bb2590358d
vault: add TSIG keys
2022-08-19 05:03:18 +02:00
c291e836a9
Fix missing entries
2022-05-22 18:55:23 +02:00
2a2702c6ca
Add dolibarr.srv.auro.re + PostgreSQL DB
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2022-01-10 22:10:03 +01:00
Alexandre Iooss
67064484d5
prometheus: add iLO SNMP auth information
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-31 17:27:36 +01:00
Alexandre Iooss
d2331c18d0
vault: fix RFC2136 secret
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-29 11:28:40 +01:00
2f3612fd8e
Deploy SSH CA everywhere and set root password
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-15 17:15:57 +01:00
Alexandre Iooss
f0b8075ca6
postgresql: move variables in playbook
2021-11-28 10:33:42 +01:00
Alexandre Iooss
aba0370c5b
Add grafana playbook and machine
2021-11-27 18:17:57 +01:00
Alexandre Iooss
7b82a3f7ea
Add YAML headers
2021-11-27 17:10:51 +01:00
7ca7c27fec
Add PDU snmp credentials
2021-08-20 13:28:19 +02:00
604373db03
Set rsyslog_high_density for routers
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is passing
2021-04-30 16:49:36 +02:00
6f927e30f3
Exclude docker and lxcfs folders from borgbackup
2021-03-16 15:05:07 +01:00
6713b550b6
Merge branch 'master' into backups
2021-03-15 07:50:11 +01:00
243ec1fe9d
[borgbackup_client] VaRi0u5 f1X3s
2021-03-15 01:04:42 +01:00
7480a7c565
[borgbackup_client] precedence rules and sain defaults for borg config
2021-03-14 22:02:34 +01:00
e570ce67b3
[borgbackup_client] do not backup /var/log/
2021-03-14 19:23:04 +01:00
c5afbdbde4
remove borg_host_dir
2021-03-14 18:22:17 +01:00
c99b611b8f
Various fixes
2021-03-14 14:17:36 +01:00
f45cd77510
Merge branch 'master' into logs-first-phase
2021-03-13 05:02:30 +01:00
a01a2095d6
Add passwords in all and vault for postgres db for wikijs, gitea, nextcloud, drone
2021-03-13 03:07:35 +01:00
904678d1ac
[borgbackup_client] Add borg encryption passphrase to vault
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-03-12 01:49:04 +01:00
d16676bfb6
[borgbackup_client] hostname should also be unique, but more legible than fqdn
2021-03-12 01:05:58 +01:00
cdcfad7ac2
[borgbackup_client] backup /var/ also (for now)
2021-03-12 01:05:19 +01:00
454bc66ae0
[borgbackup_client] backup /etc/ everywhere
2021-03-12 00:30:00 +01:00
69516012a2
Add databases for Grafana and CAS
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-03-11 19:28:14 +01:00
df4bee2980
Add kanboard database to bdd-ovh
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-03-10 20:14:02 +01:00
b3fa8a455d
Add/Update password for postgres db codimd, etherpad and synapse
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-03-10 17:13:56 +01:00
5871e1cfb8
Add/Update password for postgres db codimd, etherpad and synapse
2021-03-10 17:13:13 +01:00
deb4372588
Merge branch 'master' into add-ssh-keys
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-03-07 21:29:57 +01:00
2e912fc47a
Add recovery SSH keys for ynerant and otthorn
continuous-integration/drone/pr Build is failing
continuous-integration/drone/push Build is failing
2021-03-07 21:23:09 +01:00
8ae94fa8f8
Rename vault_snmp_switch{s,}_community
2021-03-06 01:08:51 +01:00
5d319cf167
Define rsyslog_{inputs,outputs} for all hosts
2021-03-02 00:52:38 +01:00
1fe8d1d28b
Remove "Root Aurore" SSH key + add histausse key
2021-03-01 13:28:49 +01:00
c3d24c1cd0
Add SSH key for Jeltz
continuous-integration/drone/push Build is passing
2021-02-28 21:47:42 +01:00
ae151321db
[nginx/certbot] Clone roles from Crans
...
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-24 11:46:37 +01:00
4ecb6ed7be
Update re2o-service password
...
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
Signed-off-by: ynerant <ynerant@crans.org>
2021-02-05 21:18:26 +01:00
7e4a2d20c0
Clone nginx role from Crans
...
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
889cb764c1
Clone certbot role from Crans
...
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
217b210295
Please the yaml linter for document line start another because it breaks vault
2021-01-07 11:41:08 +01:00
e68ef218a2
Added yaml document start --- to please yaml linter
2021-01-07 11:20:53 +01:00
15ebe0ee4b
remove whitespace to please yaml linter
2021-01-07 11:19:57 +01:00
88ffd2297f
Add residence les rives
continuous-integration/drone/push Build is failing
2020-11-08 18:53:07 +01:00
Yohann D'ANELLO
f9b7e052b9
Store reverse proxy data in proxy host vars
2020-11-04 22:38:54 +01:00
Yohann D'ANELLO
c11b3bc20f
Comments must start by a space
2020-11-04 20:08:51 +01:00
Yohann D'ANELLO
9505e87113
Use true instead of yes
2020-11-04 20:00:35 +01:00
chirac
4a43c0f0db
Update re2o ip
2020-11-02 17:25:26 +01:00
chirac
68f7fd5b59
Isc-dhcp-server config for banni/accueil vlans
2020-10-17 19:48:34 +02:00
Yohaï-Eliel BERREBY
6dd6168d2a
dhcp: upgrade role for dhcp-aurore-backup
2020-09-12 16:03:33 +02:00
Yohaï-Eliel BERREBY
9b07fc9001
dhcp: manage dhcp-aurore
2020-09-11 15:13:11 +02:00
chirac
26743b464d
Add Radius-aurore.adm.auro.re to ansible managed radius servers
2020-09-09 23:17:15 +02:00
Yohaï-Eliel BERREBY
646ebd3ba9
router: ansibilize routeur-aurore{,backup}
2020-08-08 20:45:38 +02:00
Yohaï-Eliel BERREBY
3a8112bf0d
roll out (private) IPv6 on George Sand
2020-08-01 17:48:39 +02:00
Yohaï-Eliel BERREBY
d54da8d2b9
add ipv6_base_prefix variable
2020-08-01 14:31:49 +02:00
Yohaï-Eliel BERREBY
a32116131d
raise MTU at fleming
...
already been deployed for a while, forgot to push
2020-08-01 12:02:37 +02:00
Yohaï-Eliel BERREBY
337906c6c0
add gs dhcp, dns, routing
...
and add thor to inventory
2020-07-06 18:40:54 +02:00
Yohaï-Eliel BERREBY
a6b15c0e10
vars: use apartment block id for subnets
2020-05-21 20:06:47 +02:00
Yohaï-Eliel BERREBY
63b4425a27
gs: fix vars
2020-05-21 19:45:35 +02:00
Yohaï-Eliel BERREBY
99070ed5ef
radius: step 2 of deployment (WIP)
2020-05-21 18:06:37 +02:00
Yohaï-Eliel BERREBY
e2fa1964af
radius: change proxy.conf password, use vault
...
and also actually template it... it wasn't being
uploaded.
2020-05-21 14:19:28 +02:00
Yohaï-Eliel BERREBY
266b0dde6f
radius: initial setup
2020-05-16 22:08:22 +02:00
Yohaï-Eliel BERREBY
8355546131
edc: raise DHCP-announced MTU to 1500
2020-05-14 17:50:06 +02:00
Yohaï-Eliel BERREBY
87b2e4f8cf
pacaterie: raise MTU to 1500
2020-05-09 16:15:56 +02:00
Yohaï-Eliel BERREBY
ba3aec348f
keepalived: deploy to fleming w/ proper password
2020-05-09 16:07:04 +02:00
Alexandre Iooss
a992612381
Add certbot challenge DNS-01 key
2020-05-09 13:03:31 +02:00
Pierre
3f26e7d4b4
routeur de la pacaterie en ...254 au lieu de ...240 pour keepalived
2020-05-08 18:39:05 +02:00
Yohaï-Eliel BERREBY
4372b21976
dhcp: allow different router IP suffix
...
This variable is only needed because we're in the process of deploying
keepalived. For now it's only at EDC.
2020-05-08 16:36:07 +02:00
Yohaï-Eliel BERREBY
c77ae7f4c3
aurore-firewall: initial setup
...
group_vars: add apartment_block_id var
dhcp: move vars to role
2020-05-07 19:47:50 +02:00
Yohaï-Eliel BERREBY
3f5e0d0035
edc: add group vars required for dhcp deployment
2020-05-07 13:03:44 +02:00
Alexandre IOOSS
81592fa986
Merge branch 'master' into 'aurore-dev'
...
# Conflicts:
# .gitignore
# hosts
# network.yml
# proxmox.yml
2020-05-03 16:11:19 +02:00
Yohaï-Eliel BERREBY
a77b2c4f0f
unbound: fix MTU settings
...
That was the root cause of all our DNSSEC issues.
Now that this was fixed, we're not having these anymore,
so the relaxed checks can be restored back to their original state.
2020-05-02 18:59:22 +02:00
Yohaï-Eliel BERREBY
662452065f
dhcp: remove Cloudflare from backup DNS
...
and rename variable, since these are not technically
upstream DNS servers
(unbound will ask the root servers, not these)
2020-04-18 17:06:38 +02:00
Yohaï-Eliel BERREBY
a0651d7703
unbound: bind to the right addresses on backup hosts
2020-04-18 16:56:34 +02:00
Yohaï-Eliel BERREBY
22166bc69b
unbound: log to journalctl
2020-04-18 16:56:17 +02:00
Yohaï-Eliel BERREBY
7275ebda47
dhcp: ask clients to use our DNS servers
2020-04-18 15:39:32 +02:00
Yohaï-Eliel BERREBY
b3712ed335
unbound: initial deployment
2020-04-13 18:41:12 +02:00
Yohaï-Eliel BERREBY
34b448faec
dhcp: implement failover peer configuration
2020-04-06 14:41:34 +02:00
Yohaï-Eliel BERREBY
2a0a2e2ac6
dhcp: fix silly mix-ups
2020-04-06 13:20:52 +02:00
Yohaï-Eliel BERREBY
e6b2f80b49
templatisation de la config dhcpd
...
non encore testé
2020-04-05 18:44:37 +02:00
fpoutre
b7b32dc496
modified the master_ldap_uri to use a ndd
2020-02-20 19:08:09 +01:00
Alexandre Iooss
07e71659ef
Monitor Unifi AP
2019-11-01 19:02:21 +01:00
Alexandre Iooss
6c1d904791
Vault in passbolt
2019-09-01 11:18:23 +02:00
Alexandre Iooss
a45ca1a890
Move CodiMD to Docker
2019-07-22 19:14:43 +02:00
Alexandre Iooss
61e99ed0b1
Change serviceuser passwd
2019-05-04 12:08:48 +02:00
Alexandre Iooss
1bcd9741f9
Python 3 by default
2019-05-03 14:46:58 +02:00
Alexandre Iooss
104cc3d09e
Move new PVE
2019-04-07 16:59:19 +02:00
Alexandre IOOSS
40e63ba89e
Merge branch 'discord_matrix' into 'master'
...
Discord matrix
See merge request aurore/ansible!31
2019-03-24 12:44:23 +01:00
Alexandre Iooss
bbc04d971f
Working appservice Discord
2019-03-24 12:10:35 +01:00
Alexandre Iooss
489bb5ddcf
sudo group by location
2019-03-23 13:49:53 +01:00
Alexandre Iooss
0cc36a107c
Fix CI
2019-03-12 19:58:55 +01:00
Alexandre Iooss
1a447b3807
Add matrix-appservice-webhooks and move nodejs tasks
2019-03-12 18:03:23 +01:00
Hadrien Patte
58cb43d0d0
Fix: indentations and spaces
...
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-02 12:16:43 +01:00
Hadrien Patte
5f08a7522e
Fix: blank lines and trailing spaces
...
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-02 12:07:48 +01:00
Alexandre Iooss
9ba730392e
mxisd role
2019-02-26 16:49:18 +01:00
Alexandre Iooss
21cfa2c404
Fix synapse templates
2019-02-26 13:34:30 +01:00
Alexandre Iooss
6237f3de46
Configure Matrix Synapse
2019-02-26 13:23:14 +01:00
Alexandre Iooss
69f633a83d
Add LDAP on CodiMD
2019-02-09 11:47:09 +01:00
Alexandre Iooss
41c41d2f02
Add CodiMD database password
2019-02-09 08:29:50 +01:00
Alexandre Iooss
bad6ec3192
Modify vault
2019-02-07 09:26:11 +01:00
Alexandre Iooss
9cb3d49678
Update hosts
2019-01-19 15:58:05 +01:00
Alexandre Iooss
52d2163752
EtherPad
2019-01-07 13:29:06 +01:00