912ad58ff0
Clean up comments in setup cluster playbook
2022-09-07 11:09:33 -07:00
d742234a36
Explicitly set envoy version
...
The default v1.23.0 does not work on arm64
2022-09-07 11:06:26 -07:00
ad22ce6e2a
Update vault and nomad versions
2022-09-07 11:05:54 -07:00
141b53b809
Add playbook to unseal Vault
2022-09-07 11:05:27 -07:00
cc8e6faf36
Make vault load balancer sticky
...
Assets like css and js were not proxying correctly. I think it may be
because they were proxying to a different instance and that the paths
are dynamic. This should route subsequent requests for the session to
a single backend.
2022-09-06 17:17:14 -07:00
c8b9063b3e
Add homeassistant external
2022-09-06 17:15:43 -07:00
f44e62fd1c
add nomad login
2022-09-06 14:47:06 -07:00
478f9c4c8f
Update security todos and reference node IP for consul queries
2022-09-06 14:46:49 -07:00
ab1c9b41cd
Move redis data to ephemeral disk
2022-09-06 11:31:15 -07:00
712fd3958d
Move prometheus tsdb data to emphemeral disk
2022-09-06 11:15:14 -07:00
7296494141
Move acme certs to /local so they will persit between allocs
2022-09-06 09:45:04 -07:00
8e827ef4ad
Add splay to blocky template render
...
Avoid all instances going down at once when the template canges
2022-09-05 12:57:13 -07:00
1be855e571
Fix syslog proxy
...
Apparently traefik only supports http proxy over connect.
https://github.com/traefik/traefik/issues/7803
2022-09-04 20:21:02 -07:00
34a5ce8141
Use nomad as sole metrics exporter
...
Drops cadvisor and node_exporter since Nomad seems to export what I need.
2022-09-04 14:32:24 -07:00
bc4657463e
Remove default volume read_only
...
It was always setting to true
2022-09-04 14:27:28 -07:00
aaae5d087e
Update nfs volumes to try and fix permissions
2022-09-04 14:27:27 -07:00
5c3b60329d
Try to use default netowrk source for proxing syslogng
2022-09-04 14:27:27 -07:00
9fe5393a40
Add Traefik proxy for Syslogng
2022-09-04 14:27:07 -07:00
7f4995817b
Use default arch maps where possible
2022-08-30 16:15:12 -07:00
3bab881118
Update services template to support env and host volumes
...
Also adds sonarr as an example
2022-08-30 15:16:08 -07:00
9ce1350b5f
Use nomad token to look up policies
2022-08-30 15:15:29 -07:00
226eb6cb05
Have nomad talk to vault over loopback
2022-08-30 15:15:10 -07:00
3d3cc25951
Add new nfs volumes
2022-08-30 15:14:55 -07:00
0ea02c2034
Multiarch install tweaks for arm64
2022-08-30 15:14:39 -07:00
0ad777c76f
Fix unsealing of single vault instance
...
Checking status of only one node meant that if that node was sealed
we would not try to unseal other nodes
2022-08-30 15:14:00 -07:00
929501b72c
Enable consul autopilot
2022-08-30 15:12:52 -07:00
429854897f
Update nomad, consul, vault versions
2022-08-30 15:12:35 -07:00
551df5f0c5
Use newer cadvisor
2022-08-30 15:11:52 -07:00
f73a4b13ec
Use updated ansible-nomad role
...
Has better support for multi-arch installs and fixes cni
2022-08-30 15:10:16 -07:00
f9a9a37f6d
Add pi4 host
2022-08-30 15:09:48 -07:00
e96a7501dd
Rename nomad anon policy file
2022-08-23 10:31:29 -07:00
c62a0118a5
WIP: Allow specifying https endpoints and fetching nomad token
2022-08-23 09:57:57 -07:00
599dd02bdc
Add mysql database storage to Grafana
2022-07-29 13:02:22 -07:00
afa6984001
Add Nomad dashboard to grafana
2022-07-29 13:01:59 -07:00
eb0b16abbe
Don't deploy Nextcloud
2022-07-29 13:01:40 -07:00
c0afa52edc
Stop duplicate nomad scraping
...
Already getting it from Client service
2022-07-29 13:01:22 -07:00
0e0ff7bbac
Increase promtail memory
2022-07-28 16:37:19 -07:00
994c2f4743
Make traefik a service rather than a system job
...
Sets it up to support auto_revert and auto_promote
2022-07-28 15:11:59 -07:00
795b683046
Traefik wildcard certs
2022-07-28 15:11:24 -07:00
8af70181f3
Remove variable for consul_address for traefik
...
Now getting from Noamd environment
2022-07-28 15:10:39 -07:00
e3633f9961
Make lldap backup daily
2022-07-28 15:05:00 -07:00
c5538bb623
conditional dns lookups for router assigned domains
2022-07-27 22:04:46 -07:00
b9ef67b925
Working backup and restore
2022-07-27 22:04:22 -07:00
a5fd1942de
Make traefik disk ephemeral and sticky
2022-07-27 17:30:35 -07:00
c0f64c9c8a
Bump Traefik mem limit
...
We don't like this crashing
2022-07-27 17:26:13 -07:00
7d27dbb7f9
Skip dump of lldap db
2022-07-27 17:25:41 -07:00
73d193d0a5
Add lldap backup and templatize backup job
...
Now oneoff and system jobs are all using the same template
2022-07-27 17:02:29 -07:00
0c6f82e93b
Increase prometheus memory limit
2022-07-27 16:11:56 -07:00
6c732800e6
Add lldap
2022-07-27 15:57:28 -07:00
eaa81ddc8a
Remove set hostname because that's now done in bootstrap
2022-07-27 15:57:12 -07:00