4df811c834
Merge pull request 'denc-webcluster: include proxy in agola' ( #85 ) from fix/nginx/sslproxy into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #85
2023-07-31 21:29:10 +02:00
32a0f8d653
denc-webcluster: include proxy in agola
...
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-31 21:25:28 +02:00
0df71b4331
Merge pull request 'Repair boolean' ( #84 ) from fix/nginx/boolean into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #84
Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-07-31 21:15:42 +02:00
13d5e44baa
Repair boolean
...
ci/lysergic/push/pipeline Pipeline was successful
Follow up to b6e9f75352
, forgot to quote
the string causing it to still be converted to a boolean.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-31 21:10:35 +02:00
beec7cde28
Merge pull request 'denc-webcluster: exclude 949110' ( #83 ) from fix/bookstack/400 into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #83
2023-07-31 20:49:31 +02:00
fb981646e5
denc-webcluster: exclude 949110
...
ci/lysergic/push/pipeline Pipeline was successful
ModSecurity rule blocked Bookstack from saving some pages while editing.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-31 20:44:52 +02:00
5d4350aed3
Merge pull request 'Repair boolean' ( #82 ) from ci into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #82
2023-07-21 17:08:41 +02:00
b6e9f75352
Repair boolean
...
ci/lysergic/push/pipeline Pipeline was successful
```
nginx: [emerg] invalid value "True" in "proxy_ssl_verify" directive, it
must be "on" or "off" in /etc/nginx/vhosts.d/agola.conf:14
```
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-21 17:04:49 +02:00
40b7913d32
Merge pull request 'Add reverse proxy for Agola' ( #81 ) from ci into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #81
2023-07-21 16:37:16 +02:00
24d6de3a5d
Add reverse proxy for Agola
...
ci/lysergic/push/pipeline Pipeline was successful
New service behind ci.lysergic.dev / ci.git.com.de.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-21 16:27:50 +02:00
8b735d45e2
Merge pull request 'Initialize OpenBSD support' ( #80 ) from OpenBSD into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #80
Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-07-16 20:13:41 +02:00
e03e939bf9
Merge pull request 'Optimize minion' ( #79 ) from minion-optimization into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #79
Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-07-16 20:12:36 +02:00
4778c43503
Initialize OpenBSD support
...
ci/lysergic/push/pipeline Pipeline was successful
No states assigned yet.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-16 20:10:26 +02:00
dc3cbea053
Optimize minion
...
ci/lysergic/push/pipeline Pipeline was successful
Cache jobs for later reference, disable unused hardware grains.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-16 20:04:26 +02:00
c7e590843f
Merge pull request 'Add http(s) to thetrip public zone' ( #78 ) from thetrip-firewall into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #78
Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-07-01 22:25:51 +02:00
29ceb78cde
Add http(s) to thetrip public zone
...
ci/lysergic/push/pipeline Pipeline was successful
Forgotten in fffbaf4698
.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-01 22:21:39 +02:00
fffbaf4698
Merge pull request 'Manage firewall on thetrip' ( #77 ) from thetrip-firewall into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #77
Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-07-01 22:15:30 +02:00
8519dfec68
Manage firewall on thetrip
...
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-07-01 22:12:14 +02:00
b73c0805cd
Merge pull request 'Manage firewall on derutil01' ( #76 ) from derutil01-fw into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #76
Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-06-28 22:17:07 +02:00
080002e642
Manage firewall on derutil01
...
ci/lysergic/push/pipeline Pipeline was successful
Configuration should be imported already.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-06-28 22:10:58 +02:00
1bd2f39312
Merge pull request 'Change redis to redis7' ( #75 ) from salt-redis7 into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #75
Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-06-28 22:00:16 +02:00
58c100acc1
Change redis to redis7
...
ci/lysergic/push/pipeline Pipeline was successful
Leap 15.5 renamed the package, "redis" will try to install Redis 6 and
cause a conflict.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-06-28 21:56:54 +02:00
47a364290c
Merge pull request 'Remove backslashes in string' ( #74 ) from fix-matterb-mediapath into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #74
Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-06-28 19:53:24 +02:00
b36dc960c8
Merge branch 'production' into fix-matterb-mediapath
ci/lysergic/push/pipeline Pipeline was successful
2023-06-28 19:45:43 +02:00
ddf1c03dbb
remove backslash
...
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-06-28 23:10:34 +05:30
f4f7f93583
Merge pull request 'Update mediapath for matterbridge' ( #73 ) from fix-matterb-mediapath into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #73
Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-06-27 20:27:16 +02:00
7145ae4481
update mediapath for matterbridge
...
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-06-27 23:47:53 +05:30
937b3c99b7
Merge pull request 'Add chillnet matterbridge uploads' ( #72 ) from upload-matterbridge-chillnet into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #72
Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-06-24 22:27:51 +02:00
667646a295
Add chillnet matterbridge uploads
...
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-06-25 01:46:13 +05:30
36c70f4016
Merge pull request 'Rename Chillnet staff channel' ( #71 ) from matter_remap into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #71
Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-03 20:51:09 +02:00
97045b5f12
Used /RENAME for #fightclub
ci/lysergic/push/pipeline Pipeline was successful
2023-05-03 19:38:05 +02:00
ffbd2dc4c3
Merge pull request 'Init psyched.dev' ( #70 ) from psyched into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #70
2023-05-02 21:07:25 +02:00
c1fcf5f3b1
Init psyched.dev
...
ci/lysergic/push/pipeline Pipeline was successful
Add pillar IDs for theia/orpheus/selene to disable sshd
management on them (machines use custom configurations
for historic reasons, and we like to preserve history).
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 21:00:45 +02:00
ac0a2b6587
Merge pull request 'Init dencpod01.lysergic.dev' ( #68 ) from dencpod01 into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #68
2023-05-02 20:51:55 +02:00
b6b129c41f
Init dencpod01.lysergic.dev
...
ci/lysergic/push/pipeline Pipeline was successful
Blank machine.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 20:40:09 +02:00
774706211e
Merge pull request 'Move backup_mode to minion dict' ( #67 ) from file-backup into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #67
2023-05-02 20:28:34 +02:00
2ce85f172e
Move backup_mode to minion dict
...
ci/lysergic/push/pipeline Pipeline was successful
Is a minion specific option.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 20:25:33 +02:00
ffe1e60baf
Merge pull request 'Enable minion file backup' ( #66 ) from file-backup into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #66
2023-05-02 20:19:46 +02:00
c4532b4686
Enable minion file backup
...
ci/lysergic/push/pipeline Pipeline was successful
https://docs.saltproject.io/en/latest/ref/states/backup_mode.html
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 20:13:24 +02:00
3143bfd96d
Merge pull request 'Import moni firewall configuration' ( #65 ) from moni into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #65
2023-05-02 20:06:31 +02:00
d89138e2a7
Import moni firewall configuration
...
ci/lysergic/push/pipeline Pipeline was successful
Some ports not yet covered by a role.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 20:02:21 +02:00
05d86ce689
Merge pull request 'Init phoebe.lysergic.dev' ( #64 ) from phoebe into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #64
2023-05-02 19:52:06 +02:00
55acb1dea4
Init phoebe.lysergic.dev
...
ci/lysergic/push/pipeline Pipeline was successful
Blank machine.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 19:48:22 +02:00
9f176609a5
Merge pull request 'Add manage_sshd conditional' ( #63 ) from sshd-optional into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #63
2023-05-02 19:39:20 +02:00
409016ea75
Disable manage_sshd for philia
...
ci/lysergic/push/pipeline Pipeline was successful
Machine uses a custom sshd configuration for $reasons.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 19:32:36 +02:00
8776b16be1
Add manage_sshd conditional
...
Allow sshd configuration to be skipped on "special" machines using
an optional "manage_sshd: False" pillar option.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 19:30:33 +02:00
6763d1b64e
Merge pull request 'No longer remove libX11' ( #62 ) from libX11 into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #62
2023-05-02 00:16:20 +02:00
d4d7d41ca7
No longer remove libX11
...
ci/lysergic/push/pipeline Pipeline was successful
Multiple packages need it as a dependency, maintaining an exclusion list
is not feasible.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-02 00:11:45 +02:00
16827d7318
Merge pull request 'Add users conditional for sss' ( #61 ) from skip-users-if-sss into production
...
ci/lysergic/push/pipeline Pipeline was successful
Reviewed-on: #61
2023-05-01 23:15:45 +02:00
51e33815df
Add users conditional for sss
...
ci/lysergic/push/pipeline Pipeline was successful
Skip failing local users management on machines using sssd.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-01 22:25:28 +02:00