Commit graph

162 commits

Author SHA1 Message Date
bb2590358d
vault: add TSIG keys 2022-08-19 05:03:18 +02:00
c291e836a9
Fix missing entries 2022-05-22 18:55:23 +02:00
2a2702c6ca
Add dolibarr.srv.auro.re + PostgreSQL DB
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2022-01-10 22:10:03 +01:00
Alexandre Iooss
67064484d5 prometheus: add iLO SNMP auth information
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-31 17:27:36 +01:00
Alexandre Iooss
d2331c18d0 vault: fix RFC2136 secret
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-29 11:28:40 +01:00
2f3612fd8e Deploy SSH CA everywhere and set root password
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-12-15 17:15:57 +01:00
Alexandre Iooss
f0b8075ca6 postgresql: move variables in playbook 2021-11-28 10:33:42 +01:00
Alexandre Iooss
aba0370c5b Add grafana playbook and machine 2021-11-27 18:17:57 +01:00
Alexandre Iooss
7b82a3f7ea Add YAML headers 2021-11-27 17:10:51 +01:00
7ca7c27fec Add PDU snmp credentials 2021-08-20 13:28:19 +02:00
604373db03 Set rsyslog_high_density for routers
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is passing
2021-04-30 16:49:36 +02:00
6f927e30f3 Exclude docker and lxcfs folders from borgbackup 2021-03-16 15:05:07 +01:00
6713b550b6 Merge branch 'master' into backups 2021-03-15 07:50:11 +01:00
243ec1fe9d [borgbackup_client] VaRi0u5 f1X3s 2021-03-15 01:04:42 +01:00
7480a7c565 [borgbackup_client] precedence rules and sain defaults for borg config 2021-03-14 22:02:34 +01:00
e570ce67b3 [borgbackup_client] do not backup /var/log/ 2021-03-14 19:23:04 +01:00
c5afbdbde4 remove borg_host_dir 2021-03-14 18:22:17 +01:00
c99b611b8f Various fixes 2021-03-14 14:17:36 +01:00
f45cd77510 Merge branch 'master' into logs-first-phase 2021-03-13 05:02:30 +01:00
a01a2095d6 Add passwords in all and vault for postgres db for wikijs, gitea, nextcloud, drone 2021-03-13 03:07:35 +01:00
904678d1ac [borgbackup_client] Add borg encryption passphrase to vault
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-03-12 01:49:04 +01:00
d16676bfb6 [borgbackup_client] hostname should also be unique, but more legible than fqdn 2021-03-12 01:05:58 +01:00
cdcfad7ac2 [borgbackup_client] backup /var/ also (for now) 2021-03-12 01:05:19 +01:00
454bc66ae0 [borgbackup_client] backup /etc/ everywhere 2021-03-12 00:30:00 +01:00
69516012a2 Add databases for Grafana and CAS
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-03-11 19:28:14 +01:00
df4bee2980 Add kanboard database to bdd-ovh
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-03-10 20:14:02 +01:00
b3fa8a455d Add/Update password for postgres db codimd, etherpad and synapse
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-03-10 17:13:56 +01:00
5871e1cfb8 Add/Update password for postgres db codimd, etherpad and synapse 2021-03-10 17:13:13 +01:00
deb4372588 Merge branch 'master' into add-ssh-keys
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-03-07 21:29:57 +01:00
2e912fc47a Add recovery SSH keys for ynerant and otthorn
Some checks failed
continuous-integration/drone/pr Build is failing
continuous-integration/drone/push Build is failing
2021-03-07 21:23:09 +01:00
8ae94fa8f8 Rename vault_snmp_switch{s,}_community 2021-03-06 01:08:51 +01:00
5d319cf167 Define rsyslog_{inputs,outputs} for all hosts 2021-03-02 00:52:38 +01:00
1fe8d1d28b Remove "Root Aurore" SSH key + add histausse key 2021-03-01 13:28:49 +01:00
c3d24c1cd0 Add SSH key for Jeltz
All checks were successful
continuous-integration/drone/push Build is passing
2021-02-28 21:47:42 +01:00
ae151321db
[nginx/certbot] Clone roles from Crans
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-24 11:46:37 +01:00
4ecb6ed7be
Update re2o-service password
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
Signed-off-by: ynerant <ynerant@crans.org>
2021-02-05 21:18:26 +01:00
7e4a2d20c0
Clone nginx role from Crans
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
889cb764c1
Clone certbot role from Crans
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
217b210295 Please the yaml linter for document line start another because it breaks vault 2021-01-07 11:41:08 +01:00
e68ef218a2 Added yaml document start --- to please yaml linter 2021-01-07 11:20:53 +01:00
15ebe0ee4b remove whitespace to please yaml linter 2021-01-07 11:19:57 +01:00
88ffd2297f Add residence les rives
Some checks failed
continuous-integration/drone/push Build is failing
2020-11-08 18:53:07 +01:00
Yohann D'ANELLO
f9b7e052b9 Store reverse proxy data in proxy host vars 2020-11-04 22:38:54 +01:00
Yohann D'ANELLO
c11b3bc20f Comments must start by a space 2020-11-04 20:08:51 +01:00
Yohann D'ANELLO
9505e87113 Use true instead of yes 2020-11-04 20:00:35 +01:00
chirac
4a43c0f0db Update re2o ip 2020-11-02 17:25:26 +01:00
chirac
68f7fd5b59 Isc-dhcp-server config for banni/accueil vlans 2020-10-17 19:48:34 +02:00
Yohaï-Eliel BERREBY
6dd6168d2a dhcp: upgrade role for dhcp-aurore-backup 2020-09-12 16:03:33 +02:00
Yohaï-Eliel BERREBY
9b07fc9001 dhcp: manage dhcp-aurore 2020-09-11 15:13:11 +02:00
chirac
26743b464d Add Radius-aurore.adm.auro.re to ansible managed radius servers 2020-09-09 23:17:15 +02:00
Yohaï-Eliel BERREBY
646ebd3ba9 router: ansibilize routeur-aurore{,backup} 2020-08-08 20:45:38 +02:00
Yohaï-Eliel BERREBY
3a8112bf0d roll out (private) IPv6 on George Sand 2020-08-01 17:48:39 +02:00
Yohaï-Eliel BERREBY
d54da8d2b9 add ipv6_base_prefix variable 2020-08-01 14:31:49 +02:00
Yohaï-Eliel BERREBY
a32116131d raise MTU at fleming
already been deployed for a while, forgot to push
2020-08-01 12:02:37 +02:00
Yohaï-Eliel BERREBY
337906c6c0 add gs dhcp, dns, routing
and add thor to inventory
2020-07-06 18:40:54 +02:00
Yohaï-Eliel BERREBY
a6b15c0e10 vars: use apartment block id for subnets 2020-05-21 20:06:47 +02:00
Yohaï-Eliel BERREBY
63b4425a27 gs: fix vars 2020-05-21 19:45:35 +02:00
Yohaï-Eliel BERREBY
99070ed5ef radius: step 2 of deployment (WIP) 2020-05-21 18:06:37 +02:00
Yohaï-Eliel BERREBY
e2fa1964af radius: change proxy.conf password, use vault
and also actually template it... it wasn't being
uploaded.
2020-05-21 14:19:28 +02:00
Yohaï-Eliel BERREBY
266b0dde6f radius: initial setup 2020-05-16 22:08:22 +02:00
Yohaï-Eliel BERREBY
8355546131 edc: raise DHCP-announced MTU to 1500 2020-05-14 17:50:06 +02:00
Yohaï-Eliel BERREBY
87b2e4f8cf pacaterie: raise MTU to 1500 2020-05-09 16:15:56 +02:00
Yohaï-Eliel BERREBY
ba3aec348f keepalived: deploy to fleming w/ proper password 2020-05-09 16:07:04 +02:00
Alexandre Iooss
a992612381
Add certbot challenge DNS-01 key 2020-05-09 13:03:31 +02:00
Pierre
3f26e7d4b4 routeur de la pacaterie en ...254 au lieu de ...240 pour keepalived 2020-05-08 18:39:05 +02:00
Yohaï-Eliel BERREBY
4372b21976 dhcp: allow different router IP suffix
This variable is only needed because we're in the process of deploying
keepalived. For now it's only at EDC.
2020-05-08 16:36:07 +02:00
Yohaï-Eliel BERREBY
c77ae7f4c3 aurore-firewall: initial setup
group_vars: add apartment_block_id var
dhcp: move vars to role
2020-05-07 19:47:50 +02:00
Yohaï-Eliel BERREBY
3f5e0d0035 edc: add group vars required for dhcp deployment 2020-05-07 13:03:44 +02:00
Alexandre IOOSS
81592fa986 Merge branch 'master' into 'aurore-dev'
# Conflicts:
#   .gitignore
#   hosts
#   network.yml
#   proxmox.yml
2020-05-03 16:11:19 +02:00
Yohaï-Eliel BERREBY
a77b2c4f0f unbound: fix MTU settings
That was the root cause of all our DNSSEC issues.
Now that this was fixed, we're not having these anymore,
so the relaxed checks can be restored back to their original state.
2020-05-02 18:59:22 +02:00
Yohaï-Eliel BERREBY
662452065f dhcp: remove Cloudflare from backup DNS
and rename variable, since these are not technically
upstream DNS servers
(unbound will ask the root servers, not these)
2020-04-18 17:06:38 +02:00
Yohaï-Eliel BERREBY
a0651d7703 unbound: bind to the right addresses on backup hosts 2020-04-18 16:56:34 +02:00
Yohaï-Eliel BERREBY
22166bc69b unbound: log to journalctl 2020-04-18 16:56:17 +02:00
Yohaï-Eliel BERREBY
7275ebda47 dhcp: ask clients to use our DNS servers 2020-04-18 15:39:32 +02:00
Yohaï-Eliel BERREBY
b3712ed335 unbound: initial deployment 2020-04-13 18:41:12 +02:00
Yohaï-Eliel BERREBY
34b448faec dhcp: implement failover peer configuration 2020-04-06 14:41:34 +02:00
Yohaï-Eliel BERREBY
2a0a2e2ac6 dhcp: fix silly mix-ups 2020-04-06 13:20:52 +02:00
Yohaï-Eliel BERREBY
e6b2f80b49 templatisation de la config dhcpd
non encore testé
2020-04-05 18:44:37 +02:00
fpoutre
b7b32dc496 modified the master_ldap_uri to use a ndd 2020-02-20 19:08:09 +01:00
Alexandre Iooss
07e71659ef
Monitor Unifi AP 2019-11-01 19:02:21 +01:00
Alexandre Iooss
6c1d904791
Vault in passbolt 2019-09-01 11:18:23 +02:00
Alexandre Iooss
a45ca1a890
Move CodiMD to Docker 2019-07-22 19:14:43 +02:00
Alexandre Iooss
61e99ed0b1
Change serviceuser passwd 2019-05-04 12:08:48 +02:00
Alexandre Iooss
1bcd9741f9
Python 3 by default 2019-05-03 14:46:58 +02:00
Alexandre Iooss
104cc3d09e
Move new PVE 2019-04-07 16:59:19 +02:00
Alexandre IOOSS
40e63ba89e Merge branch 'discord_matrix' into 'master'
Discord matrix

See merge request aurore/ansible!31
2019-03-24 12:44:23 +01:00
Alexandre Iooss
bbc04d971f
Working appservice Discord 2019-03-24 12:10:35 +01:00
Alexandre Iooss
489bb5ddcf
sudo group by location 2019-03-23 13:49:53 +01:00
Alexandre Iooss
0cc36a107c Fix CI 2019-03-12 19:58:55 +01:00
Alexandre Iooss
1a447b3807 Add matrix-appservice-webhooks and move nodejs tasks 2019-03-12 18:03:23 +01:00
Hadrien Patte
58cb43d0d0
Fix: indentations and spaces
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-02 12:16:43 +01:00
Hadrien Patte
5f08a7522e
Fix: blank lines and trailing spaces
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-02 12:07:48 +01:00
Alexandre Iooss
9ba730392e mxisd role 2019-02-26 16:49:18 +01:00
Alexandre Iooss
21cfa2c404 Fix synapse templates 2019-02-26 13:34:30 +01:00
Alexandre Iooss
6237f3de46 Configure Matrix Synapse 2019-02-26 13:23:14 +01:00
Alexandre Iooss
69f633a83d Add LDAP on CodiMD 2019-02-09 11:47:09 +01:00
Alexandre Iooss
41c41d2f02 Add CodiMD database password 2019-02-09 08:29:50 +01:00
Alexandre Iooss
bad6ec3192 Modify vault 2019-02-07 09:26:11 +01:00
Alexandre Iooss
9cb3d49678 Update hosts 2019-01-19 15:58:05 +01:00
Alexandre Iooss
52d2163752 EtherPad 2019-01-07 13:29:06 +01:00