bd89c96fbb
🐳 pottwal: Add prosody docker container
...
The service should be moved away from helium.n39.eu into a container.
2022-10-06 20:46:24 +02:00
081ee4dc61
Merge pull request ' ⬆️ fix dependency for unattended-upgrades' ( !84 ) from dkdent/netz39-infra-ansible:fix-unattended-upgrade into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/84
Reviewed-by: tux <tux@netz39.de>
2022-10-05 18:36:39 +00:00
c3934319fc
Merge pull request 'Fix http(s) ingress for Jabber/XMPP server' ( !86 ) from alex/netz39-infra-ansible:holmium into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/86
Reviewed-by: tux <tux@netz39.de>
2022-10-05 18:00:21 +00:00
c0f7994ce4
🔧 holmium: Fix host for jabber server
...
jabber.n39.eu including dehydrated runs on helium, always has.
Fixes: 734fbd1d75
("Call nginx-https-ingress role for holmium")
2022-10-04 08:12:37 +02:00
2c32d746f6
🚨 holmium: Fix indentation
...
yamllint complained:
9:3 error wrong indentation: expected 4 but found 2 (indentation)
12:7 error wrong indentation: expected 8 but found 6 (indentation)
14:9 error wrong indentation: expected 10 but found 8 (indentation)
19:9 error wrong indentation: expected 10 but found 8 (indentation)
23:9 error wrong indentation: expected 10 but found 8 (indentation)
32:9 error wrong indentation: expected 10 but found 8 (indentation)
2022-10-04 08:08:11 +02:00
2efd892bc1
✏️ adress issues from PR discussion
...
- fix typo in role name
- make origin patterns for unattended upgrades less release specific
2022-09-30 22:24:41 +02:00
fa7f16f814
⬆️ fix dependency for unattended-upgrades
...
- resolves https://redmine.n39.eu/issues/722
- role https://github.com/jnv/ansible-role-unattended-upgrades is deprecated
- replacement is https://github.com/hifis-net/ansible-role-unattended-upgrades
2022-09-30 22:24:41 +02:00
0f11db3f64
Merge pull request 'Add missing restart-policy entries for Radon docker containers' ( !85 ) from docker-restart-policy into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/85
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-30 20:22:36 +00:00
6a03e55c16
Add missing restart-policy entries for Radon docker containers
2022-09-30 21:52:25 +02:00
1b952f5386
Merge pull request 'Update to new CleanURI (uritools) version' ( !83 ) from cleanuri into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/83
Reviewed-by: Alexander Dahl <alex@netz39.de>
2022-09-15 20:20:29 +00:00
d874aab674
✨ Add uritools-api to dehydrated
2022-09-15 18:09:16 +02:00
69cce57024
✨ Switch to new CleanURI (uritools) implementation
2022-09-15 18:09:16 +02:00
f4544b2555
✨ Add external CleanURI setup to inventory
2022-09-15 18:09:16 +02:00
3d654427ac
✨ Add host cleanuri-api to HTTPS forwarding
2022-09-15 18:09:16 +02:00
24929a36bc
✨ Add a role to set up cleanuri (uritools)
2022-09-15 18:09:16 +02:00
7b0506c235
Merge pull request ' 🐛 Fix proxy site template' ( !82 ) from fix-apache-template into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/82
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-14 21:29:40 +00:00
b9488e19db
🐛 Fix proxy site template
...
These are errors from a bodged PR (my bad) that has been merged too early.
2022-09-14 23:25:41 +02:00
6452e4a277
Merge pull request ' ⬆️ Bump power-meter-pulse-gateway to 0.3.0' ( !81 ) from power-meter-pulse-gateway-0.3.0 into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/81
Reviewed-by: dkdent <dkdent@netz39.de>
Reviewed-by: Alexander Dahl <alex@netz39.de>
2022-09-09 16:15:47 +00:00
8b885729c9
⬆️ Bump power-meter-pulse-gateway to 0.3.0
...
https://github.com/netz39/power-meter-pulse-gateway/releases/tag/v0.3.0
2022-09-09 15:00:23 +02:00
b76ffa2e3e
Merge pull request ' 🎨 Improve configuration for setup-http-site-proxy and merge http-setup-dehydrated' ( !80 ) from condense-roles into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/80
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-08 17:18:34 +00:00
182feeca58
🔥 Remove role setup-http-dehydrated
...
This feature is now provided by setup-http-site-proxy
2022-09-08 15:45:39 +02:00
e3020b6d71
✨ Enable setup-http-site-proxy with missing proxy target
...
If no proxy port is defined, only the dehydrated HTTP endpoint is created
and the HTTPS endpoint returns 404.
2022-09-08 15:43:54 +02:00
c4af7754b2
✨ Use variables to configure dehydrated locations
...
These variables match https://github.com/24367dfa/ansible-role-dehydrated
2022-09-08 15:41:36 +02:00
ac46e1dd7c
Merge pull request ' 🐛 Fix that known_hosts are discarded on container update' ( !77 ) from nodered-known_hosts into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/77
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 23:36:23 +00:00
a5f9d11f8a
Merge pull request ' 🚚 Move entities-validation service to krypton' ( !78 ) from entities-validation into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/78
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 23:35:47 +00:00
a805886cda
Merge pull request ' 🐛 Fix template in setup-http-dehydrated when IPv6 is missing' ( !79 ) from dehydrated-site-v6 into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/79
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 23:35:33 +00:00
4da338f0ad
🐛 Fix template in setup-http-dehydrated when IPv6 is missing
2022-09-06 21:02:48 +02:00
feaf052f65
🚚 Move entities validation service from pottwal to krypton
...
This is a service handling member data, so it moves to krypton.
2022-09-06 20:31:27 +02:00
2802784e7a
✨ Add HTTPS ingress to krypton
2022-09-06 20:14:04 +02:00
e22f0a4fb0
🐛 Fix that known_hosts are discarded on container update
2022-09-06 20:02:46 +02:00
8617f84f9d
Merge pull request ' ✨ Allow to mark HTTPS sites as "local"' ( !76 ) from https-ingress-filter into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/76
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 17:40:28 +00:00
7ad2a5685a
🔧 Define local HTTPS sites
2022-09-06 19:39:51 +02:00
965538141d
✨ Allow to define a host for local access
...
If a host is defined as local, HTTPS traffic will not be forwared.
The LetsEncrypt proxy is still available.
2022-09-06 19:39:51 +02:00
6653129652
🔨 Refactor host statements to objects
2022-09-06 19:39:51 +02:00
e2138d5c3b
Merge pull request ' 🔧 Configure HTTPS ingress for pottwal' ( !73 ) from pottwal-ingress into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/73
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 17:11:38 +00:00
6ccca9b552
Merge pull request ' 🔧 Configure HTTPS ingress for radon' ( !67 ) from radon-ingress into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/67
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 17:11:14 +00:00
020e5a4dd8
Add call to apache-letsencrypt role
2022-09-06 17:57:10 +02:00
8549d50d03
Add call to penguineer.dehydrated_cron role
2022-09-06 17:57:10 +02:00
664dc648c5
Add ingress for pwr-meter-pulse-gw-19i.svc.n39.eu
2022-09-06 17:57:10 +02:00
0efede818a
Add ingress for rabbitmq.n39.eu
2022-09-06 17:57:10 +02:00
5be0c410b1
Add ingress for nodered.n39.eu
2022-09-06 17:57:10 +02:00
a651aa047f
Add dehydrated role
2022-09-06 17:57:10 +02:00
60e58e6b6a
Add apache role
2022-09-06 17:57:10 +02:00
cc43557511
🔧 Block external access to docker containers
...
This needs to go through ingress now!
2022-09-06 17:55:58 +02:00
76c5cdb3e1
✨ Add roles for ingress and cert management
2022-09-06 17:55:58 +02:00
0d3907d332
Merge pull request ' ✨ Add a role to allow letsencrypt access in Apache2' ( !72 ) from apache-letsencrypt into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/72
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 15:54:30 +00:00
b5b6594136
Merge pull request ' 🚑 Fix that power meter messages are not persistent' ( !75 ) from power-meter-pulse-gateway-0.2.1 into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/75
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 15:54:16 +00:00
bd9910a9fb
Merge pull request ' 🔧 Setup Apache proxy pass for sites with invalid URIs' ( !74 ) from apache-slash-decoding into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/74
Reviewed-by: dkdent <dkdent@netz39.de>
2022-09-06 15:54:04 +00:00
f3d115874a
⬆️ Bump power-meter-pulse-gateway to 0.2.1
2022-09-06 16:37:43 +02:00
f9197221c8
🔧 Setup Apache proxy pass for sites with invalid URIs
...
This is a setup according to https://www.rabbitmq.com/management.html#proxy
which solves a problem with RabbitMQ encoding vhost names in a non-standard
way.
As this setting does not hurt other sites, we can introduce it into the
general template.
2022-09-06 15:35:50 +02:00