LibertaCasa/salt - salt - GitCom: Git with a cup of Com

Author	SHA1	Message	Date
Georg Pfuetzenreuter	b061265885	matterbridge: quote numbers All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Needed to make the TOML configuration format happy. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-12 02:30:56 +01:00
Georg Pfuetzenreuter	8fbfd38ec3	Merge pull request 'dericom02: quote matterbridge booleans' (#16 ) from matterbridge-booleans into production All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Reviewed-on: #16	2023-02-12 02:18:19 +01:00
Georg Pfuetzenreuter	12c47a346b	dericom02: quote matterbridge booleans All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details TOML configuration format needs lowercase boolean values. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-12 02:13:03 +01:00
Pratyush Desai	c9a157833b	Merge pull request 'Matterbridge media' (#15 ) from matterbridge-media into production All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Reviewed-on: #15	2023-02-12 00:55:49 +01:00
Georg Pfuetzenreuter	1aacd3f340	dericom02: manage matterbridge media All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details - move base media directory to variable - add lighttpd vhosts to pillar Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-12 00:51:59 +01:00
Georg Pfuetzenreuter	ab47eb5485	matterbridge: manage media directories Create media directories if defined in the pillar. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-12 00:51:26 +01:00
Pratyush Desai	e2560f0dd6	Merge pull request 'matterbridge: add role pillar' (#14 ) from matterbridge-pillar-fixup into production All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Reviewed-on: #14	2023-02-09 23:00:18 +01:00
Georg Pfuetzenreuter	77c50cf53f	matterbridge: add role pillar All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Empty for now, adding for future reference and because we enforce role pillars to exist. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-09 22:56:28 +01:00
Pratyush Desai	03a4aec0f3	Merge pull request 'Import Matterbridge configuration' (#10 ) from import-dericom02 into production All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Reviewed-on: #10	2023-02-09 21:02:02 +01:00
Pratyush Desai	dee3e035c2	Merge pull request 'Refactor Matterbridge profile' (#11 ) from matterbridge-refactor into production All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Reviewed-on: #11	2023-02-09 20:44:03 +01:00
Georg Pfuetzenreuter	f7893a980e	Merge pull request 'Add ha-node role + enable keepalived formula' (#13 ) from keepalived-formula into production All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Reviewed-on: #13	2023-02-08 22:55:45 +01:00
Georg Pfuetzenreuter	a8bbe056f1	Add ha-node role All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Add ha-node role for machines in a HA pair using keepalived. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-08 20:31:27 +01:00
Georg Pfuetzenreuter	2d06de94ca	Enable keepalived-formula Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-08 20:30:52 +01:00
Georg Pfuetzenreuter	650854fa27	Refactor matterbridge profile All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details - reduce pillar calls - no longer define possible configuration options, apply settings from pillar 1:1 Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-07 22:37:37 +01:00
Georg Pfuetzenreuter	07d325d777	dericom02: import Matterbridge configuration All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-07 22:29:02 +01:00
Georg Pfuetzenreuter	f678de8560	derimisc01: import Tor configuration All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-07 18:35:40 +01:00
Georg Pfuetzenreuter	a3ec351b70	Add onion-router role Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-07 18:21:32 +01:00
Georg Pfuetzenreuter	687473b919	Enable tor-formula All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-06 23:00:47 +01:00
Georg Pfuetzenreuter	70ca4fabc8	Set webirc backend to https All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Ergo rightfully does not accept plain text websocket connections. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-06 14:20:19 +01:00
Georg Pfuetzenreuter	82cad3b099	Include libertacasa for liberta.casa All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Fallout from `77fa39e59c` - libertacasa nginx snippet needs to be included in liberta.casa server for main website to operate on the clearnet. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-06 14:10:14 +01:00
Georg Pfuetzenreuter	df3eeede1d	Repair liberta.casa TLS include All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Accidentally mixed up the libertacasa with the libertacasa2 nginx TLS snippet. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-06 14:01:23 +01:00
Georg Pfuetzenreuter	92f01888af	web-proxy: include mime.types All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Always include mime.types on web-proxies. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-05 20:10:57 +01:00
Georg Pfuetzenreuter	e369c53a4c	web-proxy: common includes All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Always include files in conf.d and vhosts.d on web-proxies. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-05 20:09:05 +01:00
Georg Pfuetzenreuter	7dc481c996	Merge pull request 'web-proxy: common nginx.conf' (#9 ) from nginxconf into production All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Reviewed-on: #9	2023-02-05 20:03:18 +01:00
Georg Pfuetzenreuter	12ce134559	web-proxy: common nginx.conf All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Import default nginx.conf contents from our custom packaged file into Salt. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-05 19:59:04 +01:00
Georg Pfuetzenreuter	e3e4caaabe	web-proxy: IPv6 listener brackets All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Add logic to wrap IPv6 listening addresses in brackets, to prevent nginx from failing to start. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-05 19:19:27 +01:00
Georg Pfuetzenreuter	119e97805d	Increase LC repository priority All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-05 18:47:17 +01:00
Georg Pfuetzenreuter	77fa39e59c	Merge pull request 'deriweb01: import nginx configuration' (#8 ) from import-deriweb01 into production All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Reviewed-on: #8	2023-02-05 18:43:20 +01:00
Georg Pfuetzenreuter	5e02090bc6	web-proxy: add firewall configuration All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Allow internal http and https to pass on web proxies. To-do: logic for web proxies directly attached to the internet. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-05 14:29:25 +01:00
Georg Pfuetzenreuter	785986d2ac	Enable syntax highlighting All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Initially for .sls and .jinja/.j2 files - we can add others later on if needed. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-05 12:07:13 +01:00
Georg Pfuetzenreuter	1b619358a8	deriweb01: import nginx configuration All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Transfer local/manual nginx configuration structure into pillar. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-05 11:56:27 +01:00
Georg Pfuetzenreuter	98ea861c13	web-proxy: add common TLS configuration All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Add TLS configuration snippet shared between all web-proxies. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-05 10:05:20 +01:00
Georg Pfuetzenreuter	4581bd4a6a	Add nginx crtkeypair macro For use in nginx pillars. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-05 10:04:09 +01:00
Georg Pfuetzenreuter	3f2b8d2ee7	Add cluster pillar Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-05 09:36:23 +01:00
Georg Pfuetzenreuter	7ab3cb6c59	Refresh LC repository All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Configure repository to be refreshed automatically. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-05 01:01:56 +01:00
Georg Pfuetzenreuter	2e4d350c7f	Add web-proxy role - web-proxy role to configure nginx - pillar with common nginx configuration Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-04 11:47:09 +01:00
Georg Pfuetzenreuter	bb252c1d47	Set default saltenv All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-02-01 23:23:43 +01:00
Georg Pfuetzenreuter	ba6522ce5b	Refactor map/macro sourcing All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details - move pillar macros and map to base directory - move listener logic from macro to map - update includes respectively Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-30 05:43:53 +01:00
Georg Pfuetzenreuter	096bb24769	Enable nginx-formula Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-30 03:23:48 +01:00
Georg Pfuetzenreuter	1a03ecc9db	salt.master: add salt-keydiff package All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Useful to accept new minions. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-30 02:14:22 +01:00
Georg Pfuetzenreuter	83f698e18c	Manage Salt roleproxy All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Add role, profile and pillar for roleproxy. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-30 00:39:33 +01:00
Georg Pfuetzenreuter	81a37bf842	salt.minion: no longer manage grains Grains have only been managed to track roles, however those have since been moved to the Role API. Hence the managed /etc/salt/grains file can safely be removed from management. Existing installations will be cleaned up by me. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-29 23:33:40 +01:00
Georg Pfuetzenreuter	d2bc7b0785	Set firewalld short zone names All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details To match the SUSE defaults deployed by our AutoYaST configuration. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-29 17:50:37 +01:00
Georg Pfuetzenreuter	84c1d63776	Allow IPv6-only interfaces + fixup All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details - interfaces with no IPv4 address would cause a render failure - repair if-clause needed for interfaces with only IPv4 addresses Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-29 17:38:29 +01:00
Georg Pfuetzenreuter	824baf386b	Firewall interface mapping logic All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Detect which interfaces belong to which zones, and configure firewalld accordingly. Backend zone is currently only prepared and yet to be tested and enabled. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-29 17:27:58 +01:00
Georg Pfuetzenreuter	c8aa6c6157	Mine interfaces Needed for firewall interface-zone mapping logic. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-29 16:37:07 +01:00
Georg Pfuetzenreuter	7600e631d3	salt.master: extra quotes around API listener All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details State would print the colons unquoted into the file, causing the YAML to not parse. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-29 16:11:01 +01:00
Georg Pfuetzenreuter	45b53f8392	salt.master: add firewalld rules All checks were successful ci/lysergic/push/pipeline Pipeline was successful Details Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-29 15:50:11 +01:00
Georg Pfuetzenreuter	e395f7f0a3	Manage common firewalld rules Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-29 15:49:48 +01:00
Georg Pfuetzenreuter	e62080ae5b	Manage firewalld Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-29 15:30:37 +01:00

1 2 3

141 Commits