f105584fba
Disable IPv6
2022-07-24 18:09:06 +02:00
f1e8d52719
Copy service scripts for the gatekeeper user
2022-07-24 18:09:06 +02:00
fbde9090a9
Set up gatekeeper user (pi)
...
This is the user that will manage door and shutters
2022-07-24 18:09:06 +02:00
2b800e247c
Set up sesam user for SSH entry
2022-07-24 18:09:06 +02:00
cf1fed21cb
platon: Set the MAC address that is registered in the router
2022-07-24 18:09:06 +02:00
dabf3f6b5f
platon: Setup package installation and install pip3
2022-07-24 18:09:06 +02:00
1e4cbb8f44
Remove user setting (pi) for platon
...
Default admin users are now installed (as Raspbian continues
to discurage the user pi anyways) and administrators can use
their own accounts for Ansible.
2022-07-24 18:09:06 +02:00
6ba2737522
Merge pull request 'Collected suggestions: Moving things around' ( !57 ) from alex/netz39-infra-ansible:moving-things into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/57
Reviewed-by: tux <tux@netz39.de>
2022-07-24 16:08:45 +00:00
6b4cf977b6
Add ansible.cfg with inventory path
...
Link: https://docs.ansible.com/ansible/latest/reference_appendices/config.html#default-host-list
References: !53
2022-07-24 16:49:35 +02:00
e29311c4ed
Move tasks for all hosts to separate file
...
When working on !54 it became obvious playbooks could be structured
better in this project. Therefor we move the tasks supposed to be run
for _all_ hosts to a separate file. The *main.yml* file should only
import other playbooks from now on, should not define tasks anymore.
2022-07-24 16:49:35 +02:00
9f3d91bd1c
readme: Remove host list
...
This list has proven to be hard to maintain (not because it is
especially difficult, but people simply tend to forget it). So we give
some hints instead now and avoid duplicate information.
Suggested-by: Stefan Haun <tux@netz39.de>
References: !55
2022-07-24 16:49:35 +02:00
1c194f9685
Merge pull request 'qemu-guest-agent für proxmox VMs' ( !54 ) from alex/netz39-infra-ansible:qemu-guest-agent into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/54
Reviewed-by: tux <tux@netz39.de>
2022-07-23 19:10:42 +00:00
0bebf35471
Move proxmox specific tasks to separate playbook
...
Suggested-by: Stefan Haun <tux@netz39.de>
2022-07-23 20:42:11 +02:00
2583158b52
Merge pull request 'readme: Add missing hosts' ( !55 ) from alex/netz39-infra-ansible:master into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/55
2022-07-23 09:03:19 +00:00
658c47c66b
readme: Add missing hosts
...
Found with this command:
ansible -i inventory.yml all --list-hosts
Fixes: 6028ad4e6c
("Merge pull request 'Add VM krypton' (!42 ) from krypton into master")
Fixes: 893d56c56a
("Merge pull request 'add host oganesson' (!52 ) from oganesson into master")
2022-07-23 10:58:23 +02:00
01c8d9d896
main: Install qemu-guest-agent on proxmox VMs
...
proxmox UI can show more VM specific information if qemu-guest-agent is
installed in guest VMs.
2022-07-23 10:39:27 +02:00
953f116b6f
inventory: Define a group with all VMs running on proxmox (beaker)
...
Want to install some package for those hosts only.
2022-07-23 10:39:27 +02:00
1ea9720c7f
Merge pull request 'inventory: Fix some linter warnings' ( !53 ) from alex/netz39-infra-ansible:inventory into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/53
Reviewed-by: dkdent <dkdent@netz39.de>
2022-07-23 08:38:07 +00:00
91e803f26d
inventory: Join SSH keys to one line
...
authorized keys content has all those three parts in one line and the
keys for tux and dkdent already have it that way, too.
2022-07-22 07:04:57 +02:00
b85c3aab47
inventory: Fix indentation
...
Whitespace only. yamllint complained:
9:5 error wrong indentation: expected 6 but found 4 (indentation)
13:7 error wrong indentation: expected 8 but found 6 (indentation)
48:7 error wrong indentation: expected 8 but found 6 (indentation)
49:81 error line too long (402 > 80 characters) (line-length)
56:7 error wrong indentation: expected 8 but found 6 (indentation)
57:81 error line too long (99 > 80 characters) (line-length)
2022-07-22 07:04:57 +02:00
8997eb710b
inventory: Add missing document start
...
yamllint warning:
1:1 warning missing document start "---" (document-start)
2022-07-22 07:04:57 +02:00
0f0731d800
inventory: Rename file to add file extension
...
This is a YAML file, make ansible-lint (and me) happy and add a proper
file extension. Also helps editors to pick correct syntax highlighting.
2022-07-22 07:04:37 +02:00
893d56c56a
Merge pull request 'add host oganesson' ( !52 ) from oganesson into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/52
Reviewed-by: Alexander Dahl <alex@netz39.de>
2022-07-22 04:48:31 +00:00
cb85728e26
Add oganesson.n39.eu to inventory
2022-07-20 21:32:26 +02:00
1bd60c190f
Add oganesson to main.yml
2022-07-20 21:29:13 +02:00
7367bce954
Add playbook for host oganesson
...
SSH Jump Host
2022-07-20 21:29:05 +02:00
631f6b0fa7
Merge pull request 'Set docker apt repo matching the Debian release' ( !51 ) from docker_setup-release into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/51
Reviewed-by: Alexander Dahl <alex@netz39.de>
Fixes : #721
2022-07-17 13:45:21 +00:00
b75205f96c
Use template to replace Docker apt list entry
2022-07-16 17:03:43 +02:00
af6092576c
Add a template for the docker apt list
...
This template is necessary because the apt_repository role cannot
determine if an entry should be replaced.
2022-07-16 17:03:43 +02:00
acf739831c
Merge pull request 'Bump clean_uri to 0.4.0' ( !50 ) from clean_uri-0.4.0 into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/50
Reviewed-by: Alexander Dahl <alex@netz39.de>
2022-07-15 10:22:42 +00:00
13ffacdea2
Bump clean_uri to 0.4.0
...
This fixes the problem that the Reichelt Canonizer did not regognize
its own URIs.
2022-07-13 21:54:58 +02:00
b24adcc523
Merge pull request 'Set version 0.3.1 for mrtux/clean_uri' ( !49 ) from clean_uri-0.3.1 into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/49
Reviewed-by: dkdent <dkdent@netz39.de>
2022-07-12 11:08:07 +00:00
529efb16a5
Set version 0.3.1 for mrtux/clean_uri
2022-07-10 22:46:22 +02:00
a943116c99
pottwal: Remove trailing whitespace
...
yamllint and ansible-lint were not happy.
Fixes: f62af6b4e7
("add hedgedoc config")
2022-07-08 07:20:57 +02:00
6ac66b6894
Merge pull request 'Move LDAP from pottwal to krypton' ( !47 ) from ldap-krypton into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/47
2022-07-07 09:49:20 +00:00
7f5c9ab44a
Merge pull request 'Do not emit a change when the apt cache is updated' ( !48 ) from apt-update-without-change into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/48
2022-07-06 14:06:55 +00:00
2b7a62d8a8
Do not emit a change when the apt cache is updated
2022-07-05 21:18:59 +02:00
d0274d7417
Fix container setup
...
Leave the sync handling for now.
2022-07-05 21:15:32 +02:00
ab0356798e
Activate cert handling
...
Certs will be copied to krypton by deydrated on kant
2022-07-05 20:49:34 +02:00
142fd23720
Move LDAP from pottwal to krypton
2022-07-05 20:37:07 +02:00
5fe1256a5e
Inventory: move ldap password to krypton config
2022-07-05 20:34:45 +02:00
9ed6210c40
Merge pull request 'Improve Apache2 setup for ingress proxy' ( !46 ) from improve-proxy-setup into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/46
2022-07-05 17:06:28 +00:00
c36e34966d
Merge pull request 'ldap' ( !7 ) from dkdent/netz39-infra-ansible:ldap into master
...
Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/7
2022-07-05 16:45:32 +00:00
2f78ff74f6
pottwal: ldap dehydrated Config auskommentiert
2022-07-05 17:00:09 +02:00
9bd5d8e71e
Make cert availability check more robust
2022-07-04 23:26:49 +02:00
48a4119420
Add rewrite rules for websockets
2022-07-04 23:26:49 +02:00
45206f4413
Add proxy headers
2022-07-04 23:26:49 +02:00
21b6fe0335
Enable proxy modules in Apache2
2022-07-04 23:26:49 +02:00
a070cd48b8
pottwal - add ldap docker similar to pingtech setup
2022-07-04 22:42:07 +02:00
d30eb2df9c
Add openldap container on pottwal
2022-07-04 18:43:32 +02:00