Commit graph

367 commits

Author SHA1 Message Date
fpoutre
354a5e7d63 created a dedicated ldap_replica role 2020-07-06 22:27:53 +02:00
fpoutre
f7617c4478 added ldap-replica-gs to hosts 2020-07-06 18:52:46 +02:00
Yohaï-Eliel BERREBY
337906c6c0 add gs dhcp, dns, routing
and add thor to inventory
2020-07-06 18:40:54 +02:00
Yohaï-Eliel BERREBY
a6b15c0e10 vars: use apartment block id for subnets 2020-05-21 20:06:47 +02:00
Yohaï-Eliel BERREBY
4866ce915c clean up README for ansible(devel) 2020-05-21 19:46:39 +02:00
Yohaï-Eliel BERREBY
63b4425a27 gs: fix vars 2020-05-21 19:45:35 +02:00
Yohaï-Eliel BERREBY
fe62055cdd radius: enable service, fix details 2020-05-21 19:25:30 +02:00
Yohaï-Eliel BERREBY
8ce63d14b6 radius: fix settings_local.py 2020-05-21 18:39:50 +02:00
Yohaï-Eliel BERREBY
99070ed5ef radius: step 2 of deployment (WIP) 2020-05-21 18:06:37 +02:00
Yohaï-Eliel BERREBY
e2fa1964af radius: change proxy.conf password, use vault
and also actually template it... it wasn't being
uploaded.
2020-05-21 14:19:28 +02:00
Yohaï-Eliel BERREBY
266b0dde6f radius: initial setup 2020-05-16 22:08:22 +02:00
Yohaï-Eliel BERREBY
8355546131 edc: raise DHCP-announced MTU to 1500 2020-05-14 17:50:06 +02:00
Yohaï-Eliel BERREBY
6d00e2733b unbound: fix log rotation
Was too frequent, now that we only log SERVFAILs.
Rotate according to file size.
Fix unbound-control binary path.
2020-05-11 20:18:23 +02:00
Yohaï-Eliel BERREBY
87b2e4f8cf pacaterie: raise MTU to 1500 2020-05-09 16:15:56 +02:00
Yohaï-Eliel BERREBY
ba3aec348f keepalived: deploy to fleming w/ proper password 2020-05-09 16:07:04 +02:00
Alexandre Iooss
a992612381
Add certbot challenge DNS-01 key 2020-05-09 13:03:31 +02:00
Alexandre Iooss
9c226c680c
Certbot wildcard role 2020-05-09 12:54:38 +02:00
Alexandre Iooss
544498c81a
New reverse proxy role 2020-05-09 12:52:17 +02:00
Alexandre Iooss
eae3a3ff44
Deploy docker-worker1-aurore and proxy-backup 2020-05-09 12:21:36 +02:00
Yohaï-Eliel BERREBY
dea4dda285 hosts: remove dhcp and recursive_dns groups
Use patterns instead for now.
2020-05-09 10:15:28 +02:00
Pierre
3f26e7d4b4 routeur de la pacaterie en ...254 au lieu de ...240 pour keepalived 2020-05-08 18:39:05 +02:00
Yohaï-Eliel BERREBY
a4d0f051b6 dhcp: restart server on config update 2020-05-08 16:44:32 +02:00
Yohaï-Eliel BERREBY
223578eefa keepalived: no ansible_managed
Used to restart keepalived needlessly
2020-05-08 16:43:49 +02:00
Yohaï-Eliel BERREBY
4372b21976 dhcp: allow different router IP suffix
This variable is only needed because we're in the process of deploying
keepalived. For now it's only at EDC.
2020-05-08 16:36:07 +02:00
Yohaï-Eliel BERREBY
e58ee1c4b5 keepalived: initial config 2020-05-08 16:25:02 +02:00
Yohaï-Eliel BERREBY
26524eccc5 ansible-list: allow lack of idempotence 2020-05-07 20:33:25 +02:00
Yohaï-Eliel BERREBY
e45bdcbba8 network.yml: ensure safety without --limit 2020-05-07 20:27:36 +02:00
Yohaï-Eliel BERREBY
fea73a13aa aurore-firewall: correct backup router ip 2020-05-07 20:23:30 +02:00
Yohaï-Eliel BERREBY
8ba2de1698 aurore-firewall: fix repo address + branch 2020-05-07 20:01:44 +02:00
Yohaï-Eliel BERREBY
44be43e528 aurore-firewall: add config after cloning 2020-05-07 19:57:00 +02:00
Yohaï-Eliel BERREBY
1a10729b67 hosts: manage dhcp-edc 2020-05-07 19:48:07 +02:00
Yohaï-Eliel BERREBY
5ee7bb3069 ansible.cfg: unset scp_if_ssh 2020-05-07 19:48:07 +02:00
Yohaï-Eliel BERREBY
c77ae7f4c3 aurore-firewall: initial setup
group_vars: add apartment_block_id var
dhcp: move vars to role
2020-05-07 19:47:50 +02:00
Yohaï-Eliel BERREBY
268c4d2419 hosts: manage recursive DNS on EDC 2020-05-07 18:51:45 +02:00
Yohaï-Eliel BERREBY
e4d428d1dc unbound: change task order
Seems to be necessary to restart unbound manually for some reason?...
2020-05-07 18:49:31 +02:00
Yohaï-Eliel BERREBY
3d742c391c hosts: add routeur-edc-backup 2020-05-07 17:06:48 +02:00
Yohaï-Eliel BERREBY
4f224ee817 re2o-service: install Python dependencies 2020-05-07 14:55:12 +02:00
Yohaï-Eliel BERREBY
24a6063a91 baseconfig: fix resolv.conf 2020-05-07 14:51:02 +02:00
Yohaï-Eliel BERREBY
3f5e0d0035 edc: add group vars required for dhcp deployment 2020-05-07 13:03:44 +02:00
Yohaï-Eliel BERREBY
0db7713bbf hosts: add dhcp-edc-backup 2020-05-07 12:55:19 +02:00
Yohaï-Eliel BERREBY
7c7abb6be5 baseconfig: set up /etc/resolv.conf 2020-05-07 12:53:59 +02:00
Yohaï-Eliel BERREBY
7e9c4352a0 base: group name is ldap_replica
It's an underscore, not a hyphen
2020-05-04 18:49:51 +02:00
Yohaï-Eliel BERREBY
9c1f186682 hosts: s/physical/pve/g, add new backup hosts 2020-05-04 18:48:00 +02:00
Alexandre Iooss
ef88d0a42b
Some clean up in hosts 2020-05-03 20:50:29 +02:00
Alexandre Iooss
36343d90fd
BangShebang! 2020-05-03 18:45:07 +02:00
Alexandre Iooss
dc2db3d6a3
Decomment hosts 2020-05-03 18:40:26 +02:00
Alexandre Iooss
3b72e2fe2d
Remove SSH blacklist 2020-05-03 17:26:10 +02:00
Alexandre IOOSS
e42bdd53a8 Merge branch 'aurore-dev' into 'master'
Aurore dev

See merge request aurore/ansible!47
2020-05-03 16:11:29 +02:00
Alexandre IOOSS
81592fa986 Merge branch 'master' into 'aurore-dev'
# Conflicts:
#   .gitignore
#   hosts
#   network.yml
#   proxmox.yml
2020-05-03 16:11:19 +02:00
Yohaï-Eliel BERREBY
29991141f5 misc: add script to copy SSH keys
This one has the advantage of actually working :)
I had to blacklist some hosts because they would either outright refuse
connections or would refuse my LDAP credentials.
2020-05-03 11:26:53 +02:00