Commit graph

275 commits

Author SHA1 Message Date
Sam A. a67d82ad88
Some improvements
- Always use the new port if the VM is already provisioned
- We're not using a multi-VM setup, so no need to define VM "datacoop"
- Increase minimum required Vagrant version
- Add static IP for hopefully implementing some sort of DNS in the
  future
- Hardcode registry domain to use the real registry in Vagrant
2022-11-18 23:35:20 +01:00
Sam A. d48e684647
Remove notify 2022-11-17 22:17:51 +01:00
Sam A. 6e383d6afa
Simplify SSH configuration
Now that the Vagrantfile supplies SSH port information to Ansible, we no
longer need to figure it out in Ansible. Also, since gather_facts (which
requires an SSH connection) is set to true in playbook.yml, one needs to
supply --extra-vars "ansible_port=22" on the commandline when
provisioning for the first time on real hardware, because the port is
hardcoded in the inventory file.
2022-11-17 22:15:26 +01:00
Víðir Valberg Guðmundsson 9a5d780f2b Keep ansible "clean" and do ssh port magic in Vagrantfile. 2022-11-17 08:53:45 +01:00
Sam A. 57ca1e9233
Create separate role for SSH and Vagrant
- Added a separate role that first configures SSH, and after that
  gathers the ansible_virtualization_role fact, due to gathering facts
  requiring an SSH connection
- Renamed ssl_certs_enabled to letsencrypt_enabled and moved that
  and the vagrant variable to the be supplied directly to the last two
  roles in playbook.yml
- Added tags base_only and setup_services to the new role
  ssh_and_vagrant so that it will always be run before anything else
  when using deploy.sh
2022-11-16 20:31:44 +01:00
Víðir Valberg Guðmundsson 253a21432e Add ssl_certs_enabled variable and use it to avoid ssl certs when running on vagrant 2022-11-15 22:06:53 +00:00
Sam A. a6cb0a8e65 Remove state: latest 2022-11-15 22:06:53 +00:00
Sam A. c676d69fc0 Naming changes 2022-11-15 22:06:53 +00:00
Sam A. c74cc4413a Simplify config and rename some files 2022-11-15 22:06:53 +00:00
Sam A. 50fa65d55e Don't use local config for Docker registry login
It doesn't work when deploying in Vagrant :(
2022-11-15 22:06:53 +00:00
Sam A. eeecfca7ef Vagrant: Use same Ubuntu version as in production 2022-11-15 22:06:53 +00:00
Sam A. 1744cf7585 Fix SSH port logic again 2022-11-15 22:06:53 +00:00
Sam A. b310e191f8 Some Vagrant fixes
Only install Dell OpenManage if not running in a VM, and fix SSH port
logic.
2022-11-15 22:06:53 +00:00
Sam A. b56690a33e Make Ansible setup testable in Vagrant
Added logic to change the sshd port if not already configured,
configued Vagrantfile to work properly and fixed a couple of deploy
errors.
2022-11-15 22:06:53 +00:00
Sam A. 52ead4fee5
Remove volume_root_folder from vars.yml
It is defined later in the docker role already.
2022-11-15 20:52:38 +01:00
Sam A. ba44677cf3
Avoid conflicts with built-in function name keys 2022-11-15 20:28:34 +01:00
Sam A. fc0c0c5036
Always update password and overwrite keys 2022-11-15 19:57:17 +01:00
valberg 5b2e2c0f60 Merge pull request 'Lock account 'graffen'' (#102) from lock-graffen into main
Reviewed-on: #102
2022-11-13 12:28:38 +00:00
Sam A. 42e1900715
Delete unused secrets 2022-11-12 23:06:45 +01:00
Reynir Björnsson 536441d24b Fix 2022.slides, and use git.data.coop repo
The ocaml-git fix has been released, and don't call the container
new-new.data.coop_website D:
2022-11-12 19:30:38 +01:00
Sam A. bf60417904
Fix FIDO2 authentication in Passit 2022-11-12 19:21:58 +01:00
Víðir Valberg Guðmundsson aecb929dbb Add a way to only run the base role. 2022-11-11 22:16:22 +01:00
valberg f905696264 Add admin user (#108)
Welcome aboard!
2022-11-11 18:05:10 +00:00
Sam A. d4f8fbcebe
Add Sam as admin user 2022-11-11 18:33:18 +01:00
Víðir Valberg Guðmundsson 0e7cc20bce Update portainer to use the ee version. 2022-11-10 21:15:42 +01:00
valberg 57f05d7d81 Merge pull request 'Security hardening: Don't expose unnecessary ports to the public' (#106) from samsapti/ansible:main into main
Reviewed-on: #106
2022-11-10 19:19:00 +00:00
Sam A. cc2fab6ad7
Ports and domain fixes 2022-11-10 19:32:39 +01:00
Víðir Valberg Guðmundsson a81862fd8b Small fixes for rallly. 2022-11-09 20:58:32 +01:00
Víðir Valberg Guðmundsson e85b119bfe Small fixes to get rallly working. 2022-11-09 20:41:41 +01:00
Víðir Valberg Guðmundsson dcb2e8be05 Upgrade mastodon to 3.5.3. 2022-11-09 20:29:31 +01:00
valberg f0ca964c5b Merge pull request 'Add Rallly' (#103) from samsapti/ansible:main into main
Reviewed-on: #103
2022-11-09 19:28:57 +00:00
Sam A. dc51b62872
Capitalization fix 2022-11-09 20:18:08 +01:00
Sam A. dd6b29bccd
Add secrets and env file for Rally 2022-11-09 20:18:07 +01:00
Sam A. f71d534afe
Add Rallly 2022-11-09 20:17:58 +01:00
Víðir Valberg Guðmundsson b043b95353 Point backup at decibytes server. 2022-11-08 20:45:03 +01:00
Reynir Björnsson 8f9196ce60 Lock account 'graffen'
:'(
2022-11-05 15:08:35 +01:00
Jesper Hess 74883a564d
Add handler to restart nginx container when adding nextcloud VHost config 2022-09-02 12:23:19 +02:00
Reynir Björnsson f0979ec654 nextcloud: Raise upload limit to 1GB 2022-08-31 20:10:42 +02:00
Víðir Valberg Guðmundsson 73adef15f9 Fixing watchtower and membersystem. 2022-08-09 19:47:40 +02:00
Víðir Valberg Guðmundsson 9f3a6c67ff Use latest tag for membersystem docker image. 2022-08-09 14:46:48 +02:00
Víðir Valberg Guðmundsson e68145bc5e Add membersystem to ansible. 2022-08-09 13:54:12 +02:00
Reynir Björnsson 326393aadb Add 2022 slides 2022-08-07 13:28:38 +02:00
Víðir Valberg Guðmundsson a6420830e4 Remove thelounge. 2022-07-23 15:48:49 +02:00
Víðir Valberg Guðmundsson e806ffc3ad Remove fider and tt-rss. 2022-07-23 15:46:30 +02:00
Víðir Valberg Guðmundsson 7b60ae1c28 Switch from ouroboros to watchtower. Close #82. 2022-07-23 15:42:51 +02:00
Víðir Valberg Guðmundsson 371237b9f8 Include mastodon in services list. Set letsencrypt_email to admin@data.coop. 2022-07-23 15:13:14 +02:00
reynir 09b05bf657 Add new-new.data.coop using unipi! (#99)
This exposes the contents of the git repository at https://git.data.coop/halfd/new-website using the MirageOS unikernel [unipi](https://github.com/roburio/unipi).

Co-authored-by: Reynir Björnsson <reynir@reynir.dk>
Reviewed-on: #99
2022-07-23 12:46:26 +00:00
Reynir Björnsson 442bb4ad58 Add apt preferences file for dell repo
Deny all packages from dell repo that exist elsewhere

Fixes #95
2022-07-22 20:41:34 +02:00
Jesper Hess a8287a712b Add restart policy to OpenLDAP containers 2022-07-22 18:02:41 +00:00
Jesper Hess ed9c742aed Bump Synapse version -> 1.63.1 and Element -> 1.11.0 2022-07-22 18:02:06 +00:00