fpoutre
354a5e7d63
created a dedicated ldap_replica role
2020-07-06 22:27:53 +02:00
fpoutre
f7617c4478
added ldap-replica-gs to hosts
2020-07-06 18:52:46 +02:00
Yohaï-Eliel BERREBY
337906c6c0
add gs dhcp, dns, routing
...
and add thor to inventory
2020-07-06 18:40:54 +02:00
Yohaï-Eliel BERREBY
a6b15c0e10
vars: use apartment block id for subnets
2020-05-21 20:06:47 +02:00
Yohaï-Eliel BERREBY
4866ce915c
clean up README for ansible(devel)
2020-05-21 19:46:39 +02:00
Yohaï-Eliel BERREBY
63b4425a27
gs: fix vars
2020-05-21 19:45:35 +02:00
Yohaï-Eliel BERREBY
fe62055cdd
radius: enable service, fix details
2020-05-21 19:25:30 +02:00
Yohaï-Eliel BERREBY
8ce63d14b6
radius: fix settings_local.py
2020-05-21 18:39:50 +02:00
Yohaï-Eliel BERREBY
99070ed5ef
radius: step 2 of deployment (WIP)
2020-05-21 18:06:37 +02:00
Yohaï-Eliel BERREBY
e2fa1964af
radius: change proxy.conf password, use vault
...
and also actually template it... it wasn't being
uploaded.
2020-05-21 14:19:28 +02:00
Yohaï-Eliel BERREBY
266b0dde6f
radius: initial setup
2020-05-16 22:08:22 +02:00
Yohaï-Eliel BERREBY
8355546131
edc: raise DHCP-announced MTU to 1500
2020-05-14 17:50:06 +02:00
Yohaï-Eliel BERREBY
6d00e2733b
unbound: fix log rotation
...
Was too frequent, now that we only log SERVFAILs.
Rotate according to file size.
Fix unbound-control binary path.
2020-05-11 20:18:23 +02:00
Yohaï-Eliel BERREBY
87b2e4f8cf
pacaterie: raise MTU to 1500
2020-05-09 16:15:56 +02:00
Yohaï-Eliel BERREBY
ba3aec348f
keepalived: deploy to fleming w/ proper password
2020-05-09 16:07:04 +02:00
Alexandre Iooss
a992612381
Add certbot challenge DNS-01 key
2020-05-09 13:03:31 +02:00
Alexandre Iooss
9c226c680c
Certbot wildcard role
2020-05-09 12:54:38 +02:00
Alexandre Iooss
544498c81a
New reverse proxy role
2020-05-09 12:52:17 +02:00
Alexandre Iooss
eae3a3ff44
Deploy docker-worker1-aurore and proxy-backup
2020-05-09 12:21:36 +02:00
Yohaï-Eliel BERREBY
dea4dda285
hosts: remove dhcp and recursive_dns groups
...
Use patterns instead for now.
2020-05-09 10:15:28 +02:00
Pierre
3f26e7d4b4
routeur de la pacaterie en ...254 au lieu de ...240 pour keepalived
2020-05-08 18:39:05 +02:00
Yohaï-Eliel BERREBY
a4d0f051b6
dhcp: restart server on config update
2020-05-08 16:44:32 +02:00
Yohaï-Eliel BERREBY
223578eefa
keepalived: no ansible_managed
...
Used to restart keepalived needlessly
2020-05-08 16:43:49 +02:00
Yohaï-Eliel BERREBY
4372b21976
dhcp: allow different router IP suffix
...
This variable is only needed because we're in the process of deploying
keepalived. For now it's only at EDC.
2020-05-08 16:36:07 +02:00
Yohaï-Eliel BERREBY
e58ee1c4b5
keepalived: initial config
2020-05-08 16:25:02 +02:00
Yohaï-Eliel BERREBY
26524eccc5
ansible-list: allow lack of idempotence
2020-05-07 20:33:25 +02:00
Yohaï-Eliel BERREBY
e45bdcbba8
network.yml: ensure safety without --limit
2020-05-07 20:27:36 +02:00
Yohaï-Eliel BERREBY
fea73a13aa
aurore-firewall: correct backup router ip
2020-05-07 20:23:30 +02:00
Yohaï-Eliel BERREBY
8ba2de1698
aurore-firewall: fix repo address + branch
2020-05-07 20:01:44 +02:00
Yohaï-Eliel BERREBY
44be43e528
aurore-firewall: add config after cloning
2020-05-07 19:57:00 +02:00
Yohaï-Eliel BERREBY
1a10729b67
hosts: manage dhcp-edc
2020-05-07 19:48:07 +02:00
Yohaï-Eliel BERREBY
5ee7bb3069
ansible.cfg: unset scp_if_ssh
2020-05-07 19:48:07 +02:00
Yohaï-Eliel BERREBY
c77ae7f4c3
aurore-firewall: initial setup
...
group_vars: add apartment_block_id var
dhcp: move vars to role
2020-05-07 19:47:50 +02:00
Yohaï-Eliel BERREBY
268c4d2419
hosts: manage recursive DNS on EDC
2020-05-07 18:51:45 +02:00
Yohaï-Eliel BERREBY
e4d428d1dc
unbound: change task order
...
Seems to be necessary to restart unbound manually for some reason?...
2020-05-07 18:49:31 +02:00
Yohaï-Eliel BERREBY
3d742c391c
hosts: add routeur-edc-backup
2020-05-07 17:06:48 +02:00
Yohaï-Eliel BERREBY
4f224ee817
re2o-service: install Python dependencies
2020-05-07 14:55:12 +02:00
Yohaï-Eliel BERREBY
24a6063a91
baseconfig: fix resolv.conf
2020-05-07 14:51:02 +02:00
Yohaï-Eliel BERREBY
3f5e0d0035
edc: add group vars required for dhcp deployment
2020-05-07 13:03:44 +02:00
Yohaï-Eliel BERREBY
0db7713bbf
hosts: add dhcp-edc-backup
2020-05-07 12:55:19 +02:00
Yohaï-Eliel BERREBY
7c7abb6be5
baseconfig: set up /etc/resolv.conf
2020-05-07 12:53:59 +02:00
Yohaï-Eliel BERREBY
7e9c4352a0
base: group name is ldap_replica
...
It's an underscore, not a hyphen
2020-05-04 18:49:51 +02:00
Yohaï-Eliel BERREBY
9c1f186682
hosts: s/physical/pve/g, add new backup hosts
2020-05-04 18:48:00 +02:00
Alexandre Iooss
ef88d0a42b
Some clean up in hosts
2020-05-03 20:50:29 +02:00
Alexandre Iooss
36343d90fd
BangShebang!
2020-05-03 18:45:07 +02:00
Alexandre Iooss
dc2db3d6a3
Decomment hosts
2020-05-03 18:40:26 +02:00
Alexandre Iooss
3b72e2fe2d
Remove SSH blacklist
2020-05-03 17:26:10 +02:00
Alexandre IOOSS
e42bdd53a8
Merge branch 'aurore-dev' into 'master'
...
Aurore dev
See merge request aurore/ansible!47
2020-05-03 16:11:29 +02:00
Alexandre IOOSS
81592fa986
Merge branch 'master' into 'aurore-dev'
...
# Conflicts:
# .gitignore
# hosts
# network.yml
# proxmox.yml
2020-05-03 16:11:19 +02:00
Yohaï-Eliel BERREBY
29991141f5
misc: add script to copy SSH keys
...
This one has the advantage of actually working :)
I had to blacklist some hosts because they would either outright refuse
connections or would refuse my LDAP credentials.
2020-05-03 11:26:53 +02:00