float merge requestshttps://git.autistici.org/ai3/float/-/merge_requests2024-03-03T20:11:54Zhttps://git.autistici.org/ai3/float/-/merge_requests/299base: load nf_conntrack module at boot2024-03-03T20:11:54Zgodogbase: load nf_conntrack module at bootWill make sysctl nf_conntrack_max available to be set at bootWill make sysctl nf_conntrack_max available to be set at boothttps://git.autistici.org/ai3/float/-/merge_requests/300base: remove obsolete nf_conntrack_helper2024-03-03T20:11:42Zgodogbase: remove obsolete nf_conntrack_helperParameter was removed in 6.0 and it is not the default anymore:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b118509076b3
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3bb...Parameter was removed in 6.0 and it is not the default anymore:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b118509076b3
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3bb398d925echttps://git.autistici.org/ai3/float/-/merge_requests/298Generate Tinc configuration without a plugin2024-01-04T22:59:57ZaleGenerate Tinc configuration without a pluginhttps://git.autistici.org/ai3/float/-/merge_requests/297base-docker: extend start timeout2023-12-05T16:55:55Zgodogbase-docker: extend start timeoutContainers will start all together at boot, thus be a little more
lenient before declaring the container as not started / failed.Containers will start all together at boot, thus be a little more
lenient before declaring the container as not started / failed.https://git.autistici.org/ai3/float/-/merge_requests/295Install ssh-key-wtmp2023-12-01T20:19:54ZaleInstall ssh-key-wtmphttps://git.autistici.org/ai3/float/-/merge_requests/296Set all managed systemd services to autorestart on failure2023-12-01T11:53:22ZaleSet all managed systemd services to autorestart on failurehttps://git.autistici.org/ai3/float/-/merge_requests/294Fix the prober URL in alerts2023-11-13T13:24:05ZaleFix the prober URL in alertsUse an additional label on prober targets, prober_float_endpoint, to
generate correct URLs in alerts (issue #145). This is done by looking
up the public_endpoint associated with a service for custom probe
targets via a new global Ansible...Use an additional label on prober targets, prober_float_endpoint, to
generate correct URLs in alerts (issue #145). This is done by looking
up the public_endpoint associated with a service for custom probe
targets via a new global Ansible variable (float_http_endpoints_by_port).https://git.autistici.org/ai3/float/-/merge_requests/293Add HTTP Accept request header to the proxy key2023-11-03T08:13:27ZaleAdd HTTP Accept request header to the proxy keyShould help with content negotiation. To avoid an explosion of
keys, any Accept header containing text/html (so, browsers) is
mapped to the 'html' string.Should help with content negotiation. To avoid an explosion of
keys, any Accept header containing text/html (so, browsers) is
mapped to the 'html' string.https://git.autistici.org/ai3/float/-/merge_requests/292float: update vagrant-libvirt cache option2023-10-07T21:34:43Zgodogfloat: update vagrant-libvirt cache optionDeprecation came in 0.4.0:
https://github.com/vagrant-libvirt/vagrant-libvirt/commit/5471caabe53c2ec19a76121f96ed62a72d701ef0Deprecation came in 0.4.0:
https://github.com/vagrant-libvirt/vagrant-libvirt/commit/5471caabe53c2ec19a76121f96ed62a72d701ef0https://git.autistici.org/ai3/float/-/merge_requests/291base: use freeipmi instead of ipmitool2023-09-10T13:04:20Zgodogbase: use freeipmi instead of ipmitoolField usage has shown freeipmi is more resilient than ipmitool in the
face of misbehaving hardware.Field usage has shown freeipmi is more resilient than ipmitool in the
face of misbehaving hardware.https://git.autistici.org/ai3/float/-/merge_requests/290docker: ship bash completion for in-container2023-08-26T15:23:40Zgodogdocker: ship bash completion for in-containerhttps://git.autistici.org/ai3/float/-/merge_requests/287Use openssl for rsyslog TLS2023-08-19T08:17:59ZaleUse openssl for rsyslog TLShttps://git.autistici.org/ai3/float/-/merge_requests/286First pass at resolving ansible deprecation warnings:2023-08-16T07:02:12ZaleFirst pass at resolving ansible deprecation warnings:. [defaults]callback_whitelist option, normalizing names to new standard, use
callbacks_enabled instead.
. Use 'ansible.utils.ipv4' module instead.
. Use 'ansible.utils.ipv6' module instead.
Copy of !272 in this repo, so we can run tests.. [defaults]callback_whitelist option, normalizing names to new standard, use
callbacks_enabled instead.
. Use 'ansible.utils.ipv4' module instead.
. Use 'ansible.utils.ipv6' module instead.
Copy of !272 in this repo, so we can run tests.https://git.autistici.org/ai3/float/-/merge_requests/285Set container runtime options using an Ansible plugin2023-06-25T16:39:21ZaleSet container runtime options using an Ansible pluginSince the logic is not entirely straightforward, it is best not to
handle it in Jinja, the Python version is more readable.
This change also introduces support for Podman 4 "detach" mode which,
taking advantage of the support for the "p...Since the logic is not entirely straightforward, it is best not to
handle it in Jinja, the Python version is more readable.
This change also introduces support for Podman 4 "detach" mode which,
taking advantage of the support for the "passthrough" log driver, runs
services without an extra "podman" process (and with fewer useless i/o
operations on the log stream).https://git.autistici.org/ai3/float/-/merge_requests/284Restart mtail after adding the NGINX program2023-06-05T10:49:48ZaleRestart mtail after adding the NGINX programhttps://git.autistici.org/ai3/float/-/merge_requests/283Small refactor of the nginx_http_request_ms metric2023-06-04T11:18:27ZaleSmall refactor of the nginx_http_request_ms metricDrop the 'status' field, and only record values for requests that
result in a status 200.Drop the 'status' field, and only record values for requests that
result in a status 200.https://git.autistici.org/ai3/float/-/merge_requests/281Store the owner username as comment for SSH authorized_keys2023-05-30T08:46:11ZaleStore the owner username as comment for SSH authorized_keyshttps://git.autistici.org/ai3/float/-/merge_requests/282base: reorder and sort package list2023-05-29T07:27:57Zgodogbase: reorder and sort package listhttps://git.autistici.org/ai3/float/-/merge_requests/280Properly disable noexec option on /run tmpfs2023-05-18T17:08:38ZaleProperly disable noexec option on /run tmpfsPodman in debian bullseye apparently supports "exec=true" for this.Podman in debian bullseye apparently supports "exec=true" for this.https://git.autistici.org/ai3/float/-/merge_requests/279Set charset when forcing LC_ALL for Ansible2023-03-06T10:51:29ZaleSet charset when forcing LC_ALL for AnsibleFixes issue #140Fixes issue #140