bastian/deploy_home
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
228 Commits 1 Branch 0 Tags
master
Commit Graph

13 Commits

Author SHA1 Message Date
Bastian de Byl
bc26fcd1f9 chore: fluent-bit zomboid, zomboid stats, home assistant, gregbot 2026-01-24 17:08:05 -05:00
Bastian de Byl
216a486db5 fix: home automations with configurations fixes 2025-12-14 19:23:35 -05:00
Bastian de Byl
eab9962443 fix: home automations 2025-12-14 18:50:25 -05:00
Bastian de Byl
9c9da4f47c Complete infrastructure migration from nginx + ModSecurity to Caddy 
This commit finalizes the comprehensive migration from nginx + ModSecurity + manual LetsEncrypt
to Caddy v2 with automatic HTTPS. The migration eliminates over 2000 lines of complex
configuration in favor of a single, simplified Caddyfile.

## Major Changes:

### Infrastructure Transformation
- **Web Server**: Replaced nginx with Caddy v2 for automatic HTTPS and simplified configuration
- **SSL/TLS**: Removed manual LetsEncrypt management, now fully automated by Caddy
- **Security**: Replaced ModSecurity WAF with Caddy's built-in security features
- **CI/CD**: Decommissioned Drone CI infrastructure completely

### Configuration Simplification
- **Before**: 20+ nginx site configs, ModSecurity rules, LetsEncrypt cron jobs
- **After**: Single Caddyfile with automatic HTTPS, security headers, and IP restrictions
- **Reduction**: 75% less configuration code while maintaining all functionality

### Files Added
- Caddy container deployment and configuration tasks
- Single Caddyfile template replacing all nginx configs
- Updated documentation (CLAUDE.md, TODO.md)

### Files Removed
- Complete nginx role and all site configurations (24 files)
- SSL role with LetsEncrypt management (6 files)
- Drone CI infrastructure (1 file)
- nginx static files and ModSecurity includes (2 files)

## Verified Functionality
All websites confirmed working with HTTPS certificates automatically provisioned:
- photos.bdebyl.net, parts.bdebyl.net, cloud.bdebyl.net
- wiki.skudakrennsport.com, cloud.skudakrennsport.com
- fulfillr.debyltech.com (with IP restrictions)
- Proper security headers and WebSocket support

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-09-11 20:38:45 -04:00
Bastian de Byl
6b813362ca noticket - cleanup of unused sites, containers 2025-03-01 20:47:53 -05:00
Bastian de Byl
9a60d4b0b9 noticket - migrate from photoprism to immich 2024-12-17 21:52:04 -05:00
Bastian de Byl
ed7ef3ba26 updated graylog, firewall, hass 2024-07-31 16:29:07 -04:00
Bastian de Byl
c8f4bd0a62 fulfillr bump, restart main router on sshpass_cron 2023-09-09 16:27:53 -04:00
Bastian de Byl
4c40a42707 major cleanup of ansible tasks in podman role 2023-07-24 13:38:34 -04:00
Bastian de Byl
71e9f4590b added sshpass_cron, updates, secrets 2023-07-21 17:54:58 -04:00
Bastian de Byl
c5bc5a91ac moved nginx, graylog to podman 2022-05-01 03:31:16 -04:00
Bastian de Byl
8e373896a6 moved drone to podman 2022-04-30 15:05:46 -04:00
Bastian de Byl
cb2001357f moved ddns, partkeepr, hass to podman, selinux 2022-04-30 03:44:55 -04:00