- Jul 16, 2021
-
-
Kristian Klausen authored
Fixes: cf9c92fd ("dovecot: Disable POP3")
-
Kristian Klausen authored
Implicit TLS is the future[1]. [1] https://datatracker.ietf.org/doc/html/rfc8314
-
Kristian Klausen authored
No one uses it and less to worry about. Fix #205
-
Kristian Klausen authored
Restrict the mail users to passwd and decouple the mailboxes from the system user See merge request !450
-
Kristian Klausen authored
The homedir is now /home/vmail/%d/%n instead of /home/$USER. Preparation for switching to a virtual user setup and removing all the staff users from mail.a.o.
-
Kristian Klausen authored
The users are only meant as a way to change the mail password and setting up forwarding (~/.forward), the latter will be handled by the DevOps team now.
-
- Jul 15, 2021
-
-
Kristian Klausen authored
Fixes: 678845af ("Add Kape server IPv6 addresses (fixes #230)")
-
- Jul 14, 2021
-
-
Jelle van der Waa authored
Add redirects for git.archlinux.org using a map See merge request !439
-
Jelle van der Waa authored
-
- Jul 13, 2021
-
-
Evangelos Foutras authored
Increase zram-fraction to 1.0 for lists.archlinux.org See merge request !460
-
Evangelos Foutras authored
It's been running out of swap during borg-backup and seems to get good compression ratios; try upping the zram size to 100% of RAM (from 50%).
-
- Jul 12, 2021
-
-
Jelle van der Waa authored
Add fail2ban exporter See merge request !457
-
Jelle van der Waa authored
The fail2ban exporter exports the amount of bans per jail.
-
Jelle van der Waa authored
-
Jelle van der Waa authored
-
Jelle van der Waa authored
-
Jelle van der Waa authored
-
Evangelos Foutras authored
hcloud_inventory: Optimize --list to avoid --host calls See merge request !459
-
Evangelos Foutras authored
By adding a top-level element called "_meta" to the --list response, Ansible will not call the inventory script with --host for each host thus saving a lot of time and many requests to the Hetzner Cloud API. The speed-up is significant; `ansible-inventory --list` is down from about 1 minute to just 7 seconds in my testing (with ~60ms latency).
-
Evangelos Foutras authored
As per the following deprecation warning (even though it has a typo): [DEPRECATION WARNING]: [defaults]callback_whitelist option, normalizing names to new standard, use callback_enabled instead. This feature will be removed from ansible-core in version 2.15. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. [1] https://github.com/ansible/ansible/pull/74845
-
Jelle van der Waa authored
-
Evangelos Foutras authored
zswap seems like the better choice when a backing swap partition exists.
-
Evangelos Foutras authored
Remove zram size limit and disable zswap when using zram See merge request !458
-
Evangelos Foutras authored
When both zswap and zram are active, zswap sits in front of zram and treats it as a backing store. We just want to use zram and not zswap disguising itself as such; disable the latter so we can enjoy useful zramctl statistics. Implemented as tmpfiles.d/zram.conf which disables zswap at runtime.
-
Evangelos Foutras authored
Restarting swap.target doesn't apply configuration changes; instead we can restart systemd-zram-setup@zram0 which seems to do what we wanted.
-
Evangelos Foutras authored
Set "max-zram-size = none" to disable this unwanted limitation which defaulted to creating zram-based swap with a maximum size of 4096MiB. Fixes: dc8fa2bd ("common: Replace deprecated systemd-swap[1] with zram-generator")
-
Jelle van der Waa authored
Redirect fail2ban log to SYSLOG Closes #322 See merge request !456
-
-
Evangelos Foutras authored
The upstream branch is set by the earlier "git pull --set-upstream".
-
Kristian Klausen authored
Ref #374
-
Kristian Klausen authored
Onboard alerque as new TU See merge request !449
-
Kristian Klausen authored
Ref #373
-
- Jul 11, 2021
-
-
Jelle van der Waa authored
Add a default rate limit for 20 req/s for the uwsgi endpoint and automatically ban users who reach this limit. The nginx-limit-req rule does not ban users who reach the rss limit as these are not likely DoS attempts.
-
Evangelos Foutras authored
Mark "Free Space (Hetzner)" metric as instant for faster updates.
-
- Jul 10, 2021
-
-
Kristian Klausen authored
Extend onboarding by more explicit information See merge request !418
-
David Runge authored
.gitlab/issue_templates/Onboarding.md: Create the ticket as confidential by default (using a short action). Make the required information in the Details section more explicit and add entries that are relevant when creating an SSO and/or archweb account. Add a note for sponsors of new users, so that they also add a clearsigned version of the data they provide. Add a dot at the end of each sentence. Make the entries for mailing list operations more generic and rely on the *communication e-mail address*, which may be the user's personal mail address or a newly created @archlinux.org mail address. Add warning message about creating a confidential ticket when providing personal data. Add checkbox to remind about the removal of personal information, removal of description history and setting the ticket to be non-confidential (if it has been confidential due to personal data). Add checkbox that reminds setting the Team member username to the @-prefixed username on gitlab (after the user has logged in).
-
Kristian Klausen authored
prometheus_exporters: Improve arch-textcollector See merge request !453
-
Add number of pacnew/pacsave files and print non explicit installed optdepends as orphans as well.
-
Kristian Klausen authored
archweb: Add robots.txt Closes #358 See merge request !452
-
Closes #358
-