65af077d5a
Fix iptables not liking comment on same line
2020-07-15 16:03:51 +02:00
d3ada90d83
Fix nomad ip address
...
Remove the networ_interface parameter in nomad config
This means that nomad will now autodetect its own ip address
by looking at the default route.
Thus nodes in a LAN behind a NAT will get their LAN address,
and internet nodes will get their public address.
They won't get their VPN addresses.
This seems not to break Consul's use of VPN addresses to address
services, and fixes attr.unique.network.ip-address for DiploNAT.
2020-07-15 16:03:51 +02:00
3bf830713f
don't retrieve wireguard privkeys in ansible
2020-07-15 16:03:51 +02:00
207d1fa278
Allow external VPN nodes, make multi-DC deployment work
2020-07-15 16:03:42 +02:00
bee7e10256
Document Wireguard config
2020-07-15 16:03:42 +02:00
a4f9aa2d98
Set up wireguard in dev cluster
2020-07-15 16:03:33 +02:00
1a16fc7f9e
Add gitea config example
2020-07-15 15:49:52 +02:00
3174179100
Achieve a working install on my VMs
2020-07-15 15:49:52 +02:00
f844c9454f
Upgrade garage
2020-07-15 15:48:30 +02:00
2f1ef18510
WIP Florian as an admin
2020-07-13 21:04:03 +02:00
7ea74f2398
Merge branch 'feature/simpleiptables'
2020-07-13 20:03:13 +02:00
1782570408
Merge pull request 'update diplonat image' ( #17 ) from update-diplonat into master
...
Reviewed-on: Deuxfleurs/deuxfleurs.fr#17
2020-07-13 20:02:18 +02:00
e25acda3d0
Rework file
2020-07-13 20:01:04 +02:00
75a72af70b
Merge pull request 'Simplify iptables' ( #16 ) from feature/simpleiptables into master
...
Reviewed-on: Deuxfleurs/deuxfleurs.fr#16
2020-07-13 19:59:17 +02:00
46aac4cc79
Add SSH
2020-07-13 19:58:49 +02:00
29d8414112
update diplonat image
2020-07-13 19:56:45 +02:00
4bd4d20533
Simplify iptables
2020-07-13 19:55:22 +02:00
c12dcd6d21
Add Florian
2020-07-13 18:51:40 +02:00
86e727eeb8
Add max as admin
2020-07-08 09:21:06 +02:00
e623bbcc6f
Update Matrix
2020-07-06 13:58:25 +02:00
60e3958baf
Rename postgres
2020-07-05 23:17:36 +02:00
3789532560
Merge branch 'master' of git.deuxfleurs.fr:Deuxfleurs/deuxfleurs.fr
2020-07-05 23:15:50 +02:00
775bab3735
Start using preemption
2020-07-05 23:15:05 +02:00
c344dacb65
Add garage and nextcloud configuration
2020-07-05 22:55:00 +02:00
5e83c8e5fe
Remove don't need anymore
2020-07-05 20:56:36 +02:00
09878271f2
Merge pull request 'Network configuration' ( #1 ) from network_config into master
...
Reviewed-on: Deuxfleurs/deuxfleurs.fr#1
2020-07-05 20:37:19 +02:00
faf39bbb28
Fix docker volume
2020-07-05 20:36:16 +02:00
81480fa1f9
Add docs + fix warning
2020-07-05 20:15:28 +02:00
9cf37f9fe0
Clean nomad+consul deploy tasks as we do not deploy anymore on ARM so it is untested for real
2020-07-05 20:12:51 +02:00
6b37b7c932
Add a readme
2020-07-05 19:52:31 +02:00
03d4e50b05
Add my own modifications
2020-07-05 19:49:32 +02:00
eac2581a20
Merge branch 'master' into network_config
2020-07-05 19:42:00 +02:00
f427bcf564
Rename chat to im because of a nomad bug
2020-07-01 18:44:27 +02:00
d590a98bed
Remove last reference to obsolete nomad1 interface
2020-06-30 17:31:35 +02:00
351e6f13d5
Network configuration:
...
- Remove nomad interface (unused)
- Deactivate systemd-resolved
- Add dns_server to production nodes variables
- Add recursors option to Consul so that it can resolve outside DNS
queries
- Use consul as a global DNS server for machines and containers, with
the outside DNS as a fallback (see roles/consul/templates/resolv.conf.j2)
2020-06-30 17:31:35 +02:00
8fdebd74b3
Increase postfix RAM
2020-06-30 16:14:17 +02:00
b4bfbddd54
Some other fixes
2020-06-16 17:01:38 +02:00
e7ed8a49fb
Update local scripts
2020-06-16 16:28:24 +02:00
3534ba1a19
Read domain name from LDAP
2020-06-14 11:48:53 +02:00
9b7fd2fc0a
Upgrade containers
2020-06-02 12:31:46 +02:00
d13352910d
Add upgrade documentation
2020-06-02 12:26:41 +02:00
a2e1f61cf8
WIP sodium binding
2020-05-31 13:05:56 +02:00
701da9ef26
WIP readme
2020-05-30 22:32:53 +02:00
f9fb0c7d85
Add a reference
2020-05-30 22:07:10 +02:00
d07e7ccdd2
WIP scratchpad
2020-05-30 19:17:37 +02:00
eb47d6a7ca
WIP encryption is not easy
2020-05-30 17:57:59 +02:00
66a496a37a
WIP consul backup
2020-05-30 14:10:32 +02:00
c746be70a9
Jitsi now supports diplonat
2020-05-23 17:46:01 +02:00
32ed9af205
Postfix now uses diplonat
2020-05-23 17:40:06 +02:00
623335d990
migrate dovecot
2020-05-23 17:35:08 +02:00
