AFPy/infra
AFPy
/
infra
9
0
Fork 2
Code Issues 5 Pull Requests Projects Releases Wiki Activity
354 Commits 1 Branch 0 Tags 655 KiB
Commit Graph

120 Commits

Author SHA1 Message Date
Julien Palard 92c370a067
Spam spam spam. 2024-04-19 16:43:53 +02:00
Julien Palard c94f4b223e
the 1s default was not always long enough. 2024-04-18 13:26:01 +02:00
Marc Debureaux b9f446ad5b
Moved pretalx vagrant file and remove meta 2024-04-04 08:33:20 +02:00
Marc Debureaux c8e33b20af
Faulty redis configuration for pretalx 2024-04-03 22:03:09 +02:00
Marc Debureaux db38131076
Pretalx role files 2024-04-03 21:26:47 +02:00
Marc Debureaux 08db1c1366
Pretalx role 2024-04-03 21:23:45 +02:00
Marc Debureaux ead6df299f
Pretalx domain 2024-04-03 21:18:38 +02:00
Marc Debureaux 6bcb185dc4
Pretalx role 2024-04-03 21:11:29 +02:00
Julien Palard a6c3a22a8e
ntp conflicts with systemd on bookworm. 2024-03-23 08:48:08 +01:00
Julien Palard 19b5776760
Damned, cloud-init is messing with /etc/hosts... 2024-02-26 10:42:30 +01:00
Julien Palard 0daf51953a
CSPs 2024-02-02 09:04:55 +01:00
Julien Palard 24a55603cb
Try harder to disable IPv6 for exim. 2024-02-02 09:04:50 +01:00
Julien Palard 9da25244bf
gitea: It's 2024, time to bump your keys. 
https://infosec.mozilla.org/guidelines/key_management.html
 2024-01-07 22:24:13 +01:00
Julien Palard cc9acf1022
Move gitea backup cron away from the crowd. 2024-01-06 10:08:24 +01:00
Julien Palard 3973403841
Gitea: fix path, see https://github.com/go-gitea/gitea/pull/25907 2023-11-17 14:40:55 +01:00
Julien Palard 7d150c5ac4
gitea: Deprecated config 2023-07-24 13:59:54 +02:00
Julien Palard 99505005c9
Bump gitea. 2023-07-17 14:41:55 +02:00
Julien Palard aa55da5c62
gitea: Blacklist spammer. 2023-07-13 09:19:56 +02:00
Julien Palard 3b88cf7ddf
gitea: Backup way before rsnapshot take the file, not at the same time! 2023-06-01 17:22:36 +02:00
Julien Palard 99a644e2d2
Et paf. 2023-05-07 15:30:50 +02:00
Julien Palard 7bb3f0f457
Discourse: install data explorer. 2023-04-15 08:51:27 +02:00
Julien Palard ad2a397f30
Bump gitea 2023-04-13 21:28:08 +02:00
Julien Palard 60b09a457f
Merci gentils nuages. 2023-04-10 22:25:20 +02:00
Julien Palard 1bba7b29ed
Backuping new Discourse instance. 2023-04-04 09:32:02 +02:00
Julien Palard 09533d6429
Bump PonyConf venv too. 2023-03-30 15:23:45 +02:00
Julien Palard 64a2738d0a
When Python changes, venv break. It should help. 2023-03-30 14:52:05 +02:00
Julien Palard 75b5e7e2e9
https://github.com/munin-monitoring/munin/issues/1521 2023-03-28 15:01:12 +02:00
Julien Palard c0793b34a4
apt_all is broken on (old?) Ubuntu. 2023-03-28 14:11:57 +02:00
Julien Palard 7c2c8b7775
backup: Lower rsnapshot verbosity: the machine can't send emails anyway, 2023-03-28 13:51:57 +02:00
Julien Palard 9b8c5536f4
gitea: Ajout d'un lien vers 'licences libres'. 2023-03-27 11:43:32 +02:00
Julien Palard 7589df21b3
salt-fr: Content-Security-Policy. 2023-03-23 11:15:33 +01:00
Julien Palard 8ab6c25d89
discourse: FIX: Also allow 21m in dockerized nginx. 
So there's 3 place to configure max upload body size:
- Discourse settings (Via admin web interface)
- Host nginx (via Ansible)
- Guest nginx (Via app.yml)
 2023-02-14 16:11:35 +01:00
Julien Palard a0fdfa969d
On Debian, munin-cgi-graph is expected to run as www-data. 
Proof: the graph cleaning cron is ran as www-data.
 2023-02-14 09:26:20 +01:00
Julien Palard 2cb12d55d1
nginx: Unifying logs, we're at 600+ files in /var/log/nginx, it's unusable. 2023-02-13 23:33:35 +01:00
Julien Palard a45cbbefcd
Hello HTTP/2 2023-02-13 22:40:47 +01:00
Julien Palard 9281b475f7
Hello unattended upgrades. 2023-02-13 22:36:15 +01:00
Julien Palard 67e06bfaff
Munin: Restart munin-node after adding a plugin. 2023-02-13 21:41:20 +01:00
Julien Palard d2d67b066b
Munin: I would love for this to work. 
But: https://github.com/munin-monitoring/munin/issues/1514
 2023-02-13 14:28:05 +01:00
Julien Palard 57494ec363
Munin: Update IPs (the one for hkis04 was wrong) 2023-02-13 14:27:23 +01:00
Julien Palard 9eb3582e39
Munin: Don't redraw graphs every 5mn, we don't look at them that often. 2023-02-13 10:49:21 +01:00
Julien Palard 308b6c2844
munin-node apt_all update yields errors. 
Like:

E: The value 'bookworm-backports' is invalid for APT::Default-Release as such a release is not available in the sources
E: The value 'bookworm-security' is invalid for APT::Default-Release as such a release is not available in the sources
E: The value 'bookworm-updates' is invalid for APT::Default-Release as
such a release is not available in the sources

But anyway « The plugin does not support this anymore. » : bc6450d8eb
 2023-02-13 00:04:16 +01:00
Julien Palard b72753ded9
Ohh, it's handled by the munin package itself ♥. 2023-02-12 23:05:07 +01:00
Julien Palard 5f76ae341b
exim: Disable IPv6 to avoid unavoidable blocklists. 
See 889b5aa425.
 2023-02-12 09:46:09 +01:00
Julien Palard ac13dd5a8b
A very specific PATH here can break other crons (like munin). 2023-02-01 21:57:33 +01:00
Julien Palard 2e41276910
Add self as a email alias for root. 2023-02-01 16:16:02 +01:00
Julien Palard 4bf259b213
Hello munin.afpy.org. 2023-02-01 16:15:12 +01:00
Julien Palard 5edae03972
Moving Discourse to its own VPS. 
The disk starts to approch 90% on deb2.

Also Discourse is huge, I do no longer feel like sharing the same
machine that so many other things (it was OK when our Discourse was
just a small test).
 2023-02-01 00:06:28 +01:00
Julien Palard b753acc41f
It's 2023 after all. 21MB ought to be enough for anybody. 2023-01-30 22:02:11 +01:00
Julien Palard 889b5aa425
Send emails using IPv4 due to Gandi not prividing whole /64. 
SpamHaus expect the IPv6 /64 to be owned by the same entity.

This is not the case for Gandi VPS that are provided with a single
IPv6.

Gandi is working on it, they want to provide /64 to organisations, but
it's not ready yet.

In the meantime we're blocked by spamhaus since a few days on both the
/64 used by git.afpy.org and the /64 used by discuss.afpy.org.

So as a trash fix I propose sending emails using IPv4.
 2023-01-17 10:04:26 +01:00
Julien Palard 3d7bc235b1
s/include/include_task/ 2023-01-13 17:41:00 +01:00