|
cfc0a45440
|
Update security todos and reference node IP for consul queries
|
2022-09-06 14:46:49 -07:00 |
|
|
a57b1ddee5
|
Move redis data to ephemeral disk
|
2022-09-06 11:31:15 -07:00 |
|
|
0e5181fcf0
|
Move prometheus tsdb data to emphemeral disk
|
2022-09-06 11:15:14 -07:00 |
|
|
fa5f9e28e6
|
Move acme certs to /local so they will persit between allocs
|
2022-09-06 09:45:04 -07:00 |
|
|
722b63260c
|
Add splay to blocky template render
Avoid all instances going down at once when the template canges
|
2022-09-05 12:57:13 -07:00 |
|
|
67df912755
|
Fix syslog proxy
Apparently traefik only supports http proxy over connect.
https://github.com/traefik/traefik/issues/7803
|
2022-09-04 20:21:02 -07:00 |
|
|
d62c96fe34
|
Use nomad as sole metrics exporter
Drops cadvisor and node_exporter since Nomad seems to export what I need.
|
2022-09-04 14:32:24 -07:00 |
|
|
d5cbe7174e
|
Remove default volume read_only
It was always setting to true
|
2022-09-04 14:27:28 -07:00 |
|
|
c2c3d1abc7
|
Update nfs volumes to try and fix permissions
|
2022-09-04 14:27:27 -07:00 |
|
|
8ce4e3ff14
|
Try to use default netowrk source for proxing syslogng
|
2022-09-04 14:27:27 -07:00 |
|
|
a36f411c1b
|
Add Traefik proxy for Syslogng
|
2022-09-04 14:27:07 -07:00 |
|
|
444782a0a6
|
Use default arch maps where possible
|
2022-08-30 16:15:12 -07:00 |
|
|
92a60cbe3b
|
Update services template to support env and host volumes
Also adds sonarr as an example
|
2022-08-30 15:16:08 -07:00 |
|
|
9c07141dd1
|
Use nomad token to look up policies
|
2022-08-30 15:15:29 -07:00 |
|
|
1c57d9f7f6
|
Have nomad talk to vault over loopback
|
2022-08-30 15:15:10 -07:00 |
|
|
0ef488b06a
|
Add new nfs volumes
|
2022-08-30 15:14:55 -07:00 |
|
|
6fe1d472d0
|
Multiarch install tweaks for arm64
|
2022-08-30 15:14:39 -07:00 |
|
|
c073f78ed2
|
Fix unsealing of single vault instance
Checking status of only one node meant that if that node was sealed
we would not try to unseal other nodes
|
2022-08-30 15:14:00 -07:00 |
|
|
5214d8275a
|
Enable consul autopilot
|
2022-08-30 15:12:52 -07:00 |
|
|
89598ffb7c
|
Update nomad, consul, vault versions
|
2022-08-30 15:12:35 -07:00 |
|
|
89e14dbf56
|
Use newer cadvisor
|
2022-08-30 15:11:52 -07:00 |
|
|
2a54b5454d
|
Use updated ansible-nomad role
Has better support for multi-arch installs and fixes cni
|
2022-08-30 15:10:16 -07:00 |
|
|
520986d30c
|
Add pi4 host
|
2022-08-30 15:09:48 -07:00 |
|
|
9aad3d1594
|
Rename nomad anon policy file
|
2022-08-23 10:31:29 -07:00 |
|
|
39107538e9
|
WIP: Allow specifying https endpoints and fetching nomad token
|
2022-08-23 09:57:57 -07:00 |
|
|
1c38aa212e
|
Add mysql database storage to Grafana
|
2022-07-29 13:02:22 -07:00 |
|
|
0d61ebc877
|
Add Nomad dashboard to grafana
|
2022-07-29 13:01:59 -07:00 |
|
|
846ea18a16
|
Don't deploy Nextcloud
|
2022-07-29 13:01:40 -07:00 |
|
|
6d31c4e6d6
|
Stop duplicate nomad scraping
Already getting it from Client service
|
2022-07-29 13:01:22 -07:00 |
|
|
9d57175584
|
Increase promtail memory
|
2022-07-28 16:37:19 -07:00 |
|
|
3c0c74797d
|
Make traefik a service rather than a system job
Sets it up to support auto_revert and auto_promote
|
2022-07-28 15:11:59 -07:00 |
|
|
4b6c388ed9
|
Traefik wildcard certs
|
2022-07-28 15:11:24 -07:00 |
|
|
6ccc5a6bcf
|
Remove variable for consul_address for traefik
Now getting from Noamd environment
|
2022-07-28 15:10:39 -07:00 |
|
|
48d5704b72
|
Make lldap backup daily
|
2022-07-28 15:05:00 -07:00 |
|
|
62f59b3929
|
conditional dns lookups for router assigned domains
|
2022-07-27 22:04:46 -07:00 |
|
|
c074df4bc7
|
Working backup and restore
|
2022-07-27 22:04:22 -07:00 |
|
|
d175166045
|
Make traefik disk ephemeral and sticky
|
2022-07-27 17:30:35 -07:00 |
|
|
c8493b1fc5
|
Bump Traefik mem limit
We don't like this crashing
|
2022-07-27 17:26:13 -07:00 |
|
|
a3f59145bd
|
Skip dump of lldap db
|
2022-07-27 17:25:41 -07:00 |
|
|
9a315eb2f7
|
Add lldap backup and templatize backup job
Now oneoff and system jobs are all using the same template
|
2022-07-27 17:02:29 -07:00 |
|
|
6e074c55aa
|
Increase prometheus memory limit
|
2022-07-27 16:11:56 -07:00 |
|
|
ecaee6f8be
|
Add lldap
|
2022-07-27 15:57:28 -07:00 |
|
|
4213b322c1
|
Remove set hostname because that's now done in bootstrap
|
2022-07-27 15:57:12 -07:00 |
|
|
1dd131ba9a
|
Extend ttl for nomad tokens
|
2022-07-27 15:56:40 -07:00 |
|
|
bc040b4668
|
Add ddclient
|
2022-07-27 14:45:08 -07:00 |
|
|
9664802fb6
|
Clean up services template whitespace
|
2022-07-27 14:41:42 -07:00 |
|
|
547cd96e4c
|
Add vault stanza to levant services
|
2022-07-27 14:41:13 -07:00 |
|
|
e39fbc41a7
|
Add further todos for Nomad Vault
|
2022-07-27 13:40:21 -07:00 |
|
|
25ec582eaf
|
Update Nomad and Vault ACLs
Now nomad is read only and tokens can be retrieved from Vault
|
2022-07-27 13:13:11 -07:00 |
|
|
92a30e6709
|
Reduce memory for blocky sidecar
|
2022-07-27 11:22:02 -07:00 |
|