Commit graph

138 commits

Author SHA1 Message Date
9cef48a6c2 Merge branch 'main' into simplify-network-config 2023-05-12 18:45:58 +02:00
5c7a8c72d8 first plume on staging with S3 backend 2023-05-12 18:45:20 +02:00
6c07a42978 different wgautomesh gossip ports for prod and staging 2023-05-04 13:39:33 +02:00
607add3161 make specifying an ipv6 fully optionnal 2023-04-21 14:36:10 +02:00
a9e9149739 Fix unbound; remove Nixos firewall (use only diplonat) 2023-04-21 11:29:15 +02:00
b4e82e37e4 diplonat with fixed iptables thing 2023-04-20 15:13:13 +02:00
e5f9f3c849 increase diplonat ram 2023-04-19 21:05:47 +02:00
0372df95b5 staging: fix consul server addresses 2023-04-19 20:36:24 +02:00
9737c661a4 Merge branch 'main' into simplify-network-config 2023-04-19 20:15:03 +02:00
07f50f297a D53 with addresses from DiploNAT autodiscovery; diplonat fw opening for tricot 2023-04-05 16:30:28 +02:00
0e4c641db7
redeploy bagage 2023-04-05 15:50:53 +02:00
16422d2809 introduce back static ipv4 prefix lenght but with default value 2023-04-05 14:04:11 +02:00
dec4ea479d Allow for IPv6 with RA disabled by manually providing gateway 2023-04-05 13:27:18 +02:00
cb8d7e92d2 staging: ipv6-only diplonat for automatic address discovery 2023-04-05 10:25:22 +02:00
ecfab3c628 Merge branch 'main' into simplify-network-config 2023-03-24 15:35:27 +01:00
96566ae523 refactor configuration syntax 2023-03-24 15:26:39 +01:00
e2aea648cf greatly simplify ipv4 and ipv6 configuration 2023-03-24 14:42:36 +01:00
Baptiste Jonglez
8ae9ec6514 Update piranha IP again 2023-03-24 13:01:24 +01:00
a0db30ca26 Sanitize DNS configuration
- get rid of outside nameserver, unbound does the recursive resolving
  itself (and it checks DNSSEC)
- remove CAP_NET_BIND_SERVICE for Consul as it is no longer binding on
  port 53 (was already obsolete)
- make unbound config independant of LAN IPv4 address
2023-03-24 12:58:44 +01:00
5cd69a9ba1 Merge branch 'main' into wgautomesh 2023-03-24 11:29:14 +01:00
bebbf5bd8b
wip rsa-ecc proxy 2023-03-20 09:45:05 +01:00
90efd9155b wgautomesh variable log level (debug for staging) 2023-03-17 18:21:50 +01:00
6664affaa0 wgautomesh gossip secret file 2023-03-17 17:17:56 +01:00
baae97b192 sample deployment of wgautomesh on staging (dont deploy prod with this commit) 2023-03-17 17:17:56 +01:00
551988c808
do not allow stale information reading 2023-03-16 17:01:17 +01:00
6fe8ef6eed
update albatros 2023-03-16 16:53:16 +01:00
8b67c48c52
Fix consul port 2023-03-16 16:19:35 +01:00
7bf1467cb1
add albatros 2023-03-16 15:52:13 +01:00
2a0eff07c0 fix cleanup of deploypass 2023-03-15 17:49:31 +01:00
c681f63222
alloc more mem 2023-03-14 18:37:28 +01:00
d2b8b0c517
wip homemade ci? 2023-03-14 17:32:49 +01:00
850ea784e7 staging updates 2023-03-09 11:08:33 +01:00
Baptiste Jonglez
3eb5e21f9d New IP for piranha 2023-03-06 14:30:22 +01:00
2d55b1dfcc updated garage and d53 on staging 2023-01-26 17:52:27 +01:00
8e76707c44
fix tricot hostname on prod 2023-01-11 22:18:52 +01:00
0da378d053
staging: remove constraint on im 2023-01-05 11:15:30 +01:00
9fabb5844a
staging: remove node cariacou, update garage 2023-01-04 17:06:39 +01:00
da78f3671e
staging: deploy things on bespin 2023-01-04 10:06:06 +01:00
26f78872e6
staging: add node df-pw5 at bespin 2023-01-04 10:02:21 +01:00
18eef6e8e7
Staging: Reduce resource requirements to pack more things 2023-01-03 18:25:32 +01:00
d588764748 don't rotate grafana password 2023-01-01 20:44:28 +01:00
3847c08181 Merge pull request 'updated version of secretmgr' (#5) from new-secretmgr into main
Reviewed-on: #5
2023-01-01 18:47:34 +00:00
Baptiste Jonglez
08c324f1c4 Add new zone to core services 2022-12-29 18:26:52 +01:00
Baptiste Jonglez
1c48fd4ae4 Add new staging zone and node 2022-12-28 16:49:43 +01:00
0becfc2571
Merge branch 'main' into new-secretmgr 2022-12-25 23:47:52 +01:00
b63c03f635
refactor ssh config and move known_hosts 2022-12-25 23:45:53 +01:00
6d6e48c8fa
Improve secretmgr more, update secrets for staging 2022-12-25 22:12:38 +01:00
8d0a7a806d
New secretmgr 2022-12-25 21:03:16 +01:00
7fd81f3470
WIP new secretmgr 2022-12-25 19:52:28 +01:00
11f87a3cd2
staging: add missing secrets, update exiting ones to autogen/autorotate 2022-12-24 23:58:38 +01:00