41bd1af1a4
Add keepalived_script_user profile
...
Short profile source from other profiles requiring the keepalived_script
user to be present.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 05:21:43 +01:00
ae40b1c9c0
Add netcup_failover profile
...
Profile managing a Netcup IP address failover script for use with
keepalived.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 05:21:43 +01:00
303b06ae8c
nemesis/hubris: import keepalived configuration
...
Add shared configuration to cluster.denc.web-proxy.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 05:21:43 +01:00
a0a21a17db
nemesis/hubris: include denc.web-proxy
...
Add shared nginx configuration to nemesis/hubris HA pair nodes.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 05:21:42 +01:00
eed4945a9f
nemesis/hubris: import nginx configuration
...
Add shared configuration to cluster.denc.web-proxy.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 05:21:39 +01:00
1b0965943f
Merge pull request 'common-suse: add qemu-guest-agent + remove AutoYaST' ( #23 ) from common-suse into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #23
2023-02-12 04:13:50 +01:00
8e1436d4af
common.suse: manage qemu-guest-agent
...
ci/lysergic/push/pipeline Pipeline was successful
Ensure qemu-guest-agent is active on all KVM guests.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 04:11:14 +01:00
b6b7ff1e33
common.suse: remove AutoYaST
...
We only use AutoYaST for the OS deployment and don't need the packages
afterwards.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 04:11:14 +01:00
95248fd374
Merge pull request 'dericom02: manage web firewall zone' ( #22 ) from dericom02-webfw into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #22
2023-02-12 03:52:41 +01:00
1f8d8b642c
dericom02: manage web firewall zone
...
ci/lysergic/push/pipeline Pipeline was successful
Import locally configured web zone into Salt. This zone allows the web
proxy to reach http for serving Matterbridge media.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 03:49:40 +01:00
9043634123
Merge pull request 'lighttpd: improve dependencies' ( #21 ) from lighttpd-watch into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #21
2023-02-12 03:06:20 +01:00
9a0c210b87
lighttpd: improve dependencies
...
ci/lysergic/push/pipeline Pipeline was successful
- add more explicit Salt ID dependencies
- reload service on configuration changes
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 03:03:09 +01:00
5da0bfe798
Merge pull request 'dericom02: disable matterbridge XMPP debug' ( #20 ) from matterbridge-xmpp-debug into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #20
2023-02-12 02:56:22 +01:00
16c8cd3dd5
dericom02: disable matterbridge XMPP debug
...
ci/lysergic/push/pipeline Pipeline was successful
It's very noisy - one can enable it on demand if needed.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 02:53:04 +01:00
1eb10e4687
Merge pull request 'matterbridge: restart on changes' ( #19 ) from matterbridge-watch into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #19
2023-02-12 02:42:29 +01:00
b446afcc49
matterbridge: restart on changes
...
ci/lysergic/push/pipeline Pipeline was successful
Matterbridge does detect file changes, but seems to only apply them on
a service restart.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 02:39:47 +01:00
82e8ce4eb2
Merge pull request 'matterbridge: quote numbers' ( #18 ) from matterbridge-booleans into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #18
2023-02-12 02:33:30 +01:00
586c7e3bc7
Merge pull request 'Disable "aithunder" Discord bridge' ( #17 ) from matterbridge-aithunder into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #17
2023-02-12 02:31:48 +01:00
b061265885
matterbridge: quote numbers
...
ci/lysergic/push/pipeline Pipeline was successful
Needed to make the TOML configuration format happy.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 02:30:56 +01:00
1302e06486
Disable "aithunder" Discord bridge
...
ci/lysergic/push/pipeline Pipeline was successful
Discord room does not exist.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 02:25:55 +01:00
8fbfd38ec3
Merge pull request 'dericom02: quote matterbridge booleans' ( #16 ) from matterbridge-booleans into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #16
2023-02-12 02:18:19 +01:00
12c47a346b
dericom02: quote matterbridge booleans
...
ci/lysergic/push/pipeline Pipeline was successful
TOML configuration format needs lowercase boolean values.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 02:13:03 +01:00
c9a157833b
Merge pull request 'Matterbridge media' ( #15 ) from matterbridge-media into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #15
2023-02-12 00:55:49 +01:00
1aacd3f340
dericom02: manage matterbridge media
...
ci/lysergic/push/pipeline Pipeline was successful
- move base media directory to variable
- add lighttpd vhosts to pillar
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 00:51:59 +01:00
ab47eb5485
matterbridge: manage media directories
...
Create media directories if defined in the pillar.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 00:51:26 +01:00
e2560f0dd6
Merge pull request 'matterbridge: add role pillar' ( #14 ) from matterbridge-pillar-fixup into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #14
2023-02-09 23:00:18 +01:00
77c50cf53f
matterbridge: add role pillar
...
ci/lysergic/push/pipeline Pipeline was successful
Empty for now, adding for future reference and because we enforce role
pillars to exist.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-09 22:56:28 +01:00
03a4aec0f3
Merge pull request 'Import Matterbridge configuration' ( #10 ) from import-dericom02 into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #10
2023-02-09 21:02:02 +01:00
dee3e035c2
Merge pull request 'Refactor Matterbridge profile' ( #11 ) from matterbridge-refactor into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #11
2023-02-09 20:44:03 +01:00
f7893a980e
Merge pull request 'Add ha-node role + enable keepalived formula' ( #13 ) from keepalived-formula into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #13
2023-02-08 22:55:45 +01:00
a8bbe056f1
Add ha-node role
...
ci/lysergic/push/pipeline Pipeline was successful
Add ha-node role for machines in a HA pair using keepalived.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-08 20:31:27 +01:00
2d06de94ca
Enable keepalived-formula
...
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-08 20:30:52 +01:00
650854fa27
Refactor matterbridge profile
...
ci/lysergic/push/pipeline Pipeline was successful
- reduce pillar calls
- no longer define possible configuration options, apply settings from
pillar 1:1
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-07 22:37:37 +01:00
07d325d777
dericom02: import Matterbridge configuration
...
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-07 22:29:02 +01:00
f678de8560
derimisc01: import Tor configuration
...
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-07 18:35:40 +01:00
a3ec351b70
Add onion-router role
...
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-07 18:21:32 +01:00
687473b919
Enable tor-formula
...
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-06 23:00:47 +01:00
70ca4fabc8
Set webirc backend to https
...
ci/lysergic/push/pipeline Pipeline was successful
Ergo rightfully does not accept plain text websocket connections.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-06 14:20:19 +01:00
82cad3b099
Include libertacasa for liberta.casa
...
ci/lysergic/push/pipeline Pipeline was successful
Fallout from 77fa39e59c
- libertacasa
nginx snippet needs to be included in liberta.casa server for main
website to operate on the clearnet.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-06 14:10:14 +01:00
df3eeede1d
Repair liberta.casa TLS include
...
ci/lysergic/push/pipeline Pipeline was successful
Accidentally mixed up the libertacasa with the libertacasa2 nginx
TLS snippet.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-06 14:01:23 +01:00
92f01888af
web-proxy: include mime.types
...
ci/lysergic/push/pipeline Pipeline was successful
Always include mime.types on web-proxies.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-05 20:10:57 +01:00
e369c53a4c
web-proxy: common includes
...
ci/lysergic/push/pipeline Pipeline was successful
Always include files in conf.d and vhosts.d on web-proxies.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-05 20:09:05 +01:00
7dc481c996
Merge pull request 'web-proxy: common nginx.conf' ( #9 ) from nginxconf into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #9
2023-02-05 20:03:18 +01:00
12ce134559
web-proxy: common nginx.conf
...
ci/lysergic/push/pipeline Pipeline was successful
Import default nginx.conf contents from our custom packaged file into
Salt.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-05 19:59:04 +01:00
e3e4caaabe
web-proxy: IPv6 listener brackets
...
ci/lysergic/push/pipeline Pipeline was successful
Add logic to wrap IPv6 listening addresses in brackets, to prevent nginx
from failing to start.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-05 19:19:27 +01:00
119e97805d
Increase LC repository priority
...
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-05 18:47:17 +01:00
77fa39e59c
Merge pull request 'deriweb01: import nginx configuration' ( #8 ) from import-deriweb01 into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #8
2023-02-05 18:43:20 +01:00
5e02090bc6
web-proxy: add firewall configuration
...
ci/lysergic/push/pipeline Pipeline was successful
Allow internal http and https to pass on web proxies.
To-do: logic for web proxies directly attached to the internet.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-05 14:29:25 +01:00
785986d2ac
Enable syntax highlighting
...
ci/lysergic/push/pipeline Pipeline was successful
Initially for .sls and .jinja/.j2 files - we can add others later on if
needed.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-05 12:07:13 +01:00
1b619358a8
deriweb01: import nginx configuration
...
ci/lysergic/push/pipeline Pipeline was successful
Transfer local/manual nginx configuration structure into pillar.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-05 11:56:27 +01:00