| Age | Commit message (Collapse) | Author |
|---|
|
Amp-Thread-ID: https://ampcode.com/threads/T-019c1392-78a3-7440-9d95-1a1b2fd7dfec
Co-authored-by: Amp <amp@ampcode.com>
|
|
Amp-Thread-ID: https://ampcode.com/threads/T-019c1392-78a3-7440-9d95-1a1b2fd7dfec
Co-authored-by: Amp <amp@ampcode.com>
|
|
This reverts commit 0818e6d7d06c5026dd33a6313480a21b1c555ae8.
|
|
Amp-Thread-ID: https://ampcode.com/threads/T-019c1392-78a3-7440-9d95-1a1b2fd7dfec
Co-authored-by: Amp <amp@ampcode.com>
|
|
Amp-Thread-ID: https://ampcode.com/threads/T-019c1392-78a3-7440-9d95-1a1b2fd7dfec
Co-authored-by: Amp <amp@ampcode.com>
|
|
Amp-Thread-ID: https://ampcode.com/threads/T-019c12b1-e861-773b-8f74-64b6c2255a5f
Co-authored-by: Amp <amp@ampcode.com>
|
|
Amp-Thread-ID: https://ampcode.com/threads/T-019c12b1-e861-773b-8f74-64b6c2255a5f
Co-authored-by: Amp <amp@ampcode.com>
|
|
Amp-Thread-ID: https://ampcode.com/threads/T-019c12b1-e861-773b-8f74-64b6c2255a5f
Co-authored-by: Amp <amp@ampcode.com>
|
|
Amp-Thread-ID: https://ampcode.com/threads/T-019c12b1-e861-773b-8f74-64b6c2255a5f
Co-authored-by: Amp <amp@ampcode.com>
|
|
|
|
|
|
|
|
- Skip ipv4/ipv6 prefixed hosts from main check loop (no www/standby variants)
- Add separate checks with appropriate IP version only:
- ipv4.ipv6test.f3s.buetow.org: IPv4 HTTP check only
- ipv6.ipv6test.f3s.buetow.org: IPv6 HTTP check only
Amp-Thread-ID: https://ampcode.com/threads/T-019c08b8-cd58-73e9-8a1d-c8f124223367
Co-authored-by: Amp <amp@ampcode.com>
|
|
Amp-Thread-ID: https://ampcode.com/threads/T-019c086d-c760-779d-b740-0f748094b62a
Co-authored-by: Amp <amp@ampcode.com>
|
|
Amp-Thread-ID: https://ampcode.com/threads/T-019c086d-c760-779d-b740-0f748094b62a
Co-authored-by: Amp <amp@ampcode.com>
|
|
Amp-Thread-ID: https://ampcode.com/threads/T-019c086d-c760-779d-b740-0f748094b62a
Co-authored-by: Amp <amp@ampcode.com>
|
|
Amp-Thread-ID: https://ampcode.com/threads/T-019c086d-c760-779d-b740-0f748094b62a
Co-authored-by: Amp <amp@ampcode.com>
|
|
Amp-Thread-ID: https://ampcode.com/threads/T-019c086d-c760-779d-b740-0f748094b62a
Co-authored-by: Amp <amp@ampcode.com>
|
|
Amp-Thread-ID: https://ampcode.com/threads/T-019c086d-c760-779d-b740-0f748094b62a
Co-authored-by: Amp <amp@ampcode.com>
|
|
- Add meta tags to prevent browser caching of fallback page
- Add response header directives in relayd to set Cache-Control headers
- Prevents cached fallback page from being served when cluster comes back online
Amp-Thread-ID: https://ampcode.com/threads/T-019c0589-2021-71cc-a2ba-2cd942f4fdef
Co-authored-by: Amp <amp@ampcode.com>
|
|
- Add explicit httpd server blocks for f3s.buetow.org and *.f3s.buetow.org on port 8080
- These blocks serve /htdocs/f3s_fallback with request rewrite to /index.html
- Prevents httpd from falling back to blowfish.buetow.org's directory autoindex
- Now correctly shows fallback page for all f3s hosts when k3s cluster is unreachable
Amp-Thread-ID: https://ampcode.com/threads/T-019c00f6-c61d-772a-8fe2-dc0aee0a4ce2
Co-authored-by: Amp <amp@ampcode.com>
|
|
|
|
Set MinNotifyIntervalS to 3600 (1 hour) to batch email notifications.
Gogios will only send emails when both the interval has elapsed AND
there's been a state change. HTML reports continue updating on every run.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
|
|
|
- Add all 18 f3s hosts to @acme_hosts for certificate issuance
- Skip standby certificate variants for f3s hosts (not needed for k3s cluster)
- Add port 80 ACME challenge blocks to httpd for all f3s hosts
- Add port 8080 fallback page blocks to httpd for f3s hosts (when cluster is down)
- Update relayd.conf.tpl to skip standby keypairs for f3s hosts
- Update acme-client.conf.tpl to skip standby certificates for f3s hosts
Fixes missing certificates on flux.f3s.buetow.org, anki.f3s.buetow.org, and other f3s services
|
|
|
|
|
|
|
|
|
|
- Add solarcat DNS records, httpd server block, and ACME host
- Re-enable Prometheus and WG0 ping notifications in gogios
- Remove paul.cyou from DNS zones
- Cleanup duplicate definitions in Rexfile
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Created hosts.wg.append with IPv4 and IPv6 addresses for all 10
WireGuard mesh hosts (blowfish, fishfinger, f0-f2, r0-r2, earth, pixel7pro).
This file can be appended to /etc/hosts on mesh participants to enable
hostname resolution for WireGuard mesh addresses.
Applied to blowfish and fishfinger OpenBSD gateways.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
- Add IPv6 (proto 6) ping monitoring for all WireGuard mesh hosts
- Fix syntax error in protocol list (4 6 -> 4, 6)
- Update AGENTS.md path format to file:// URL
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
|
|
- Add node resources multi-select dashboard for Prometheus
- Update gogios cron schedule and add HTML status file output
- Update Prometheus scrape configs
- Add gogios documentation
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
Enable IPv6 support for WireGuard mesh network on OpenBSD gateways:
- Added NAT66 rule using NPTv6 to translate ULA addresses to public IPv6
- Added IPv6 UDP pass rule for WireGuard port 56709
- Maintains existing IPv4 NAT and firewall rules
This allows roaming clients to route IPv6 traffic through the VPN gateways
and access IPv6 internet resources using the gateway's public IPv6 address.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
- Add pf.conf template with WireGuard NAT rules for roaming clients (earth, pixel7pro)
- Add Rex task to deploy pf.conf to both OpenBSD frontends (blowfish, fishfinger)
- Document WireGuard roaming client implementation plan and limitations
- NAT rules enable roaming clients to route all traffic through VPN gateways
- Firewall rules allow incoming WireGuard connections on UDP port 56709
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
|
|
Adding DNS/frontend configuration for the new git server
|
|
|
