Alexander Grabowski grabowski
0 Followers · 1 Following
  • Joined on 2025-08-05
Repositories
6
 Projects Packages Public Activity Starred Repositories
grabowski pushed to main at B4L/cnx-network-clan 2026-06-21 03:32:07 +07:00
d8bbf08c7a Add mx1 to secret vars/shared/mail-dmarc-cred/passphrase
e6036d9d1b Add mx1 to secret vars/shared/mail-dmarc-cred/hash
f7b64617b9 Update vars via generator mail-dmarc-cred for machine control
60db8c60b0 Add parsedmarc DMARC report analyzer on control
b8bea27a9c Update runbook docs for web01 reverse proxy and per-host ACME keys
Compare 5 commits »
grabowski pushed to main at B4L/cnx-network-clan 2026-06-21 03:13:18 +07:00
415a050f6a Scrape web01 node_exporter into VictoriaMetrics
3f3f4118c1 Use Singapore time (UTC+8) for mx1 and web01
dfdeb84ab8 Set time.timeZone on mx1 and web01
48bf7fb250 Add web01 public reverse proxy with DNS-01 wildcard TLS
86a2928825 update(inventory.json): Installed web01
Compare 21 commits »
grabowski pushed to main at B4L/cnx-network-clan 2026-06-18 15:01:05 +07:00
1dd3aadb97 Add mail.cnx.email client alias as a cert SAN
grabowski pushed to main at B4L/cnx-network-clan 2026-06-18 14:49:51 +07:00
dc21348727 Format drifted files to satisfy the treefmt flake-check gate
grabowski pushed to main at B4L/cnx-network-clan 2026-06-18 14:47:26 +07:00
1cb6f39ea2 Add declarative SNM mail stack on mx1 with DNS-01, DANE, MTA-STS
026a26dd53 Add ns1 to secret vars/shared/dns-acme-mx1-secret/secret
7e5d50b260 Update vars via generator dns-acme-mx1-knot for machine ns1
312de984c1 Update vars via generator dns-acme-rfc2136 for machine mx1
d76aa8cc8d Update vars via generator mail-passwd-postmaster-at-cnx-email for machine mx1
Compare 6 commits »
grabowski pushed to main at B4L/cnx-network-clan 2026-06-18 12:24:40 +07:00
d1b24017aa Use no-store for docs: epoch mtimes make revalidation serve stale
grabowski pushed to main at B4L/cnx-network-clan 2026-06-18 12:19:45 +07:00
77a18df257 Stop browsers serving stale docs by forcing revalidation
grabowski pushed to main at B4L/cnx-network-clan 2026-06-18 12:12:18 +07:00
a4fe2a7b3a Document how to pull registrar DS records from Knot on ns1
grabowski pushed to main at B4L/cnx-network-clan 2026-06-18 11:53:20 +07:00
6e4178df04 Onboard mx1 mail host and factor out per-host public IPs
2c89ab913c update(inventory.json): Installed mx1
84c3eece58 Update vars via generator zerotier for machine mx1
7f5227d2e2 Update vars via generator tor_tor for machine mx1
ebf4efe5c9 Update vars via generator state-version for machine mx1
Compare 13 commits »
grabowski pushed to main at B4L/cnx-network-clan 2026-06-17 17:28:01 +07:00
9c8a2abf3f Bind VictoriaLogs on IPv6 so the mesh can ship journald to it
grabowski pushed to main at B4L/cnx-network-clan 2026-06-17 17:09:38 +07:00
0eb883061b Keep systemd-journal-upload retrying instead of failing a deploy
grabowski pushed to main at B4L/cnx-network-clan 2026-06-17 16:53:56 +07:00
d4a171640b Add VictoriaLogs for centralized journald across all hosts
grabowski pushed to main at B4L/cnx-network-clan 2026-06-17 15:42:14 +07:00
c7b0f206c8 Alert on and chart blackbox DNS probe failures
grabowski pushed to main at B4L/cnx-network-clan 2026-06-17 15:37:47 +07:00
54f607d063 Add blackbox exporter for outside-in DNS probes
grabowski pushed to main at B4L/cnx-network-clan 2026-06-17 15:17:13 +07:00
0544bf95e5 Add vmalert rules for failed and stale backups
grabowski pushed to main at B4L/cnx-network-clan 2026-06-17 15:13:48 +07:00
1ea5bda23f Add CNX Backups dashboard and document the backup setup
ed746b58c3 Update vars via generator borgbackup for machine ns1
Compare 2 commits »
grabowski pushed to main at B4L/cnx-network-clan 2026-06-17 15:07:01 +07:00
044891927b Back up Knot DNSSEC keystore from ns1 to control via borgbackup
grabowski pushed to main at B4L/cnx-network-clan 2026-06-17 14:51:33 +07:00
7ae3221b83 Add Active alerts panel to the top of the CNX DNS dashboard
grabowski pushed to main at B4L/cnx-network-clan 2026-06-17 14:49:34 +07:00
4c7c74836d Add vmalert alerting rules for DNS and host health
grabowski pushed to main at B4L/cnx-network-clan 2026-06-17 14:26:23 +07:00
a7d4c0e567 Add mdBook infra runbook served by Caddy on control