Commit graph

388 commits

Author SHA1 Message Date
8ff457b01e
Update Postgres to 15.13
Some checks failed
/ Ansible Lint (push) Failing after 1m52s
2025-05-20 20:24:29 +02:00
b14083302b
keycloak: Update to 26.2
Some checks failed
/ Ansible Lint (push) Failing after 1m55s
2025-05-20 20:18:21 +02:00
abd751237b EH22 Hub teardown
Some checks failed
/ Ansible Lint (push) Failing after 1m57s
2025-05-09 12:29:46 +02:00
7f1afef50d
move secrets from sops lookup plugin to sops vars plugin
Some checks failed
/ Ansible Lint (push) Failing after 1m54s
This makes secret configuration and usage a good bit cleaner.
2025-05-04 16:50:15 +02:00
66e2e354b1
document how to set up secrets using SOPS for a new host
Some checks failed
/ Ansible Lint (push) Failing after 1m43s
2025-05-04 00:11:43 +02:00
eb70df37f1
update README and ansible.cfg for usage of SOPS instead of password-sto.
Some checks failed
/ Ansible Lint (pull_request) Failing after 1m55s
/ Ansible Lint (push) Failing after 1m55s
2025-05-03 23:49:06 +02:00
bbe4cc131a
eh22-netbox: remove eh22-netbox as its being decommissioned
Some checks failed
/ Ansible Lint (push) Failing after 1m44s
2025-05-03 23:40:03 +02:00
a943b152f2
zammad(host): move secrets to SOPS 2025-05-03 23:26:58 +02:00
fa634f6900
onlyoffice(host): move secrets to SOPS
Some checks failed
/ Ansible Lint (push) Failing after 1m51s
2025-05-03 23:22:45 +02:00
b841cc1409
tickets(host): move secrets to SOPS
Some checks failed
/ Ansible Lint (push) Failing after 1m48s
2025-05-03 23:16:34 +02:00
60b2093a02
netbox(host): move secrets to SOPS
Some checks failed
/ Ansible Lint (push) Failing after 1m53s
2025-05-03 23:08:41 +02:00
65b6eff5bd
pretalx(host): move secrets to SOPS
Some checks failed
/ Ansible Lint (push) Failing after 2m28s
2025-05-03 22:59:37 +02:00
31ad4654c6
ccchoir(host): move secrets to SOPS 2025-05-03 22:48:49 +02:00
7c598132ee
pad(host): move secrets to SOPS
Some checks failed
/ Ansible Lint (push) Failing after 1m55s
2025-05-03 22:39:37 +02:00
97b8386878
grafana(host): move secrets to SOPS
Some checks failed
/ Ansible Lint (push) Failing after 1m49s
2025-05-03 22:18:26 +02:00
37e8782a0b
keycloak(host): move secrets to SOPS
Some checks failed
/ Ansible Lint (push) Failing after 1m53s
2025-05-03 21:53:40 +02:00
d63092cfe8
cloud(host): remove unused config.php.j2 2025-05-03 21:32:22 +02:00
8de07c2688
cloud(host): move secrets to SOPS 2025-05-03 21:30:06 +02:00
01c006ec22
grafana fix nginx ip allow list
Some checks failed
/ Ansible Lint (push) Failing after 1m48s
2025-05-02 01:08:55 +02:00
58642620a1
IPv6 fix für metrics
Some checks failed
/ Ansible Lint (push) Failing after 1m47s
2025-04-30 16:23:35 +02:00
0c9e3ccb87
fix switchup in prometheus.relabel
Some checks failed
/ Ansible Lint (push) Failing after 1m49s
2025-04-30 15:07:26 +02:00
bd9e04eef8
metrics fux 2025-04-30 02:16:09 +02:00
e183f1a2c3
prometheus remote write with alloy using it
Some checks failed
/ Ansible Lint (push) Failing after 1m53s
2025-04-30 01:11:17 +02:00
e21ff26f36
fix: alertmanager
Some checks failed
/ Ansible Lint (push) Failing after 1m56s
the message template now just give out simple string if the list of alerts is to long
2025-04-28 23:02:13 +02:00
b0660deb71
fix: nginx role
Some checks failed
/ Ansible Lint (push) Failing after 1m53s
add defaults for nginx__deploy_htpasswds and nginx__htpasswds
2025-04-28 22:23:11 +02:00
456117a789
adding loki
Some checks failed
/ Ansible Lint (push) Failing after 1m55s
2025-04-28 20:31:55 +02:00
3548c1f4d6
restart ssh service instead of rebooting as this should be fine
All checks were successful
/ Ansible Lint (push) Successful in 2m9s
Active connections should survive a restart of the service and testing
also didn't show any issues.
2025-04-25 02:01:29 +02:00
9c57fca876 Also supply a dmoain for user content
All checks were successful
/ Ansible Lint (push) Successful in 2m9s
2025-04-16 16:27:21 +02:00
811b5832da Incread file upload limit to 1G (from 10MB) 2025-04-16 16:27:02 +02:00
77e1d3bc3e
keycloak: allow access form new IPv6 subnet at z9
All checks were successful
/ Ansible Lint (push) Successful in 1m48s
2025-02-26 23:48:19 +01:00
6b80f5b52a
fix accidentally added personalized ansible_user by removing it
All checks were successful
/ Ansible Lint (pull_request) Successful in 1m58s
/ Ansible Lint (push) Successful in 1m43s
2025-02-23 23:51:58 +01:00
41ba73d7c3
dep._hyperv.(playb.): add deps step to vm template generation setup play
All checks were successful
/ Ansible Lint (push) Successful in 1m45s
2025-02-23 23:26:36 +01:00
fd13e5341b
add thinkcccore0 to inventory and enable VM template gen. setup on it
Some checks failed
/ Ansible Lint (push) Has been cancelled
2025-02-23 23:23:51 +01:00
ca16e3d55f
dep._hypervisor(playb.): introduce play for setting up vm template gen.
Some checks failed
/ Ansible Lint (push) Has been cancelled
2025-02-23 22:42:58 +01:00
98972e39c4
keycloak(host): update to 26.1 & postgres to 15.12
All checks were successful
/ Ansible Lint (pull_request) Successful in 1m45s
/ Ansible Lint (push) Successful in 1m52s
2025-02-22 23:17:36 +01:00
fce4c2f73b
grafana(host): account in Prom. hyperv. disk alerts for longer backups
All checks were successful
/ Ansible Lint (push) Successful in 1m39s
Set duration for Prometheus hypervisor disk rw rate and hard disk io
alerts to 2h to account for the very long running (over 90m) backup job.
2025-02-18 15:38:07 +01:00
0e4df5b590
nginx(role): make loop output manageable using loop_control label
All checks were successful
/ Ansible Lint (push) Successful in 1m48s
2025-02-18 06:07:47 +01:00
9dba002f10
maintenance(playbook): simplify nginx repo setup and install task name
All checks were successful
/ Ansible Lint (push) Successful in 1m45s
2025-02-18 05:48:52 +01:00
1ea63a19d3
maintenance(playbook): ensure docker repo and install before update
As with ensuring the nginx repo setup and install on relevant hosts, do
the same for docker.
2025-02-18 05:48:01 +01:00
7420ed6010
nginx(role): split up repo setup and install task lists to estab. conv.
Split up repo setup and package installation after all to establish this
as a convention (its already done this way in the docker role and was
done this way in the nginx role before) to highlight that an external
repo is used.
2025-02-18 05:43:39 +01:00
89f3e55eac
docker(role): use better naming 2025-02-18 05:35:45 +01:00
ce812fb006
docker(role): update README
Document Debian 12 support, enhance wording, bring structure in line
with the READMEs of more modern roles and remove unnecessary sections.
2025-02-18 05:33:30 +01:00
d62c070ccc
maintenance(playbook): fix playbook by using updated nginx role res. 2025-02-18 05:17:38 +01:00
07511ef723
grafana(host): remove decomissioned nix-box-june from Prometheus targets
All checks were successful
/ Ansible Lint (push) Successful in 1m42s
2025-02-18 04:51:26 +01:00
5e5c980f14
check(playbook): print all held packages
All checks were successful
/ Ansible Lint (pull_request) Successful in 1m41s
/ Ansible Lint (push) Successful in 1m40s
2025-02-18 04:32:43 +01:00
34b9ee2fa4
nginx(role): simplify description in README 2025-02-18 04:32:43 +01:00
344dd78981
nginx(role): use better naming, wording and file structure 2025-02-18 04:32:43 +01:00
9b2ef55f86
nginx(role): remove unneces. "hosts" and "entry points" sec. from README 2025-02-18 04:32:43 +01:00
5809e4015f
nginx(role): add "logging" to the reserved configuration names 2025-02-18 04:32:43 +01:00
3d22f7ffae
nginx(role): document Debian 12 support 2025-02-18 04:32:43 +01:00