ViMaSter/ansible-infra
0
0
Fork 0
forked from CCCHH/ansible-infra
Code Pull requests Activity
540 commits 1 branch 0 tags 7.1 MiB
Commit graph

130 commits

Author SHA1 Message Date
Renovate
c638790819 Update all stable non-major dependencies 2026-01-12 02:30:47 +00:00
June
968e29ccb8
 		do v6-only for internal proxy protocol communication 
Since we want to do v6-only internally, only listen on v6 for proxy
protocol.
This is also needed as we only have set_real_ip_from pointing to a v6.
 2026-01-12 03:02:09 +01:00
June
255327952e
 		ntfy(host): move to new network and hostname 2026-01-11 03:57:11 +01:00
June
1971598e71
 		pretalx(host): move to new network and hostname 2026-01-11 03:23:18 +01:00
June
372f264bcb
 		ccchoir(host): move to new network and hostname 2026-01-11 03:23:14 +01:00
June
2fbb37db18
 		grafana(host): move to new network and hostname 2026-01-11 03:23:01 +01:00
June
bb30e88404
 		router(host): allowlist only certain icmpv6 types 2026-01-11 00:29:16 +01:00
June
a41b07949c
 		zammad(host): move to new network and hostname 2026-01-11 00:22:37 +01:00
June
ff550cbd8a
 		tickets(host): move to new network and hostname 2026-01-11 00:00:18 +01:00
June
49e3ecb986
 		netbox(host): move to new network and hostname 2026-01-09 03:05:29 +01:00
June
40b67c6bc3
 		sunders(host): move to new network and hostname 2026-01-07 18:46:16 +01:00
June
80ddb2efc9
 		router: enable a DHCP server for the v4-NAT network as well 
As the hosts don't really need a static v4, just do DHCP.
 2026-01-07 17:25:27 +01:00
June
944c8cde82
 		onlyoffice(host): move to new network and hostname 2025-12-17 03:34:39 +01:00
June
366456eff8
 		keycloak(host): move to new network and hostname 
Also just listen on port 8443 for keycloak-admin proxy protocol.
 2025-12-16 21:50:40 +01:00
June
1ca71a053e
 		pad(host): move to new network and hostname 2025-12-16 21:12:21 +01:00
June
570600fce3
 		eh22-wiki(host): move to new network and hostname 2025-12-16 20:58:05 +01:00
June
5a476f2103
 		cloud(host): move to new network and hostname 2025-12-16 20:47:44 +01:00
June
b72dee0d6d
 		wiki(host): actually have nginx listen on v6 2025-12-16 19:52:24 +01:00
June
8b94a49f5e
 		wiki(host): move to new network and internal hostname 2025-12-16 19:23:33 +01:00
June
5f98dca56c
 		router(host): expose public v6 networks 
Also prepare for exposing public v4 networks later.
 2025-12-16 19:03:36 +01:00
jtbx
66ee44366b public-reverse-proxy: New IP of wiki VM 2025-12-14 15:39:03 +01:00
June
183b91b9f2
 		router(host): add nftables config for basic router functionality 2025-12-13 22:07:38 +01:00
June
a9e394da06
 		router(host): add systemd-networkd-based network config 2025-12-13 22:07:37 +01:00
Renovate
0eaaf9227c Update all stable non-major dependencies 2025-11-19 13:30:39 +00:00
June
ddab157600
 		don't pin digests anymore 
The benefit of digest pinning isn't that great for this project really
and it comes at the cost of more issues and additional renovate noise,
so just don't anymore.
Adjust renovate config accordingly as well.
 2025-11-18 14:24:21 +01:00
c6ristian
80acd5fdc6
 		grafana: store date for up to 28 days 2025-11-11 23:03:59 +01:00
Stefan Bethke
6fea98ffd2 Redirect to 39c3 instead of eh22 2025-11-07 20:09:02 +01:00
ViMaSter
c3f71b1f08 sunders: replace password in healthcheck with dynamic secret 
CCCHH/ansible-infra#55

Co-authored-by: ViMaSter <vincent@mahn.ke>
Co-committed-by: ViMaSter <vincent@mahn.ke>
 2025-11-02 20:24:55 +01:00
June
dc6c7cbfb7
 		sunders(host): deploy sunders using docker compose 
https://git.hamburg.ccc.de/CCCHH/sunders
 2025-11-01 17:53:08 +01:00
June
a11ccaf16c
 		disable digest pinning for our images, since Forgejo cleans them up 
Since Forgejo seems to clean up older tag versions, so older digests,
disable digest pinning for our images.
While generally resulting in undeployable config, with ansible-pull the
breakage is especially noticeable.
 2025-10-30 05:50:42 +01:00
Renovate
a03ed9a362 Update all stable non-major dependencies 2025-10-29 23:45:38 +00:00
Renovate
01890fecbd Update all digest updates 2025-10-29 00:30:36 +00:00
June
df32e1cac8
 		zammad(host): move to latest upstream compose file version (v14.1.1) 
It hopefully fixes bugs we had in the past, so removing the workarounds
and it also comes with default values now, so removing all variables set
to those defaults.
 2025-10-24 22:57:03 +02:00
June
747e5b2d4c
 		zammad(host): change to .env configuration 
Align the compose.yaml to upstreams v11.2.0 version.
This is a first step to hopefully then just use the upstreams version
directly and not vendor it.
 2025-10-24 22:15:48 +02:00
Renovate
2f8897751b Pin dependencies 2025-10-23 12:15:38 +00:00
June
43fac32424
 		use full image source and set version for all Chaosknoten compose images 
Use a full image source and set and explicit version for all images in
Chaosknoten (docker-)compose files.
With Renovate now set up, it is feasible to explicitly set versions.
 2025-10-21 23:59:56 +02:00
c6ristian
f3902b43b1
 		update keycloak and nextcloud 2025-10-20 21:11:28 +02:00
June
425d302fa9
 		zammad(host): fix compose by using different elasticsearch image 
Also execute manual update steps as outlined here:
https://github.com/zammad/zammad-docker-compose/releases/tag/v14.0.0

Note that this is updating only a part of the compose file and other
parts still are out-of-date and should be updated (like the Postgres).
 2025-10-20 01:36:00 +02:00
June
8a8fdf5f97
 		renovate(host): set platform to forgejo 2025-10-17 01:26:18 +02:00
June
4b1c64b615
 		renovate(host): remove deprecated and no longer working logLevel option 
Remove deprecated and no longer working logLevel config option. Debug
output can be enabled by using the LOG_LEVEL environment variable on
demand.
 2025-10-16 18:08:29 +02:00
June
e76c66d74c
 		renovate(host): set up Renovate using role and exisiting config 
Set up Renovate using role and existing config from current
Forgejo/GitHub Actions-based deployment.
 2025-10-16 17:52:30 +02:00
June
1322bcec58
 		reverse proxy configuration for element-admin 2025-10-12 20:20:02 +02:00
June
1eaf85501f
 		reverse proxy configuration for matrix authentication service 2025-10-12 05:28:43 +02:00
c6ristian
2ae8692603
 		grafana: set 2m for DHCP check 
so that service restart dont create a alert
 2025-09-12 13:21:23 +02:00
c6ristian
1355d4d834
 		grafana: make alerts better for fux 2025-09-09 19:30:53 +02:00
Stefan Bethke
592afdced9 add waybackproxy 2025-09-06 11:39:05 +02:00
Stefan Bethke
13a8dc9b6f Fix name, cleanup 2025-08-02 10:05:58 +02:00
Stefan Bethke
9c50708b4e Add second DECT 2025-08-02 09:43:18 +02:00
Stefan Bethke
cbb4beceb6 Add Werkstatt phone 2025-08-02 09:41:48 +02:00
June
9f87fa0225
 		reverse proxy configuration for cryptoparty website and staging env. 2025-07-23 20:56:19 +02:00