Commit graph

254 commits

Author SHA1 Message Date
3d64f22c39 Modification du keepalive d'OpenSSHd.
Les serveurs OpenSSH détectent désormais la déconnexion du client et
peuvent terminer la session.
2020-10-24 19:12:35 +02:00
chirac
68f7fd5b59 Isc-dhcp-server config for banni/accueil vlans 2020-10-17 19:48:34 +02:00
chirac
0d7bfbd872 Create group for non pve physical server 2020-10-17 19:48:17 +02:00
Yohaï-Eliel BERREBY
8adf6b8105 add ipv6-edge-router role 2020-09-28 18:15:03 +02:00
chirac
ba2baa3020 Return routes now handled by keepalived 2020-09-27 13:55:56 +02:00
bba144ef14 Inverse les opérations de lecture/ecriture par defaut -> rw
Ce fix corrige le problème des opérations d'écritures dans la bdd master remote,
qui marchaient mal, désormais les lignes de logs historiques sont correctement écrites.
Il semblerait que django avait du mal à savoir que ces opérations reversion sont bien des opérations
d'écriture.
2020-09-19 14:02:53 +02:00
chirac
773f39cede Fichier inutile 2020-09-16 21:04:10 +02:00
chirac
dac049f125 Tous les cron dhcp sont décalés de 2 minutes 2020-09-16 21:02:44 +02:00
Yohaï-Eliel BERREBY
91157d80c1 dhcp: run re2o service as root in cron / directly 2020-09-13 17:54:46 +02:00
Yohaï-Eliel BERREBY
6dd6168d2a dhcp: upgrade role for dhcp-aurore-backup 2020-09-12 16:03:33 +02:00
Yohaï-Eliel BERREBY
9b07fc9001 dhcp: manage dhcp-aurore 2020-09-11 15:13:11 +02:00
chirac
26743b464d Add Radius-aurore.adm.auro.re to ansible managed radius servers 2020-09-09 23:17:15 +02:00
chirac
53842e4c2f Add ipv6 Radius AURORE address 2020-09-09 23:16:35 +02:00
Yohaï-Eliel BERREBY
e48425300a Merge branch 'ansible-2.10' into master 2020-09-08 22:35:30 +02:00
Yohann D'ANELLO
5c46191389 Register camelot and gitea, make camelot accessible for everyone 2020-09-04 09:56:02 +02:00
Yohaï-Eliel BERREBY
646ebd3ba9 router: ansibilize routeur-aurore{,backup} 2020-08-08 20:45:38 +02:00
Yohaï-Eliel BERREBY
12b0bc91dc radvd: cosmetic changes 2020-08-08 11:32:34 +02:00
Yohaï-Eliel BERREBY
b199c45d97 fix broken radius role
Would crash if called from anything other than the nuke radius DBs
playbook
2020-08-08 11:32:06 +02:00
Yohaï-Eliel BERREBY
af3c3dc132 enable radvd service 2020-08-08 11:19:16 +02:00
Yohaï-Eliel BERREBY
30e503458e add ability to nuke radius DBs 2020-08-06 09:57:54 +02:00
Yohaï-Eliel BERREBY
e762091435 explain fe80::1 keepalived/radvd magic 2020-08-02 12:15:27 +02:00
Yohaï-Eliel BERREBY
de36a3bb95 announce IPv6 recursive resolver (untested) 2020-08-02 12:15:15 +02:00
Yohaï-Eliel BERREBY
3a8112bf0d roll out (private) IPv6 on George Sand 2020-08-01 17:48:39 +02:00
Yohaï-Eliel BERREBY
361fd54414 keepalived: add IPv6 virtual route 2020-08-01 16:07:27 +02:00
Yohaï-Eliel BERREBY
2e6306b61e radvd: advertise keepalived VIP 2020-08-01 16:05:41 +02:00
Yohaï-Eliel BERREBY
56808e4e60 wip: begin updating 'router' role for IPv6
pending: update virtual routes
2020-08-01 15:46:41 +02:00
Yohaï-Eliel BERREBY
194c19fbf3 fix wrong hardcoded email for keepalived monitoring 2020-08-01 15:34:49 +02:00
Yohaï-Eliel BERREBY
713c93ac44 update unbound role for IPv6 2020-08-01 14:32:02 +02:00
Yohaï-Eliel BERREBY
d54da8d2b9 add ipv6_base_prefix variable 2020-08-01 14:31:49 +02:00
Yohaï-Eliel BERREBY
f09b0906c6 radvd: fix wifi interface, comment out APs for now 2020-08-01 14:20:08 +02:00
Yohaï-Eliel BERREBY
a4841e6947 add radvd role, deploy in routers 2020-08-01 12:56:23 +02:00
Alexandre Iooss
c7c6e50dd9 Remove matrix mxisd 2020-07-22 10:04:25 +02:00
Yohaï-Eliel BERREBY
337906c6c0 add gs dhcp, dns, routing
and add thor to inventory
2020-07-06 18:40:54 +02:00
Yohaï-Eliel BERREBY
fe62055cdd radius: enable service, fix details 2020-05-21 19:25:30 +02:00
Yohaï-Eliel BERREBY
8ce63d14b6 radius: fix settings_local.py 2020-05-21 18:39:50 +02:00
Yohaï-Eliel BERREBY
99070ed5ef radius: step 2 of deployment (WIP) 2020-05-21 18:06:37 +02:00
Yohaï-Eliel BERREBY
e2fa1964af radius: change proxy.conf password, use vault
and also actually template it... it wasn't being
uploaded.
2020-05-21 14:19:28 +02:00
Yohaï-Eliel BERREBY
266b0dde6f radius: initial setup 2020-05-16 22:08:22 +02:00
Yohaï-Eliel BERREBY
6d00e2733b unbound: fix log rotation
Was too frequent, now that we only log SERVFAILs.
Rotate according to file size.
Fix unbound-control binary path.
2020-05-11 20:18:23 +02:00
Yohaï-Eliel BERREBY
ba3aec348f keepalived: deploy to fleming w/ proper password 2020-05-09 16:07:04 +02:00
Alexandre Iooss
9c226c680c
Certbot wildcard role 2020-05-09 12:54:38 +02:00
Alexandre Iooss
544498c81a
New reverse proxy role 2020-05-09 12:52:17 +02:00
Yohaï-Eliel BERREBY
dea4dda285 hosts: remove dhcp and recursive_dns groups
Use patterns instead for now.
2020-05-09 10:15:28 +02:00
Yohaï-Eliel BERREBY
a4d0f051b6 dhcp: restart server on config update 2020-05-08 16:44:32 +02:00
Yohaï-Eliel BERREBY
223578eefa keepalived: no ansible_managed
Used to restart keepalived needlessly
2020-05-08 16:43:49 +02:00
Yohaï-Eliel BERREBY
4372b21976 dhcp: allow different router IP suffix
This variable is only needed because we're in the process of deploying
keepalived. For now it's only at EDC.
2020-05-08 16:36:07 +02:00
Yohaï-Eliel BERREBY
e58ee1c4b5 keepalived: initial config 2020-05-08 16:25:02 +02:00
Yohaï-Eliel BERREBY
fea73a13aa aurore-firewall: correct backup router ip 2020-05-07 20:23:30 +02:00
Yohaï-Eliel BERREBY
8ba2de1698 aurore-firewall: fix repo address + branch 2020-05-07 20:01:44 +02:00
Yohaï-Eliel BERREBY
44be43e528 aurore-firewall: add config after cloning 2020-05-07 19:57:00 +02:00