Commit Graph

486 Commits

Author SHA1 Message Date
0a7ad7a9dc Enable redis for authelia
This also splits redis instances by service
2023-07-07 15:50:23 -07:00
b0c1aca497 Increase token time for Nomad OIDC 2023-07-07 15:47:08 -07:00
60a4051988 Enable Authelia OIDC for Nomad 2023-07-07 00:41:44 -07:00
0ceb513216 Switch Grafana to OIDC from proxy auth 2023-07-07 00:40:19 -07:00
9d5aeeec96 Enable Authelia OIDC provider 2023-07-07 00:39:44 -07:00
6dbe0f7f45 Add nomad ACLs and roles for use in oidc auth 2023-07-07 00:30:02 -07:00
eae5b201b6 Add two factor for external IPs 2023-07-06 21:25:31 -07:00
532d7f9a4c Use Authelia for Grafana login 2023-07-06 18:00:06 -07:00
88e91e5e5d Deploy authelia
Backed by lldap and mysql and deployed on whoami for now as a forward
proxy example

Would be good to add oidc for Nomad as well as make policies configurable
via Nomad variables.
2023-07-06 18:00:06 -07:00
a90b3bbdbe Make it easier to enable bootstrap now that key isn't included 2023-07-06 17:25:13 -07:00
cdbd6a9cb3 Add ability to set priority for service templates 2023-07-06 17:25:13 -07:00
2a1a7fb6b7 Clean mysql stunnel config 2023-07-06 17:25:13 -07:00
8650ab973a Add stunnel for ldap as part of service template 2023-07-06 17:25:13 -07:00
acc80868f9 Switch lldap storage to mysql 2023-07-05 17:30:54 -07:00
f606e0a17e Remove blocky client groups because fallback server masks them 2023-07-05 15:45:55 -07:00
44467d1075 Add playbook to restart wesher and nomad 2023-06-20 09:45:01 -07:00
8b0495c6c8 Take mysql off wesher network 2023-06-20 09:44:21 -07:00
2df43584cf Grafana config reloading: Use explicit path and echo
Was running into some issues with this not running. Using an explicit
path seems to help, so I'll try it for now. Also added some echo statements
to make it easier to discern when run.
2023-06-20 09:44:04 -07:00
2c128b25f3 Add additional blocking for wemo 2023-06-20 09:42:33 -07:00
1df5545835 Promtail: use local task dir rather than bind mount 2023-05-12 10:11:30 -07:00
d4cb91d58d Rename metrics job to exporters 2023-05-12 10:11:11 -07:00
48322d9a78 Document what the nomad stalker is for 2023-05-12 10:10:31 -07:00
73e9977d41 Use variable secrets location for mysql 2023-05-09 15:57:09 -07:00
5dc0e4bcaf Use pushgateway with restic scheduler batches
Batches can't run due to incorrectly scoped variables
2023-05-09 15:56:53 -07:00
5169aecc6d Add pushgateway to prometheus 2023-05-09 15:56:20 -07:00
69c8322d50 Better error handling in nomad variable bootstrap 2023-05-09 13:21:00 -07:00
f11fad30a5 Use stunnel for mysql
Doesn't remove wesher or normal mysql service
2023-05-09 13:20:36 -07:00
a5efe0c21b Fix variable bootstrap address 2023-05-09 13:13:28 -07:00
30766cce39 Bump up sonarr memory 2023-05-09 11:40:31 -07:00
33ec66346b Make target to stop Nomad cluster 2023-05-09 11:39:27 -07:00
8d63c50ffb Add Postgres database to cluster 2023-05-03 14:16:47 -07:00
cf0a415179 Revert "Upgrade cni to 1.1.2"
This reverts commit bbc8ba5c6b.
2023-05-02 21:29:27 -07:00
27fd60d84d Add missing service to Wesher
Promtail, Backups, service module
2023-05-02 21:14:36 -07:00
0a84fd04bc Automatically re-provision grafana when data source addresses change 2023-05-02 21:13:59 -07:00
1c14430c99 Preliminary hw transcode support for Photoprism on pi4 2023-04-20 16:48:04 -07:00
f75d149f32 Add constraints and docker devices to service template 2023-04-20 16:47:07 -07:00
bbc8ba5c6b Upgrade cni to 1.1.2 2023-04-20 16:46:35 -07:00
973388e109 Add hw_transcode meta to nodes 2023-04-20 16:43:57 -07:00
42054d8fa6 More whoami instances 2023-04-14 14:24:33 -07:00
4122d92f78 Make sure adminer is using nomad service discovery 2023-04-14 14:24:17 -07:00
fb25b52e7a Restrict permissions to wesher config 2023-04-14 14:23:58 -07:00
fb6a899a26 Ignore nomad variables file 2023-04-14 13:54:43 -07:00
8cbc9145c0 Minor nomad upgrade 2023-04-14 13:41:40 -07:00
7d8bc45090 Move blocky custom mappings above catchall 2023-04-04 13:12:34 -07:00
87d97ac891 Fix redis server psks 2023-03-28 17:28:46 -07:00
485bc22e78 Add TODO for using nomad api socket 2023-03-27 15:50:15 -07:00
28564b6130 Bind nzbget to static port
This allows it to be referenced in sonarr by nzbget.nomad:6789
2023-03-27 15:23:55 -07:00
c38ba8589a Clean blocky config for latest version 2023-03-27 15:21:35 -07:00
c7f85bd985 Fix blocky redis stunnel lookup 2023-03-27 15:21:19 -07:00
f17dec7b57 Add nomad services to nomad zone using hosts in blocky 2023-03-27 15:20:50 -07:00