removed temp file

forgot to include updated nextcloud configuration
added nolocal flag to nginx configuration for nextcloud and fixed nextcloud remote config
2024-07-31 00:49:56 -05:00 · 2024-07-31 00:49:28 -05:00 · 2024-07-31 00:46:57 -05:00 · 2024-06-01 14:09:12 -05:00 · 2024-06-01 12:07:46 -05:00 · 2024-06-01 12:07:15 -05:00
49 changed files with 456 additions and 20 deletions
--- a/pillars/envs.sls
+++ b/pillars/envs.sls
@ -0,0 +1,9 @@
 {%- set envs=salt.cmd.shell('ls /srv/salt/').split('\n') -%}
 envs:
 {%- if envs is not none -%}
  {%- for env in envs %}
  - {{env}}
  {%- endfor -%}
 {%- else -%}
  - prod
 {%- endif -%}
--- a/pillars/roles/aurpkgs/bazarr.sls
+++ b/pillars/roles/aurpkgs/bazarr.sls
@ -0,0 +1,3 @@
 aur:
  pkgs:
    bazarr: []
--- a/pillars/roles/mount/jellyfin.sls
+++ b/pillars/roles/mount/jellyfin.sls
@ -0,0 +1,10 @@
 mount:
  sshfs:
    /mnt/video:
      name: video
      host: host.actcur.com
      directory: /mnt/butter/video
      user: mount
  ext4:
    /mnt/jelly:
      device: UUID=adc4740a-d471-4be4-9995-65cb66794b51
--- a/pillars/roles/nginx/bazarr.sls
+++ b/pillars/roles/nginx/bazarr.sls
@ -0,0 +1,14 @@
 nginx:
  bazarr:
    auth: 2fa
    default: no
    https:
      port: 6767
      prot: http
 portal:
  Media:
    bazarr:
      name: Subtitle Downloader
      summary: Bazarr Server
      public: false
--- a/pillars/roles/nginx/jellyfin.sls
+++ b/pillars/roles/nginx/jellyfin.sls
@ -0,0 +1,18 @@
 nginx:
  jelly:
    auth: none
    https:
      port: 8096
      prot: http
    proxy_headers:
      X-Forwarded-Protocol: $scheme
      Upgrade: $http_upgrade
      Connection: upgrade
 portal:
  Media:
    jelly:
      name: Jelly
      summary: Jellyfin Media Server
      public: true
--- a/pillars/roles/nginx/jellyseerr.sls
+++ b/pillars/roles/nginx/jellyseerr.sls
@ -0,0 +1,20 @@
 nginx:
  jellyseerr:
    auth: none
    default: no
    https:
      port: 5055
      prot: http
  request:
    auth: none
    default: no
    https:
      port: 5055
      prot: http
 portal:
  Media:
    request:
      name: Mediar Request Server
      summary: Jellyseerr media request server
      public: false
--- a/pillars/roles/nginx/nextcloud.sls
+++ b/pillars/roles/nginx/nextcloud.sls
@ -1,10 +1,11 @@
 nginx:
  cloud:
    auth: none
    https:
      port: 8080
      prot: http
-
+    nolocal: true
 portal:
  Misc:
    cloud:
--- a/pillars/roles/nginx/prowlarr.sls
+++ b/pillars/roles/nginx/prowlarr.sls
@ -0,0 +1,14 @@
 nginx:
  prowlarr:
    auth: 2fa
    default: no
    https:
      port: 9696
      prot: http
 portal:
  Media:
    prowlarr:
      name: Torrent Indexers
      summary: Prowlarr Server
      public: false
--- a/pillars/roles/nginx/readarr.sls
+++ b/pillars/roles/nginx/readarr.sls
@ -0,0 +1,14 @@
 nginx:
  readarr:
    auth: 2fa
    default: no
    https:
      port: 8787
      prot: http
 portal:
  Media:
    readarr:
      name: Audiobook/ebook Downloader
      summary: Readarr Server
      public: false
--- a/pillars/roles/services/bazarr.sls
+++ b/pillars/roles/services/bazarr.sls
@ -0,0 +1,3 @@
 services:
  bazarr:
    bazarr: []
--- a/pillars/servers/roles/server/arr.sls
+++ b/pillars/servers/roles/server/arr.sls
@ -6,7 +6,9 @@ roles:
  - arr
  - sonarr
  - radarr
  - readarr
  - lidarr
-  - jackett
+  - bazarr
  - prowlarr
  - ytdownloader
  - podfox
--- a/pillars/servers/roles/server/jelly.sls
+++ b/pillars/servers/roles/server/jelly.sls
@ -0,0 +1,7 @@
 roles:
  - server
  - ssh
  - nrpe
  - saltminion
  - nginx-proxy
  - jellyfin
--- a/pillars/servers/roles/server/jellyseerr.sls
+++ b/pillars/servers/roles/server/jellyseerr.sls
@ -0,0 +1,7 @@
 roles:
  - server
  - ssh
  - nrpe
  - saltminion
  - nginx-proxy
  - jellyseerr
--- a/pillars/top.sls
+++ b/pillars/top.sls
@ -4,4 +4,5 @@
  '*':
    - roles
    - servers
    - envs
 {%- endfor %}
--- a/states/repos/arch/aur-local
+++ b/states/repos/arch/aur-local
@ -0,0 +1,3 @@
 [aur-local]
 SigLevel = Never
 Server = http://pkg.actcur.com/archlinux/$repo/os/$arch
--- a/states/repos/arch/init.sls
+++ b/states/repos/arch/init.sls
@ -0,0 +1,11 @@
 {%- if grains['os'] != "Arch ARM" -%}
 update_pacman.conf:
  file.managed:
    - name: /etc/pacman.conf
    - source: salt://repos/arch/pacman.conf
 aur_local_repo:
  file.managed:
    - name: /etc/pacman.d/aur-local
    - source: salt://repos/arch/aur-local
 {%- endif -%}
--- a/states/repos/arch/pacman.conf
+++ b/states/repos/arch/pacman.conf
@ -0,0 +1,94 @@
 #
 # /etc/pacman.conf
 #
 # See the pacman.conf(5) manpage for option and repository directives
 #
 # GENERAL OPTIONS
 #
 [options]
 # The following paths are commented out with their default values listed.
 # If you wish to use different paths, uncomment and update the paths.
 #RootDir     = /
 #DBPath      = /var/lib/pacman/
 #CacheDir    = /var/cache/pacman/pkg/
 #LogFile     = /var/log/pacman.log
 #GPGDir      = /etc/pacman.d/gnupg/
 #HookDir     = /etc/pacman.d/hooks/
 HoldPkg     = pacman glibc
 #XferCommand = /usr/bin/curl -L -C - -f -o %o %u
 #XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
 #CleanMethod = KeepInstalled
 Architecture = auto
 # Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
 #IgnorePkg   =
 #IgnoreGroup =
 #NoUpgrade   =
 #NoExtract   =
 # Misc options
 #UseSyslog
 #Color
 #TotalDownload
 CheckSpace
 #VerbosePkgLists
 # By default, pacman accepts packages signed by keys that its local keyring
 # trusts (see pacman-key and its man page), as well as unsigned packages.
 SigLevel    = Required DatabaseOptional
 LocalFileSigLevel = Optional
 #RemoteFileSigLevel = Required
 # NOTE: You must run `pacman-key --init` before first using pacman; the local
 # keyring can then be populated with the keys of all official Arch Linux
 # packagers with `pacman-key --populate archlinux`.
 #
 # REPOSITORIES
 #   - can be defined here or included from another file
 #   - pacman will search repositories in the order defined here
 #   - local/custom mirrors can be added here or in separate files
 #   - repositories listed first will take precedence when packages
 #     have identical names, regardless of version number
 #   - URLs will have $repo replaced by the name of the current repo
 #   - URLs will have $arch replaced by the name of the architecture
 #
 # Repository entries are of the format:
 #       [repo-name]
 #       Server = ServerName
 #       Include = IncludePath
 #
 # The header [repo-name] is crucial - it must be present and
 # uncommented to enable the repo.
 #
 # The testing repositories are disabled by default. To enable, uncomment the
 # repo name header and Include lines. You can add preferred servers immediately
 # after the header, and they will be used before the default mirrors.
 #[testing]
 #Include = /etc/pacman.d/mirrorlist
 [core]
 Include = /etc/pacman.d/mirrorlist
 [extra]
 Include = /etc/pacman.d/mirrorlist
 # If you want to run 32 bit applications on your x86_64 system,
 # enable the multilib repositories as required here.
 #[multilib-testing]
 #Include = /etc/pacman.d/mirrorlist
 #[multilib]
 #Include = /etc/pacman.d/mirrorlist
 # An example of a custom package repository.  See the pacman manpage for
 # tips on creating your own repositories.
 #[custom]
 #SigLevel = Optional TrustAll
 #Server = file:///home/custompkgs
 Include = /etc/pacman.d/aur-local
--- a/states/roles/maintain/bazarr/init.sls
+++ b/states/roles/maintain/bazarr/init.sls
@ -0,0 +1,14 @@
 /var/lib/bazarr:
  file.symlink:
    - target: /mnt/data/bazarr
    - force: true
    - mkdirs: true
 #package is in aur repo
 bazarr:
  pkg.installed
 bazarr_service:
  service.running:
    - name: bazarr
    - enable: true
--- a/states/roles/maintain/certbot/certbot.sh
+++ b/states/roles/maintain/certbot/certbot.sh
@ -1,3 +1,6 @@
 echo "Running certbot renew" > /root/scripts/certbot.log
 /bin/certbot renew >> /root/scripts/certbot.log
 echo "Finished certbot renew" >> /root/scripts/certbot.log
 echo "Copying certs to /secure" >> /root/scripts/certbot.log
 cp -rL /etc/letsencrypt/live/* /secure/certs/
 echo "Done copying certs to /secure" >> /root/scripts/certbot.log
--- a/states/roles/maintain/host/balloon.service
+++ b/states/roles/maintain/host/balloon.service
@ -0,0 +1,10 @@
 [Unit]
 Description=Automatically adjust balloon size to free up unused memory
 [Service]
 Type=oneshot
 RemainAfterExit=no
 ExecStart=/bin/bash /root/scripts/balloon.sh
 [Install]
 WantedBy=multi-user.target
--- a/states/roles/maintain/host/balloon.sh
+++ b/states/roles/maintain/host/balloon.sh
@ -0,0 +1,21 @@
 for domain in `virsh list --name`
 do
  virsh dommemstat --period 5 $domain
  max=`virsh dominfo $domain | grep Max | grep -Po "\d+"`
  current=`virsh dominfo $domain | grep Used | grep -Po "\d+"`
  unused=`virsh dommemstat $domain | grep unused | grep -Po "\d+"`
  used=$(($current - $unused))
  newfree=$((($max - $used) / 5))
  if test $newfree -gt 524288
  then
    target=$(($newfree + $used))
  else
    target=$((524288 + $used))
  fi
  if test $target -gt $max
  then
    target=$max
  fi
  echo "$domain: $target"
  virsh setmem $domain --size $target
 done
--- a/states/roles/maintain/host/balloon.timer
+++ b/states/roles/maintain/host/balloon.timer
@ -0,0 +1,9 @@
 [Unit]
 Description=Update balloon sizes  every 10 minutes
 [Timer]
 OnCalendar=*:0/10
 Unit=balloon.service
 [Install]
 WantedBy=multi-user.target
--- a/states/roles/maintain/host/init.sls
+++ b/states/roles/maintain/host/init.sls
@ -99,3 +99,35 @@ libvirtd:
 #      - file: /etc/systemd/network/br1.netdev
 #      - file: /etc/systemd/network/br1.network
 #      - file: /etc/systemd/network/uplink.network
 /root/scripts/balloon.sh:
  file.managed:
    - source: salt://roles/maintain/host/balloon.sh
    - user: root
    - group: root
    - mode: 644
 /lib/systemd/system/balloon.service:
  file.managed:
    - source: salt://roles/maintain/host/balloon.service
    - user: root
    - group: root
    - mode: 644
 /lib/systemd/system/balloon.timer:
  file.managed:
    - source: salt://roles/maintain/host/balloon.timer
    - user: root
    - group: root
    - mode: 644
 balloon-reload:
  module.run:
    - name: service.systemctl_reload
    - onchanges:
      - file: /lib/systemd/system/*
 balloon.timer:
  service.running:
    - enable: true
--- a/states/roles/maintain/jellyfin/init.sls
+++ b/states/roles/maintain/jellyfin/init.sls
@ -0,0 +1,20 @@
 {%- set os=grains['os'] -%}
 jellyfin:
  pkg.installed:
    - name: jellyfin-bin
  service.running:
    - enable: true
 /etc/conf.d/jellyfin:
  file.managed:
    - source: salt://roles/maintain/jellyfin/jellyfin
    - user: root
    - group: root
    - mode: 644
 mount:
  group.present:
    - gid: 503
    - addusers:
      - jellyfin
--- a/states/roles/maintain/jellyfin/jellyfin
+++ b/states/roles/maintain/jellyfin/jellyfin
@ -0,0 +1,6 @@
 # Data directory
 JELLYFIN_DATA_DIRECTORY="/mnt/jelly/data"
 # Cache directory
 JELLYFIN_CACHE_DIRECTORY="/mnt/jelly/cache"
 # Additional options for the binary
 JELLYFIN_ADD_OPTS="--webdir=/usr/share/jellyfin/web"
--- a/states/roles/maintain/jellyseerr/init.sls
+++ b/states/roles/maintain/jellyseerr/init.sls
@ -0,0 +1,14 @@
 {%- set os=grains['os'] -%}
 jellyseerr:
  pkg.installed:
    - name: jellyseerr
  service.running:
    - enable: true
 #/etc/conf.d/jellyfin:
 #  file.managed:
 #    - source: salt://roles/maintain/jellyfin/jellyfin
 #    - user: root
 #    - group: root
 #    - mode: 644
--- a/states/roles/maintain/nextcloud.old/bashrc
+++ b/states/roles/maintain/nextcloud.old/bashrc
--- a/states/roles/maintain/nextcloud.old/cron-override.conf
+++ b/states/roles/maintain/nextcloud.old/cron-override.conf
--- a/states/roles/maintain/nextcloud.old/init.sls
+++ b/states/roles/maintain/nextcloud.old/init.sls
@ -66,6 +66,7 @@ nginx-service:
    - user: nextcloud
    - group: nextcloud
    - mode: 644
    - replace: false
    - template: jinja
 /etc/pacman.d/hooks/nextcloud.hook:
--- a/states/roles/maintain/nextcloud.old/nextcloud-config.php
+++ b/states/roles/maintain/nextcloud.old/nextcloud-config.php
@ -6,6 +6,7 @@ $CONFIG = array (
    1 => 'cloud.actcur.com'
  ),
  'overwrite.cli.url' => 'https://cloud.actcur.com/',
  'overwriteprotocol' => 'https',
  'htaccess.RewriteBase' => '/',
  'datadirectory' => '/mnt/nextcloud/data',
  'logfile' => '/var/log/nextcloud/nextcloud.log',
--- a/states/roles/maintain/nextcloud.old/nextcloud-php.ini
+++ b/states/roles/maintain/nextcloud.old/nextcloud-php.ini
@ -928,7 +928,7 @@ extension=intl
 ;extension=odbc
 ;zend_extension=opcache
 ;extension=pdo_dblib
-;extension=pdo_mysql
+extension=pdo_mysql
 ;extension=pdo_odbc
 ;extension=pdo_pgsql
 ;extension=pdo_sqlite
--- a/states/roles/maintain/nextcloud.old/nextcloud.hook
+++ b/states/roles/maintain/nextcloud.old/nextcloud.hook
--- a/states/roles/maintain/nextcloud.old/nginx-collabora.conf
+++ b/states/roles/maintain/nextcloud.old/nginx-collabora.conf
--- a/states/roles/maintain/nextcloud.old/nginx-nextcloud.conf
+++ b/states/roles/maintain/nextcloud.old/nginx-nextcloud.conf
--- a/states/roles/maintain/nextcloud.old/php-fpm-nextcloud.conf
+++ b/states/roles/maintain/nextcloud.old/php-fpm-nextcloud.conf
--- a/states/roles/maintain/nextcloud.old/php-fpm-override.conf
+++ b/states/roles/maintain/nextcloud.old/php-fpm-override.conf
--- a/states/roles/maintain/nextcloud.old/php-fpm.ini
+++ b/states/roles/maintain/nextcloud.old/php-fpm.ini
--- a/states/roles/maintain/nginx-proxy/empty.conf
+++ b/states/roles/maintain/nginx-proxy/empty.conf
--- a/states/roles/maintain/nginx-proxy/init.sls
+++ b/states/roles/maintain/nginx-proxy/init.sls
@ -49,6 +49,8 @@ nginx:
    - makedirs: true
  {%- if portal is defined %}
    - source: salt://roles/maintain/nginx-proxy/remote.conf
  {%- elif pillar['nginx'][name]['nolocal'] is defined and pillar['nginx'][name]['nolocal'] == 'true' %}
    - source: salt://roles/maintain/nginx-proxy/empty.conf
  {%- else %}
    - source: salt://roles/maintain/nginx-proxy/local.conf
  {%- endif %}
--- a/states/roles/maintain/nginx-proxy/local.conf
+++ b/states/roles/maintain/nginx-proxy/local.conf
@ -19,13 +19,12 @@
    {%- set prot = "https" -%}
  {%- endif -%}
 server {
-  listen 443;
+  listen 443 ssl;
  server_name {{server}}.actcur.com {{wildcard}};
 #  resolver {{ resolver }};
  set $backend "{{prot}}://127.0.0.1{%- if port is defined -%}:{{port}}{%- endif -%}";
  ssl on;
  ssl_certificate /etc/nginx/certs/{{server}}.actcur.com/fullchain.pem;
  ssl_certificate_key /etc/nginx/certs/{{server}}.actcur.com/privkey.pem;
  ssl_session_cache shared:SSL:10m;
@ -39,6 +38,11 @@ server {
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Ssl on;
 {%- if pillar['nginx'][server]['proxy_headers'] is defined -%}
  {%- for header in pillar['nginx'][server]['proxy_headers'] %}
    proxy_set_header {{header}} {{pillar['nginx'][server]['proxy_headers'][header]}};
  {%- endfor %}
 {%- endif %}
    # re-write redirects to http as to https, example: /home
    proxy_redirect http:// https://;
--- a/states/roles/maintain/nginx-proxy/portal.conf
+++ b/states/roles/maintain/nginx-proxy/portal.conf
@ -1,12 +1,11 @@
 server {
-  listen 443 default_server;
+  listen 443 ssl default_server;
  server_name portal.actcur.com;
  resolver {{resolver}};
  set $certbot "https://salt.actcur.com";
  ssl on;
  ssl_certificate /etc/nginx/certs/portal.actcur.com/fullchain.pem;
  ssl_certificate_key /etc/nginx/certs/portal.actcur.com/privkey.pem;
  ssl_session_cache shared:SSL:10m;
--- a/states/roles/maintain/nginx-proxy/remote.conf
+++ b/states/roles/maintain/nginx-proxy/remote.conf
@ -12,14 +12,13 @@
 {%- endif -%}
 server {
-  listen 443;
+  listen 443 ssl;
  server_name {{server}}.actcur.com {{wildcard}};
  resolver {{resolver}};
  set $backend "https://{{server}}.actcur.com";
  set $certbot "https://salt.actcur.com";
  ssl on;
  ssl_certificate /etc/nginx/certs/{{server}}.actcur.com/fullchain.pem;
  ssl_certificate_key /etc/nginx/certs/{{server}}.actcur.com/privkey.pem;
  ssl_session_cache shared:SSL:10m;
@ -38,8 +37,17 @@ server {
    {% set location="2" %}{% include 'roles/maintain/nginx-proxy/auth.conf' %}
    proxy_pass $backend;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header X-Forwarded-Port 443;
    proxy_set_header X-Real-IP  $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Ssl on;
 {%- if pillar['nginx'][server]['proxy_headers'] is defined -%}
  {%- for header in pillar['nginx'][server]['proxy_headers'] %}
    proxy_set_header {{header}} {{pillar['nginx'][server]['proxy_headers'][header]}};
  {%- endfor %}
 {%- endif %}
    # re-write redirects to http as to https, example: /home
    proxy_redirect http:// https://;
--- a/states/roles/maintain/pkg-cache/cache.conf
+++ b/states/roles/maintain/pkg-cache/cache.conf
@ -7,6 +7,8 @@ server {
        listen 8000;
        server_name pkg.actcur.com;
        resolver 8.8.8.8;
        access_log /var/log/nginx/pkg-cache.access.log pkg-cache;
        error_log /var/log/nginx/pkg-cache.error.log;
@ -32,11 +34,11 @@ server {
        }
        location ~ \.(db|sig) {
-                proxy_pass             https://mirrors.kernel.org$request_uri;
+                proxy_pass             https://mirrors.advancedhosters.com$request_uri;
        }
        location / {
-                proxy_pass             https://mirrors.kernel.org;
+                proxy_pass             https://mirrors.advancedhosters.com;
                proxy_cache            pkg-cache; # This directive should match the keys_zone option
                proxy_cache_revalidate on;
                proxy_cache_min_uses   0;
--- a/states/roles/maintain/prowlarr/init.sls
+++ b/states/roles/maintain/prowlarr/init.sls
@ -0,0 +1,22 @@
 /var/lib/prowlarr:
  file.symlink:
    - target: /mnt/data/prowlarr
    - force: true
    - mkdirs: true
 #package is in aur repo
 prowlarr:
  pkg.installed
 prowlarr_service:
  service.running:
    - name: prowlarr
    - enable: true
 flaresolverr:
  pkg.installed
 flaresolverr_service:
  service.running:
    - name: flaresolverr
    - enable: true
--- a/states/roles/maintain/readarr/init.sls
+++ b/states/roles/maintain/readarr/init.sls
@ -0,0 +1,14 @@
 /var/lib/readarr:
  file.symlink:
    - target: /mnt/data/readarr
    - force: true
    - mkdirs: true
 #package is in aur repo
 readarr-develop:
  pkg.installed
 readarr_service:
  service.running:
    - name: readarr
    - enable: true
--- a/states/roles/maintain/transmission/init.sls
+++ b/states/roles/maintain/transmission/init.sls
@ -2,11 +2,11 @@ transmission-pkg:
  pkg.installed:
    - name: transmission-cli
-transmission-settings:
+#transmission-settings:
-  file.symlink:
+#  file.symlink:
-    - name: /var/lib/transmission/.config/transmission-daemon/settings.json
+#    - name: /var/lib/transmission/.config/transmission-daemon/settings.json
-    - target: /mnt/video/transmission/settings.json
+#    - target: /mnt/video/transmission/settings.json
-    - force: true
+#    - force: true
 /opt/scripts/restart_transmission.sh:
  file.managed:
--- a/states/systems/core/time/chrony.conf
+++ b/states/systems/core/time/chrony.conf
@ -0,0 +1,10 @@
 server 0.us.pool.ntp.org iburst
 server 1.us.pool.ntp.org iburst
 server 2.us.pool.ntp.org iburst
 server 3.us.pool.ntp.org iburst
 driftfile /var/lib/chrony.drift
 leapsectz right/UTC
 makestep 1.0 3
 rtconutc
 rtcsync
--- a/states/systems/core/time/init.sls
+++ b/states/systems/core/time/init.sls
@ -0,0 +1,14 @@
 chrony_pkg:
  pkg.installed:
    - name: chrony
 /etc/chrony.conf:
  file.managed:
    - source: salt://systems/core/time/chrony.conf
    - user: root
    - group: root
    - mode: 644
 chronyd:
  service.running:
    - enable: true
--- a/states/top.sls
+++ b/states/top.sls
@ -1,15 +1,13 @@
 {%- set states = salt['cp.list_states'](saltenv) -%}
-{%- set envs=salt.cmd.shell('git ls-remote https://git.actcur.com/actcur/salt.git | grep -o -P "(?<=refs/heads/).*" | grep -Pv "(^temp$)|(^history$)"').split('\n') -%}
+{% for env in pillar['envs'] %}
 {%- set envs=salt.cmd.shell('ls /srv/salt/').split('\n') -%}
 {% for env in envs %}
 {{ env }}:
  'os_family:RedHat':
    - match: grain_pcre
    - repos.epel
  'os_family:Arch':
    - match: grain_pcre
-    - repos.aur
+    - repos.arch
    - systems.arch.mirrors
    - systems.core.freeipa
  '*':
@ -29,6 +27,7 @@
    - systems.core.mount
    - systems.core.git
    - systems.core.backup
    - systems.core.time
 {%- if pillar['roles'] is defined -%}
  {%- if pillar['roles'] is not none -%}
    {%- for role in pillar['roles'] %}
Author	SHA1	Message	Date
Actaeus Curabitur	5db30c42fb	removed temp file	2024-07-31 00:49:56 -05:00
Actaeus Curabitur	0bbe0450aa	forgot to include updated nextcloud configuration	2024-07-31 00:49:28 -05:00
Actaeus Curabitur	1e9094e3cb	added nolocal flag to nginx configuration for nextcloud and fixed nextcloud remote config	2024-07-31 00:46:57 -05:00
Jayne	887df39849	Merge pull request 'seer' (#18 ) from seer into prod Reviewed-on: #18	2024-06-01 14:09:12 -05:00
Jayne	69ce732461	Merge pull request 'updated nginx configuration' (#17 ) from dev into prod Reviewed-on: #17	2024-06-01 12:07:46 -05:00
Jayne	0d71dab542	Merge branch 'prod' into dev	2024-06-01 12:07:15 -05:00
Actaeus Curabitur	dd60a1755c	updated nginx configuration	2024-06-01 12:04:18 -05:00
Actaeus Curabitur	c1fe7075c0	updated nextcloud nginx proxy, removing local proxy	2024-03-24 22:52:16 -05:00
Actaeus Curabitur	0c74876b91	Added auto-ballooning	2023-12-25 23:34:07 -06:00
Actaeus Curabitur	a8d74f2ea7	Added Readarr	2023-12-25 04:20:46 -06:00
Actaeus Curabitur	49f68f3dc5	added prowlarr	2023-12-25 03:26:25 -06:00
Actaeus Curabitur	08aac58570	Added Jellyseerr	2023-12-25 02:35:51 -06:00
Jayne	1cdc458c59	Merge pull request 'added per-service proxy header settings and set them for jellyfin' (#16 ) from nginx into prod Reviewed-on: #16	2023-12-06 01:26:46 -06:00
Actaeus Curabitur	65352d35d3	added per-service proxy header settings and set them for jellyfin	2023-12-06 01:25:50 -06:00
Actaeus Curabitur	9a2a216032	moved nextcloud to nextcloud.old since it's currently breaking system	2023-11-30 11:53:04 -06:00
Actaeus Curabitur	fad940750e	fixed nextcloud php config	2023-11-30 00:13:43 -06:00
Actaeus Curabitur	b9f116747b	Added bazarr pillar files	2023-09-21 21:54:05 -05:00
Actaeus Curabitur	e58f10fa4a	Added bazarr	2023-09-21 21:33:22 -05:00
Actaeus Curabitur	a7728079a4	fixed pacman config	2023-09-15 01:56:09 -05:00
Actaeus Curabitur	d4c8bd956c	fix trasmission issue on server start	2023-09-15 01:41:47 -05:00
Actaeus Curabitur	0e50eeb40e	Added jellyfin	2023-09-15 01:21:07 -05:00
Actaeus Curabitur	6e0a2f0e98	Added time sync	2022-11-15 15:56:18 -06:00
Actaeus Curabitur	c541738372	don't overwrite nextcloud config - prevents constant update attempts due to incorrect version number. Might need different fix down the road	2022-11-08 09:32:52 -06:00
Actaeus Curabitur	9f8e3eb0a8	Merge remote-tracking branch 'origin/qual' into dev	2022-09-22 11:08:08 -05:00
Actaeus Curabitur	0174b6effb	fix envs	2022-09-22 11:05:24 -05:00
Actaeus Curabitur	6bf8b07aee	Merge remote-tracking branch 'origin/dev' into qual	2022-09-21 09:08:12 -05:00
Actaeus Curabitur	0ca3588275	added resolver to pkg-cache	2022-09-21 09:07:12 -05:00
Actaeus Curabitur	e83ba523a5	changed mirror for pkg cache - old mirror did redirects that prevented caching	2022-09-14 06:34:56 -05:00