pretalx(host): move to new network and hostname

ccchoir(host): move to new network and hostname
grafana(host): move to new network and hostname
2026-01-11 03:23:18 +01:00 · 2026-01-11 03:23:14 +01:00 · 2026-01-11 03:23:01 +01:00
9 changed files with 24 additions and 27 deletions
--- a/inventories/chaosknoten/hosts.yaml
+++ b/inventories/chaosknoten/hosts.yaml
@ -1,9 +1,9 @@
 all:
  hosts:
    ccchoir:
-      ansible_host: ccchoir-intern.hamburg.ccc.de
+      ansible_host: ccchoir.hosts.hamburg.ccc.de
      ansible_user: chaos
-      ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
+      ansible_ssh_common_args: -J ssh://chaos@router.hamburg.ccc.de
    chaosknoten:
      ansible_host: chaosknoten.hamburg.ccc.de
    cloud:
@ -15,9 +15,9 @@ all:
      ansible_user: chaos
      ansible_ssh_common_args: -J ssh://chaos@router.hamburg.ccc.de
    grafana:
-      ansible_host: grafana-intern.hamburg.ccc.de
+      ansible_host: grafana.hosts.hamburg.ccc.de
      ansible_user: chaos
-      ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
+      ansible_ssh_common_args: -J ssh://chaos@router.hamburg.ccc.de
    tickets:
      ansible_host: tickets.hosts.hamburg.ccc.de
      ansible_user: chaos
@ -45,9 +45,9 @@ all:
      ansible_user: chaos
      ansible_ssh_common_args: -J ssh://chaos@router.hamburg.ccc.de
    pretalx:
-      ansible_host: pretalx-intern.hamburg.ccc.de
+      ansible_host: pretalx.hosts.hamburg.ccc.de
      ansible_user: chaos
-      ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
+      ansible_ssh_common_args: -J ssh://chaos@router.hamburg.ccc.de
    public-reverse-proxy:
      ansible_host: public-reverse-proxy.hamburg.ccc.de
      ansible_user: chaos
--- a/resources/chaosknoten/ccchoir/nginx/ccchoir.de.conf
+++ b/resources/chaosknoten/ccchoir/nginx/ccchoir.de.conf
@ -2,12 +2,12 @@
 # https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
 server {
    # Listen on a custom port for the proxy protocol.
-    listen 8443 ssl http2 proxy_protocol;
+    listen [::]:8443 ssl http2 proxy_protocol;
    # Make use of the ngx_http_realip_module to set the $remote_addr and
    # $remote_port to the client address and client port, when using proxy
    # protocol.
    # First set our proxy protocol proxy as trusted.
-    set_real_ip_from 172.31.17.140;
+    set_real_ip_from 2a00:14b0:4200:3000:125::1;
    # Then tell the realip_module to get the addreses from the proxy protocol
    # header.
    real_ip_header proxy_protocol;
@ -43,12 +43,12 @@ server {
 server {
    # Listen on a custom port for the proxy protocol.
-    listen 8443 ssl http2 proxy_protocol;
+    listen [::]:8443 ssl http2 proxy_protocol;
    # Make use of the ngx_http_realip_module to set the $remote_addr and
    # $remote_port to the client address and client port, when using proxy
    # protocol.
    # First set our proxy protocol proxy as trusted.
-    set_real_ip_from 172.31.17.140;
+    set_real_ip_from 2a00:14b0:4200:3000:125::1;
    # Then tell the realip_module to get the addreses from the proxy protocol
    # header.
    real_ip_header proxy_protocol;
--- a/resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf
+++ b/resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf
@ -2,7 +2,7 @@
 # https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
 server {
    # Listen on a custom port for the proxy protocol.
-    listen 8443 ssl proxy_protocol;
+    listen [::]:8443 ssl proxy_protocol;
    http2 on;
    # Make use of the ngx_http_realip_module to set the $remote_addr and
    # $remote_port to the client address and client port, when using proxy
--- a/resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf
+++ b/resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf
@ -17,7 +17,6 @@ server {
    server_name loki.hamburg.ccc.de;
    listen [::]:50051 ssl;
    listen 172.31.17.145:50051 ssl;
    http2 on;
@ -59,7 +58,6 @@ server {
    server_name loki.hamburg.ccc.de;
    listen [::]:443 ssl;
    listen 172.31.17.145:443 ssl;
    http2 on;
--- a/resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf
+++ b/resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf
@ -18,7 +18,6 @@ server {
    server_name metrics.hamburg.ccc.de;
    listen [::]:443 ssl;
    listen 172.31.17.145:443 ssl;
    http2 on;
    client_body_buffer_size 512k;
--- a/resources/chaosknoten/pretalx/nginx/cfp.eh22.easterhegg.eu.conf
+++ b/resources/chaosknoten/pretalx/nginx/cfp.eh22.easterhegg.eu.conf
@ -2,12 +2,12 @@
 # https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
 server {
    # Listen on a custom port for the proxy protocol.
-    listen 8443 ssl http2 proxy_protocol;
+    listen [::]:8443 ssl http2 proxy_protocol;
    # Make use of the ngx_http_realip_module to set the $remote_addr and
    # $remote_port to the client address and client port, when using proxy
    # protocol.
    # First set our proxy protocol proxy as trusted.
-    set_real_ip_from 172.31.17.140;
+    set_real_ip_from 2a00:14b0:4200:3000:125::1;
    # Then tell the realip_module to get the addreses from the proxy protocol
    # header.
    real_ip_header proxy_protocol;
--- a/resources/chaosknoten/pretalx/nginx/pretalx.hamburg.ccc.de.conf
+++ b/resources/chaosknoten/pretalx/nginx/pretalx.hamburg.ccc.de.conf
@ -2,12 +2,12 @@
 # https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
 server {
    # Listen on a custom port for the proxy protocol.
-    listen 8443 ssl http2 proxy_protocol;
+    listen [::]:8443 ssl http2 proxy_protocol;
    # Make use of the ngx_http_realip_module to set the $remote_addr and
    # $remote_port to the client address and client port, when using proxy
    # protocol.
    # First set our proxy protocol proxy as trusted.
-    set_real_ip_from 172.31.17.140;
+    set_real_ip_from 2a00:14b0:4200:3000:125::1;
    # Then tell the realip_module to get the addreses from the proxy protocol
    # header.
    real_ip_header proxy_protocol;
--- a/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf
+++ b/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf
@ -4,12 +4,12 @@ map $host $upstream_acme_challenge_host {
    c3cat.de 172.31.17.151:31820;
    www.c3cat.de 172.31.17.151:31820;
    staging.c3cat.de 172.31.17.151:31820;
-    ccchoir.de ccchoir-intern.hamburg.ccc.de:31820;
+    ccchoir.de ccchoir.hosts.hamburg.ccc.de:31820;
-    www.ccchoir.de ccchoir-intern.hamburg.ccc.de:31820;
+    www.ccchoir.de ccchoir.hosts.hamburg.ccc.de:31820;
    cloud.hamburg.ccc.de cloud.hosts.hamburg.ccc.de:31820;
    element.hamburg.ccc.de 172.31.17.151:31820;
    git.hamburg.ccc.de 172.31.17.154:31820;
-    grafana.hamburg.ccc.de 172.31.17.145:31820;
+    grafana.hamburg.ccc.de grafana.hosts.hamburg.ccc.de:31820;
    hackertours.hamburg.ccc.de 172.31.17.151:31820;
    staging.hackertours.hamburg.ccc.de 172.31.17.151:31820;
    hamburg.ccc.de 172.31.17.151:31820;
@ -22,7 +22,7 @@ map $host $upstream_acme_challenge_host {
    netbox.hamburg.ccc.de netbox.hosts.hamburg.ccc.de:31820;
    onlyoffice.hamburg.ccc.de onlyoffice.hosts.hamburg.ccc.de:31820;
    pad.hamburg.ccc.de pad.hosts.hamburg.ccc.de:31820;
-    pretalx.hamburg.ccc.de 172.31.17.157:31820;
+    pretalx.hamburg.ccc.de pretalx.hosts.hamburg.ccc.de:31820;
    spaceapi.hamburg.ccc.de 172.31.17.151:31820;
    staging.hamburg.ccc.de 172.31.17.151:31820;
    wiki.ccchh.net wiki.hosts.hamburg.ccc.de:31820;
--- a/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf
+++ b/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf
@ -18,15 +18,15 @@ stream {
    resolver 212.12.50.158 192.76.134.90;
    map $ssl_preread_server_name $address {
-        ccchoir.de ccchoir-intern.hamburg.ccc.de:8443;
+        ccchoir.de ccchoir.hosts.hamburg.ccc.de:8443;
-        www.ccchoir.de ccchoir-intern.hamburg.ccc.de:8443;
+        www.ccchoir.de ccchoir.hosts.hamburg.ccc.de:8443;
        cloud.hamburg.ccc.de cloud.hosts.hamburg.ccc.de:8443;
        pad.hamburg.ccc.de pad.hosts.hamburg.ccc.de:8443;
-        pretalx.hamburg.ccc.de pretalx-intern.hamburg.ccc.de:8443;
+        pretalx.hamburg.ccc.de pretalx.hosts.hamburg.ccc.de:8443;
        id.hamburg.ccc.de keycloak.hosts.hamburg.ccc.de:8443;
        invite.hamburg.ccc.de keycloak.hosts.hamburg.ccc.de:8443;
        keycloak-admin.hamburg.ccc.de keycloak.hosts.hamburg.ccc.de:8443;
-        grafana.hamburg.ccc.de 172.31.17.145:8443;
+        grafana.hamburg.ccc.de grafana.hosts.hamburg.ccc.de:8443;
        wiki.ccchh.net wiki.hosts.hamburg.ccc.de:8443;
        wiki.hamburg.ccc.de wiki.hosts.hamburg.ccc.de:8443;
        onlyoffice.hamburg.ccc.de onlyoffice.hosts.hamburg.ccc.de:8443;
@ -90,7 +90,7 @@ stream {
        woodpecker.hamburg.ccc.de 172.31.17.160:8443;
        design.hamburg.ccc.de 172.31.17.162:8443;
        hydra.hamburg.ccc.de 172.31.17.163:8443;
-        cfp.eh22.easterhegg.eu pretalx-intern.hamburg.ccc.de:8443;
+        cfp.eh22.easterhegg.eu pretalx.hosts.hamburg.ccc.de:8443;
        ntfy.hamburg.ccc.de 172.31.17.149:8443;
        cryptoparty-hamburg.de 172.31.17.151:8443;
        cryptoparty.hamburg.ccc.de 172.31.17.151:8443;
Author	SHA1	Message	Date
June	1971598e71	pretalx(host): move to new network and hostname Some checks failed / Ansible Lint (push) Failing after 1m55s Details	2026-01-11 03:23:18 +01:00
June	372f264bcb	ccchoir(host): move to new network and hostname	2026-01-11 03:23:14 +01:00
June	2fbb37db18	grafana(host): move to new network and hostname	2026-01-11 03:23:01 +01:00