RWejlgaard/pez-infra
1
0
Fork 0
mirror of https://github.com/RWejlgaard/pez-infra.git synced 2026-05-06 04:14:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
15 commits 1 branch 0 tags 604 KiB
Commit graph

15 commits

This branch
This branch
All branches
Author SHA1 Message Date
Rasmus Wejlgaard
d976829ee6 tighten DMARC policy from p=none to p=quarantine 
PESO-78

- enforce DMARC with p=quarantine (failed messages get quarantined)
- add adkim=r and aspf=r for relaxed DKIM/SPF alignment
 2026-03-28 20:45:56 +00:00
Rasmus Wejlgaard
eb18c1603c update SPF record: replace protonmail with poste.io mail server 
PESO-77

- replace include:_spf.protonmail.ch with ip4:167.235.134.154 and ip6:2a01:4f8:1c1e:9c53::1 (nuremberg-a / mail.pez.sh)
- tighten from ~all (softfail) to -all (hardfail)
 2026-03-28 20:45:44 +00:00
Rasmus "Pez" Wejlgaard
03ce524730
Standardise Prometheus targets to Tailscale IPs (#4) 
Replace local network IPs (192.168.1.x) with Tailscale IPs for
london-a and london-b in all scrape configs. This ensures consistent
connectivity via Tailscale mesh regardless of network topology changes.

Refs: PESO-80
 2026-03-28 20:08:09 +00:00
Rasmus "Pez" Wejlgaard
61502861e3
Merge pull request #3 from RWejlgaard/feat/authelia-config 2026-03-28 18:52:40 +00:00
Rasmus Wejlgaard
92fb6f9d11 ignore all SOPS-encrypted files in yamllint 2026-03-28 18:50:08 +00:00
Rasmus Wejlgaard
8bb91032f3 Add Authelia config and SOPS-encrypted secrets 
- Add configuration.yml from running helsinki-a deployment
- Replace example secrets with real SOPS-encrypted config.enc.yml
- Add LDAP and SMTP password file env vars to docker-compose
  (all secrets now via file mounts, zero inline passwords)
- Update README with secret mapping and deployment steps

Closes PESO-89
 2026-03-28 17:42:07 +00:00
Rasmus "Pez" Wejlgaard
8163b226b3
Merge pull request #2 from RWejlgaard/fix-lint-nitpicks 
Fix ansible-lint yaml nitpicks
 2026-03-28 13:19:37 +00:00
Rasmus Wejlgaard
46063246a2 fix last 3 yaml lint failures 
- add missing --- to notification-policy.yml
- prometheus.yml: replace commented-out template defaults with empty lists
 2026-03-28 13:17:42 +00:00
Rasmus Wejlgaard
dc198eea81 fix more yaml document-start and comment indentation 
- add missing --- to 13 more yml files
- fix comment indentation in prometheus.yml
 2026-03-28 13:15:46 +00:00
Rasmus Wejlgaard
dc10ceacf5 fix remaining yaml lint nitpicks 
- add missing document start (---) to contact-points.yml and docker-compose files
- fix extra spaces inside braces in dotfiles and common role tasks
 2026-03-28 13:13:37 +00:00
Rasmus Wejlgaard
6f5cb82ab9 remove pr-test.yml 2026-03-28 13:11:34 +00:00
Rasmus Wejlgaard
269f1b2274 fix ansible-lint yaml nitpicks 
- rules-warning.yml: remove trailing blank line
- pr-test.yml: quote 'on' key for yaml truthy, add newline at EOF
- add .yamllint config to ignore SOPS-encrypted secrets (line-length unfixable without re-encrypting)
 2026-03-28 13:10:16 +00:00
Rasmus "Pez" Wejlgaard
999396b0c6
Merge pull request #1 from RWejlgaard/add-mangos-config 
Add MaNGOS Zero config and fix world service
 2026-03-28 13:09:21 +00:00
Rasmus Wejlgaard
cfd745b2b7 add mangos zero config and fix world service 
- add mangosd.conf, realmd.conf, ahbot.conf, aiplayerbot.conf from copenhagen-a
- db password replaced with {{ mangos_db_password }} placeholder
- fix mangos-world.service: was identical copy of realmd service, now points to mangosd
- add README for mangos-zero service
 2026-03-28 13:03:09 +00:00
Rasmus Wejlgaard
737d6e0bc1 initial commit 2026-03-28 12:39:41 +00:00