990ce64971
node_exporter: use TLS and basic auth
continuous-integration/drone/push Build is failing
2020-11-23 23:42:15 +01:00
333c4b82e9
yanic: make suitable for grafana host
continuous-integration/drone/push Build is failing
2020-11-23 22:22:23 +01:00
1b4ed18171
nginx: add default to not break web_gw
continuous-integration/drone/push Build is failing
2020-11-23 19:52:14 +01:00
1f0b671545
mesh_wg: new role for VXLAN over WG meshing
...
continuous-integration/drone/push Build is failing
This is still work in progress, as such it is only enabled on the test
gateway.
2020-11-23 19:44:52 +01:00
97c095f75f
interfaces: cleanup / use more ifupdown2 features
continuous-integration/drone/push Build is passing
2020-11-23 19:03:13 +01:00
ac35c8c635
yanic: fix config template
...
continuous-integration/drone/push Build is passing
change needed to be compatible with current upstream
2020-11-23 19:02:19 +01:00
4c020cea41
unify whitespace before }}
continuous-integration/drone/push Build is passing
2020-11-16 23:18:52 +01:00
56e026ba14
dhcp: cleanup/unify whitespace usage
continuous-integration/drone/push Build is passing
2020-11-05 18:54:26 +01:00
ae6b1bc58a
dns: use dedicated certificate for dnsdist
2020-11-05 18:54:01 +01:00
29627c5e36
dns: use dnsdist from upstream repo
2020-11-05 18:53:33 +01:00
f6c4f927f4
dns: also offer DoT
continuous-integration/drone/push Build is passing
2020-11-04 23:16:27 +01:00
1464ef73cb
new host: grafana.regensburg.freifunk.net
...
new role: influxdb
2020-11-04 23:15:34 +01:00
af56fd8dcd
nginx: support ip anonymization
continuous-integration/drone/push Build is passing
2020-10-20 15:59:08 +02:00
2070c32a26
dns_auth: new role
...
continuous-integration/drone/push Build is passing
also apply role to ns1.regensburg.freifunk.net
2020-10-20 15:26:50 +02:00
dd93bd6b11
dns: use list instead of with_items
continuous-integration/drone/push Build is passing
2020-10-08 22:31:20 +02:00
1b12b54a8d
common: use list instead of with_items
continuous-integration/drone/push Build is passing
2020-10-08 22:30:36 +02:00
40a64d1e77
netbox: fix syntax error
continuous-integration/drone/push Build is passing
2020-10-08 22:29:54 +02:00
b239dfb38f
interfaces: use ipfdown2 version 3.0.0
2020-10-08 12:31:03 +02:00
3582e84b09
git: remove role, integrate into common
continuous-integration/drone/push Build is passing
2020-10-06 10:33:48 +02:00
dc6f2e1e5b
web-svc: rename to web_svc
continuous-integration/drone/push Build is passing
2020-10-06 10:17:06 +02:00
610498fc31
web-gw: rename to web_gw
2020-10-06 10:16:33 +02:00
0de11eb6ed
gw-admin-ssh-keys: rename to root_keys
continuous-integration/drone/push Build is passing
2020-10-06 10:14:45 +02:00
d7291018a4
fastd-exporter: rename to fastd_exporter
2020-10-06 10:13:54 +02:00
c29bed27dc
exit-ip: rename to exit_ip
2020-10-06 10:13:16 +02:00
3b501e041a
arp-cache: rename to arp_cache
2020-10-06 10:12:47 +02:00
3d12cf0a7e
mesh-interfaces: rename to interfaces
continuous-integration/drone/push Build is passing
2020-10-06 10:05:53 +02:00
7602303543
[role/netbox] Add recursive chown task
...
continuous-integration/drone/push Build is passing
Recursively update group-/ownership of netbox directory after unpacking the source and
requiering modules into venv
2020-09-09 18:12:45 +02:00
09099faaeb
[role/netbox] enhance readability
...
Break long lines by using ansible YAML notation
2020-09-09 18:04:24 +02:00
d647550425
netbox: new host and role
continuous-integration/drone/push Build is failing
2020-07-19 12:43:12 +02:00
bc061dff94
apt: use list instead of with_items
continuous-integration/drone/push Build is passing
2020-06-23 21:45:56 +02:00
bad435fad4
cleanup: use systemd module for daemon-reloaed
2020-06-22 13:24:53 +02:00
69ba0b9b38
Update role acertmgr add var acertmgr_version
...
Defining variable acertmgr_version from role defaults, allows version
string to be overridden. Role defaults are set in connection: local scope.
This also shortens long line to make this role linter compliant
2020-06-22 13:22:23 +02:00
eaf2b36e95
Mitigate lint E204 in roles nginx, web-gw and web-svc
2020-06-22 13:22:23 +02:00
e2b9ae548c
nginx: don't use "== True"
2020-06-20 17:23:59 +02:00
9f3945dcc9
acertmgr: ansible style fix
2020-06-20 00:22:26 +02:00
e601249cb4
nginx: enable gzip for proxied responses
2020-06-19 23:15:37 +02:00
462a1128ff
docker: only apply explicitly where needed
2020-06-19 21:15:19 +02:00
6db08c74bd
node_exporter: bump version
2020-06-18 18:07:44 +02:00
3cd6c0b1dc
tileserver: simplify restart handler
2020-06-18 18:07:13 +02:00
55b9801aa4
nginx: hide version
2020-06-18 18:06:43 +02:00
d888969b3c
Reload systemd before restarting services
2020-06-18 08:42:50 +02:00
ac8ece705f
nginx: update global settings
2020-06-18 00:22:50 +02:00
b1c898cce8
web-svc: tiles: increase cache size
2020-06-17 23:46:42 +02:00
aa278534da
web-svc: tiles: remove unused extra domains
2020-06-17 23:46:07 +02:00
541441e6ef
web-svc: cache for more than 10 minutes
2020-06-17 21:20:51 +02:00
4c75e48244
web-svc: forward to new tileserver
2020-06-17 20:54:27 +02:00
22f2a8e3db
unifi: add role for unifi controller
2020-06-17 20:53:51 +02:00
e7b55ce809
tileserver: new role to serve map tile
2020-06-17 20:44:52 +02:00
88e2c60888
web-svc: improve proxy config
2020-06-17 13:32:51 +02:00
84f9372410
web-svc: make nginx settings completely configurable
2020-06-17 10:52:58 +02:00
cb26f4c745
web-gw: sync settings between http and https
2020-06-16 23:47:37 +02:00
aa6aa4650b
implement web service reverse proxy
2020-06-16 23:42:14 +02:00
ea2aaee4dc
docker: new role that is common to all docker VMs
2020-06-16 22:54:53 +02:00
0d5f9d3d1c
acertmgr: switch vom git clone to deb package
2020-06-16 22:46:46 +02:00
ea9cef86c5
Add Updatepath for 11s releases, remove legacy mapping
2020-05-29 23:25:59 +02:00
3c20fc825a
common: fix missing handler
2020-05-28 10:25:09 +02:00
cd6386d58b
remove confluence
2020-05-28 10:24:40 +02:00
1af46b5e28
prometheus: cleanup
2020-05-28 10:23:36 +02:00
d710bd841b
mesh-interfaces: fix ifupdown2 service file (again)
2020-05-24 18:25:53 +02:00
f6c6742e1f
prometheus: collect statistics from proxmox
2020-05-24 18:25:23 +02:00
aec38f1dd4
exit-ip: explicitly enable IPv4 forwarding for the primary interface
2020-02-20 09:45:46 +01:00
d68d29e0eb
common: set journald and logratete.conf rentention to 7 days
2020-02-17 12:25:23 +01:00
4c1d4a485e
common: use new-style network interface names
2020-02-16 01:17:48 +01:00
88122cc5ed
mesh-interfaces: try to fix network target dependency problems
2020-02-16 01:00:48 +01:00
d60af77439
exit-ip: let ansible determine external interface
2020-02-11 12:28:31 +01:00
e9defd4236
web-gw: sync http and https
2020-02-04 10:23:23 +01:00
44211ceee6
mesh-interfaces: add TODO
2020-02-04 10:20:12 +01:00
e69f2249b0
Change IP of respondd receiver to Xavers new Host
2020-01-19 16:41:46 +01:00
238ec8a4b3
mesh-interfaces: fix whitespace
2019-12-16 22:32:37 +01:00
73f1c246de
common: install mtr-tiny
2019-12-16 22:32:05 +01:00
5ac2e63877
nignx: fix whitespace
2019-12-15 23:49:34 +01:00
63c3f1f461
go: bump version
2019-12-15 23:49:19 +01:00
48726f6460
mesh-interfaces: set multicast router on bat-if
...
as per https://gluon.readthedocs.io/en/v2019.1.x/releases/v2019.1.html#gateway-recommendations
2019-12-15 23:07:18 +01:00
625d92c0d0
respondd: update service file
2019-12-15 23:00:07 +01:00
ebf184d1f3
exit-ip: fix missing default value
2019-12-15 22:39:52 +01:00
778f9649e1
respondd: update to current master
...
required in order to be compatible with gluon 2019.1
2019-12-15 22:33:52 +01:00
Bastian Maeuser
4f9d4fd10a
Change Updateserver
2019-12-09 15:32:10 +01:00
a7423d02be
Remove proxmox
2019-10-10 09:40:41 +02:00
9b9a086d51
common: install ipmitool on Proxmox hosts
2019-10-09 21:09:26 +02:00
7db68dfcec
prometheus: update for buster
2019-10-07 15:36:50 +02:00
64663f74d3
common: handle proxmox differently, install acpi, fix network interface
...
names
2019-10-07 15:35:54 +02:00
2297707bed
Attempt to force better distribution of clients
2019-05-09 23:01:16 +02:00
e4a2882331
Block FastD Connections to the Client Bridge
2019-05-09 22:23:35 +02:00
0a3792c219
Added f2b as default
2019-04-27 15:30:22 +02:00
10738aa721
Added IP to logging for helping mitigate Shortcuts
2019-04-27 15:09:14 +02:00
009639b6a2
Blacklist refined, More shortcutters added
2019-04-27 14:44:14 +02:00
4b216f8d1f
Adjusted Permissions
2019-03-27 15:16:32 +01:00
fff7a8d27f
fixed fileextension
2019-03-27 15:14:23 +01:00
8ad83aa956
Implement proper Blacklist Configuration to fastd
2019-03-27 14:47:33 +01:00
52e0c7115a
Add Domainshortcutter Key to Blacklist
2019-03-27 14:47:07 +01:00
282576c086
Implement functional Blacklist Script
2019-03-27 14:46:44 +01:00
8f9d46beaf
fastd: fix daemon failing to start after reboot
2019-03-27 13:31:38 +01:00
b166c3fcd4
acertmgr: update to 0.8.2
2019-03-21 22:35:11 +01:00
0d47a786e8
common: remove gentoo prompt
2019-03-08 08:12:12 +01:00
bb65fc04c9
acertmgr: update to 0.8.1
2019-03-07 15:52:56 +01:00
9cbc88e4ec
rename certmgr -> acertmgr
2019-03-07 15:09:08 +01:00
5ee1e577be
nginx: cleanup whitespace
2019-03-07 15:05:38 +01:00
c116891c4c
grafana: update repo location
2019-03-07 10:52:52 +01:00
Bastian Maeuser
30b1f402e9
Added Backup gw's, todo: dhcp range calculation, go installation
2018-12-13 17:21:01 +01:00
9240f4ee64
Removed uselessness and enabled Powerdns Recursor to make DNS6
2018-08-08 22:34:30 +02:00
Bastian Maeuser
e26836e7a1
Bind Powerdns to :: to allow for v6 recursion
2018-08-08 10:48:31 +02:00
05a9eccc14
fastd: run as user fastd
2018-07-26 17:59:49 +02:00
1425383a90
prometheus: add fastd statistics
2018-07-26 11:32:07 +02:00
0148513a65
radvd: fix wrong file name (introduced last cleanup)
2018-07-26 11:08:25 +02:00
bc1fadd083
fast-exporter: export fastd statistics
2018-07-26 11:08:03 +02:00
f40a674a0d
Batman: remove dkms support
2018-07-26 11:00:06 +02:00
3477a59405
Cleanup (mostly whitespace and style)
2018-07-26 10:57:58 +02:00
f67fc116da
Batman multicast_mode 0
2018-07-22 00:44:38 +02:00
ca0ce99437
Changed MTU
2018-07-21 17:18:18 +02:00
76b0c8d73f
Renamed exit-ipv4 to exit-ip, added TCP-MSS Clamping for V4 and V6
2018-07-21 02:02:32 +02:00
608db4bb44
Substract Batman Overhead from v6 radvd MTU Link announce
2018-07-21 01:45:36 +02:00
012ba4de03
Added TCPMSS Clamping for IPv4
2018-07-21 01:40:20 +02:00
c00b5f854e
Add new prometheus/grafana roles
2018-07-19 16:29:44 +02:00
b8cf1837e9
Fix too small ARP/ND cache
2018-07-19 16:28:52 +02:00
c80bb7c3d4
common: sync with binary kitchen role
2018-07-17 13:15:51 +02:00
c4204b60e1
Fix spelling
2018-07-17 12:37:33 +02:00
c3dec96f0e
Removed AdvRouterAddr from ULA
2018-07-15 20:40:07 +02:00
7092e62d45
Default peer-limit for instance of 70
2018-07-15 01:56:28 +02:00
de337f1ad0
Added Stable Updater
2018-07-14 11:41:32 +02:00
b44e9dc450
Install node_exporter to enable monitoring
2018-07-12 10:35:15 +02:00
dc0c97b29f
implemented proposed changes
2018-07-10 18:14:13 +02:00
057976b868
Cleaned up config.toml
2018-07-10 01:03:22 +02:00
90de6cebbe
Yanic Update, changes to Config file, yanicToyanic config
2018-07-09 22:38:49 +02:00
bc1828e2d6
Fix confluence service file
2018-02-28 14:31:46 +01:00
91a450e336
Use systemd service for confluence
2018-02-28 14:23:53 +01:00
7d6ce37e54
Added Option to Build Batman DKMS Modules from Upstream Code
2018-02-25 23:21:40 +01:00
af77b4f71a
Added Role to add GW Admin SSH Keys
2018-02-25 23:08:31 +01:00
6064619f86
update go version
2018-02-07 17:47:58 +01:00
cd4656fbaf
mesh-interfaces: fix networking.service to finally unfuck systemd start
...
ordering
2018-02-06 13:56:22 +01:00
9720f98384
mesh-interfaces: do not create backup files, this will break things
2018-02-06 13:50:20 +01:00
Bastian Mäuser
40a8040047
removed bloat and doing dkms in ansible now
2018-02-04 20:06:39 +01:00
Bastian Mäuser
cf9f284f16
Missing conditionals fixed
2018-02-04 18:34:22 +01:00
Bastian Mäuser
1c7be4b822
Added batman-adv-dkms build option
2018-02-04 18:32:45 +01:00
Bastian Mäuser
09156deb66
Changed Yanic repo to ffrgb for for updating..
2018-01-28 13:50:20 +01:00
Bastian Mäuser
7f7c55eb34
Added Proxy f/ firmware, Yanic Influx feeding
2018-01-28 13:40:01 +01:00
Bastian Mäuser
f21991e25e
Added Verbose Information. TBD: Proper Updater
2018-01-28 13:39:33 +01:00
Bastian Mäuser
67baba2b43
web-gw proxypass for relocator
2018-01-27 20:24:56 +01:00
Bastian Mäuser
270b3b4c63
removed rendundant info
2018-01-25 23:20:50 +01:00
Bastian Mäuser
3b277eaa68
added Global V6 to FF bridge
2018-01-25 22:38:19 +01:00
Bastian Mäuser
82d709127b
Added Global V6 to radvd
2018-01-25 22:38:00 +01:00
Bastian Mäuser
7932b33041
IPv4 Reverse Delegation added
2018-01-24 01:28:12 +01:00
Bastian Mäuser
4cd37e4c4c
Merge branch 'radvd'
2018-01-24 00:56:28 +01:00
Bastian Mäuser
8e0e9133e3
Added Gateway ip's to Zone Template
2018-01-24 00:51:13 +01:00
Bastian Mäuser
7b41607839
Small fix
2018-01-24 00:49:46 +01:00
Bastian Mäuser
9bd490092f
Enable IPV6 Routing for Bird
2018-01-24 00:30:43 +01:00
Bastian Mäuser
3282afe85c
fix missing {
2018-01-24 00:13:06 +01:00
Bastian Mäuser
a601f1bb31
Added ansible Tag
2018-01-24 00:00:19 +01:00
Bastian Mäuser
7ed228992d
Added radvd
2018-01-23 23:57:23 +01:00
Bastian Mäuser
a60021a860
Global MTU
2018-01-23 23:56:25 +01:00
Bastian Mäuser
a54af53a25
added global mtu
2018-01-23 23:55:05 +01:00
c85fa8d9f1
bird: IPv6 backbone L3 routing
2018-01-23 18:51:45 +01:00
6fd416051e
bird: IPv4 backbone L3 routing
2018-01-23 18:45:11 +01:00
8d92dc9c82
gre tunnels between gateways
2018-01-22 21:57:19 +01:00
f1b9e3f72c
Support multiple fastd interfaces
2018-01-21 20:46:21 +01:00
7b8ba46d5d
fix whitespace
2018-01-21 16:55:09 +01:00
1a3f775731
Update 'roles/dhcpd/templates/dhcpd.conf.j2'
2018-01-20 22:57:56 +01:00
0a03d7c989
Update 'roles/mesh-interfaces/templates/mesh.conf.j2'
...
Changed OGM to 5s
2018-01-20 20:02:25 +01:00
908fe6aa85
Update 'roles/fastd/defaults/main.yml'
...
Avoid fragmentation of every single IPV6 payload.
2018-01-20 20:01:09 +01:00
45e90b0a5d
Update 'roles/dns/templates/bind/ffrgb.zone.j2'
...
Director Services added.
2018-01-18 21:33:23 +01:00
f830046541
unfuck systemd startup issues
2018-01-18 14:48:41 +01:00
1e4b24e94b
yanic: only install if binary is missing
2018-01-18 12:52:54 +01:00
6f22bde725
make sure nf_conntrack is loaded early on
2018-01-18 12:52:12 +01:00
e4a8e9431f
dns: also restart auth server on changes
2018-01-18 12:51:54 +01:00
2d1f3c568d
dns: serve ffrgb zone towards mesh
2018-01-18 12:47:56 +01:00
ceffd29bed
dns: also listen on ipv6
2018-01-18 10:09:24 +01:00
f2c357ea72
Start yanic and respondd after network
2018-01-17 14:18:44 +01:00
2c92d4a379
Remove yanic push service
2018-01-17 14:13:24 +01:00
005fd47b1a
Only fetch and unpack go if binary is missing
2018-01-17 11:35:24 +01:00
dc115c319b
go: make version configureable, use 1.8.5
2018-01-17 10:41:02 +01:00
c2c8acea51
respondd: pin git version/tag
2018-01-17 09:27:32 +01:00
e86dd3b0cb
do net set fd on bridge (not working anyway)
2018-01-16 23:28:14 +01:00
3d216afaf3
Fix ipv6 ULA by removing explicit mac addr from bridge
2018-01-16 23:16:55 +01:00
ea3823cb22
web-gw: fix permissoins on /var/www/html
2018-01-15 20:19:24 +01:00
4095975934
exit-ipv4: make sure nf_conntrack is loaded
2018-01-15 20:19:03 +01:00
fc3958bfb3
Change respondd upstream repository
2018-01-15 18:45:09 +01:00
25f9362b89
yanic: adjust config file to upstream changes
2018-01-15 12:32:51 +01:00
fc6d027a4f
Update 'roles/fastd/templates/fastd.conf.j2'
...
null method for performance mode
2018-01-14 23:13:34 +01:00
5384ce802a
fastd: make sure at least a dummy blacklist.sh is available
2018-01-14 20:23:08 +01:00
cb615fa1b6
certmgr: update to current version
2018-01-14 19:15:29 +01:00
7036590d01
cmmon: install net-tools (netstat) and psmisc (killall)
2018-01-14 19:05:25 +01:00
5d63113f41
cleanup (template -> file)
2018-01-10 16:35:20 +01:00
d0706c84bb
web-gw: setup reverse proxy for firmware downloads
2018-01-10 15:54:30 +01:00
4c2ff47a28
Fix restart command for confluence certificates
2017-11-23 10:30:25 +01:00
40bd3cf30e
Cleanup web-gw and nginx
2017-11-16 19:02:26 +01:00
6770035a61
Unbreank yanic service
2017-11-09 21:44:38 +01:00
af446ed4e9
Unbreak yanic installation
2017-11-09 21:31:39 +01:00
34ce42c73b
Cleanup fastd role
2017-11-09 21:21:19 +01:00
b57bc04e1c
Fixed MAC addresses for br/bat-interfaces
2017-11-09 21:05:47 +01:00
6a0c6ff476
Disable mouse in vim
2017-09-19 09:26:08 +02:00
10e9ed9fd6
Cleanup
2017-07-11 17:48:05 +02:00
a0ef587a41
Add web-server for gateways
2017-07-03 21:18:45 +02:00
72357d34fa
Minimize changes to upstream default config
2017-07-03 12:58:18 +02:00
632ccfc8ca
Require debian stretch, drop backports, cleanup
2017-06-30 11:59:14 +02:00
f9a407391c
Add gw_mode to batman interface
2017-06-15 16:48:07 +02:00
6cccf81de2
Add yanic role (mostly copy&paste from Bremen)
2017-06-11 20:26:34 +02:00
6f071c524a
Fix respondd service
2017-06-11 20:15:28 +02:00
fc75edb757
Add missing dependency
2017-06-11 20:06:29 +02:00
77b895ad56
Style cleanup
2017-04-05 22:02:56 +02:00
7b640e17d4
Fix path to arp
2017-04-05 22:01:37 +02:00
3e6f2f1b5b
Update nginx config to support confluence 6.x
2017-04-05 17:12:07 +02:00