32061deac2
Add bastion1 key to adminuser
2021-09-24 12:51:41 -05:00
8ecc7bfbb6
Modularize Netbox into several containers with workers n stuff
2021-09-23 22:09:38 -05:00
8d59a1b201
Rework mounts for netbox container
2021-09-23 21:39:10 -05:00
5f997b1c09
Remove dolphin-emu-master from workstations
2021-09-23 21:34:53 -05:00
81988a50fd
Remove defunct deb link for raspberry pi imager
2021-09-23 21:32:36 -05:00
aa98612d6c
Rework data structures for flatpaks to properly allow for different remotes
2021-09-23 21:31:32 -05:00
69a8036398
Configure flatpak last on desktop plays
2021-09-23 21:22:35 -05:00
2f788a1a6e
Update discord
2021-09-23 21:18:20 -05:00
53ac5ad659
Create dedicated ansible-pull playbook with basic maintenance tasks, use it
2021-09-22 07:43:28 -05:00
fdeb143a56
Apply mitigation for netbox-community/netbox-docker#586 , update Netbox
2021-09-21 14:49:34 -05:00
f7b5c475d5
Add device_roles_bastion play
2021-09-19 21:49:15 -05:00
39c0170705
Fix not using device_roles_workstation.yml
2021-09-19 21:47:57 -05:00
f60eaa9c04
Add more MOTD items to purge
2021-09-19 21:32:38 -05:00
1cf6dd3352
Hopefully stop linting galaxy roles
2021-09-18 16:46:47 -05:00
38af921c96
Polish up readme
2021-09-18 16:44:56 -05:00
cf92fde0d4
Remove submodules for roles no longer used
2021-09-18 16:20:22 -05:00
0d43e910f2
Remove NRPE and Onlyoffice roles
2021-09-18 16:19:11 -05:00
49eb8e989f
Amend ansible-lint configuration since we now have a unified installation directory for Galaxy roles
2021-09-18 16:14:14 -05:00
1fcfa808f0
Install Galaxy roles to their own directory so I don't have to maintain a long gitignore
2021-09-18 16:13:20 -05:00
65a6fc2dbf
Remove another deprecated role
2021-09-18 16:11:48 -05:00
fe5eb5c14d
Convert role invocations to use the full namespace of the role
2021-09-18 16:10:54 -05:00
78c0e95275
Remove unused roles
2021-09-18 16:05:43 -05:00
a29a8fa584
Get those stale roles the HECC out of my repo. We download dynamically from now on.
2021-09-18 16:04:28 -05:00
68eb7e5422
Pin Netbox to 3.0.1 since apparently the container's broken
2021-09-18 08:52:05 -05:00
542d779be2
Add http2 to default listen args
2021-09-18 07:47:10 -05:00
a55ea64d4a
Remove erroneous ssl in listen_args
2021-09-18 07:46:00 -05:00
7cc869be5b
Add more nginx configuration, specifically with regard to TLS
2021-09-18 07:43:45 -05:00
6382a81f47
Remove some extraneous backup locations on web1
2021-09-18 07:27:59 -05:00
31a2371fa1
Simplify task includes
2021-09-18 07:23:03 -05:00
9b79068380
Allow for the definition of a singular proxy_pass on ingress_servers to simplify configuration
2021-09-18 07:19:26 -05:00
b5057c4064
Fix some configuration errors in ingress, make some changes to better facilitate disabling TLS
2021-09-18 07:13:33 -05:00
13149f2cb9
Add missing args to listen
...
whups
2021-09-18 07:00:07 -05:00
60bfe91947
Add role for ingress controller, move configuration into it and its data structures
2021-09-18 00:04:05 -05:00
37150bf7d1
Remove polkit.service check
...
Apparently it's completely normal behavior for this service to be not running on a fresh boot
2021-09-14 19:40:53 -05:00
fac19d3c71
Reconfigure reboot-home.yml
2021-09-14 19:06:46 -05:00
0f1fbf4fea
Allow 30 second timeouts on check_by_ssh
2021-09-14 17:26:47 -05:00
ac702380b1
Add git to the tags for monitoring-scripts
2021-09-14 17:22:50 -05:00
b4f564cade
Fix mountpoints and NFS exports for media
2021-09-13 13:59:27 -05:00
3f3c7b8392
Decom the K8s cluster, roll all its jobs into one singular machine
2021-09-13 13:50:22 -05:00
a1d5e94a2e
Revert migration to NetBox Secrets
...
The functionality is completely deprecated, now, and will need to be
replaced with similar functionality, such as that from Hashicorp Vault.
2021-09-12 15:18:00 -05:00
e49ebc583f
Upgrade Netbox to 3.0
2021-09-12 15:07:31 -05:00
e405d7bf79
Add some directives to make Nextcloud stop throwing 413s
2021-09-11 10:36:22 -05:00
3f8ecbd8f5
Fix my borked pgsql connection pooling check
2021-09-07 17:08:18 -05:00
4bf02aedd3
Add even more checks for zerotier and psql
2021-09-07 16:11:11 -05:00
3cf9b94cea
Add a quick service check for postgresql
2021-09-07 15:29:26 -05:00
b349015913
Add a ton more checks for things
2021-09-07 15:00:43 -05:00
92f26b7a0c
Add check for atd
2021-09-07 14:55:00 -05:00
60454b6331
Disable motd-news
2021-09-07 14:54:54 -05:00
c362effe2a
Remove NRPE
2021-09-07 14:33:45 -05:00
bad192e93e
Refactor Nagios checks into check_by_ssh instead of NRPE
...
I was never particularly fond of having a random one-off daemon doing my RCE. Sure, it offers some protection, but limiting my exposure to the open internet is far more ideal.
I have tremendously more trust in the OpenSSH project than I do in Nagios. And for that reason, I'll be deprecating NRPE and shredding config files once these plays clean up
2021-09-07 14:27:23 -05:00