|
|
cda2842f8f
|
Switch to image containing stunnel
Rather than installing on container startup, using an image with
stunnel pre-installed. This avoids issues with DNS breaking
the container on startup.
|
2024-01-03 13:50:49 -08:00 |
|
|
|
b29f405090
|
Bump prometheus versiosn and pin blocky
|
2023-09-18 21:58:43 -07:00 |
|
|
|
ea8ca478c6
|
Fix blocky acl
|
2023-08-29 12:59:14 -07:00 |
|
|
|
f5898b0283
|
Add workload ACL management for mysql and postgres access
Allows required jobs to access shared secrets and auto generates psks
for stunnel.
Currently supporting MySQL, Postgres, and LDAP.
|
2023-08-29 12:48:48 -07:00 |
|
|
|
d5078b24da
|
Refactor use of wesher to be behind a variable toggle
Occasionally I run into issues with Wesher. This makes it easier to
disable use of Wesher by setting TF_VAR_use_wesher to false.
|
2023-08-24 12:51:32 -07:00 |
|
|
|
f333031c25
|
bootstrap blocky with stunnel
|
2023-07-26 23:23:23 -07:00 |
|
|
|
0a7ad7a9dc
|
Enable redis for authelia
This also splits redis instances by service
|
2023-07-07 15:50:23 -07:00 |
|
|
|
f11fad30a5
|
Use stunnel for mysql
Doesn't remove wesher or normal mysql service
|
2023-05-09 13:20:36 -07:00 |
|
|
|
c7f85bd985
|
Fix blocky redis stunnel lookup
|
2023-03-27 15:21:19 -07:00 |
|
|
|
f17dec7b57
|
Add nomad services to nomad zone using hosts in blocky
|
2023-03-27 15:20:50 -07:00 |
|
|
|
a748adbab0
|
Store blocky config in local task dir
|
2023-03-27 15:19:53 -07:00 |
|
|
|
98ea2a1ca0
|
A whole lot of incremental fixes for nomad variables and such
Also adds stunnel between redis and clients
|
2023-03-24 16:32:37 -07:00 |
|
|
|
d8307935f5
|
Refactor everything for nomad vars
|
2023-03-24 11:24:36 -07:00 |
|
|
|
5fb0e0841e
|
Blocky do not create read only user to reduce password exposure
|
2023-03-24 09:56:56 -07:00 |
|
|
|
00697ebb02
|
Blocky use wgoverlay for api
|
2023-03-24 09:56:29 -07:00 |
|
|
|
65cb6afaf9
|
WIP: Moving vars and service discovery to Nomad
Starting with core
|
2023-03-24 08:55:23 -07:00 |
|
|
|
3a95fb46db
|
Add more conditional checks to Blocky so it is more resiliant
Hopefully this will allow it to deploy if mysql or vault are down
|
2023-02-27 11:54:33 -08:00 |
|
|
|
fd731971d3
|
Try to stabilize DNS
Add all cluster nodes to each nodes resolv.conf and update blocky config
template to delay render on update to avoid unnecessary restarts
|
2022-11-27 22:46:25 -08:00 |
|
|
|
2db266bda7
|
Update blocky upstream dns to bootstrap better (hopefully) and forward to consul
|
2022-11-15 10:26:26 -08:00 |
|
|
|
bb400a3f1c
|
Add blocky metrics to grafana
|
2022-11-11 16:21:17 -08:00 |
|
|
|
3077e66e70
|
Limit all existing services to websecure entrypoint
This will be a bigger issue if exposing a public entrypoint.
|
2022-11-10 13:37:50 -08:00 |
|
|
|
1fad6b691c
|
Update some metrics
|
2022-11-07 20:50:18 -08:00 |
|
|
|
45c597b040
|
Big refactor to split core and services for better ordering
|
2022-10-27 14:28:34 -07:00 |
|
