Commit Graph

345 Commits

Author SHA1 Message Date
c62a0118a5 WIP: Allow specifying https endpoints and fetching nomad token 2022-08-23 09:57:57 -07:00
599dd02bdc Add mysql database storage to Grafana 2022-07-29 13:02:22 -07:00
afa6984001 Add Nomad dashboard to grafana 2022-07-29 13:01:59 -07:00
eb0b16abbe Don't deploy Nextcloud 2022-07-29 13:01:40 -07:00
c0afa52edc Stop duplicate nomad scraping
Already getting it from Client service
2022-07-29 13:01:22 -07:00
0e0ff7bbac Increase promtail memory 2022-07-28 16:37:19 -07:00
994c2f4743 Make traefik a service rather than a system job
Sets it up to support auto_revert and auto_promote
2022-07-28 15:11:59 -07:00
795b683046 Traefik wildcard certs 2022-07-28 15:11:24 -07:00
8af70181f3 Remove variable for consul_address for traefik
Now getting from Noamd environment
2022-07-28 15:10:39 -07:00
e3633f9961 Make lldap backup daily 2022-07-28 15:05:00 -07:00
c5538bb623 conditional dns lookups for router assigned domains 2022-07-27 22:04:46 -07:00
b9ef67b925 Working backup and restore 2022-07-27 22:04:22 -07:00
a5fd1942de Make traefik disk ephemeral and sticky 2022-07-27 17:30:35 -07:00
c0f64c9c8a Bump Traefik mem limit
We don't like this crashing
2022-07-27 17:26:13 -07:00
7d27dbb7f9 Skip dump of lldap db 2022-07-27 17:25:41 -07:00
73d193d0a5 Add lldap backup and templatize backup job
Now oneoff and system jobs are all using the same template
2022-07-27 17:02:29 -07:00
0c6f82e93b Increase prometheus memory limit 2022-07-27 16:11:56 -07:00
6c732800e6 Add lldap 2022-07-27 15:57:28 -07:00
eaa81ddc8a Remove set hostname because that's now done in bootstrap 2022-07-27 15:57:12 -07:00
c111427052 Extend ttl for nomad tokens 2022-07-27 15:56:40 -07:00
5e1d1de521 Add ddclient 2022-07-27 14:45:08 -07:00
b996e745ec Clean up services template whitespace 2022-07-27 14:41:42 -07:00
09f11dcd85 Add vault stanza to levant services 2022-07-27 14:41:13 -07:00
c17a3c950a Add further todos for Nomad Vault 2022-07-27 13:40:21 -07:00
64a9302276 Update Nomad and Vault ACLs
Now nomad is read only and tokens can be retrieved from Vault
2022-07-27 13:13:11 -07:00
5e4ca8efda Reduce memory for blocky sidecar 2022-07-27 11:22:02 -07:00
f762cb55f8 Hide blocky API from non-traefik route 2022-07-27 11:21:11 -07:00
a8e5be2162 Get letsencrypt certs working with Traefik 2022-07-27 11:12:08 -07:00
5e1b679cbb Fix consul value bootstrap and hide secrets in log 2022-07-27 11:11:03 -07:00
594609db64 Add basic auth to traefik 2022-07-26 21:48:16 -07:00
7554509671 Make anonymous nomad read only 2022-07-26 20:20:43 -07:00
c21ed2fa3f Add userpass login to Vault 2022-07-26 20:09:52 -07:00
7356b8d407 Make metrics more readable 2022-07-25 21:45:01 -07:00
2625f6dcb1 Reduce task memory 2022-07-25 16:37:51 -07:00
aa6db53047 Fix mysql 2022-07-25 16:29:43 -07:00
56b7ea8a9c WIP: Update oneoff backups 2022-07-25 16:29:35 -07:00
7acca6d160 Fix consul backup 2022-07-25 16:29:06 -07:00
dcfe43f63d Move traefik connect intents to core 2022-07-25 15:54:23 -07:00
caa84a5340 Allow bypass of healthcheck 2022-07-25 15:52:47 -07:00
a8fe9bfff8 Get mysql root from vault 2022-07-25 15:52:47 -07:00
b300c220b6 Tweak memory requirements for tasks 2022-07-25 15:52:47 -07:00
459481e8f7 Add test consul backup 2022-07-25 15:52:47 -07:00
11e89de947 Clean up Grafana and Loki bootstraps 2022-07-25 15:52:47 -07:00
349f7b930b Remove packer stuff 2022-07-25 15:49:07 -07:00
2ed2056766 Update lockfile 2022-07-25 15:40:54 -07:00
1142c0f53f Add new playbook and make target for bootstrapping values to Consul and Vault 2022-07-25 15:40:22 -07:00
3a9ae20a6b Update playbook, move acls and comment for fixes
There are some items that I found are broken on first run and made some changes
2022-07-25 11:48:03 -07:00
b86c57d75d Make acls module stand alone 2022-07-25 11:48:03 -07:00
d5a0ec6828 Shorten pip installs 2022-07-25 11:48:03 -07:00
18f7cebfc2 Add vault kv creation 2022-07-25 11:14:51 -07:00