Commit graph

939 commits

Author SHA1 Message Date
e3020b6d71 Enable setup-http-site-proxy with missing proxy target
If no proxy port is defined, only the dehydrated HTTP endpoint is created
and the HTTPS endpoint returns 404.
2022-09-08 15:43:54 +02:00
c4af7754b2 Use variables to configure dehydrated locations
These variables match https://github.com/24367dfa/ansible-role-dehydrated
2022-09-08 15:41:36 +02:00
tux
ac46e1dd7c Merge pull request '🐛 Fix that known_hosts are discarded on container update' (!77) from nodered-known_hosts into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/77
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 23:36:23 +00:00
tux
a5f9d11f8a Merge pull request '🚚 Move entities-validation service to krypton' (!78) from entities-validation into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/78
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 23:35:47 +00:00
tux
a805886cda Merge pull request '🐛 Fix template in setup-http-dehydrated when IPv6 is missing' (!79) from dehydrated-site-v6 into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/79
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 23:35:33 +00:00
4da338f0ad 🐛 Fix template in setup-http-dehydrated when IPv6 is missing 2022-09-06 21:02:48 +02:00
feaf052f65 🚚 Move entities validation service from pottwal to krypton
This is a service handling member data, so it moves to krypton.
2022-09-06 20:31:27 +02:00
2802784e7a Add HTTPS ingress to krypton 2022-09-06 20:14:04 +02:00
e22f0a4fb0 🐛 Fix that known_hosts are discarded on container update 2022-09-06 20:02:46 +02:00
tux
8617f84f9d Merge pull request ' Allow to mark HTTPS sites as "local"' (!76) from https-ingress-filter into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/76
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 17:40:28 +00:00
7ad2a5685a 🔧 Define local HTTPS sites 2022-09-06 19:39:51 +02:00
965538141d Allow to define a host for local access
If a host is defined as local, HTTPS traffic will not be forwared.
The LetsEncrypt proxy is still available.
2022-09-06 19:39:51 +02:00
6653129652 🔨 Refactor host statements to objects 2022-09-06 19:39:51 +02:00
tux
e2138d5c3b Merge pull request '🔧 Configure HTTPS ingress for pottwal' (!73) from pottwal-ingress into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/73
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 17:11:38 +00:00
tux
6ccca9b552 Merge pull request '🔧 Configure HTTPS ingress for radon' (!67) from radon-ingress into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/67
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 17:11:14 +00:00
020e5a4dd8 Add call to apache-letsencrypt role 2022-09-06 17:57:10 +02:00
8549d50d03 Add call to penguineer.dehydrated_cron role 2022-09-06 17:57:10 +02:00
664dc648c5 Add ingress for pwr-meter-pulse-gw-19i.svc.n39.eu 2022-09-06 17:57:10 +02:00
0efede818a Add ingress for rabbitmq.n39.eu 2022-09-06 17:57:10 +02:00
5be0c410b1 Add ingress for nodered.n39.eu 2022-09-06 17:57:10 +02:00
a651aa047f Add dehydrated role 2022-09-06 17:57:10 +02:00
60e58e6b6a Add apache role 2022-09-06 17:57:10 +02:00
cc43557511 🔧 Block external access to docker containers
This needs to go through ingress now!
2022-09-06 17:55:58 +02:00
76c5cdb3e1 Add roles for ingress and cert management 2022-09-06 17:55:58 +02:00
tux
0d3907d332 Merge pull request ' Add a role to allow letsencrypt access in Apache2' (!72) from apache-letsencrypt into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/72
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 15:54:30 +00:00
tux
b5b6594136 Merge pull request '🚑 Fix that power meter messages are not persistent' (!75) from power-meter-pulse-gateway-0.2.1 into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/75
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 15:54:16 +00:00
tux
bd9910a9fb Merge pull request '🔧 Setup Apache proxy pass for sites with invalid URIs' (!74) from apache-slash-decoding into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/74
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 15:54:04 +00:00
f3d115874a ⬆️ Bump power-meter-pulse-gateway to 0.2.1 2022-09-06 16:37:43 +02:00
f9197221c8 🔧 Setup Apache proxy pass for sites with invalid URIs
This is a setup according to https://www.rabbitmq.com/management.html#proxy
which solves a problem with RabbitMQ encoding vhost names in a non-standard
way.

As this setting does not hurt other sites, we can introduce it into the
general template.
2022-09-06 15:35:50 +02:00
1fe6526898 Add a role to allow letsencrypt access in Apache2 2022-09-06 14:31:52 +02:00
tux
17d7aa704a Merge pull request '⬆️ Bump clean_uri (uritools) to 0.4.1' (!71) from uritools-0.4.1 into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/71
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-05 21:13:24 +00:00
f16cfe0a55 ⬆️ Bump clean_uri (uritools) to 0.4.1
Security update of a dependency by GitHub Dependabot
2022-09-02 13:24:33 +02:00
tux
3240d34c0d Merge pull request 'Setup HTTPS Ingress on holmium' (!63) from https-ingress into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/63
Reviewed-by: dkdent <dkdent@netz39.de>
2022-08-30 12:24:33 +00:00
tux
b87f20f00d Merge pull request 'Add FFMD DNS container to provide secondary DNS server' (!69) from ffmd-dns2 into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/69
Reviewed-by: dkdent <dkdent@netz39.de>
2022-08-30 12:23:49 +00:00
tux
aae7372d60 Merge pull request '⬆️ Bump dokuwiki to 20220731' (!70) from dokuwiki-20220731 into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/70
Reviewed-by: dkdent <dkdent@netz39.de>
2022-08-30 12:20:48 +00:00
2ca1fcf3a0 ⬆️ Bump dokuwiki to 20220731
This is really the first stable release in two years.
2022-08-30 14:20:14 +02:00
addad5d6d3 Add FFMD DNS container to provide secondary DNS server 2022-08-28 13:17:04 +02:00
c455245c6f Add section in README to explain HTTPS ingress setup 2022-08-27 23:19:17 +02:00
734fbd1d75 Call nginx-https-ingress role for holmium 2022-08-27 20:32:56 +02:00
68619b80b5 Add role to setup nginx with HTTPS forward capabilities 2022-08-27 20:32:56 +02:00
tux
75a84d1d43 Merge pull request 'Remove OpenHab' (!68) from remove-openhab into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/68
Reviewed-by: dkdent <dkdent@netz39.de>
2022-08-27 18:31:46 +00:00
0da60fd545 Remove openhab 2022-08-27 18:27:35 +02:00
tux
ee9b4954d4 Merge pull request 'Pulse-Gateway für 19-Zoll-Raum Verbrauchsmessung' (!65) from pulse-gw-svc into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/65
Reviewed-by: dkdent <dkdent@netz39.de>
2022-08-27 16:19:11 +00:00
tux
230f4fee56 Merge pull request 'Add host holmium to Ansible management' (!66) from holmium into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/66
Reviewed-by: dkdent <dkdent@netz39.de>
2022-08-27 16:18:54 +00:00
dd32eb1643 Call holmium playbook from main 2022-08-27 14:12:11 +02:00
af92b3e299 Add holmium.n39.eu to inventory 2022-08-27 14:12:11 +02:00
d6eb46dd7a Add playbook for holmium 2022-08-27 14:12:11 +02:00
fde7af78cd Add power meter pulse gateway for 19i room to Radon setup 2022-08-27 13:30:30 +02:00
9a2b07bafc Add power meter credentials to Radon inventory 2022-08-27 13:30:17 +02:00
tux
dd55181917 Merge pull request ' Add RabbitMQ container on Radon' (!64) from rabbitmq into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/64
Reviewed-by: dkdent <dkdent@netz39.de>
2022-08-26 10:24:35 +00:00