Yohaï-Eliel BERREBY
1a10729b67
hosts: manage dhcp-edc
2020-05-07 19:48:07 +02:00
Yohaï-Eliel BERREBY
5ee7bb3069
ansible.cfg: unset scp_if_ssh
2020-05-07 19:48:07 +02:00
Yohaï-Eliel BERREBY
c77ae7f4c3
aurore-firewall: initial setup
...
group_vars: add apartment_block_id var
dhcp: move vars to role
2020-05-07 19:47:50 +02:00
Yohaï-Eliel BERREBY
268c4d2419
hosts: manage recursive DNS on EDC
2020-05-07 18:51:45 +02:00
Yohaï-Eliel BERREBY
e4d428d1dc
unbound: change task order
...
Seems to be necessary to restart unbound manually for some reason?...
2020-05-07 18:49:31 +02:00
Yohaï-Eliel BERREBY
3d742c391c
hosts: add routeur-edc-backup
2020-05-07 17:06:48 +02:00
Yohaï-Eliel BERREBY
4f224ee817
re2o-service: install Python dependencies
2020-05-07 14:55:12 +02:00
Yohaï-Eliel BERREBY
24a6063a91
baseconfig: fix resolv.conf
2020-05-07 14:51:02 +02:00
Yohaï-Eliel BERREBY
3f5e0d0035
edc: add group vars required for dhcp deployment
2020-05-07 13:03:44 +02:00
Yohaï-Eliel BERREBY
0db7713bbf
hosts: add dhcp-edc-backup
2020-05-07 12:55:19 +02:00
Yohaï-Eliel BERREBY
7c7abb6be5
baseconfig: set up /etc/resolv.conf
2020-05-07 12:53:59 +02:00
Yohaï-Eliel BERREBY
7e9c4352a0
base: group name is ldap_replica
...
It's an underscore, not a hyphen
2020-05-04 18:49:51 +02:00
Yohaï-Eliel BERREBY
9c1f186682
hosts: s/physical/pve/g, add new backup hosts
2020-05-04 18:48:00 +02:00
Alexandre Iooss
ef88d0a42b
Some clean up in hosts
2020-05-03 20:50:29 +02:00
Alexandre Iooss
36343d90fd
BangShebang!
2020-05-03 18:45:07 +02:00
Alexandre Iooss
dc2db3d6a3
Decomment hosts
2020-05-03 18:40:26 +02:00
Alexandre Iooss
3b72e2fe2d
Remove SSH blacklist
2020-05-03 17:26:10 +02:00
Alexandre IOOSS
e42bdd53a8
Merge branch 'aurore-dev' into 'master'
...
Aurore dev
See merge request aurore/ansible!47
2020-05-03 16:11:29 +02:00
Alexandre IOOSS
81592fa986
Merge branch 'master' into 'aurore-dev'
...
# Conflicts:
# .gitignore
# hosts
# network.yml
# proxmox.yml
2020-05-03 16:11:19 +02:00
Yohaï-Eliel BERREBY
29991141f5
misc: add script to copy SSH keys
...
This one has the advantage of actually working :)
I had to blacklist some hosts because they would either outright refuse
connections or would refuse my LDAP credentials.
2020-05-03 11:26:53 +02:00
Yohaï-Eliel BERREBY
a77b2c4f0f
unbound: fix MTU settings
...
That was the root cause of all our DNSSEC issues.
Now that this was fixed, we're not having these anymore,
so the relaxed checks can be restored back to their original state.
2020-05-02 18:59:22 +02:00
Yohaï-Eliel BERREBY
aae7e0120a
unbound: drop verbosity but log SERVFAILs
...
TODO: less frequent log rotation because of decreased log volume
2020-05-02 18:06:58 +02:00
Yohaï-Eliel BERREBY
c54e8f5d67
unbound: smarter logging
...
- stop using journald, write to /var/log/unbound/
- set up frequent log rotation for the huge log files
we are producing
2020-05-02 17:13:01 +02:00
Yohaï-Eliel BERREBY
1dca5d2259
unbound: use handlers
...
Only restart unbound if the configuration
was actually updated.
2020-05-02 16:43:44 +02:00
Yohaï-Eliel BERREBY
b94c62d710
unbound-control: no certificates for local use
2020-05-02 16:37:21 +02:00
Yohaï-Eliel BERREBY
3695a3d771
unbound: attempt to fix spurious blacklisting
2020-04-28 23:14:43 +02:00
Yohaï-Eliel BERREBY
b4482b6d3b
unbound: configure unbound-control
2020-04-28 20:21:47 +02:00
Yohaï-Eliel BERREBY
bac131791b
unbound: bump verbosity up to 3
...
Some users are having issues resolving *.auro.re domains from our
network, and the bug does not show itself reliably. Increased verbosity
should help us pinpoint its source.
2020-04-28 20:13:56 +02:00
Yohaï-Eliel BERREBY
ded5f38aec
unbound: name set_fact tasks
2020-04-18 17:36:25 +02:00
7234d90fae
Merge branch 'dns' into 'aurore-dev'
...
Finalisation du déploiement d'unbound
See merge request aurore/ansible!46
2020-04-18 17:10:22 +02:00
Yohaï-Eliel BERREBY
662452065f
dhcp: remove Cloudflare from backup DNS
...
and rename variable, since these are not technically
upstream DNS servers
(unbound will ask the root servers, not these)
2020-04-18 17:06:38 +02:00
Yohaï-Eliel BERREBY
12022389c4
hosts: enable dhcp deployment on fleming
2020-04-18 16:57:18 +02:00
Yohaï-Eliel BERREBY
a0651d7703
unbound: bind to the right addresses on backup hosts
2020-04-18 16:56:34 +02:00
Yohaï-Eliel BERREBY
b57fa6e356
dhcp: use backup DNS servers too
2020-04-18 16:56:34 +02:00
Yohaï-Eliel BERREBY
22166bc69b
unbound: log to journalctl
2020-04-18 16:56:17 +02:00
Yohaï-Eliel BERREBY
bfc7d542df
hosts: add all DNS VMs from fleming and pacaterie
2020-04-18 15:43:39 +02:00
Yohaï-Eliel BERREBY
1777d0e154
unbound: log to /var/log/unbound.log, errors only
2020-04-18 15:42:31 +02:00
Yohaï-Eliel BERREBY
7275ebda47
dhcp: ask clients to use our DNS servers
2020-04-18 15:39:32 +02:00
chirac
59b9059116
Merge branch 'dns' into 'aurore-dev'
...
Déploiement basique de serveur DNS récursif
See merge request aurore/ansible!45
2020-04-13 19:08:32 +02:00
Yohaï-Eliel BERREBY
f05e92dc5e
unbound: remove unchecked configuration keys
2020-04-13 18:42:02 +02:00
Yohaï-Eliel BERREBY
b3712ed335
unbound: initial deployment
2020-04-13 18:41:12 +02:00
Yohaï-Eliel BERREBY
9b043d95d3
dhcp: don't touch pacaterie yet
2020-04-06 19:06:53 +02:00
Yohaï-Eliel BERREBY
8fee0857c1
re2o-service: force clone git repository
2020-04-06 19:03:38 +02:00
Yohaï-Eliel BERREBY
8579b99b2e
dhcp: cron.d entry + let main.py restart the server
2020-04-06 19:03:10 +02:00
Yohaï-Eliel BERREBY
6cce62850d
dhcp: configure log rotation
2020-04-06 17:58:14 +02:00
Yohaï-Eliel BERREBY
7347829494
tackle logs
2020-04-06 17:48:56 +02:00
Yohaï-Eliel BERREBY
51fdb89940
extract dhcp-failover.conf into separate file
2020-04-06 17:28:04 +02:00
Yohaï-Eliel BERREBY
d323b78c16
fix bogus dhcpd config
...
- move failover peer declaration to beginning of file
- set split only on primary
- fix re2o-service hostname
- add /etc/default/isc-dhcp-server
2020-04-06 17:22:50 +02:00
Yohaï-Eliel BERREBY
e760f9ad91
re2o-service: fix hostname
2020-04-06 16:53:59 +02:00
Yohaï-Eliel BERREBY
89a0dc57ab
run corresponding re2o-service on DHCP servers
2020-04-06 16:49:14 +02:00
