Commit Graph

312 Commits

Author SHA1 Message Date
4df811c834 Merge pull request 'denc-webcluster: include proxy in agola' (#85) from fix/nginx/sslproxy into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #85
2023-07-31 21:29:10 +02:00
32a0f8d653
denc-webcluster: include proxy in agola
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-31 21:25:28 +02:00
0df71b4331 Merge pull request 'Repair boolean' (#84) from fix/nginx/boolean into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #84
Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-07-31 21:15:42 +02:00
13d5e44baa
Repair boolean
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Follow up to b6e9f75352, forgot to quote
the string causing it to still be converted to a boolean.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-31 21:10:35 +02:00
beec7cde28 Merge pull request 'denc-webcluster: exclude 949110' (#83) from fix/bookstack/400 into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #83
2023-07-31 20:49:31 +02:00
fb981646e5
denc-webcluster: exclude 949110
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
ModSecurity rule blocked Bookstack from saving some pages while editing.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-31 20:44:52 +02:00
5d4350aed3 Merge pull request 'Repair boolean' (#82) from ci into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #82
2023-07-21 17:08:41 +02:00
b6e9f75352
Repair boolean
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
```
nginx: [emerg] invalid value "True" in "proxy_ssl_verify" directive, it
must be "on" or "off" in /etc/nginx/vhosts.d/agola.conf:14
```

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-21 17:04:49 +02:00
40b7913d32 Merge pull request 'Add reverse proxy for Agola' (#81) from ci into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #81
2023-07-21 16:37:16 +02:00
24d6de3a5d
Add reverse proxy for Agola
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
New service behind ci.lysergic.dev / ci.git.com.de.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-21 16:27:50 +02:00
8b735d45e2 Merge pull request 'Initialize OpenBSD support' (#80) from OpenBSD into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #80
Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-07-16 20:13:41 +02:00
e03e939bf9 Merge pull request 'Optimize minion' (#79) from minion-optimization into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #79
Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-07-16 20:12:36 +02:00
4778c43503
Initialize OpenBSD support
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
No states assigned yet.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-16 20:10:26 +02:00
dc3cbea053
Optimize minion
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Cache jobs for later reference, disable unused hardware grains.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-16 20:04:26 +02:00
c7e590843f Merge pull request 'Add http(s) to thetrip public zone' (#78) from thetrip-firewall into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #78
Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-07-01 22:25:51 +02:00
29ceb78cde
Add http(s) to thetrip public zone
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Forgotten in fffbaf4698.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-01 22:21:39 +02:00
fffbaf4698 Merge pull request 'Manage firewall on thetrip' (#77) from thetrip-firewall into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #77
Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-07-01 22:15:30 +02:00
8519dfec68
Manage firewall on thetrip
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-01 22:12:14 +02:00
b73c0805cd Merge pull request 'Manage firewall on derutil01' (#76) from derutil01-fw into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #76
Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-06-28 22:17:07 +02:00
080002e642
Manage firewall on derutil01
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Configuration should be imported already.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-06-28 22:10:58 +02:00
1bd2f39312 Merge pull request 'Change redis to redis7' (#75) from salt-redis7 into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #75
Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-06-28 22:00:16 +02:00
58c100acc1
Change redis to redis7
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Leap 15.5 renamed the package, "redis" will try to install Redis 6 and
cause a conflict.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-06-28 21:56:54 +02:00
47a364290c Merge pull request 'Remove backslashes in string' (#74) from fix-matterb-mediapath into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #74
Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-06-28 19:53:24 +02:00
b36dc960c8 Merge branch 'production' into fix-matterb-mediapath
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
2023-06-28 19:45:43 +02:00
ddf1c03dbb
remove backslash
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-06-28 23:10:34 +05:30
f4f7f93583 Merge pull request 'Update mediapath for matterbridge' (#73) from fix-matterb-mediapath into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #73
Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-06-27 20:27:16 +02:00
7145ae4481
update mediapath for matterbridge
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-06-27 23:47:53 +05:30
937b3c99b7 Merge pull request 'Add chillnet matterbridge uploads' (#72) from upload-matterbridge-chillnet into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #72
Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-06-24 22:27:51 +02:00
667646a295 Add chillnet matterbridge uploads
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-06-25 01:46:13 +05:30
36c70f4016 Merge pull request 'Rename Chillnet staff channel' (#71) from matter_remap into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #71
Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-03 20:51:09 +02:00
97045b5f12 Used /RENAME for #fightclub
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
2023-05-03 19:38:05 +02:00
ffbd2dc4c3 Merge pull request 'Init psyched.dev' (#70) from psyched into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #70
2023-05-02 21:07:25 +02:00
c1fcf5f3b1
Init psyched.dev
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Add pillar IDs for theia/orpheus/selene to disable sshd
management on them (machines use custom configurations
for historic reasons, and we like to preserve history).

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 21:00:45 +02:00
ac0a2b6587 Merge pull request 'Init dencpod01.lysergic.dev' (#68) from dencpod01 into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #68
2023-05-02 20:51:55 +02:00
b6b129c41f
Init dencpod01.lysergic.dev
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Blank machine.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 20:40:09 +02:00
774706211e Merge pull request 'Move backup_mode to minion dict' (#67) from file-backup into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #67
2023-05-02 20:28:34 +02:00
2ce85f172e
Move backup_mode to minion dict
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Is a minion specific option.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 20:25:33 +02:00
ffe1e60baf Merge pull request 'Enable minion file backup' (#66) from file-backup into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #66
2023-05-02 20:19:46 +02:00
c4532b4686
Enable minion file backup
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
https://docs.saltproject.io/en/latest/ref/states/backup_mode.html

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 20:13:24 +02:00
3143bfd96d Merge pull request 'Import moni firewall configuration' (#65) from moni into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #65
2023-05-02 20:06:31 +02:00
d89138e2a7
Import moni firewall configuration
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Some ports not yet covered by a role.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 20:02:21 +02:00
05d86ce689 Merge pull request 'Init phoebe.lysergic.dev' (#64) from phoebe into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #64
2023-05-02 19:52:06 +02:00
55acb1dea4
Init phoebe.lysergic.dev
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Blank machine.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 19:48:22 +02:00
9f176609a5 Merge pull request 'Add manage_sshd conditional' (#63) from sshd-optional into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #63
2023-05-02 19:39:20 +02:00
409016ea75
Disable manage_sshd for philia
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Machine uses a custom sshd configuration for $reasons.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 19:32:36 +02:00
8776b16be1
Add manage_sshd conditional
Allow sshd configuration to be skipped on "special" machines using
an optional "manage_sshd: False" pillar option.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 19:30:33 +02:00
6763d1b64e Merge pull request 'No longer remove libX11' (#62) from libX11 into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #62
2023-05-02 00:16:20 +02:00
d4d7d41ca7
No longer remove libX11
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Multiple packages need it as a dependency, maintaining an exclusion list
is not feasible.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 00:11:45 +02:00
16827d7318 Merge pull request 'Add users conditional for sss' (#61) from skip-users-if-sss into production
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #61
2023-05-01 23:15:45 +02:00
51e33815df
Add users conditional for sss
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Skip failing local users management on machines using sssd.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-01 22:25:28 +02:00