crans
/
ansible
mirror of http://gitlab.adm.crans.org/nounous/ansible.git
19
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,815 Commits
12 Branches
0 Tags
7.9 MiB
Commit Graph

335 Commits (ceea61654c75bee7cf18abeb69d9bcc1ae83411a)

Author SHA1 Message Date
Yohann D'ANELLO 72238d79ed [nginx] Add feature to manage multiple certificates, for example for crans.org and for adm.crans.org 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 3f4a66eb7c [thelounge] Copy ldap configuration for zamok 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO f039121e21 [thelounge] Download the Debian package and install it, and deploy 
configuration

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 70a78d06d1 [irc] Configure nginx for the lounge 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 9f21a7ad79 [nginx] Drop nginx-pubftp role 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
ynerant a9897ec3c0 [nginx] Load global and local nginx configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO ec262bd5c1 [nginx] Drop role nginx-mailman 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 84fb96eab6 Create generic Nginx template 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO f09ec69ef1 Remove unused role nginx-rtmp 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 454ca95edf Rename nginx-reverseproxy to nginx 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 408c857f81
[zamok_apache] Pepcransification 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 14:07:35 +01:00
ynerant 359b6a4553
[belenios] Deploy belenios 
Signed-off-by: ynerant <ynerant@crans.org>
 2021-02-22 12:31:30 +01:00
_shirenn 6e6dd56e4d [borg] lets filter-out shit and backup cameron 2021-02-22 12:13:23 +01:00
_shirenn 59bc91dc9d [vault] Changing cranspasswords to pass crans 2021-02-22 12:01:03 +01:00
_shirenn 262696970f [network-interfaces] PEPCRANSED 2021-02-22 11:51:44 +01:00
_shirenn a82d770043 [slapd] Filter ipv4s responsibly 2021-02-22 09:45:13 +01:00
_shirenn 02df5674b1 [slapd] soyouz, query and regex 2021-02-22 01:30:02 +01:00
ynerant 009e7b42cb
[certbot] Generate multiple certificates (useful for adm) 
Signed-off-by: ynerant <ynerant@crans.org>
 2021-02-16 15:35:07 +01:00
_shirenn d03eed8abe [re2o-services] PEPCRANSIFIED 2021-02-11 09:57:10 +01:00
_shirenn f5cf25c9b7 [dhcp] dont clone git from /tmp 2021-02-11 09:57:10 +01:00
_shirenn 52d0d6ebce [home-nounous] Exclude tealc.adm.crans.org and zamok.adm.crans.org 2021-02-10 16:33:21 +01:00
_shirenn acd8e3da2a [nullmailer] PEPCRANSED BRO 2021-02-10 11:30:07 +01:00
_shirenn 7cd62269a3 pepcrans :) 2021-02-08 15:02:14 +01:00
_benjamin bc486b5570 Merge branch 'linx' into 'newinfra' 
[linx] Add linx server, role and playbook

See merge request nounous/ansible!206
 2021-02-08 13:37:42 +00:00
_benjamin 1d5310127e [linx] Add linx server, role and playbook 2021-02-08 14:37:05 +01:00
pa d7660e8333 [cas] CRANSIBLEISED bro 2021-02-07 18:16:43 +01:00
_shirenn 7702e3ff3a [slapd] Petit ménage 2021-01-17 22:22:40 +01:00
_shirenn 29222acf56 [crans_scripts] PEPCRANSIFICATION 2021-01-17 21:39:18 +01:00
_shirenn 1eba54f3ec [ntp-client] On continue à PEPCRANSIFIER 2021-01-17 20:59:45 +01:00
Alexandre Iooss 82732396af
Sync all.yml with plays 2021-01-16 19:13:40 +01:00
Alexandre Iooss f3c38819ef
Prometheus on bullseye 2021-01-13 16:37:48 +01:00
_benjamin 42e0294db4 Configure interfaces only on VMs that aren't routers 2021-01-10 22:24:35 +01:00
_pollion 854f483af7 Enable configuring network interfaces 2021-01-10 21:34:47 +01:00
_pollion 32e0c220f0 configure re2o-ldap and re2o-dev 2021-01-10 14:15:41 +01:00
_benjamin 3b81f9d758 [re2o-front] Install re2o frontend dependancies 2021-01-10 14:02:40 +01:00
_benjamin 30ecc05a52 [bird] Use bird instead of quagga 2021-01-08 14:48:55 +01:00
Alexandre Iooss c6e11e398f
mtail for tealc from the future 2021-01-06 21:26:06 +01:00
Alexandre Iooss b71f4d3635
Monitor all websites 2021-01-06 13:43:20 +01:00
Yohann D'ANELLO b9f0bbb460
[redisdead] Replace very old crans logo and remove all crans-specific options in the config template 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-01-05 22:29:49 +01:00
Yohann D'ANELLO 4507d367bd
[grafana] Move crans icon file 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-01-05 22:09:50 +01:00
erdnaxe 91b8f5e6d6 Merge branch 'grafana_newinfra' into 'newinfra' 
Grafana newinfra

See merge request nounous/ansible!176
 2021-01-05 19:26:57 +01:00
Alexandre Iooss 648a35a36b
Change Grafana LDAP configuration 2021-01-05 19:09:15 +01:00
_benjamin d81d9768dc Merge branch 'arp-proxy' into 'newinfra' 
[arp-proxy] delete arp proxy

See merge request nounous/ansible!175
 2021-01-05 17:35:44 +01:00
_benjamin c9accd6be4 [arp-proxy] delete arp proxy 2021-01-05 17:33:26 +01:00
Alexandre Iooss acfedec590
Add bornes 2021-01-05 16:08:24 +01:00
_benjamin c8ed25a704 [rsyslog-server] tealc is the rsyslog server 2021-01-03 10:46:23 +01:00
_benjamin 79215d2201 [re2o] fix re2o role 2021-01-02 15:55:19 +01:00
_benjamin 4a20b96da3 [logall] Deploy rsyslogd config, logrotate and mount logs 2021-01-02 11:03:34 +01:00
erdnaxe 834f8e34bd Merge branch 'cas' into 'newinfra' 
Migrate CAS to new infra

See merge request nounous/ansible!156
 2021-01-02 09:35:42 +01:00
Alexandre Iooss 585d947b6f
Migrate CAS to new infra 2021-01-02 09:34:22 +01:00
_pollion e2fca88f19 Typo 2021-01-01 23:28:26 +01:00
_pollion 816a63ad0b Clean up zamok tools 2021-01-01 22:33:30 +01:00
_pollion 73440ec9af Split backup playbook into client and server 2021-01-01 19:23:19 +01:00
pa 2bcf91b975 Ssh known hosts 2021-01-01 17:53:35 +01:00
Alexandre Iooss 628485a24c
Configure zephir network 2020-12-31 13:00:06 +01:00
_pollion a16007c388 Configure borgbackup and monitoring on first Ansible run 2020-12-30 13:34:57 +01:00
_pollion 0b70cca323 More clean-up 2020-12-29 20:44:57 +01:00
_pollion 8952eb42c7 [root.yml] cloud-init only relevant for VMs 2020-12-29 18:51:29 +01:00
_pollion 5fe9f1460f clean up nullmailer 2020-12-29 18:46:40 +01:00
_pollion f250cf1719 Refactor hosts inventory 2020-12-29 18:33:39 +01:00
_pollion ca0cb52cc1 Merge branch 'owncloud' into 'newinfra' 
Owncloud is on !

See merge request nounous/ansible!139
 2020-12-29 02:21:06 +01:00
_pollion 9dc5f3fefb Owncloud is on ! 2020-12-29 02:05:18 +01:00
Alexandre Iooss 31e52892fc
Add owl 2020-12-28 18:31:50 +01:00
_pollion 559935d983 Merge branch 'owl' into 'newinfra' 
Owl

See merge request nounous/ansible!127
 2020-12-28 17:22:46 +01:00
Alexandre Iooss aa8aca6a26
Init statping role 2020-12-28 13:53:19 +01:00
erdnaxe b437cac248 Merge branch 'nginx_prometheus' into 'newinfra' 
Monitor NGINX with Prometheus

See merge request nounous/ansible!129
 2020-12-28 12:01:39 +01:00
Alexandre Iooss 946250e322
Monitor NGINX with Prometheus 2020-12-28 12:01:19 +01:00
Alexandre Iooss ee0295c18e
Fruitensmix happend 2020-12-28 11:30:44 +01:00
Michaël Paulon 9983c85a91 run boy run ! 2020-12-27 13:30:37 -05:00
Michaël Paulon 4251074bc0 dovecot is now in ansible 2020-12-27 13:04:57 -05:00
_benjamin c48b1d565c [home] add playbook to deploy home creation script 2020-12-27 10:24:41 +01:00
erdnaxe d17968e246 Merge branch 'codimd' into 'newinfra' 
Add support for bullseye and add codichotomie

See merge request nounous/ansible!122
 2020-12-23 12:18:47 +01:00
_shirenn 24a9b5c768 [postfix] it is time to play 2020-12-21 22:59:55 +01:00
Alexandre Iooss b202dcffd1 Add support for bullseye and add codichotomie 2020-12-18 17:26:26 +01:00
_pollion d2a6501b9e Merge branch 'newinfra' into 'borgbackup' 
# Conflicts:
#   group_vars/crans_server/vars.yml
#   plays/backup.yml
 2020-12-06 02:25:53 +01:00
_pollion a871e1e480 [Borg] Server config 2020-12-06 01:44:39 +01:00
_pollion acafd5b7c8 [Borgbackup] Pull borg from bullseye and deploy configuration. 2020-12-02 19:42:21 +01:00
Alexandre Iooss 8a2ee0d6a8
Configure bigbluebutton vm network 2020-12-01 11:21:49 +01:00
Alexandre Iooss 460e2995bf Small fix on ntp 2020-11-29 17:49:02 +01:00
Alexandre Iooss 6bb927ffca
all.yml is back 2020-11-29 17:24:50 +01:00
Alexandre Iooss 2cff6b4cfe NTP client with timesyncd 2020-11-29 16:52:17 +01:00
_benjamin 3edf1238f2 Merge branch 'newinfra' into 'roundcube' 
# Conflicts:
#   group_vars/reverseproxy.yml
#   hosts
#   plays/network-interfaces.yml
 2020-11-29 11:30:00 +01:00
_pollion bc80702bea Horde, welcome to new infra 2020-11-29 00:25:13 +01:00
_benjamin da68de7d83 [hosts] roundcube 2020-11-28 17:48:41 +01:00
Alexandre Iooss 09a26d0198
New monitoring 2020-11-28 17:30:36 +01:00
Alexandre Iooss 1920740649
Configure network if for monitoring 2020-11-28 17:11:09 +01:00
erdnaxe cc7c2f6af3 Merge branch 'rm_cloudinit' into 'newinfra' 
Remove cloudinit package

See merge request nounous/ansible!103
 2020-11-28 16:14:05 +01:00
Alexandre Iooss 4027adf08f
Remove cloudinit package 2020-11-28 16:15:54 +01:00
_pollion 40fbcd076f Define mirror.adm.crans.org if unknown 2020-11-28 15:54:41 +01:00
_benjamin ee2a4c18d4 [mirror] Use syncproxy.eu.debian.org 2020-10-23 18:02:48 +02:00
_pollion d45fff9176 [Certbot] Praise new infra 2020-10-12 18:34:46 +02:00
_pollion c888c56093 ethercalc on new infra 2020-09-22 22:48:50 +02:00
_benjamin aad9c52720 [interfaces] Deploy interfaces on kiwi 2020-09-22 15:35:40 +02:00
_benjamin 7e64b42647 [nullmailer] Typo snmp -> smtp 2020-09-20 17:58:14 +02:00
Alexandre Iooss 2aedbe0a16 Configure CAS 2020-09-19 10:32:09 +02:00
Alexandre Iooss 44a8379294 More CAS configuration 2020-09-19 08:26:19 +02:00
erdnaxe 1eb06b96ab Merge branch 'roundcube' into 'newinfra' 
Roundcube

See merge request nounous/ansible!87
 2020-09-18 18:03:30 +02:00
_benjamin 309cd318d2 [interfaces] Deploy interfaces on unifi 2020-09-12 11:04:52 +02:00
_shirenn 239b8ec406 [roundcube][unsafe] coucou erdnaxe[m] il faut que tu proprifies la conf nginx et que tu ajoutes ce qui est en prod :) 2020-09-05 10:41:27 +02:00
_benjamin 0476aaf8fe [interfaces] Deploy interfaces on hodaur 2020-09-04 11:51:59 +02:00
_benjamin 0944d0f8bc Merge branch 'sputnik' into 'newinfra' 
Do not install homes on OVH servers

See merge request nounous/ansible!84
 2020-08-31 13:22:40 +02:00
_benjamin aeb9cc5b42 Do not install homes on OVH servers 2020-08-31 13:18:40 +02:00
_benjamin 4089fa4ebd [interfaces] Configure fluxx interfaces 2020-08-28 18:53:54 +02:00
Alexandre Iooss c2aee6173c Add gitlab-runner role 2020-08-28 10:58:07 +02:00
Alexandre Iooss a21d78ffac Reverse proxy stream.crans.org 2020-08-26 16:45:42 +02:00
_shirenn b84fcbf9ce [stream] \o fluxx.crans.org 2020-08-26 15:44:22 +02:00
_benjamin 8c2e40bd56 [wireguard] Use NDP and ARP proxy 2020-08-24 17:40:00 +02:00
_benjamin 17dddde252 [wireguard] Use nftables on boeing 2020-08-24 13:46:07 +02:00
_benjamin 6acab35bf9 [interfaces] Use ipaddr to get network and netmask 2020-08-23 20:07:28 +02:00
_benjamin 22dee4e764 Merge branch 'newinfra' into 'interfaces' 
# Conflicts:
#   lookup_plugins/ldap.py
 2020-08-23 19:57:41 +02:00
_benjamin b1bb0b68e5 [logall] Sort and rotate routing logs 2020-08-22 15:06:19 +02:00
_benjamin 53d457afd7 [bind-authoritative] Query LDAP for IPs 2020-08-22 09:21:10 +02:00
_benjamin dd55b0cf28 Merge branch 'dns' into 'newinfra' 
[dns] handle LDAP zones

See merge request nounous/ansible!68
 2020-08-21 16:08:05 +02:00
_benjamin a65076dc28 [interfaces] Add IPv6 gateways 2020-08-20 18:10:36 +02:00
_benjamin fb08fbf7c9 [radvd] Install radvd on routers 2020-08-19 19:02:00 +02:00
_benjamin b76d538ad6 [nftables] Install and enable nftables on routers 2020-08-19 17:49:07 +02:00
_benjamin 68ce662296 Merge branch 'gulp' into 'newinfra' 
[firewall] Deploy firewall on gulp

See merge request nounous/ansible!61
 2020-08-19 16:06:13 +02:00
_benjamin 83d52d6c85 [firewall] Deploy firewall on gulp 2020-08-19 16:05:50 +02:00
_benjamin b500cc128c [slapd] Move variables to group_vars 2020-08-19 14:21:52 +02:00
_benjamin 2527390703 Merge branch 'openssh' into 'newinfra' 
Openssh

See merge request nounous/ansible!58
 2020-08-19 14:05:46 +02:00
_benjamin 94ae57f24e [openssh] Apply openssh role at the end of root.yml 2020-08-19 14:05:22 +02:00
Alexandre Iooss e7b5f7e612
Add monitoring server for newinfra 2020-08-19 13:47:29 +02:00
_benjamin a47058fcac [interfaces] Add gateways 2020-08-19 13:32:32 +02:00
_benjamin 4ea6bd9687 [interfaces] Deploy interfaces using LDAP 2020-08-19 13:07:47 +02:00
erdnaxe f75c8231a2 Merge branch 'newinfra' into 'gitlabci' 
# Conflicts:
#   hosts
 2020-08-18 23:14:02 +02:00
pa 1c81c5e0d3 Merge branch 'hodaur' into 'newinfra' 
Reverse proxy + first vm migration

See merge request nounous/ansible!56
 2020-08-18 19:12:06 +02:00
_shirenn 54efaddadb [reverseproxy] installs certbot 2020-08-18 17:57:27 +02:00
_shirenn 9a01dd59fd [reverse_proxy] Adds hodaur and clean role 2020-08-18 17:13:44 +02:00
_benjamin 7d68f56e91 [arp-proxy] Deploy ARP proxy on routeur-sam 2020-08-18 16:01:01 +02:00
Alexandre Iooss 2e2ee3e434 Gitlab-ci VM 2020-08-16 21:35:37 +02:00
_benjamin 3b305d4866 [sysctl-fowarding] Enable IP forwarding on routers 2020-08-16 10:09:29 +02:00
_pollion 58425a8081 Merge branch 'freeradius' into 'newinfra' 
Freeradius

See merge request nounous/ansible!48
 2020-08-11 23:30:32 +02:00
_benjamin 80f0d3686f [quagga] Merge ipv4 and ipv6 2020-08-11 18:43:39 +02:00
_benjamin 297cef0453 [baie] Playbook pour setup la baie 2020-08-11 17:00:28 +02:00
_benjamin 2c42757620 [iproute2] name table 26 2020-08-11 14:22:37 +02:00
_benjamin 884e6f8d09 [dns] handle LDAP zones 2020-08-11 14:05:24 +02:00
_benjamin a5f5a6a52a [vm] Activate serial tty 2020-08-11 11:44:58 +02:00
_benjamin 1f9e65e6fb [dns] Deploy dns on silice 2020-08-11 08:44:15 +02:00
_pollion a7d67b1f87 Role freeradius 2020-08-11 04:04:41 +02:00
_benjamin 6ae814e1e1 Merge branch 'firewall' into 'newinfra' 
[firewall] Deploy firewall

See merge request nounous/ansible!37
 2020-08-10 03:51:22 +02:00
_benjamin eb84bca7a8 [firewall] Deploy firewall 2020-08-10 03:48:24 +02:00
_pollion aacd9e1e31 Install re2o on new infra 2020-08-10 02:25:54 +02:00
_pollion 84fc337722 [postgresql] Configure psql database 2020-08-09 19:39:53 +02:00
_benjamin dc35709d86 [slapd] Deploy LDAP certificate 2020-08-08 14:57:43 +02:00
pa 63b06fc02c Merge branch 'keepalived' into 'newinfra' 
Keepalived

See merge request nounous/ansible!27
 2020-08-07 17:43:32 +02:00
_shirenn dfa8f6059b [keepalived] Crans configuration 2020-08-07 17:31:02 +02:00
_benjamin f93829267d [qemu-guest-agent] Install qemu-guest-agent on VMs 2020-08-07 16:52:26 +02:00
_shirenn 56acc3b293 [ldap][slapd] Variable merge 2020-08-07 12:42:42 +02:00
_shirenn 2c72c8c6c9 [proxmox] tout pleins de nouveaux copains 2020-08-07 12:42:42 +02:00
_shirenn 5c7569cce2 [proxmox][safe] Configuration CRANS 2020-08-07 12:42:40 +02:00
_shirenn b6ec090613 [plays][safe] Playbook to run as root 2020-08-07 12:41:24 +02:00
_pollion 52e237b0cf [New-infra] Deploy ldap and nfs with base system. 2020-08-07 12:34:01 +02:00
_shirenn 039cd5c014 [framadate][safe] Crans configuration for framadate 2020-08-05 19:58:04 +02:00
_shirenn 94662fe5c4 [horde] Configuration horde du crans 2020-08-05 00:16:32 +02:00
_pollion d40ed87182 [dhcp] Deploy dhcp on Odlyd. 2020-08-03 01:21:50 +02:00
_shirenn e79124527c [keepalived] gulp and sanitize 
De sombres choses ce sont passé cette nuit, des vlans avec des noms
bizarre, des tirets qui se transforme en underscore. La seule chose
qu'il faut retenir, c'est qu'au petit matin la lumière revient et
wifinewserveur meurt;
 2020-08-03 01:09:44 +02:00
_pollion 7cad99c534 Move keepalived playbook into plays. 2020-08-03 00:43:04 +02:00
_pollion f16050b5d5 [dhcp] Install re2o-service dhcp 2020-08-02 20:08:28 +02:00
_pollion a37ced87aa [dhcp] Generate dhcpd.conf 2020-08-02 18:58:08 +02:00
_pollion 896e5e0825 Make backup.yml play standalone 2020-08-02 00:42:07 +02:00
Alexandre Iooss 0027c844d5
Deploy roundcube conf and plugins 2020-07-30 22:15:17 +02:00
Alexandre Iooss cfac25a515
Etherpad role 2020-07-26 22:48:36 +02:00
Alexandre Iooss 2641dcd9c5
Move reverse-proxy in plays/ 2020-07-14 19:42:19 +02:00
Alexandre Iooss 2dccb0c450
Move ftpsync and owncloud to plays/ 2020-07-14 14:10:39 +02:00
Alexandre Iooss e48a440b7e
Install postfix on mailman3 vm 2020-07-12 23:15:52 +02:00
Alexandre Iooss ae36169565
Mailman3 web config 2020-07-11 15:12:32 +02:00
Alexandre Iooss 1fcf1fa8b3
Configure mailman3.cfg 2020-07-11 14:44:44 +02:00
Alexandre Iooss f337548b4b
Role mailman3 2020-07-11 13:29:53 +02:00
Alexandre Iooss 1e28c82ca8
Lazy SysAdmin strikes back 2020-07-01 11:17:03 +02:00
Alexandre Iooss 14f02b8d76 Move moinmoin htdocs 2020-07-01 08:26:54 +02:00
Alexandre Iooss 4be7621670
Add nginx conf to moinmoin role 2020-07-01 07:50:16 +02:00
Alexandre Iooss 2a98a52a53
Postmen need... to be monitored! 2020-06-30 17:04:44 +02:00
Alexandre Iooss 3d834ff77a
Backup monitoring 2020-06-05 17:34:48 +02:00
Alexandre Iooss 0d36ac644c
[monitoring] Use ip filter for adm 2020-06-01 19:42:47 +02:00
Alexandre Iooss 43d66a3257
Add quasar 2020-05-31 11:21:55 +02:00
Alexandre Iooss 67ffa3c893
[prometheus] use dig lookup for adm ip 2020-05-25 12:43:12 +02:00
Alexandre Iooss 0572c53391
DHCP, DNS and Wireguard plays 2020-05-19 20:21:51 +02:00
Alexandre Iooss 0f242174f7
Mailman play 2020-05-19 19:42:57 +02:00
Alexandre Iooss 5e67c3096c
Monitoring play 2020-05-19 19:34:12 +02:00
Alexandre Iooss 517366a10a
TV play 2020-05-19 19:31:28 +02:00
Alexandre Iooss c11ea23b96
NFS play 2020-05-19 19:30:01 +02:00
Alexandre Iooss d2446d0dd7
Network interface play 2020-05-19 19:28:43 +02:00
Alexandre Iooss 1227da7286
Mail play 2020-05-19 19:12:06 +02:00
Alexandre Iooss 786d6b8bca
Logs book 2020-05-19 19:07:34 +02:00
Alexandre Iooss fd6531542b
Backup book 2020-05-19 19:06:26 +02:00