dogeystamp/homeserver-iac
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
864c1bdfd3
homeserver-iac/roles
History
dogeystamp 864c1bdfd3
haproxy, firewall, containers: force connections through bastion vpn 
docker is now listening on localhost, with a haproxy on the services
server to forward the ports outwards. this is because docker tends to
disregard UFW's rules, but haproxy should be better in that regard.

meanwhile, the firewall rules have been configured properly to only
allow the bastion IP in over the wireguard connection, for proper
authentication.
2024-06-19 23:02:08 -04:00
..
backup initial commit: upload essentials from original playbook 2023-08-21 17:19:29 -04:00
caddy caddy: deny access to private services outside LAN/VPN 2024-06-16 19:32:35 -04:00
containers haproxy, firewall, containers: force connections through bastion vpn 2024-06-19 23:02:08 -04:00
dotfiles dotfiles: only deploy dotfiles once 2024-03-20 18:25:56 -04:00
filesystems roles/filesystems: moved dataroot creation here 2023-09-10 20:19:51 -04:00
firewall haproxy, firewall, containers: force connections through bastion vpn 2024-06-19 23:02:08 -04:00
haproxy haproxy, firewall, containers: force connections through bastion vpn 2024-06-19 23:02:08 -04:00
mail/tasks initial commit: upload essentials from original playbook 2023-08-21 17:19:29 -04:00
networking wireguard: use vpn for bastion-fleet comms 2024-06-16 21:32:52 -04:00
synapse synapse: increase max upload size 2024-06-19 21:55:26 -04:00
syncthing roles/syncthing, roles/containers: added syncthing 2023-09-04 15:28:03 -04:00
system roles/system/tasks/essential: set timezone 2023-11-11 14:45:32 -05:00
website roles/website: actually deploy website to web root 2023-09-26 18:44:27 -04:00
wireguard wireguard: prevent ufw from screwing up config 2024-06-19 14:04:51 -04:00