dustin/configpolicy
1
1
Fork 0
Code Issues Releases Activity
Files
eb79f6ea8341cde6db70ca86da95cff7cd5fe2d8
configpolicy/roles
History
Dustin C. Hatch eb79f6ea83 r/frigate: Work around podman/netavark lock 
Podman 4 puts lock files in the configuration directory for [some stupid
reason][0].  There are so many issues here!

* It is now impossible to run `podman` as root with a read-only `/etc`.
* Why does it need the lock file at all when using `--network=host`?

Luckily, we can work around it fairly easily by mounting a tmpfs
filesystem over the directory it wants to put the lock file in.  This
pretty much defeats the purpose of having a lock file, but it's likely
not needed anyway.

[0]: 836fa4c493
2022-07-23 17:43:54 -05:00
..
ansible/tasks
roles/ansible: Install python-netaddr
2018-04-08 12:33:54 -05:00
apache
Add HTTPS certificate for hass2.p.b
2021-07-24 18:39:45 -05:00
aria2
aria2: Deploy aria2 download manager
2018-08-19 14:17:48 -05:00
base
r/base: Set SSH authorized keys for root
2021-10-16 15:39:19 -05:00
bitwarden_rs
r/bitwarden_rs: Migrate to podman
2021-11-06 19:33:33 -05:00
burp-client
home-assistant: Omit history DB from backups
2022-01-02 12:07:12 -06:00
burp-server
roles/burp-server: switch to version_compare test
2020-01-25 13:54:42 -06:00
cert/tasks
roles/cert: Add handler topic notification
2020-12-26 10:38:17 -06:00
certbot
roles/certbot: Ensure certbot is configured first
2019-09-19 19:50:35 -05:00
collectd
r/collectd: Allow the thermal plugin
2022-07-21 12:37:07 -05:00
collectd-nut
r/collectd-nut: Configure nut plugin for collectd
2021-10-31 14:26:26 -05:00
collectd-prometheus
r/collectd-prometheus: Allow scraping from outside
2021-10-30 16:41:17 -05:00
collectd-sensors/tasks
r/collectd-sensors: Install collectd sensors plugin
2022-07-21 13:14:25 -05:00
collectd-version
r/collectd-version: Add OS version plugin
2021-10-30 16:50:37 -05:00
cronie/tasks
roles/cronie: Install cronie
2018-08-08 21:38:56 -05:00
dch-gw
dch-gw: Restrict traffic from Management network
2018-07-15 12:16:43 -05:00
dch-openvpn-server
dch-openvpn: Support road-warrior clients
2018-10-07 21:42:18 -05:00
dch-proxy
websites: Add chmod777.sh
2020-03-09 20:29:52 -05:00
dch-storage-net
roles/dch-storage-net: Add After device dependency
2018-07-29 10:14:00 -05:00
dch-vpn-server
roles/strongswan: Update service name
2020-07-04 14:32:22 -05:00
dhcpcd
roles/dhcpcd: Always send FQDN
2018-07-23 17:35:10 -05:00
dhcpd
roles/dhcpd: Support UniFi DHCP option 43
2019-03-22 09:29:56 -05:00
docker
roles/docker: Install and set up Docker daemon
2019-09-19 19:27:12 -05:00
elasticsearch
roles/elasticsearch: Add Elasticsearch deployment
2019-10-28 18:33:37 -05:00
fileserver
roles/fileserver: Deploy Samba file server
2018-08-01 22:04:07 -05:00
formsubmit
r/formsubmit: Deploy formsubmit app
2022-02-27 17:42:15 -06:00
freeradius
hosts: dc2: Add RADIUS server certificate
2021-10-17 14:03:52 -05:00
frigate
r/frigate: Work around podman/netavark lock
2022-07-23 17:43:54 -05:00
gitea
r/gitea: Enable Prometheus metrics
2021-10-18 10:11:44 -05:00
grafana
grafana: Enable anonymous access
2022-03-07 20:10:13 -06:00
graylog
roles/graylog: Update Graylog repository RPM URL
2021-01-31 15:33:42 -06:00
haproxy
roles/haproxy: Fix undefined var on Fedora hosts
2020-03-03 19:27:19 -06:00
hass-dhcp
r/hass-dhcp: Clean up DHCP/DNS service
2021-07-24 18:33:15 -05:00
hassdb/tasks
roles/hassdb: Deploy Home Assistant database
2020-07-14 11:38:30 -05:00
homeassistant
r/homeassistant et al.: Increase start timeout
2021-12-20 09:59:14 -06:00
hostname
hostname: Also write /etc/hosts
2018-04-08 10:11:43 -05:00
jenkins-slave
jenkins-slave: Allow Jenkins to connect to Docker
2019-09-19 19:50:35 -05:00
kerberos
roles/kerberos: Configure mit-krb5
2018-01-29 15:05:51 -06:00
koji-builder
roles/koji-builder: Deploy the Koji builder
2018-08-12 10:14:25 -05:00
koji-client
roles/koji-client: Configure the koji client
2018-08-12 10:05:56 -05:00
koji-gc
roles/koji-gc: Deploy the Koji garbage collector
2018-08-12 09:58:56 -05:00
koji-hub
roles/koji-hub: Deploy the Koji Hub
2018-08-12 09:33:08 -05:00
koji-web
roles/koji-web: Deploy the Koji Web UI
2018-08-12 10:08:01 -05:00
kojira
roles/kojira: Deploy the Koji repository agent
2018-08-12 10:04:23 -05:00
logrotate/tasks
roles/logrotate: Install and enable logrotate
2020-12-08 20:59:40 -06:00
mongodb
roles/mongodb: Add MongoDB deployment
2019-10-28 18:34:45 -05:00
mosquitto
r/mosquitto: Support persistence
2022-05-29 11:25:25 -05:00
motioneye
motioneye: Deploy motionEye camera software
2020-10-03 11:29:39 -05:00
named
roles/named: Send application logs to syslog
2020-12-26 11:36:15 -06:00
net-ifaces
roles/net-ifaces: Update VLAN for pyrocufflink.blue
2020-05-25 09:17:24 -05:00
nextcloud
r/nextcloud: Increase Apache timeout
2021-12-22 11:28:52 -06:00
nftables
roles/nftables: Basic nftables configuration
2018-03-27 20:44:43 -05:00
nginx
roles/nginx: Add role for nginx
2021-06-29 21:00:46 -05:00
nsswitch
roles/nsswitch: Configure glibc name service
2018-03-11 18:16:17 -05:00
ntpd
ntp: Initial PB and role to set up ntpd
2018-04-22 11:19:22 -05:00
nut
r/nut: Add role for Network UPS Tools
2021-10-31 14:25:59 -05:00
postfix
roles/postfix: Vary shlib directory by arch
2018-08-07 19:51:09 -05:00
postgresql-server
roles/postgresql-server: Remove postgresql-setup
2020-07-14 10:56:01 -05:00
protonvpn
r/protonvpn: watchdog: Improve error handling
2022-03-01 21:28:21 -06:00
rabbitmq/tasks
roles/rabbitmq: Deploy RabbitMQ
2019-03-07 13:29:29 -06:00
radvd
roles/radvd: Support multiple prefixes per network
2018-04-06 20:16:02 -05:00
redis/tasks
roles/redis: Add role to deploy Redis
2021-06-25 11:10:10 -05:00
rhel-network
roles/rhel-network: Add static route support
2018-03-27 20:44:43 -05:00
samba
roles/samba: Support selecting interfaces
2018-06-23 14:42:45 -05:00
samba-dc
r/samba-dc: Configure logrotate for KDC
2022-04-24 11:37:13 -05:00
serial-console
r/serial-console: Enable getty on serial console
2021-10-16 14:34:51 -05:00
squid
squid: Add role and PB to deploy Squid
2018-08-12 16:00:32 -05:00
ssh-hostkeys
hosts: Add serial0.pyrocufflink.blue
2021-10-31 00:54:10 -05:00
sshd
roles/sshd: Configure OpenSSH daemon
2018-06-06 21:44:28 -05:00
strongswan
roles/strongswan: Update service name
2020-07-04 14:32:22 -05:00
strongswan-swanctl
roles/strongswan-swanctl: Load esp4 module at boot
2021-02-17 20:33:41 -06:00
sudo
roles/sudo: Configure sudo and policy
2018-03-11 18:16:17 -05:00
synapse
r/synapse: Enable Prometheus metrics
2021-10-18 18:08:50 -05:00
system-auth
roles/system-auth: Configure PAM system authentication
2018-03-11 18:16:17 -05:00
systemd-networkd
r/systemd-networkd: Enable and start the service
2021-10-31 14:29:30 -05:00
taiga
roles/taiga: Fix HTTP->HTTPS redirect
2019-03-22 09:29:56 -05:00
trustca
roles/trustca: Generic role for adding CA certs
2018-06-04 20:03:55 -05:00
vmhost
r/vmhost: Install libvirt storage driver
2021-11-06 18:10:32 -05:00
websites
websites: dustin.hatch.name: Deploy new site
2022-04-23 15:30:40 -05:00
wheelhost
wheelhost: Publish wheels built by Jenkins
2019-03-22 10:19:27 -05:00
winbind
r/winbind: Add domain-join tag
2021-11-06 18:12:29 -05:00
zabbix-agent
roles/zabbix: Add support for Debian
2019-03-22 09:29:56 -05:00
zabbix-server
roles/zabbix-server: Redirect HTTP -> HTTPS
2018-06-09 14:35:22 -05:00
zezere
zezere: role/playbook to deploy Zezere
2021-07-05 09:34:25 -05:00
zigbee2mqtt
r/homeassistant et al.: Increase start timeout
2021-12-20 09:59:14 -06:00
zwavejs2mqtt
r/homeassistant et al.: Increase start timeout
2021-12-20 09:59:14 -06:00