341 Commits

Author	SHA1	Message	Date
Markus	cc0c0823e9	netbox: bump version to 2.10.6	2021-03-10 16:36:08 +01:00
Bastian	b517df3151	Set Telegraf Config Permissions to 740	2021-01-12 14:23:36 +01:00
Bastian Mäuser	e7d3167f51	Write hostname instead of fqdn	2021-01-10 19:16:16 +01:00
Bastian Mäuser	755c1c5af1	Add Telegraf Role	2021-01-10 19:11:32 +01:00
Markus	d4a9ccf43d	netbox: bump to 2.10.1 and add systemd service	2020-12-16 19:32:58 +01:00
Markus	0484e91693	dns_auth: support dns slaves	2020-12-07 17:18:07 +01:00
Markus	19faa44f0c	mesh_wg: adjust MTU to min values rather than max	2020-12-02 23:39:15 +01:00
Markus	ebe2eac3a7	dns_*: prevent DoH ... by returning NXDOMAIN for use-application-dns.net	2020-11-28 23:39:47 +01:00
Markus	1c0d2f25d2	dns_*: use dnsdist as frontend	2020-11-28 23:36:50 +01:00
Markus	5cd6b06053	mesh_wg: increase the mtu so wg has to fragment	2020-11-25 18:28:22 +01:00
Markus	5422d3ad82	dns_*: remove TLS on localhost	2020-11-25 18:27:25 +01:00
Markus	0baec7972f	stats: migrate to new host, enable for dnsdist	2020-11-25 18:26:28 +01:00
Markus	f955ce6119	web_svc: more caching	2020-11-24 22:41:09 +01:00
Markus	bf1b7e434d	dns_resolver: new role for resolver only	2020-11-24 22:40:48 +01:00
Markus	f882c6e41a	grafana: fix typo	2020-11-24 21:04:40 +01:00
Markus	d0ff422b67	dns_split: rename from dns	2020-11-24 20:52:14 +01:00
Markus	6534749691	grafana: add switch to install rendering deps	2020-11-24 20:36:35 +01:00
Markus	3baf4139ac	web_*: cleanup, add VXoWG api endpoint	2020-11-24 20:29:53 +01:00
Markus	e8435cdd9b	apt: fix unattended upgrads and apt download speed	2020-11-24 20:09:18 +01:00
Bastian	309105d948	Add NGINX Role tailored for stateserver usage	2020-11-24 18:22:03 +01:00
Markus	46406323c1	rename grafana to stats	2020-11-24 14:03:55 +01:00
Markus	990ce64971	node_exporter: use TLS and basic auth	2020-11-23 23:42:15 +01:00
Markus	333c4b82e9	yanic: make suitable for grafana host	2020-11-23 22:22:23 +01:00
Markus	1b4ed18171	nginx: add default to not break web_gw	2020-11-23 19:52:14 +01:00
Markus	1f0b671545	mesh_wg: new role for VXLAN over WG meshing ... This is still work in progress, as such it is only enabled on the test gateway.	2020-11-23 19:44:52 +01:00
Markus	97c095f75f	interfaces: cleanup / use more ifupdown2 features	2020-11-23 19:03:13 +01:00
Markus	ac35c8c635	yanic: fix config template ... change needed to be compatible with current upstream	2020-11-23 19:02:19 +01:00
Markus	4c020cea41	unify whitespace before }}	2020-11-16 23:18:52 +01:00
Markus	56e026ba14	dhcp: cleanup/unify whitespace usage	2020-11-05 18:54:26 +01:00
Markus	ae6b1bc58a	dns: use dedicated certificate for dnsdist	2020-11-05 18:54:01 +01:00
Markus	29627c5e36	dns: use dnsdist from upstream repo	2020-11-05 18:53:33 +01:00
Markus	f6c4f927f4	dns: also offer DoT	2020-11-04 23:16:27 +01:00
Markus	1464ef73cb	new host: grafana.regensburg.freifunk.net ... new role: influxdb	2020-11-04 23:15:34 +01:00
Markus	af56fd8dcd	nginx: support ip anonymization	2020-10-20 15:59:08 +02:00
Markus	2070c32a26	dns_auth: new role ... also apply role to ns1.regensburg.freifunk.net	2020-10-20 15:26:50 +02:00
Markus	dd93bd6b11	dns: use list instead of with_items	2020-10-08 22:31:20 +02:00
Markus	1b12b54a8d	common: use list instead of with_items	2020-10-08 22:30:36 +02:00
Markus	40a64d1e77	netbox: fix syntax error	2020-10-08 22:29:54 +02:00
Markus	b239dfb38f	interfaces: use ipfdown2 version 3.0.0	2020-10-08 12:31:03 +02:00
Markus	3582e84b09	git: remove role, integrate into common	2020-10-06 10:33:48 +02:00
Markus	dc6f2e1e5b	web-svc: rename to web_svc	2020-10-06 10:17:06 +02:00
Markus	610498fc31	web-gw: rename to web_gw	2020-10-06 10:16:33 +02:00
Markus	0de11eb6ed	gw-admin-ssh-keys: rename to root_keys	2020-10-06 10:14:45 +02:00
Markus	d7291018a4	fastd-exporter: rename to fastd_exporter	2020-10-06 10:13:54 +02:00
Markus	c29bed27dc	exit-ip: rename to exit_ip	2020-10-06 10:13:16 +02:00
Markus	3b501e041a	arp-cache: rename to arp_cache	2020-10-06 10:12:47 +02:00
Markus	3d12cf0a7e	mesh-interfaces: rename to interfaces	2020-10-06 10:05:53 +02:00
Jan	7602303543	[role/netbox] Add recursive chown task ... Recursively update group-/ownership of netbox directory after unpacking the source and requiering modules into venv	2020-09-09 18:12:45 +02:00
Jan	09099faaeb	[role/netbox] enhance readability ... Break long lines by using ansible YAML notation	2020-09-09 18:04:24 +02:00
Markus	d647550425	netbox: new host and role	2020-07-19 12:43:12 +02:00
Markus	bc061dff94	apt: use list instead of with_items	2020-06-23 21:45:56 +02:00
Markus	bad435fad4	cleanup: use systemd module for daemon-reloaed	2020-06-22 13:24:53 +02:00
Jan	69ba0b9b38	Update role acertmgr add var acertmgr_version ... Defining variable acertmgr_version from role defaults, allows version string to be overridden. Role defaults are set in connection: local scope. This also shortens long line to make this role linter compliant	2020-06-22 13:22:23 +02:00
Jan	eaf2b36e95	Mitigate lint E204 in roles nginx, web-gw and web-svc	2020-06-22 13:22:23 +02:00
Markus	e2b9ae548c	nginx: don't use "== True"	2020-06-20 17:23:59 +02:00
Markus	9f3945dcc9	acertmgr: ansible style fix	2020-06-20 00:22:26 +02:00
Markus	e601249cb4	nginx: enable gzip for proxied responses	2020-06-19 23:15:37 +02:00
Markus	462a1128ff	docker: only apply explicitly where needed	2020-06-19 21:15:19 +02:00
Markus	6db08c74bd	node_exporter: bump version	2020-06-18 18:07:44 +02:00
Markus	3cd6c0b1dc	tileserver: simplify restart handler	2020-06-18 18:07:13 +02:00
Markus	55b9801aa4	nginx: hide version	2020-06-18 18:06:43 +02:00
Markus	d888969b3c	Reload systemd before restarting services	2020-06-18 08:42:50 +02:00
Markus	ac8ece705f	nginx: update global settings	2020-06-18 00:22:50 +02:00
Markus	b1c898cce8	web-svc: tiles: increase cache size	2020-06-17 23:46:42 +02:00
Markus	aa278534da	web-svc: tiles: remove unused extra domains	2020-06-17 23:46:07 +02:00
Markus	541441e6ef	web-svc: cache for more than 10 minutes	2020-06-17 21:20:51 +02:00
Markus	4c75e48244	web-svc: forward to new tileserver	2020-06-17 20:54:27 +02:00
Markus	22f2a8e3db	unifi: add role for unifi controller	2020-06-17 20:53:51 +02:00
Markus	e7b55ce809	tileserver: new role to serve map tile	2020-06-17 20:44:52 +02:00
Markus	88e2c60888	web-svc: improve proxy config	2020-06-17 13:32:51 +02:00
Markus	84f9372410	web-svc: make nginx settings completely configurable	2020-06-17 10:52:58 +02:00
Markus	cb26f4c745	web-gw: sync settings between http and https	2020-06-16 23:47:37 +02:00
Markus	aa6aa4650b	implement web service reverse proxy	2020-06-16 23:42:14 +02:00
Markus	ea2aaee4dc	docker: new role that is common to all docker VMs	2020-06-16 22:54:53 +02:00
Markus	0d5f9d3d1c	acertmgr: switch vom git clone to deb package	2020-06-16 22:46:46 +02:00
Bastian	ea9cef86c5	Add Updatepath for 11s releases, remove legacy mapping	2020-05-29 23:25:59 +02:00
Markus	3c20fc825a	common: fix missing handler	2020-05-28 10:25:09 +02:00
Markus	cd6386d58b	remove confluence	2020-05-28 10:24:40 +02:00
Markus	1af46b5e28	prometheus: cleanup	2020-05-28 10:23:36 +02:00
Markus	d710bd841b	mesh-interfaces: fix ifupdown2 service file (again)	2020-05-24 18:25:53 +02:00
Markus	f6c6742e1f	prometheus: collect statistics from proxmox	2020-05-24 18:25:23 +02:00
Markus	aec38f1dd4	exit-ip: explicitly enable IPv4 forwarding for the primary interface	2020-02-20 09:45:46 +01:00
Markus	d68d29e0eb	common: set journald and logratete.conf rentention to 7 days	2020-02-17 12:25:23 +01:00
Markus	4c1d4a485e	common: use new-style network interface names	2020-02-16 01:17:48 +01:00
Markus	88122cc5ed	mesh-interfaces: try to fix network target dependency problems	2020-02-16 01:00:48 +01:00
Markus	d60af77439	exit-ip: let ansible determine external interface	2020-02-11 12:28:31 +01:00
Markus	e9defd4236	web-gw: sync http and https	2020-02-04 10:23:23 +01:00
Markus	44211ceee6	mesh-interfaces: add TODO	2020-02-04 10:20:12 +01:00
Bastian	e69f2249b0	Change IP of respondd receiver to Xavers new Host	2020-01-19 16:41:46 +01:00
Markus	238ec8a4b3	mesh-interfaces: fix whitespace	2019-12-16 22:32:37 +01:00
Markus	73f1c246de	common: install mtr-tiny	2019-12-16 22:32:05 +01:00
Markus	5ac2e63877	nignx: fix whitespace	2019-12-15 23:49:34 +01:00
Markus	63c3f1f461	go: bump version	2019-12-15 23:49:19 +01:00
Markus	48726f6460	mesh-interfaces: set multicast router on bat-if ... as per https://gluon.readthedocs.io/en/v2019.1.x/releases/v2019.1.html#gateway-recommendations	2019-12-15 23:07:18 +01:00
Markus	625d92c0d0	respondd: update service file	2019-12-15 23:00:07 +01:00
Markus	ebf184d1f3	exit-ip: fix missing default value	2019-12-15 22:39:52 +01:00
Markus	778f9649e1	respondd: update to current master ... required in order to be compatible with gluon 2019.1	2019-12-15 22:33:52 +01:00
Bastian Maeuser	4f9d4fd10a	Change Updateserver	2019-12-09 15:32:10 +01:00
Markus	a7423d02be	Remove proxmox	2019-10-10 09:40:41 +02:00
Markus	9b9a086d51	common: install ipmitool on Proxmox hosts	2019-10-09 21:09:26 +02:00
Markus	7db68dfcec	prometheus: update for buster	2019-10-07 15:36:50 +02:00
Markus	64663f74d3	common: handle proxmox differently, install acpi, fix network interface ... names	2019-10-07 15:35:54 +02:00
Bastian	2297707bed	Attempt to force better distribution of clients	2019-05-09 23:01:16 +02:00
Bastian	e4a2882331	Block FastD Connections to the Client Bridge	2019-05-09 22:23:35 +02:00
Bastian	0a3792c219	Added f2b as default	2019-04-27 15:30:22 +02:00
Bastian	10738aa721	Added IP to logging for helping mitigate Shortcuts	2019-04-27 15:09:14 +02:00
Bastian	009639b6a2	Blacklist refined, More shortcutters added	2019-04-27 14:44:14 +02:00
Bastian	4b216f8d1f	Adjusted Permissions	2019-03-27 15:16:32 +01:00
Bastian	fff7a8d27f	fixed fileextension	2019-03-27 15:14:23 +01:00
Bastian	8ad83aa956	Implement proper Blacklist Configuration to fastd	2019-03-27 14:47:33 +01:00
Bastian	52e0c7115a	Add Domainshortcutter Key to Blacklist	2019-03-27 14:47:07 +01:00
Bastian	282576c086	Implement functional Blacklist Script	2019-03-27 14:46:44 +01:00
Markus	8f9d46beaf	fastd: fix daemon failing to start after reboot	2019-03-27 13:31:38 +01:00
Markus	b166c3fcd4	acertmgr: update to 0.8.2	2019-03-21 22:35:11 +01:00
Markus	0d47a786e8	common: remove gentoo prompt	2019-03-08 08:12:12 +01:00
Markus	bb65fc04c9	acertmgr: update to 0.8.1	2019-03-07 15:52:56 +01:00
Markus	9cbc88e4ec	rename certmgr -> acertmgr	2019-03-07 15:09:08 +01:00
Markus	5ee1e577be	nginx: cleanup whitespace	2019-03-07 15:05:38 +01:00
Markus	c116891c4c	grafana: update repo location	2019-03-07 10:52:52 +01:00
Bastian Maeuser	30b1f402e9	Added Backup gw's, todo: dhcp range calculation, go installation	2018-12-13 17:21:01 +01:00
Bastian	9240f4ee64	Removed uselessness and enabled Powerdns Recursor to make DNS6	2018-08-08 22:34:30 +02:00
Bastian Maeuser	e26836e7a1	Bind Powerdns to :: to allow for v6 recursion	2018-08-08 10:48:31 +02:00
Markus	05a9eccc14	fastd: run as user fastd	2018-07-26 17:59:49 +02:00
Markus	1425383a90	prometheus: add fastd statistics	2018-07-26 11:32:07 +02:00
Markus	0148513a65	radvd: fix wrong file name (introduced last cleanup)	2018-07-26 11:08:25 +02:00
Markus	bc1fadd083	fast-exporter: export fastd statistics	2018-07-26 11:08:03 +02:00
Markus	f40a674a0d	Batman: remove dkms support	2018-07-26 11:00:06 +02:00
Markus	3477a59405	Cleanup (mostly whitespace and style)	2018-07-26 10:57:58 +02:00
Bastian	f67fc116da	Batman multicast_mode 0	2018-07-22 00:44:38 +02:00
Bastian	ca0ce99437	Changed MTU	2018-07-21 17:18:18 +02:00
Bastian	76b0c8d73f	Renamed exit-ipv4 to exit-ip, added TCP-MSS Clamping for V4 and V6	2018-07-21 02:02:32 +02:00
Bastian	608db4bb44	Substract Batman Overhead from v6 radvd MTU Link announce	2018-07-21 01:45:36 +02:00
Bastian	012ba4de03	Added TCPMSS Clamping for IPv4	2018-07-21 01:40:20 +02:00
Markus	c00b5f854e	Add new prometheus/grafana roles	2018-07-19 16:29:44 +02:00
Markus	b8cf1837e9	Fix too small ARP/ND cache	2018-07-19 16:28:52 +02:00
Markus	c80bb7c3d4	common: sync with binary kitchen role	2018-07-17 13:15:51 +02:00
Markus	c4204b60e1	Fix spelling	2018-07-17 12:37:33 +02:00
Bastian	c3dec96f0e	Removed AdvRouterAddr from ULA	2018-07-15 20:40:07 +02:00
Bastian	7092e62d45	Default peer-limit for instance of 70	2018-07-15 01:56:28 +02:00
Bastian	de337f1ad0	Added Stable Updater	2018-07-14 11:41:32 +02:00
Markus	b44e9dc450	Install node_exporter to enable monitoring	2018-07-12 10:35:15 +02:00
Bastian	dc0c97b29f	implemented proposed changes	2018-07-10 18:14:13 +02:00
Bastian	057976b868	Cleaned up config.toml	2018-07-10 01:03:22 +02:00
Bastian	90de6cebbe	Yanic Update, changes to Config file, yanicToyanic config	2018-07-09 22:38:49 +02:00
Markus	bc1828e2d6	Fix confluence service file	2018-02-28 14:31:46 +01:00
Markus	91a450e336	Use systemd service for confluence	2018-02-28 14:23:53 +01:00
Bastian	7d6ce37e54	Added Option to Build Batman DKMS Modules from Upstream Code	2018-02-25 23:21:40 +01:00
Bastian	af77b4f71a	Added Role to add GW Admin SSH Keys	2018-02-25 23:08:31 +01:00
Markus	6064619f86	update go version	2018-02-07 17:47:58 +01:00
Markus	cd4656fbaf	mesh-interfaces: fix networking.service to finally unfuck systemd start ... ordering	2018-02-06 13:56:22 +01:00