50249ba987
Use BindsTo
in Dovecot first boot process
...
This is to avoid starting requisite units (specifically, the MariaDB
migrations) if conditions fail.
2023-10-22 00:19:52 +01:00
4ce5be1798
rspamd: Update to version 3.7.1
2023-10-22 00:00:47 +01:00
0a7985b8ca
postfix: Exclude anonymous ciphers for TLS
2023-10-21 17:33:03 +01:00
5131d1d93c
prosody: Make component registration more robust
2023-10-21 17:26:18 +01:00
a5ce4675d5
Improve TLS security for Dovecot and Postfix
2023-10-21 17:19:35 +01:00
71214e94a6
prosody: Update to version 0.12.4, update modules
2023-10-03 22:44:08 +01:00
ddd50da0dc
gitea: Update to version 1.20.5
2023-10-03 22:43:10 +01:00
ad2ebd092c
slidge: Update to latest versions of plugins
2023-09-10 17:10:25 +01:00
0ff662b8c5
Auto-archive inbox messages after 1 week
2023-09-06 21:23:24 +01:00
8d7ee45574
slidge: Update WhatsApp plugin to latest version
2023-08-23 21:02:43 +01:00
035f34af75
gitea: Update to version 1.20.3
2023-08-22 19:21:42 +01:00
2976386e2f
gotosocial: Update to version 0.11.1
2023-08-22 19:21:21 +01:00
0e14ac19e5
prosody: Update to Bookworm, move to Quadlet
2023-08-20 18:03:38 +01:00
faaefcdebb
slidge: Update to latest WhatsApp plugin version
2023-08-20 17:35:20 +01:00
5afcea8f05
dovecot: Auto-archive unflagged messages in inbox
2023-08-20 11:31:37 +01:00
779e6e09f9
gotosocial: Don't report Mastodon version
2023-08-16 18:43:01 +01:00
c920a2a380
gotosocial: Update to version 0.11.0
2023-08-15 23:39:01 +01:00
ccf1852026
dovecot: Update to version 2.3.19, move to Quadlet
2023-08-13 16:30:55 +01:00
c285828395
postfix: Update to version 3.7.6, move to Quadlet
2023-08-13 16:30:09 +01:00
67e16b82df
navidrome: Move to Quadlet
2023-08-13 16:03:42 +01:00
2679166819
gotosocial: Move to Quadlet
2023-08-13 14:13:07 +01:00
43136d090b
coturn: Update to version 4.6.1, move to Quadlet
2023-08-13 13:59:57 +01:00
7db3958362
biboumi: Move to Quadlet, Debian-packaged version
2023-08-13 13:36:25 +01:00
fb6d134cdb
slidge: Update to latest protocol versions
2023-08-12 17:52:35 +01:00
8ea73709e8
gitea: Update to version 1.20.2, move to Quadlet
2023-08-12 17:14:04 +01:00
7764f0fde0
hugo: Move to Quadlet, minify HTML by default
2023-08-12 17:01:17 +01:00
3465082806
letsencrypt: Update Lego to version 4.13.3
2023-08-12 16:31:56 +01:00
15b41eee1a
nginx: Update to version 1.25, move to Quadlet
2023-08-12 16:31:31 +01:00
ee4375869d
mariadb: Move to Quadlet
2023-08-12 11:49:30 +01:00
6ead546a9d
radicale: Update to version 3.1.8, move to Quadlet
2023-08-12 11:26:49 +01:00
f367141361
rspamd: Don't use Notify=true
...
RSpamd doesn't have `systemd-notify` support, so we're forced to use
plain ol' conmon notify support instead.
2023-08-11 21:13:03 +01:00
9e690a54f0
rspamd: Update to version 3.6, move to Quadlet
2023-08-11 20:40:59 +01:00
90ae8853ac
lldap: Update to version v0.4.3, move to Quadlet
2023-08-11 20:12:23 +01:00
c5a6208e6a
redis: Move to container unit, Debian Bookworm
...
The container file is now directly based on Debian Bookworm, and uses
official Debian packages.
2023-08-11 20:12:23 +01:00
dc48e4b06b
slidge: Update slidge-whatsapp
to latest version
2023-08-05 11:39:55 +01:00
17fc39ac02
hugo: Update to version 0.115.4, Debian Bookworm
2023-07-30 20:37:44 +01:00
2889f2870a
letsencrypt: Update to version 4.13.2
2023-07-23 10:55:52 +01:00
f7f679f9df
gitea: Update to version 1.20.1
2023-07-23 10:54:37 +01:00
c14cef82f1
slidge: Update WhatsApp plugin to latest version
2023-07-22 11:04:31 +01:00
fad6a3d394
gotosocial: Inject supported Mastodon version
2023-07-22 10:28:09 +01:00
85d020b59d
gotosocial: Update to version 0.10.0
2023-07-22 09:35:11 +01:00
350e37f6fc
slidge: Update plugin versions
2023-07-18 22:06:54 +01:00
3f0b672633
prosody: De/Reactivate components after reload
2023-07-18 21:55:17 +01:00
5fb6e2b0f0
gitea: Update to version 1.20.0, enable indexing
2023-07-18 21:54:51 +01:00
542fbbbcea
gitea: Update to version 1.19.4
2023-07-11 19:45:44 +01:00
8fce96dc1f
slidge: Update WhatsApp plugin to latest version
2023-06-21 11:56:27 +01:00
2c6231080f
slidge: Update WhatsApp plugin to latest version
2023-06-20 14:00:51 +01:00
df1c244686
slidge: Update to latest version, move to Bookworm
...
This reflects changes made to Slidge for an effective split of plugins
from core, and bundles each plugin in their own virtual environment.
2023-06-19 11:03:02 +01:00
29fa2181ca
coturn: Make service less verbose
2023-06-18 11:09:22 +01:00
06a8417451
coturn: Allow more private network ranges
2023-06-04 17:09:24 +02:00
7cf8caebb4
gotosocial: Update to version 0.9.0
2023-05-25 10:04:27 +02:00
252ac7b28f
gitea: Update to version 1.19.3
2023-05-06 21:57:09 +02:00
8d717127e3
gitea: Update to version 1.19.2
2023-04-28 14:53:04 +01:00
410d0715b5
gitea: Update to version 1.19.1
2023-04-26 21:59:57 +01:00
95fb7b4f7d
gotosocial: Update to version 0.8.1
2023-04-23 18:49:00 +01:00
c391ebc96e
slidge: Update to latest version
2023-04-23 12:02:32 +01:00
8b56af11a5
slidge: Update to latest version
2023-04-04 00:13:17 +01:00
951005cd15
coturn: Allow local range connects
...
Given that this setup is for a *home* server, we're forced to allow
peers for typical home IP ranges (such as `192.168.0.0/24`); however, we
should still not allow access to ranges for other containers or anything
else running in `localhost`.
2023-03-29 21:29:26 +01:00
1801b7d8aa
postfix: Allow for messages up to 20MB in size
...
This is lower than most other services (e.g. Gmail allows for receiving
up to 50MB and sending up to 25MB) but more than most will need.
2023-03-28 21:29:40 +01:00
1742f45dd1
slidge: Update to latest version
2023-03-26 22:04:32 +01:00
b5b64eba5b
nginx: Remove deprecated XSS protection block
2023-03-25 14:28:12 +00:00
3f5c0306ed
rspamd: Update to version 3.5
2023-03-25 13:25:20 +00:00
efff72baa8
nginx: Update configuration, remove static serve
...
Services will now have an additional set of security-oriented response
headers attached, and cache times re-jigged.
In addition, the `nginx-serve-static@` service has been removed in
favour of `nginx-serve-volume@`, which is simpler to set up and use.
2023-03-25 13:21:47 +00:00
6ab280592e
slidge: Update to latest version
2023-03-21 19:33:47 +00:00
0786e6e8f3
slidge: Update to latest version
2023-03-19 18:39:51 +00:00
766fb881f8
slidge: Fix upload service environment
2023-03-17 17:10:52 +00:00
e7e90f0002
dovecot: Add chroot
in container
...
Dovecot will, by default, have login processes run under a limited
`chroot` environment. However, this broke recently with the update to
Podman 4.4.1 and the removal of implicit `CAP_CHROOT` capabilities.
This commit re-adds these in place.
2023-03-13 11:15:38 +00:00
c01eed0761
prosody: Move HTTP upload component to own address
...
Sharing an address with the MUC component causes issues in discovery.
2023-03-12 17:52:31 +00:00
45104d5fe6
letsencrypt: Fix location of 'lego' binary
2023-03-11 22:57:46 +00:00
03d4fdcc05
slidge: Update to latest version
...
And fix Dockerfile for changes in build.
2023-03-05 18:48:09 +00:00
e99faa5450
gitea: Update to version 1.18.5
2023-03-04 16:34:30 +00:00
3d3f4bb59e
gotosocial: Update to version 0.7.1
2023-03-04 16:34:20 +00:00
07df01f6c7
letsencrypt: Update Lego to version 4.10.2
2023-03-04 16:34:05 +00:00
02705c9f1e
prosody: Update to version 0.12.3
2023-03-04 16:33:53 +00:00
96c8ac2db5
gotosocial: Update to version 0.7.0
2023-02-18 12:36:32 +00:00
4289785bb5
gitea: Update to latest version
2023-02-12 17:27:49 +00:00
e45c7650d5
Update Navidrome to latest version
2023-02-12 17:23:52 +00:00
6f8b8763c6
prosody: Make component registration more flexible
2023-01-02 14:15:13 +00:00
cb4b61321e
gitea: Fix SMTP mailer configuration
2022-12-31 14:20:54 +00:00
e46588f60c
Makefile: Make virtual port configuration dynamic
2022-12-31 13:35:26 +00:00
6e08aba560
gitea: Update to version 1.18.0
2022-12-31 12:28:17 +00:00
005ea1a55d
letsencrypt: Update Lego to latest version
2022-12-31 12:25:34 +00:00
04acd65c96
rclone: Update to latest version
2022-12-31 12:25:07 +00:00
a35af5950d
slidge: Update to latest version
2022-12-31 12:24:57 +00:00
dc91311f2b
slidge: Update to latest git version
2022-12-15 16:55:05 +00:00
0200269b7b
prosody: Update to version 0.12.2, bump modules
2022-12-14 10:24:14 +00:00
299eee98ce
prosody: Add privilege
module for components
...
This module will be inactive while dynamic `VirtualHost` configuration
is being sorted out, but should nevertheless help in testing.
2022-12-13 19:49:59 +00:00
4bc17662bd
Remove Spectrum in favour of Slidge
...
Slidge replaces Spectrum with immense improvement to bridging
capabilities, albeit with only experimental MUC support. Nevertheless,
the current state is sufficiently stable for a complete replacement.
2022-12-13 15:37:42 +00:00
560cfc82b6
slidge: Add service for legacy protocol bridging
2022-12-13 10:16:45 +00:00
c2c8d746cd
gotosocial: Always show landing page
2022-12-06 19:56:05 +00:00
551fc4a133
gotosocial: Update to version 0.6.0
2022-12-06 18:55:28 +00:00
eca9e43216
rspamd: Update to latest version
2022-12-05 19:40:27 +00:00
8051418e61
dovecot: Only LIST directories in user maildir
...
This option has Dovecot only return directories in LIST commands, which
is a necessary workaround because of how our home and maildir locations
are the same, which sometimes has extraneous files (such as Sieve
scripts) appear in IMAP directory listings.
We should eventually move away from this unified location, but doing so
requires careful planning and migration.
2022-12-03 14:11:03 +00:00
1b71debe96
Add configuration for GoToSocial
...
This adds a basic GoToSocial setup with a default configured
administrator, to be used as a small environment for trusted users.
2022-11-27 16:25:53 +00:00
d452ccec1b
spectrum: Update plugins to latest versions
2022-11-10 19:24:17 +00:00
ddc2f50505
hugo: Always hard-reset to origin
after fetching
2022-10-29 17:38:39 +01:00
eda658f99d
nginx: Move back to separate UPSTREAM variables
...
This commit moves the `nginx-proxy-http` service back to separate
`UPSTREAM_HOST`, `UPSTREAM_PORT`, and `UPSTREAM_PATH` variables, which
allows for more granular configuration, e.g. `proxy_redirect` patterns.
2022-10-29 17:24:58 +01:00
453c8a88f3
hugo: Use branch name from payload if possible
...
Gitea and Gitlab allow for filtering push events based on the branch
name, so we assume that webhook payloads don't need to be filtered based
on the branch in these cases. Github doesn't allow for this sort of
filtering, so we have to specify a default branch to filter on.
2022-10-29 15:56:46 +01:00
f2ab86f5bf
hugo: Clone with depth=1
, reset after fetch
2022-10-29 11:25:23 +01:00
b7ca813a40
Improve webhook behaviour for Gitea
...
Webhook execution in Gitea will now wait longer before returning, and
Hugo will correctly set permissions on destination directories.
2022-10-28 18:33:42 +01:00