01c006ec22
grafana fix nginx ip allow list
2025-05-02 01:08:55 +02:00
58642620a1
IPv6 fix für metrics
2025-04-30 16:23:35 +02:00
0c9e3ccb87
fix switchup in prometheus.relabel
2025-04-30 15:07:26 +02:00
bd9e04eef8
metrics fux
2025-04-30 02:16:09 +02:00
e183f1a2c3
prometheus remote write with alloy using it
2025-04-30 01:11:17 +02:00
e21ff26f36
fix: alertmanager
...
the message template now just give out simple string if the list of alerts is to long
2025-04-28 23:02:13 +02:00
b0660deb71
fix: nginx role
...
add defaults for nginx__deploy_htpasswds and nginx__htpasswds
2025-04-28 22:23:11 +02:00
456117a789
adding loki
2025-04-28 20:31:55 +02:00
3548c1f4d6
restart ssh service instead of rebooting as this should be fine
...
Active connections should survive a restart of the service and testing
also didn't show any issues.
2025-04-25 02:01:29 +02:00
9c57fca876
Also supply a dmoain for user content
2025-04-16 16:27:21 +02:00
811b5832da
Incread file upload limit to 1G (from 10MB)
2025-04-16 16:27:02 +02:00
77e1d3bc3e
keycloak: allow access form new IPv6 subnet at z9
2025-02-26 23:48:19 +01:00
6b80f5b52a
fix accidentally added personalized ansible_user by removing it
2025-02-23 23:51:58 +01:00
41ba73d7c3
dep._hyperv.(playb.): add deps step to vm template generation setup play
2025-02-23 23:26:36 +01:00
fd13e5341b
add thinkcccore0 to inventory and enable VM template gen. setup on it
2025-02-23 23:23:51 +01:00
ca16e3d55f
dep._hypervisor(playb.): introduce play for setting up vm template gen.
2025-02-23 22:42:58 +01:00
98972e39c4
keycloak(host): update to 26.1 & postgres to 15.12
2025-02-22 23:17:36 +01:00
fce4c2f73b
grafana(host): account in Prom. hyperv. disk alerts for longer backups
...
Set duration for Prometheus hypervisor disk rw rate and hard disk io
alerts to 2h to account for the very long running (over 90m) backup job.
2025-02-18 15:38:07 +01:00
0e4df5b590
nginx(role): make loop output manageable using loop_control label
2025-02-18 06:07:47 +01:00
9dba002f10
maintenance(playbook): simplify nginx repo setup and install task name
2025-02-18 05:48:52 +01:00
1ea63a19d3
maintenance(playbook): ensure docker repo and install before update
...
As with ensuring the nginx repo setup and install on relevant hosts, do
the same for docker.
2025-02-18 05:48:01 +01:00
7420ed6010
nginx(role): split up repo setup and install task lists to estab. conv.
...
Split up repo setup and package installation after all to establish this
as a convention (its already done this way in the docker role and was
done this way in the nginx role before) to highlight that an external
repo is used.
2025-02-18 05:43:39 +01:00
89f3e55eac
docker(role): use better naming
2025-02-18 05:35:45 +01:00
ce812fb006
docker(role): update README
...
Document Debian 12 support, enhance wording, bring structure in line
with the READMEs of more modern roles and remove unnecessary sections.
2025-02-18 05:33:30 +01:00
d62c070ccc
maintenance(playbook): fix playbook by using updated nginx role res.
2025-02-18 05:17:38 +01:00
07511ef723
grafana(host): remove decomissioned nix-box-june from Prometheus targets
2025-02-18 04:51:26 +01:00
5e5c980f14
check(playbook): print all held packages
2025-02-18 04:32:43 +01:00
34b9ee2fa4
nginx(role): simplify description in README
2025-02-18 04:32:43 +01:00
344dd78981
nginx(role): use better naming, wording and file structure
2025-02-18 04:32:43 +01:00
9b2ef55f86
nginx(role): remove unneces. "hosts" and "entry points" sec. from README
2025-02-18 04:32:43 +01:00
5809e4015f
nginx(role): add "logging" to the reserved configuration names
2025-02-18 04:32:43 +01:00
3d22f7ffae
nginx(role): document Debian 12 support
2025-02-18 04:32:43 +01:00
4adf39d969
nginx(role): document arguments in README for better discoverability
...
Document the role arguments in the README instead of in the
argument_specs for better discoverability and readability.
2025-02-18 04:32:43 +01:00
2e9f73b46b
nginx(role): simplify ensuring that gnupg is installed
...
Also improve naming.
2025-02-18 04:32:43 +01:00
df22074aeb
nginx(role): simplify installation by removing version spec
...
We always just want the latest anyway and therefore don't use it, so no
need to keep the complexity introduced by that setting.
Also merge repo_setup and nginx_install task lists into one
nginx_install task list as keeping two files isn't necessary.
Finally improving naming a bit.
2025-02-18 04:32:43 +01:00
172d6472bc
nginx(role): remove unnecessary apt-get update step
...
The nginx package gets installed with "update_cache: true" afterwards
anyway, so the apt-get update step shouldn't be necessary.
2025-02-18 04:32:43 +01:00
5dc2520ecd
eh22-wiki: configure custom eh22-theme
2025-02-17 22:26:17 +01:00
7271426502
dokuwiki: add option to checkout custom design repo
2025-02-17 22:20:25 +01:00
79012fb7f8
eh22-netbox: setup EH22 NetBox
2025-02-17 01:23:35 +01:00
496f122968
give ansible docker comp. cron jobs unique names to not overw. each oth.
...
Give them unique names, so the latter doesn't overwrite the former.
Also make the task names nicer.
2025-02-17 00:32:50 +01:00
f0e345b15a
Merge branch 'main' of git.hamburg.ccc.de:CCCHH/ansible-infra
2025-02-16 22:09:29 +01:00
690ec9bebc
Use distinct short code to avoid confusion with EH pretix
2025-02-16 22:09:27 +01:00
ff540126a1
add chaosknoten to hosts and new hypervisors group
...
Also exclude that group from the tasks otherwise targeting all hosts.
2025-02-16 02:34:14 +01:00
61cd5053d0
flatten inventories making them simpler
...
Remove the child groups as we weren't using their functionality anyway.
Also remove the debian_11/12 host groups as they're not in use.
2025-02-16 00:36:10 +01:00
4def1334d8
for non-verbose output hide user passwords in postgresql role
2025-02-15 20:06:55 +01:00
2ec1471d7f
netbox: move NetBox from NixOS to Ansible
...
Also introduce netbox_hosts group for applying netbox role to multiple
hosts.
2025-02-15 19:57:15 +01:00
09a8551c8a
add option to netbox role for custom pipeline code for OIDC mapping
...
Add option to netbox role for ensuring custom pipeline code for OIDC
group and role mapping is either present or not.
The custom pipeline code is licensed under the Creative Commons: CC
BY-SA 4.0 license.
See:
https://github.com/goauthentik/authentik/blob/main/LICENSE
https://github.com/goauthentik/authentik/blob/main/website/integrations/services/netbox/index.md
https://docs.goauthentik.io/integrations/services/netbox/
5676b1a468
2025-02-15 06:23:04 +01:00
dbb784e2bb
add license notice to README
...
This is in preparation for extending that notice to point out code that
is licensed differently.
2025-02-15 06:23:04 +01:00
783c36bcc1
add netbox role for ensuring netbox is deployed as specified
...
The role takes over the deployment of netbox and its dependencies, while
still requiring the user to provide the netbox version, db password and
config as well as to set up a web server and handle stuff like creating
users, etc.
2025-02-15 06:23:04 +01:00
9662995377
add postgresql role for ens. psql and opt. some dbs and users are set up
...
Add postgresql role for ensuring postgresql is installed.
Furthermore the role optionally takes some basic configuration to ensure
databases with their owners and users are set up as specified.
This is a requirement for a new netbox role.
2025-02-15 06:23:04 +01:00