polpetta/server-dotfiles
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
86 Commits 3 Branches 0 Tags
Commit Graph

86 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Davide Polonio
6a81048432 fix(patrizio): remove dns override causing chicken-and-egg on startup 2026-04-06 22:50:44 +02:00
Davide Polonio
a37a359df0 fix(patrizio): remove unsupported --netfilter-mode flag from tailscaled 2026-04-06 22:49:07 +02:00
Davide Polonio
5f69d3b389 fix(patrizio): move extra_hosts to tailscale service 
Containers using network_mode: service:X share the target container's
network namespace including /etc/hosts. Move the ollama hosts entry
to the tailscale service so it applies to the shared namespace.
 2026-04-06 22:47:21 +02:00
Davide Polonio
c2ff70f79d fix(patrizio): add extra_hosts to resolve ollama to tailscale IP 
MagicDNS is broken in the container (DNS proxy returns SERVFAIL with
'no upstream resolvers set'). Use extra_hosts as a reliable workaround
to ensure ollama.lan.poldebra.me resolves to its Tailscale IP 100.64.0.7
instead of the server's public IP which has an expired cert.
 2026-04-06 22:46:03 +02:00
Davide Polonio
ddc7e5a1b6 fix(patrizio): fix MagicDNS resolution for ollama.lan.poldebra.me 
- Run tailscaled with --netfilter-mode=off to avoid iptables failures
  in the container, which were breaking the MagicDNS proxy at 100.100.100.100
- Set dns: 100.100.100.100 so Docker forwards DNS queries to Tailscale's
  MagicDNS proxy instead of Contabo's public DNS, which was resolving
  ollama.lan.poldebra.me to the server's public IP instead of the tailnet IP
 2026-04-06 22:40:21 +02:00
Davide Polonio
8bedfa2cff fix(docker-compose): correct indentation in tailscale command 
Normalize whitespace and indentation in the tailscale service command
block for better readability and consistency with yaml formatting
standards.
 2026-04-06 19:32:27 +02:00
Davide Polonio
e37fa81f7c feat(docker-compose): add environment file for tailscale service 
Load tailscale configuration from external env_file for better
secrets management and configuration portability
 2026-04-06 19:31:13 +02:00
Davide Polonio
a949387058 Remove extra DNS records from Patrizio Tailscale service 
Remove hardcoded DNS A records for pi.hole, pihole.lan.poldebra.me, and
ollama.lan.poldebra.me from the Tailscale container configuration. These DNS
entries are no longer needed in the docker-compose configuration.
 2026-04-06 19:28:45 +02:00
Davide Polonio
ec155abe4a feat(patrizio): configure Tailscale DNS and automatic connection 
Add custom DNS records for internal services (pihole and ollama) and configure
Tailscale to start automatically with accept-dns flag and custom login server.
Remove static DNS configuration in favor of extra_records approach.

Signed-off-by: Davide Polonio <davide.polonio@infinitaslearning.com>
 2026-04-06 19:25:50 +02:00
Davide Polonio
d8eac547e8 feat(patrizio): add Cloudflare DNS as fallback for Tailscale 
Add 1.1.1.1 as secondary DNS server to ensure DNS resolution continues
working if Tailscale DNS (100.64.0.4) becomes unavailable.
 2026-04-06 19:21:45 +02:00
Davide Polonio
5d96b58fa0 fix(patrizio): simplify tailscale container configuration 
Remove unnecessary shell wrapper and startup delay from tailscale
service. Configure DNS directly in docker-compose instead of relying
on --accept-dns flag. This streamlines the container startup process
and removes the 5-second artificial delay.
 2026-04-06 19:19:52 +02:00
Davide Polonio
af8630bcf7 feat(docker-compose): configure custom Tailscale login server 
Add --login-server flag to tailscale up command to use custom VPN server at
vpn.poldebra.me instead of default Tailscale coordination server.
 2026-04-06 19:18:44 +02:00
Davide Polonio
454bac9155 feat: configure Tailscale to run as daemon with DNS acceptance 
Update docker-compose.yml to run tailscaled as a background daemon and execute
tailscale up with DNS acceptance flag. This replaces the previous env_file
configuration approach.
 2026-04-06 19:17:01 +02:00
Davide Polonio
52313faac2 refactor(patrizio): move tailscale environment to dedicated env file 
Replace inline environment variable with env_file reference for better
configuration management. Remove redundant tailscaled command as it's
the default entrypoint.
 2026-04-06 19:11:42 +02:00
Davide Polonio
03d882907d feat(patrizio): enable DNS configuration in tailscale service 
Add TS_ACCEPT_DNS environment variable to allow tailscale to manage DNS settings
for the patrizio container.
 2026-04-06 19:07:04 +02:00
Davide Polonio
8cf346db12 feat(headscale): add ACL rule for Patrizio to access web services 
Add new ACL entry allowing Patrizio tagged devices to access web
services on port 443. Also reformat the entire acl.json file with
consistent 2-space indentation for better readability.
 2026-04-06 18:57:38 +02:00
Davide Polonio
dc740ece40 feat(docker): configure patrizio service to use tailscale network 
Add network_mode configuration to patrizio service to connect it through the
tailscale service network, enabling secure private network access.
 2026-04-06 18:33:21 +02:00
Davide Polonio
c3cd273219 feat(docker-compose): mount patrizio config file into container 
Add read-only volume mount for patrizio.toml configuration file to make it
accessible within the container at /etc/patrizio/patrizio.toml
 2026-04-06 18:17:48 +02:00
Davide Polonio
44d7a89fc8 fix: remove internal network assignment from tailscale service 
The tailscale service no longer needs to be explicitly connected to the internal
network in the docker-compose configuration.
 2026-04-06 18:06:04 +02:00
Davide Polonio
ba23e35f7e feat(docker): add Tailscale sidecar container and configure networking 
- Add Tailscale container with hostname 'patrizio' for network connectivity
- Configure health check for Tailscale service availability
- Make patrizio service depend on healthy Tailscale container
- Mount required volumes for Tailscale state and kernel modules
- Grant necessary capabilities (net_admin, sys_module, net_raw) for VPN operation
- Add internal network configuration for service isolation
- Switch patrizio to use published image (ghcr.io/polpetta/patrizio-bot:v0.2.0)
- Standardize logging configuration across both services
 2026-04-06 18:03:36 +02:00
Davide Polonio
b9ee458c11 feat: port old dockerfile definition 2026-04-06 17:49:59 +02:00
Davide Polonio
2d21e0c994 chore: bump searXNG 2026-03-08 16:32:10 +01:00
Davide Polonio
44cbc30823 chore: small headscale bump 2026-03-08 15:50:21 +01:00
Davide Polonio
828bb21c7d chore: update gitignore 2026-02-27 22:30:54 +01:00
Davide Polonio
3b29c0fce8 chore: bump Firefly version
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-09-21 12:06:49 +02:00
Davide Polonio
e088f8273f chore: remove version warning
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-09-17 22:10:13 +02:00
Davide Polonio
cad60c983f chore: bump Mail service to latest version
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-09-17 22:09:36 +02:00
Davide Polonio
90a9d419e6 fix: set proper healthcheck endpoint
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-05-14 18:46:09 +02:00
Davide Polonio
a9d15d5ca1 feat: additional iteration over acl, now simpler
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-05-01 18:07:09 +02:00
Davide Polonio
67e8b43807 feat: link new acl config 2025-05-01 17:42:03 +02:00
Davide Polonio
23a08ba8f2 feat: first vpn acl setup 2025-05-01 17:06:55 +02:00
Davide Polonio
a07f21af3b chore: bump Headscale to latest version
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-05-01 16:17:19 +02:00
Davide Polonio
9d366364ef chore: remove obsolete version entry
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-05-01 13:05:51 +02:00
Davide Polonio
959dc5af5a chore: update fireflyiii (#42)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #42
Co-authored-by: Davide Polonio <poloniodavide@gmail.com>
Co-committed-by: Davide Polonio <poloniodavide@gmail.com>
 2025-04-04 19:09:08 +02:00
Davide Polonio
607d2b2489 chore: update gitea (#41)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #41
Co-authored-by: Davide Polonio <poloniodavide@gmail.com>
Co-committed-by: Davide Polonio <poloniodavide@gmail.com>
 2025-04-04 18:49:30 +02:00
Davide Polonio
bf734085a9 chore: update mail server (#40)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #40
Co-authored-by: Davide Polonio <poloniodavide@gmail.com>
Co-committed-by: Davide Polonio <poloniodavide@gmail.com>
 2025-04-04 18:39:08 +02:00
Davide Polonio
a883df03b4 chore: update gitignore
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-04-04 18:30:30 +02:00
Davide Polonio
66fa1d8b38 chore: update searxng (#39)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #39
Co-authored-by: Davide Polonio <poloniodavide@gmail.com>
Co-committed-by: Davide Polonio <poloniodavide@gmail.com>
 2025-04-04 18:28:36 +02:00
Davide Polonio
9f650639bb feat: add kodokanjudoeste.org WP hosting (#38)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #38
Co-authored-by: Davide Polonio <poloniodavide@gmail.com>
Co-committed-by: Davide Polonio <poloniodavide@gmail.com>
 2025-03-07 16:44:32 +01:00
Davide Polonio
51053abc25 feat: add FireflyIII (#37)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #37
Co-authored-by: Davide Polonio <poloniodavide@gmail.com>
Co-committed-by: Davide Polonio <poloniodavide@gmail.com>
 2025-01-26 17:45:51 +01:00
Davide Polonio
9f128430ba feat: migrate Diary to VPN only access (#36)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #36
Co-authored-by: Davide Polonio <poloniodavide@gmail.com>
Co-committed-by: Davide Polonio <poloniodavide@gmail.com>
 2025-01-12 22:09:22 +01:00
Davide Polonio
6058545dd4 chore: switch to new reverse proxy images (#35)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #35
Co-authored-by: Davide Polonio <poloniodavide@gmail.com>
Co-committed-by: Davide Polonio <poloniodavide@gmail.com>
 2025-01-06 13:32:20 +01:00
Davide Polonio
4312a74504 chore: upgrade headscale to 0.23.x (#34)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #34
Co-authored-by: Davide Polonio <poloniodavide@gmail.com>
Co-committed-by: Davide Polonio <poloniodavide@gmail.com>
 2025-01-06 13:29:48 +01:00
Davide Polonio
54732efe29 chore: upgrade mailserver (#33)
All checks were successful
continuous-integration/drone Build is passing
Details
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #33
Co-authored-by: Davide Polonio <poloniodavide@gmail.com>
Co-committed-by: Davide Polonio <poloniodavide@gmail.com>
 2024-08-04 13:26:48 +02:00
Davide Polonio
85545c9a17 chore: remove commented section (#32)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #32
Co-authored-by: Davide Polonio <poloniodavide@gmail.com>
Co-committed-by: Davide Polonio <poloniodavide@gmail.com>
 2024-08-04 13:05:31 +02:00
Davide Polonio
b448f92f68 feat: add headscale (#31)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #31
Co-authored-by: Davide Polonio <poloniodavide@gmail.com>
Co-committed-by: Davide Polonio <poloniodavide@gmail.com>
 2024-08-04 13:02:47 +02:00
Davide Polonio
6d90cd8518 chore: upgrade mailserver (#30)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #30
Co-authored-by: Davide Polonio <poloniodavide@gmail.com>
Co-committed-by: Davide Polonio <poloniodavide@gmail.com>
 2024-06-01 14:39:22 +02:00
Davide Polonio
8870c4533e chore: upgrade searxng (#29)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #29
Co-authored-by: Davide Polonio <poloniodavide@gmail.com>
Co-committed-by: Davide Polonio <poloniodavide@gmail.com>
 2024-06-01 14:35:47 +02:00
Davide Polonio
9cbe11208f chore: upgrade mailserver and songlify (#28)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #28
Co-authored-by: Davide Polonio <poloniodavide@gmail.com>
Co-committed-by: Davide Polonio <poloniodavide@gmail.com>
 2024-02-16 23:27:45 +01:00
Davide Polonio
f26262caad chore: upgrade SearxNG (#27)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #27
Co-authored-by: Davide Polonio <poloniodavide@gmail.com>
Co-committed-by: Davide Polonio <poloniodavide@gmail.com>
 2023-11-24 17:37:01 +01:00