| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2024-06-30 | Update python dependencities to make dependabot happy | Dmitry Ilvokhin | |
| 2024-06-30 | Use `delegate_to` instead of `local_action` | Dmitry Ilvokhin | |
| 2024-06-30 | Use `ansible.builtin.shell` instead of `cmd` | Dmitry Ilvokhin | |
| 2024-06-30 | Add yamllint linter and supporting script | Dmitry Ilvokhin | |
| 2024-06-30 | Fix one more missing `yes` usage | Dmitry Ilvokhin | |
| 2024-06-30 | Cleanup quotes usage in YAML files | Dmitry Ilvokhin | |
| Seems quotes in YAML is a mess. Official guidelines (see explanation here [1]) are following. 1. If you can get away without quotes, do not use them. 2. Use single quotes if you need quotes. 3. Use double quotes if you can't use single quotes for some reason. Common reason for double quotes in this repository is line breaks for long lines and control characters (\n, \t) in replacement patterns. Hope, I didn't break anything. Tested with following commands, because there are no changes in others. $ ansible-playbook dotfiles.yml $ ansible-playbook master.yml [1]: https://stackoverflow.com/a/69850618/1313516 | |||
| 2024-06-30 | Remove upgrade item from TODO.txt | Dmitry Ilvokhin | |
| 2024-06-30 | Migrate from `yes` to `true` | Dmitry Ilvokhin | |
| 2024-06-29 | Add wg-quick@wgtor0 as dependency to tor | Dmitry Ilvokhin | |
| Otherwise tor could not bind ports on wgtor0 ip addresses as it wasn't up yet. | |||
| 2024-06-29 | Add all DigitalOcean hosts to sysupgrade playbook | Dmitry Ilvokhin | |
| 2024-06-23 | Remove trailing spaces | Dmitry Ilvokhin | |
| 2024-06-23 | Add TODO item about linters | Dmitry Ilvokhin | |
| 2024-06-23 | Rename vaults -> secrets | Dmitry Ilvokhin | |
| 2024-06-23 | Introduce sysupgrade playbook | Dmitry Ilvokhin | |
| Playbook sysupgrade.yml is a attempt to do automatic full system upgrade. Currently logic is completely automated for happy path. 1. Shutdown machine. 2. Take snapshot from the machine. 3. Power on machine back. 4. Update archlinux-keyring. 5. Upgrade everything. 6. Reboot. If something is working, then we are done. Otherwise, restore from snapshot manually and try to figure out what went wrong. | |||
| 2024-06-23 | Make `bin/rotate-vault-password` a bit more robust | Dmitry Ilvokhin | |
| 2024-06-22 | Rename Github API token in keychain | Dmitry Ilvokhin | |
| 2024-06-16 | Do not set gate as `ProxyJump` on gate host itself | Dmitry Ilvokhin | |
| 2024-06-15 | Add irssi setup to TODO.txt | Dmitry Ilvokhin | |
| 2024-06-15 | Set familiar colour scheme for mutt | Dmitry Ilvokhin | |
| 2024-06-15 | Add shell playbook to setup shellbox | Dmitry Ilvokhin | |
| 2024-06-15 | Correct ip addresses for water and flame | Dmitry Ilvokhin | |
| 2024-06-15 | Tor -> tor for consistency | Dmitry Ilvokhin | |
| 2024-06-15 | WireGuard -> wireguard for consistency | Dmitry Ilvokhin | |
| 2024-06-15 | Remove item about wireguard iface names from TODO | Dmitry Ilvokhin | |
| 2024-06-15 | Rename wg0 interface to wgnet0 | Dmitry Ilvokhin | |
| 2024-06-15 | Rename wg1 interface to wgvpn0 | Dmitry Ilvokhin | |
| 2024-06-15 | Rename wg2 interface to wgtor0 | Dmitry Ilvokhin | |
| 2024-06-14 | Remove sh suffix from rotate-vault-password example | Dmitry Ilvokhin | |
| 2024-06-14 | Fix ip addresses for Moscow machines | Dmitry Ilvokhin | |
| 2024-06-14 | Mark gate as jumphost | Dmitry Ilvokhin | |
| 2024-06-14 | Cleanup TODO.txt file | Dmitry Ilvokhin | |
| 2024-06-14 | Finally migrate gate.ilvokhin.com | Dmitry Ilvokhin | |
| 2024-06-14 | Add comment why we use reload for wgnet | Dmitry Ilvokhin | |
| 2024-06-14 | Fix wrong state restart -> restarted | Dmitry Ilvokhin | |
| 2024-06-14 | Manually create /etc/systemd/resolved.conf.d dir | Dmitry Ilvokhin | |
| 2024-06-09 | Migrate to restart instead of reload for wgvpn | Dmitry Ilvokhin | |
| For the same reason restart is used in wgtor: there are `iptables` commands in `PostUp` and `PostDown` which are not running on reload. | |||
| 2024-06-09 | Update README.txt with more info on how run stuff | Dmitry Ilvokhin | |
| 2024-06-09 | Update TODO.txt with Tor setup references | Dmitry Ilvokhin | |
| 2024-06-09 | Add wgtor and tor to vpn playbook | Dmitry Ilvokhin | |
| 2024-06-09 | Add tor role | Dmitry Ilvokhin | |
| 2024-06-09 | Add wgtor role for Tor middlebox | Dmitry Ilvokhin | |
| 2024-06-01 | Remove .sh extention from bin tools | Dmitry Ilvokhin | |
| 2024-06-01 | Migrate netfwd to systemd-sysctl | Dmitry Ilvokhin | |
| /etc/sysctl.conf doesn't work, see [1]. Intrestingly enough, I catched it only with system upgrade and reboot. Just reboot didn't catch it for some reason, or I didn't notice. [1]: https://wiki.archlinux.org/title/sysctl | |||
| 2024-05-27 | Remove semicolons from wgvpn config | Dmitry Ilvokhin | |
| 2024-05-27 | Add wgvpn role for WireGuard VPN | Dmitry Ilvokhin | |
| 2024-05-26 | Remove wgnet networkd files | Dmitry Ilvokhin | |
| 2024-05-26 | Move sysctl net forwarding to separate role | Dmitry Ilvokhin | |
| 2024-05-19 | Migrate away from networkd for wireguard | Dmitry Ilvokhin | |
| Migrate due to a bug [1], which wasn't fixed for some time. [1]: https://github.com/systemd/systemd/issues/25547 | |||
| 2024-05-19 | Wireguard overlay network setup | Dmitry Ilvokhin | |
| Need to migrate away from networkd, because it can't add new wireguard peers now out of the box without hacks. [1]: https://github.com/systemd/systemd/issues/25547 | |||
| 2024-05-06 | Add wireguard role | Dmitry Ilvokhin | |