freifunk/ansible-ffibk
9
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
456 commits 1 branch 0 tags 947 KiB
Commit graph

66 commits

Author SHA1 Message Date
prisma01
b91112516d
Introduce Kumpir, our new www server, add wordpress role (#26) 
* Introduce Kumpir, our new www server, add wordpress role

* move kumpir to services group, use safer distinction for ssl_cert location, reduce www playbook

* set server type to services

* fix typo

* rename service-wordpress to service-nginx-wordpress

* Add service-nginx-etherpad role

* Add ed25519 keypair for system_users when supported.

* Revert "Add ed25519 keypair for system_users when supported."

This reverts commit ffef991ca41185d19953b96439e80b1b9a6ba534.

* Change generated keys format to ed25519

* fix indention of nginx templates, reduce amount of needed tasks by adding extra_opts to unarchive, remove not needed mysql db tasks, make new acme_server default

* Change new default preference for acme servers, marking acme_server zuckerwatte deprecated soon.
 2019-09-26 22:13:13 +02:00
prisma01
7611fb9d76
add dehydrated role with pdns-api.sh support (#25) 
* add dehydrated role with pdns-api.sh support

* Minor changes to Readme

* Remove Meta

* move dehydrated to linse

* Remove Zuckerwatte from PR (nothing to do with dehydrated)

* Add other domains to dehydrated config, added hook_chain

* Add authorized keys for cert user, add structures in /home/cert/ for checking out certs

* Send dehydrated ouput to /dev/null

* user authorized_keys module, add kumpir key

* Fix typo. Use \\n for each ssh-key

* remove unnecessary .ssh creation (done by authorized_key module)

* Added wrapper script to execute two hooks: pdns_api.sh + deploy certificates

* Remove challengetype variable, as only dns-01 is supported anyway.

* Add freifunk-mainz.de domain

* fix cert deploy script.
 2019-09-08 20:44:26 +02:00
prisma01
417b60a0ac
Add role that allows access to powerdns api for certian ips via reverse proxy (#24) 
* Add role that allows access to powerdns api for certian ips via reverse proxy

* Remove unneeded variables, remove systemd handlers.

* Allow a list of access ips. Make this mandatory.
 2019-08-31 22:24:44 +02:00
Sebastian Schmachtel
d7c7a1e484 Added Unfi Server to ansible. 
Squashed commit of the following:

commit 3ba76f9e3c02e4a343c0af62ce0327dee6f2f109
Author: Julian Labus <julian@labus-online.de>
Date:   Thu Aug 22 13:18:05 2019 +0200

    make unifi.yml executable

commit 36002be43a7c1af76660682469dc7efcc06fac5f
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date:   Thu Aug 22 13:10:32 2019 +0200

    Changed magic < 255

commit c26bbac23620455653d8e21bf512c48493362d43
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date:   Thu Aug 22 12:05:42 2019 +0200

    Ergänzug um Installation von UNMS

commit 220ba24e471f8139d775eec1d4b3da46e8befdf7
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date:   Thu Aug 22 12:01:38 2019 +0200

    moved service-nginx-unifi into service-unifi

commit 570f5673c47b72e959e6da8940a9cbcbf1e496bf
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date:   Thu Aug 22 11:40:27 2019 +0200

    remove lean_delivery.java from unifi playbook. already in dependencies of service-unifi

commit 4775cff44d53e07b720e8760f0e4ece1460e0717
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date:   Thu Aug 22 11:38:44 2019 +0200

    adjusted readme, remove galaxy info, removed unit test

commit 75711495fcb40f618cd65029ceda6b3cfed7e581
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date:   Thu Aug 22 11:32:59 2019 +0200

    fix type in unifi inventory

commit 513b4f6b8f3d1426e58a19ece6514e467916d680
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date:   Thu Aug 22 11:32:44 2019 +0200

    move service-unifi back to correct location

commit ea32af8275fd7e6c34281e02eeb2323cbea55f64
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date:   Thu Aug 22 11:31:42 2019 +0200

    move service-unifi to temp directory

commit 87698c8d84a66cbf844e923c6dd41de87cba7759
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date:   Thu Aug 22 02:09:17 2019 +0200

    Move host definition to inentory

commit b469c3f6307dbed9f40310c590abc0c672487973
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date:   Thu Aug 22 01:52:19 2019 +0200

    Add unifi.yml to site.yml, remove wireguard role from unifi.yml

commit 77fa3aa0eb04b01a7b10dd66cede41b09e0aa5c0
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date:   Wed Aug 14 21:17:49 2019 +0200

    Add unifi to wireguard

commit c63b850ddd470aa43d8ec25663f086180157673d
Author: Julian Labus <julian@labus-online.de>
Date:   Tue Aug 13 08:35:53 2019 +0200

    Add wireguard_networks for host unifi

commit 21341ad359fcfe9a9e4735ca50750f1bd5ea2ab6
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date:   Mon Aug 12 22:49:17 2019 +0200

    Add unms nginx vhost

commit 0c0dff99b6ddbf8c5a354cce040b649c43948d64
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date:   Mon Aug 12 21:44:30 2019 +0200

    Add java role to gitignore

commit 4fa292b5e5528b732e71dfd204ce53878cc3ee7e
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date:   Mon Aug 12 21:43:50 2019 +0200

    minor changes

commit 25ab40e85e8b2fd6eb4a770e4c26a82894db3622
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date:   Mon Aug 12 21:17:39 2019 +0200

    move java repo to requirements.yml, replace duplicated serice-nginx with service-nginx + dependency

commit d9aa004149da7ac3893b698d4dcb329236a521fe
Author: Sebastian Schmachtel <prisma_freifunk@oimel.net>
Date:   Mon Aug 12 00:52:24 2019 +0200

    Added unif host: Added java role, service-unifi role, service-nginx-unifi added unifi host
 2019-08-22 14:49:55 +02:00
Julian Labus
912cff7f5a
Playbooks: move vars from dns.yml to host_vars 2019-05-22 10:10:45 +02:00
Julian Labus
3a77c2901f
Remove dashes from group_vars names 2019-05-22 09:18:40 +02:00
Julian Labus
dcc4e4b9b5
Playbooks: replace service-respondd with service-yanic 2019-05-02 16:01:23 +02:00
Tobias Hachmer
84cc2ca1c8
Add Playbook site.yml to manage the whole infrastructure 2019-03-22 22:20:33 +01:00
Tobias Hachmer
8212fc243c
Delete old Playbooks; update Playbooks 2019-03-22 22:06:26 +01:00
Tobias Hachmer
0c6cec55e3
Add linse.freifunk-mwu.de 
* Update Playbook dns.yml to manage linse as the external dns master server
 2019-03-22 20:34:54 +01:00
Tobias Hachmer
91e8a2ff3d
Update Playbook dns.yml 
* update passwordstore lookup usage: use other subkey than 'password'
 * add mysql_bind_address
 2019-03-22 19:48:47 +01:00
Julian Labus
af41e77619
Playbooks: add role service-prometheus to mesh-services 2019-03-21 21:20:58 +01:00
Tobias Hachmer
869dd5b62a
Migrate internal DNS master to PowerDNS 
* Add playbook dns to manage internal dns master servers
 * Add role to manage PowerDNS Admin Web Frontend for PowerDNS
 * Move dns zone related data from mesh list to a simpler dict with a simple zone list
 * Update role service-bind-slave
 * Update Readme.md
 * Add requirements.yml
 * Update .gitignore
 2019-03-20 19:43:11 +01:00
Tobias Hachmer
e4e8c0998f
Introduce p2p vpn link between all ffmwu servers via WireGuard for routing purpose. 
* add jinja2 extension 'jinja2.ext.do' to ansible.cfg
 * add host kichererbse.freifunk-mwu.de
 * add new server_type 'mesh-service' and new host group 'ffmwu-mesh-services'
 * use new loopback and anycast networks
 * add role wireguard
 * add role wireguard as dependency for roles network-routing + service-bird
 * add playbook 'mesh-services'
 2019-03-19 15:23:12 +01:00
Julian Labus
902a0eded7
Playbooks: add role service-domain-director to playbook monitoring 2019-03-06 17:18:21 +01:00
Julian Labus
7a91bbaa2f
Role service-prometheus: simplify and move all files to role directory 2019-02-15 15:45:38 +01:00
Julian Labus
603f6af64d
Role service-prometheus: send alerts via IRC 2019-02-15 11:41:55 +01:00
Julian Labus
bfe9509580
Playbooks: add service-nginx-openlayers to monitoring 2019-02-13 12:49:38 +01:00
Julian Labus
7291d75262
Role service-prometheus: update alert FastdNoTraffic 
check `fastd_uptime_seconds` instead of `node_boot_time_seconds`
 2019-02-05 17:21:19 +01:00
Julian Labus
ab252b3776
Role service-prometheus: make alert rules less verbose 2018-12-10 17:57:54 +01:00
Julian Labus
ae5dcb1575
Role service-prometheus: fix NoTraffic alert 2018-11-07 15:34:58 +01:00
Julian Labus
55591b3146
Role service-prometheus: add alert if no traffic is seen on a fastd interface 2018-11-07 13:01:36 +01:00
Tobias Hachmer
678312c7fc
Add roles network-loopback + network-anycast 2018-11-07 10:28:02 +01:00
Julian Labus
19da17b6e1
Revert "Add roles network-loopback + network-anycast" 
This reverts commit d66f880539.
 2018-11-05 15:42:47 +01:00
Tobias Hachmer
d66f880539
Add roles network-loopback + network-anycast 2018-11-01 08:19:07 +01:00
Julian Labus
8bed1b7c5b
role service-prometheus: update targets and alerts 2018-10-04 18:50:09 +02:00
Julian Labus
6cb1eaa514
role service-prometheus: configure alertmanager 2018-09-26 22:34:24 +02:00
Julian Labus
bed80f79ca
inventory: remove roles that are included as dependencies and move service-nginx before first role that has a dependency on it 2018-09-25 10:44:01 +02:00
Julian Labus
8c4ec4170e
role service-fastd-mesh: add fastd-exporter 2018-09-25 10:38:41 +02:00
Julian Labus
46242b965d
role service-prometheus: add blackbox_exporter 2018-09-25 10:36:23 +02:00
Julian Labus
9521fac988
role service-prometheus: move node_exporter to own vhost 2018-09-24 15:10:10 +02:00
Julian Labus
7f042e1292
add role service-bird-lg 2018-09-21 16:20:28 +02:00
Julian Labus
84e5c9e560
playbook monitoring: add roles 
- golang
- nodejs
- yarn
- service-influxdb
- service-yanic
- service-nginx-meshviewer
- service-grafana
 2018-09-18 12:48:08 +02:00
Julian Labus
271dab9f75
playbook gateways: remove role service-vnstat and move role service-prometheus up 2018-09-18 12:48:08 +02:00
Julian Labus
a6faeb0ff6
service-prometheus: update config to export metrics via nginx 2018-09-18 12:48:06 +02:00
Julian Labus
850863d8f3
playbook ffmwu-gateways: add role service-prometheus 2018-09-18 12:48:05 +02:00
Julian Labus
ae243c872f
playbooks: add ffmwu-monitoring to set up prometheus servers 2018-09-18 12:48:05 +02:00
Tobias Hachmer
13fa7414f0 Rename role system-sysctl-gateway to system-sysctl 2018-08-10 06:09:37 +02:00
Tobias Hachmer
d4a4f576c9 Rename fastd instance intragate to backbone 2018-07-25 14:08:45 +02:00
Tobias Hachmer
88bee34235 Restructure and update role for firmware build server 
* rename role ffmwu-build -> firmware-build-server
* rename playbook build-server to firmware-build-server
 2018-07-24 17:09:02 +02:00
Tobias Hachmer
f3eb2e1b02 Playbooks: fix role intendation 2018-03-02 07:21:07 +01:00
Tobias Hachmer
886cdb2417 Handlers: move all handlers into their roles, again 2018-03-01 06:34:55 +01:00
Tobias Hachmer
3c8d012ac7 Add role users 2018-02-28 06:04:25 +01:00
Tobias Hachmer
b246e8982b Add role service-nullmailer 2018-01-07 17:40:33 +01:00
Tobias Hachmer
41a1d0bac3 Add role service-vnstat 2017-12-31 12:40:00 +01:00
Tobias Hachmer
466a08a0b3 Role service-fastd-mesh: ensure fastd_status.json file is present; reorder nginx roles 2017-11-30 23:12:15 +01:00
Tobias Hachmer
9d08803a9e Rename role server-repos to server-apt-repos 
- Role server-apt-repos: add readme
 2017-11-12 11:30:44 +01:00
Tobias Hachmer
ff5f9d8b6d Playbook gateways: reorder roles 2017-11-12 00:34:38 +01:00
Tobias Hachmer
4876f88bc5 Add roles service-nginx(-firmware) to playbook gateways 2017-10-29 21:23:47 +01:00
Tobias Hachmer
57fff0410e Add role service-respondd 2017-10-15 10:18:26 +02:00