noc.git
5 years agoAdd gnoccis to the inventory
nicoo [Sun, 17 Jun 2018 20:29:24 +0000 (22:29 +0200)]
Add gnoccis to the inventory

5 years agopreseed: Do not let authorized_key mess with directory permissions
nicoo [Sun, 17 Jun 2018 20:19:54 +0000 (22:19 +0200)]
preseed: Do not let authorized_key mess with directory permissions

5 years agodebian-installer: Use an HTTPS-capable Debian mirror
nicoo [Sun, 17 Jun 2018 20:15:10 +0000 (22:15 +0200)]
debian-installer: Use an HTTPS-capable Debian mirror

5 years agotestvm: Do not hardcode alfred's name
nicoo [Sun, 17 Jun 2018 19:59:05 +0000 (21:59 +0200)]
testvm: Do not hardcode alfred's name

5 years agoRename vm_network to network and vm_install to install
nicoo [Sun, 17 Jun 2018 19:31:21 +0000 (21:31 +0200)]
Rename vm_network to network and vm_install to install

This includes renaming vm_install_host to vm_host.

5 years agoSimplify vm/install a tiny bit
nicoo [Sun, 17 Jun 2018 17:13:05 +0000 (19:13 +0200)]
Simplify vm/install a tiny bit

5 years agoReplace vmname with hostname
nicoo [Sun, 17 Jun 2018 17:12:09 +0000 (19:12 +0200)]
Replace vmname with hostname

5 years agoMove debian-installer downloads to its own role
nicoo [Sun, 17 Jun 2018 16:03:49 +0000 (18:03 +0200)]
Move debian-installer downloads to its own role

5 years agoMove preseed generation to a separate role
nicoo [Sun, 17 Jun 2018 15:56:26 +0000 (17:56 +0200)]
Move preseed generation to a separate role

5 years agoMerge PR#35: add missing vlans in ansible network.yml
nicoo [Sat, 24 Nov 2018 15:29:12 +0000 (16:29 +0100)]
Merge PR#35: add missing vlans in ansible network.yml

5 years agoMerge pull request #34 from realraum/ansible/base
Christian Pointner [Sat, 24 Nov 2018 15:28:59 +0000 (16:28 +0100)]
Merge pull request #34 from realraum/ansible/base

ansible/base: Add some useful packages

5 years agoMerge pull request #33 from realraum/ansible/vm
Christian Pointner [Sat, 24 Nov 2018 15:28:41 +0000 (16:28 +0100)]
Merge pull request #33 from realraum/ansible/vm

Minor fixes for the VM-related Ansible roles

5 years agoadd missing vlan configs in ansible network.yml
Christian Pointner [Sat, 24 Nov 2018 15:25:10 +0000 (16:25 +0100)]
add missing vlan configs in ansible network.yml

5 years agoansible/base: Add some useful packages
nicoo [Sat, 24 Nov 2018 15:23:00 +0000 (16:23 +0100)]
ansible/base: Add some useful packages

5 years agoansible/vm/install: Wait slightly longer for Debian installer
nicoo [Sat, 24 Nov 2018 15:18:35 +0000 (16:18 +0100)]
ansible/vm/install: Wait slightly longer for Debian installer

5 years agoansible/vm/guest: Fix bug in rng-tool configuration task
nicoo [Sat, 24 Nov 2018 15:18:05 +0000 (16:18 +0100)]
ansible/vm/guest: Fix bug in rng-tool configuration task

5 years agoMerge remote-tracking branch 'realraum/master'
nicoo [Sat, 24 Nov 2018 15:12:31 +0000 (16:12 +0100)]
Merge remote-tracking branch 'realraum/master'

5 years agoMerge PR#32: added realfunk management vlan docs
nicoo [Sat, 24 Nov 2018 15:11:19 +0000 (16:11 +0100)]
Merge PR#32: added realfunk management vlan docs

5 years agodoc/Network/realfunk: Fix spelling
nicoo [Sat, 24 Nov 2018 15:10:01 +0000 (16:10 +0100)]
doc/Network/realfunk: Fix spelling

5 years agossh-config: added ap2
Christian Pointner [Fri, 23 Nov 2018 22:15:04 +0000 (23:15 +0100)]
ssh-config: added ap2

5 years agoadded realfunk management vlan docs
Christian Pointner [Mon, 12 Nov 2018 20:02:46 +0000 (21:02 +0100)]
added realfunk management vlan docs

6 years agoadded VLAN for UPC
Christian Pointner [Fri, 17 Aug 2018 17:52:11 +0000 (19:52 +0200)]
added VLAN for UPC

6 years agoMerge pull request #31 from realraum/network/realfunk
Christian Pointner [Sun, 8 Jul 2018 19:03:36 +0000 (21:03 +0200)]
Merge pull request #31 from realraum/network/realfunk

doc/Network: Document changes in sw2 to accomodate HAMNET

6 years agodoc/Network: Document changes in sw2 to accomodate HAMNET
nicoo [Sun, 8 Jul 2018 17:21:10 +0000 (19:21 +0200)]
doc/Network: Document changes in sw2 to accomodate HAMNET

6 years agoMerge pull request #30 from realraum/global-network-config
Christian Pointner [Sun, 8 Jul 2018 11:50:46 +0000 (13:50 +0200)]
Merge pull request #30 from realraum/global-network-config

ansible: global network config

6 years agodoc/Network: Improve table
nicoo [Sun, 8 Jul 2018 11:50:23 +0000 (13:50 +0200)]
doc/Network: Improve table

6 years agoadd other vlans to network config
Christian Pointner [Sat, 7 Jul 2018 23:09:40 +0000 (01:09 +0200)]
add other vlans to network config

6 years agoupdated vm install configs after redoing network ranges
Christian Pointner [Sat, 7 Jul 2018 22:50:50 +0000 (00:50 +0200)]
updated vm install configs after redoing network ranges

6 years agoansible: add global network config
Christian Pointner [Mon, 4 Jun 2018 22:45:23 +0000 (00:45 +0200)]
ansible: add global network config

6 years agodeploying new vlan setup is now done
Christian Pointner [Sat, 7 Jul 2018 22:08:27 +0000 (00:08 +0200)]
deploying new vlan setup is now done

6 years agodoc: Use an en-dash in the wiki name
nicoo [Sat, 7 Jul 2018 22:02:40 +0000 (00:02 +0200)]
doc: Use an en-dash in the wiki name

6 years agodoc/Network: Minor edits
nicoo [Sat, 7 Jul 2018 22:00:07 +0000 (00:00 +0200)]
doc/Network: Minor edits

6 years agoTravis: Install ImageMagick's Perl bindings
nicoo [Sat, 7 Jul 2018 20:49:27 +0000 (22:49 +0200)]
Travis: Install ImageMagick's Perl bindings

6 years agoMerge pull request #28 from realraum/doc-ci
Christian Pointner [Sat, 7 Jul 2018 20:45:50 +0000 (22:45 +0200)]
Merge pull request #28 from realraum/doc-ci

Add Travis CI build for the documentation

6 years agoAdd Travis CI build for the documentation
nicoo [Sat, 7 Jul 2018 20:12:04 +0000 (22:12 +0200)]
Add Travis CI build for the documentation

6 years agodoc/Network: Renumber the public VLAN
nicoo [Sat, 7 Jul 2018 20:18:04 +0000 (22:18 +0200)]
doc/Network: Renumber the public VLAN

6 years agoMerge pull request #25 from realraum/vlans
Christian Pointner [Sat, 7 Jul 2018 20:03:33 +0000 (22:03 +0200)]
Merge pull request #25 from realraum/vlans

Document the new network plan

6 years agodoc/Network: Simplify table
nicoo [Sat, 7 Jul 2018 19:59:41 +0000 (21:59 +0200)]
doc/Network: Simplify table

6 years agodoc/Network: Document Funkfeuer subnet for realraum
nicoo [Sat, 7 Jul 2018 19:54:08 +0000 (21:54 +0200)]
doc/Network: Document Funkfeuer subnet for realraum

6 years agodoc/Network: Clarify RFC1918 subnets
nicoo [Sat, 7 Jul 2018 19:48:11 +0000 (21:48 +0200)]
doc/Network: Clarify RFC1918 subnets

6 years agodoc: Translate ASCII-art of symboles to proper representations
nicoo [Sat, 7 Jul 2018 19:27:25 +0000 (21:27 +0200)]
doc: Translate ASCII-art of symboles to proper representations

In particular, make -- produce an en-dash.  See [Text::Typography].

[Text::Typography]: https://metacpan.org/pod/Text::Typography

6 years agodoc: Add a modeline to ikiwiki.setup
nicoo [Sat, 7 Jul 2018 19:24:26 +0000 (21:24 +0200)]
doc: Add a modeline to ikiwiki.setup

6 years agodoc/Network: Add VLAN 44 for HAMNET
nicoo [Sat, 7 Jul 2018 18:50:47 +0000 (20:50 +0200)]
doc/Network: Add VLAN 44 for HAMNET

By request of spel.

6 years agodoc/Network: Normalize network names
nicoo [Sat, 7 Jul 2018 18:29:45 +0000 (20:29 +0200)]
doc/Network: Normalize network names

6 years agodoc/Network: Document the purpose of the various networks
nicoo [Sat, 7 Jul 2018 18:20:52 +0000 (20:20 +0200)]
doc/Network: Document the purpose of the various networks

Most networks only need a short comment, inlined in the table,
but I added a long-form description of `svc` and `pub`.

6 years agodoc/local.css: Improve table headers
nicoo [Wed, 4 Jul 2018 14:35:52 +0000 (16:35 +0200)]
doc/local.css: Improve table headers

6 years agodoc/Network: Less Denglisch
nicoo [Tue, 3 Jul 2018 21:42:11 +0000 (23:42 +0200)]
doc/Network: Less Denglisch

6 years agodoc/Network: Add an example RFC1918 subnet
nicoo [Tue, 3 Jul 2018 21:36:43 +0000 (23:36 +0200)]
doc/Network: Add an example RFC1918 subnet

6 years agodoc/Network: Fixup management VLAN ID
nicoo [Tue, 3 Jul 2018 21:36:17 +0000 (23:36 +0200)]
doc/Network: Fixup management VLAN ID

6 years agodoc/Network: Markdown syntax fixups
nicoo [Tue, 3 Jul 2018 21:32:44 +0000 (23:32 +0200)]
doc/Network: Markdown syntax fixups

6 years agodoc/Network: Make the diagram fit the style of the page
nicoo [Tue, 3 Jul 2018 17:37:47 +0000 (19:37 +0200)]
doc/Network: Make the diagram fit the style of the page

6 years agodoc/Network: Mention that the Funkfeuer VLAN has no zone under realraum.at
nicoo [Tue, 3 Jul 2018 17:16:39 +0000 (19:16 +0200)]
doc/Network: Mention that the Funkfeuer VLAN has no zone under realraum.at

6 years agodoc/Network: Swap routable subnets for public & members
nicoo [Tue, 3 Jul 2018 17:15:21 +0000 (19:15 +0200)]
doc/Network: Swap routable subnets for public & members

6 years agodoc/Network: Add network diagram
nicoo [Tue, 3 Jul 2018 13:36:13 +0000 (15:36 +0200)]
doc/Network: Add network diagram

6 years agodoc/Network: Update which network `realstuff` maps to
nicoo [Tue, 3 Jul 2018 12:48:43 +0000 (14:48 +0200)]
doc/Network: Update which network `realstuff` maps to

6 years agodoc/Network: Convert the networks list to a table
nicoo [Tue, 3 Jul 2018 13:45:20 +0000 (15:45 +0200)]
doc/Network: Convert the networks list to a table

6 years agodoc/Network: Update the subnets description
nicoo [Mon, 2 Jul 2018 21:23:30 +0000 (23:23 +0200)]
doc/Network: Update the subnets description

Closes #24

6 years agodoc/Network: Document VLAN conventions
nicoo [Mon, 2 Jul 2018 21:20:15 +0000 (23:20 +0200)]
doc/Network: Document VLAN conventions

6 years agodoc/Network: Move the switch/ap naming scheme to the “physical locations” part
nicoo [Mon, 2 Jul 2018 21:18:03 +0000 (23:18 +0200)]
doc/Network: Move the switch/ap naming scheme to the “physical locations” part

6 years agodoc/Network: Remove the ref. to an Archer C7 in realfunk
nicoo [Mon, 2 Jul 2018 21:17:13 +0000 (23:17 +0200)]
doc/Network: Remove the ref. to an Archer C7 in realfunk

We have a separate switch and Funkfeuer node.

6 years agoMerge pull request #27 from realraum/favicon
Christian Pointner [Fri, 6 Jul 2018 07:34:48 +0000 (09:34 +0200)]
Merge pull request #27 from realraum/favicon

doc: Generate a custom favicon from the logo

6 years agodoc: Generate a custom favicon from the logo
nicoo [Wed, 4 Jul 2018 22:49:35 +0000 (00:49 +0200)]
doc: Generate a custom favicon from the logo

6 years agoMerge pull request #26 from realraum/sidebar
Christian Pointner [Tue, 3 Jul 2018 20:02:26 +0000 (22:02 +0200)]
Merge pull request #26 from realraum/sidebar

Autogenerate the sidebar

6 years agodoc: Remove the “RecentChanges” button
nicoo [Tue, 3 Jul 2018 14:28:04 +0000 (16:28 +0200)]
doc: Remove the “RecentChanges” button

The link is already in the sidebar.

6 years agodoc/Sidebar: Use an autogenerated sitemap
nicoo [Tue, 3 Jul 2018 14:27:25 +0000 (16:27 +0200)]
doc/Sidebar: Use an autogenerated sitemap

This avoids having to update the sidebar when adding pages.

6 years agodoc: Use an empty basewiki
nicoo [Tue, 3 Jul 2018 14:26:31 +0000 (16:26 +0200)]
doc: Use an empty basewiki

This removes a bunch of cruft and default pages

6 years agoMissing gnocci update
nicoo [Mon, 18 Jun 2018 01:53:24 +0000 (03:53 +0200)]
Missing gnocci update

6 years agoUpdate doc/gnocci (NTP task done)
nicoo [Mon, 18 Jun 2018 01:46:35 +0000 (03:46 +0200)]
Update doc/gnocci (NTP task done)

6 years agohosts: Tag VMs with vm_install_host
nicoo [Mon, 18 Jun 2018 01:29:42 +0000 (03:29 +0200)]
hosts: Tag VMs with vm_install_host

6 years agoRemove /ansible.cfg
nicoo [Sun, 17 Jun 2018 21:33:12 +0000 (23:33 +0200)]
Remove /ansible.cfg

6 years agoadded nicoo's temporary gpg key to vault
Christian Pointner [Sun, 17 Jun 2018 16:44:56 +0000 (18:44 +0200)]
added nicoo's temporary gpg key to vault

6 years agoMerge pull request #21 from realraum/ntp
Christian Pointner [Sun, 17 Jun 2018 14:31:43 +0000 (16:31 +0200)]
Merge pull request #21 from realraum/ntp

Deploy openntpd

6 years agobase: Make managed ntpd optional
nicoo [Sat, 16 Jun 2018 18:16:57 +0000 (20:16 +0200)]
base: Make managed ntpd optional

6 years agobase: Configure openntpd
nicoo [Sat, 16 Jun 2018 18:16:21 +0000 (20:16 +0200)]
base: Configure openntpd

6 years agobase: Install OpenNTPd rather than ntp.org
nicoo [Sat, 16 Jun 2018 18:14:45 +0000 (20:14 +0200)]
base: Install OpenNTPd rather than ntp.org

6 years agodocumented best way to virtualize OpenWRT
Christian Pointner [Sun, 17 Jun 2018 14:03:23 +0000 (16:03 +0200)]
documented best way to virtualize OpenWRT

6 years agognocci.org: Do not assume we want OpenNTPd
nicoo [Sun, 17 Jun 2018 13:49:06 +0000 (15:49 +0200)]
gnocci.org: Do not assume we want OpenNTPd

We probably do not want it, for a sync server.

6 years agoUpdate gnocci TODOs
nicoo [Sun, 17 Jun 2018 13:48:23 +0000 (15:48 +0200)]
Update gnocci TODOs

6 years agoMerge pull request #20 from realraum/vm-improvements
Christian Pointner [Sun, 17 Jun 2018 10:32:35 +0000 (12:32 +0200)]
Merge pull request #20 from realraum/vm-improvements

Improvements in VM handling

6 years agolocalconfig: Rely on ansible_port to configure SSH port
nicoo [Sun, 17 Jun 2018 09:59:41 +0000 (11:59 +0200)]
localconfig: Rely on ansible_port to configure SSH port

6 years agovm-install: Remove hosts from known hosts in the playbook
nicoo [Wed, 13 Jun 2018 22:18:51 +0000 (00:18 +0200)]
vm-install: Remove hosts from known hosts in the playbook

This avoid relying on localconfig being used.

6 years agobase: Use with_dict for editing adduser.conf
nicoo [Wed, 13 Jun 2018 22:29:10 +0000 (00:29 +0200)]
base: Use with_dict for editing adduser.conf

6 years agovm/grub: Cleanup (use dictionary iteration)
nicoo [Wed, 13 Jun 2018 19:07:03 +0000 (21:07 +0200)]
vm/grub: Cleanup (use dictionary iteration)

6 years agovm/install: Handle non-22000 SSH ports
nicoo [Wed, 13 Jun 2018 17:36:28 +0000 (19:36 +0200)]
vm/install: Handle non-22000 SSH ports

6 years agovm/install: Bake authorized_keys in the initrd
nicoo [Wed, 13 Jun 2018 17:34:36 +0000 (19:34 +0200)]
vm/install: Bake authorized_keys in the initrd

This is less error-prone than cramming the SSH keys into the preseed.
Also, support setting VM-specific SSH keys.

6 years agovm-install: Apply VM configuration roles
nicoo [Wed, 13 Jun 2018 16:50:01 +0000 (18:50 +0200)]
vm-install: Apply VM configuration roles

6 years agovm/install: Group conditional when destroying existing VMs
nicoo [Wed, 13 Jun 2018 01:54:52 +0000 (03:54 +0200)]
vm/install: Group conditional when destroying existing VMs

6 years agovm/install: Bake the preseed file into the initrd
nicoo [Wed, 13 Jun 2018 01:54:11 +0000 (03:54 +0200)]
vm/install: Bake the preseed file into the initrd

6 years agovm/guest: Provide a root shell on the (virtual) serial console
nicoo [Wed, 13 Jun 2018 01:51:16 +0000 (03:51 +0200)]
vm/guest: Provide a root shell on the (virtual) serial console

6 years agoMerge pull request #18 from realraum/rng
Christian Pointner [Fri, 8 Jun 2018 19:24:50 +0000 (21:24 +0200)]
Merge pull request #18 from realraum/rng

Provide entropy on the virtualization platforms

6 years agovm/guest: Ensure no other rngd configuration lines are present
nicoo [Fri, 8 Jun 2018 19:19:32 +0000 (21:19 +0200)]
vm/guest: Ensure no other rngd configuration lines are present

6 years agoAdd vm/guest role for configuring VMs, make it setup rngd
nicoo [Fri, 8 Jun 2018 17:18:27 +0000 (19:18 +0200)]
Add vm/guest role for configuring VMs, make it setup rngd

6 years agovm/host: Install haveged on VM hosts
nicoo [Fri, 8 Jun 2018 17:06:28 +0000 (19:06 +0200)]
vm/host: Install haveged on VM hosts

6 years agoansible: torwaechter is already part of the dynamically generated ssh config
Christian Pointner [Sun, 3 Jun 2018 13:42:31 +0000 (15:42 +0200)]
ansible: torwaechter is already part of the dynamically generated ssh config

6 years agotorwaechter is moved to new mgmt vlan
Christian Pointner [Sat, 2 Jun 2018 02:06:08 +0000 (04:06 +0200)]
torwaechter is moved to new mgmt vlan

6 years agonew mgmt vlan is established
Christian Pointner [Sat, 2 Jun 2018 01:19:41 +0000 (03:19 +0200)]
new mgmt vlan is established

6 years agonew IP-IP Tunnel from mur.at is done
Christian Pointner [Fri, 1 Jun 2018 23:26:54 +0000 (01:26 +0200)]
new IP-IP Tunnel from mur.at is done

6 years agoadded gnocci roadmap
Christian Pointner [Fri, 1 Jun 2018 23:11:57 +0000 (01:11 +0200)]
added gnocci roadmap

6 years agonew ssh pubkey
Bernhard Tittelbach [Tue, 22 May 2018 20:35:44 +0000 (22:35 +0200)]
new ssh pubkey

6 years agoroles/openwrt-image: Pin the LEDE release signing key
nicoo [Mon, 21 May 2018 12:02:28 +0000 (14:02 +0200)]
roles/openwrt-image: Pin the LEDE release signing key

This addresses a security issue where an attacker with a key that GnuPG
considers valid (but doesn't claim to be LEDE's) can get their signature
accepted on malicious files.

This should also solve the issue equinox had with key validity.