ansible-infra

CCCHH/ansible-infra

Fork 0

Commit graph

66e2e354b1

document how to set up secrets using SOPS for a new host main move_to_sops June 2025-05-04 00:11:43 +02:00
eb70df37f1

update README and ansible.cfg for usage of SOPS instead of password-sto. June 2025-05-03 23:49:06 +02:00
bbe4cc131a

eh22-netbox: remove eh22-netbox as its being decommissioned June 2025-05-03 23:40:03 +02:00
a943b152f2

zammad(host): move secrets to SOPS June 2025-05-03 23:26:58 +02:00
fa634f6900

onlyoffice(host): move secrets to SOPS June 2025-05-03 23:22:45 +02:00
b841cc1409

tickets(host): move secrets to SOPS June 2025-05-03 23:16:34 +02:00
60b2093a02

netbox(host): move secrets to SOPS June 2025-05-03 23:08:41 +02:00
65b6eff5bd

pretalx(host): move secrets to SOPS June 2025-05-03 22:59:37 +02:00
31ad4654c6

ccchoir(host): move secrets to SOPS June 2025-05-03 22:48:49 +02:00
7c598132ee

pad(host): move secrets to SOPS June 2025-05-03 22:39:37 +02:00
97b8386878

grafana(host): move secrets to SOPS June 2025-05-03 22:18:26 +02:00
37e8782a0b

keycloak(host): move secrets to SOPS June 2025-05-03 21:53:40 +02:00
d63092cfe8

cloud(host): remove unused config.php.j2 June 2025-05-03 21:32:22 +02:00
8de07c2688

cloud(host): move secrets to SOPS June 2025-05-03 21:30:06 +02:00
01c006ec22

grafana fix nginx ip allow list c6ristian 2025-05-02 01:08:55 +02:00
58642620a1

IPv6 fix für metrics c6ristian 2025-04-30 16:23:35 +02:00
0c9e3ccb87

fix switchup in prometheus.relabel c6ristian 2025-04-30 15:07:26 +02:00
bd9e04eef8

metrics fux c6ristian 2025-04-30 02:16:09 +02:00
e183f1a2c3

prometheus remote write with alloy using it c6ristian 2025-04-30 01:08:43 +02:00
e21ff26f36

fix: alertmanager c6ristian 2025-04-28 23:02:13 +02:00
b0660deb71

fix: nginx role c6ristian 2025-04-28 22:23:11 +02:00
456117a789

adding loki c6ristian 2025-04-28 20:04:19 +02:00
3548c1f4d6

restart ssh service instead of rebooting as this should be fine June 2025-04-25 02:01:29 +02:00
9c57fca876 Also supply a dmoain for user content Stefan Bethke 2025-04-16 16:27:21 +02:00
811b5832da Incread file upload limit to 1G (from 10MB) Stefan Bethke 2025-04-16 16:27:02 +02:00
77e1d3bc3e

keycloak: allow access form new IPv6 subnet at z9 c6ristian 2025-02-26 23:47:20 +01:00
6b80f5b52a

fix accidentally added personalized ansible_user by removing it June 2025-02-23 23:51:58 +01:00
41ba73d7c3

dep._hyperv.(playb.): add deps step to vm template generation setup play June 2025-02-23 23:26:36 +01:00
fd13e5341b

add thinkcccore0 to inventory and enable VM template gen. setup on it June 2025-02-23 23:23:51 +01:00
ca16e3d55f

dep._hypervisor(playb.): introduce play for setting up vm template gen. June 2025-02-23 22:41:06 +01:00
614eebadba WIP router(host): initial config feature/add-new-router jtbx 2025-02-23 18:49:19 +01:00
98972e39c4

keycloak(host): update to 26.1 & postgres to 15.12 kc-update c6ristian 2025-02-22 22:56:40 +01:00
fce4c2f73b

grafana(host): account in Prom. hyperv. disk alerts for longer backups June 2025-02-18 15:38:07 +01:00
0e4df5b590

nginx(role): make loop output manageable using loop_control label June 2025-02-18 06:07:47 +01:00
9dba002f10

maintenance(playbook): simplify nginx repo setup and install task name June 2025-02-18 05:48:52 +01:00
1ea63a19d3

maintenance(playbook): ensure docker repo and install before update June 2025-02-18 05:48:01 +01:00
7420ed6010

nginx(role): split up repo setup and install task lists to estab. conv. June 2025-02-18 05:43:39 +01:00
89f3e55eac

docker(role): use better naming June 2025-02-18 05:35:45 +01:00
ce812fb006

docker(role): update README June 2025-02-18 05:33:30 +01:00
d62c070ccc

maintenance(playbook): fix playbook by using updated nginx role res. June 2025-02-18 05:17:38 +01:00
07511ef723

grafana(host): remove decomissioned nix-box-june from Prometheus targets June 2025-02-18 04:51:26 +01:00
5e5c980f14

check(playbook): print all held packages June 2025-02-18 04:28:08 +01:00
34b9ee2fa4

nginx(role): simplify description in README June 2025-02-18 04:11:33 +01:00
344dd78981

nginx(role): use better naming, wording and file structure June 2025-02-18 04:07:07 +01:00
9b2ef55f86

nginx(role): remove unneces. "hosts" and "entry points" sec. from README June 2025-02-18 03:40:00 +01:00
5809e4015f

nginx(role): add "logging" to the reserved configuration names June 2025-02-18 03:37:20 +01:00
3d22f7ffae

nginx(role): document Debian 12 support June 2025-02-18 03:35:37 +01:00
4adf39d969

nginx(role): document arguments in README for better discoverability June 2025-02-18 03:27:49 +01:00
2e9f73b46b

nginx(role): simplify ensuring that gnupg is installed June 2025-02-18 03:11:46 +01:00
df22074aeb

nginx(role): simplify installation by removing version spec June 2025-02-18 03:59:08 +01:00
172d6472bc

nginx(role): remove unnecessary apt-get update step June 2025-02-18 02:59:00 +01:00
5dc2520ecd

eh22-wiki: configure custom eh22-theme Dario 2025-02-17 22:26:17 +01:00
7271426502

dokuwiki: add option to checkout custom design repo Dario 2025-02-17 22:20:25 +01:00
4788d4d819

dokuwiki: add warning about custom theme directory Dario 2025-02-17 22:13:41 +01:00
d9b150eaf0

dokuwiki: add git to dependencies for custom theme Dario 2025-02-17 21:51:48 +01:00
b5ddebcada

dokouwiki: add option which theme branch to check out Dario 2025-02-17 21:34:01 +01:00
e943a541e5

dokuwiki: document custom theme options in README Dario 2025-02-17 21:16:13 +01:00
0998111455

dokuwiki: don't ignore hostkeys Dario 2025-02-17 21:09:06 +01:00
7ec61f45b3

dokuwiki: add ability to checkout custom theme repo Dario 2025-02-17 20:49:34 +01:00
79012fb7f8

eh22-netbox: setup EH22 NetBox June 2025-02-17 01:23:35 +01:00
496f122968

give ansible docker comp. cron jobs unique names to not overw. each oth. June 2025-02-17 00:32:50 +01:00
f0e345b15a Merge branch 'main' of git.hamburg.ccc.de:CCCHH/ansible-infra Stefan Bethke 2025-02-16 22:09:29 +01:00
690ec9bebc Use distinct short code to avoid confusion with EH pretix Stefan Bethke 2025-02-16 22:09:27 +01:00
ff540126a1

add chaosknoten to hosts and new hypervisors group June 2025-02-16 02:34:14 +01:00
61cd5053d0

flatten inventories making them simpler June 2025-02-16 00:36:10 +01:00
4def1334d8

for non-verbose output hide user passwords in postgresql role June 2025-02-15 20:06:55 +01:00
2ec1471d7f

netbox: move NetBox from NixOS to Ansible June 2025-02-15 19:57:15 +01:00
09a8551c8a

add option to netbox role for custom pipeline code for OIDC mapping June 2025-02-15 05:22:21 +01:00
dbb784e2bb

add license notice to README June 2025-02-15 03:52:02 +01:00
783c36bcc1

add netbox role for ensuring netbox is deployed as specified June 2025-02-14 21:43:44 +01:00
9662995377

add postgresql role for ens. psql and opt. some dbs and users are set up June 2025-02-13 03:24:15 +01:00
fc24bfff5d

add redis role for ensuring redis is installed from distro packages June 2025-02-13 02:00:32 +01:00
537ef55b6f

eh22-wiki: add missing redirect for /design June 2025-02-15 06:21:14 +01:00
ac7e8bb6f2

grafana: set dur. for Prom. hyperv. disk rw rate and hdd io aler. to 90m June 2025-02-15 06:05:44 +01:00
1bae6234ae redirect to eh22 Stefan Bethke 2025-02-14 19:52:19 +01:00
9334f70289

eh22-wiki: make automatic dir redirects work for /design June 2025-02-14 04:34:09 +01:00
70d4ce9a2d

eh22-wiki: ensure base for CI deploy of styleguide under /design/ June 2025-02-12 19:02:53 +01:00
bdbd9ce195

eh22-wiki: setup EH22 wiki using Ansible by copying and mod. wiki config June 2025-02-10 23:40:39 +01:00
40cddb67b4

grafana: account for long backup jobs in Prom. hyperv. disk rw rate al. June 2025-02-06 19:17:21 +01:00
c4e35c1adf

grafana: pull out prom. net. rec. err. alerts for OPNs. to ex. wg int. June 2025-02-06 01:34:45 +01:00
ee66631c2d

grafana: diff. prometheus disk io alerts by host task and disk type June 2025-02-06 01:13:10 +01:00
9e77a41e3c

grafana: differentiate prometheus disk rate alerts by host task type June 2025-02-06 01:05:05 +01:00
5016407cef

grafana: group prometheus alert rules for better organization June 2025-02-06 00:12:03 +01:00
07b3a6947d Add Hub for EH22 Stefan Bethke 2025-02-01 12:46:54 +01:00
c89a6edefe

nextcloud: update to version 30 c6ristian 2025-01-26 02:05:47 +01:00
3139b41433

use the container name as journal tag not id c6ristian 2025-01-21 00:25:13 +01:00
6fa896dd3f

Remove jobe for mumble.c3lingo.org since the the endpoint appears to dont exsists anymore c6ristian 2025-01-19 21:03:38 +01:00
a86b34cf34

set nginx logging to use journald c6ristian 2025-01-19 20:30:53 +01:00
328ec744cc

Add base_config and deploy_systemd_journal_config c6ristian 2025-01-19 20:30:05 +01:00
93212e2248

pretalx: set custom docker network in compose file c6ristian 2025-01-16 14:35:12 +01:00
1d621e12fb

fix pretalx for cfp.eh22.easterhegg.eu CSRF problem c6ristian 2025-01-16 14:06:36 +01:00
64343ae9ec

have the docker role conf. the Docker daemon to log to systemd journal June 2025-01-14 23:19:38 +01:00
e3a1443df9

use deploy_ssh_server_config role for all Chaosknoten hosts June 2025-01-14 22:36:51 +01:00
e1866b2449

add cfp.eh22.easterhegg.eu to pretalx c6ristian 2025-01-13 22:44:44 +01:00
8bb6c44bec Allow 50MB uploads Stefan Bethke 2025-01-13 19:42:37 +01:00
4fff0a9d0d dokuwiki: Refactor support for multiple OS versions jtbx 2024-12-08 19:27:26 +01:00
03e994b41f

dokuwiki: update role to support Debian 12 June 2024-12-08 18:37:41 +01:00
19abc5f585

reference new "resources" dir and generally fix up and improve README June 2024-12-08 01:32:02 +01:00
e713b2ea5b

exclude symlinked ("roles" and "resources") dirs from vscode search June 2024-12-05 23:32:01 +01:00
63390c5588

enable pipelining as it seems to work and be faster June 2024-12-05 23:18:34 +01:00