Yohaï-Eliel BERREBY
|
30e503458e
|
add ability to nuke radius DBs
|
2020-08-06 09:57:54 +02:00 |
|
Yohaï-Eliel BERREBY
|
e762091435
|
explain fe80::1 keepalived/radvd magic
|
2020-08-02 12:15:27 +02:00 |
|
Yohaï-Eliel BERREBY
|
de36a3bb95
|
announce IPv6 recursive resolver (untested)
|
2020-08-02 12:15:15 +02:00 |
|
Yohaï-Eliel BERREBY
|
8360e212cc
|
enable SSH pipelining (THE SPEED!)
|
2020-08-02 12:14:57 +02:00 |
|
Yohaï-Eliel BERREBY
|
3a8112bf0d
|
roll out (private) IPv6 on George Sand
|
2020-08-01 17:48:39 +02:00 |
|
Yohaï-Eliel BERREBY
|
361fd54414
|
keepalived: add IPv6 virtual route
|
2020-08-01 16:07:27 +02:00 |
|
Yohaï-Eliel BERREBY
|
2e6306b61e
|
radvd: advertise keepalived VIP
|
2020-08-01 16:05:41 +02:00 |
|
Yohaï-Eliel BERREBY
|
56808e4e60
|
wip: begin updating 'router' role for IPv6
pending: update virtual routes
|
2020-08-01 15:46:41 +02:00 |
|
Yohaï-Eliel BERREBY
|
194c19fbf3
|
fix wrong hardcoded email for keepalived monitoring
|
2020-08-01 15:34:49 +02:00 |
|
Yohaï-Eliel BERREBY
|
713c93ac44
|
update unbound role for IPv6
|
2020-08-01 14:32:02 +02:00 |
|
Yohaï-Eliel BERREBY
|
d54da8d2b9
|
add ipv6_base_prefix variable
|
2020-08-01 14:31:49 +02:00 |
|
Yohaï-Eliel BERREBY
|
468bb9abde
|
add radvd comment
|
2020-08-01 14:22:30 +02:00 |
|
Yohaï-Eliel BERREBY
|
f09b0906c6
|
radvd: fix wifi interface, comment out APs for now
|
2020-08-01 14:20:08 +02:00 |
|
Yohaï-Eliel BERREBY
|
a4841e6947
|
add radvd role, deploy in routers
|
2020-08-01 12:56:23 +02:00 |
|
Yohaï-Eliel BERREBY
|
a32116131d
|
raise MTU at fleming
already been deployed for a while, forgot to push
|
2020-08-01 12:02:37 +02:00 |
|
fpoutre
|
8639887fd1
|
Merge branch 'ansible-2.10' of gitlab.federez.net:aurore/ansible into ansible-2.10
|
2020-07-06 22:28:03 +02:00 |
|
fpoutre
|
354a5e7d63
|
created a dedicated ldap_replica role
|
2020-07-06 22:27:53 +02:00 |
|
|
511734a978
|
Add ldap-replica-gs-backup to hosts
|
2020-07-06 22:06:16 +02:00 |
|
fpoutre
|
f7617c4478
|
added ldap-replica-gs to hosts
|
2020-07-06 18:52:46 +02:00 |
|
Yohaï-Eliel BERREBY
|
337906c6c0
|
add gs dhcp, dns, routing
and add thor to inventory
|
2020-07-06 18:40:54 +02:00 |
|
Yohaï-Eliel BERREBY
|
a6b15c0e10
|
vars: use apartment block id for subnets
|
2020-05-21 20:06:47 +02:00 |
|
Yohaï-Eliel BERREBY
|
4866ce915c
|
clean up README for ansible(devel)
|
2020-05-21 19:46:39 +02:00 |
|
Yohaï-Eliel BERREBY
|
63b4425a27
|
gs: fix vars
|
2020-05-21 19:45:35 +02:00 |
|
Yohaï-Eliel BERREBY
|
fe62055cdd
|
radius: enable service, fix details
|
2020-05-21 19:25:30 +02:00 |
|
Yohaï-Eliel BERREBY
|
8ce63d14b6
|
radius: fix settings_local.py
|
2020-05-21 18:39:50 +02:00 |
|
Yohaï-Eliel BERREBY
|
99070ed5ef
|
radius: step 2 of deployment (WIP)
|
2020-05-21 18:06:37 +02:00 |
|
Yohaï-Eliel BERREBY
|
e2fa1964af
|
radius: change proxy.conf password, use vault
and also actually template it... it wasn't being
uploaded.
|
2020-05-21 14:19:28 +02:00 |
|
Yohaï-Eliel BERREBY
|
266b0dde6f
|
radius: initial setup
|
2020-05-16 22:08:22 +02:00 |
|
Yohaï-Eliel BERREBY
|
8355546131
|
edc: raise DHCP-announced MTU to 1500
|
2020-05-14 17:50:06 +02:00 |
|
Yohaï-Eliel BERREBY
|
6d00e2733b
|
unbound: fix log rotation
Was too frequent, now that we only log SERVFAILs.
Rotate according to file size.
Fix unbound-control binary path.
|
2020-05-11 20:18:23 +02:00 |
|
Yohaï-Eliel BERREBY
|
87b2e4f8cf
|
pacaterie: raise MTU to 1500
|
2020-05-09 16:15:56 +02:00 |
|
Yohaï-Eliel BERREBY
|
ba3aec348f
|
keepalived: deploy to fleming w/ proper password
|
2020-05-09 16:07:04 +02:00 |
|
Alexandre Iooss
|
a992612381
|
Add certbot challenge DNS-01 key
|
2020-05-09 13:03:31 +02:00 |
|
Alexandre Iooss
|
9c226c680c
|
Certbot wildcard role
|
2020-05-09 12:54:38 +02:00 |
|
Alexandre Iooss
|
544498c81a
|
New reverse proxy role
|
2020-05-09 12:52:17 +02:00 |
|
Alexandre Iooss
|
eae3a3ff44
|
Deploy docker-worker1-aurore and proxy-backup
|
2020-05-09 12:21:36 +02:00 |
|
Yohaï-Eliel BERREBY
|
dea4dda285
|
hosts: remove dhcp and recursive_dns groups
Use patterns instead for now.
|
2020-05-09 10:15:28 +02:00 |
|
Pierre
|
3f26e7d4b4
|
routeur de la pacaterie en ...254 au lieu de ...240 pour keepalived
|
2020-05-08 18:39:05 +02:00 |
|
Yohaï-Eliel BERREBY
|
a4d0f051b6
|
dhcp: restart server on config update
|
2020-05-08 16:44:32 +02:00 |
|
Yohaï-Eliel BERREBY
|
223578eefa
|
keepalived: no ansible_managed
Used to restart keepalived needlessly
|
2020-05-08 16:43:49 +02:00 |
|
Yohaï-Eliel BERREBY
|
4372b21976
|
dhcp: allow different router IP suffix
This variable is only needed because we're in the process of deploying
keepalived. For now it's only at EDC.
|
2020-05-08 16:36:07 +02:00 |
|
Yohaï-Eliel BERREBY
|
e58ee1c4b5
|
keepalived: initial config
|
2020-05-08 16:25:02 +02:00 |
|
Yohaï-Eliel BERREBY
|
26524eccc5
|
ansible-list: allow lack of idempotence
|
2020-05-07 20:33:25 +02:00 |
|
Yohaï-Eliel BERREBY
|
e45bdcbba8
|
network.yml: ensure safety without --limit
|
2020-05-07 20:27:36 +02:00 |
|
Yohaï-Eliel BERREBY
|
fea73a13aa
|
aurore-firewall: correct backup router ip
|
2020-05-07 20:23:30 +02:00 |
|
Yohaï-Eliel BERREBY
|
8ba2de1698
|
aurore-firewall: fix repo address + branch
|
2020-05-07 20:01:44 +02:00 |
|
Yohaï-Eliel BERREBY
|
44be43e528
|
aurore-firewall: add config after cloning
|
2020-05-07 19:57:00 +02:00 |
|
Yohaï-Eliel BERREBY
|
1a10729b67
|
hosts: manage dhcp-edc
|
2020-05-07 19:48:07 +02:00 |
|
Yohaï-Eliel BERREBY
|
5ee7bb3069
|
ansible.cfg: unset scp_if_ssh
|
2020-05-07 19:48:07 +02:00 |
|
Yohaï-Eliel BERREBY
|
c77ae7f4c3
|
aurore-firewall: initial setup
group_vars: add apartment_block_id var
dhcp: move vars to role
|
2020-05-07 19:47:50 +02:00 |
|