Julian Labus
928e0bb826
fixup! Inventory: remove 1312 MTU fastd instances
2019-01-23 16:03:16 +01:00
Julian Labus
ccd3fbafc4
Role service-dhcpd: add control socket
2019-01-23 15:21:10 +01:00
Julian Labus
bc3af84cf8
Role network-routing: use same ip rules for table mwu on all hosts
2019-01-16 18:41:04 +01:00
Julian Labus
2880d72c00
Role service-grafana: update gpg key id
2019-01-14 22:43:45 +01:00
Julian Labus
28ba57aa49
Role service-yanic: use golang dep util
2019-01-14 22:24:20 +01:00
Julian Labus
8670f113ff
Role golang: install dep util
2019-01-14 22:17:14 +01:00
Julian Labus
1354a483bd
Role service-grafana: update apt repo
2019-01-09 14:39:50 +01:00
Tobias Hachmer
1be513fae9
Make variable http_domain_external in list element of meshes optional.
2018-12-30 23:39:41 +01:00
Julian Labus
7dac321cd1
Role service-respondd: start after fastd
...
fixes #18
2018-12-26 14:20:11 +01:00
Julian Labus
8ef5701add
Role service-nginx-meshviewer: update config.js
2018-12-21 11:59:10 +01:00
Julian Labus
d8177dec7c
Role service-prometheus: bump versions
2018-12-21 11:59:02 +01:00
Julian Labus
b06887fc7c
Role service-fastd-mesh: remove obsolete peer group servers
2018-12-12 21:24:37 +01:00
Julian Labus
7b9d3352e8
Role service-nginx: add internal addresses to known_hosts
2018-12-03 15:03:49 +01:00
Tobias Hachmer
38399e5b7a
Role service-bird: export anycast address on gateway, import anycast+loopback on other servers
2018-11-30 18:18:25 +01:00
Julian Labus
2100842bcb
Role service-prometheus: update versions
2018-11-28 14:08:15 +01:00
Julian Labus
5efd7d889e
Role service-nginx-meshviewer: enable HTTP/2
2018-11-28 10:59:53 +01:00
Julian Labus
ee5be5f477
Role service-prometheus: move auth in vhosts to location
2018-11-27 10:55:37 +01:00
Julian Labus
ce2167d3b3
Role service-nginx-firmware: enable CORS
2018-11-27 10:34:11 +01:00
Julian Labus
79cc765554
Role service-respondd: propagate domain_code
2018-11-12 21:06:59 +01:00
Julian Labus
f134f61740
Role service-bird: only configure radvd on gateways
2018-11-12 16:23:13 +01:00
Julian Labus
80259461cc
Role network-meshbridge: only configure public IPv6 subnet not gateways
2018-11-12 16:22:46 +01:00
Julian Labus
6d725812fd
Role service-yanic: enable statistics for domains
2018-11-12 16:19:41 +01:00
Tobias Hachmer
935e66dbd8
Role network-meshbridge + service-bird: announce specific gate prefix instead of the 'global' one
...
* configure a local ip address on meshbridge from the 'gate-specific' public IPv6 prefix
* disable announcement for the 'global' public IPv6 prefix
2018-11-09 21:13:07 +01:00
Tobias Hachmer
479f8c3486
Move Router Advertisements from daemon radvd to bird6
2018-11-09 13:25:26 +01:00
Tobias Hachmer
cc4b984344
Increase minimum Ansible version to '2.6'.
...
* add ansible version check to role prerequisites
* add requirements.txt
* update Readme.md
* track minimum ansible version in variable 'ansible_version_minimum'
2018-11-09 10:43:54 +01:00
Julian Labus
28f235d65c
Role service-fastd-backbone: don't hide IP + MAC
2018-11-08 16:43:12 +01:00
Tobias Hachmer
c400c57b0c
Role service-nginx: increase server_names_hash_bucket_size
2018-11-08 06:38:01 +01:00
Julian Labus
7dcd90cff6
Role service-bird-lg: remove obsolete patching
2018-11-07 15:31:19 +01:00
Tobias Hachmer
8f8184f4cf
Introduce boolean var 'debug_fastd' and tag debug
...
If debug_fastd to 'True' log level is set to debug on all fastd instances.
Run the playbook with tag 'debug' to invoke only tasks changing debug settings.
2018-11-07 15:20:18 +01:00
Tobias Hachmer
2b0e5d7c4a
Role service-bind-slave: listen on loopback + anycast ip addresses
2018-11-07 10:28:35 +01:00
Tobias Hachmer
fa37598c3b
Roles service-bird + service-bird-icvpn:
...
Restructure bird configuration to exchange loopback addresses and announce the whole freifunk subnets instead the configured ones.
2018-11-07 10:28:13 +01:00
Tobias Hachmer
678312c7fc
Add roles network-loopback + network-anycast
2018-11-07 10:28:02 +01:00
Julian Labus
55ca196248
Revert "Role service-bind-slave: listen on loopback + anycast ip addresses"
...
This reverts commit 61382ce676
.
2018-11-05 15:43:12 +01:00
Julian Labus
dbc7895854
Revert "Roles service-bird + service-bird-icvpn:"
...
This reverts commit a8693377a4
.
2018-11-05 15:43:10 +01:00
Julian Labus
19da17b6e1
Revert "Add roles network-loopback + network-anycast"
...
This reverts commit d66f880539
.
2018-11-05 15:42:47 +01:00
Julian Labus
a540033cf2
Inventory + Roles: remove legacy_gateways
2018-11-04 01:51:26 +01:00
Tobias Hachmer
e31bd5fdb9
Role users: update sudoers config for user admin
2018-11-02 10:01:39 +01:00
Tobias Hachmer
61382ce676
Role service-bind-slave: listen on loopback + anycast ip addresses
2018-11-01 19:33:46 +01:00
Tobias Hachmer
a8693377a4
Roles service-bird + service-bird-icvpn:
...
Restructure bird configuration to exchange loopback addresses and announce the whole freifunk subnets instead the configured ones.
2018-11-01 08:19:08 +01:00
Tobias Hachmer
d66f880539
Add roles network-loopback + network-anycast
2018-11-01 08:19:07 +01:00
Julian Labus
767e1fe5e1
Role service-nginx-firmware: replace -a (-rlptgoD) in rsync command with -rlpt
...
Preserving owner and group causes problems if UIDs and GIDs differ
between hosts.
2018-10-22 13:32:28 +02:00
Julian Labus
12ac1e07e3
role service-nginx-meshviewer: update config.js for latest release
2018-10-15 09:41:53 +02:00
Julian Labus
d69d5bde3f
role golang: update to 1.10
...
yanic no longer builds with 1.8
2018-10-15 09:40:09 +02:00
Julian Labus
98c29c3f93
role service-bird: remove unnecessary includes for non-gateway hosts
2018-10-04 19:30:37 +02:00
Julian Labus
ed244ad827
role service-bird-ffrl: replace hyphen with underscores in protocol names
2018-10-04 19:09:59 +02:00
Julian Labus
8bed1b7c5b
role service-prometheus: update targets and alerts
2018-10-04 18:50:09 +02:00
Julian Labus
6cb1eaa514
role service-prometheus: configure alertmanager
2018-09-26 22:34:24 +02:00
Julian Labus
1d72eb8439
role service-bird-lg: add patch to fix parsing
2018-09-25 16:43:35 +02:00
Julian Labus
30a5897c36
roles: don't become root when writing in /home/admin
2018-09-25 16:41:43 +02:00
Julian Labus
8c8039b8b6
role service-prometheus: add missing node_exporter_default_opts to systemd unit
2018-09-25 13:22:46 +02:00
Julian Labus
8c4ec4170e
role service-fastd-mesh: add fastd-exporter
2018-09-25 10:38:41 +02:00
Julian Labus
46242b965d
role service-prometheus: add blackbox_exporter
2018-09-25 10:36:23 +02:00
Julian Labus
13ff110411
role service-prometheus: add vhost
2018-09-25 10:33:52 +02:00
Julian Labus
e8d9e6af90
serivce-prometheus: bind to localhost by default
2018-09-25 10:28:24 +02:00
Julian Labus
059a8af9a1
role service-prometheus: update prometheus to 2.4.2
2018-09-24 16:22:49 +02:00
Julian Labus
55771b4ded
roles: move external addresses to front in vhosts so they get used for redirects
2018-09-24 15:14:09 +02:00
Julian Labus
e79761e8d8
role service-grafana: check prometheus_components instead of setting facts
2018-09-24 15:12:15 +02:00
Julian Labus
9521fac988
role service-prometheus: move node_exporter to own vhost
2018-09-24 15:10:10 +02:00
Julian Labus
525c3e4fd0
service-bird-lg: use existing variable for AS number
2018-09-21 17:16:24 +02:00
Julian Labus
5fee4d98dc
role service-bird-lg: also add legacy_gateways
2018-09-21 17:11:19 +02:00
Julian Labus
7f042e1292
add role service-bird-lg
2018-09-21 16:20:28 +02:00
Tobias Hachmer
e692ef2cde
Role server-basic: add repo for monitoring server to unattended upgrade config
2018-09-20 20:09:18 +02:00
Julian Labus
ea1a731dcf
role service-dhcpd: update config for Kea 1.4-P1
2018-09-20 17:06:03 +02:00
Julian Labus
4c8a765f62
role network-meshbridge: remove obsolete code
2018-09-20 14:10:01 +02:00
Julian Labus
15d2c171c5
role service-fastd-backbone + service-bird: add tag sync-peers
to only refresh backbone peers
2018-09-20 11:33:34 +02:00
Julian Labus
da9ab1430c
role service-nginx(-meshviewer): fix typos
2018-09-20 11:28:04 +02:00
Tobias Hachmer
ad3107fd0c
Role server-basic: add freifunk+nginx repo to unattended upgrades
2018-09-18 17:33:27 +02:00
Julian Labus
cc5a51455d
role service-respondd: force update of dirty git repo
2018-09-18 14:59:46 +02:00
Julian Labus
64604d0a59
role service-prometheus: fix loop
statements
2018-09-18 14:57:56 +02:00
Tobias Hachmer
00551d452a
Role network-batman: deactivate batman gw mode for non gateways
2018-09-18 14:28:25 +02:00
Tobias Hachmer
ea726b9777
Move generation of ssh keys from role prerequisites to role users - let handle the user module this
2018-09-18 14:28:14 +02:00
Tobias Hachmer
69a12e0696
Migrate all with_* loops to new loop directive
2018-09-18 14:27:58 +02:00
Julian Labus
99325672d2
role service-grafana: add grafana datasources for prometheus and yanic
2018-09-18 12:48:10 +02:00
Julian Labus
7a7eaae84a
role service-grafana: install pie chart panel plugin
2018-09-18 12:48:10 +02:00
Julian Labus
c4f04df30b
role service-nginx: only provide location /metrics if node_exporter is availible
2018-09-18 12:48:10 +02:00
Julian Labus
c6277df3b7
role service-yanic: set fact so other roles can check if yanic is availible
2018-09-18 12:48:09 +02:00
Julian Labus
d785c62eab
role service-grafana: set admin password during installation
2018-09-18 12:48:09 +02:00
Julian Labus
222b4e5197
role service-prometheus: set fact so other roles can check if prometheus is availible
2018-09-18 12:48:09 +02:00
Julian Labus
32f6654e44
role network-routing: use flush to delete routes
...
- del will fail if gateways change
2018-09-18 12:48:09 +02:00
Julian Labus
21c6f63b5f
role service-fastd-backbone: force peers repo update
2018-09-18 12:48:09 +02:00
Julian Labus
8b81eb6d7e
update READMEs
2018-09-18 12:48:09 +02:00
Julian Labus
3e2b02cfd5
role prerequisites: add comment to ssh key
2018-09-18 12:48:09 +02:00
Julian Labus
4f39143026
add role nginx-meshviewer
2018-09-18 12:48:08 +02:00
Julian Labus
5e1a75965c
role git-repos: add option to force update
2018-09-18 12:48:08 +02:00
Julian Labus
81393955a0
add role service-grafana
2018-09-18 12:48:08 +02:00
Julian Labus
57a42f17de
add role service-yanic
2018-09-18 12:48:07 +02:00
Julian Labus
c65d39ee54
add role service-influxdb
2018-09-18 12:48:07 +02:00
Julian Labus
0153384d76
add role nodejs
2018-09-18 12:48:07 +02:00
Julian Labus
51c5330e36
add role golang
2018-09-18 12:48:07 +02:00
Julian Labus
280a6f9da6
add role yarn
2018-09-18 12:48:07 +02:00
Julian Labus
ee634b5397
role service-prometheus: change handlers from reload to restart and add handler to reload systemd units
2018-09-18 12:48:07 +02:00
Julian Labus
07ab6837fe
role service-nginx: add new config snippets gzip.conf and redirect-to-ssl.conf
2018-09-18 12:48:07 +02:00
Julian Labus
cfa648219b
role service-nginx: removed obsolete link "Traffic" from index.html
2018-09-18 12:48:06 +02:00
Julian Labus
ec039343df
service-prometheus: fix variables
2018-09-18 12:48:06 +02:00
Julian Labus
a6faeb0ff6
service-prometheus: update config to export metrics via nginx
2018-09-18 12:48:06 +02:00
Julian Labus
8f495b79c8
role network-batman + network-fastd: remove node vpn instances for non-gateway servers
2018-09-18 12:48:06 +02:00
Julian Labus
b8e122ee8c
role server-basic: add net-tools and dnsutils to package list
2018-09-18 12:48:06 +02:00
Julian Labus
f9340ac37b
role service-prometheus: update default versions
2018-09-18 12:48:06 +02:00
Julian Labus
8d7af519a5
split out gateway specific stuff to use roles for generic meshing servers
2018-09-18 12:48:05 +02:00
Julian Labus
37596e917d
role serivce-nginx: improve inital ACME certificate creation
2018-09-12 11:37:25 +02:00