Commit graph

591 commits

Author SHA1 Message Date
8855f7cc10 🚑 Pin Dokuwiki container to specific digest
There seem to be compatibility issues with container updates within the
same tag. These updates happen every time we run Ansible and are usually
desired, as they can fix security issues (esp. in the base image).

However, if the update cannot be trusted to run without manual intervention,
we have to pin the version and check for updates manually.
2022-11-18 17:12:13 +01:00
ed7106dfcc Merge pull request '⬆️ Update FFMD-DNS to 2022111601' (!120) from update-dns-2022111601 into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/120
Reviewed-by: Alexander Dahl <alex@netz39.de>
Reviewed-by: dkdent <dkdent@netz39.de>
2022-11-18 16:04:55 +01:00
a677be3607 ⬆️ Update FFMD-DNS to 2022111601 2022-11-18 12:25:10 +01:00
871038d84c Merge pull request 'yamllint: Fix some warnings' (!118) from alex/netz39-infra-ansible:yamllint into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/118
Reviewed-by: Stefan Haun <tux@netz39.de>
2022-11-18 10:38:07 +01:00
97c5a75b6d 🚨 Fix "missing document start" warnings
yamllint warned:

host_vars/hobbes.n39.eu/vars.yml
  1:1       warning  missing document start "---"  (document-start)

host_vars/krypton.n39.eu/vars.yml
  1:1       warning  missing document start "---"  (document-start)

host_vars/localhost/vars.yml
  1:1       warning  missing document start "---"  (document-start)

host_vars/platon.n39.eu/vars.yml
  1:1       warning  missing document start "---"  (document-start)

host_vars/pottwal.n39.eu/vars.yml
  1:1       warning  missing document start "---"  (document-start)

host_vars/radon.n39.eu/vars.yml
  1:1       warning  missing document start "---"  (document-start)

host_vars/tau.netz39.de/vars.yml
  1:1       warning  missing document start "---"  (document-start)

host_vars/unicorn.n39.eu/vars.yml
  1:1       warning  missing document start "---"  (document-start)
2022-11-18 09:02:35 +01:00
ec55d5970b 🚨 yamllint: Ignore line-length warnings
We have quite some long lines where it makes no sense to split them.
Those warnings distract more than they help.
2022-11-18 08:58:19 +01:00
d37b6cea82 🚨 Fix "trailing spaces" warnings
yamllint complained:

host-pottwal.yml
  415:1     error    trailing spaces  (trailing-spaces)
2022-11-18 08:50:54 +01:00
54426e75aa 🚨 Fix new-line-at-end-of-file warnings
yamllint warned:

setup-ssh.yml
  24:29     error    no new line character at the end of file  (new-line-at-end-of-file)

host_vars/pottwal.n39.eu/vars.yml
  41:61     error    no new line character at the end of file  (new-line-at-end-of-file)

host_vars/unicorn.n39.eu/vars.yml
  1:40      error    no new line character at the end of file  (new-line-at-end-of-file)
2022-11-18 08:50:33 +01:00
69d98b461d 🚨 Fix "wrong indentation" warnings
yamllint warned:

host-krypton.yml
  32:9      error    wrong indentation: expected 10 but found 8 (indentation)
2022-11-18 08:44:54 +01:00
4a263e3a0d 🚨 Fix "too many blank lines" warnings
yamllint warned:

host-pottwal.yml
  98:1      error    too many blank lines (3 > 2)  (empty-lines)

host-tau.yml
  173:1     error    too many blank lines (1 > 0)  (empty-lines)
2022-11-18 08:44:43 +01:00
9e6f3a2456 Merge pull request 'Improve configuration for unattended-upgrades' (!116) from unattended-upgrades-config into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/116
Reviewed-by: dkdent <dkdent@netz39.de>
Reviewed-by: Alexander Dahl <alex@netz39.de>
2022-11-17 15:01:26 +01:00
a33b2bed72 Merge pull request 'Mount configuration for InfluxDB from data directory' (!117) from cfg-influxdb into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/117
Reviewed-by: dkdent <dkdent@netz39.de>
2022-11-17 00:16:24 +01:00
039e64040c 🔧 Mount configuration for influxdb from data dir 2022-11-17 00:14:30 +01:00
02ef0e3409 🔧 Write unattended-upgrade actions to syslog 2022-11-16 21:28:39 +01:00
9f1940fa8f 🔧 Send unattended-upgrades mail only on error
Otherwise an email will be sent on every upgrade
2022-11-16 21:28:39 +01:00
ebd8d13b25 🔧 Install mailx 2022-11-16 21:28:39 +01:00
efd8326523 🔧 Improve unattended-upgrades setup
According to https://github.com/hifis-net/ansible-role-unattended-upgrades#origins-patterns
2022-11-16 21:28:39 +01:00
5b327382fc 🔧 Move influx data to subdirectory 2022-11-16 19:21:58 +01:00
3f5d63348d Merge pull request '🎨 Add some common software packages to all hosts' (!115) from main-software into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/115
Reviewed-by: dkdent <dkdent@netz39.de>
2022-11-15 16:27:37 +01:00
1c62788d7f 🎨 Call users role from roles section
There is no need (special arguments, ordering) to call the role
from a task.
2022-11-14 16:09:57 +01:00
1b762c190d Install some common packages on all hosts
These packages are helpful for administrative tasks
2022-11-14 16:08:37 +01:00
83829341c9 Merge pull request ' Add host hobbes.n39.eu' (!113) from host-hobbes into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/113
Reviewed-by: dkdent <dkdent@netz39.de>
2022-11-13 17:27:44 +01:00
64bf735c21 Setup grafana kiosk on hobbes.n39.eu 2022-11-13 17:13:34 +01:00
3ddc2e80f0 🔧 Link hobbes playbook in main.yml 2022-11-12 17:02:42 +01:00
4b28eb5fbe 🔧 Add hobbes.n39.eu to inventory 2022-11-12 17:02:42 +01:00
dd2b1f79b7 Merge pull request '🔧 Add volume for grafana configuration' (!114) from grafana-cfg into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/114
Reviewed-by: dkdent <dkdent@netz39.de>
2022-11-12 17:02:08 +01:00
612d666b2e 🔧 Add volume for grafana configuration
We need to make custom configurations for grafana.
2022-11-12 16:24:05 +01:00
0ebeff9225 Merge pull request 'feat: add playbook for grafana configuration' (!110) from feat/configure-grafana into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/110
Reviewed-by: Stefan Haun <tux@netz39.de>
2022-11-12 15:48:50 +01:00
d89b5eea04 Merge pull request 'apache-ProxyPreserveHost' (!111) from apache-ProxyPreserveHost into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/111
Reviewed-by: dkdent <dkdent@netz39.de>
2022-11-12 15:48:23 +01:00
029838344c Merge pull request 'docs: add command to verify changes' (!112) from add-verification-docs into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/112
2022-11-12 15:43:51 +01:00
865901f86d docs: add command to verify changes 2022-11-12 15:41:30 +01:00
cc0dcb3188 update requirements.yml to correctly install collection 2022-11-12 15:31:51 +01:00
4e4cd46102 feat: add playbook for grafana configuration 2022-11-12 15:31:51 +01:00
538dd6c470 🐛 Set ProxyPreserveHost On for grafana
https://community.grafana.com/t/origin-not-allowed-messages-after-upgrade-to-8-3-6/60550
2022-11-12 13:32:25 +01:00
ad9dfbffd8 Add option to set ProxyPreserveHost
https://httpd.apache.org/docs/current/en/mod/mod_proxy.html#proxypreservehost
2022-11-12 13:32:25 +01:00
ce770f9467 Merge pull request 'feat: add admins to proxmox user permissions file' (!109) from feat/beaker-add-proxmox-permissions into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/109
Reviewed-by: Stefan Haun <tux@netz39.de>
Reviewed-by: Alexander Dahl <alex@netz39.de>
2022-11-12 13:30:43 +01:00
e6feb12366 Merge pull request 'feat: add grafana container to pottwal' (!108) from add-grafana into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/108
2022-11-11 22:14:14 +01:00
3f76e19c4d fixup! feat: add grafana container to pottwal 2022-11-11 20:25:22 +01:00
8194f488ad feat: add admins to proxmox user permissions file 2022-11-11 14:56:02 +01:00
cbf8cce0d3 add https ingress for grafana 2022-11-11 14:52:37 +01:00
85c0c6af4e feat: add grafana container to pottwal 2022-11-10 23:47:29 +01:00
15abcbb676 Merge pull request 'Add timezone info to docker containers' (!107) from tz into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/107
Reviewed-by: dkdent <dkdent@netz39.de>
Reviewed-by: Alexander Dahl <alex@netz39.de>
2022-11-10 21:53:07 +01:00
0b83ee25cd 🔧 Add timezone info to cleanuri containers 2022-11-10 17:54:45 +01:00
83d1a64689 🔧 Change env to yaml dict for jabber-static-website 2022-11-10 13:05:18 +01:00
5adb80503d 🔧 Change env to yaml dict for gitea 2022-11-10 13:05:18 +01:00
6796e2f273 🔧 Add timezone information to docker containers
Docker does not take the tzdata from host systems, so the
timezone needs to be set individually.

Otherwise dates without explicit timezone information or Z will
be generated or interpreted in the wrong timezone
(such as dokuwiki signatures)
2022-11-10 13:05:18 +01:00
b200819f26 🔨 Rename ag_timezone → timezone
Move from role-dependent to generic name for this variable
2022-11-07 16:35:41 +01:00
e93b899173 Merge pull request 'Unify docker data directories' (!106) from tau-data-dir into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/106
Reviewed-by: Alexander Dahl <alex@netz39.de>
2022-11-07 15:33:44 +00:00
4c80352145 Change tau docker data directory to match other hosts 2022-11-07 15:16:43 +01:00
b185f563e3 Merge pull request 'feat: 🎉add host beaker' (!105) from add-beaker-playbook into master
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/105
Reviewed-by: Stefan Haun <tux@netz39.de>
2022-11-07 13:47:40 +00:00