5b88413604
Add consul bootstrap and move vault to an example
2022-07-21 20:16:10 -07:00
5165045ee9
Fix consul address in levant
2022-07-21 20:11:21 -07:00
5583b2d38e
Deploy Nomad, Consul, and Vault using apt repo
2022-07-21 19:04:44 -07:00
f460f890da
Use vault for backups jobs
2022-07-21 19:03:40 -07:00
29946a4df6
Major grafana refactor to include automatic loading of provisioning files
2022-07-21 15:54:05 -07:00
bde0b84d70
Go back to a single ingress node to simplify Traefik TLS
...
The open source version of Traefik doesn't natively support HA. Running
multiple instances means that the TLS certificates will have to be
managed outside of Traefik and distributed to running jobs via Vault and
Nomad. This is doable, but I've decided to reduce the scope for now to
simplify things and go to a single Ingress node so that Traefik cert
management can be used.
2022-07-21 15:50:13 -07:00
52c7e3d326
More nextcloud config using Vault
2022-07-08 16:26:26 -07:00
726b634092
Create levant tf module
...
Also a template service Nomad job that can be used for some straighforward services
2022-07-08 16:24:03 -07:00
54f98e740f
Ignore ansible_collections
2022-06-28 12:11:55 -07:00
b9736aba83
Add example secrets
2022-06-28 12:11:24 -07:00
50dafc6b3e
Fix secrets access from nomad tasks
...
Probably can be cleaned up and updated to follow least access
2022-06-28 12:11:07 -07:00
723b5fab78
Improve vault bootstrap and nomad connection
2022-06-28 12:10:18 -07:00
1dad4d22a1
Bootstrap vault secrets
2022-06-28 12:09:57 -07:00
ff4e473a89
Small improvement to consul kv role
2022-06-28 12:08:23 -07:00
8434c22fd2
Add missing role requirements file
...
This uses updated fork of ansible-consul
2022-06-23 20:13:17 -07:00
46ee046f6c
Deploy traefik one at a time with autorevert
2022-06-23 20:12:30 -07:00
609944df8e
Install consul dns forwarding
2022-06-23 20:12:09 -07:00
ab58652932
Install consul from repo
2022-06-23 20:11:48 -07:00
b8b74e900b
Make blocky config a bit more stable by removing templating based on whami
2022-06-23 20:11:28 -07:00
7760d3387e
Fix blocky upstream tcp for quad9
2022-06-23 20:11:09 -07:00
0ea91e7ffc
Auto revert broken blocky
...
Also enable traefik
2022-06-23 20:10:36 -07:00
eb129be95e
Add Consul lookup for ads dns allowlist
2022-06-23 13:36:06 -07:00
2f28748579
Add some more upstream dns options
...
Should pick one later
2022-06-23 13:34:08 -07:00
710e901ab6
Increase priority of Traefik
2022-06-23 09:51:42 -07:00
67631eb1a0
Update Nomad
2022-06-23 09:51:21 -07:00
dfa95ee454
Generate blocky host mapping from Consul kv
2022-06-23 09:51:09 -07:00
ca6e766a40
Update blocky one instance at a time
...
Avoids dns going down with all instances updating at once
2022-06-23 09:50:23 -07:00
d022fe9bc4
Deploy backup jobs to all hosts and dynamically determine jobs per node
2022-06-23 09:49:57 -07:00
325a27a4ec
Remove csi deployment
2022-06-23 09:49:03 -07:00
37c4ab4c25
Move databases to a single module
2022-06-23 09:48:01 -07:00
37c6fd4735
Make traefik a system service
...
For this to work, will need to put TLS certs in Vault
2022-06-17 15:20:43 -07:00
b6a9c80748
Add base hostname to consul in Playbook
2022-06-17 15:19:43 -07:00
2f65105592
WIP: Add democratic-csi storage plugin
2022-06-17 15:19:19 -07:00
18dbc89b2a
Make nextcloud backup a non-sidecar task
...
Avoids restarting whole group when if it fails
2022-06-17 15:16:45 -07:00
3cf69503ea
Remove some unecessary traefik configs from tasks
2022-06-17 15:15:37 -07:00
1f111bcd04
Make order of host configs match playbook order
2022-06-17 15:14:55 -07:00
e518288308
Use new host name in terraform consul address
2022-05-24 20:11:57 -07:00
40e3562195
Use new token variable name after bootstrap
2022-05-24 20:11:41 -07:00
f544a54631
Add autopilot
2022-05-24 20:11:18 -07:00
e57fcfcfdb
Add docker install
2022-05-24 20:11:07 -07:00
423c8f23c5
Auto initialize vault
2022-05-24 20:10:47 -07:00
2f95257325
Wait until mysql is deployed before continuing
...
Otherwise dependent jobs will fail and take up time restarting
2022-05-24 20:10:26 -07:00
c09af9936a
Remove unused playbook
2022-05-24 20:09:45 -07:00
321d60dc1f
Switch to a 3 node cluster for better resiliance
2022-05-24 20:09:22 -07:00
a07f37ff1b
Fix venv detection for ansible cluster target
...
This fixes the installation of the consul python library
2022-05-24 20:07:52 -07:00
faef7f3734
Make redis optional for blocky to help with resliliance to a single host failing
2022-05-19 16:54:16 -07:00
8a606cbe05
Dynamically add dns routes to traefik instances to blocky
2022-05-19 16:53:56 -07:00
d39c82762e
Add dedicated backup module and jobs
...
Possible alternative to backups deployed with each job
2022-05-18 14:23:46 -07:00
a3d9c40f46
Fix prom scraping
2022-05-18 14:22:52 -07:00
18c5b006e8
Add smarttv block list to default on blocky
2022-05-18 14:22:35 -07:00