cronekorkn/bundlewrap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
bundlewrap/bundles
History
CroneKorkN 90f14b69e4
left4me: pull node-agnostic metadata into the bundle 
Nodes should only carry node-specific metadata. Previously each node
running left4me had to declare git_url, git_branch, secret_key, plus
nginx vhost / letsencrypt / monitoring / nftables-input blocks for
every game port. All of those are derivable from one truly node-
specific value: the domain.

Move into the bundle:
  - git_url + git_branch as defaults (override per-node only if needed).
  - secret_key as a per-node vault-derived value
    (random_bytes_as_base64_for f'{node.name} left4me secret_key',
    same convention as postgresql/mosquitto/etc.).
  - backup/paths defaults (set-merged with backup group / node paths).

Add a `derived_from_domain` reactor that reads left4me/domain and
emits:
  - nginx/vhosts/<domain> proxying 127.0.0.1:8000
  - letsencrypt/domains/<domain>
  - monitoring/services/left4me-web (curl /health)
  - nftables/input rules for the configured port range
    (defaults 27015-27115, derived from left4me/port_range_*).

Net effect: a node opting into left4me declares only
  metadata.left4me.domain = 'whatever.tld'
plus the universal node-level stuff (id, vm/cores, network, …).
2026-05-10 18:23:34 +02:00
..
apcupsd bundles/telegraf/items.py: use new bundle from isac 2026-01-11 09:44:16 +01:00
apt migrate to bundlewrap 5 2026-05-10 11:56:49 +02:00
archive wip 2021-06-20 10:16:03 +02:00
backup backup all doesnt stop on first error 2025-01-09 23:41:21 +01:00
backup-freshness-check exclude some dummies 2023-09-25 16:59:03 +02:00
backup-server exclude some dummies 2023-09-25 16:59:03 +02:00
bind bundles/telegraf/items.py: use new bundle from isac 2026-01-11 09:44:16 +01:00
bind-acme bind-acme: guard against letsencrypt clients without internal LAN 2026-05-10 18:23:21 +02:00
bootshorn bootshorn stuff 2025-08-24 15:23:17 +02:00
build-agent wol waker only allow wakeonlan command 2026-01-11 14:52:46 +01:00
build-ci wol waker only allow wakeonlan command 2026-01-11 14:52:46 +01:00
build-server build server htt check path 2022-09-05 15:01:49 +02:00
crystal update seom apt keys 2025-12-01 22:44:40 +01:00
dm-crypt dm-crypt import pool after decrypt 2022-01-11 18:29:21 +01:00
dovecot htz.mails debian 13 2025-08-10 15:10:46 +02:00
download-server migrate to bundlewrap 5 2026-05-10 11:56:49 +02:00
flask migrate to bundlewrap 5 2026-05-10 11:56:49 +02:00
freescout freescout readme 2024-11-23 11:51:31 +01:00
gcloud apt new sources format 2023-07-31 21:00:17 +02:00
gitea new ovh.secondary 2025-08-09 14:58:27 +02:00
gocryptfs wip 2021-06-20 15:09:33 +02:00
gocryptfs-inspect wip 2021-06-20 01:49:25 +02:00
gollum fix gollum ruby2.7 brings bundler and everything is strange 2021-10-27 17:14:54 +02:00
grafana more routeros grafana 2025-12-13 16:29:20 +01:00
grub nomodeset on nvidia gpu 2022-07-07 20:17:38 +02:00
hardware bundles/telegraf/items.py: use new bundle from isac 2026-01-11 09:44:16 +01:00
hetzner-cloud wip 2021-10-10 17:15:08 +02:00
hostname remove network metadata from dummy nodes 2022-10-08 00:11:00 +02:00
hosts wip 2021-08-13 01:19:31 +02:00
htop htop cpu frq 2023-07-28 01:34:48 +02:00
icinga2 TOTAL FACKUP 2024-11-23 09:52:22 +01:00
icingaweb2 fix annoying icingaweb redirect to empty page 2025-07-13 14:04:50 +02:00
ifupdown proxmox 2025-06-29 12:24:50 +02:00
influxdb2 migrate to bundlewrap 5 2026-05-10 11:56:49 +02:00
islamicstate.eu wip 2021-07-16 00:47:48 +02:00
java java headless 2023-07-28 02:20:27 +02:00
kea-dhcpd update router 2025-08-09 23:08:06 +02:00
left4dead2 comment out slow download workshop maps 2026-03-07 14:41:12 +01:00
left4me left4me: pull node-agnostic metadata into the bundle 2026-05-10 18:23:34 +02:00
letsencrypt homeassistant letsencrypt 2025-07-13 13:10:37 +02:00
linux linux relax icmp ratelimit 2026-02-10 19:38:14 +01:00
locale remove unnecessary locales 2025-08-09 22:45:19 +02:00
lonercrew ci check branch 2022-03-13 18:40:55 +01:00
macbook pyenv install --skip-existing 2025-08-03 22:35:29 +02:00
mailman mailman readme 2025-07-12 14:04:44 +02:00
mailserver hooks/test_ptr_records.py: introduce 2026-01-11 10:18:21 +01:00
mailserver-autoconfig TOTAL FACKUP 2024-11-23 09:52:22 +01:00
mariadb mariadb fixed 2025-06-29 12:24:59 +02:00
minecraft wip 2021-10-10 17:19:08 +02:00
mirror wip 2021-07-06 00:24:58 +02:00
monitored migrate to bundlewrap 5 2026-05-10 11:56:49 +02:00
mosquitto letsencrypt dns challenge 2021-11-08 10:49:37 +01:00
network migrate to bundlewrap 5 2026-05-10 11:56:49 +02:00
nextcloud nc preview:pre-generate --no-interaction -vvv 2026-03-09 12:02:56 +01:00
nextcloud-picsort nc picsort in python 2026-03-09 11:59:47 +01:00
nftables fix indent 2025-07-11 23:55:33 +02:00
nginx yurlls fix monitoring and use dehydrated certs 2025-06-29 14:46:39 +02:00
nginx-rtmps nginx: more managed, hopefully survives updates 2023-07-28 02:34:37 +02:00
nodejs apt new sources format 2023-07-31 21:00:17 +02:00
opendkim cache slow rsa generation to disk 2022-10-19 00:23:56 +02:00
openhab apt source multiple urls 2023-08-01 12:15:49 +02:00
php freescout 2024-09-05 21:57:33 +02:00
pip left4dead: only individual server workshop downloads 2022-12-03 19:51:13 +01:00
postfix bundles/telegraf/items.py: use new bundle from isac 2026-01-11 09:44:16 +01:00
postgresql migrate to bundlewrap 5 2026-05-10 11:56:49 +02:00
pppoe ovh.secondary cake 2025-08-09 21:33:26 +02:00
proxmox-ve update home.server to trixie 2026-03-07 14:41:59 +01:00
pyenv homeassistant-supervised 2024-06-11 18:40:22 +02:00
raspberry-pi migrate to bundlewrap 5 2026-05-10 11:56:49 +02:00
raspberrymatic-cert migrate to bundlewrap 5 2026-05-10 11:56:49 +02:00
rbenv rbenv 2022-12-30 14:58:30 +01:00
redis htz.mails debian 13 2025-08-10 15:10:46 +02:00
roundcube bundles/roundcube/files/config.inc.php: smtp use domain name from cert instead of localhost 2026-01-11 11:32:36 +01:00
routeros mikrotik snmp monitoring 2025-12-13 15:02:37 +01:00
routeros-monitoring telegraf deprications 2026-03-09 12:29:24 +01:00
rspamd disable broken clamav-clamonacc 2023-07-28 02:20:52 +02:00
samba zfs fixes and default tank is on ssd now 2022-09-18 15:39:36 +02:00
smartctl bundles/telegraf/items.py: use new bundle from isac 2026-01-11 09:44:16 +01:00
ssh update home.server to trixie 2026-03-07 14:41:59 +01:00
steam-chat-logger disable steam logger, package is broken 2023-12-11 09:38:49 +01:00
steam-chat-viewer bundle steam-chat-viewer 2022-06-01 20:09:28 +02:00
steam-workshop-download left4dead: only individual server workshop downloads 2022-12-03 19:51:13 +01:00
stromzaehler openhab web 2021-11-04 22:24:33 +01:00
sudo dont purge sudoers 2025-08-09 22:46:01 +02:00
system hardware and monitoring 2021-11-18 23:37:14 +01:00
systemd systemd: accept .slice extension in unit-file routing 2026-05-10 17:00:45 +02:00
systemd-journald homeassistant-supervised 2024-06-11 18:40:22 +02:00
systemd-mount systemd mount defaults 2023-04-20 11:09:08 +02:00
systemd-networkd netword remove netplan 2025-08-09 21:33:35 +02:00
systemd-swap htz.mails debian 13 2025-08-10 15:10:46 +02:00
systemd-timers mailman poc email sent 2025-07-12 13:53:46 +02:00
tasmota-charge bundles/telegraf/items.py: use new bundle from isac 2026-01-11 09:44:16 +01:00
telegraf migrate to bundlewrap 5 2026-05-10 11:56:49 +02:00
twitch-clip-download twitch-clip-download 2023-04-20 11:09:09 +02:00
users wol waker only allow wakeonlan command 2026-01-11 14:52:46 +01:00
wireguard migrate to bundlewrap 5 2026-05-10 11:56:49 +02:00
wol-sleeper wol waker only allow wakeonlan command 2026-01-11 14:52:46 +01:00
wol-waker wol waker only allow wakeonlan command 2026-01-11 14:52:46 +01:00
wordpress freescout 2024-09-05 21:57:33 +02:00
wpa-supplicant wpa_supplicant 2021-10-28 23:02:40 +02:00
yourls yurlls fix monitoring and use dehydrated certs 2025-06-29 14:46:39 +02:00
zfs bundles/telegraf/items.py: use new bundle from isac 2026-01-11 09:44:16 +01:00
zfs-mirror zfs mirror fix ping wrong param 2022-10-10 10:28:45 +02:00
zsh freescout 2024-09-05 21:57:33 +02:00
AGENTS.md docs: per-bundle docs are README.md, not AGENTS.md 2026-05-10 16:02:24 +02:00