Infrastructure code for deuxfleurs.fr
Find a file
Alex Auvolat d3ada90d83 Fix nomad ip address
Remove the networ_interface parameter in nomad config
This means that nomad will now autodetect its own ip address
by looking at the default route.
Thus nodes in a LAN behind a NAT will get their LAN address,
and internet nodes will get their public address.
They won't get their VPN addresses.
This seems not to break Consul's use of VPN addresses to address
services, and fixes attr.unique.network.ip-address for DiploNAT.
2020-07-15 16:03:51 +02:00
administratif Ajouter des noms de famille des présidents et secrétaires de séance 2020-01-27 19:27:23 +01:00
ansible Fix nomad ip address 2020-07-15 16:03:51 +02:00
bootstrap Initial commit 2019-07-11 09:33:07 +02:00
consul Add garage and nextcloud configuration 2020-07-05 22:55:00 +02:00
docker Update Matrix 2020-07-06 13:58:25 +02:00
man Add garage and nextcloud configuration 2020-07-05 22:55:00 +02:00
nomad Allow external VPN nodes, make multi-DC deployment work 2020-07-15 16:03:42 +02:00
.gitignore Rework jitsi-xmpp to support cert gen 2020-03-22 18:01:54 +01:00
.gitmodules Initial commit 2019-07-11 09:33:07 +02:00
LICENSE Initial commit 2019-07-11 09:33:07 +02:00
README.md Initial commit 2019-07-11 09:33:07 +02:00

deuxfleurs.fr

Many things are still missing here, including a proper documentation. Please stay nice, it is a volunter project. Feel free to open pull/merge requests to improve it. Thanks.

Our abstraction stack

We try to build a generic abstraction stack between our different resources (CPU, RAM, disk, etc.) and our services (Chat, Storage, etc.):

  • ansible (physical node conf)
  • nomad (schedule containers)
  • consul (distributed key value store / lock / service discovery)
  • glusterfs (file storage)
  • stolon + postgresql (distributed relational database)
  • docker (container tool)
  • bottin (LDAP server, auth)

Some services we provide:

  • Chat (Matrix/Riot)
  • Email (Postfix/Dovecot/Sogo)
  • Storage (Seafile)

As a generic abstraction is provided, deploying new services should be easy.

Start hacking

Clone the repository

git clone https://gitlab.com/superboum/deuxfleurs.fr.git
git submodule init
git submodule update

Deploying/Updating new services is done from your machine

The following instructions are provided for ops that already have access to the servers.

Deploy Nomad on your machine:

export NOMAD_VER=0.9.1
wget https://releases.hashicorp.com/nomad/${NOMAD_VER}/nomad_${NOMAD_VER}_linux_amd64.zip
unzip nomad_${NOMAD_VER}_linux_amd64.zip
sudo mv nomad /usr/local/bin
rm nomad_${NOMAD_VER}_linux_amd64.zip

Deploy Consul on your machine:

export CONSUL_VER=1.5.1
wget https://releases.hashicorp.com/consul/${CONSUL_VER}/consul_${CONSUL_VER}_linux_amd64.zip
unzip consul_${CONSUL_VER}_linux_amd64.zip
sudo mv consul /usr/local/bin
rm consul_${CONSUL_VER}_linux_amd64.zip

Create an alias (and put it in your .bashrc) to bind APIs on your machine:

alias bind_df="ssh \
  -p110 \
  -N \
  -L 4646:127.0.0.1:4646 \
  -L 8500:127.0.0.1:8500 \
  -L 8082:traefik.service.2.cluster.deuxfleurs.fr:8082 \
  <a server from the cluster>"

and run:

bind_df