Alexandre Iooss
ef88d0a42b
Some clean up in hosts
4 years ago
Alexandre Iooss
36343d90fd
BangShebang!
4 years ago
Alexandre Iooss
dc2db3d6a3
Decomment hosts
4 years ago
Alexandre Iooss
3b72e2fe2d
Remove SSH blacklist
4 years ago
Alexandre IOOSS
e42bdd53a8
Merge branch 'aurore-dev' into 'master'
...
Aurore dev
See merge request aurore/ansible!47
4 years ago
Alexandre IOOSS
81592fa986
Merge branch 'master' into 'aurore-dev'
...
# Conflicts:
# .gitignore
# hosts
# network.yml
# proxmox.yml
4 years ago
Yohaï-Eliel BERREBY
29991141f5
misc: add script to copy SSH keys
...
This one has the advantage of actually working :)
I had to blacklist some hosts because they would either outright refuse
connections or would refuse my LDAP credentials.
4 years ago
Yohaï-Eliel BERREBY
a77b2c4f0f
unbound: fix MTU settings
...
That was the root cause of all our DNSSEC issues.
Now that this was fixed, we're not having these anymore,
so the relaxed checks can be restored back to their original state.
4 years ago
Yohaï-Eliel BERREBY
aae7e0120a
unbound: drop verbosity but log SERVFAILs
...
TODO: less frequent log rotation because of decreased log volume
4 years ago
Yohaï-Eliel BERREBY
c54e8f5d67
unbound: smarter logging
...
- stop using journald, write to /var/log/unbound/
- set up frequent log rotation for the huge log files
we are producing
4 years ago
Yohaï-Eliel BERREBY
1dca5d2259
unbound: use handlers
...
Only restart unbound if the configuration
was actually updated.
4 years ago
Yohaï-Eliel BERREBY
b94c62d710
unbound-control: no certificates for local use
4 years ago
Yohaï-Eliel BERREBY
3695a3d771
unbound: attempt to fix spurious blacklisting
4 years ago
Yohaï-Eliel BERREBY
b4482b6d3b
unbound: configure unbound-control
4 years ago
Yohaï-Eliel BERREBY
bac131791b
unbound: bump verbosity up to 3
...
Some users are having issues resolving *.auro.re domains from our
network, and the bug does not show itself reliably. Increased verbosity
should help us pinpoint its source.
4 years ago
Yohaï-Eliel BERREBY
ded5f38aec
unbound: name set_fact tasks
4 years ago
yberreby
7234d90fae
Merge branch 'dns' into 'aurore-dev'
...
Finalisation du déploiement d'unbound
See merge request aurore/ansible!46
4 years ago
Yohaï-Eliel BERREBY
662452065f
dhcp: remove Cloudflare from backup DNS
...
and rename variable, since these are not technically
upstream DNS servers
(unbound will ask the root servers, not these)
4 years ago
Yohaï-Eliel BERREBY
12022389c4
hosts: enable dhcp deployment on fleming
4 years ago
Yohaï-Eliel BERREBY
a0651d7703
unbound: bind to the right addresses on backup hosts
4 years ago
Yohaï-Eliel BERREBY
b57fa6e356
dhcp: use backup DNS servers too
4 years ago
Yohaï-Eliel BERREBY
22166bc69b
unbound: log to journalctl
4 years ago
Yohaï-Eliel BERREBY
bfc7d542df
hosts: add all DNS VMs from fleming and pacaterie
4 years ago
Yohaï-Eliel BERREBY
1777d0e154
unbound: log to /var/log/unbound.log, errors only
4 years ago
Yohaï-Eliel BERREBY
7275ebda47
dhcp: ask clients to use our DNS servers
4 years ago
chirac
59b9059116
Merge branch 'dns' into 'aurore-dev'
...
Déploiement basique de serveur DNS récursif
See merge request aurore/ansible!45
4 years ago
Yohaï-Eliel BERREBY
f05e92dc5e
unbound: remove unchecked configuration keys
4 years ago
Yohaï-Eliel BERREBY
b3712ed335
unbound: initial deployment
4 years ago
Yohaï-Eliel BERREBY
9b043d95d3
dhcp: don't touch pacaterie yet
4 years ago
Yohaï-Eliel BERREBY
8fee0857c1
re2o-service: force clone git repository
4 years ago
Yohaï-Eliel BERREBY
8579b99b2e
dhcp: cron.d entry + let main.py restart the server
4 years ago
Yohaï-Eliel BERREBY
6cce62850d
dhcp: configure log rotation
4 years ago
Yohaï-Eliel BERREBY
7347829494
tackle logs
4 years ago
Yohaï-Eliel BERREBY
51fdb89940
extract dhcp-failover.conf into separate file
4 years ago
Yohaï-Eliel BERREBY
d323b78c16
fix bogus dhcpd config
...
- move failover peer declaration to beginning of file
- set split only on primary
- fix re2o-service hostname
- add /etc/default/isc-dhcp-server
4 years ago
Yohaï-Eliel BERREBY
e760f9ad91
re2o-service: fix hostname
4 years ago
Yohaï-Eliel BERREBY
89a0dc57ab
run corresponding re2o-service on DHCP servers
4 years ago
Yohaï-Eliel BERREBY
01439c2388
fix network.yml syntax
4 years ago
F/Poutre
7ed34f79bd
Update network.yml
4 years ago
F/Poutre
fc21a5fa3d
Update base.yml
4 years ago
Yohaï-Eliel BERREBY
34b448faec
dhcp: implement failover peer configuration
4 years ago
Yohaï-Eliel BERREBY
2a0a2e2ac6
dhcp: fix silly mix-ups
4 years ago
Yohaï-Eliel BERREBY
6b369d5b28
fix ProxyJump in README
4 years ago
Yohaï-Eliel BERREBY
709e4614c2
suppression d'une déclaration DNS redondante
4 years ago
Yohaï-Eliel BERREBY
e6b2f80b49
templatisation de la config dhcpd
...
non encore testé
4 years ago
fpoutre
40e915a7e0
happy little mistakes
4 years ago
fpoutre
0e61fcff90
added support for ldap-replicas in the base.yml for edc and gs
4 years ago
fpoutre
23f1b7a4a1
added support for edc and gs in ldap replica backup configuration
4 years ago
fpoutre
b7b32dc496
modified the master_ldap_uri to use a ndd
4 years ago
fpoutre
c0692c9ea8
added ldap-replica support for ldap-clients of pacaterie and fleming
4 years ago