Commit graph

430 commits

Author SHA1 Message Date
3881a35bb5 feat: add influxdb docker config to pottwal 2022-10-20 22:46:54 +02:00
41c04b5ac4 feat: add ingress for influxDB 2022-10-20 22:46:54 +02:00
tux
457c795efb Merge pull request 'Move Redmine to pottwal' (!90) from redmine into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/90
Reviewed-by: dkdent <dkdent@netz39.de>
2022-10-20 20:40:28 +00:00
208245c4c5 Add redmine setup to pottwal
This setup comes from the Antiblau server and mimics the situation there.
2022-10-20 22:34:11 +02:00
e924da8c3b Add redmine.n39.eu to ingress config 2022-10-20 22:30:41 +02:00
416d776e97 Add redmine DB password to inventory 2022-10-20 22:30:41 +02:00
tux
70d2d63057 Merge pull request 'pottwal: Add prosody docker container' (!25) from alex/netz39-infra-ansible:prosody into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/25
Reviewed-by: tux <tux@netz39.de>
2022-10-20 20:25:38 +00:00
236f45dfec 🐛 Fix variable name
Suggested-by: Stefan Haun <tux@netz39.de>
2022-10-20 21:57:33 +02:00
7b3920a456 ⬆️ pottwal: Bump static-web-server to v2.13.1
Link: https://github.com/joseluisq/static-web-server/releases/tag/v2.13.1
2022-10-17 09:01:41 +02:00
7467649f1e ⬆️ pottwal: Bump static-web-server to v2.13.0
Link: https://github.com/joseluisq/static-web-server/releases/tag/v2.13.0
2022-10-13 07:57:48 +02:00
4a7a6d912e ⬆️ pottwal: Bump static-web-server to v2.12.0
Link: https://github.com/joseluisq/static-web-server/releases/tag/v2.12.0
2022-10-06 20:48:37 +02:00
7e206a8e52 👌 pottwal: Pin down tag for static-web-server container
Suggested-by: Stefan Haun <tux@netz39.de>
2022-10-06 20:48:37 +02:00
e483d0f19c 👌 pottwal: Check prosody data dir exists
Suggested-by: Stefan Haun <tux@netz39.de>
2022-10-06 20:48:37 +02:00
3537e91e35 🔧 holmium: Move https ingress for XMPP server
The http(s) stuff for jabber.n39.eu was a static page before.  We point
that to a static-webserver container on pottwal next to the xmpp server
container for now.
2022-10-06 20:48:26 +02:00
2dc0730efc 🔧 pottwal: Add alternative cert name for XMPP MUC
The config file /etc/dehydrated/domains.txt on the old host had this
line before:

        jabber.n39.eu conference.jabber.n39.eu

Link: https://github.com/24367dfa/ansible-role-dehydrated
2022-10-06 20:46:24 +02:00
75b5197069 🚨 pottwal: Fix indentation
yamllint complained.
2022-10-06 20:46:24 +02:00
8c97012a8a 🔨 pottwal: Use variable for xmpp domain name 2022-10-06 20:46:24 +02:00
fdc923263f 🍻 pottwal: jabber/prosody: Add deploy cert hook
Hook works outside of ansible in personal prosody instance. Hope I
understood the template correctly, docs of dehydrated role are quite
sparse on that.

The dehydrated cert path variable is only available since recent change
c4af7754b2 (" Use variables to configure dehydrated
locations").

Link: https://prosody.im/doc/certificates
2022-10-06 20:46:24 +02:00
e9ca246090 :web: pottwal: Prepare reverse proxy for prosody XMPP/Jabber server
The container can serve HTTP for yet unknown reasons, but that port is
not yet exposed.  Do NOT confuse this with the old static website
jabber.n39.eu which was decoupled from prosody and plain HTML only.

The reverse proxy is used to make the static website available, and to
let dehydrated renew the certs.  The certs are used for https to the
static website _and_ for the XMPP server itself!
2022-10-06 20:46:24 +02:00
caf1e0e123 🐳 pottwal: Add container hosting static website for XMPP 2022-10-06 20:46:24 +02:00
bd89c96fbb 🐳 pottwal: Add prosody docker container
The service should be moved away from helium.n39.eu into a container.
2022-10-06 20:46:24 +02:00
tux
081ee4dc61 Merge pull request '⬆️ fix dependency for unattended-upgrades' (!84) from dkdent/netz39-infra-ansible:fix-unattended-upgrade into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/84
Reviewed-by: tux <tux@netz39.de>
2022-10-05 18:36:39 +00:00
tux
c3934319fc Merge pull request 'Fix http(s) ingress for Jabber/XMPP server' (!86) from alex/netz39-infra-ansible:holmium into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/86
Reviewed-by: tux <tux@netz39.de>
2022-10-05 18:00:21 +00:00
c0f7994ce4 🔧 holmium: Fix host for jabber server
jabber.n39.eu including dehydrated runs on helium, always has.

Fixes: 734fbd1d75 ("Call nginx-https-ingress role for holmium")
2022-10-04 08:12:37 +02:00
2c32d746f6 🚨 holmium: Fix indentation
yamllint complained:

  9:3       error    wrong indentation: expected 4 but found 2  (indentation)
  12:7      error    wrong indentation: expected 8 but found 6  (indentation)
  14:9      error    wrong indentation: expected 10 but found 8  (indentation)
  19:9      error    wrong indentation: expected 10 but found 8  (indentation)
  23:9      error    wrong indentation: expected 10 but found 8  (indentation)
  32:9      error    wrong indentation: expected 10 but found 8  (indentation)
2022-10-04 08:08:11 +02:00
2efd892bc1 ✏️ adress issues from PR discussion
- fix typo in role name
- make origin patterns for unattended upgrades less release specific
2022-09-30 22:24:41 +02:00
fa7f16f814 ⬆️ fix dependency for unattended-upgrades
- resolves https://redmine.n39.eu/issues/722
- role https://github.com/jnv/ansible-role-unattended-upgrades is deprecated
- replacement is https://github.com/hifis-net/ansible-role-unattended-upgrades
2022-09-30 22:24:41 +02:00
tux
0f11db3f64 Merge pull request 'Add missing restart-policy entries for Radon docker containers' (!85) from docker-restart-policy into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/85
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-30 20:22:36 +00:00
6a03e55c16 Add missing restart-policy entries for Radon docker containers 2022-09-30 21:52:25 +02:00
tux
1b952f5386 Merge pull request 'Update to new CleanURI (uritools) version' (!83) from cleanuri into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/83
Reviewed-by: Alexander Dahl <alex@netz39.de>
2022-09-15 20:20:29 +00:00
d874aab674 Add uritools-api to dehydrated 2022-09-15 18:09:16 +02:00
69cce57024 Switch to new CleanURI (uritools) implementation 2022-09-15 18:09:16 +02:00
f4544b2555 Add external CleanURI setup to inventory 2022-09-15 18:09:16 +02:00
3d654427ac Add host cleanuri-api to HTTPS forwarding 2022-09-15 18:09:16 +02:00
24929a36bc Add a role to set up cleanuri (uritools) 2022-09-15 18:09:16 +02:00
tux
7b0506c235 Merge pull request '🐛 Fix proxy site template' (!82) from fix-apache-template into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/82
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-14 21:29:40 +00:00
b9488e19db 🐛 Fix proxy site template
These are errors from a bodged PR (my bad) that has been merged too early.
2022-09-14 23:25:41 +02:00
tux
6452e4a277 Merge pull request '⬆️ Bump power-meter-pulse-gateway to 0.3.0' (!81) from power-meter-pulse-gateway-0.3.0 into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/81
Reviewed-by: dkdent <dkdent@netz39.de>
Reviewed-by: Alexander Dahl <alex@netz39.de>
2022-09-09 16:15:47 +00:00
8b885729c9 ⬆️ Bump power-meter-pulse-gateway to 0.3.0
https://github.com/netz39/power-meter-pulse-gateway/releases/tag/v0.3.0
2022-09-09 15:00:23 +02:00
tux
b76ffa2e3e Merge pull request '🎨 Improve configuration for setup-http-site-proxy and merge http-setup-dehydrated' (!80) from condense-roles into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/80
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-08 17:18:34 +00:00
182feeca58 🔥 Remove role setup-http-dehydrated
This feature is now provided by setup-http-site-proxy
2022-09-08 15:45:39 +02:00
e3020b6d71 Enable setup-http-site-proxy with missing proxy target
If no proxy port is defined, only the dehydrated HTTP endpoint is created
and the HTTPS endpoint returns 404.
2022-09-08 15:43:54 +02:00
c4af7754b2 Use variables to configure dehydrated locations
These variables match https://github.com/24367dfa/ansible-role-dehydrated
2022-09-08 15:41:36 +02:00
tux
ac46e1dd7c Merge pull request '🐛 Fix that known_hosts are discarded on container update' (!77) from nodered-known_hosts into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/77
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 23:36:23 +00:00
tux
a5f9d11f8a Merge pull request '🚚 Move entities-validation service to krypton' (!78) from entities-validation into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/78
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 23:35:47 +00:00
tux
a805886cda Merge pull request '🐛 Fix template in setup-http-dehydrated when IPv6 is missing' (!79) from dehydrated-site-v6 into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/79
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 23:35:33 +00:00
4da338f0ad 🐛 Fix template in setup-http-dehydrated when IPv6 is missing 2022-09-06 21:02:48 +02:00
feaf052f65 🚚 Move entities validation service from pottwal to krypton
This is a service handling member data, so it moves to krypton.
2022-09-06 20:31:27 +02:00
2802784e7a Add HTTPS ingress to krypton 2022-09-06 20:14:04 +02:00
e22f0a4fb0 🐛 Fix that known_hosts are discarded on container update 2022-09-06 20:02:46 +02:00