c362effe2a
Remove NRPE
2021-09-07 14:33:45 -05:00
bad192e93e
Refactor Nagios checks into check_by_ssh instead of NRPE
...
I was never particularly fond of having a random one-off daemon doing my RCE. Sure, it offers some protection, but limiting my exposure to the open internet is far more ideal.
I have tremendously more trust in the OpenSSH project than I do in Nagios. And for that reason, I'll be deprecating NRPE and shredding config files once these plays clean up
2021-09-07 14:27:23 -05:00
579b2fa296
Move "all" configuration into its own playbook
2021-08-26 02:39:17 -05:00
5486f26c76
Move S76 configuration to its own playbook with a couple of tasks
2021-08-23 23:21:58 -05:00
02dd6cd553
Reorganize ALL of the playbooks
2021-08-23 20:28:18 -05:00
a2a5f6eedc
Begin a refactor of playbook naming and organization
2021-08-23 20:20:59 -05:00
4d0b005181
Add NRPE role, provision checks for it
2021-08-15 14:24:35 -05:00
73abab9607
Add docker-prune playbook
2021-08-15 00:59:08 -05:00
a254910cdc
Testing some SNMP stuff
2021-08-08 13:36:52 -05:00
e3c5c00272
Fix not including the zerotier playbook
2021-08-08 02:28:22 -05:00
759df2f593
Allow for dynamic tagging of ansible-pull hosts
2021-08-07 17:09:20 -05:00
07ea9806da
Docker goes on everything
2021-08-07 16:55:28 -05:00
38f70d0fca
Unify motd definition
2021-08-07 16:52:19 -05:00
ce034d28b0
Also, only those hosts that use ansible-pull should pull the repo to /etc/ansible
2021-08-01 15:07:02 -05:00
79220bef76
Disable ansible-pull for most systems
...
From now on, nightly plays triggered by GitLab will be standard.
Desktops will still use an ansible-pull configuration as there is
no guarantee that they will be available at 1AM.
2021-08-01 15:00:05 -05:00
da6dbd4748
Add pi-storage-2
2021-05-25 15:35:50 -05:00
94c16d6df8
More nodes
2021-03-26 21:58:55 -05:00
8d544165a0
Enroll the previous pimps into the k8s cluster
2021-03-26 20:38:33 -05:00
9070869327
Add SSHD role, tighten things down
2021-03-11 08:04:57 -06:00
51a1f63504
Set up mass storage Pi, run it before k8s inits
2021-02-28 19:50:49 -06:00
a771ddd16b
Split Pi playbooks again
2021-02-28 19:48:42 -06:00
85485a4651
Consolidate Pi playbooks
2021-02-27 05:00:30 -06:00
bab051af2c
Add administrative user role
2021-02-26 10:07:57 -06:00
9a516d8f08
Separate out Pi roles, reorganize inventory, deploy docker to all pis indiscriminately
2021-02-25 12:56:48 -06:00
0b0c7035cf
Remove testing k8s env
2021-02-22 04:05:58 -06:00
994fdfff88
PIKUBERNETES PIKUBERNETES PIKUBERNETES
2021-02-18 18:47:34 -06:00
2773f537bc
Add a little test bed for k8s
...
IT WORKS
2021-02-16 16:39:53 -06:00
65f751792a
Get rid of Netdata
...
Christ this thing is awful
2021-02-11 13:16:36 -06:00
f8d075da22
Ensure an up-to-date Ansible repo on all boxes
2021-02-03 01:25:51 -06:00
c347bdf493
Update Netdata. Apparently.
2021-01-23 19:18:09 -06:00
2f6d016532
Test deployment of netdata
...
Hopefully it's not that bad
2021-01-23 18:52:41 -06:00
dbc9f7d6ae
Always become
2021-01-18 05:08:43 -06:00
026cddb787
Run playbooks for gameservers last among remote boxes
...
Just reorganizing. Playbooks should configure the stack from bottom -> top and from highest -> lowest priority
2020-12-24 09:54:53 -06:00
87f997c418
Run plays on desktops last
...
When bootstrapping, desktops will likely depend on infrastructure set up in previous playbooks
2020-12-24 09:54:09 -06:00
58a9827b28
Define machine-specific backups
2020-12-24 09:19:12 -06:00
00fb2bb32e
Work on a basic implementation of backups
...
Still need to set up good defaults and do host-based configuration tho
2020-12-24 09:06:20 -06:00
d95416e831
Add a few bobs to glue game.yml together
2020-12-21 03:14:15 -06:00
42ccb2bcc6
Add game1.thefuck.how, separate playbooks out
2020-12-21 01:18:32 -06:00
ba868fa76c
Polish up configuration for web1, seems we're mostly live
2020-12-18 06:25:00 -06:00
516a42972d
More miscellanea configured
2020-12-18 02:52:15 -06:00
262767149a
Fix SSL configuration
...
Still have to work on that redirect
2020-12-18 02:40:27 -06:00
0f49adf860
Initial attempt at getting web1 up
2020-12-18 02:25:16 -06:00
105753d17a
Add Pulseaudio system-wide service and role
2020-12-15 18:18:32 -06:00
8a16230550
Tweak cap_sys_ptrace task
2020-12-06 07:49:00 -06:00
3c445d0f90
Remove special rule for gentoo
2020-12-05 06:47:56 -06:00
7824679f2e
More Gentoo tweaking
2020-12-04 09:40:47 -06:00
07a28018b0
Add post-task to confirm a liblzo2 dllmap
...
Need it for rando
2020-12-04 00:52:40 -06:00
e3d89690c1
Become root to put that cap on Python
...
WHOOPSIE DAISY
2020-12-03 01:31:47 -06:00
deca70a065
Add Randovania, provide Python the perms for randovania to do the do
2020-11-29 02:30:36 -06:00
a47e09bd1d
Getting ready to deploy live
2020-11-08 08:16:07 -06:00