Commit graph

287 commits

Author SHA1 Message Date
3af5aa8862 Organize chaosknoten hosts.yaml a bit 2023-09-25 04:40:00 +02:00
c5d40fbb7b Remove Engelsystem host, since it doesn't exist anymore 2023-09-25 04:39:23 +02:00
7468b4d8f6 Fix OpenSMTPD annoyingness
Co-authored-by: yuri <yuri@nekover.se>
2023-09-25 03:03:14 +02:00
757a399df5 Correct README 2023-09-25 03:00:03 +02:00
fdae96fbc1 Migrate to NixOS: Remove Z9 Audio host from this repo 2023-09-25 02:59:41 +02:00
b295690ad5 Add playbook and accompanying role for doing maintenance 2023-09-25 02:57:30 +02:00
de97436706 Migrate to NixOS: Remove Z9 Public-Reverse-Proxy host from this repo 2023-09-25 02:48:56 +02:00
c5eae99a7f Add reverse proxy configuration for netbox 2023-09-21 19:13:56 +02:00
646c385fda Fix chaosknoten proxy jump 2023-09-15 22:07:13 +02:00
804becdd31 Wiki: Fix oauth, create role from playbook 2023-09-15 22:06:46 +02:00
73db1dd077 Introduce onlyoffice 2023-08-27 20:02:53 +02:00
c2964e1707 Remove note regarding encryption and add link to wiki 2023-08-25 22:48:56 +02:00
62b4f93218 Introduce Nextcloud role and deploy Cloud on Chaosknoten
Co-authored-by: Max <max@mlem.cloud>
2023-08-25 20:50:46 +02:00
112f1990b9 Introduce Uptime-Kuma 2023-08-12 01:47:55 +02:00
69621e3d7f Add cursed override for the aes as well :S 2023-08-11 02:17:30 +02:00
12a1e5dc22 Move Engelsystem MAIL_PASSWORD secret to appropriate place 2023-08-11 02:05:40 +02:00
dd5e37fb68 Add restart: unless-stopped to Engelsystem compose 2023-08-11 02:05:20 +02:00
d16da59fd7 Migrate Wiki from ThinkCCCluster to Chaosknoten
Also do the redirect for DNS cache stuff like with aes.
2023-08-11 01:59:34 +02:00
d256082221 Proxy AES in Club to new location for cached DNS records
Do that so that cached DNS records don't make problems. (We had a TTL of
1 week for some reason, so people having that in their cache might still
resolve to the Club. This shouldn't be a problem anymore at
~14.08.2023.)
2023-08-11 00:55:47 +02:00
dc89d33e33 Remove acme challenge entry for aes.ccchh.net 2023-08-11 00:42:05 +02:00
373b219031 Migrate Engelsystem from ThinkCCCluster to Chaosknoten 2023-08-11 00:39:55 +02:00
993e2f2b81 Hotfix to make mail work (dang, mail is now even more cursed)
This entire mail setup is really cursed and needs to be re-done.
2023-08-10 03:17:03 +02:00
10b91b9277 Fix jump host for pad-intern and cloud-intern on Chaosknoten 2023-08-08 01:21:07 +02:00
cc70903f52 Migrate Keycloak from ccchh.net to hamburg.ccc.de 2023-08-08 01:18:44 +02:00
09e0c710af Migrate Keycloak from ThinkCCCluster onto Chaosknoten
Co-authored-by: Max <max@mlem.cloud>
2023-08-07 23:33:15 +02:00
099bbe0e66 Nextcloud-Config weiter entwickeln 2023-08-05 18:59:58 +02:00
dff8f0ee8b pad (HedgeDoc) und cloud (NextCloud) dazu
cloud braucht noch etwas Arbeit, insbesondere die Abslage der Daten in
/data und die Keycloak-Anbindung.
2023-08-05 17:23:49 +02:00
06233d22d5 Deploy NGINX for acme_challenge and PROXY Prot. on PubRP on Chaosknoten 2023-08-04 14:06:37 +02:00
2825c5089f Use new secrets path for z9 vm-secrets 2023-08-04 13:53:22 +02:00
3d238d9f63 Move z9-host-specific configs and templates into z9 subdirectories 2023-08-04 13:41:00 +02:00
4d12d802b8 Add link to relevant wiki page to certbot role README 2023-08-03 05:07:36 +02:00
96e9cdb0dc Add relevant entry for HTTP challenge on PBS 2023-08-03 05:04:13 +02:00
3b3c628492 Ensure NGINX deploy. on public-rev.-prox. hosts before certbot role runs 2023-08-03 04:15:03 +02:00
48f9a2f901 Deploy certs for aes.ccchh.net using certbot role
Also clean up NGINX configuration a bit.
2023-08-02 23:40:36 +02:00
542211ca25 Deploy certs for esphome.ccchh.net using certbot role 2023-08-02 23:27:40 +02:00
6ac4bf8240 Deploy certs for wiki.ccchh.net using certbot role
Also clean up NGINX configurations.
2023-08-02 23:17:31 +02:00
6651f4568d Deploy certs for keycloak-admin and id.ccchh.net using certbot role 2023-08-02 23:07:21 +02:00
154a7dfa02 Deploy certs for zigbee2mqtt.ccchh.net using new certbot role
Also add certbot role to deploy.yaml playbook and add accompanying
group.
2023-08-02 22:53:37 +02:00
f0c5c2b265 Convert certbot role to use standalone instead of webroot
Do this to not have dependencies on an NGINX setup.
With those dependencies in place setting up the certificates initially
would be quite painful, since a half-configured NGINX would need to be
there for the challenge and then only after the certificates are
present, the full NGINX configuration could be deployed successfully.
2023-08-02 22:46:01 +02:00
5341f9dfba Add role for deploying certbot and setting up certificate using it 2023-08-02 20:47:22 +02:00
1b45e94960 Add redhat.ansible extension to VSCode Workspace Recommendations 2023-07-30 19:30:06 +02:00
1613e2d25c Describe new way of secret storage 2023-07-30 19:27:04 +02:00
59520b4db6
AES: disable goodies and vouchers 2023-07-30 16:13:49 +02:00
b89789c37a
fix aes contact email 2023-07-30 15:36:25 +02:00
a7565d5f35 Deploy SSH Server config to public-reverse-proxy and wiki hosts 2023-07-30 07:06:26 +02:00
6994cfa123 Use correct ansible_host for mqtt host 2023-07-30 07:01:06 +02:00
317c822ab5 Combine playbooks for indiviual hosts into one playbook
This makes a full deployment of all hosts easier and parallelises
execution of roles, which are used for multiple hosts.
You can still easily deploy only a subset of hosts using the -l flag for
ansible-playbook.
2023-07-30 06:57:30 +02:00
042ff7c2ec Move keycloak and public-reverse-proxy to new debian_12 group
Do this, since they are on Debian 12.
2023-07-30 05:53:39 +02:00
c9dee93874 Deploy ssh server config on keycloak VM 2023-07-30 05:51:40 +02:00
c6926b0a0f Remove incorrect check from deploy_ssh_server_config role 2023-07-30 05:49:46 +02:00