iamthefij
/
homelab-nomad
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
567 Commits 14 Branches 0 Tags 1.9 MiB
Commit Graph

129 Commits

Author SHA1 Message Date
IamTheFij c711c25737 Always use CF for dns when renewing lego certs 
Makes it more resilient if my servers are down, but also cuts out a hop
because CF is the nameserver as well.
 2024-04-27 19:33:10 -07:00
IamTheFij 5edcb86e7e Remove traefik grafana dashboard 
Now in data backups rather than git.
 2024-03-26 14:56:14 -07:00
IamTheFij 3dcd4c44b3 Tune memory after reviewing grafana 2024-03-26 09:48:31 -07:00
IamTheFij d5c2a0d185 Use default diun for syslogng 2024-03-22 21:05:53 -07:00
IamTheFij 6a3ae49d8e Update terraform modules 2024-03-11 22:02:07 -07:00
IamTheFij 8b90aa0d74 Add 1.1.1.1 dns back to blocky for better resiliance 2024-02-20 10:10:41 -08:00
IamTheFij 5fb510202d Fix indent for Authelia rules 2024-02-20 10:05:25 -08:00
IamTheFij f2f415aeac Fix traefik metrics 2024-02-18 07:47:31 -08:00
IamTheFij 198f96f3f7 Add back other traefik ports and metrics 2024-02-13 12:03:03 -08:00
IamTheFij 6b5adbdf39 Remove 404 block list 2024-02-13 12:02:35 -08:00
IamTheFij 77ef4b4167 Use quad9 encrypted dns 2024-02-13 12:02:14 -08:00
IamTheFij b35b8cecd5 Blocky: Remove mysql and redis configs from stunnel if server isn't found 2024-02-13 12:01:45 -08:00
IamTheFij b9dfeff6d8 Have blocky use router for upstream in nomad 2024-02-13 12:01:08 -08:00
IamTheFij 35dfeb3093 Add service healthchecks 2024-01-23 12:08:47 -08:00
IamTheFij 6fe1b200f2 Update loki 2024-01-23 12:06:25 -08:00
IamTheFij 4fe3d46d5f Add external service acls for authelia 2024-01-16 14:15:56 -08:00
IamTheFij cf8bde7920 Add external traefik routes to nomad vars 2024-01-16 14:15:18 -08:00
IamTheFij bc87688f1a Move ldap secrets 2024-01-16 14:14:39 -08:00
IamTheFij 7b019e0787 Add auth to sonarr 2024-01-08 14:57:06 -08:00
IamTheFij c01d45c7a2 Upgrade grafana to version 10 2024-01-08 10:11:42 -08:00
IamTheFij 9be16fef1f Upgrade traefik to 2.10 2024-01-04 13:25:10 -08:00
IamTheFij c26da678b3 Small traefik cleanup 
Remove fallback DNS since we only care about internal DNS

Use loopback address for accessing Nomad UI
 2024-01-04 13:24:49 -08:00
IamTheFij 6b9533ef71 Run traefik on multiple hosts 2024-01-04 13:24:15 -08:00
IamTheFij 0bd995ec2b Traefik: Use nomad vars for dynamic certs 
Rather than having Traefik handle cert fetching, instead
it is delegated to a separate job so that multiple Traefik
instances can share certs
 2024-01-04 10:55:49 -08:00
IamTheFij 0d340f3349 Periodic job to renew lego certs and store them in Nomad Variables 
This will allow multiple instance of Traefik to serve certs.
 2024-01-04 10:53:25 -08:00
IamTheFij cda2842f8f Switch to image containing stunnel 
Rather than installing on container startup, using an image with
stunnel pre-installed. This avoids issues with DNS breaking
the container on startup.
 2024-01-03 13:50:49 -08:00
IamTheFij ca55209316 Fix blocky redis 2023-12-10 20:37:43 -08:00
IamTheFij 1b49f015c5 Update blocky config to v0.22 schema 2023-11-30 14:00:27 -08:00
IamTheFij eb25138675 Remove defunct lists 2023-11-30 13:39:22 -08:00
IamTheFij 69a0f760b4 Remove defunct lists 2023-11-30 13:39:01 -08:00
IamTheFij 3fcedaddb7 Remove todo from traefik 2023-11-30 13:26:15 -08:00
IamTheFij bb34b434b8 Add custom blocklists hosted on my gitea server 2023-11-30 13:23:54 -08:00
IamTheFij 36cdb8f41b Add Gitea 
Currently it won't auto bootstrap auth. A command has to be executed one
time to get it to be added to the database.
 2023-11-30 13:22:54 -08:00
IamTheFij e21ec11eb5 Fix grafana 
Broken template
 2023-11-20 10:35:49 -08:00
IamTheFij 891cfa7b2d Update blocky dashboard to not use consul tags 2023-11-16 12:21:59 -08:00
IamTheFij c11b8e157b Fix grafana dashboard provisioning 
A path mismatch existed after migrating to alloc storage
 2023-11-16 12:21:40 -08:00
IamTheFij a2d33ac309 Add proxmox influxdb to Grafana 2023-10-23 13:10:01 -07:00
IamTheFij 0c3f98d5c3 Pin Grafana to amd64 since renderer requires it. 
This could be mitigated by moving the renderer to another task group.
 2023-10-19 12:06:47 -07:00
IamTheFij ad439d48f3 Add waiting for loki and prom dependencies in core 2023-09-27 21:30:22 -07:00
IamTheFij b29f405090 Bump prometheus versiosn and pin blocky 2023-09-18 21:58:43 -07:00
IamTheFij 8dd00c1249 authelia and grafana to shared smtp secrets 2023-08-29 15:11:40 -07:00
IamTheFij 2bd939e651 Remove deprecated hcl2 enabled 2023-08-29 13:02:04 -07:00
IamTheFij ea8ca478c6 Fix blocky acl 2023-08-29 12:59:14 -07:00
IamTheFij f5898b0283 Add workload ACL management for mysql and postgres access 
Allows required jobs to access shared secrets and auto generates psks
for stunnel.

Currently supporting MySQL, Postgres, and LDAP.
 2023-08-29 12:48:48 -07:00
IamTheFij 013dd8248b Make base_hostname more configurable 2023-08-24 15:03:36 -07:00
IamTheFij f6dd3f4284 Clean up root module and move lldap to databases 2023-08-24 13:52:03 -07:00
IamTheFij 4a7bff7611 Move metrics out of a module and into core 2023-08-24 13:00:36 -07:00
IamTheFij d5078b24da Refactor use of wesher to be behind a variable toggle 
Occasionally I run into issues with Wesher. This makes it easier to
disable use of Wesher by setting TF_VAR_use_wesher to false.
 2023-08-24 12:51:32 -07:00
IamTheFij e2c35a82a9 Fix grafana config loading 
For some reason, the env variable method stoped working.
 2023-08-24 11:59:10 -07:00
IamTheFij 1715b58ca9 Pin image versions for more critical services 2023-08-24 11:39:00 -07:00