Christian Pointner [Sun, 8 Jul 2018 11:50:46 +0000 (13:50 +0200)]
Merge pull request #30 from realraum/global-network-config
ansible: global network config
nicoo [Sun, 8 Jul 2018 11:50:23 +0000 (13:50 +0200)]
doc/Network: Improve table
Christian Pointner [Sat, 7 Jul 2018 23:09:40 +0000 (01:09 +0200)]
add other vlans to network config
Christian Pointner [Sat, 7 Jul 2018 22:50:50 +0000 (00:50 +0200)]
updated vm install configs after redoing network ranges
Christian Pointner [Mon, 4 Jun 2018 22:45:23 +0000 (00:45 +0200)]
ansible: add global network config
Christian Pointner [Sat, 7 Jul 2018 22:08:27 +0000 (00:08 +0200)]
deploying new vlan setup is now done
nicoo [Sat, 7 Jul 2018 22:02:40 +0000 (00:02 +0200)]
doc: Use an en-dash in the wiki name
nicoo [Sat, 7 Jul 2018 22:00:07 +0000 (00:00 +0200)]
doc/Network: Minor edits
nicoo [Sat, 7 Jul 2018 20:49:27 +0000 (22:49 +0200)]
Travis: Install ImageMagick's Perl bindings
Christian Pointner [Sat, 7 Jul 2018 20:45:50 +0000 (22:45 +0200)]
Merge pull request #28 from realraum/doc-ci
Add Travis CI build for the documentation
nicoo [Sat, 7 Jul 2018 20:12:04 +0000 (22:12 +0200)]
Add Travis CI build for the documentation
nicoo [Sat, 7 Jul 2018 20:18:04 +0000 (22:18 +0200)]
doc/Network: Renumber the public VLAN
Christian Pointner [Sat, 7 Jul 2018 20:03:33 +0000 (22:03 +0200)]
Merge pull request #25 from realraum/vlans
Document the new network plan
nicoo [Sat, 7 Jul 2018 19:59:41 +0000 (21:59 +0200)]
doc/Network: Simplify table
nicoo [Sat, 7 Jul 2018 19:54:08 +0000 (21:54 +0200)]
doc/Network: Document Funkfeuer subnet for realraum
nicoo [Sat, 7 Jul 2018 19:48:11 +0000 (21:48 +0200)]
doc/Network: Clarify RFC1918 subnets
nicoo [Sat, 7 Jul 2018 19:27:25 +0000 (21:27 +0200)]
doc: Translate ASCII-art of symboles to proper representations
In particular, make -- produce an en-dash. See [Text::Typography].
[Text::Typography]: https://metacpan.org/pod/Text::Typography
nicoo [Sat, 7 Jul 2018 19:24:26 +0000 (21:24 +0200)]
doc: Add a modeline to ikiwiki.setup
nicoo [Sat, 7 Jul 2018 18:50:47 +0000 (20:50 +0200)]
doc/Network: Add VLAN 44 for HAMNET
By request of spel.
nicoo [Sat, 7 Jul 2018 18:29:45 +0000 (20:29 +0200)]
doc/Network: Normalize network names
nicoo [Sat, 7 Jul 2018 18:20:52 +0000 (20:20 +0200)]
doc/Network: Document the purpose of the various networks
Most networks only need a short comment, inlined in the table,
but I added a long-form description of `svc` and `pub`.
nicoo [Wed, 4 Jul 2018 14:35:52 +0000 (16:35 +0200)]
doc/local.css: Improve table headers
nicoo [Tue, 3 Jul 2018 21:42:11 +0000 (23:42 +0200)]
doc/Network: Less Denglisch
nicoo [Tue, 3 Jul 2018 21:36:43 +0000 (23:36 +0200)]
doc/Network: Add an example RFC1918 subnet
nicoo [Tue, 3 Jul 2018 21:36:17 +0000 (23:36 +0200)]
doc/Network: Fixup management VLAN ID
nicoo [Tue, 3 Jul 2018 21:32:44 +0000 (23:32 +0200)]
doc/Network: Markdown syntax fixups
nicoo [Tue, 3 Jul 2018 17:37:47 +0000 (19:37 +0200)]
doc/Network: Make the diagram fit the style of the page
nicoo [Tue, 3 Jul 2018 17:16:39 +0000 (19:16 +0200)]
doc/Network: Mention that the Funkfeuer VLAN has no zone under realraum.at
nicoo [Tue, 3 Jul 2018 17:15:21 +0000 (19:15 +0200)]
doc/Network: Swap routable subnets for public & members
nicoo [Tue, 3 Jul 2018 13:36:13 +0000 (15:36 +0200)]
doc/Network: Add network diagram
nicoo [Tue, 3 Jul 2018 12:48:43 +0000 (14:48 +0200)]
doc/Network: Update which network `realstuff` maps to
nicoo [Tue, 3 Jul 2018 13:45:20 +0000 (15:45 +0200)]
doc/Network: Convert the networks list to a table
nicoo [Mon, 2 Jul 2018 21:23:30 +0000 (23:23 +0200)]
doc/Network: Update the subnets description
Closes #24
nicoo [Mon, 2 Jul 2018 21:20:15 +0000 (23:20 +0200)]
doc/Network: Document VLAN conventions
nicoo [Mon, 2 Jul 2018 21:18:03 +0000 (23:18 +0200)]
doc/Network: Move the switch/ap naming scheme to the “physical locations” part
nicoo [Mon, 2 Jul 2018 21:17:13 +0000 (23:17 +0200)]
doc/Network: Remove the ref. to an Archer C7 in realfunk
We have a separate switch and Funkfeuer node.
Christian Pointner [Fri, 6 Jul 2018 07:34:48 +0000 (09:34 +0200)]
Merge pull request #27 from realraum/favicon
doc: Generate a custom favicon from the logo
nicoo [Wed, 4 Jul 2018 22:49:35 +0000 (00:49 +0200)]
doc: Generate a custom favicon from the logo
Christian Pointner [Tue, 3 Jul 2018 20:02:26 +0000 (22:02 +0200)]
Merge pull request #26 from realraum/sidebar
Autogenerate the sidebar
nicoo [Tue, 3 Jul 2018 14:28:04 +0000 (16:28 +0200)]
doc: Remove the “RecentChanges” button
The link is already in the sidebar.
nicoo [Tue, 3 Jul 2018 14:27:25 +0000 (16:27 +0200)]
doc/Sidebar: Use an autogenerated sitemap
This avoids having to update the sidebar when adding pages.
nicoo [Tue, 3 Jul 2018 14:26:31 +0000 (16:26 +0200)]
doc: Use an empty basewiki
This removes a bunch of cruft and default pages
nicoo [Mon, 18 Jun 2018 01:53:24 +0000 (03:53 +0200)]
Missing gnocci update
nicoo [Mon, 18 Jun 2018 01:46:35 +0000 (03:46 +0200)]
Update doc/gnocci (NTP task done)
nicoo [Mon, 18 Jun 2018 01:29:42 +0000 (03:29 +0200)]
hosts: Tag VMs with vm_install_host
nicoo [Sun, 17 Jun 2018 21:33:12 +0000 (23:33 +0200)]
Remove /ansible.cfg
Christian Pointner [Sun, 17 Jun 2018 16:44:56 +0000 (18:44 +0200)]
added nicoo's temporary gpg key to vault
Christian Pointner [Sun, 17 Jun 2018 14:31:43 +0000 (16:31 +0200)]
Merge pull request #21 from realraum/ntp
Deploy openntpd
nicoo [Sat, 16 Jun 2018 18:16:57 +0000 (20:16 +0200)]
base: Make managed ntpd optional
nicoo [Sat, 16 Jun 2018 18:16:21 +0000 (20:16 +0200)]
base: Configure openntpd
nicoo [Sat, 16 Jun 2018 18:14:45 +0000 (20:14 +0200)]
base: Install OpenNTPd rather than ntp.org
Christian Pointner [Sun, 17 Jun 2018 14:03:23 +0000 (16:03 +0200)]
documented best way to virtualize OpenWRT
nicoo [Sun, 17 Jun 2018 13:49:06 +0000 (15:49 +0200)]
gnocci.org: Do not assume we want OpenNTPd
We probably do not want it, for a sync server.
nicoo [Sun, 17 Jun 2018 13:48:23 +0000 (15:48 +0200)]
Update gnocci TODOs
Christian Pointner [Sun, 17 Jun 2018 10:32:35 +0000 (12:32 +0200)]
Merge pull request #20 from realraum/vm-improvements
Improvements in VM handling
nicoo [Sun, 17 Jun 2018 09:59:41 +0000 (11:59 +0200)]
localconfig: Rely on ansible_port to configure SSH port
nicoo [Wed, 13 Jun 2018 22:18:51 +0000 (00:18 +0200)]
vm-install: Remove hosts from known hosts in the playbook
This avoid relying on localconfig being used.
nicoo [Wed, 13 Jun 2018 22:29:10 +0000 (00:29 +0200)]
base: Use with_dict for editing adduser.conf
nicoo [Wed, 13 Jun 2018 19:07:03 +0000 (21:07 +0200)]
vm/grub: Cleanup (use dictionary iteration)
nicoo [Wed, 13 Jun 2018 17:36:28 +0000 (19:36 +0200)]
vm/install: Handle non-22000 SSH ports
nicoo [Wed, 13 Jun 2018 17:34:36 +0000 (19:34 +0200)]
vm/install: Bake authorized_keys in the initrd
This is less error-prone than cramming the SSH keys into the preseed.
Also, support setting VM-specific SSH keys.
nicoo [Wed, 13 Jun 2018 16:50:01 +0000 (18:50 +0200)]
vm-install: Apply VM configuration roles
nicoo [Wed, 13 Jun 2018 01:54:52 +0000 (03:54 +0200)]
vm/install: Group conditional when destroying existing VMs
nicoo [Wed, 13 Jun 2018 01:54:11 +0000 (03:54 +0200)]
vm/install: Bake the preseed file into the initrd
nicoo [Wed, 13 Jun 2018 01:51:16 +0000 (03:51 +0200)]
vm/guest: Provide a root shell on the (virtual) serial console
Christian Pointner [Fri, 8 Jun 2018 19:24:50 +0000 (21:24 +0200)]
Merge pull request #18 from realraum/rng
Provide entropy on the virtualization platforms
nicoo [Fri, 8 Jun 2018 19:19:32 +0000 (21:19 +0200)]
vm/guest: Ensure no other rngd configuration lines are present
nicoo [Fri, 8 Jun 2018 17:18:27 +0000 (19:18 +0200)]
Add vm/guest role for configuring VMs, make it setup rngd
nicoo [Fri, 8 Jun 2018 17:06:28 +0000 (19:06 +0200)]
vm/host: Install haveged on VM hosts
Christian Pointner [Sun, 3 Jun 2018 13:42:31 +0000 (15:42 +0200)]
ansible: torwaechter is already part of the dynamically generated ssh config
Christian Pointner [Sat, 2 Jun 2018 02:06:08 +0000 (04:06 +0200)]
torwaechter is moved to new mgmt vlan
Christian Pointner [Sat, 2 Jun 2018 01:19:41 +0000 (03:19 +0200)]
new mgmt vlan is established
Christian Pointner [Fri, 1 Jun 2018 23:26:54 +0000 (01:26 +0200)]
new IP-IP Tunnel from mur.at is done
Christian Pointner [Fri, 1 Jun 2018 23:11:57 +0000 (01:11 +0200)]
added gnocci roadmap
Bernhard Tittelbach [Tue, 22 May 2018 20:35:44 +0000 (22:35 +0200)]
new ssh pubkey
nicoo [Mon, 21 May 2018 12:02:28 +0000 (14:02 +0200)]
roles/openwrt-image: Pin the LEDE release signing key
This addresses a security issue where an attacker with a key that GnuPG
considers valid (but doesn't claim to be LEDE's) can get their signature
accepted on malicious files.
This should also solve the issue equinox had with key validity.
Christian Pointner [Mon, 21 May 2018 11:32:08 +0000 (13:32 +0200)]
disable parsing of gpg options file
Christian Pointner [Mon, 21 May 2018 01:02:51 +0000 (03:02 +0200)]
unarchive seems to do its job now?!
Christian Pointner [Mon, 21 May 2018 00:59:22 +0000 (02:59 +0200)]
make fstab handling for openwrt safe
Christian Pointner [Mon, 21 May 2018 00:45:46 +0000 (02:45 +0200)]
revamped temporary directories
Christian Pointner [Mon, 21 May 2018 00:11:06 +0000 (02:11 +0200)]
Merge pull request #16 from realraum/openwrt-image
Role for building OpenWrt images
nicoo [Mon, 21 May 2018 00:09:49 +0000 (02:09 +0200)]
Merge PR#12: add initial vm installer role
nicoo [Mon, 21 May 2018 00:01:13 +0000 (02:01 +0200)]
roles/openwrt-image: Cache downloaded files
Christian Pointner [Sun, 20 May 2018 23:52:24 +0000 (01:52 +0200)]
move openwrt image config to host_vars
nicoo [Sun, 20 May 2018 23:23:09 +0000 (01:23 +0200)]
tuer: Add sftp support
nicoo [Sun, 20 May 2018 23:12:26 +0000 (01:12 +0200)]
tuer: Add missing packages
nicoo [Sun, 20 May 2018 22:57:18 +0000 (00:57 +0200)]
roles/openwrt-image: Fixup directory modes
Christian Pointner [Sun, 20 May 2018 22:55:26 +0000 (00:55 +0200)]
added uci system settings
nicoo [Sun, 20 May 2018 22:22:56 +0000 (00:22 +0200)]
tuer: Add stuff for tuergit
nicoo [Sun, 20 May 2018 21:36:14 +0000 (23:36 +0200)]
fixup! roles/openwrt-image: Add support for setting file modes
nicoo [Wed, 16 May 2018 21:02:17 +0000 (23:02 +0200)]
tuer: Add AuthorizedKeys script for tuerctl
nicoo [Wed, 16 May 2018 21:00:17 +0000 (23:00 +0200)]
tuer: Replace dropbear with openssh-server
This is a work-in-progress, the configuration is currently broken...
We use /etc/ssh/authorized_keys.d so non-root users cannot edit
authorized keys.
nicoo [Wed, 16 May 2018 20:58:51 +0000 (22:58 +0200)]
fixup! roles/openwrt-image: Support creating users/groups
nicoo [Wed, 16 May 2018 19:36:44 +0000 (21:36 +0200)]
roles/openwrt-image: Support creating users/groups
nicoo [Wed, 16 May 2018 19:33:13 +0000 (21:33 +0200)]
roles/openwrt-image: Support configuring mountpoints
nicoo [Wed, 16 May 2018 19:32:27 +0000 (21:32 +0200)]
roles/openwrt-image: Natively support UCI configuration
nicoo [Wed, 16 May 2018 19:28:16 +0000 (21:28 +0200)]
tuer: Make installed binaries executable
nicoo [Sun, 6 May 2018 11:39:03 +0000 (13:39 +0200)]
roles/openwrt-image: Add support for setting file modes
nicoo [Sun, 6 May 2018 11:38:40 +0000 (13:38 +0200)]
roles/openwrt-image: Refactor openwrt-mixins
nicoo [Sun, 6 May 2018 11:14:09 +0000 (13:14 +0200)]
tuer: Disallow all password auth