Commit Graph

531 Commits

Author SHA1 Message Date
b9736aba83 Add example secrets 2022-06-28 12:11:24 -07:00
50dafc6b3e Fix secrets access from nomad tasks
Probably can be cleaned up and updated to follow least access
2022-06-28 12:11:07 -07:00
723b5fab78 Improve vault bootstrap and nomad connection 2022-06-28 12:10:18 -07:00
1dad4d22a1 Bootstrap vault secrets 2022-06-28 12:09:57 -07:00
ff4e473a89 Small improvement to consul kv role 2022-06-28 12:08:23 -07:00
8434c22fd2 Add missing role requirements file
This uses updated fork of ansible-consul
2022-06-23 20:13:17 -07:00
46ee046f6c Deploy traefik one at a time with autorevert 2022-06-23 20:12:30 -07:00
609944df8e Install consul dns forwarding 2022-06-23 20:12:09 -07:00
ab58652932 Install consul from repo 2022-06-23 20:11:48 -07:00
b8b74e900b Make blocky config a bit more stable by removing templating based on whami 2022-06-23 20:11:28 -07:00
7760d3387e Fix blocky upstream tcp for quad9 2022-06-23 20:11:09 -07:00
0ea91e7ffc Auto revert broken blocky
Also enable traefik
2022-06-23 20:10:36 -07:00
eb129be95e Add Consul lookup for ads dns allowlist 2022-06-23 13:36:06 -07:00
2f28748579 Add some more upstream dns options
Should pick one later
2022-06-23 13:34:08 -07:00
710e901ab6 Increase priority of Traefik 2022-06-23 09:51:42 -07:00
67631eb1a0 Update Nomad 2022-06-23 09:51:21 -07:00
dfa95ee454 Generate blocky host mapping from Consul kv 2022-06-23 09:51:09 -07:00
ca6e766a40 Update blocky one instance at a time
Avoids dns going down with all instances updating at once
2022-06-23 09:50:23 -07:00
d022fe9bc4 Deploy backup jobs to all hosts and dynamically determine jobs per node 2022-06-23 09:49:57 -07:00
325a27a4ec Remove csi deployment 2022-06-23 09:49:03 -07:00
37c4ab4c25 Move databases to a single module 2022-06-23 09:48:01 -07:00
37c6fd4735 Make traefik a system service
For this to work, will need to put TLS certs in Vault
2022-06-17 15:20:43 -07:00
b6a9c80748 Add base hostname to consul in Playbook 2022-06-17 15:19:43 -07:00
2f65105592 WIP: Add democratic-csi storage plugin 2022-06-17 15:19:19 -07:00
18dbc89b2a Make nextcloud backup a non-sidecar task
Avoids restarting whole group when if it fails
2022-06-17 15:16:45 -07:00
3cf69503ea Remove some unecessary traefik configs from tasks 2022-06-17 15:15:37 -07:00
1f111bcd04 Make order of host configs match playbook order 2022-06-17 15:14:55 -07:00
e518288308 Use new host name in terraform consul address 2022-05-24 20:11:57 -07:00
40e3562195 Use new token variable name after bootstrap 2022-05-24 20:11:41 -07:00
f544a54631 Add autopilot 2022-05-24 20:11:18 -07:00
e57fcfcfdb Add docker install 2022-05-24 20:11:07 -07:00
423c8f23c5 Auto initialize vault 2022-05-24 20:10:47 -07:00
2f95257325 Wait until mysql is deployed before continuing
Otherwise dependent jobs will fail and take up time restarting
2022-05-24 20:10:26 -07:00
c09af9936a Remove unused playbook 2022-05-24 20:09:45 -07:00
321d60dc1f Switch to a 3 node cluster for better resiliance 2022-05-24 20:09:22 -07:00
a07f37ff1b Fix venv detection for ansible cluster target
This fixes the installation of the consul python library
2022-05-24 20:07:52 -07:00
faef7f3734 Make redis optional for blocky to help with resliliance to a single host failing 2022-05-19 16:54:16 -07:00
8a606cbe05 Dynamically add dns routes to traefik instances to blocky 2022-05-19 16:53:56 -07:00
d39c82762e Add dedicated backup module and jobs
Possible alternative to backups deployed with each job
2022-05-18 14:23:46 -07:00
a3d9c40f46 Fix prom scraping 2022-05-18 14:22:52 -07:00
18c5b006e8 Add smarttv block list to default on blocky 2022-05-18 14:22:35 -07:00
e71c534fcf Default nomad cluster to ansible 2022-05-18 14:22:21 -07:00
9a360c91b2 nomad: Run block on all hosts 2022-05-18 11:29:00 -07:00
b6145a54a0 WIP: Vault db 2022-05-12 19:27:52 -07:00
07ff8e57b8 Bind mysql to loopback 2022-05-09 21:45:08 -07:00
7d587d59a1 Add prom ports to nextcloud backup 2022-05-09 21:44:26 -07:00
fc583abace Use consul http port in traefik 2022-04-15 12:25:15 -07:00
aeb662d799 Build traefik static config better when services aren't found 2022-04-15 12:13:00 -07:00
456485aa5e no log for some more sensitive info 2022-04-15 12:12:28 -07:00
126cd6743f WIP nomad vault db integration 2022-04-15 12:12:15 -07:00