nicoo [Tue, 3 Jul 2018 21:32:44 +0000 (23:32 +0200)]
doc/Network: Markdown syntax fixups
nicoo [Tue, 3 Jul 2018 17:37:47 +0000 (19:37 +0200)]
doc/Network: Make the diagram fit the style of the page
nicoo [Tue, 3 Jul 2018 17:16:39 +0000 (19:16 +0200)]
doc/Network: Mention that the Funkfeuer VLAN has no zone under realraum.at
nicoo [Tue, 3 Jul 2018 17:15:21 +0000 (19:15 +0200)]
doc/Network: Swap routable subnets for public & members
nicoo [Tue, 3 Jul 2018 13:36:13 +0000 (15:36 +0200)]
doc/Network: Add network diagram
nicoo [Tue, 3 Jul 2018 12:48:43 +0000 (14:48 +0200)]
doc/Network: Update which network `realstuff` maps to
nicoo [Tue, 3 Jul 2018 13:45:20 +0000 (15:45 +0200)]
doc/Network: Convert the networks list to a table
nicoo [Mon, 2 Jul 2018 21:23:30 +0000 (23:23 +0200)]
doc/Network: Update the subnets description
Closes #24
nicoo [Mon, 2 Jul 2018 21:20:15 +0000 (23:20 +0200)]
doc/Network: Document VLAN conventions
nicoo [Mon, 2 Jul 2018 21:18:03 +0000 (23:18 +0200)]
doc/Network: Move the switch/ap naming scheme to the “physical locations” part
nicoo [Mon, 2 Jul 2018 21:17:13 +0000 (23:17 +0200)]
doc/Network: Remove the ref. to an Archer C7 in realfunk
We have a separate switch and Funkfeuer node.
Christian Pointner [Fri, 6 Jul 2018 07:34:48 +0000 (09:34 +0200)]
Merge pull request #27 from realraum/favicon
doc: Generate a custom favicon from the logo
nicoo [Wed, 4 Jul 2018 22:49:35 +0000 (00:49 +0200)]
doc: Generate a custom favicon from the logo
Christian Pointner [Tue, 3 Jul 2018 20:02:26 +0000 (22:02 +0200)]
Merge pull request #26 from realraum/sidebar
Autogenerate the sidebar
nicoo [Tue, 3 Jul 2018 14:28:04 +0000 (16:28 +0200)]
doc: Remove the “RecentChanges” button
The link is already in the sidebar.
nicoo [Tue, 3 Jul 2018 14:27:25 +0000 (16:27 +0200)]
doc/Sidebar: Use an autogenerated sitemap
This avoids having to update the sidebar when adding pages.
nicoo [Tue, 3 Jul 2018 14:26:31 +0000 (16:26 +0200)]
doc: Use an empty basewiki
This removes a bunch of cruft and default pages
nicoo [Mon, 18 Jun 2018 01:53:24 +0000 (03:53 +0200)]
Missing gnocci update
nicoo [Mon, 18 Jun 2018 01:46:35 +0000 (03:46 +0200)]
Update doc/gnocci (NTP task done)
nicoo [Mon, 18 Jun 2018 01:29:42 +0000 (03:29 +0200)]
hosts: Tag VMs with vm_install_host
nicoo [Sun, 17 Jun 2018 21:33:12 +0000 (23:33 +0200)]
Remove /ansible.cfg
Christian Pointner [Sun, 17 Jun 2018 16:44:56 +0000 (18:44 +0200)]
added nicoo's temporary gpg key to vault
Christian Pointner [Sun, 17 Jun 2018 14:31:43 +0000 (16:31 +0200)]
Merge pull request #21 from realraum/ntp
Deploy openntpd
nicoo [Sat, 16 Jun 2018 18:16:57 +0000 (20:16 +0200)]
base: Make managed ntpd optional
nicoo [Sat, 16 Jun 2018 18:16:21 +0000 (20:16 +0200)]
base: Configure openntpd
nicoo [Sat, 16 Jun 2018 18:14:45 +0000 (20:14 +0200)]
base: Install OpenNTPd rather than ntp.org
Christian Pointner [Sun, 17 Jun 2018 14:03:23 +0000 (16:03 +0200)]
documented best way to virtualize OpenWRT
nicoo [Sun, 17 Jun 2018 13:49:06 +0000 (15:49 +0200)]
gnocci.org: Do not assume we want OpenNTPd
We probably do not want it, for a sync server.
nicoo [Sun, 17 Jun 2018 13:48:23 +0000 (15:48 +0200)]
Update gnocci TODOs
Christian Pointner [Sun, 17 Jun 2018 10:32:35 +0000 (12:32 +0200)]
Merge pull request #20 from realraum/vm-improvements
Improvements in VM handling
nicoo [Sun, 17 Jun 2018 09:59:41 +0000 (11:59 +0200)]
localconfig: Rely on ansible_port to configure SSH port
nicoo [Wed, 13 Jun 2018 22:18:51 +0000 (00:18 +0200)]
vm-install: Remove hosts from known hosts in the playbook
This avoid relying on localconfig being used.
nicoo [Wed, 13 Jun 2018 22:29:10 +0000 (00:29 +0200)]
base: Use with_dict for editing adduser.conf
nicoo [Wed, 13 Jun 2018 19:07:03 +0000 (21:07 +0200)]
vm/grub: Cleanup (use dictionary iteration)
nicoo [Wed, 13 Jun 2018 17:36:28 +0000 (19:36 +0200)]
vm/install: Handle non-22000 SSH ports
nicoo [Wed, 13 Jun 2018 17:34:36 +0000 (19:34 +0200)]
vm/install: Bake authorized_keys in the initrd
This is less error-prone than cramming the SSH keys into the preseed.
Also, support setting VM-specific SSH keys.
nicoo [Wed, 13 Jun 2018 16:50:01 +0000 (18:50 +0200)]
vm-install: Apply VM configuration roles
nicoo [Wed, 13 Jun 2018 01:54:52 +0000 (03:54 +0200)]
vm/install: Group conditional when destroying existing VMs
nicoo [Wed, 13 Jun 2018 01:54:11 +0000 (03:54 +0200)]
vm/install: Bake the preseed file into the initrd
nicoo [Wed, 13 Jun 2018 01:51:16 +0000 (03:51 +0200)]
vm/guest: Provide a root shell on the (virtual) serial console
Christian Pointner [Fri, 8 Jun 2018 19:24:50 +0000 (21:24 +0200)]
Merge pull request #18 from realraum/rng
Provide entropy on the virtualization platforms
nicoo [Fri, 8 Jun 2018 19:19:32 +0000 (21:19 +0200)]
vm/guest: Ensure no other rngd configuration lines are present
nicoo [Fri, 8 Jun 2018 17:18:27 +0000 (19:18 +0200)]
Add vm/guest role for configuring VMs, make it setup rngd
nicoo [Fri, 8 Jun 2018 17:06:28 +0000 (19:06 +0200)]
vm/host: Install haveged on VM hosts
Christian Pointner [Sun, 3 Jun 2018 13:42:31 +0000 (15:42 +0200)]
ansible: torwaechter is already part of the dynamically generated ssh config
Christian Pointner [Sat, 2 Jun 2018 02:06:08 +0000 (04:06 +0200)]
torwaechter is moved to new mgmt vlan
Christian Pointner [Sat, 2 Jun 2018 01:19:41 +0000 (03:19 +0200)]
new mgmt vlan is established
Christian Pointner [Fri, 1 Jun 2018 23:26:54 +0000 (01:26 +0200)]
new IP-IP Tunnel from mur.at is done
Christian Pointner [Fri, 1 Jun 2018 23:11:57 +0000 (01:11 +0200)]
added gnocci roadmap
Bernhard Tittelbach [Tue, 22 May 2018 20:35:44 +0000 (22:35 +0200)]
new ssh pubkey
nicoo [Mon, 21 May 2018 12:02:28 +0000 (14:02 +0200)]
roles/openwrt-image: Pin the LEDE release signing key
This addresses a security issue where an attacker with a key that GnuPG
considers valid (but doesn't claim to be LEDE's) can get their signature
accepted on malicious files.
This should also solve the issue equinox had with key validity.
Christian Pointner [Mon, 21 May 2018 11:32:08 +0000 (13:32 +0200)]
disable parsing of gpg options file
Christian Pointner [Mon, 21 May 2018 01:02:51 +0000 (03:02 +0200)]
unarchive seems to do its job now?!
Christian Pointner [Mon, 21 May 2018 00:59:22 +0000 (02:59 +0200)]
make fstab handling for openwrt safe
Christian Pointner [Mon, 21 May 2018 00:45:46 +0000 (02:45 +0200)]
revamped temporary directories
Christian Pointner [Mon, 21 May 2018 00:11:06 +0000 (02:11 +0200)]
Merge pull request #16 from realraum/openwrt-image
Role for building OpenWrt images
nicoo [Mon, 21 May 2018 00:09:49 +0000 (02:09 +0200)]
Merge PR#12: add initial vm installer role
nicoo [Mon, 21 May 2018 00:01:13 +0000 (02:01 +0200)]
roles/openwrt-image: Cache downloaded files
Christian Pointner [Sun, 20 May 2018 23:52:24 +0000 (01:52 +0200)]
move openwrt image config to host_vars
nicoo [Sun, 20 May 2018 23:23:09 +0000 (01:23 +0200)]
tuer: Add sftp support
nicoo [Sun, 20 May 2018 23:12:26 +0000 (01:12 +0200)]
tuer: Add missing packages
nicoo [Sun, 20 May 2018 22:57:18 +0000 (00:57 +0200)]
roles/openwrt-image: Fixup directory modes
Christian Pointner [Sun, 20 May 2018 22:55:26 +0000 (00:55 +0200)]
added uci system settings
nicoo [Sun, 20 May 2018 22:22:56 +0000 (00:22 +0200)]
tuer: Add stuff for tuergit
nicoo [Sun, 20 May 2018 21:36:14 +0000 (23:36 +0200)]
fixup! roles/openwrt-image: Add support for setting file modes
nicoo [Wed, 16 May 2018 21:02:17 +0000 (23:02 +0200)]
tuer: Add AuthorizedKeys script for tuerctl
nicoo [Wed, 16 May 2018 21:00:17 +0000 (23:00 +0200)]
tuer: Replace dropbear with openssh-server
This is a work-in-progress, the configuration is currently broken...
We use /etc/ssh/authorized_keys.d so non-root users cannot edit
authorized keys.
nicoo [Wed, 16 May 2018 20:58:51 +0000 (22:58 +0200)]
fixup! roles/openwrt-image: Support creating users/groups
nicoo [Wed, 16 May 2018 19:36:44 +0000 (21:36 +0200)]
roles/openwrt-image: Support creating users/groups
nicoo [Wed, 16 May 2018 19:33:13 +0000 (21:33 +0200)]
roles/openwrt-image: Support configuring mountpoints
nicoo [Wed, 16 May 2018 19:32:27 +0000 (21:32 +0200)]
roles/openwrt-image: Natively support UCI configuration
nicoo [Wed, 16 May 2018 19:28:16 +0000 (21:28 +0200)]
tuer: Make installed binaries executable
nicoo [Sun, 6 May 2018 11:39:03 +0000 (13:39 +0200)]
roles/openwrt-image: Add support for setting file modes
nicoo [Sun, 6 May 2018 11:38:40 +0000 (13:38 +0200)]
roles/openwrt-image: Refactor openwrt-mixins
nicoo [Sun, 6 May 2018 11:14:09 +0000 (13:14 +0200)]
tuer: Disallow all password auth
Christian Pointner [Fri, 4 May 2018 22:05:31 +0000 (00:05 +0200)]
fix localconfig ssh user for openwrt hosts
Christian Pointner [Fri, 4 May 2018 21:06:13 +0000 (23:06 +0200)]
ansible: add todo message for nicoo
Christian Pointner [Fri, 4 May 2018 20:56:50 +0000 (22:56 +0200)]
ansible: copy resulting openwrt image to correct location
Christian Pointner [Fri, 4 May 2018 19:14:48 +0000 (21:14 +0200)]
cosmetic changes
nicoo [Fri, 4 May 2018 00:51:06 +0000 (02:51 +0200)]
Tuer firmware (WIP)
Christian Pointner [Tue, 24 Apr 2018 19:31:16 +0000 (21:31 +0200)]
ansible: vm/network role improvments
Christian Pointner [Tue, 24 Apr 2018 00:20:37 +0000 (02:20 +0200)]
added support for ubuntu/xenial to vm/install role
nicoo [Sun, 22 Apr 2018 21:24:58 +0000 (23:24 +0200)]
tuer: Avoid polluting the user's homedir with go crap
nicoo [Sun, 22 Apr 2018 21:16:23 +0000 (23:16 +0200)]
tuer: Build go binaries
nicoo [Thu, 19 Apr 2018 13:59:57 +0000 (15:59 +0200)]
Ansible playbook for building a torwaechter image (WIP)
nicoo [Thu, 19 Apr 2018 13:56:43 +0000 (15:56 +0200)]
Initial role for building OpenWRT images
nicoo [Sun, 22 Apr 2018 21:13:29 +0000 (23:13 +0200)]
Add torwaechter to inventory
Christian Pointner [Sun, 22 Apr 2018 19:25:17 +0000 (21:25 +0200)]
adapt vm install role to new inventory naming scheme
Christian Pointner [Sun, 22 Apr 2018 18:00:01 +0000 (20:00 +0200)]
ansible: merge master to vm-install branch
nicoo [Sun, 22 Apr 2018 15:49:32 +0000 (17:49 +0200)]
Merge PR#15: ansible: first proposal for nicer inventory names
nicoo [Sun, 22 Apr 2018 15:45:37 +0000 (17:45 +0200)]
Merge PR#14: ansible: Use variables for SSH keys
nicoo [Sun, 22 Apr 2018 15:43:15 +0000 (17:43 +0200)]
roles/vm-*: Move to roles/vm/*
Christian Pointner [Sun, 22 Apr 2018 11:59:37 +0000 (13:59 +0200)]
ansible: first proposl for nicer inventory names
Christian Pointner [Sun, 22 Apr 2018 10:46:07 +0000 (12:46 +0200)]
ansible: use variables for ssh keys
Christian Pointner [Sun, 22 Apr 2018 01:59:46 +0000 (03:59 +0200)]
installer role works now but still has issues
Christian Pointner [Sat, 21 Apr 2018 21:56:18 +0000 (23:56 +0200)]
add initial vm installer role
nicoo [Sat, 21 Apr 2018 20:22:17 +0000 (22:22 +0200)]
Merge PR#11: ansible vault: set trust-model to always
nicoo [Sat, 21 Apr 2018 20:18:03 +0000 (22:18 +0200)]
Merge PR#10: ansible: enable facts caching
Christian Pointner [Sat, 21 Apr 2018 20:17:25 +0000 (22:17 +0200)]
ignore all inside .cache/
Christian Pointner [Sat, 21 Apr 2018 20:15:28 +0000 (22:15 +0200)]
ansible: make facts cahing directory hidden