8f815a30c5
Remove useless date (already added by journald)
continuous-integration/drone/push Build is failing
2021-03-01 17:47:12 +01:00
acd5721a5b
Fix typos in rotate-remote-logs.service.j2
2021-03-01 17:45:17 +01:00
9547868c7d
Send nginx logs to local syslog
continuous-integration/drone/push Build is failing
2021-03-01 17:40:05 +01:00
cdb9f88614
Do not rate limit collection of journald logs
continuous-integration/drone/push Build is failing
2021-03-01 16:31:52 +01:00
9eeb8ccd73
Remove non-Ansible SSH root keys
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-03-01 16:08:08 +01:00
9252249d18
Use 'true' instead of 'yes'
continuous-integration/drone/push Build is failing
2021-03-01 04:15:54 +01:00
e4b58c0bf4
Fix typo in 20-collector.conf.j2
continuous-integration/drone/push Build is failing
2021-03-01 04:07:17 +01:00
c65b3f090b
Compress and delete old remote logs
...
continuous-integration/drone/push Build is failing
Logrotate is not used because I didn't found an easy way to configure it
to handle the compression/deletion of log files already rotated by
rsyslog (it is probably possible, but I found the script to be easier).
2021-03-01 03:58:58 +01:00
f7183095c1
Add explicit permissions for directories
continuous-integration/drone/push Build is failing
2021-03-01 02:26:22 +01:00
ba8b4e8c29
Fix the ordering of rsyslog.d files
...
continuous-integration/drone/push Build is failing
A call to sendLogsToRemote for logs received through RELP/UDP has
been added (to send them to Logstash/Redis/…), so common.conf's prefix
must be lower than collector.conf's.
Note: future "third-party" config files will also call sendLogsToRemote
and thus will also have to use a prefix higher than 10.
2021-03-01 02:15:28 +01:00
7fd1b5ff5d
Add rsyslog_collector role
2021-03-01 01:27:56 +01:00
6263c31785
Add rsyslog_common role
2021-03-01 01:27:30 +01:00
ba6da939ab
[certbot] Fix certificates for auro.re
...
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-24 13:57:59 +01:00
ae151321db
[nginx/certbot] Clone roles from Crans
...
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-24 11:46:37 +01:00
d7d0676f5e
Remove .save file; remove fo fleming prometheus
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-02-18 17:53:15 +01:00
74c30b81df
Merge branch 'master' into Global_monitoring
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-02-17 19:41:06 +01:00
b278b02bc2
Remove percentage sign for load alert
continuous-integration/drone/push Build is failing
2021-02-17 19:37:33 +01:00
0b90c9944b
Fix CI warning from last commit
continuous-integration/drone/push Build is failing
2021-02-17 18:15:31 +01:00
61001e09f5
Add alert for load usage
continuous-integration/drone/push Build is failing
2021-02-17 18:08:39 +01:00
a5b4deacee
Rename federate role; update of alerts of federate prometheus; update of configuration of federate prometheus
continuous-integration/drone/push Build is failing
2021-02-17 17:42:24 +01:00
5b2580056d
🐛 Final fix, should stop sending ill-formed mail from now on
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-16 18:10:39 +01:00
f607a76ec8
🐛 Fix a small bug. Postfix does not accept trailing comments
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-16 13:13:26 +01:00
3fceeff74f
Fix ansible lint for rule [208] always specify mode and owner for template
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-16 02:47:04 +01:00
3925e32188
Repect ansible-lint [106] for role names
2021-02-16 02:45:35 +01:00
69d732e612
Fix case
2021-02-16 02:42:08 +01:00
ab3659adc2
Also config hostname just in case
2021-02-16 02:32:46 +01:00
1ca75ccfb0
Add postfix non mailhost conf
2021-02-16 02:22:41 +01:00
f08b11445d
Add postfix non mailhost task
2021-02-16 02:15:52 +01:00
a9b03aed82
Add postfix non mailhost handlers
2021-02-16 02:02:15 +01:00
6ec449c3b3
Fix restarting prometheus snmp (not installed)
continuous-integration/drone/push Build is failing
2021-02-10 20:43:43 +01:00
d8924abe66
Add prometheus-federate role
2021-02-10 20:42:37 +01:00
4308bedf8f
Monitoring of docker containers
2021-02-10 19:06:28 +01:00
bd5b88c4fc
Correcting format of percentage
continuous-integration/drone/pr Build is failing
continuous-integration/drone/push Build is failing
2021-02-08 18:22:08 +01:00
428b6f5733
Correcting grafana stats for wireless
2021-02-08 13:57:32 +01:00
8bfe83f73c
Adaptation of UPS alerts
2021-02-08 13:52:17 +01:00
faf5fc7362
fix re2o-service -> re2o_service role name
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-02-07 17:39:04 +01:00
e6b853a552
fix role name
2021-02-07 17:33:29 +01:00
679daa633f
Fix ansible lint
2021-02-07 17:32:44 +01:00
1e136e3736
Remove rules from warn list when it is not needed
2021-02-07 17:31:21 +01:00
ynerant
f9e83e514e
Merge pull request 'Captive portal' ( #11 ) from accueil into master
...
continuous-integration/drone/push Build is failing
Reviewed-on: Aurore/ansible#11
2021-02-05 20:39:50 +01:00
0e224df41f
Install ipset on each router
...
continuous-integration/drone/pr Build is failing
continuous-integration/drone/push Build is failing
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:26 +01:00
c527ce16b0
Use good output interface for the main router
...
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
a82edc3e24
Firewall configuration without MASQUERADE
...
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
bbac76023c
Update masquerade configuration for the captive portal
...
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
7e4a2d20c0
Clone nginx role from Crans
...
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
889cb764c1
Clone certbot role from Crans
...
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
154cbedec2
Deploy firewall config for the captive portal
...
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
9bd06520fb
Add reverse-proxy for Re2o on the portal VM
...
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:39:25 +01:00
e02670afb0
Les caches unbound renvoie les addresses en 10/8
2021-02-05 20:38:50 +01:00
a7b073e1cc
Add captive portal firewall configuration
...
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:38:50 +01:00
89ebbd423e
Use the local firewall repository
...
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:38:50 +01:00
5a09b77070
Resolve DNS for the accueil vlan
...
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-05 20:38:49 +01:00
5fc2d0a3f9
Ajout d'accueil dans keepalived
2021-02-05 20:38:49 +01:00
7cdef7ee96
Fix: keep the logs for 90 days
2021-02-05 20:38:49 +01:00
3eb48edccd
Tmux everywhere
...
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-02-02 23:17:47 +01:00
otthorn
f6c9208a41
Merge pull request 'Limit floats in alerts to 2 decimal places' ( #5 ) from human_readable_altermanager into master
...
continuous-integration/drone/push Build is failing
Reviewed-on: Aurore/ansible#5
2021-01-29 20:48:43 +01:00
otthorn
c9352fb9ab
Merge pull request 'Use unattended-upgrades for Debian-Security' ( #4 ) from unattended into master
...
continuous-integration/drone/push Build is failing
Reviewed-on: Aurore/ansible#4
2021-01-29 20:42:24 +01:00
otthorn
a8af3c9c72
Merge branch 'master' into monitoring_pdu
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-01-29 20:29:28 +01:00
eecf807b53
Delte main.yml.save
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-01-29 20:15:21 +01:00
a12bcbc97f
Correct yamlint
continuous-integration/drone/push Build is failing
2021-01-29 20:12:14 +01:00
6ec89b88d8
Limit floats in alerts to 2 decimal places
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-01-29 19:33:38 +01:00
d59cb41d5e
Use unattended-upgrades for Debian-Security
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-01-28 03:42:07 +01:00
e3ae912f44
Add prometheus-aurore to monitor all service VM and physical servers. Modifying monitoring role to exclude wireless access points when running the role on all hosts
continuous-integration/drone/push Build is failing
2021-01-23 22:10:57 +01:00
bac377f634
Update alert rules of UPS
continuous-integration/drone/push Build is failing
2021-01-23 19:01:27 +01:00
fff6ec5807
fix typo: restart -> reload
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-01-23 16:04:09 +01:00
795ee3846f
fix indent
2021-01-23 16:02:10 +01:00
e6af0f2bd7
fix typo: groupe -> group
continuous-integration/drone/pr Build is failing
continuous-integration/drone/push Build is failing
2021-01-23 15:59:03 +01:00
e1a961273d
fix typo: dst -> dest
continuous-integration/drone/pr Build is failing
continuous-integration/drone/push Build is failing
2021-01-23 15:42:52 +01:00
73142dbe03
Fix yaml syntax
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-01-23 14:41:25 +01:00
43274ef2ec
Add the ansible_managed var at the begining of the config file
2021-01-23 14:40:29 +01:00
66c2ff6305
full path to logrotate for command
2021-01-23 14:37:18 +01:00
05326c15d3
Enforce logrotate rules
2021-01-23 14:27:09 +01:00
ddd69e04c0
create logrotate role
2021-01-23 14:25:35 +01:00
c7a3495ae5
Alert rules for UPS
continuous-integration/drone/push Build is failing
2021-01-22 12:16:36 +01:00
40d3c22276
Setup config snmp for Prometheus, to monitore Aurore's PDU
continuous-integration/drone/push Build is failing
2021-01-21 21:26:40 +01:00
f0e3bd78c9
use command instead of shell when you don't need sh features (pipes, env, etc...)
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-01-19 23:27:17 +01:00
4a57dad8a6
use handlers
continuous-integration/drone/push Build is failing
2021-01-19 23:19:25 +01:00
facfe3c169
Attempt to fix ansible lint
continuous-integration/drone/push Build is failing
2021-01-17 18:21:29 +01:00
ee1726589a
Linter should pass now!
continuous-integration/drone/push Build is failing
2021-01-17 17:06:59 +01:00
0364006062
Install curl and net-tools by default
...
continuous-integration/drone/push Build is failing
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-01-17 12:13:30 +01:00
02e4e7d48f
Sort APT packages
...
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-01-17 12:12:53 +01:00
078d141236
Add task to remove smartmontools of the VM
continuous-integration/drone/push Build is failing
2021-01-08 22:43:18 +01:00
07f9ee1fbb
yes -> true to please yaml linter (truthy)
continuous-integration/drone/push Build is failing
2021-01-07 11:21:53 +01:00
37e3fe2231
Add ldap replica rives
continuous-integration/drone/push Build is failing
2020-11-09 18:53:47 +01:00
b232d6b40b
Renommage re2o_service en re2o-service
2020-11-09 18:10:34 +01:00
chirac
8bf080dbf7
Fix radius permission bug
2020-11-08 18:50:38 +01:00
chirac
5b56f9cfc9
Revert "Use command instead of shell"
...
This reverts commit 0f9169284f
.
2020-11-08 18:13:21 +01:00
Yohann D'ANELLO
24ab53675a
Automatically renew certificates if a new domain was added
2020-11-04 23:58:27 +01:00
Yohann D'ANELLO
03d48a2d82
Add possibility to configure port forwarding, like SSH for Gitea
2020-11-04 23:49:35 +01:00
Yohann D'ANELLO
ac7696c81f
User cerbot-nginx to create certificates
2020-11-04 23:07:51 +01:00
Yohann D'ANELLO
f9b7e052b9
Store reverse proxy data in proxy host vars
2020-11-04 22:38:54 +01:00
Yohann D'ANELLO
26427665f3
Fix indentation
2020-11-04 20:11:31 +01:00
Yohann D'ANELLO
9505e87113
Use true instead of yes
2020-11-04 20:00:35 +01:00
Yohann D'ANELLO
0f9169284f
Use command instead of shell
2020-11-04 19:49:49 +01:00
Yohann D'ANELLO
4c8e05e08f
Use underscore instead of dashes
2020-11-04 19:36:40 +01:00
Yohann D'ANELLO
9b8dee098e
Always set file permissions
2020-11-04 19:31:50 +01:00
Yohann D'ANELLO
3c405db661
Add Drone
2020-11-04 00:29:31 +01:00
Yohann D'ANELLO
2a6c005190
Replace ansible_header by ansible_managed
2020-11-03 23:29:30 +01:00
chirac
518560b392
Add new ldap replica at ovh
2020-11-03 14:21:26 +01:00
chirac
a213e18d9c
Update Ldap priority
2020-11-02 17:25:38 +01:00