874c3f95d3
Update docker.io/library/postgres Docker tag to v18
/ Ansible Lint (push) Successful in 2m25s
/ build (pull_request) Failing after 2m41s
/ Ansible Lint (pull_request) Has been cancelled
2026-05-20 18:01:07 +00:00
ec27b52820
cloud: bump nextcloud to 33 and postgres 15.18
/ build (push) Failing after 2m40s
/ Ansible Lint (push) Successful in 3m2s
2026-05-20 19:49:53 +02:00
411200884b
docs: overhaul SOPS documentation for better structure and readability
/ Ansible Lint (push) Successful in 2m22s
/ build (push) Failing after 2m40s
2026-05-20 18:57:21 +02:00
292c626629
add ns2.vie.ccc.de as dns secondary
/ build (push) Failing after 2m37s
/ Ansible Lint (push) Successful in 21m28s
2026-05-20 15:44:47 +02:00
0c83fcc2b2
sops: darios key expired, so remove for now
/ Ansible Lint (push) Successful in 2m22s
/ build (push) Successful in 24s
2026-05-20 04:09:28 +02:00
8428d5a66b
docs: use pymdownx.superfences to make codeblocks in lists work properly
/ Ansible Lint (push) Successful in 2m33s
/ build (push) Failing after 2m38s
2026-05-19 23:49:06 +02:00
fc47d119bb
docs: move guides into sub-directory
...
/ Ansible Lint (push) Successful in 2m50s
/ build (push) Successful in 24s
Also start documenting the docs structure in home.
2026-05-19 19:24:06 +02:00
197b9c297c
docs: fix code blocks overflowing and add syntax highlighting
...
/ Ansible Lint (pull_request) Successful in 2m38s
/ build (pull_request) Successful in 25s
/ cleanup-staging (pull_request) Successful in 2s
/ build (push) Successful in 23s
/ Ansible Lint (push) Successful in 4m45s
Without these options code blocks would overflow. See:
https://github.com/asiffer/mkdocs-shadcn/issues/57
And it also provides nice syntax highlighting.
2026-05-19 18:33:03 +02:00
abcc144711
docs: add index page
2026-05-19 18:33:03 +02:00
31cc60c648
docs: add mkdocs config and CI for building infra-docs website
...
Heavily inspired by: https://forgejo.c3voc.de/voc/av-docs
2026-05-19 18:33:03 +02:00
a93d22fb05
add configuration for infra-docs and infra-docs staging
2026-05-19 18:33:03 +02:00
8a8ce7206d
add infrastructure-authorized-keys to lists host
/ Ansible Lint (push) Successful in 2m48s
2026-05-19 16:27:59 +02:00
dcd454011f
status(host): add checks for auth-dns
/ Ansible Lint (push) Successful in 2m21s
2026-05-19 14:27:54 +02:00
55d1279c3e
status(host): add check for diday.org
/ Ansible Lint (push) Successful in 2m34s
2026-05-19 14:17:07 +02:00
3541c68357
disable dnssec for catalog zones on auth-dns
...
/ Ansible Lint (push) Successful in 2m35s
Catalog zones are not real zones in the DNS hierarchy and don't
have a parent zone. Therefore they will never have a valid DNSSEC
delegation so we should skip signing those zones.
2026-05-19 11:01:52 +02:00
6bb09901a0
add ns.vie.ccc.de. as direct secondary for authoritative DNS zones
/ Ansible Lint (push) Has been cancelled
2026-05-19 11:00:03 +02:00
73e77bde70
tag plays in playbooks (instead of tasks in roles)
/ Ansible Lint (pull_request) Successful in 3m18s
/ Ansible Lint (push) Successful in 2m20s
2026-05-19 00:24:10 +02:00
6b19f69135
renovate(role): add cleanup service and timer for renovate volume
...
/ Ansible Lint (push) Successful in 2m25s
With time the volume seems to just keeps growing with cache data, so
clean it up once a day.
2026-05-19 00:23:26 +02:00
b0347d64bf
remove configuration for deleted woodpecker host
/ Ansible Lint (push) Successful in 34m8s
2026-05-18 20:13:48 +02:00
1275d50bdf
dooris(host): use new dooris software
...
/ Ansible Lint (push) Successful in 3m56s
Also fix DNS record not properly working anymore.
2026-05-18 18:00:30 +02:00
1757c36605
Postorious needs REST API as well
/ Ansible Lint (push) Successful in 8m34s
2026-05-16 13:31:18 +02:00
a76f01aea7
Move secrets to SOPS, add REST_USER
/ Ansible Lint (push) Successful in 9m15s
2026-05-16 13:06:19 +02:00
cc5dfb3cf7
Update docker.io/grafana/grafana Docker tag to v13
/ Ansible Lint (push) Failing after 13m15s
2026-05-15 19:41:57 +02:00
83e6f76464
deploy_systemd_journal_config(role): Disable ForwardToSyslog
...
/ Ansible Lint (pull_request) Failing after 29m12s
/ Ansible Lint (push) Successful in 41m19s
We don't want hour journalctl logs mirrored to /var/log/syslog
2026-05-15 19:25:44 +02:00
164f784957
remove errornously added irz42 reverse-dns secondaries
/ Ansible Lint (push) Successful in 3m0s
2026-05-15 14:50:15 +02:00
637dc6b25a
consider ansible-pull jobs failed after 30 minutes
/ Ansible Lint (pull_request) Successful in 2m27s
/ Ansible Lint (push) Successful in 2m32s
2026-05-13 16:53:57 +02:00
18ffa42358
remove actually unused reverse-dns zones
/ Ansible Lint (push) Successful in 3m0s
2026-05-13 15:14:37 +02:00
d2f95237a0
add wieskes nameservers for reverse-dns zone transfers from auth-dns
2026-05-13 15:11:29 +02:00
e3ef60186f
grafana: set default alertmanager notifications
/ Ansible Lint (push) Successful in 2m25s
2026-05-09 21:34:08 +02:00
c9c44efa0b
auth-dns(host): remove entries for old and deprecated services
/ Ansible Lint (push) Successful in 3m16s
2026-05-09 19:16:34 +02:00
d76212c5a8
auth-dns(host): remove legacy "-intern" entries from hamburg.ccc.de zone
2026-05-09 18:27:54 +02:00
3c558003a9
auth-dns(host): format hamburg.ccc.de zone file
...
/ Ansible Lint (push) Successful in 21m51s
Format zone file as first step of a series of clean-ups.
2026-05-08 21:20:55 +02:00
595b19375a
replace primary NS in all zones except *.hamburg.ccc.de zones
/ Ansible Lint (push) Successful in 3m42s
2026-05-07 23:59:50 +02:00
bc4df9a3f4
fix ansible-lint warnings of knot role
/ Ansible Lint (push) Successful in 2m31s
2026-05-07 23:45:48 +02:00
50beedbc62
configure metric scraping from knot on auth-dns
/ Ansible Lint (push) Failing after 6m12s
2026-05-06 15:51:38 +02:00
291ebce943
router(host): configure public (v4) network
/ Ansible Lint (push) Successful in 4m20s
2026-05-06 14:43:05 +02:00
f7306b91a6
remove unused dns zones
/ Ansible Lint (push) Successful in 3m22s
2026-05-06 14:37:53 +02:00
021843b5ce
migrate reverse dns zones to new auth-dns server
/ Ansible Lint (push) Successful in 2m36s
2026-05-06 14:33:04 +02:00
5283d2da95
improve knot roles reloading behavior
...
With this change, the nameserver is not restarted on configuration
updates but only reloaded instead.
2026-05-06 14:33:04 +02:00
3aa146d723
nftables(role): reload instead of restart
...
/ Ansible Lint (push) Failing after 3m22s
This should make the role more robust against misconfigurations.
2026-05-06 14:19:38 +02:00
46b0a49eb8
migrate dns zone eh22.easterhegg.eu to new auth-dns server
/ Ansible Lint (push) Failing after 2m29s
2026-05-06 12:34:23 +02:00
d535607ae6
migrate dns zone eh20.easterhegg.eu. to new auth-dns server
2026-05-06 12:31:55 +02:00
04a6c685d1
migrate dns zone hamburg.ccc.de. to new auth-dns server
/ Ansible Lint (push) Successful in 2m32s
2026-05-06 12:17:51 +02:00
fa021fb737
migrate dns zone ccchh.net. to new auth-dns server
/ Ansible Lint (push) Successful in 2m27s
2026-05-06 12:12:54 +02:00
9100523045
remove obsolete auth-dns compose file
/ Ansible Lint (push) Successful in 3m37s
2026-05-06 11:59:51 +02:00
416ca85b11
rename auth_dns -> knot role
/ Ansible Lint (pull_request) Successful in 2m37s
/ Ansible Lint (push) Has been cancelled
2026-05-06 11:52:33 +02:00
8c1553c707
fix role name auth-dns -> auth_dns
/ Ansible Lint (push) Failing after 2m38s
/ Ansible Lint (pull_request) Failing after 2m40s
2026-05-06 11:47:10 +02:00
9ca4eb14e1
configure hh.ccc.de on auth-dns
2026-05-06 11:47:10 +02:00
c0a09cd299
add old zones from ns-intern
/ Ansible Lint (push) Failing after 3m40s
2026-05-06 11:47:10 +02:00
6fa2d65db2
enable auth-dns role to actually configure useful zones
2026-05-06 11:47:10 +02:00
