3541c68357
disable dnssec for catalog zones on auth-dns
...
/ Ansible Lint (push) Successful in 2m35s
Catalog zones are not real zones in the DNS hierarchy and don't
have a parent zone. Therefore they will never have a valid DNSSEC
delegation so we should skip signing those zones.
2026-05-19 11:01:52 +02:00
6bb09901a0
add ns.vie.ccc.de. as direct secondary for authoritative DNS zones
/ Ansible Lint (push) Has been cancelled
2026-05-19 11:00:03 +02:00
73e77bde70
tag plays in playbooks (instead of tasks in roles)
/ Ansible Lint (pull_request) Successful in 3m18s
/ Ansible Lint (push) Successful in 2m20s
2026-05-19 00:24:10 +02:00
6b19f69135
renovate(role): add cleanup service and timer for renovate volume
...
/ Ansible Lint (push) Successful in 2m25s
With time the volume seems to just keeps growing with cache data, so
clean it up once a day.
2026-05-19 00:23:26 +02:00
b0347d64bf
remove configuration for deleted woodpecker host
/ Ansible Lint (push) Successful in 34m8s
2026-05-18 20:13:48 +02:00
1275d50bdf
dooris(host): use new dooris software
...
/ Ansible Lint (push) Successful in 3m56s
Also fix DNS record not properly working anymore.
2026-05-18 18:00:30 +02:00
1757c36605
Postorious needs REST API as well
/ Ansible Lint (push) Successful in 8m34s
2026-05-16 13:31:18 +02:00
a76f01aea7
Move secrets to SOPS, add REST_USER
/ Ansible Lint (push) Successful in 9m15s
2026-05-16 13:06:19 +02:00
cc5dfb3cf7
Update docker.io/grafana/grafana Docker tag to v13
/ Ansible Lint (push) Failing after 13m15s
2026-05-15 19:41:57 +02:00
83e6f76464
deploy_systemd_journal_config(role): Disable ForwardToSyslog
...
/ Ansible Lint (pull_request) Failing after 29m12s
/ Ansible Lint (push) Successful in 41m19s
We don't want hour journalctl logs mirrored to /var/log/syslog
2026-05-15 19:25:44 +02:00
164f784957
remove errornously added irz42 reverse-dns secondaries
/ Ansible Lint (push) Successful in 3m0s
2026-05-15 14:50:15 +02:00
637dc6b25a
consider ansible-pull jobs failed after 30 minutes
/ Ansible Lint (pull_request) Successful in 2m27s
/ Ansible Lint (push) Successful in 2m32s
2026-05-13 16:53:57 +02:00
18ffa42358
remove actually unused reverse-dns zones
/ Ansible Lint (push) Successful in 3m0s
2026-05-13 15:14:37 +02:00
d2f95237a0
add wieskes nameservers for reverse-dns zone transfers from auth-dns
2026-05-13 15:11:29 +02:00
e3ef60186f
grafana: set default alertmanager notifications
/ Ansible Lint (push) Successful in 2m25s
2026-05-09 21:34:08 +02:00
c9c44efa0b
auth-dns(host): remove entries for old and deprecated services
/ Ansible Lint (push) Successful in 3m16s
2026-05-09 19:16:34 +02:00
d76212c5a8
auth-dns(host): remove legacy "-intern" entries from hamburg.ccc.de zone
2026-05-09 18:27:54 +02:00
3c558003a9
auth-dns(host): format hamburg.ccc.de zone file
...
/ Ansible Lint (push) Successful in 21m51s
Format zone file as first step of a series of clean-ups.
2026-05-08 21:20:55 +02:00
595b19375a
replace primary NS in all zones except *.hamburg.ccc.de zones
/ Ansible Lint (push) Successful in 3m42s
2026-05-07 23:59:50 +02:00
bc4df9a3f4
fix ansible-lint warnings of knot role
/ Ansible Lint (push) Successful in 2m31s
2026-05-07 23:45:48 +02:00
50beedbc62
configure metric scraping from knot on auth-dns
/ Ansible Lint (push) Failing after 6m12s
2026-05-06 15:51:38 +02:00
291ebce943
router(host): configure public (v4) network
/ Ansible Lint (push) Successful in 4m20s
2026-05-06 14:43:05 +02:00
f7306b91a6
remove unused dns zones
/ Ansible Lint (push) Successful in 3m22s
2026-05-06 14:37:53 +02:00
021843b5ce
migrate reverse dns zones to new auth-dns server
/ Ansible Lint (push) Successful in 2m36s
2026-05-06 14:33:04 +02:00
5283d2da95
improve knot roles reloading behavior
...
With this change, the nameserver is not restarted on configuration
updates but only reloaded instead.
2026-05-06 14:33:04 +02:00
3aa146d723
nftables(role): reload instead of restart
...
/ Ansible Lint (push) Failing after 3m22s
This should make the role more robust against misconfigurations.
2026-05-06 14:19:38 +02:00
46b0a49eb8
migrate dns zone eh22.easterhegg.eu to new auth-dns server
/ Ansible Lint (push) Failing after 2m29s
2026-05-06 12:34:23 +02:00
d535607ae6
migrate dns zone eh20.easterhegg.eu. to new auth-dns server
2026-05-06 12:31:55 +02:00
04a6c685d1
migrate dns zone hamburg.ccc.de. to new auth-dns server
/ Ansible Lint (push) Successful in 2m32s
2026-05-06 12:17:51 +02:00
fa021fb737
migrate dns zone ccchh.net. to new auth-dns server
/ Ansible Lint (push) Successful in 2m27s
2026-05-06 12:12:54 +02:00
9100523045
remove obsolete auth-dns compose file
/ Ansible Lint (push) Successful in 3m37s
2026-05-06 11:59:51 +02:00
416ca85b11
rename auth_dns -> knot role
/ Ansible Lint (pull_request) Successful in 2m37s
/ Ansible Lint (push) Has been cancelled
2026-05-06 11:52:33 +02:00
8c1553c707
fix role name auth-dns -> auth_dns
/ Ansible Lint (push) Failing after 2m38s
/ Ansible Lint (pull_request) Failing after 2m40s
2026-05-06 11:47:10 +02:00
9ca4eb14e1
configure hh.ccc.de on auth-dns
2026-05-06 11:47:10 +02:00
c0a09cd299
add old zones from ns-intern
/ Ansible Lint (push) Failing after 3m40s
2026-05-06 11:47:10 +02:00
6fa2d65db2
enable auth-dns role to actually configure useful zones
2026-05-06 11:47:10 +02:00
becee70ab9
disable systemd-resolved on auth-dns
2026-05-06 11:47:10 +02:00
fa94d59df6
add barebones knot config
...
This configuration does not yet do much but it provisions a knot
server that runs.
2026-05-06 11:47:10 +02:00
adc3400177
mute ansible discovered interpreter warning
/ Ansible Lint (push) Successful in 2m41s
2026-05-06 11:44:41 +02:00
d880eb8677
fix systemd-resolved not being installed
...
/ Ansible Lint (pull_request) Successful in 2m27s
/ Ansible Lint (push) Successful in 2m25s
closes #88
2026-05-03 16:50:45 +02:00
c304a1c82a
add README.md to deploy_systemd_resolved_config role
/ Ansible Lint (pull_request) Successful in 2m31s
/ Ansible Lint (push) Successful in 2m24s
2026-05-02 01:01:23 +02:00
58ced1a85e
add capability to disable systemd-resolved to base_config role
/ Ansible Lint (push) Successful in 2m28s
/ Ansible Lint (pull_request) Successful in 2m24s
2026-05-01 00:16:43 +02:00
d9fc1ef401
add host auth-dns.hamburg.ccc.de
/ Ansible Lint (push) Successful in 2m27s
2026-04-29 21:24:59 +02:00
69fcd2691e
clarify some docs
2026-04-29 21:24:50 +02:00
5d16c7781c
Revert "deploy alerta on grafana.hosts.hamburg.ccc.de"
...
/ Ansible Lint (push) Successful in 2m23s
This reverts commit b10d7d1592
2026-04-29 19:05:15 +02:00
b6cec3ad61
public-reverse-proxy(host): use new public-web-static hostname
...
/ Ansible Lint (push) Successful in 2m24s
public-web-static got moved to a new network and has a new hostname as
well as new addresses now, so use that.
2026-04-28 23:31:41 +02:00
d7811f249a
diday-staging-runner(host): deploy host runner for diday staging deploy
/ Ansible Lint (push) Successful in 2m29s
2026-04-28 20:12:27 +02:00
b10d7d1592
deploy alerta on grafana.hosts.hamburg.ccc.de
/ Ansible Lint (push) Successful in 2m31s
2026-04-24 19:05:08 +02:00
5242a14eed
Update to newest version
/ Ansible Lint (push) Successful in 2m24s
2026-04-24 17:42:51 +02:00
0330c6b6ca
reduce ansible grafana log verbosity by using loop_control labels
/ Ansible Lint (push) Successful in 2m27s
2026-04-24 15:32:43 +02:00
