il
a6bba986a5
fix(crowdsec): update whitelist.yaml to prevent false positive
...
false positive:
- outline session problem (LePresidente/http-generic-401-bf)
2026-05-17 00:00:46 +09:00
il
24eff8f3eb
chore(outline): fix HSTS annotation typo
2026-05-16 21:16:28 +09:00
il
9be4276676
feat(memos): release memos
...
deployment notes:
- compare to Affine, maybe outline + memos can be substituted for affine
2026-05-16 21:04:53 +09:00
il
1256122081
feat(outline): release outline
...
deployment notes:
- compare to Affine (Affine is heavy and their whtieboard and canvas is not used enough)
- don't restart this when it initiates, redis lock causes failure
2026-05-16 20:56:43 +09:00
il
f28661e664
refactor(convention): add existing 'site' tag to convention
2026-05-15 10:16:36 +09:00
il
a09712c142
refactor(script): update edit_secret.sh to optimize log print logic
2026-05-15 10:12:42 +09:00
il
a7e2320b21
chore(script): archive a extract_secret.sh script
...
archived stack: extract_secret.sh
2026-05-15 09:19:59 +09:00
il
24c83029e9
refactor(playbook): update convention and remove deprecated tag
...
update notes:
- remove tags 'update', 'upgrade' from convention.yaml
- remove tags 'update' from playbooks/app/site.yaml
2026-05-15 09:04:51 +09:00
il
ac64b3c04e
docs(readme): add RPO on readme
2026-05-13 17:12:59 +09:00
il
26d696f813
refactor(all): update hardcoded internal domain to ansible variable
2026-05-12 08:08:04 +09:00
il
1096981ef2
feat(paperless): change paperless OCR engine model from tesseract_fast to tesseract_best
2026-05-12 08:00:37 +09:00
il
e1936b494d
fix(crowdsec): update whitelist.yaml to prevent false positive
...
false positive:
- nextcloud chunk problem (crowdsecurity/http-crawl-non_statics)
- change expression 'chunks.mjs' to 'chunk.mjs'
2026-05-11 19:40:50 +09:00
il
0afc841b69
chore(chromium): archive a removed stack from console
...
archived stack: chromium
2026-05-11 19:37:25 +09:00
il
a39122eb4b
fix(crowdsec): update whitelist.yaml to prevent false positive
...
false positive:
- nextcloud chunk problem (crowdsecurity/http-crawl-non_statics)
2026-05-11 19:34:22 +09:00
il
0f4da0bb53
feat(backup): add archiving of runtime binary packages
2026-05-11 01:37:15 +09:00
il
1dd1c53e2a
feat(backup): add archiving of deployed container images
2026-05-11 00:52:28 +09:00
il
530407c162
refactor(all): update hardcoded timezone 'Asia/Seoul' to ansible variable 'timezone'
2026-05-10 18:44:28 +09:00
il
11ab2f5205
fix(sure): correct task name and subuid variable reference
2026-05-10 14:39:54 +09:00
il
4527e39d0f
chore(app): archive removed stacks from app
...
archived stacks:
- actual-budget
- ezbookkeeping
- opencloud
- trilium
- vikunja
- wikijs
2026-05-10 00:07:51 +09:00
il
02fa912cb1
feat(trilium): release trilium
...
deployment notes:
- oidc error (users cannot access at once, it needs login twice when using oidc
2026-05-09 22:38:57 +09:00
il
aceef4bdaa
refactor(authelia): update authelia.yaml.j2 to fix redirect_uris from hardcoded uris to ansible variables
2026-05-09 21:44:11 +09:00
il
64aad4fcf0
docs(all): fix markdown syntax and snippets
2026-05-09 20:54:32 +09:00
il
81244d55a7
feat(wiki.js): release wiki.js
...
deployment notes:
- use this as personal/family wiki system
- compare to affine / memos and triliumNext
2026-05-09 17:50:05 +09:00
il
1cfd024285
refactor(x509-exporter): update notification to restart x509-exporter when its config.yaml is changed
2026-05-09 17:42:35 +09:00
il
26115c5660
feat(redis): update redis from 8.6.1 to 8.6.3
...
update notes:
- run 'ansible-playbook playbooks/app/site.yaml --tags "site"' so that update all redis at onece
2026-05-09 13:55:28 +09:00
il
acef35ca8b
feat(postgresql): update postgresql and vectorchord extension
...
update notes:
- update postgresql version from 18.2 to 18.3
- update vectorchord version from 0.5.3 to 1.1.1
- add update flow and notice to postgresql.md
2026-05-09 13:54:10 +09:00
il
b531170bd7
feat(vaultwardne): update vaultwarden from 1.35.8 to 1.36.0
2026-05-09 12:56:22 +09:00
il
ad586c3cd3
feat(grafana): update grafana from 12.3.3 to 13.0.1
2026-05-09 12:50:36 +09:00
il
6dfef08f7b
feat(prometheus): update prometheus from v3.9.1 to v3.11.3
2026-05-09 12:44:44 +09:00
il
934dd314a8
feat(x509-exporter): update x509-exporter from 3.21.0 to 4.1.0
...
update notes:
- '--listen-address' and '--watch-dir' cli flags are deprecated
- add '--config' cli flag and config.yaml
2026-05-09 12:44:05 +09:00
il
2529a918df
feat(loki): update loki version from 3.6.5 to 3.7.1
2026-05-09 12:17:16 +09:00
il
7dfa20d3dd
feat(ldap): update lldap version from 0.6.2 to 0.6.3
2026-05-09 11:56:19 +09:00
il
329620c7d7
feat(alloy): update alloy version from 1.13.0 to 1.16.1
2026-05-09 11:52:25 +09:00
il
f820e89cf6
refactor(roles): update binary application installation flow
...
update notes:
- keep set_cli_tools responsible only for console CLI tools
- download and install kopia from the kopia role
- download and install blocky from the blocky role
- download and install alloy from the alloy role
- reduce console artifact staging for service binaries
2026-05-09 10:46:29 +09:00
il
a05951f883
fix(crowdsec): optimize whitelist expressions
...
update notes:
- add http_status and http_verb for each expressions (actual budget, immich, opencloud)
- fix crowdsec and issues documents
2026-05-07 10:32:11 +09:00
il
b404a9e459
fix(crowdsec): update whitelist.yaml to prevent false positive
...
false positive:
- nextcloud thumbnail/preview 404 problem (crowdsecurity/http-probing)
2026-05-07 10:27:34 +09:00
il
3b4b56f53f
fix(nftables): update fw nftables to allow vpn connection regardless of crowdsec ban
2026-05-07 09:22:49 +09:00
il
f697715065
feat(sure): release sure (we-promise/sure)
...
deployment notes:
- let's try three of budget apps, actual budget, ezbookkeeping, and sure
2026-05-06 18:52:31 +09:00
il
be7f215380
feat(ezbookkeeping): release ezbookkeeping
...
deployment notes:
- use ezbookkeeping for budget
- compare to actual budget
- it has no RBAC and sharing budget, try to sure (we-promise/sure)
2026-05-06 15:56:19 +09:00
il
26e0fe4f8b
docs(ADR): update ADR 007 - backup to add checking rule and flows
2026-05-06 14:30:25 +09:00
il
2bb1f015e0
fix(kopia): update the bound home path from %h to ansible variable
...
update note:
- hotfix
- backups haven't run since commit '9f236b6fa5'
- the root service unit's %h always indicates root's home path
- backup service is verified
2026-05-06 14:06:22 +09:00
il
0f546e13b3
fix(btrfs): update btrfs scrub path
...
update notes:
- from '{{ node['home_path'] }}/data' to '{{ storage['btrfs']['mount_point'] }}'
2026-05-06 10:33:57 +09:00
il
ba8b312bf2
feat(btrfs): update btrfs scrub service and timer on app vm
2026-05-06 08:15:53 +09:00
il
6fcedd9162
feat(collabora): release collabora
...
deployment note:
- link to nextcloud
- document opening is verified (including korean fonts)
2026-05-05 21:20:31 +09:00
il
6ca4f61d50
docs(nextcloud): update security warning decisions and background job annotation
...
update notes:
- trusted_proxies warning
- HSTS option warning
- background job mode annotation
2026-05-05 20:09:00 +09:00
il
15c09cb899
docs(nextcloud): update how to disable auto generated contacts from nextcloud account
2026-05-03 12:05:11 +09:00
il
880857a70a
fix(crowdsec): update parser 'crowdsecurity/nextcloud-whitelist'
...
update note:
- deprecate custom whitelist expression
- apply 'crowdsecurity/nextcloud-whitelist' parser
2026-05-03 07:19:59 +09:00
il
70bf539546
docs(issues): fix crowdsec whitelist regex to whitelist expressions
2026-05-02 20:40:10 +09:00
il
5dd38b7e49
fix(crowdsec): update whitelist.yaml to prevent false positive
...
false positive:
- chunk problems (crowdsecurity/http-crawl-non_statics)
- directory upload 404 problem (crowdsecurity/http-probing)
2026-05-02 20:38:48 +09:00
il
33d94211d1
docs(issues): fix crowdsec command 'cscli decision list' to 'cscli decision delete'
2026-05-02 19:46:51 +09:00
il