Commit Graph

1532 Commits

Author SHA1 Message Date
c362effe2a Remove NRPE 2021-09-07 14:33:45 -05:00
bad192e93e Refactor Nagios checks into check_by_ssh instead of NRPE
I was never particularly fond of having a random one-off daemon doing my RCE. Sure, it offers some protection, but limiting my exposure to the open internet is far more ideal.

I have tremendously more trust in the OpenSSH project than I do in Nagios. And for that reason, I'll be deprecating NRPE and shredding config files once these plays clean up
2021-09-07 14:27:23 -05:00
b38bb4bf62 Fix improper tagging on NRPE role 2021-09-07 13:41:21 -05:00
1ca062d6ea Modularize declaration of Nagios commands 2021-09-07 13:37:06 -05:00
2a7d343ef1 Move SSH check into YAML declaration of services 2021-09-07 13:29:19 -05:00
8e845b5f4e Modularize out all our service checks
I want them in DATA STRUCTURES God dammit. Get them out of the config file.
2021-09-06 19:43:54 -05:00
d3e51301bb Remove deprecated SNMP service checks 2021-09-06 19:23:54 -05:00
fc2b3cb7b3 Rename Nagios config to more appropriately reflect its role 2021-09-06 19:13:15 -05:00
85074b43d0 Remove said packages from APT 2021-09-05 12:46:34 -05:00
9f6385e90d Move some packages to Flatpak 2021-09-05 12:45:53 -05:00
ebbacf6edd Add Flatpak functionality to desktop role, turn OBS into a flatpak package 2021-09-04 23:56:51 -05:00
429a756a60 Add emergency disaster-recovery inventory
Should make it easier to recover from a broken Netbox now
2021-09-01 19:29:02 -05:00
360238fdd4 Ensure we're on a version of Netbox with secrets support
*sigh*
Guess I gotta set up a vault or something now.
2021-09-01 19:25:31 -05:00
6aef1be67b Move autoremove into its own task on the common role 2021-09-01 19:16:05 -05:00
c299e505cf Add Nextcloud auto app update cronjob 2021-08-29 23:55:56 -05:00
4bea6c2168 Add _netdev to args for pi-storage-1 mount 2021-08-29 16:43:55 -05:00
a6a8cd8590 Figure out how custom_apps works with Nextcloud 2021-08-28 11:01:44 -05:00
f681484775 More password cleanup 2021-08-26 14:45:34 -05:00
bbda71474a Move more creds in, fix gitea using the DB pass for everything
Oh god
2021-08-26 14:43:01 -05:00
7e3ef62e5a Move more secrets into Netbox 2021-08-26 14:27:03 -05:00
c87e2d4f0c Update the name for the gulagbot DB pass 2021-08-26 03:40:41 -05:00
b10ee60b74 Dump private.pem to file before beginning a play 2021-08-26 03:39:45 -05:00
7d34d5e931 Experiment with moving secrets to NetBox 2021-08-26 03:35:11 -05:00
579b2fa296 Move "all" configuration into its own playbook 2021-08-26 02:39:17 -05:00
004bc2a612 Polish up those reboot playbooks 2021-08-25 12:20:47 -05:00
62b6a93b65 Discard cron output again 2021-08-24 21:22:11 -05:00
20e73e6fcf I'm fucking stupid? Don't put the TTY flag on things that aren't TTYs 2021-08-24 21:21:53 -05:00
89e86efafc Log output of Nextcloud cron to file for debugging 2021-08-24 21:16:44 -05:00
45098866e3 Add some stuff for MOVIE NIGHT WIT DA BOIS 2021-08-24 16:58:45 -05:00
6632e7185e Add OBS PPA
This one features Wayland support
2021-08-24 15:46:54 -05:00
2cef4b1992 Fix incorrect mountpoint for srv 2021-08-24 13:28:53 -05:00
6a938ea6b3 Add Nagios user to pi-storage-1 2021-08-24 12:40:32 -05:00
2765067560 Correct wrongly-named group vars 2021-08-24 12:37:08 -05:00
3b133782c9 Have pi-storage-1 psql listen on localhost 2021-08-24 12:29:44 -05:00
f6004def4a Add system-wide cronjob for Nextcloud cron
Guess that's not containerized, huh
2021-08-24 12:25:29 -05:00
145dcfe3fb Add Redis for Nextcloud, plus some config tuning 2021-08-24 01:12:12 -05:00
fc6739907e Remove unnecessary tasks and var files 2021-08-24 00:44:17 -05:00
e49b8e26a0 Fix srv.9iron.club using a mountpoint that didn't make sense 2021-08-24 00:39:42 -05:00
54eeb4a643 God damn can I stop forgetting random small shit please 2021-08-24 00:35:41 -05:00
d8bf31b144 Add rewrite for www.9iron.club to nginx config 2021-08-24 00:32:33 -05:00
1fb222fb15 Move web1 over to a containerized setup, containerize Nextcloud 2021-08-24 00:31:11 -05:00
a6cc1ecece Move ansible_pull vars to the relevant playbook 2021-08-23 23:25:02 -05:00
38b52a5e4a Make said playbook executable 2021-08-23 23:22:17 -05:00
5486f26c76 Move S76 configuration to its own playbook with a couple of tasks 2021-08-23 23:21:58 -05:00
02dd6cd553 Reorganize ALL of the playbooks 2021-08-23 20:28:18 -05:00
a2a5f6eedc Begin a refactor of playbook naming and organization 2021-08-23 20:20:59 -05:00
7f8a06180d Rename desktops from tags_desktop to device_roles_workstation
I already have the role so I may as well
2021-08-23 20:05:27 -05:00
d63a190b25 Fix Nagios being unable to read its own darn config 2021-08-23 18:36:22 -05:00
535509db0a Fix open quotes on NRPE config 2021-08-23 18:23:30 -05:00
d7f70e3dc2 Tighten perms on nrpe config 2021-08-23 18:19:06 -05:00