nftables) from `015a7ed` to `4acd4ae`. - [Commits](https://github.com/jchristgit/ansible-role-nftables/compare/015a7ed269e7122dbd714c23eb6cec8a52176f0b...4acd4ae18f27c50d22d1f5db470ee561aeeb6375) --- updated-dependencies: - dependency-name: ansible/roles/nftables dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> | ||||
| * | Template config instead of YAML copy for Prometheus | Joe Banks | 2024-06-01 | -1/+1 | |
| | | |||||
| * | Update Prometheus config to include Postgres exporter | Joe Banks | 2024-06-01 | -2/+15 | |
| | | | | | | We dynamically fetch all hosts in the databases group and add them to the scrape targets with the PostgreSQL exporter port (9187) | ||||
| * | add hba conf for metabase to connect to site | shtlrs | 2024-06-01 | -0/+11 | |
| | | |||||
| * | grant correct privileges to site and grafana | shtlrs | 2024-06-01 | -37/+75 | |
| | | |||||
| * | Make issuing pg grants configurable (#327) | Amrou Bellalouna | 2024-06-01 | -0/+53 | |
| | | | | | | * add a task to issue pg grants for specific roles * document the postgres role | ||||
| * | whitelist ips of netcup and linode servers (#326) | Amrou Bellalouna | 2024-05-31 | -13/+18 | |
| | | |||||
| * | Add sudo.tls.pydis.wtf to allowed SANs for Prometheus | Joe Banks | 2024-05-30 | -0/+1 | |
| | | |||||
| * | Enable mTLS SAN validation | Joe Banks | 2024-05-30 | -0/+3 | |
| | | |||||
| * | Restart Prometheus instead of reload after web config update | Joe Banks | 2024-05-30 | -1/+1 | |
| | | |||||
 |
index : infra | |
| The PyDis DevOps boiler house, the engine room, where the magic happens. |
| aboutsummaryrefslogtreecommitdiffstats |