4d85cd7e4b
Fix some nftables issues
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2022-01-13 13:59:49 +01:00
f4acc8949c
Add bastion network
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2022-01-10 22:08:54 +01:00
64772b76e4
Add nftables role
...
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
This is a fully static version of the config, and it is meant to be
temporary (until I figure out a way to properly configure nftables using
ansible…).
2022-01-08 23:41:51 +01:00
9316313f1f
Do not add IPv4 link local addresses
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2022-01-03 01:57:51 +01:00
8883e672bd
Harmonisation of variable names
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2022-01-02 20:31:49 +01:00
907816af06
Add spaces before comments to please ansible-lint
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2022-01-02 16:53:33 +01:00
d112c1df91
Enable IP forwarding for infra-* interfaces
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2022-01-02 16:52:00 +01:00
4ca24ac99c
Add IPForward= support systemd_networkd role
2022-01-02 16:51:31 +01:00
1a193e5dfb
Add router.yml playbook
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2022-01-02 16:32:24 +01:00
20274b596f
Add network host_vars for infra-{1,2}.router
...
This is meant to be temporary (hopefully we'll use Netbox soon).
2022-01-02 16:31:14 +01:00
9c0bf190e2
Add systemd-networkd role
2022-01-02 16:30:59 +01:00
91743e598b
Relax permissions on bird6?.conf
2022-01-02 16:07:18 +01:00
a616065513
Add keepalived role
continuous-integration/drone/push Build is passing
2022-01-01 21:45:17 +01:00
0d705bc922
Add bird role
2022-01-01 21:45:08 +01:00
4a3ba6f366
Merge pull request 'Prometheus: cleanup' ( #90 ) from prometheus_cleanup into master
...
continuous-integration/drone/push Build is passing
Reviewed-on: #90
2022-01-01 17:58:15 +01:00
Alexandre Iooss
a320907047
prometheus: fix typo
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2022-01-01 17:55:32 +01:00
Alexandre Iooss
9e4b8c2509
prometheus: remove ipmi target
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2022-01-01 17:15:11 +01:00
Alexandre Iooss
a24b473566
prometheus: reduce iLO SNMP timeout
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2022-01-01 16:45:32 +01:00
Alexandre Iooss
70c8e0ebe0
prometheus: monitor iLO resilient mem and battery
2022-01-01 16:45:10 +01:00
Alexandre Iooss
5ab3dcdac2
prometheus: use enums for iLO SNMP
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2022-01-01 12:04:01 +01:00
Alexandre Iooss
9b53daf42a
prometheus: ignore ups-ec-2.ups.auro.re
2022-01-01 12:03:51 +01:00
Alexandre Iooss
40d9108b37
prometheus: add iLO alert rules
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-31 21:26:27 +01:00
Alexandre Iooss
2830558545
prometheus_federation: add ilo_snmp and remove django
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-31 20:04:24 +01:00
Alexandre Iooss
16a2d36472
prometheus: add machines to ilo_snmp
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-31 20:03:27 +01:00
Alexandre Iooss
733e9f555d
prometheus: add _snmp suffix to ilo target
2021-12-31 20:03:04 +01:00
Alexandre Iooss
7d9ff449a7
hosts: remove passbolt
2021-12-31 19:41:51 +01:00
Alexandre Iooss
bcded46ed6
prometheus: remove JSON targets cleanup
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-31 19:40:22 +01:00
Alexandre Iooss
860a26a8dc
prometheus: federate ilo metrics
continuous-integration/drone/push Build is passing
2021-12-31 19:39:38 +01:00
Alexandre Iooss
fdeaa355ad
prometheus: use longer timeout for iLO scraping
2021-12-31 19:39:23 +01:00
Alexandre Iooss
456c6b47b8
prometheus: add missing snmp_ilo variables
2021-12-31 19:38:35 +01:00
b81af51ccf
Merge pull request 'Monitor iLO using SNMP' ( #89 ) from prometheus_ilo into master
...
continuous-integration/drone/push Build is passing
Reviewed-on: #89
Reviewed-by: jeltz <jeltz@noreply@auro.re>
2021-12-31 18:40:15 +01:00
Alexandre Iooss
8c7031d059
prometheus: add iLO SNMP target
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-31 18:31:58 +01:00
Alexandre Iooss
67064484d5
prometheus: add iLO SNMP auth information
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-31 17:27:36 +01:00
Alexandre Iooss
50d9282316
prometheus: show failing job when machine is down
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-31 17:26:26 +01:00
Alexandre Iooss
265bd5fbb7
prometheus: use static targets
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-31 15:08:44 +01:00
Alexandre Iooss
944e200394
prometheus: add ipmi job
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-31 14:45:05 +01:00
Alexandre Iooss
f50778ca96
prometheus: commit production alert configuration
2021-12-31 14:44:50 +01:00
Alexandre Iooss
bc4dc03029
prometheus: add newline at the end of targets JSON
2021-12-31 14:44:19 +01:00
Alexandre Iooss
cc2ba9ff7b
prometheus: deploy targets_ipmi.json
2021-12-31 14:43:47 +01:00
ba0be43845
Merge pull request 'vault: fix RFC2136 secret' ( #88 ) from fix_rfc2136 into master
...
continuous-integration/drone/push Build is passing
Reviewed-on: #88
2021-12-29 13:20:01 +01:00
Alexandre Iooss
d2331c18d0
vault: fix RFC2136 secret
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-29 11:28:40 +01:00
1b9fc70649
Merge branch 'bashrc_root'
continuous-integration/drone/push Build is passing
2021-12-16 05:56:57 +01:00
8dca876bbc
Add a very simple bashrc for root
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-16 05:48:39 +01:00
515222f404
Merge pull request 'Fix SSH CA deployment' ( #86 ) from use_ssh_ca into master
...
continuous-integration/drone/push Build is passing
Reviewed-on: #86
2021-12-15 17:31:29 +01:00
2f3612fd8e
Deploy SSH CA everywhere and set root password
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-15 17:15:57 +01:00
475715c5f9
Deploy on all Linux hosts
continuous-integration/drone/push Build is passing
2021-12-15 16:17:30 +01:00
7db282fffb
Fix sshd.service → ssh.service
2021-12-15 16:17:11 +01:00
1ecffc2742
Merge pull request 'Borgmatic improvements (very old changes I forgot to merge)' ( #84 ) from borgmatic_hourly into master
...
continuous-integration/drone/push Build is passing
Reviewed-on: #84
2021-12-14 08:01:16 +01:00
11937776c8
Merge branch 'master' into borgmatic_hourly
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-14 07:58:13 +01:00
79c44554a3
Merge pull request 'Deploy the SSH CA for user authentication' ( #80 ) from use_ssh_ca into master
...
continuous-integration/drone/push Build is passing
Reviewed-on: #80
Reviewed-by: erdnaxe <erdnaxe@noreply@auro.re>
2021-12-14 07:49:35 +01:00
