| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2024-05-27 | Remove semicolons from wgvpn config | Dmitry Ilvokhin | |
| 2024-05-27 | Add wgvpn role for WireGuard VPN | Dmitry Ilvokhin | |
| 2024-05-26 | Remove wgnet networkd files | Dmitry Ilvokhin | |
| 2024-05-26 | Move sysctl net forwarding to separate role | Dmitry Ilvokhin | |
| 2024-05-19 | Migrate away from networkd for wireguard | Dmitry Ilvokhin | |
| Migrate due to a bug [1], which wasn't fixed for some time. [1]: https://github.com/systemd/systemd/issues/25547 | |||
| 2024-05-19 | Wireguard overlay network setup | Dmitry Ilvokhin | |
| Need to migrate away from networkd, because it can't add new wireguard peers now out of the box without hacks. [1]: https://github.com/systemd/systemd/issues/25547 | |||
| 2024-05-06 | Add wireguard role | Dmitry Ilvokhin | |
| 2024-05-04 | Push public key from another laptop to servers | Dmitry Ilvokhin | |
| 2024-05-03 | Open git.ilvokhin.com to the world | Dmitry Ilvokhin | |
| 2024-05-03 | Init repositories as private by default | Dmitry Ilvokhin | |
| 2024-05-03 | Add clone URLs for repositories | Dmitry Ilvokhin | |
| 2024-05-03 | Do not export everything with git-daemon | Dmitry Ilvokhin | |
| We should export only repositories with git-daemon-export-ok file inside. | |||
| 2024-05-03 | Rename .htpasswd to htpasswd | Dmitry Ilvokhin | |
| 2024-05-03 | Add dots to comments | Dmitry Ilvokhin | |
| 2024-05-03 | List repositories explicitly instead of scan-path | Dmitry Ilvokhin | |
| This allowes to have private repositories on the same server. | |||
| 2024-04-26 | Remove favicon from cgit | Dmitry Ilvokhin | |
| We set root to /usr/share/webapps/cgit for cgit location. This directory contains favicon which served automatically. One way to stop it is to remove favicon, but every package update will bring it back in. So I just hardcoded into nginx config return code of 404 for favicon request to do not serve it. | |||
| 2024-04-26 | Fix indent in nginx config for cgit | Dmitry Ilvokhin | |
| 2024-04-20 | Use systemd service instead of service for certbot | Dmitry Ilvokhin | |
| To properly reload systemd in case of changes in unit file. | |||
| 2024-04-20 | Add paccache role to all hosts | Dmitry Ilvokhin | |
| 2024-04-19 | Fix postfix virtual_transport: use dovecot-lmtp | Dmitry Ilvokhin | |
| 2024-04-19 | Migrate postfix from hash to lmdb db | Dmitry Ilvokhin | |
| 2024-04-19 | Setup lmtp protocol for dovecot | Dmitry Ilvokhin | |
| 2024-04-14 | Make certificate updates work for nginx | Dmitry Ilvokhin | |
| Currently, we obtain certificates from Let's Encrypt with standalone mode, so when we do renew, certbot tries to run it is own webserver on port 80, but this port is already in use by nginx. Stop nginx, before renewal. This is quite hacky, but should work. Proper solution is to split certificate role by standalone and non-standalone versions. | |||
| 2024-04-07 | Add master.cf file to postfix role | Dmitry Ilvokhin | |
| Enable submission to send mail. | |||
| 2024-04-07 | Reverse dependency chain dovecot -> postfix | Dmitry Ilvokhin | |
| Postfix can start without dovecot, but dovecot can't without postfix, because it uses postfix user to create unix socket. | |||
| 2024-04-07 | Add lsof to minimal installation | Dmitry Ilvokhin | |
| 2024-04-07 | Set proper hostname and restrict trusted networks | Dmitry Ilvokhin | |
| 2024-04-07 | Add forgotten handler for alias update | Dmitry Ilvokhin | |
| 2024-04-07 | Setup correct alias for root mail | Dmitry Ilvokhin | |
| 2024-04-06 | Add postfix role | Dmitry Ilvokhin | |
| 2024-04-06 | Add dovecot role | Dmitry Ilvokhin | |
| 2024-04-06 | Add certmail role | Dmitry Ilvokhin | |
| Certificate are required for both dovecot and postfix roles. This role is to simplify reuse of the same logic. | |||
| 2024-04-06 | Listen inet socket instread of unix for opendkim | Dmitry Ilvokhin | |
| This is done to avoid putting postfix and opendkim at the same group. | |||
| 2024-03-31 | Manually create directories for certbot hooks | Dmitry Ilvokhin | |
| 2024-03-31 | Swap order of nginx enablement and cert hook | Dmitry Ilvokhin | |
| 2024-03-31 | Migrate to certbot hook scripts | Dmitry Ilvokhin | |
| Make hooks usage a bit more generic, to apply hooks for services different from nginx. | |||
| 2024-03-30 | Remove favicon deletion from cgit role | Dmitry Ilvokhin | |
| Favicon is back after each cgit package update. I don't think it worth it to fight with it. Nginx serves content out of /usr/share/webapps/cgit, which has some useful files inside as well and it doesn't really make sense to move working directory to different one either. For long term maintainability reasons lets use a default favicon. | |||
| 2024-03-24 | Add opendkim role | Dmitry Ilvokhin | |
| 2024-03-24 | Configure nginx first and then enable/start | Dmitry Ilvokhin | |
| 2024-03-23 | Remove git from minimal role | Dmitry Ilvokhin | |
| 2024-03-11 | Add tags to dotfiles role | Dmitry Ilvokhin | |
| 2024-03-11 | Add dotfiles tag to all dotfiles tasks | Dmitry Ilvokhin | |
| 2024-03-09 | Add gdb role | Dmitry Ilvokhin | |
| 2024-03-09 | Add role for mutt mail client | Dmitry Ilvokhin | |
| 2024-03-09 | Add git role | Dmitry Ilvokhin | |
| This role is not used anywhere yet, so it wasn't properly tested. | |||
| 2024-03-08 | Add ssh role | Dmitry Ilvokhin | |
| 2024-03-03 | Add role for bash | Dmitry Ilvokhin | |
| 2024-03-03 | Add screen role | Dmitry Ilvokhin | |
| 2024-03-03 | Add vim role | Dmitry Ilvokhin | |
| 2024-03-03 | Rename git role to gitserver | Dmitry Ilvokhin | |