| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2024-06-30 | Migrate from `yes` to `true` | Dmitry Ilvokhin | |
| 2024-06-29 | Add wg-quick@wgtor0 as dependency to tor | Dmitry Ilvokhin | |
| Otherwise tor could not bind ports on wgtor0 ip addresses as it wasn't up yet. | |||
| 2024-06-29 | Add all DigitalOcean hosts to sysupgrade playbook | Dmitry Ilvokhin | |
| 2024-06-23 | Remove trailing spaces | Dmitry Ilvokhin | |
| 2024-06-23 | Add TODO item about linters | Dmitry Ilvokhin | |
| 2024-06-23 | Rename vaults -> secrets | Dmitry Ilvokhin | |
| 2024-06-23 | Introduce sysupgrade playbook | Dmitry Ilvokhin | |
| Playbook sysupgrade.yml is a attempt to do automatic full system upgrade. Currently logic is completely automated for happy path. 1. Shutdown machine. 2. Take snapshot from the machine. 3. Power on machine back. 4. Update archlinux-keyring. 5. Upgrade everything. 6. Reboot. If something is working, then we are done. Otherwise, restore from snapshot manually and try to figure out what went wrong. | |||
| 2024-06-23 | Make `bin/rotate-vault-password` a bit more robust | Dmitry Ilvokhin | |
| 2024-06-22 | Rename Github API token in keychain | Dmitry Ilvokhin | |
| 2024-06-16 | Do not set gate as `ProxyJump` on gate host itself | Dmitry Ilvokhin | |
| 2024-06-15 | Add irssi setup to TODO.txt | Dmitry Ilvokhin | |
| 2024-06-15 | Set familiar colour scheme for mutt | Dmitry Ilvokhin | |
| 2024-06-15 | Add shell playbook to setup shellbox | Dmitry Ilvokhin | |
| 2024-06-15 | Correct ip addresses for water and flame | Dmitry Ilvokhin | |
| 2024-06-15 | Tor -> tor for consistency | Dmitry Ilvokhin | |
| 2024-06-15 | WireGuard -> wireguard for consistency | Dmitry Ilvokhin | |
| 2024-06-15 | Remove item about wireguard iface names from TODO | Dmitry Ilvokhin | |
| 2024-06-15 | Rename wg0 interface to wgnet0 | Dmitry Ilvokhin | |
| 2024-06-15 | Rename wg1 interface to wgvpn0 | Dmitry Ilvokhin | |
| 2024-06-15 | Rename wg2 interface to wgtor0 | Dmitry Ilvokhin | |
| 2024-06-14 | Remove sh suffix from rotate-vault-password example | Dmitry Ilvokhin | |
| 2024-06-14 | Fix ip addresses for Moscow machines | Dmitry Ilvokhin | |
| 2024-06-14 | Mark gate as jumphost | Dmitry Ilvokhin | |
| 2024-06-14 | Cleanup TODO.txt file | Dmitry Ilvokhin | |
| 2024-06-14 | Finally migrate gate.ilvokhin.com | Dmitry Ilvokhin | |
| 2024-06-14 | Add comment why we use reload for wgnet | Dmitry Ilvokhin | |
| 2024-06-14 | Fix wrong state restart -> restarted | Dmitry Ilvokhin | |
| 2024-06-14 | Manually create /etc/systemd/resolved.conf.d dir | Dmitry Ilvokhin | |
| 2024-06-09 | Migrate to restart instead of reload for wgvpn | Dmitry Ilvokhin | |
| For the same reason restart is used in wgtor: there are `iptables` commands in `PostUp` and `PostDown` which are not running on reload. | |||
| 2024-06-09 | Update README.txt with more info on how run stuff | Dmitry Ilvokhin | |
| 2024-06-09 | Update TODO.txt with Tor setup references | Dmitry Ilvokhin | |
| 2024-06-09 | Add wgtor and tor to vpn playbook | Dmitry Ilvokhin | |
| 2024-06-09 | Add tor role | Dmitry Ilvokhin | |
| 2024-06-09 | Add wgtor role for Tor middlebox | Dmitry Ilvokhin | |
| 2024-06-01 | Remove .sh extention from bin tools | Dmitry Ilvokhin | |
| 2024-06-01 | Migrate netfwd to systemd-sysctl | Dmitry Ilvokhin | |
| /etc/sysctl.conf doesn't work, see [1]. Intrestingly enough, I catched it only with system upgrade and reboot. Just reboot didn't catch it for some reason, or I didn't notice. [1]: https://wiki.archlinux.org/title/sysctl | |||
| 2024-05-27 | Remove semicolons from wgvpn config | Dmitry Ilvokhin | |
| 2024-05-27 | Add wgvpn role for WireGuard VPN | Dmitry Ilvokhin | |
| 2024-05-26 | Remove wgnet networkd files | Dmitry Ilvokhin | |
| 2024-05-26 | Move sysctl net forwarding to separate role | Dmitry Ilvokhin | |
| 2024-05-19 | Migrate away from networkd for wireguard | Dmitry Ilvokhin | |
| Migrate due to a bug [1], which wasn't fixed for some time. [1]: https://github.com/systemd/systemd/issues/25547 | |||
| 2024-05-19 | Wireguard overlay network setup | Dmitry Ilvokhin | |
| Need to migrate away from networkd, because it can't add new wireguard peers now out of the box without hacks. [1]: https://github.com/systemd/systemd/issues/25547 | |||
| 2024-05-06 | Add wireguard role | Dmitry Ilvokhin | |
| 2024-05-04 | Simplify ssh config a bit | Dmitry Ilvokhin | |
| Use `%h` to fold config to indentical hosts to one item. | |||
| 2024-05-04 | Push public key from another laptop to servers | Dmitry Ilvokhin | |
| 2024-05-03 | Open git.ilvokhin.com to the world | Dmitry Ilvokhin | |
| 2024-05-03 | Init repositories as private by default | Dmitry Ilvokhin | |
| 2024-05-03 | Add clone URLs for repositories | Dmitry Ilvokhin | |
| 2024-05-03 | Do not export everything with git-daemon | Dmitry Ilvokhin | |
| We should export only repositories with git-daemon-export-ok file inside. | |||
| 2024-05-03 | Rename .htpasswd to htpasswd | Dmitry Ilvokhin | |