7c405d3b91
dns_resolver: make available for public
continuous-integration/drone/push Build is failing
2021-09-01 17:34:45 +02:00
1da5ef70e5
dns_auth: dns_resolver: use bullseye system packages
continuous-integration/drone/push Build is failing
2021-09-01 17:34:03 +02:00
c196bc4483
prometheus: add retention setting
continuous-integration/drone/push Build is failing
2021-08-31 19:09:12 +02:00
8fabdc2550
netbox: bump version to 3.0.0
continuous-integration/drone/push Build is failing
2021-08-31 19:02:20 +02:00
Bastian Mäuser
5ad344163d
Fix Yanic behaviour on Statserver
continuous-integration/drone/push Build is failing
2021-08-19 14:08:12 +02:00
0a696c67db
netbox: add missing handler
continuous-integration/drone/push Build is failing
2021-08-17 13:17:16 +02:00
70ce064aa5
apt: add gnupg2
...
continuous-integration/drone/push Build is failing
used to run apt-key via ansible
2021-08-16 17:17:21 +02:00
9c9258863a
docker: use ansible_distribution_release
continuous-integration/drone/push Build is failing
2021-08-16 17:15:15 +02:00
Bastian Mäuser
29cc08a8be
exip_ip: add rule to avoid VPN loops
continuous-integration/drone/push Build is failing
2021-08-03 18:21:43 +02:00
44fc0e626e
exit_ip: add support for NAT pools
2021-08-03 18:19:26 +02:00
fd33a9c571
Install dummy endpoint for connectivity tests
continuous-integration/drone/push Build is failing
2021-07-25 17:30:58 +02:00
0f19c36624
add mesh via vxlan over wireguard to gw11 and gw21
continuous-integration/drone/push Build is failing
2021-07-23 18:21:05 +02:00
e1429adae1
interfaces: use more appropriate post-up instead of up
continuous-integration/drone/push Build is failing
2021-07-23 14:21:10 +02:00
87ddc40259
fastd_exporter: add dependency on go
continuous-integration/drone/push Build is failing
2021-07-23 13:11:41 +02:00
7034448b08
interfaces: use newer ifupdown2 version to fix gw mode
continuous-integration/drone/push Build is failing
2021-07-23 13:11:07 +02:00
8b501255fb
fastd: remove deprecated method xsalsa20-poly1305
continuous-integration/drone/push Build is failing
2021-07-22 16:56:59 +02:00
5c34da3e62
respondd: bump to version 4fd2e3e6
continuous-integration/drone/push Build is failing
2021-07-22 08:33:14 +02:00
bf3784af19
node_exporter: bump to version 1.2.0
continuous-integration/drone/push Build is failing
2021-07-20 16:27:33 +02:00
f5db4f6daf
netbox: bump to version 2.11.9
continuous-integration/drone/push Build is failing
2021-07-13 09:19:04 +02:00
b28004bf35
netbox: run upgrade script
2021-07-13 09:18:26 +02:00
ce397c7a62
netbox: bump version to 2.11.7
continuous-integration/drone/push Build is failing
2021-07-05 16:11:30 +02:00
92b6f4bbd9
arp_cache: increase v6 entries
continuous-integration/drone/push Build is failing
2021-06-22 22:59:46 +02:00
c33111a9fb
netbox: fix paths in netbox-rq service file
continuous-integration/drone/push Build is failing
2021-06-22 19:05:22 +02:00
9a153e9644
interfaces: try to fix boot order (again)
...
continuous-integration/drone/push Build is failing
After and Berfore as per https://github.com/CumulusNetworks/ifupdown2/pull/190/files
2021-06-16 15:32:43 +02:00
01ab94aa27
web_svc: improve caching for tiles
continuous-integration/drone/push Build is failing
2021-06-14 16:54:09 +02:00
9e369291b6
exit_ip: add rate limit to v6 nd
...
continuous-integration/drone/push Build is failing
values were provided by awlnx
2021-06-14 16:46:00 +02:00
f8380524ec
tileserver: pull on deployment, fix path for 3.1.x
2021-06-08 22:07:40 +02:00
4da5ac5ab6
use auto discovered python instead of legacy
2021-06-08 21:17:45 +02:00
6cf940b71f
netbox: bump version to 2.11.4
2021-05-31 16:34:15 +02:00
cc0c0823e9
netbox: bump version to 2.10.6
2021-03-10 16:36:08 +01:00
b517df3151
Set Telegraf Config Permissions to 740
continuous-integration/drone/push Build is failing
2021-01-12 14:23:36 +01:00
Bastian Mäuser
e7d3167f51
Write hostname instead of fqdn
continuous-integration/drone/push Build is failing
2021-01-10 19:16:16 +01:00
Bastian Mäuser
755c1c5af1
Add Telegraf Role
continuous-integration/drone/push Build is failing
2021-01-10 19:11:32 +01:00
d4a9ccf43d
netbox: bump to 2.10.1 and add systemd service
continuous-integration/drone/push Build is failing
2020-12-16 19:32:58 +01:00
0484e91693
dns_auth: support dns slaves
continuous-integration/drone/push Build is failing
2020-12-07 17:18:07 +01:00
19faa44f0c
mesh_wg: adjust MTU to min values rather than max
continuous-integration/drone/push Build is failing
2020-12-02 23:39:15 +01:00
ebe2eac3a7
dns_*: prevent DoH
...
continuous-integration/drone/push Build is failing
by returning NXDOMAIN for use-application-dns.net
2020-11-28 23:39:47 +01:00
1c0d2f25d2
dns_*: use dnsdist as frontend
2020-11-28 23:36:50 +01:00
5cd6b06053
mesh_wg: increase the mtu so wg has to fragment
continuous-integration/drone/push Build is failing
2020-11-25 18:28:22 +01:00
5422d3ad82
dns_*: remove TLS on localhost
continuous-integration/drone/push Build is failing
2020-11-25 18:27:25 +01:00
0baec7972f
stats: migrate to new host, enable for dnsdist
continuous-integration/drone/push Build is failing
2020-11-25 18:26:28 +01:00
f955ce6119
web_svc: more caching
continuous-integration/drone/push Build is failing
2020-11-24 22:41:09 +01:00
bf1b7e434d
dns_resolver: new role for resolver only
continuous-integration/drone/push Build is failing
2020-11-24 22:40:48 +01:00
f882c6e41a
grafana: fix typo
continuous-integration/drone/push Build is failing
2020-11-24 21:04:40 +01:00
d0ff422b67
dns_split: rename from dns
2020-11-24 20:52:14 +01:00
6534749691
grafana: add switch to install rendering deps
continuous-integration/drone/push Build is failing
2020-11-24 20:36:35 +01:00
3baf4139ac
web_*: cleanup, add VXoWG api endpoint
continuous-integration/drone/push Build is failing
2020-11-24 20:29:53 +01:00
e8435cdd9b
apt: fix unattended upgrads and apt download speed
2020-11-24 20:09:18 +01:00
309105d948
Add NGINX Role tailored for stateserver usage
continuous-integration/drone/push Build is failing
2020-11-24 18:22:03 +01:00
46406323c1
rename grafana to stats
continuous-integration/drone/push Build is failing
2020-11-24 14:03:55 +01:00
990ce64971
node_exporter: use TLS and basic auth
continuous-integration/drone/push Build is failing
2020-11-23 23:42:15 +01:00
333c4b82e9
yanic: make suitable for grafana host
continuous-integration/drone/push Build is failing
2020-11-23 22:22:23 +01:00
1b4ed18171
nginx: add default to not break web_gw
continuous-integration/drone/push Build is failing
2020-11-23 19:52:14 +01:00
1f0b671545
mesh_wg: new role for VXLAN over WG meshing
...
continuous-integration/drone/push Build is failing
This is still work in progress, as such it is only enabled on the test
gateway.
2020-11-23 19:44:52 +01:00
97c095f75f
interfaces: cleanup / use more ifupdown2 features
continuous-integration/drone/push Build is passing
2020-11-23 19:03:13 +01:00
ac35c8c635
yanic: fix config template
...
continuous-integration/drone/push Build is passing
change needed to be compatible with current upstream
2020-11-23 19:02:19 +01:00
4c020cea41
unify whitespace before }}
continuous-integration/drone/push Build is passing
2020-11-16 23:18:52 +01:00
56e026ba14
dhcp: cleanup/unify whitespace usage
continuous-integration/drone/push Build is passing
2020-11-05 18:54:26 +01:00
ae6b1bc58a
dns: use dedicated certificate for dnsdist
2020-11-05 18:54:01 +01:00
29627c5e36
dns: use dnsdist from upstream repo
2020-11-05 18:53:33 +01:00
f6c4f927f4
dns: also offer DoT
continuous-integration/drone/push Build is passing
2020-11-04 23:16:27 +01:00
1464ef73cb
new host: grafana.regensburg.freifunk.net
...
new role: influxdb
2020-11-04 23:15:34 +01:00
af56fd8dcd
nginx: support ip anonymization
continuous-integration/drone/push Build is passing
2020-10-20 15:59:08 +02:00
2070c32a26
dns_auth: new role
...
continuous-integration/drone/push Build is passing
also apply role to ns1.regensburg.freifunk.net
2020-10-20 15:26:50 +02:00
dd93bd6b11
dns: use list instead of with_items
continuous-integration/drone/push Build is passing
2020-10-08 22:31:20 +02:00
1b12b54a8d
common: use list instead of with_items
continuous-integration/drone/push Build is passing
2020-10-08 22:30:36 +02:00
40a64d1e77
netbox: fix syntax error
continuous-integration/drone/push Build is passing
2020-10-08 22:29:54 +02:00
b239dfb38f
interfaces: use ipfdown2 version 3.0.0
2020-10-08 12:31:03 +02:00
3582e84b09
git: remove role, integrate into common
continuous-integration/drone/push Build is passing
2020-10-06 10:33:48 +02:00
dc6f2e1e5b
web-svc: rename to web_svc
continuous-integration/drone/push Build is passing
2020-10-06 10:17:06 +02:00
610498fc31
web-gw: rename to web_gw
2020-10-06 10:16:33 +02:00
0de11eb6ed
gw-admin-ssh-keys: rename to root_keys
continuous-integration/drone/push Build is passing
2020-10-06 10:14:45 +02:00
d7291018a4
fastd-exporter: rename to fastd_exporter
2020-10-06 10:13:54 +02:00
c29bed27dc
exit-ip: rename to exit_ip
2020-10-06 10:13:16 +02:00
3b501e041a
arp-cache: rename to arp_cache
2020-10-06 10:12:47 +02:00
3d12cf0a7e
mesh-interfaces: rename to interfaces
continuous-integration/drone/push Build is passing
2020-10-06 10:05:53 +02:00
7602303543
[role/netbox] Add recursive chown task
...
continuous-integration/drone/push Build is passing
Recursively update group-/ownership of netbox directory after unpacking the source and
requiering modules into venv
2020-09-09 18:12:45 +02:00
09099faaeb
[role/netbox] enhance readability
...
Break long lines by using ansible YAML notation
2020-09-09 18:04:24 +02:00
d647550425
netbox: new host and role
continuous-integration/drone/push Build is failing
2020-07-19 12:43:12 +02:00
bc061dff94
apt: use list instead of with_items
continuous-integration/drone/push Build is passing
2020-06-23 21:45:56 +02:00
bad435fad4
cleanup: use systemd module for daemon-reloaed
2020-06-22 13:24:53 +02:00
69ba0b9b38
Update role acertmgr add var acertmgr_version
...
Defining variable acertmgr_version from role defaults, allows version
string to be overridden. Role defaults are set in connection: local scope.
This also shortens long line to make this role linter compliant
2020-06-22 13:22:23 +02:00
eaf2b36e95
Mitigate lint E204 in roles nginx, web-gw and web-svc
2020-06-22 13:22:23 +02:00
e2b9ae548c
nginx: don't use "== True"
2020-06-20 17:23:59 +02:00
9f3945dcc9
acertmgr: ansible style fix
2020-06-20 00:22:26 +02:00
e601249cb4
nginx: enable gzip for proxied responses
2020-06-19 23:15:37 +02:00
462a1128ff
docker: only apply explicitly where needed
2020-06-19 21:15:19 +02:00
6db08c74bd
node_exporter: bump version
2020-06-18 18:07:44 +02:00
3cd6c0b1dc
tileserver: simplify restart handler
2020-06-18 18:07:13 +02:00
55b9801aa4
nginx: hide version
2020-06-18 18:06:43 +02:00
d888969b3c
Reload systemd before restarting services
2020-06-18 08:42:50 +02:00
ac8ece705f
nginx: update global settings
2020-06-18 00:22:50 +02:00
b1c898cce8
web-svc: tiles: increase cache size
2020-06-17 23:46:42 +02:00
aa278534da
web-svc: tiles: remove unused extra domains
2020-06-17 23:46:07 +02:00
541441e6ef
web-svc: cache for more than 10 minutes
2020-06-17 21:20:51 +02:00
4c75e48244
web-svc: forward to new tileserver
2020-06-17 20:54:27 +02:00
22f2a8e3db
unifi: add role for unifi controller
2020-06-17 20:53:51 +02:00
e7b55ce809
tileserver: new role to serve map tile
2020-06-17 20:44:52 +02:00
88e2c60888
web-svc: improve proxy config
2020-06-17 13:32:51 +02:00
84f9372410
web-svc: make nginx settings completely configurable
2020-06-17 10:52:58 +02:00
cb26f4c745
web-gw: sync settings between http and https
2020-06-16 23:47:37 +02:00
aa6aa4650b
implement web service reverse proxy
2020-06-16 23:42:14 +02:00
ea2aaee4dc
docker: new role that is common to all docker VMs
2020-06-16 22:54:53 +02:00
0d5f9d3d1c
acertmgr: switch vom git clone to deb package
2020-06-16 22:46:46 +02:00
ea9cef86c5
Add Updatepath for 11s releases, remove legacy mapping
2020-05-29 23:25:59 +02:00
3c20fc825a
common: fix missing handler
2020-05-28 10:25:09 +02:00
cd6386d58b
remove confluence
2020-05-28 10:24:40 +02:00
1af46b5e28
prometheus: cleanup
2020-05-28 10:23:36 +02:00
d710bd841b
mesh-interfaces: fix ifupdown2 service file (again)
2020-05-24 18:25:53 +02:00
f6c6742e1f
prometheus: collect statistics from proxmox
2020-05-24 18:25:23 +02:00
aec38f1dd4
exit-ip: explicitly enable IPv4 forwarding for the primary interface
2020-02-20 09:45:46 +01:00
d68d29e0eb
common: set journald and logratete.conf rentention to 7 days
2020-02-17 12:25:23 +01:00
4c1d4a485e
common: use new-style network interface names
2020-02-16 01:17:48 +01:00
88122cc5ed
mesh-interfaces: try to fix network target dependency problems
2020-02-16 01:00:48 +01:00
d60af77439
exit-ip: let ansible determine external interface
2020-02-11 12:28:31 +01:00
e9defd4236
web-gw: sync http and https
2020-02-04 10:23:23 +01:00
44211ceee6
mesh-interfaces: add TODO
2020-02-04 10:20:12 +01:00
e69f2249b0
Change IP of respondd receiver to Xavers new Host
2020-01-19 16:41:46 +01:00
238ec8a4b3
mesh-interfaces: fix whitespace
2019-12-16 22:32:37 +01:00
73f1c246de
common: install mtr-tiny
2019-12-16 22:32:05 +01:00
5ac2e63877
nignx: fix whitespace
2019-12-15 23:49:34 +01:00
63c3f1f461
go: bump version
2019-12-15 23:49:19 +01:00
48726f6460
mesh-interfaces: set multicast router on bat-if
...
as per https://gluon.readthedocs.io/en/v2019.1.x/releases/v2019.1.html#gateway-recommendations
2019-12-15 23:07:18 +01:00
625d92c0d0
respondd: update service file
2019-12-15 23:00:07 +01:00
ebf184d1f3
exit-ip: fix missing default value
2019-12-15 22:39:52 +01:00
778f9649e1
respondd: update to current master
...
required in order to be compatible with gluon 2019.1
2019-12-15 22:33:52 +01:00
Bastian Maeuser
4f9d4fd10a
Change Updateserver
2019-12-09 15:32:10 +01:00
a7423d02be
Remove proxmox
2019-10-10 09:40:41 +02:00
9b9a086d51
common: install ipmitool on Proxmox hosts
2019-10-09 21:09:26 +02:00
7db68dfcec
prometheus: update for buster
2019-10-07 15:36:50 +02:00
64663f74d3
common: handle proxmox differently, install acpi, fix network interface
...
names
2019-10-07 15:35:54 +02:00
2297707bed
Attempt to force better distribution of clients
2019-05-09 23:01:16 +02:00
e4a2882331
Block FastD Connections to the Client Bridge
2019-05-09 22:23:35 +02:00
0a3792c219
Added f2b as default
2019-04-27 15:30:22 +02:00
10738aa721
Added IP to logging for helping mitigate Shortcuts
2019-04-27 15:09:14 +02:00
009639b6a2
Blacklist refined, More shortcutters added
2019-04-27 14:44:14 +02:00
4b216f8d1f
Adjusted Permissions
2019-03-27 15:16:32 +01:00
fff7a8d27f
fixed fileextension
2019-03-27 15:14:23 +01:00
8ad83aa956
Implement proper Blacklist Configuration to fastd
2019-03-27 14:47:33 +01:00
52e0c7115a
Add Domainshortcutter Key to Blacklist
2019-03-27 14:47:07 +01:00
282576c086
Implement functional Blacklist Script
2019-03-27 14:46:44 +01:00
8f9d46beaf
fastd: fix daemon failing to start after reboot
2019-03-27 13:31:38 +01:00
b166c3fcd4
acertmgr: update to 0.8.2
2019-03-21 22:35:11 +01:00
0d47a786e8
common: remove gentoo prompt
2019-03-08 08:12:12 +01:00
bb65fc04c9
acertmgr: update to 0.8.1
2019-03-07 15:52:56 +01:00
9cbc88e4ec
rename certmgr -> acertmgr
2019-03-07 15:09:08 +01:00
5ee1e577be
nginx: cleanup whitespace
2019-03-07 15:05:38 +01:00
c116891c4c
grafana: update repo location
2019-03-07 10:52:52 +01:00
Bastian Maeuser
30b1f402e9
Added Backup gw's, todo: dhcp range calculation, go installation
2018-12-13 17:21:01 +01:00
9240f4ee64
Removed uselessness and enabled Powerdns Recursor to make DNS6
2018-08-08 22:34:30 +02:00