Commit graph

763 commits

Author SHA1 Message Date
673d77d1be fix yaml lint 2021-02-06 12:46:39 +01:00
de83af936d Add (initial) mailserver playbook 2021-02-06 12:46:39 +01:00
5377378bf7 Add (initial) mail-utils role 2021-02-06 12:46:39 +01:00
f01533409f Add (initial) postfix role 2021-02-06 12:46:39 +01:00
4b3e491983 Add mail vars 2021-02-06 12:46:39 +01:00
ynerant
71d7358bd7 Merge pull request 'Update re2o-service password' (#12) from change-password into master
Some checks failed
continuous-integration/drone/push Build is failing
Reviewed-on: Aurore/ansible#12
2021-02-05 22:19:30 +01:00
4ecb6ed7be
Update re2o-service password
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
Signed-off-by: ynerant <ynerant@crans.org>
2021-02-05 21:18:26 +01:00
ynerant
f9e83e514e Merge pull request 'Captive portal' (#11) from accueil into master
Some checks failed
continuous-integration/drone/push Build is failing
Reviewed-on: Aurore/ansible#11
2021-02-05 20:39:50 +01:00
0e224df41f
Install ipset on each router
Some checks failed
continuous-integration/drone/pr Build is failing
continuous-integration/drone/push Build is failing
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:26 +01:00
ce00d5e50f
Authorize comnpay urls in the captive portal
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:26 +01:00
c527ce16b0
Use good output interface for the main router
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
3f62644927
Use production server
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
a82edc3e24
Firewall configuration without MASQUERADE
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
bbac76023c
Update masquerade configuration for the captive portal
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
a808e3c793
Update captive portal nginx configuration
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
7e4a2d20c0
Clone nginx role from Crans
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
889cb764c1
Clone certbot role from Crans
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
154cbedec2
Deploy firewall config for the captive portal
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
ba9e60dba8
Update the nginx configuration of the captive portal
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
9bd06520fb
Add reverse-proxy for Re2o on the portal VM
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
6df41d16b5
Add portail VM
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:20 +01:00
e02670afb0
Les caches unbound renvoie les addresses en 10/8 2021-02-05 20:38:50 +01:00
a7b073e1cc
Add captive portal firewall configuration
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:38:50 +01:00
89ebbd423e
Use the local firewall repository
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:38:50 +01:00
9af9a7bab8
Redirect the proxy IP address to intranet.auro.re by default
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:38:49 +01:00
5a09b77070
Resolve DNS for the accueil vlan
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:38:49 +01:00
5fc2d0a3f9
Ajout d'accueil dans keepalived 2021-02-05 20:38:49 +01:00
7cdef7ee96
Fix: keep the logs for 90 days 2021-02-05 20:38:49 +01:00
faba1d2005 Correct typo, this one was sneaky!
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-05 01:50:56 +01:00
5f48a46522 Add postfix quota check
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-05 01:35:46 +01:00
c0cd3946fb Fix postfix cert variables
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-05 01:17:58 +01:00
b35922346e Remove file since I did not git mv correclty...
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-05 00:09:12 +01:00
77918e00ce move files to the right place and fix small typo
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-05 00:07:36 +01:00
256d2d5df4 Post renewal hook for certbot to reload dovecot and postfix
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-05 00:05:26 +01:00
43053e57f9 Fix broken vars
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-04 23:44:32 +01:00
efa34dab42 fix yaml syntax
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-04 23:35:12 +01:00
e316679e13 Add additional role for mailserver 2021-02-04 23:34:53 +01:00
2c531d1af2 Postfix conf add certs and other security related modifications
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-04 23:18:23 +01:00
27cfcc1320 Don't reinvent the whell, use existing roles (have to be tested)
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-04 14:47:40 +01:00
ebf712d0bc Use correct re2o API vars (don't add them twice in vault, reuse them)
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-04 13:02:52 +01:00
0a7de4fc78 Mail VM has a public addr now and FQDN is mail.auro.re
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-04 02:24:35 +01:00
1e59bec323 Add Re2o API vars
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-04 02:14:52 +01:00
1c7b4f8560 add re2o service mail cron
Some checks failed
continuous-integration/drone/push Build is failing
2021-02-04 01:46:55 +01:00
9e91f2e9d5 Re2o API config 2021-02-04 01:38:49 +01:00
cf58c2bac5 Add re2o mail server
Some checks failed
continuous-integration/drone/push Build is failing
2021-02-04 01:30:14 +01:00
1c20193fc8 Add re2o mail server to the roles of the mailserver playbook 2021-02-04 01:03:18 +01:00
c85b2b58fe Add quota to dovecot
Some checks failed
continuous-integration/drone/push Build is failing
2021-02-03 23:20:10 +01:00
2673f771d9 Enable Dovecot sieve 2021-02-03 20:18:46 +01:00
ynerant
9d66bba3b0 Merge pull request 'Tmux everywhere' (#6) from tmux into master
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
Reviewed-on: Aurore/ansible#6
2021-02-02 23:18:58 +01:00
3eb48edccd
Tmux everywhere
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-02 23:17:47 +01:00