Commit Graph

201 Commits

Author SHA1 Message Date
39107538e9 WIP: Allow specifying https endpoints and fetching nomad token 2022-08-23 09:57:57 -07:00
1c38aa212e Add mysql database storage to Grafana 2022-07-29 13:02:22 -07:00
0d61ebc877 Add Nomad dashboard to grafana 2022-07-29 13:01:59 -07:00
846ea18a16 Don't deploy Nextcloud 2022-07-29 13:01:40 -07:00
6d31c4e6d6 Stop duplicate nomad scraping
Already getting it from Client service
2022-07-29 13:01:22 -07:00
9d57175584 Increase promtail memory 2022-07-28 16:37:19 -07:00
3c0c74797d Make traefik a service rather than a system job
Sets it up to support auto_revert and auto_promote
2022-07-28 15:11:59 -07:00
4b6c388ed9 Traefik wildcard certs 2022-07-28 15:11:24 -07:00
6ccc5a6bcf Remove variable for consul_address for traefik
Now getting from Noamd environment
2022-07-28 15:10:39 -07:00
48d5704b72 Make lldap backup daily 2022-07-28 15:05:00 -07:00
62f59b3929 conditional dns lookups for router assigned domains 2022-07-27 22:04:46 -07:00
c074df4bc7 Working backup and restore 2022-07-27 22:04:22 -07:00
d175166045 Make traefik disk ephemeral and sticky 2022-07-27 17:30:35 -07:00
c8493b1fc5 Bump Traefik mem limit
We don't like this crashing
2022-07-27 17:26:13 -07:00
a3f59145bd Skip dump of lldap db 2022-07-27 17:25:41 -07:00
9a315eb2f7 Add lldap backup and templatize backup job
Now oneoff and system jobs are all using the same template
2022-07-27 17:02:29 -07:00
6e074c55aa Increase prometheus memory limit 2022-07-27 16:11:56 -07:00
ecaee6f8be Add lldap 2022-07-27 15:57:28 -07:00
4213b322c1 Remove set hostname because that's now done in bootstrap 2022-07-27 15:57:12 -07:00
1dd131ba9a Extend ttl for nomad tokens 2022-07-27 15:56:40 -07:00
bc040b4668 Add ddclient 2022-07-27 14:45:08 -07:00
9664802fb6 Clean up services template whitespace 2022-07-27 14:41:42 -07:00
547cd96e4c Add vault stanza to levant services 2022-07-27 14:41:13 -07:00
e39fbc41a7 Add further todos for Nomad Vault 2022-07-27 13:40:21 -07:00
25ec582eaf Update Nomad and Vault ACLs
Now nomad is read only and tokens can be retrieved from Vault
2022-07-27 13:13:11 -07:00
92a30e6709 Reduce memory for blocky sidecar 2022-07-27 11:22:02 -07:00
fb934f3b2f Hide blocky API from non-traefik route 2022-07-27 11:21:11 -07:00
fe11b03a43 Get letsencrypt certs working with Traefik 2022-07-27 11:12:08 -07:00
85fccea867 Fix consul value bootstrap and hide secrets in log 2022-07-27 11:11:03 -07:00
d70dce8ab5 Add basic auth to traefik 2022-07-26 21:48:16 -07:00
963a863e2d Make anonymous nomad read only 2022-07-26 20:20:43 -07:00
3033c581f3 Add userpass login to Vault 2022-07-26 20:09:52 -07:00
b4bb0f866e Make metrics more readable 2022-07-25 21:45:01 -07:00
4508993068 Reduce task memory 2022-07-25 16:37:51 -07:00
4ea7947b1a Fix mysql 2022-07-25 16:29:43 -07:00
465c2d9c29 WIP: Update oneoff backups 2022-07-25 16:29:35 -07:00
ee45e92534 Fix consul backup 2022-07-25 16:29:06 -07:00
3ec1d008e8 Move traefik connect intents to core 2022-07-25 15:54:23 -07:00
04bdef01b8 Allow bypass of healthcheck 2022-07-25 15:52:47 -07:00
157005ae7b Get mysql root from vault 2022-07-25 15:52:47 -07:00
4a06f31f49 Tweak memory requirements for tasks 2022-07-25 15:52:47 -07:00
9d4cd68648 Add test consul backup 2022-07-25 15:52:47 -07:00
18807de608 Clean up Grafana and Loki bootstraps 2022-07-25 15:52:47 -07:00
de82205147 Remove packer stuff 2022-07-25 15:49:07 -07:00
96263d1e99 Update lockfile 2022-07-25 15:40:54 -07:00
9bb8b39fed Add new playbook and make target for bootstrapping values to Consul and Vault 2022-07-25 15:40:22 -07:00
888b1236f1 Update playbook, move acls and comment for fixes
There are some items that I found are broken on first run and made some changes
2022-07-25 11:48:03 -07:00
a0aba7f2f0 Make acls module stand alone 2022-07-25 11:48:03 -07:00
fed875f852 Shorten pip installs 2022-07-25 11:48:03 -07:00
068da0d539 Add vault kv creation 2022-07-25 11:14:51 -07:00