a89d4cec65
Update docker.io/pretalx/standalone Docker tag to v2025.2.3
/ Ansible Lint (push) Successful in 2m33s
/ build (pull_request) Failing after 2m38s
/ Ansible Lint (pull_request) Successful in 2m32s
2026-05-23 22:30:49 +00:00
dd48a9d519
bring guide about new chaosknoten VMs into doc structure
/ Ansible Lint (push) Successful in 2m36s
/ build (push) Failing after 2m37s
2026-05-24 00:27:23 +02:00
0842a51ae0
Merge branch 'main' of git.hamburg.ccc.de:CCCHH/ansible-infra
/ Ansible Lint (push) Successful in 2m21s
/ build (push) Failing after 2m38s
2026-05-24 00:12:52 +02:00
603d3fb6f4
Update machine SMTP mail sending config
2026-05-24 00:12:50 +02:00
4574dbf4ba
secrets(role): introduce secrets role for storing secrets
...
/ Ansible Lint (push) Successful in 2m18s
/ build (push) Failing after 2m40s
Allows storage of secrets to then be referenced in other places.
The motivation was storing WireGuard secrets for systemd-networkd.
2026-05-23 22:40:17 +02:00
5ca311d240
add some documentation structure
/ build (push) Failing after 2m39s
/ Ansible Lint (push) Successful in 2m33s
/ build (pull_request) Has been cancelled
/ Ansible Lint (pull_request) Has been cancelled
2026-05-23 19:37:51 +02:00
51cd583dff
docs: move information on secrets and sops into docs
/ Ansible Lint (push) Successful in 2m20s
/ build (push) Failing after 2m40s
2026-05-20 22:54:32 +02:00
74fb99ec8f
docs: delete outdated section on web service setup from README
...
/ build (push) Successful in 27s
/ Ansible Lint (push) Successful in 2m44s
A better guide can be found in the new docs.
2026-05-20 20:09:28 +02:00
b91bc38d7b
docs: rework and split up docs on creating a new web service
...
/ build (push) Waiting to run
/ Ansible Lint (push) Waiting to run
- Split out the general information on how to set up a new VM on
Chaosknoten to have it be more generally useful.
- Also split out the section on monitoring to not have it intermingled
with the other information.
- Rework the guides to include more information and be more streamlined.
Also remove duplicate information along the way.
2026-05-20 20:06:57 +02:00
ec27b52820
cloud: bump nextcloud to 33 and postgres 15.18
/ build (push) Failing after 2m40s
/ Ansible Lint (push) Successful in 3m2s
2026-05-20 19:49:53 +02:00
411200884b
docs: overhaul SOPS documentation for better structure and readability
/ Ansible Lint (push) Successful in 2m22s
/ build (push) Failing after 2m40s
2026-05-20 18:57:21 +02:00
292c626629
add ns2.vie.ccc.de as dns secondary
/ build (push) Failing after 2m37s
/ Ansible Lint (push) Successful in 21m28s
2026-05-20 15:44:47 +02:00
0c83fcc2b2
sops: darios key expired, so remove for now
/ Ansible Lint (push) Successful in 2m22s
/ build (push) Successful in 24s
2026-05-20 04:09:28 +02:00
8428d5a66b
docs: use pymdownx.superfences to make codeblocks in lists work properly
/ Ansible Lint (push) Successful in 2m33s
/ build (push) Failing after 2m38s
2026-05-19 23:49:06 +02:00
fc47d119bb
docs: move guides into sub-directory
...
/ Ansible Lint (push) Successful in 2m50s
/ build (push) Successful in 24s
Also start documenting the docs structure in home.
2026-05-19 19:24:06 +02:00
197b9c297c
docs: fix code blocks overflowing and add syntax highlighting
...
/ Ansible Lint (pull_request) Successful in 2m38s
/ build (pull_request) Successful in 25s
/ cleanup-staging (pull_request) Successful in 2s
/ build (push) Successful in 23s
/ Ansible Lint (push) Successful in 4m45s
Without these options code blocks would overflow. See:
https://github.com/asiffer/mkdocs-shadcn/issues/57
And it also provides nice syntax highlighting.
2026-05-19 18:33:03 +02:00
abcc144711
docs: add index page
2026-05-19 18:33:03 +02:00
31cc60c648
docs: add mkdocs config and CI for building infra-docs website
...
Heavily inspired by: https://forgejo.c3voc.de/voc/av-docs
2026-05-19 18:33:03 +02:00
a93d22fb05
add configuration for infra-docs and infra-docs staging
2026-05-19 18:33:03 +02:00
8a8ce7206d
add infrastructure-authorized-keys to lists host
/ Ansible Lint (push) Successful in 2m48s
2026-05-19 16:27:59 +02:00
dcd454011f
status(host): add checks for auth-dns
/ Ansible Lint (push) Successful in 2m21s
2026-05-19 14:27:54 +02:00
55d1279c3e
status(host): add check for diday.org
/ Ansible Lint (push) Successful in 2m34s
2026-05-19 14:17:07 +02:00
3541c68357
disable dnssec for catalog zones on auth-dns
...
/ Ansible Lint (push) Successful in 2m35s
Catalog zones are not real zones in the DNS hierarchy and don't
have a parent zone. Therefore they will never have a valid DNSSEC
delegation so we should skip signing those zones.
2026-05-19 11:01:52 +02:00
6bb09901a0
add ns.vie.ccc.de. as direct secondary for authoritative DNS zones
/ Ansible Lint (push) Has been cancelled
2026-05-19 11:00:03 +02:00
73e77bde70
tag plays in playbooks (instead of tasks in roles)
/ Ansible Lint (pull_request) Successful in 3m18s
/ Ansible Lint (push) Successful in 2m20s
2026-05-19 00:24:10 +02:00
6b19f69135
renovate(role): add cleanup service and timer for renovate volume
...
/ Ansible Lint (push) Successful in 2m25s
With time the volume seems to just keeps growing with cache data, so
clean it up once a day.
2026-05-19 00:23:26 +02:00
b0347d64bf
remove configuration for deleted woodpecker host
/ Ansible Lint (push) Successful in 34m8s
2026-05-18 20:13:48 +02:00
1275d50bdf
dooris(host): use new dooris software
...
/ Ansible Lint (push) Successful in 3m56s
Also fix DNS record not properly working anymore.
2026-05-18 18:00:30 +02:00
1757c36605
Postorious needs REST API as well
/ Ansible Lint (push) Successful in 8m34s
2026-05-16 13:31:18 +02:00
a76f01aea7
Move secrets to SOPS, add REST_USER
/ Ansible Lint (push) Successful in 9m15s
2026-05-16 13:06:19 +02:00
cc5dfb3cf7
Update docker.io/grafana/grafana Docker tag to v13
/ Ansible Lint (push) Failing after 13m15s
2026-05-15 19:41:57 +02:00
83e6f76464
deploy_systemd_journal_config(role): Disable ForwardToSyslog
...
/ Ansible Lint (pull_request) Failing after 29m12s
/ Ansible Lint (push) Successful in 41m19s
We don't want hour journalctl logs mirrored to /var/log/syslog
2026-05-15 19:25:44 +02:00
164f784957
remove errornously added irz42 reverse-dns secondaries
/ Ansible Lint (push) Successful in 3m0s
2026-05-15 14:50:15 +02:00
637dc6b25a
consider ansible-pull jobs failed after 30 minutes
/ Ansible Lint (pull_request) Successful in 2m27s
/ Ansible Lint (push) Successful in 2m32s
2026-05-13 16:53:57 +02:00
18ffa42358
remove actually unused reverse-dns zones
/ Ansible Lint (push) Successful in 3m0s
2026-05-13 15:14:37 +02:00
d2f95237a0
add wieskes nameservers for reverse-dns zone transfers from auth-dns
2026-05-13 15:11:29 +02:00
e3ef60186f
grafana: set default alertmanager notifications
/ Ansible Lint (push) Successful in 2m25s
2026-05-09 21:34:08 +02:00
c9c44efa0b
auth-dns(host): remove entries for old and deprecated services
/ Ansible Lint (push) Successful in 3m16s
2026-05-09 19:16:34 +02:00
d76212c5a8
auth-dns(host): remove legacy "-intern" entries from hamburg.ccc.de zone
2026-05-09 18:27:54 +02:00
3c558003a9
auth-dns(host): format hamburg.ccc.de zone file
...
/ Ansible Lint (push) Successful in 21m51s
Format zone file as first step of a series of clean-ups.
2026-05-08 21:20:55 +02:00
595b19375a
replace primary NS in all zones except *.hamburg.ccc.de zones
/ Ansible Lint (push) Successful in 3m42s
2026-05-07 23:59:50 +02:00
bc4df9a3f4
fix ansible-lint warnings of knot role
/ Ansible Lint (push) Successful in 2m31s
2026-05-07 23:45:48 +02:00
50beedbc62
configure metric scraping from knot on auth-dns
/ Ansible Lint (push) Failing after 6m12s
2026-05-06 15:51:38 +02:00
291ebce943
router(host): configure public (v4) network
/ Ansible Lint (push) Successful in 4m20s
2026-05-06 14:43:05 +02:00
f7306b91a6
remove unused dns zones
/ Ansible Lint (push) Successful in 3m22s
2026-05-06 14:37:53 +02:00
021843b5ce
migrate reverse dns zones to new auth-dns server
/ Ansible Lint (push) Successful in 2m36s
2026-05-06 14:33:04 +02:00
5283d2da95
improve knot roles reloading behavior
...
With this change, the nameserver is not restarted on configuration
updates but only reloaded instead.
2026-05-06 14:33:04 +02:00
3aa146d723
nftables(role): reload instead of restart
...
/ Ansible Lint (push) Failing after 3m22s
This should make the role more robust against misconfigurations.
2026-05-06 14:19:38 +02:00
46b0a49eb8
migrate dns zone eh22.easterhegg.eu to new auth-dns server
/ Ansible Lint (push) Failing after 2m29s
2026-05-06 12:34:23 +02:00
d535607ae6
migrate dns zone eh20.easterhegg.eu. to new auth-dns server
2026-05-06 12:31:55 +02:00
