prisma
2130b6a333
lins/dehydrated: added ffwi.org + ffmz.org to wildcard ssl, changed order.
2019-09-09 22:29:17 +02:00
prisma01
7611fb9d76
add dehydrated role with pdns-api.sh support ( #25 )
...
* add dehydrated role with pdns-api.sh support
* Minor changes to Readme
* Remove Meta
* move dehydrated to linse
* Remove Zuckerwatte from PR (nothing to do with dehydrated)
* Add other domains to dehydrated config, added hook_chain
* Add authorized keys for cert user, add structures in /home/cert/ for checking out certs
* Send dehydrated ouput to /dev/null
* user authorized_keys module, add kumpir key
* Fix typo. Use \\n for each ssh-key
* remove unnecessary .ssh creation (done by authorized_key module)
* Added wrapper script to execute two hooks: pdns_api.sh + deploy certificates
* Remove challengetype variable, as only dns-01 is supported anyway.
* Add freifunk-mainz.de domain
* fix cert deploy script.
2019-09-08 20:44:26 +02:00
Julian Labus
a97e0a6bab
Role pdns-api: add ipv6 address to pdns_limit_api_access
2019-09-02 15:40:08 +02:00
prisma01
417b60a0ac
Add role that allows access to powerdns api for certian ips via reverse proxy ( #24 )
...
* Add role that allows access to powerdns api for certian ips via reverse proxy
* Remove unneeded variables, remove systemd handlers.
* Allow a list of access ips. Make this mandatory.
2019-08-31 22:24:44 +02:00
Julian Labus
d862695ef5
Inventory: add unifi_server
2019-08-22 21:26:34 +02:00
Sebastian Schmachtel
d7c7a1e484
Added Unfi Server to ansible.
...
Squashed commit of the following:
commit 3ba76f9e3c02e4a343c0af62ce0327dee6f2f109
Author: Julian Labus <julian@labus-online.de>
Date: Thu Aug 22 13:18:05 2019 +0200
make unifi.yml executable
commit 36002be43a7c1af76660682469dc7efcc06fac5f
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date: Thu Aug 22 13:10:32 2019 +0200
Changed magic < 255
commit c26bbac23620455653d8e21bf512c48493362d43
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date: Thu Aug 22 12:05:42 2019 +0200
Ergänzug um Installation von UNMS
commit 220ba24e471f8139d775eec1d4b3da46e8befdf7
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date: Thu Aug 22 12:01:38 2019 +0200
moved service-nginx-unifi into service-unifi
commit 570f5673c47b72e959e6da8940a9cbcbf1e496bf
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date: Thu Aug 22 11:40:27 2019 +0200
remove lean_delivery.java from unifi playbook. already in dependencies of service-unifi
commit 4775cff44d53e07b720e8760f0e4ece1460e0717
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date: Thu Aug 22 11:38:44 2019 +0200
adjusted readme, remove galaxy info, removed unit test
commit 75711495fcb40f618cd65029ceda6b3cfed7e581
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date: Thu Aug 22 11:32:59 2019 +0200
fix type in unifi inventory
commit 513b4f6b8f3d1426e58a19ece6514e467916d680
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date: Thu Aug 22 11:32:44 2019 +0200
move service-unifi back to correct location
commit ea32af8275fd7e6c34281e02eeb2323cbea55f64
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date: Thu Aug 22 11:31:42 2019 +0200
move service-unifi to temp directory
commit 87698c8d84a66cbf844e923c6dd41de87cba7759
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date: Thu Aug 22 02:09:17 2019 +0200
Move host definition to inentory
commit b469c3f6307dbed9f40310c590abc0c672487973
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date: Thu Aug 22 01:52:19 2019 +0200
Add unifi.yml to site.yml, remove wireguard role from unifi.yml
commit 77fa3aa0eb04b01a7b10dd66cede41b09e0aa5c0
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date: Wed Aug 14 21:17:49 2019 +0200
Add unifi to wireguard
commit c63b850ddd470aa43d8ec25663f086180157673d
Author: Julian Labus <julian@labus-online.de>
Date: Tue Aug 13 08:35:53 2019 +0200
Add wireguard_networks for host unifi
commit 21341ad359fcfe9a9e4735ca50750f1bd5ea2ab6
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date: Mon Aug 12 22:49:17 2019 +0200
Add unms nginx vhost
commit 0c0dff99b6ddbf8c5a354cce040b649c43948d64
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date: Mon Aug 12 21:44:30 2019 +0200
Add java role to gitignore
commit 4fa292b5e5528b732e71dfd204ce53878cc3ee7e
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date: Mon Aug 12 21:43:50 2019 +0200
minor changes
commit 25ab40e85e8b2fd6eb4a770e4c26a82894db3622
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date: Mon Aug 12 21:17:39 2019 +0200
move java repo to requirements.yml, replace duplicated serice-nginx with service-nginx + dependency
commit d9aa004149da7ac3893b698d4dcb329236a521fe
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date: Mon Aug 12 00:52:24 2019 +0200
Added unif host: Added java role, service-unifi role, service-nginx-unifi added unifi host
2019-08-22 14:49:55 +02:00
Julian Labus
876c93737d
Role service-nginx-meshviewer: add additional domains
...
Our meshes structure only supports two domains (internal/external).
This adds a list called `meshviewer_additional_domains` which will be
prefixed with `map.` and redirected to the main Meshviewer domain.
2019-07-16 16:15:32 +02:00
Julian Labus
fc8bdfb63e
Inventory: use default Debian repo on Ingwer
2019-05-31 13:56:18 +02:00
Julian Labus
168f26aa14
Inventory: replace 127.0.0.1 with localhost for MySQL connections
2019-05-23 13:33:19 +02:00
Julian Labus
912cff7f5a
Playbooks: move vars from dns.yml to host_vars
2019-05-22 10:10:45 +02:00
Julian Labus
3a77c2901f
Remove dashes from group_vars names
2019-05-22 09:18:40 +02:00
Julian Labus
3d92463bd6
Inventory: flag old domains as legacy
2019-05-13 17:14:29 +02:00
Tobias Hachmer
2529b0fb19
Inventory: add group ffmwu-dns
2019-04-09 21:30:06 +02:00
Julian Labus
6815dd1521
Iventory: add peers-ffmwu to git repos
2019-04-08 16:10:36 +02:00
Tobias Hachmer
6cc9776c66
Use link-local IPv6 address for BGP Peering
2019-03-25 20:22:55 +01:00
Tobias Hachmer
0c6cec55e3
Add linse.freifunk-mwu.de
...
* Update Playbook dns.yml to manage linse as the external dns master server
2019-03-22 20:34:54 +01:00
Tobias Hachmer
d194d6e936
Role pdns-admin: make dns prefix configurable; add lets encrypt snippet to nginx template
2019-03-22 20:33:32 +01:00
Tobias Hachmer
f0eeb53442
Inventory ffmwu-mesh-services: remove group dns-master-internal
2019-03-22 19:48:25 +01:00
Tobias Hachmer
3a3388ccf7
Inventory: remove old host aubergine
2019-03-21 18:12:02 +01:00
Tobias Hachmer
da2e6e35f7
Inventory: remove unused wireguard networks
2019-03-21 17:54:30 +01:00
Julian Labus
a8995d573c
Inventory: shorten IPv6 anycast address
2019-03-21 11:29:04 +01:00
Tobias Hachmer
869dd5b62a
Migrate internal DNS master to PowerDNS
...
* Add playbook dns to manage internal dns master servers
* Add role to manage PowerDNS Admin Web Frontend for PowerDNS
* Move dns zone related data from mesh list to a simpler dict with a simple zone list
* Update role service-bind-slave
* Update Readme.md
* Add requirements.yml
* Update .gitignore
2019-03-20 19:43:11 +01:00
Tobias Hachmer
e4e8c0998f
Introduce p2p vpn link between all ffmwu servers via WireGuard for routing purpose.
...
* add jinja2 extension 'jinja2.ext.do' to ansible.cfg
* add host kichererbse.freifunk-mwu.de
* add new server_type 'mesh-service' and new host group 'ffmwu-mesh-services'
* use new loopback and anycast networks
* add role wireguard
* add role wireguard as dependency for roles network-routing + service-bird
* add playbook 'mesh-services'
2019-03-19 15:23:12 +01:00
Julian Labus
483f49bba4
Inventory: add new domain dom0
2019-03-18 15:20:54 +01:00
Julian Labus
78916057d6
Inventory: fix DHCP ranges on gateway lotuswurzel
...
lotuswurzel was using the first /23 net which is used for static server
IPs
2019-03-18 11:38:44 +01:00
Julian Labus
1dd24773eb
Inventory: mark old domains ffbin, ffrhg and ffta as legacy
2019-03-14 23:39:23 +01:00
Julian Labus
ac15a69ac5
Inventory: update prometheus_opts
2019-03-11 11:20:06 +01:00
Julian Labus
62ac41501f
Intentory: update fastd_exporter_opts
2019-03-11 10:34:54 +01:00
Julian Labus
9b4dec1cf6
Inventory: add new domains
...
dom1: mainz
dom2: wiesbaden
dom3: bingen
dom4: rheingau
dom5: taunus
dom6: limburg
dom7: wielrod
2019-03-02 18:13:41 +01:00
Julian Labus
721b278d3b
Roles: improve multidomain support
2019-03-02 18:12:56 +01:00
Julian Labus
7a91bbaa2f
Role service-prometheus: simplify and move all files to role directory
2019-02-15 15:45:38 +01:00
Julian Labus
3dbcb8f2c5
Roles: add service-nginx-openlayers
2019-02-13 11:57:16 +01:00
Julian Labus
2ec0d4fe2a
Inventory: set aubergine as DNS master for zone ffbin
2019-02-04 17:24:18 +01:00
Julian Labus
2ef54389d5
Inventory: reduce router advertisement lifetimes
...
valid lifetime: 1 day
preferred lifetime: 4 hours
2019-01-28 13:09:37 +01:00
Tobias Hachmer
ea36605848
Inventory: remove 1312 MTU fastd instances
2018-12-20 23:42:51 +01:00
Julian Labus
d02024810e
Iventory: update peers repos url
2018-12-12 19:52:58 +01:00
Julian Labus
2889bd5db5
Inventory: add ffmwu.org to forward_zones
2018-11-30 21:57:31 +01:00
Julian Labus
319944eecc
Iventory: change branch of backend-scripts to master
2018-11-14 15:07:10 +01:00
Julian Labus
92f213771c
Inventory: enable DAT (Distributed ARP Table) on batadv interfaces
2018-11-12 16:25:07 +01:00
Tobias Hachmer
cc4b984344
Increase minimum Ansible version to '2.6'.
...
* add ansible version check to role prerequisites
* add requirements.txt
* update Readme.md
* track minimum ansible version in variable 'ansible_version_minimum'
2018-11-09 10:43:54 +01:00
Tobias Hachmer
8f8184f4cf
Introduce boolean var 'debug_fastd' and tag debug
...
If debug_fastd to 'True' log level is set to debug on all fastd instances.
Run the playbook with tag 'debug' to invoke only tasks changing debug settings.
2018-11-07 15:20:18 +01:00
Tobias Hachmer
fa37598c3b
Roles service-bird + service-bird-icvpn:
...
Restructure bird configuration to exchange loopback addresses and announce the whole freifunk subnets instead the configured ones.
2018-11-07 10:28:13 +01:00
Julian Labus
9a36b84a5f
Inventory: fix tunnel_ipv6_network for ffrl-a-ak-ber
2018-11-05 16:56:01 +01:00
Julian Labus
dbc7895854
Revert "Roles service-bird + service-bird-icvpn:"
...
This reverts commit a8693377a4
.
2018-11-05 15:43:10 +01:00
Julian Labus
f29da08ba1
Inventory: fix FFRL BGP sessions for Wasserfloh
2018-11-04 02:45:03 +01:00
Julian Labus
a540033cf2
Inventory + Roles: remove legacy_gateways
2018-11-04 01:51:26 +01:00
Sebastian Schmachtel
9f42eaf942
Inventory: added Wasserfloh Gateway
2018-11-03 21:58:58 +01:00
Tobias Hachmer
a8693377a4
Roles service-bird + service-bird-icvpn:
...
Restructure bird configuration to exchange loopback addresses and announce the whole freifunk subnets instead the configured ones.
2018-11-01 08:19:08 +01:00
Julian Labus
8bed1b7c5b
role service-prometheus: update targets and alerts
2018-10-04 18:50:09 +02:00
Julian Labus
a287a61d5b
inventory: remove decommissioned server zwiebel from bgp_mwu_servers
2018-09-26 22:34:24 +02:00