Commit Graph

225 Commits

Author SHA1 Message Date
a459473252
Fix gitea directory modes 2019-11-29 13:17:37 -06:00
eac790014f
Configure gitea for production mode 2019-11-29 13:17:13 -06:00
3d8e67e686
Simplify firewall IP and network lists 2019-11-28 22:47:59 -06:00
2c7182fe37
Manage postfix aliases 2019-11-28 21:47:08 -06:00
084e118a93
Set system name for apticron 2019-11-28 21:46:04 -06:00
9f12ae25fd
Remove mandatory user groups
This triggers a change on every run even though there wasn't one.
2019-11-28 12:55:51 -06:00
3ca199ed20
Fix gitea log directory permissions 2019-11-27 16:43:45 -06:00
30c8de817e
Add more variables 2019-11-27 16:43:31 -06:00
bd04d892f8
Added cerbot renewal jobs 2019-11-27 16:10:19 -06:00
f292c531db
Fix rsyslog file and directory permissions 2019-11-27 16:09:22 -06:00
134fd61d6b
Add mandatory interactive user group 2019-11-25 18:58:52 -06:00
ce85694a58
Remove comment 2019-11-25 18:28:49 -06:00
4540766d80
Clean up ulogd.conf template 2019-11-25 18:24:14 -06:00
13d12faa86
Add iptable SSH whitelist 2019-11-24 19:10:21 -06:00
4ddd1ed439
Change default iptables policy
We have a final reject rule and this will prevent disconnections during a reload
2019-11-24 19:01:07 -06:00
b8c39416de
Install iptables 2019-11-24 18:55:55 -06:00
43a882e7d9
Add gitea role 2019-11-24 18:50:21 -06:00
932f04db5b
Add certbot role 2019-11-24 18:50:05 -06:00
e3cdb84192
Created stripped down default nginx virtual host configuration 2019-11-24 16:31:06 -06:00
8a31ccb6ac
Add initial sudo role 2019-11-22 21:09:18 -06:00
885a37ee0a
Create directory for rsyslog archival storage 2019-11-22 21:08:34 -06:00
9232d1e761
Suppress logging of rclone passwords 2019-11-21 21:46:34 -06:00
c8ac7c5f0a
Remove rsyslog logrotate job, remove default log files 2019-11-21 21:41:29 -06:00
b8d6c5a3f7
Remove unused variable 2019-11-15 20:47:24 -06:00
fdd0858c73
Change time of minecraft backup clean up cron job 2019-11-15 20:43:43 -06:00
ef924eaf5d
Added role to manage the hosts file 2019-11-15 20:43:08 -06:00
31400a85ac
Added telegraf ping monitors
Checks basic network connectivity to default gateways and dns.google
2019-11-15 20:40:01 -06:00
602907dd7c
Add rsyslog compress cron job 2019-11-10 15:37:48 -06:00
9856e2bdbb
Add minecraft backup path variable 2019-11-10 15:37:18 -06:00
fd344fd385
Add rclone role 2019-11-10 15:36:23 -06:00
0779fbabef
Whitespace fix 2019-11-03 11:32:38 -06:00
140932154d
Add minecraft backup clean up cron job 2019-11-03 11:31:37 -06:00
33e83dd740
Add rsyslog role 2019-11-03 11:31:08 -06:00
c5d36282db
Remove default network configuration YAML 2019-10-27 18:39:54 -05:00
6622e3299d
Set system hostname 2019-10-27 18:38:54 -05:00
d07e73ac4c
Use KVM/Spice agent when applicable 2019-10-27 18:38:13 -05:00
341a1a94b8
Fix formatting 2019-10-27 18:37:35 -05:00
d9b189158c
Add minecraft backup 2019-10-27 18:36:54 -05:00
babccb4991
Add postfix role 2019-10-27 18:35:12 -05:00
cfdbeb0f2d
Add users role 2019-10-27 18:34:27 -05:00
497c70a3bf
Add telegraf role 2019-10-27 18:33:06 -05:00
7e6e1e157c
Add nginx role 2019-10-27 18:32:25 -05:00
761a515e0f
Run apt update 2019-10-27 18:31:43 -05:00
9c620cb28f
Better way to handle the serial console 2019-10-05 17:58:44 -05:00
317bed2eb6
Refactor network role 2019-10-05 16:43:05 -05:00
8a4679c6f2
Start ttys0 for serial console 2019-10-05 16:42:23 -05:00
ea9daeb109
Add users role 2019-10-05 16:42:04 -05:00
78f4ce9ee5
Add Minecraft server role 2019-10-05 16:41:47 -05:00
2d0c10aa35
Add vm_guest additions role 2019-10-05 16:41:25 -05:00
bdb914b03b
Fix chrony restart error 2019-10-05 16:40:45 -05:00
db3ccb5769
s/cooldown/cooloff/g 2019-09-02 17:54:36 +00:00
3e8161f350
Add default rules for OUTPUT and FORWARD chains 2019-09-02 17:54:06 +00:00
dbaebf70b8
Fix ulogd service names 2019-09-02 17:53:12 +00:00
e711ee3a22
Add nflog group for packet captures 2019-09-02 17:51:48 +00:00
a511491bdf
Add ulogd2 2019-09-02 17:50:56 +00:00
a44a6540ba
Use ipsets for cool off period 2019-08-30 02:34:58 +00:00
41c2343f75
Exclude loopback from conntrack 2019-08-30 00:33:49 +00:00
dfeed33f2b
Standardize iptables comments 2019-08-27 06:08:19 +00:00
39b526a6a4
Add SSH brute force and ICMP flood limitting, other improvements 2019-08-27 05:35:14 +00:00
fea57842e7
Whitespace fixes 2019-08-25 02:07:53 +00:00
de19dd6104
Network role fixes 2019-08-25 02:07:11 +00:00
b44f626df6
Add role for host based firewall 2019-08-25 02:06:19 +00:00
787bb61add
Add default network configuration 2019-03-31 13:22:09 +00:00
87697ec353
Add search domains 2019-03-27 07:33:30 +00:00
8c241920ea
Use resolv.conf instead of systemd-resolved 2019-03-27 07:32:39 +00:00
278503d2d3
Remove network tasks from common role 2019-03-27 07:09:45 +00:00
1fa09665ff
Fix modelines 2019-03-27 07:08:13 +00:00
02cb58f947
Add network role 2019-03-27 07:05:37 +00:00
8d6886dbe0
Whitespace 2019-03-16 20:35:52 +00:00
bd6c3d307a
Add the rest of the common role 2019-03-16 20:35:27 +00:00
ddad3dc65d
Add role for chrony 2019-03-16 20:34:53 +00:00
605345d032
Add role for unattended-upgrades 2019-03-16 12:05:55 -05:00
3900e5c4d0
Add openssh role 2019-03-13 01:48:49 -05:00
4aa5cd77a7
Fix lint errors 2019-03-13 01:48:27 -05:00
aa28efc5fc Initial commit 2019-03-09 00:31:38 +00:00