iamthefij
/
orchestration-tests
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
184 Commits 11 Branches 0 Tags 2 MiB
Commit Graph

184 Commits

Author SHA1 Message Date
IamTheFij 04c76bd5f8 Get ddclient working again 
It was failing due to oom and using cloudflare api tokens which aren't yet supported
 2022-09-07 12:20:58 -07:00
IamTheFij 50bdb61575 Wait until Nomad is running before bootstrapping ACLs 2022-09-07 11:11:10 -07:00
IamTheFij bd1280b970 Clean up comments in setup cluster playbook 2022-09-07 11:09:33 -07:00
IamTheFij ecbd9626e8 Explicitly set envoy version 
The default v1.23.0 does not work on arm64
 2022-09-07 11:06:26 -07:00
IamTheFij a9bbc3705a Update vault and nomad versions 2022-09-07 11:05:54 -07:00
IamTheFij c8d77e553d Add playbook to unseal Vault 2022-09-07 11:05:27 -07:00
IamTheFij 24c04f4217 Make vault load balancer sticky 
Assets like css and js were not proxying correctly. I think it may be
because they were proxying to a different instance and that the paths
are dynamic. This should route subsequent requests for the session to
a single backend.
 2022-09-06 17:17:14 -07:00
IamTheFij 8aed3a877e Add homeassistant external 2022-09-06 17:15:43 -07:00
IamTheFij 47f8b18b46 add nomad login 2022-09-06 14:47:06 -07:00
IamTheFij cfc0a45440 Update security todos and reference node IP for consul queries 2022-09-06 14:46:49 -07:00
IamTheFij a57b1ddee5 Move redis data to ephemeral disk 2022-09-06 11:31:15 -07:00
IamTheFij 0e5181fcf0 Move prometheus tsdb data to emphemeral disk 2022-09-06 11:15:14 -07:00
IamTheFij fa5f9e28e6 Move acme certs to /local so they will persit between allocs 2022-09-06 09:45:04 -07:00
IamTheFij 722b63260c Add splay to blocky template render 
Avoid all instances going down at once when the template canges
 2022-09-05 12:57:13 -07:00
IamTheFij 67df912755 Fix syslog proxy 
Apparently traefik only supports http proxy over connect.

https://github.com/traefik/traefik/issues/7803
 2022-09-04 20:21:02 -07:00
IamTheFij d62c96fe34 Use nomad as sole metrics exporter 
Drops cadvisor and node_exporter since Nomad seems to export what I need.
 2022-09-04 14:32:24 -07:00
IamTheFij d5cbe7174e Remove default volume read_only 
It was always setting to true
 2022-09-04 14:27:28 -07:00
IamTheFij c2c3d1abc7 Update nfs volumes to try and fix permissions 2022-09-04 14:27:27 -07:00
IamTheFij 8ce4e3ff14 Try to use default netowrk source for proxing syslogng 2022-09-04 14:27:27 -07:00
IamTheFij a36f411c1b Add Traefik proxy for Syslogng 2022-09-04 14:27:07 -07:00
IamTheFij 444782a0a6 Use default arch maps where possible 2022-08-30 16:15:12 -07:00
IamTheFij 92a60cbe3b Update services template to support env and host volumes 
Also adds sonarr as an example
 2022-08-30 15:16:08 -07:00
IamTheFij 9c07141dd1 Use nomad token to look up policies 2022-08-30 15:15:29 -07:00
IamTheFij 1c57d9f7f6 Have nomad talk to vault over loopback 2022-08-30 15:15:10 -07:00
IamTheFij 0ef488b06a Add new nfs volumes 2022-08-30 15:14:55 -07:00
IamTheFij 6fe1d472d0 Multiarch install tweaks for arm64 2022-08-30 15:14:39 -07:00
IamTheFij c073f78ed2 Fix unsealing of single vault instance 
Checking status of only one node meant that if that node was sealed
we would not try to unseal other nodes
 2022-08-30 15:14:00 -07:00
IamTheFij 5214d8275a Enable consul autopilot 2022-08-30 15:12:52 -07:00
IamTheFij 89598ffb7c Update nomad, consul, vault versions 2022-08-30 15:12:35 -07:00
IamTheFij 89e14dbf56 Use newer cadvisor 2022-08-30 15:11:52 -07:00
IamTheFij 2a54b5454d Use updated ansible-nomad role 
Has better support for multi-arch installs and fixes cni
 2022-08-30 15:10:16 -07:00
IamTheFij 520986d30c Add pi4 host 2022-08-30 15:09:48 -07:00
IamTheFij 9aad3d1594 Rename nomad anon policy file 2022-08-23 10:31:29 -07:00
IamTheFij 39107538e9 WIP: Allow specifying https endpoints and fetching nomad token 2022-08-23 09:57:57 -07:00
IamTheFij 1c38aa212e Add mysql database storage to Grafana 2022-07-29 13:02:22 -07:00
IamTheFij 0d61ebc877 Add Nomad dashboard to grafana 2022-07-29 13:01:59 -07:00
IamTheFij 846ea18a16 Don't deploy Nextcloud 2022-07-29 13:01:40 -07:00
IamTheFij 6d31c4e6d6 Stop duplicate nomad scraping 
Already getting it from Client service
 2022-07-29 13:01:22 -07:00
IamTheFij 9d57175584 Increase promtail memory 2022-07-28 16:37:19 -07:00
IamTheFij 3c0c74797d Make traefik a service rather than a system job 
Sets it up to support auto_revert and auto_promote
 2022-07-28 15:11:59 -07:00
IamTheFij 4b6c388ed9 Traefik wildcard certs 2022-07-28 15:11:24 -07:00
IamTheFij 6ccc5a6bcf Remove variable for consul_address for traefik 
Now getting from Noamd environment
 2022-07-28 15:10:39 -07:00
IamTheFij 48d5704b72 Make lldap backup daily 2022-07-28 15:05:00 -07:00
IamTheFij 62f59b3929 conditional dns lookups for router assigned domains 2022-07-27 22:04:46 -07:00
IamTheFij c074df4bc7 Working backup and restore 2022-07-27 22:04:22 -07:00
IamTheFij d175166045 Make traefik disk ephemeral and sticky 2022-07-27 17:30:35 -07:00
IamTheFij c8493b1fc5 Bump Traefik mem limit 
We don't like this crashing
 2022-07-27 17:26:13 -07:00
IamTheFij a3f59145bd Skip dump of lldap db 2022-07-27 17:25:41 -07:00
IamTheFij 9a315eb2f7 Add lldap backup and templatize backup job 
Now oneoff and system jobs are all using the same template
 2022-07-27 17:02:29 -07:00
IamTheFij 6e074c55aa Increase prometheus memory limit 2022-07-27 16:11:56 -07:00