Commit Graph

314 Commits

Author SHA1 Message Date
70ce064aa5 apt: add gnupg2
used to run apt-key via ansible
2021-08-16 17:17:21 +02:00
9c9258863a docker: use ansible_distribution_release 2021-08-16 17:15:15 +02:00
Bastian Mäuser
29cc08a8be exip_ip: add rule to avoid VPN loops 2021-08-03 18:21:43 +02:00
44fc0e626e exit_ip: add support for NAT pools 2021-08-03 18:19:26 +02:00
fd33a9c571 Install dummy endpoint for connectivity tests 2021-07-25 17:30:58 +02:00
0f19c36624 add mesh via vxlan over wireguard to gw11 and gw21 2021-07-23 18:21:05 +02:00
e1429adae1 interfaces: use more appropriate post-up instead of up 2021-07-23 14:21:10 +02:00
87ddc40259 fastd_exporter: add dependency on go 2021-07-23 13:11:41 +02:00
7034448b08 interfaces: use newer ifupdown2 version to fix gw mode 2021-07-23 13:11:07 +02:00
8b501255fb fastd: remove deprecated method xsalsa20-poly1305 2021-07-22 16:56:59 +02:00
5c34da3e62 respondd: bump to version 4fd2e3e6 2021-07-22 08:33:14 +02:00
bf3784af19 node_exporter: bump to version 1.2.0 2021-07-20 16:27:33 +02:00
f5db4f6daf netbox: bump to version 2.11.9 2021-07-13 09:19:04 +02:00
b28004bf35 netbox: run upgrade script 2021-07-13 09:18:26 +02:00
ce397c7a62 netbox: bump version to 2.11.7 2021-07-05 16:11:30 +02:00
92b6f4bbd9 arp_cache: increase v6 entries 2021-06-22 22:59:46 +02:00
c33111a9fb netbox: fix paths in netbox-rq service file 2021-06-22 19:05:22 +02:00
9a153e9644 interfaces: try to fix boot order (again)
After and Berfore as per https://github.com/CumulusNetworks/ifupdown2/pull/190/files
2021-06-16 15:32:43 +02:00
01ab94aa27 web_svc: improve caching for tiles 2021-06-14 16:54:09 +02:00
9e369291b6 exit_ip: add rate limit to v6 nd
values were provided by awlnx
2021-06-14 16:46:00 +02:00
f8380524ec tileserver: pull on deployment, fix path for 3.1.x 2021-06-08 22:07:40 +02:00
4da5ac5ab6 use auto discovered python instead of legacy 2021-06-08 21:17:45 +02:00
6cf940b71f netbox: bump version to 2.11.4 2021-05-31 16:34:15 +02:00
cc0c0823e9 netbox: bump version to 2.10.6 2021-03-10 16:36:08 +01:00
b517df3151 Set Telegraf Config Permissions to 740 2021-01-12 14:23:36 +01:00
Bastian Mäuser
e7d3167f51 Write hostname instead of fqdn 2021-01-10 19:16:16 +01:00
Bastian Mäuser
755c1c5af1 Add Telegraf Role 2021-01-10 19:11:32 +01:00
d4a9ccf43d netbox: bump to 2.10.1 and add systemd service 2020-12-16 19:32:58 +01:00
0484e91693 dns_auth: support dns slaves 2020-12-07 17:18:07 +01:00
19faa44f0c mesh_wg: adjust MTU to min values rather than max 2020-12-02 23:39:15 +01:00
ebe2eac3a7 dns_*: prevent DoH
by returning NXDOMAIN for use-application-dns.net
2020-11-28 23:39:47 +01:00
1c0d2f25d2 dns_*: use dnsdist as frontend 2020-11-28 23:36:50 +01:00
5cd6b06053 mesh_wg: increase the mtu so wg has to fragment 2020-11-25 18:28:22 +01:00
5422d3ad82 dns_*: remove TLS on localhost 2020-11-25 18:27:25 +01:00
0baec7972f stats: migrate to new host, enable for dnsdist 2020-11-25 18:26:28 +01:00
f955ce6119 web_svc: more caching 2020-11-24 22:41:09 +01:00
bf1b7e434d dns_resolver: new role for resolver only 2020-11-24 22:40:48 +01:00
f882c6e41a grafana: fix typo 2020-11-24 21:04:40 +01:00
d0ff422b67 dns_split: rename from dns 2020-11-24 20:52:14 +01:00
6534749691 grafana: add switch to install rendering deps 2020-11-24 20:36:35 +01:00
3baf4139ac web_*: cleanup, add VXoWG api endpoint 2020-11-24 20:29:53 +01:00
e8435cdd9b apt: fix unattended upgrads and apt download speed 2020-11-24 20:09:18 +01:00
309105d948 Add NGINX Role tailored for stateserver usage 2020-11-24 18:22:03 +01:00
46406323c1 rename grafana to stats 2020-11-24 14:03:55 +01:00
990ce64971 node_exporter: use TLS and basic auth 2020-11-23 23:42:15 +01:00
333c4b82e9 yanic: make suitable for grafana host 2020-11-23 22:22:23 +01:00
1b4ed18171 nginx: add default to not break web_gw 2020-11-23 19:52:14 +01:00
1f0b671545 mesh_wg: new role for VXLAN over WG meshing
This is still work in progress, as such it is only enabled on the test
gateway.
2020-11-23 19:44:52 +01:00
97c095f75f interfaces: cleanup / use more ifupdown2 features 2020-11-23 19:03:13 +01:00
ac35c8c635 yanic: fix config template
change needed to be compatible with current upstream
2020-11-23 19:02:19 +01:00
4c020cea41 unify whitespace before }} 2020-11-16 23:18:52 +01:00
56e026ba14 dhcp: cleanup/unify whitespace usage 2020-11-05 18:54:26 +01:00
ae6b1bc58a dns: use dedicated certificate for dnsdist 2020-11-05 18:54:01 +01:00
29627c5e36 dns: use dnsdist from upstream repo 2020-11-05 18:53:33 +01:00
f6c4f927f4 dns: also offer DoT 2020-11-04 23:16:27 +01:00
1464ef73cb new host: grafana.regensburg.freifunk.net
new role: influxdb
2020-11-04 23:15:34 +01:00
af56fd8dcd nginx: support ip anonymization 2020-10-20 15:59:08 +02:00
2070c32a26 dns_auth: new role
also apply role to ns1.regensburg.freifunk.net
2020-10-20 15:26:50 +02:00
dd93bd6b11 dns: use list instead of with_items 2020-10-08 22:31:20 +02:00
1b12b54a8d common: use list instead of with_items 2020-10-08 22:30:36 +02:00
40a64d1e77 netbox: fix syntax error 2020-10-08 22:29:54 +02:00
b239dfb38f interfaces: use ipfdown2 version 3.0.0 2020-10-08 12:31:03 +02:00
3582e84b09 git: remove role, integrate into common 2020-10-06 10:33:48 +02:00
dc6f2e1e5b web-svc: rename to web_svc 2020-10-06 10:17:06 +02:00
610498fc31 web-gw: rename to web_gw 2020-10-06 10:16:33 +02:00
0de11eb6ed gw-admin-ssh-keys: rename to root_keys 2020-10-06 10:14:45 +02:00
d7291018a4 fastd-exporter: rename to fastd_exporter 2020-10-06 10:13:54 +02:00
c29bed27dc exit-ip: rename to exit_ip 2020-10-06 10:13:16 +02:00
3b501e041a arp-cache: rename to arp_cache 2020-10-06 10:12:47 +02:00
3d12cf0a7e mesh-interfaces: rename to interfaces 2020-10-06 10:05:53 +02:00
7602303543 [role/netbox] Add recursive chown task
Recursively update group-/ownership of netbox directory after unpacking the source and
requiering modules into venv
2020-09-09 18:12:45 +02:00
09099faaeb [role/netbox] enhance readability
Break long lines by using ansible YAML notation
2020-09-09 18:04:24 +02:00
d647550425 netbox: new host and role 2020-07-19 12:43:12 +02:00
bc061dff94 apt: use list instead of with_items 2020-06-23 21:45:56 +02:00
bad435fad4 cleanup: use systemd module for daemon-reloaed 2020-06-22 13:24:53 +02:00
69ba0b9b38 Update role acertmgr add var acertmgr_version
Defining variable acertmgr_version from role defaults, allows version
string to be overridden. Role defaults are set in connection: local scope.
This also shortens long line to make this role linter compliant
2020-06-22 13:22:23 +02:00
eaf2b36e95 Mitigate lint E204 in roles nginx, web-gw and web-svc 2020-06-22 13:22:23 +02:00
e2b9ae548c nginx: don't use "== True" 2020-06-20 17:23:59 +02:00
9f3945dcc9 acertmgr: ansible style fix 2020-06-20 00:22:26 +02:00
e601249cb4 nginx: enable gzip for proxied responses 2020-06-19 23:15:37 +02:00
462a1128ff docker: only apply explicitly where needed 2020-06-19 21:15:19 +02:00
6db08c74bd node_exporter: bump version 2020-06-18 18:07:44 +02:00
3cd6c0b1dc tileserver: simplify restart handler 2020-06-18 18:07:13 +02:00
55b9801aa4 nginx: hide version 2020-06-18 18:06:43 +02:00
d888969b3c Reload systemd before restarting services 2020-06-18 08:42:50 +02:00
ac8ece705f nginx: update global settings 2020-06-18 00:22:50 +02:00
b1c898cce8 web-svc: tiles: increase cache size 2020-06-17 23:46:42 +02:00
aa278534da web-svc: tiles: remove unused extra domains 2020-06-17 23:46:07 +02:00
541441e6ef web-svc: cache for more than 10 minutes 2020-06-17 21:20:51 +02:00
4c75e48244 web-svc: forward to new tileserver 2020-06-17 20:54:27 +02:00
22f2a8e3db unifi: add role for unifi controller 2020-06-17 20:53:51 +02:00
e7b55ce809 tileserver: new role to serve map tile 2020-06-17 20:44:52 +02:00
88e2c60888 web-svc: improve proxy config 2020-06-17 13:32:51 +02:00
84f9372410 web-svc: make nginx settings completely configurable 2020-06-17 10:52:58 +02:00
cb26f4c745 web-gw: sync settings between http and https 2020-06-16 23:47:37 +02:00
aa6aa4650b implement web service reverse proxy 2020-06-16 23:42:14 +02:00
ea2aaee4dc docker: new role that is common to all docker VMs 2020-06-16 22:54:53 +02:00
0d5f9d3d1c acertmgr: switch vom git clone to deb package 2020-06-16 22:46:46 +02:00
ea9cef86c5 Add Updatepath for 11s releases, remove legacy mapping 2020-05-29 23:25:59 +02:00
3c20fc825a common: fix missing handler 2020-05-28 10:25:09 +02:00