Commit Graph

136 Commits

Author SHA1 Message Date
genofire 42113ae4f9 Merge branch 'master' of ssh://dev.ccchb.de:2222/ccchb/ansible 2021-01-31 20:26:53 +01:00
genofire 060ba82d42 Perform daily backups. Close #22 2021-01-31 20:25:31 +01:00
Fritz Grimpen 746a701521 Tentatively redirect ccchb.de and www.ccchb.de to wiki.emma.ccchb.de 2021-01-31 18:30:40 +00:00
genofire 03c34b1216 s6-svscan lost its -s flag with the 2.10.0 release 2021-01-31 19:20:46 +01:00
genofire 07a61ac55f Add mlmmj map 2021-01-31 19:18:31 +01:00
genofire c49a79fe20 Update gitea submodule? 2021-01-31 19:17:40 +01:00
genofire 8725d80892 Merge branch 'master' of ssh://dev.ccchb.de:2222/ccchb/ansible 2021-01-31 19:16:32 +01:00
genofire 98a412c27b Renew Let's Encrypt certificates 2021-01-31 19:16:27 +01:00
Fritz Grimpen d4b4d9bbbe Configure haproxy for wiki.ccchb.de 2021-01-31 18:15:38 +00:00
Fritz Grimpen 75bbbb5429 Add wiki.emma.ccchb.de guest 2021-01-31 18:15:38 +00:00
genofire 7192608aee Mlmmj expects to talk to the relayhost over 127.0.0.1 2021-01-31 18:00:58 +01:00
genofire 4afadb1674 Work around ansible limitations (missing NFSv4 ACL support) 2021-01-31 17:44:26 +01:00
genofire 925499223e Use correct handlers 2021-01-04 23:33:42 +01:00
genofire 964e260a78 Merge branch 'master' of ssh://dev.ccchb.de:2222/ccchb/ansible 2021-01-04 23:17:40 +01:00
genofire 81e2eca425 Who did this? 2021-01-04 23:17:34 +01:00
genofire 49cc270de7 Call subversion without disabling the fucking certificate validation 2021-01-04 23:12:59 +01:00
Geno 68c6b53f68 gitea update 2020-12-14 23:53:27 +01:00
Geno fd68672d7c geno-playground with more ram and cpu (for ffmpeg rendering) 2020-12-11 17:28:43 +01:00
Geno f7c704c10b add osp-edge.ccchb.de to haproxy (of emma) 2020-12-08 22:28:35 +01:00
genofire 531b7ef276 Reenable redis dependency 2020-10-27 21:09:38 +01:00
genofire c18f53b8ea Add rspamd support.
Postfix uses the Rspamd proxy as spam filtering milter
and HAProxy exposes the Rspamd webinterface through HTTPS.

Updates #10
2020-10-26 23:46:16 +01:00
genofire 28fbdff74b Make HAProxy use its new chroot jail in /var/run/haproxy.
Fixes #19
2020-10-26 23:31:57 +01:00
genofire 97daf854d0 Add the missing sender_access map to Postfix's configuration.
Updates #18
2020-10-24 19:34:42 +02:00
genofire de6c1a4d8b Add dns playbook
Fixes #15
2020-10-24 14:11:39 +02:00
genofire 0a6b680cda Write a role to setup a Redis instance.
The role expects two parameters:

  * `redis_instance`: the instance name
  * `redis_client_group`: the group allowed to access the instance's unix socket

Fixes #17
Updates #10
2020-10-24 14:07:10 +02:00
genofire 593d8deddf Only delete old service databases after a *successful* update 2020-10-24 05:25:49 +02:00
genofire e8ad17c054 Add forgotten playbooks.
Changes #10, #15
2020-10-23 19:45:21 +02:00
genofire 01cace0b95 Merge branch 'master' of ssh://dev.ccchb.de:2222/ccchb/ansible into master 2020-10-23 19:37:21 +02:00
genofire 36e65e6fe3 Install and configure nsd and unbound on emma.ccchb.de
Fixes #15
2020-10-23 19:37:15 +02:00
genofire 83a7a1b4d1 Install and configure nsd and unbound on emma.ccchb.de
Fixes #16
2020-10-23 19:35:52 +02:00
genofire 8ea37c14df Wait for readiness.
Fixes #16.
2020-10-23 19:28:36 +02:00
genofire 7d811568e5 Make use of the Hetzner NTP servers.
Fixes #14 (again)
2020-10-23 19:12:55 +02:00
genofire 4addf597cc Install OpenNTPD on mail servers
Fixes #14
2020-10-23 19:03:23 +02:00
genofire 9110d9df82 Add a Postfix role and apply it to emma
Changes #10
2020-10-23 03:32:54 +02:00
genofire 9edf07c8bb Merge branch 'master' of ssh://dev.ccchb.de:2222/ccchb/ansible into master 2020-10-21 16:41:17 +02:00
genofire d64eb534bb Define a mail host group containing the hashed passwords
Changes #10
2020-10-21 16:41:06 +02:00
genofire c2929aee96 Define a mail host group containing the hashed passwords
Changes #10
2020-10-21 16:23:10 +02:00
genofire 372f5265d7 Add a Dovecot role
Changes #10
2020-10-21 16:18:30 +02:00
genofire 4dfd89dff1 Add Let's Encrypt support to HAProxy.
Closes #13
2020-10-21 16:10:23 +02:00
genofire 4696d140aa Use s6-log's native readiness notification support.
Fixes #9
2020-10-20 14:08:28 +02:00
genofire d3f447dce4 Tag the /var/log/haproxy tmpfs as a late file system.
Fixes #8
2020-10-19 14:21:11 +02:00
genofire 75e2c3768f Add the postconf ansible module to the library.
Fixes #7
2020-10-17 03:46:59 +02:00
genofire cb8403a0d3 Create a tmpfs at /var/log/haproxy.
Fixes #6.
2020-10-16 15:55:54 +02:00
genofire 31427fb19e update gitea 2020-10-03 07:50:30 +00:00
genofire 03dd50685a Start a site.yml playbook 2020-10-03 04:27:41 +02:00
genofire 6031ddc028 Apply a 16 or 56 bit mask to source IP addresses 2020-10-03 04:00:30 +02:00
genofire dd16e9281d Make HAProxy happy (overwrite log type) 2020-10-03 03:19:12 +02:00
genofire 3609982b4c Enable HAProxy service 2020-10-03 03:14:01 +02:00
genofire 02fdf86327 Add SNI support as requested in #1 2020-10-03 03:04:44 +02:00
genofire 276cff4373 Add HAProxy role. Fixes #4 2020-10-03 02:30:41 +02:00