IamTheFij
24c04f4217
Make vault load balancer sticky
...
Assets like css and js were not proxying correctly. I think it may be
because they were proxying to a different instance and that the paths
are dynamic. This should route subsequent requests for the session to
a single backend.
2022-09-06 17:17:14 -07:00
IamTheFij
8aed3a877e
Add homeassistant external
2022-09-06 17:15:43 -07:00
IamTheFij
47f8b18b46
add nomad login
2022-09-06 14:47:06 -07:00
IamTheFij
cfc0a45440
Update security todos and reference node IP for consul queries
2022-09-06 14:46:49 -07:00
IamTheFij
a57b1ddee5
Move redis data to ephemeral disk
2022-09-06 11:31:15 -07:00
IamTheFij
0e5181fcf0
Move prometheus tsdb data to emphemeral disk
2022-09-06 11:15:14 -07:00
IamTheFij
fa5f9e28e6
Move acme certs to /local so they will persit between allocs
2022-09-06 09:45:04 -07:00
IamTheFij
722b63260c
Add splay to blocky template render
...
Avoid all instances going down at once when the template canges
2022-09-05 12:57:13 -07:00
IamTheFij
67df912755
Fix syslog proxy
...
Apparently traefik only supports http proxy over connect.
https://github.com/traefik/traefik/issues/7803
2022-09-04 20:21:02 -07:00
IamTheFij
d62c96fe34
Use nomad as sole metrics exporter
...
Drops cadvisor and node_exporter since Nomad seems to export what I need.
2022-09-04 14:32:24 -07:00
IamTheFij
d5cbe7174e
Remove default volume read_only
...
It was always setting to true
2022-09-04 14:27:28 -07:00
IamTheFij
c2c3d1abc7
Update nfs volumes to try and fix permissions
2022-09-04 14:27:27 -07:00
IamTheFij
8ce4e3ff14
Try to use default netowrk source for proxing syslogng
2022-09-04 14:27:27 -07:00
IamTheFij
a36f411c1b
Add Traefik proxy for Syslogng
2022-09-04 14:27:07 -07:00
IamTheFij
444782a0a6
Use default arch maps where possible
2022-08-30 16:15:12 -07:00
IamTheFij
92a60cbe3b
Update services template to support env and host volumes
...
Also adds sonarr as an example
2022-08-30 15:16:08 -07:00
IamTheFij
9c07141dd1
Use nomad token to look up policies
2022-08-30 15:15:29 -07:00
IamTheFij
1c57d9f7f6
Have nomad talk to vault over loopback
2022-08-30 15:15:10 -07:00
IamTheFij
0ef488b06a
Add new nfs volumes
2022-08-30 15:14:55 -07:00
IamTheFij
6fe1d472d0
Multiarch install tweaks for arm64
2022-08-30 15:14:39 -07:00
IamTheFij
c073f78ed2
Fix unsealing of single vault instance
...
Checking status of only one node meant that if that node was sealed
we would not try to unseal other nodes
2022-08-30 15:14:00 -07:00
IamTheFij
5214d8275a
Enable consul autopilot
2022-08-30 15:12:52 -07:00
IamTheFij
89598ffb7c
Update nomad, consul, vault versions
2022-08-30 15:12:35 -07:00
IamTheFij
89e14dbf56
Use newer cadvisor
2022-08-30 15:11:52 -07:00
IamTheFij
2a54b5454d
Use updated ansible-nomad role
...
Has better support for multi-arch installs and fixes cni
2022-08-30 15:10:16 -07:00
IamTheFij
520986d30c
Add pi4 host
2022-08-30 15:09:48 -07:00
IamTheFij
9aad3d1594
Rename nomad anon policy file
2022-08-23 10:31:29 -07:00
IamTheFij
39107538e9
WIP: Allow specifying https endpoints and fetching nomad token
2022-08-23 09:57:57 -07:00
IamTheFij
1c38aa212e
Add mysql database storage to Grafana
2022-07-29 13:02:22 -07:00
IamTheFij
0d61ebc877
Add Nomad dashboard to grafana
2022-07-29 13:01:59 -07:00
IamTheFij
846ea18a16
Don't deploy Nextcloud
2022-07-29 13:01:40 -07:00
IamTheFij
6d31c4e6d6
Stop duplicate nomad scraping
...
Already getting it from Client service
2022-07-29 13:01:22 -07:00
IamTheFij
9d57175584
Increase promtail memory
2022-07-28 16:37:19 -07:00
IamTheFij
3c0c74797d
Make traefik a service rather than a system job
...
Sets it up to support auto_revert and auto_promote
2022-07-28 15:11:59 -07:00
IamTheFij
4b6c388ed9
Traefik wildcard certs
2022-07-28 15:11:24 -07:00
IamTheFij
6ccc5a6bcf
Remove variable for consul_address for traefik
...
Now getting from Noamd environment
2022-07-28 15:10:39 -07:00
IamTheFij
48d5704b72
Make lldap backup daily
2022-07-28 15:05:00 -07:00
IamTheFij
62f59b3929
conditional dns lookups for router assigned domains
2022-07-27 22:04:46 -07:00
IamTheFij
c074df4bc7
Working backup and restore
2022-07-27 22:04:22 -07:00
IamTheFij
d175166045
Make traefik disk ephemeral and sticky
2022-07-27 17:30:35 -07:00
IamTheFij
c8493b1fc5
Bump Traefik mem limit
...
We don't like this crashing
2022-07-27 17:26:13 -07:00
IamTheFij
a3f59145bd
Skip dump of lldap db
2022-07-27 17:25:41 -07:00
IamTheFij
9a315eb2f7
Add lldap backup and templatize backup job
...
Now oneoff and system jobs are all using the same template
2022-07-27 17:02:29 -07:00
IamTheFij
6e074c55aa
Increase prometheus memory limit
2022-07-27 16:11:56 -07:00
IamTheFij
ecaee6f8be
Add lldap
2022-07-27 15:57:28 -07:00
IamTheFij
4213b322c1
Remove set hostname because that's now done in bootstrap
2022-07-27 15:57:12 -07:00
IamTheFij
1dd131ba9a
Extend ttl for nomad tokens
2022-07-27 15:56:40 -07:00
IamTheFij
bc040b4668
Add ddclient
2022-07-27 14:45:08 -07:00
IamTheFij
9664802fb6
Clean up services template whitespace
2022-07-27 14:41:42 -07:00
IamTheFij
547cd96e4c
Add vault stanza to levant services
2022-07-27 14:41:13 -07:00