crans
/
ansible
mirror of http://gitlab.adm.crans.org/nounous/ansible.git
19
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,747 Commits
12 Branches
0 Tags
7.9 MiB
Commit Graph

322 Commits (4a633de4526f968e4dfd2018918ff91bfbbff6bc)

Author SHA1 Message Date
_benjamin bd041c8dc7 [home] Use new home script 2021-04-29 14:38:56 +02:00
Yohann D'ANELLO 1785d7f095 [mailman] Setup DKIM configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO c3cd94f6e6 [opendkim] Pepcransification 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO 90a6c623ed [mailman3] Use nginx role 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO b74d5e0bf1 [mailman3] Drop mailman2 configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO 23a02adf11 [mailman3] Pepcransification 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO 4b76b1a7bf [mailman] Use pepcransification of certbot 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO ad4f625992 [mailman] Setup database host 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO 84b8f88278 [logos] Add logos for Belenios and Jitsi 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-24 15:26:28 +00:00
Yohann D'ANELLO b847a41846 [logos] Use custom role to deploy logos 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-24 15:26:28 +00:00
Yohann D'ANELLO 2e1e8d14e5 [logos] Store all Crans logos in a single directory 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-24 15:26:28 +00:00
Yohann D'ANELLO 3d44998c5a [etherpad] PEPCRANSIFICATION 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-23 10:19:24 +00:00
Yohann D'ANELLO 2321121ec0 [etherpad] Use a group for etherpad 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-23 10:19:24 +00:00
Yohann D'ANELLO 3deae233b1
[Jitsi] Add Jitsi role 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-04 16:12:43 +01:00
Yohann D'ANELLO d9486290c2
[jitsi] Prepare Jitsi role 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-04 11:45:59 +01:00
_benjamin 6957939ffc [anope] Deploy Anope on irc 2021-03-02 11:44:08 +00:00
Yohann D'ANELLO 15fc32ee53 [root] vm-setup -> vm_setup.yml 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-01 16:20:04 +00:00
_shirenn f5e7405188 [root] split root play and deploy root password 2021-03-01 16:20:04 +00:00
Yohann D'ANELLO 514fd78eed [root] borgbackups -> borgbackup 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-01 16:20:04 +00:00
Yohann D'ANELLO 5a9cdf955e [root] network_interfaces -> network-interfaces 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-01 16:20:04 +00:00
Yohann D'ANELLO 80b62b5d25 [root] Include nullmailer playbook 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-01 16:20:04 +00:00
Yohann D'ANELLO 9936bfd95b [root] Include ssh_known_hosts role in root playbook 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-01 16:20:04 +00:00
ynerant 99ed3ad57a [root] Don't deploy crans_scripts in the root playbook 
Signed-off-by: ynerant <ynerant@crans.org>
 2021-03-01 16:20:04 +00:00
_benjamin 6026f8d84e [inspircd] Deploy InspIRCd on irc 2021-02-28 09:10:21 +01:00
Yohann D'ANELLO 23371f7cb1
[gitlab] Rename git to gitlab 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 23:30:29 +01:00
Yohann D'ANELLO 98eaeaa53b
[gitlab] Install irker from Debian Sid to add IRC webhooks 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 23:29:58 +01:00
Yohann D'ANELLO 85afe1fd32
[gitlab] Fix reverse proxy configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 23:29:58 +01:00
_shirenn b152c48ed3
[gitlab] smtp server and https push 2021-02-22 23:29:56 +01:00
ynerant 63d4164ba0
Cransible Gitlab configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 23:29:55 +01:00
Yohann D'ANELLO 6b8fb0916f [nginx/moinmoin] Extract nginx configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO d6f15d4210 [nginx/cas] Factorize nginx configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 8d8c212f49 [nginx/roundcube] Factorize configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 4c115a8b34 [thelounge] Don't load ldap configuration if it is disabled 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO e4bdec1dd8 [nginx] Add Nginx playbook 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 2c9b89a74d [thelounge] Rename irc to thelounge 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 1575b3eea5 [nginx] Add nginx playbook 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO de58138a22 [nginx] Multiple certficates are compatible with reverse-proxy 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 72238d79ed [nginx] Add feature to manage multiple certificates, for example for crans.org and for adm.crans.org 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 3f4a66eb7c [thelounge] Copy ldap configuration for zamok 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO f039121e21 [thelounge] Download the Debian package and install it, and deploy 
configuration

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 70a78d06d1 [irc] Configure nginx for the lounge 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 9f21a7ad79 [nginx] Drop nginx-pubftp role 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
ynerant a9897ec3c0 [nginx] Load global and local nginx configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO ec262bd5c1 [nginx] Drop role nginx-mailman 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 84fb96eab6 Create generic Nginx template 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO f09ec69ef1 Remove unused role nginx-rtmp 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 454ca95edf Rename nginx-reverseproxy to nginx 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 408c857f81
[zamok_apache] Pepcransification 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 14:07:35 +01:00
ynerant 359b6a4553
[belenios] Deploy belenios 
Signed-off-by: ynerant <ynerant@crans.org>
 2021-02-22 12:31:30 +01:00
_shirenn 6e6dd56e4d [borg] lets filter-out shit and backup cameron 2021-02-22 12:13:23 +01:00
_shirenn 59bc91dc9d [vault] Changing cranspasswords to pass crans 2021-02-22 12:01:03 +01:00
_shirenn 262696970f [network-interfaces] PEPCRANSED 2021-02-22 11:51:44 +01:00
_shirenn a82d770043 [slapd] Filter ipv4s responsibly 2021-02-22 09:45:13 +01:00
_shirenn 02df5674b1 [slapd] soyouz, query and regex 2021-02-22 01:30:02 +01:00
ynerant 009e7b42cb
[certbot] Generate multiple certificates (useful for adm) 
Signed-off-by: ynerant <ynerant@crans.org>
 2021-02-16 15:35:07 +01:00
_shirenn d03eed8abe [re2o-services] PEPCRANSIFIED 2021-02-11 09:57:10 +01:00
_shirenn f5cf25c9b7 [dhcp] dont clone git from /tmp 2021-02-11 09:57:10 +01:00
_shirenn 52d0d6ebce [home-nounous] Exclude tealc.adm.crans.org and zamok.adm.crans.org 2021-02-10 16:33:21 +01:00
_shirenn acd8e3da2a [nullmailer] PEPCRANSED BRO 2021-02-10 11:30:07 +01:00
_shirenn 7cd62269a3 pepcrans :) 2021-02-08 15:02:14 +01:00
_benjamin bc486b5570 Merge branch 'linx' into 'newinfra' 
[linx] Add linx server, role and playbook

See merge request nounous/ansible!206
 2021-02-08 13:37:42 +00:00
_benjamin 1d5310127e [linx] Add linx server, role and playbook 2021-02-08 14:37:05 +01:00
pa d7660e8333 [cas] CRANSIBLEISED bro 2021-02-07 18:16:43 +01:00
_shirenn 7702e3ff3a [slapd] Petit ménage 2021-01-17 22:22:40 +01:00
_shirenn 29222acf56 [crans_scripts] PEPCRANSIFICATION 2021-01-17 21:39:18 +01:00
_shirenn 1eba54f3ec [ntp-client] On continue à PEPCRANSIFIER 2021-01-17 20:59:45 +01:00
Alexandre Iooss 82732396af
Sync all.yml with plays 2021-01-16 19:13:40 +01:00
Alexandre Iooss f3c38819ef
Prometheus on bullseye 2021-01-13 16:37:48 +01:00
_benjamin 42e0294db4 Configure interfaces only on VMs that aren't routers 2021-01-10 22:24:35 +01:00
_pollion 854f483af7 Enable configuring network interfaces 2021-01-10 21:34:47 +01:00
_pollion 32e0c220f0 configure re2o-ldap and re2o-dev 2021-01-10 14:15:41 +01:00
_benjamin 3b81f9d758 [re2o-front] Install re2o frontend dependancies 2021-01-10 14:02:40 +01:00
_benjamin 30ecc05a52 [bird] Use bird instead of quagga 2021-01-08 14:48:55 +01:00
Alexandre Iooss c6e11e398f
mtail for tealc from the future 2021-01-06 21:26:06 +01:00
Alexandre Iooss b71f4d3635
Monitor all websites 2021-01-06 13:43:20 +01:00
Yohann D'ANELLO b9f0bbb460
[redisdead] Replace very old crans logo and remove all crans-specific options in the config template 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-01-05 22:29:49 +01:00
Yohann D'ANELLO 4507d367bd
[grafana] Move crans icon file 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-01-05 22:09:50 +01:00
erdnaxe 91b8f5e6d6 Merge branch 'grafana_newinfra' into 'newinfra' 
Grafana newinfra

See merge request nounous/ansible!176
 2021-01-05 19:26:57 +01:00
Alexandre Iooss 648a35a36b
Change Grafana LDAP configuration 2021-01-05 19:09:15 +01:00
_benjamin d81d9768dc Merge branch 'arp-proxy' into 'newinfra' 
[arp-proxy] delete arp proxy

See merge request nounous/ansible!175
 2021-01-05 17:35:44 +01:00
_benjamin c9accd6be4 [arp-proxy] delete arp proxy 2021-01-05 17:33:26 +01:00
Alexandre Iooss acfedec590
Add bornes 2021-01-05 16:08:24 +01:00
_benjamin c8ed25a704 [rsyslog-server] tealc is the rsyslog server 2021-01-03 10:46:23 +01:00
_benjamin 79215d2201 [re2o] fix re2o role 2021-01-02 15:55:19 +01:00
_benjamin 4a20b96da3 [logall] Deploy rsyslogd config, logrotate and mount logs 2021-01-02 11:03:34 +01:00
erdnaxe 834f8e34bd Merge branch 'cas' into 'newinfra' 
Migrate CAS to new infra

See merge request nounous/ansible!156
 2021-01-02 09:35:42 +01:00
Alexandre Iooss 585d947b6f
Migrate CAS to new infra 2021-01-02 09:34:22 +01:00
_pollion e2fca88f19 Typo 2021-01-01 23:28:26 +01:00
_pollion 816a63ad0b Clean up zamok tools 2021-01-01 22:33:30 +01:00
_pollion 73440ec9af Split backup playbook into client and server 2021-01-01 19:23:19 +01:00
pa 2bcf91b975 Ssh known hosts 2021-01-01 17:53:35 +01:00
Alexandre Iooss 628485a24c
Configure zephir network 2020-12-31 13:00:06 +01:00
_pollion a16007c388 Configure borgbackup and monitoring on first Ansible run 2020-12-30 13:34:57 +01:00
_pollion 0b70cca323 More clean-up 2020-12-29 20:44:57 +01:00
_pollion 8952eb42c7 [root.yml] cloud-init only relevant for VMs 2020-12-29 18:51:29 +01:00
_pollion 5fe9f1460f clean up nullmailer 2020-12-29 18:46:40 +01:00
_pollion f250cf1719 Refactor hosts inventory 2020-12-29 18:33:39 +01:00
_pollion ca0cb52cc1 Merge branch 'owncloud' into 'newinfra' 
Owncloud is on !

See merge request nounous/ansible!139
 2020-12-29 02:21:06 +01:00
_pollion 9dc5f3fefb Owncloud is on ! 2020-12-29 02:05:18 +01:00
Alexandre Iooss 31e52892fc
Add owl 2020-12-28 18:31:50 +01:00
_pollion 559935d983 Merge branch 'owl' into 'newinfra' 
Owl

See merge request nounous/ansible!127
 2020-12-28 17:22:46 +01:00
Alexandre Iooss aa8aca6a26
Init statping role 2020-12-28 13:53:19 +01:00
erdnaxe b437cac248 Merge branch 'nginx_prometheus' into 'newinfra' 
Monitor NGINX with Prometheus

See merge request nounous/ansible!129
 2020-12-28 12:01:39 +01:00
Alexandre Iooss 946250e322
Monitor NGINX with Prometheus 2020-12-28 12:01:19 +01:00
Alexandre Iooss ee0295c18e
Fruitensmix happend 2020-12-28 11:30:44 +01:00
Michaël Paulon 9983c85a91 run boy run ! 2020-12-27 13:30:37 -05:00
Michaël Paulon 4251074bc0 dovecot is now in ansible 2020-12-27 13:04:57 -05:00
_benjamin c48b1d565c [home] add playbook to deploy home creation script 2020-12-27 10:24:41 +01:00
erdnaxe d17968e246 Merge branch 'codimd' into 'newinfra' 
Add support for bullseye and add codichotomie

See merge request nounous/ansible!122
 2020-12-23 12:18:47 +01:00
_shirenn 24a9b5c768 [postfix] it is time to play 2020-12-21 22:59:55 +01:00
Alexandre Iooss b202dcffd1 Add support for bullseye and add codichotomie 2020-12-18 17:26:26 +01:00
_pollion d2a6501b9e Merge branch 'newinfra' into 'borgbackup' 
# Conflicts:
#   group_vars/crans_server/vars.yml
#   plays/backup.yml
 2020-12-06 02:25:53 +01:00
_pollion a871e1e480 [Borg] Server config 2020-12-06 01:44:39 +01:00
_pollion acafd5b7c8 [Borgbackup] Pull borg from bullseye and deploy configuration. 2020-12-02 19:42:21 +01:00
Alexandre Iooss 8a2ee0d6a8
Configure bigbluebutton vm network 2020-12-01 11:21:49 +01:00
Alexandre Iooss 460e2995bf Small fix on ntp 2020-11-29 17:49:02 +01:00
Alexandre Iooss 6bb927ffca
all.yml is back 2020-11-29 17:24:50 +01:00
Alexandre Iooss 2cff6b4cfe NTP client with timesyncd 2020-11-29 16:52:17 +01:00
_benjamin 3edf1238f2 Merge branch 'newinfra' into 'roundcube' 
# Conflicts:
#   group_vars/reverseproxy.yml
#   hosts
#   plays/network-interfaces.yml
 2020-11-29 11:30:00 +01:00
_pollion bc80702bea Horde, welcome to new infra 2020-11-29 00:25:13 +01:00
_benjamin da68de7d83 [hosts] roundcube 2020-11-28 17:48:41 +01:00
Alexandre Iooss 09a26d0198
New monitoring 2020-11-28 17:30:36 +01:00
Alexandre Iooss 1920740649
Configure network if for monitoring 2020-11-28 17:11:09 +01:00
erdnaxe cc7c2f6af3 Merge branch 'rm_cloudinit' into 'newinfra' 
Remove cloudinit package

See merge request nounous/ansible!103
 2020-11-28 16:14:05 +01:00
Alexandre Iooss 4027adf08f
Remove cloudinit package 2020-11-28 16:15:54 +01:00
_pollion 40fbcd076f Define mirror.adm.crans.org if unknown 2020-11-28 15:54:41 +01:00
_benjamin ee2a4c18d4 [mirror] Use syncproxy.eu.debian.org 2020-10-23 18:02:48 +02:00
_pollion d45fff9176 [Certbot] Praise new infra 2020-10-12 18:34:46 +02:00
_pollion c888c56093 ethercalc on new infra 2020-09-22 22:48:50 +02:00
_benjamin aad9c52720 [interfaces] Deploy interfaces on kiwi 2020-09-22 15:35:40 +02:00
_benjamin 7e64b42647 [nullmailer] Typo snmp -> smtp 2020-09-20 17:58:14 +02:00
Alexandre Iooss 2aedbe0a16 Configure CAS 2020-09-19 10:32:09 +02:00
Alexandre Iooss 44a8379294 More CAS configuration 2020-09-19 08:26:19 +02:00
erdnaxe 1eb06b96ab Merge branch 'roundcube' into 'newinfra' 
Roundcube

See merge request nounous/ansible!87
 2020-09-18 18:03:30 +02:00
_benjamin 309cd318d2 [interfaces] Deploy interfaces on unifi 2020-09-12 11:04:52 +02:00
_shirenn 239b8ec406 [roundcube][unsafe] coucou erdnaxe[m] il faut que tu proprifies la conf nginx et que tu ajoutes ce qui est en prod :) 2020-09-05 10:41:27 +02:00
_benjamin 0476aaf8fe [interfaces] Deploy interfaces on hodaur 2020-09-04 11:51:59 +02:00
_benjamin 0944d0f8bc Merge branch 'sputnik' into 'newinfra' 
Do not install homes on OVH servers

See merge request nounous/ansible!84
 2020-08-31 13:22:40 +02:00
_benjamin aeb9cc5b42 Do not install homes on OVH servers 2020-08-31 13:18:40 +02:00
_benjamin 4089fa4ebd [interfaces] Configure fluxx interfaces 2020-08-28 18:53:54 +02:00
Alexandre Iooss c2aee6173c Add gitlab-runner role 2020-08-28 10:58:07 +02:00
Alexandre Iooss a21d78ffac Reverse proxy stream.crans.org 2020-08-26 16:45:42 +02:00
_shirenn b84fcbf9ce [stream] \o fluxx.crans.org 2020-08-26 15:44:22 +02:00
_benjamin 8c2e40bd56 [wireguard] Use NDP and ARP proxy 2020-08-24 17:40:00 +02:00
_benjamin 17dddde252 [wireguard] Use nftables on boeing 2020-08-24 13:46:07 +02:00
_benjamin 6acab35bf9 [interfaces] Use ipaddr to get network and netmask 2020-08-23 20:07:28 +02:00
_benjamin 22dee4e764 Merge branch 'newinfra' into 'interfaces' 
# Conflicts:
#   lookup_plugins/ldap.py
 2020-08-23 19:57:41 +02:00
_benjamin b1bb0b68e5 [logall] Sort and rotate routing logs 2020-08-22 15:06:19 +02:00
_benjamin 53d457afd7 [bind-authoritative] Query LDAP for IPs 2020-08-22 09:21:10 +02:00
_benjamin dd55b0cf28 Merge branch 'dns' into 'newinfra' 
[dns] handle LDAP zones

See merge request nounous/ansible!68
 2020-08-21 16:08:05 +02:00