noc.git
4 years agoGrant all members of NOC access to ctf.realraum.at noc-access-ctf
nicoo [Tue, 15 Dec 2020 21:27:26 +0000 (22:27 +0100)]
Grant all members of NOC access to ctf.realraum.at

4 years agoMerge pull request #72 from realraum/membership-update
Patrick Pichler [Tue, 15 Dec 2020 21:14:52 +0000 (22:14 +0100)]
Merge pull request #72 from realraum/membership-update

Membership update

4 years agoansible/users: Update email address for nicoo membership-update
nicoo [Tue, 15 Dec 2020 20:51:56 +0000 (21:51 +0100)]
ansible/users: Update email address for nicoo

4 years agoansible/users: Add aveexy in data & to group NOC
nicoo [Tue, 15 Dec 2020 20:50:38 +0000 (21:50 +0100)]
ansible/users: Add aveexy in data & to group NOC

4 years agoansible/gpg: Add aveexy
nicoo [Tue, 15 Dec 2020 20:41:46 +0000 (21:41 +0100)]
ansible/gpg: Add aveexy

4 years agoansible/gpg: Refresh NOC keyring
nicoo [Tue, 15 Dec 2020 20:40:41 +0000 (21:40 +0100)]
ansible/gpg: Refresh NOC keyring

5 years agomatch expiration year with online version of key
Bernhard Tittelbach [Mon, 19 Oct 2020 22:32:41 +0000 (00:32 +0200)]
match expiration year with online version of key

5 years agoupdate equinox gpg key
Christian Pointner [Mon, 19 Oct 2020 18:41:23 +0000 (20:41 +0200)]
update equinox gpg key

5 years agotorwaechter: fix bug in tuergit hook script that prevent script from executing
Bernhard Tittelbach [Wed, 9 Sep 2020 22:28:58 +0000 (00:28 +0200)]
torwaechter: fix bug in tuergit hook script that prevent script from executing

5 years agocall upload script with sudo
Bernhard Tittelbach [Wed, 9 Sep 2020 22:17:57 +0000 (00:17 +0200)]
call upload script with sudo

5 years agogive d3 and ruru access to tuergit
Bernhard Tittelbach [Wed, 9 Sep 2020 21:26:08 +0000 (23:26 +0200)]
give d3 and ruru access to tuergit

6 years agofix equinox gpg key-id
Christian Pointner [Sat, 14 Sep 2019 23:46:29 +0000 (01:46 +0200)]
fix equinox gpg key-id

6 years agoMerge PR#66: VM bootstraping improvements
nicoo [Fri, 2 Aug 2019 23:06:32 +0000 (01:06 +0200)]
Merge PR#66: VM bootstraping improvements

6 years agoMerge PR#64: added fixes for ansible 2.8
nicoo [Fri, 2 Aug 2019 22:57:44 +0000 (00:57 +0200)]
Merge PR#64: added fixes for ansible 2.8

6 years agomake sure facts from previous installs are removed before reinstalling a machine
Christian Pointner [Tue, 16 Jul 2019 20:42:24 +0000 (22:42 +0200)]
make sure facts from previous installs are removed before reinstalling a machine

6 years agonicer loop labels
Christian Pointner [Tue, 16 Jul 2019 20:36:39 +0000 (22:36 +0200)]
nicer loop labels

6 years agopreseed: add option to allow installation using dhcp
Christian Pointner [Tue, 16 Jul 2019 20:15:39 +0000 (22:15 +0200)]
preseed: add option to allow installation using dhcp

6 years agopreseed: debian buster names interfaces differently than stretch and in a way that...
Christian Pointner [Tue, 16 Jul 2019 20:14:47 +0000 (22:14 +0200)]
preseed: debian buster names interfaces differently than stretch and in a way that is incompatible with our vm network interface scheme. This patch fixes the problem by making the name policy for network interfaces configurable

6 years agovm/define: the vm autostart flag survives even if the vm is undefined so we need...
Christian Pointner [Tue, 16 Jul 2019 20:10:55 +0000 (22:10 +0200)]
vm/define: the vm autostart flag survives even if the vm is undefined so we need a way to force disabling autostart

6 years agovm/host: add missing dependencies
Christian Pointner [Tue, 16 Jul 2019 20:05:38 +0000 (22:05 +0200)]
vm/host: add missing dependencies

6 years agofix wrong deprecation warning for group-names
Christian Pointner [Tue, 16 Jul 2019 20:18:39 +0000 (22:18 +0200)]
fix wrong deprecation warning for group-names

6 years agoadded fixes for ansible 2.8
Christian Pointner [Sat, 6 Jul 2019 00:24:24 +0000 (02:24 +0200)]
added fixes for ansible 2.8

6 years agoMerge pull request #63 from realraum/sack-workaround
Christian Pointner [Mon, 17 Jun 2019 21:39:27 +0000 (23:39 +0200)]
Merge pull request #63 from realraum/sack-workaround

ansible/base: Workaround SACK DoS ([NFLX-2019-001])

6 years agoansible/base: Workaround [NFLX-2019-001] (CVE-2019-1147{7,8,9})
nicoo [Mon, 17 Jun 2019 21:04:15 +0000 (17:04 -0400)]
ansible/base: Workaround [NFLX-2019-001] (CVE-2019-1147{7,8,9})

Disable Selective Acknowledgement (SACK)

[NFLX-2019-001]: https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md

6 years agoMerge PR#62: vault/gpg: show long key-ids
nicoo [Mon, 25 Feb 2019 17:47:14 +0000 (18:47 +0100)]
Merge PR#62: vault/gpg: show long key-ids

6 years agovault/gpg: show long key-ids
Christian Pointner [Wed, 13 Feb 2019 14:17:36 +0000 (15:17 +0100)]
vault/gpg: show long key-ids

6 years agoMerge pull request #58 from realraum/accesspoints/no-roaming-for-iot-wifi
Christian Pointner [Wed, 6 Feb 2019 18:16:05 +0000 (19:16 +0100)]
Merge pull request #58 from realraum/accesspoints/no-roaming-for-iot-wifi

don't force roaming on iot wifi

6 years agoMerge PR#57: preseed: fix partman syntax
nicoo [Wed, 6 Feb 2019 17:36:47 +0000 (18:36 +0100)]
Merge PR#57: preseed: fix partman syntax

6 years agodon't force roaming on iot wifi
Christian Pointner [Sat, 2 Feb 2019 02:04:01 +0000 (03:04 +0100)]
don't force roaming on iot wifi

6 years agopreseed: fix partman syntax
Christian Pointner [Sat, 2 Feb 2019 01:29:38 +0000 (02:29 +0100)]
preseed: fix partman syntax

6 years agoMerge pull request #56 from realraum/update-vm-config
Christian Pointner [Sat, 2 Feb 2019 01:47:24 +0000 (02:47 +0100)]
Merge pull request #56 from realraum/update-vm-config

Playbook for updating a VM's configuration

6 years agovm-update: Gather facts before running vm/network
nicoo [Tue, 29 Jan 2019 14:00:37 +0000 (15:00 +0100)]
vm-update: Gather facts before running vm/network

That role needs the fact `ansible_distribution` & such.

6 years agoRefactor VM definition playbook and template to a separate role
nicoo [Tue, 29 Jan 2019 13:16:32 +0000 (14:16 +0100)]
Refactor VM definition playbook and template to a separate role

6 years agovm-update: Use post_tasks rather than explicit flush_handlers
nicoo [Mon, 28 Jan 2019 15:41:23 +0000 (16:41 +0100)]
vm-update: Use post_tasks rather than explicit flush_handlers

6 years agoMake `run_installer` default to no in the libvirt template
nicoo [Mon, 28 Jan 2019 15:40:09 +0000 (16:40 +0100)]
Make `run_installer` default to no in the libvirt template

6 years agoansible/host_vars: Add installation metadata for the metrics VM
nicoo [Thu, 24 Jan 2019 19:08:30 +0000 (20:08 +0100)]
ansible/host_vars: Add installation metadata for the metrics VM

6 years agoansible: Add vm-update playbook
nicoo [Thu, 24 Jan 2019 19:06:38 +0000 (20:06 +0100)]
ansible: Add vm-update playbook

This playbook updates the domain definition for an existing VM,
allowing to upgrade to newer features (like virtio-rng) without
reinstalling.

6 years agoMerge PR#55: disable facts gathering for usb-install playbook
nicoo [Thu, 24 Jan 2019 12:09:12 +0000 (13:09 +0100)]
Merge PR#55: disable facts gathering for usb-install playbook

6 years agodisable facts gathering for usb-install playbook
Christian Pointner [Wed, 23 Jan 2019 18:29:05 +0000 (19:29 +0100)]
disable facts gathering for usb-install playbook

6 years agoremove useless empty file
Christian Pointner [Thu, 17 Jan 2019 10:13:44 +0000 (11:13 +0100)]
remove useless empty file

6 years agoMerge PR#54: Friendly loop indexes when setting adduser options
nicoo [Sat, 12 Jan 2019 23:39:01 +0000 (00:39 +0100)]
Merge PR#54: Friendly loop indexes when setting adduser options

Reviewed-by: equinox0815

6 years agoansible/base: Friendly loop indexes when setting adduser options
nicoo [Sat, 12 Jan 2019 23:13:41 +0000 (00:13 +0100)]
ansible/base: Friendly loop indexes when setting adduser options

6 years agoMerge pull request #53 from realraum/install/serial
Christian Pointner [Sat, 12 Jan 2019 23:25:57 +0000 (00:25 +0100)]
Merge pull request #53 from realraum/install/serial

make kernel command line options configurable

6 years agojinja2 != python ...
Christian Pointner [Sat, 12 Jan 2019 23:22:37 +0000 (00:22 +0100)]
jinja2 != python ...

6 years agonot need to set a default for install.kernel_cmdline because is skipped if the varaib...
Christian Pointner [Sat, 12 Jan 2019 23:19:33 +0000 (00:19 +0100)]
not need to set a default for install.kernel_cmdline because is skipped if the varaibled is undefined

6 years agoansible: Make install.kernel_cmdline a list
nicoo [Sat, 12 Jan 2019 23:02:33 +0000 (00:02 +0100)]
ansible: Make install.kernel_cmdline a list

Not all kernel command-line parameters look like key=value.

6 years agoansible/base: Use map + join rather than a complicated loop
nicoo [Sat, 12 Jan 2019 22:53:59 +0000 (23:53 +0100)]
ansible/base: Use map + join rather than a complicated loop

6 years agovga=off is deprecated
Christian Pointner [Fri, 11 Jan 2019 00:26:36 +0000 (01:26 +0100)]
vga=off is deprecated

6 years agocall update-grub after changing config
Christian Pointner [Fri, 11 Jan 2019 00:13:36 +0000 (01:13 +0100)]
call update-grub after changing config

6 years agomake kernel command line options configurable.
Christian Pointner [Thu, 10 Jan 2019 00:07:16 +0000 (01:07 +0100)]
make kernel command line options configurable.

fixes #51

6 years agoMerge pull request #52 from realraum/preseed/disk-selection
Christian Pointner [Sat, 12 Jan 2019 22:47:06 +0000 (23:47 +0100)]
Merge pull request #52 from realraum/preseed/disk-selection

preseed/install: make disk selection work with udev device paths

6 years agoMerge pull request #50 from realraum/ansible/openwrt-image-links
Christian Pointner [Sat, 12 Jan 2019 22:46:23 +0000 (23:46 +0100)]
Merge pull request #50 from realraum/ansible/openwrt-image-links

add support for symlinks on openwrt/image role

6 years agoMerge pull request #49 from realraum/ansible/lint
Christian Pointner [Sat, 12 Jan 2019 22:46:07 +0000 (23:46 +0100)]
Merge pull request #49 from realraum/ansible/lint

add ansible-lint for roles

6 years agopreseed/install: make disk selection work with udev device paths
Christian Pointner [Wed, 9 Jan 2019 01:08:47 +0000 (02:08 +0100)]
preseed/install: make disk selection work with udev device paths

6 years agoansible: added support for symlinks on openwrt/image role
Christian Pointner [Sat, 29 Dec 2018 05:03:31 +0000 (06:03 +0100)]
ansible: added support for symlinks on openwrt/image role

6 years agomove call to ansible lint to /ansible/lint.sh
Christian Pointner [Sun, 23 Dec 2018 21:20:07 +0000 (22:20 +0100)]
move call to ansible lint to /ansible/lint.sh

6 years agofix wording in generic linter playbook
Christian Pointner [Sun, 23 Dec 2018 21:17:25 +0000 (22:17 +0100)]
fix wording in generic linter playbook

6 years agoupdated ansible/Readme.md again...
Christian Pointner [Sun, 23 Dec 2018 14:22:05 +0000 (15:22 +0100)]
updated ansible/Readme.md again...

6 years agoupdated ansible/Readme.md
Christian Pointner [Sun, 23 Dec 2018 14:20:49 +0000 (15:20 +0100)]
updated ansible/Readme.md

6 years agoadd some info about ansible-lint
Christian Pointner [Sun, 23 Dec 2018 14:12:56 +0000 (15:12 +0100)]
add some info about ansible-lint

6 years agofix ansible syntax
Christian Pointner [Sun, 23 Dec 2018 13:52:22 +0000 (14:52 +0100)]
fix ansible syntax

6 years agosome more linter fixes
Christian Pointner [Sun, 23 Dec 2018 13:49:41 +0000 (14:49 +0100)]
some more linter fixes

6 years agoadd all roles to linter
Christian Pointner [Sun, 23 Dec 2018 13:29:02 +0000 (14:29 +0100)]
add all roles to linter

6 years agouse pushd/popd to change to ansible dir
Christian Pointner [Sun, 23 Dec 2018 13:25:51 +0000 (14:25 +0100)]
use pushd/popd to change to ansible dir

6 years agoansible-lint: fix base role
Christian Pointner [Sun, 23 Dec 2018 13:21:11 +0000 (14:21 +0100)]
ansible-lint: fix base role

6 years agoadded ansible linter config
Christian Pointner [Sun, 23 Dec 2018 13:17:02 +0000 (14:17 +0100)]
added ansible linter config

6 years agotry to fix pip in travis
Christian Pointner [Sun, 23 Dec 2018 13:10:41 +0000 (14:10 +0100)]
try to fix pip in travis

6 years agoadded ansible-lint to travis
Christian Pointner [Sun, 23 Dec 2018 13:06:34 +0000 (14:06 +0100)]
added ansible-lint to travis

6 years agoMerge PR#48: replace command module running mktemp with tempfile module
nicoo [Sat, 22 Dec 2018 23:34:52 +0000 (00:34 +0100)]
Merge PR#48: replace command module running mktemp with tempfile module

6 years agoreplace command module running mktemp with tempfile module
Christian Pointner [Sat, 22 Dec 2018 00:02:43 +0000 (01:02 +0100)]
replace command module running mktemp with tempfile module

6 years agoMerge pull request #47 from realraum/net/congestion-control
Christian Pointner [Fri, 21 Dec 2018 18:14:00 +0000 (19:14 +0100)]
Merge pull request #47 from realraum/net/congestion-control

base: Set congestion control option

6 years agoubuntu xenial install hew kernel by default
Christian Pointner [Thu, 20 Dec 2018 22:02:48 +0000 (23:02 +0100)]
ubuntu xenial install hew kernel by default

6 years agoctf has been moved
Christian Pointner [Tue, 18 Dec 2018 23:07:29 +0000 (00:07 +0100)]
ctf has been moved

6 years agoansible/base: Drop network_modules variable
nicoo [Tue, 18 Dec 2018 01:29:36 +0000 (02:29 +0100)]
ansible/base: Drop network_modules variable

6 years agoansible/base: Add network tasks, set congestion control options
nicoo [Mon, 17 Dec 2018 16:09:02 +0000 (17:09 +0100)]
ansible/base: Add network tasks, set congestion control options

6 years agoansible: Split base role into separate task files
nicoo [Mon, 17 Dec 2018 15:14:47 +0000 (16:14 +0100)]
ansible: Split base role into separate task files

It was becoming difficult to find things in there.

6 years agoMerge PR#46: add fgenesis ssh key to tuergit
nicoo [Tue, 11 Dec 2018 11:19:21 +0000 (12:19 +0100)]
Merge PR#46: add fgenesis ssh key to tuergit

6 years agoMerge PR#44: added new ctf host
nicoo [Tue, 11 Dec 2018 11:16:36 +0000 (12:16 +0100)]
Merge PR#44: added new ctf host

6 years agoadd fgenesis ssh key to tuergit
Christian Pointner [Mon, 10 Dec 2018 21:23:27 +0000 (22:23 +0100)]
add fgenesis ssh key to tuergit

6 years agoctf: Move host vars from inventory to host_vars/ & document them
nicoo [Sat, 8 Dec 2018 09:51:48 +0000 (10:51 +0100)]
ctf: Move host vars from inventory to host_vars/ & document them

6 years agoMerge PR#45: Preseed fixes
nicoo [Sat, 8 Dec 2018 09:46:23 +0000 (10:46 +0100)]
Merge PR#45: Preseed fixes

6 years agopreseed: fix hostname and domain setting
Christian Pointner [Sat, 8 Dec 2018 00:14:26 +0000 (01:14 +0100)]
preseed: fix hostname and domain setting

6 years agopreseed: don't load firmware for unknown hardware
Christian Pointner [Fri, 7 Dec 2018 22:56:37 +0000 (23:56 +0100)]
preseed: don't load firmware for unknown hardware

6 years agoaccesspoints are now deployed using ansible
Christian Pointner [Sat, 8 Dec 2018 03:16:15 +0000 (04:16 +0100)]
accesspoints are now deployed using ansible

6 years agoadded new ctf host
Christian Pointner [Wed, 5 Dec 2018 22:01:48 +0000 (23:01 +0100)]
added new ctf host

6 years agowhitespace-only fix
Christian Pointner [Sun, 2 Dec 2018 08:28:45 +0000 (09:28 +0100)]
whitespace-only fix

6 years agoMerge PR#43: nicer handling for ssh keys
nicoo [Fri, 30 Nov 2018 23:11:53 +0000 (00:11 +0100)]
Merge PR#43: nicer handling for ssh keys

6 years agonicer template to generate authorized keys for openwrt
Christian Pointner [Fri, 30 Nov 2018 21:36:19 +0000 (22:36 +0100)]
nicer template to generate authorized keys for openwrt

6 years agoadd filter plugin to generate ssh key list
Christian Pointner [Fri, 30 Nov 2018 20:01:19 +0000 (21:01 +0100)]
add filter plugin to generate ssh key list

6 years agointroduce ssh_users_root
Christian Pointner [Fri, 30 Nov 2018 07:03:55 +0000 (08:03 +0100)]
introduce ssh_users_root

6 years agoMerge PR#41: updated preseed templates for ubuntu xenial and bionic
nicoo [Fri, 30 Nov 2018 19:04:47 +0000 (20:04 +0100)]
Merge PR#41: updated preseed templates for ubuntu xenial and bionic

6 years agoadd support for netplan on ubuntu bionic
Christian Pointner [Wed, 28 Nov 2018 01:20:44 +0000 (02:20 +0100)]
add support for netplan on ubuntu bionic

fixes #42

6 years agovm/network: ubuntu bionic uses netplan...
Christian Pointner [Wed, 28 Nov 2018 00:40:14 +0000 (01:40 +0100)]
vm/network: ubuntu bionic uses netplan...

6 years agoupdated preseed templates for ubuntu xenial and bionic
Christian Pointner [Mon, 26 Nov 2018 23:38:53 +0000 (00:38 +0100)]
updated preseed templates for ubuntu xenial and bionic

6 years agofix role name for openwrt/image
Christian Pointner [Mon, 26 Nov 2018 22:42:25 +0000 (23:42 +0100)]
fix role name for openwrt/image

6 years agoMerge pull request #39 from realraum/openwrt/roles-rename
Christian Pointner [Mon, 26 Nov 2018 22:37:51 +0000 (23:37 +0100)]
Merge pull request #39 from realraum/openwrt/roles-rename

Rename openwrt-image role to openwrt/image

6 years agoMerge pull request #38 from realraum/gpg/nicoo
Christian Pointner [Mon, 26 Nov 2018 22:37:30 +0000 (23:37 +0100)]
Merge pull request #38 from realraum/gpg/nicoo

gpg: Remove my old key from the keyring

6 years agoMerge pull request #37 from realraum/files-vs-artifacts
Christian Pointner [Mon, 26 Nov 2018 22:37:05 +0000 (23:37 +0100)]
Merge pull request #37 from realraum/files-vs-artifacts

Files vs artifacts

6 years agoShip default /etc/htoprc in access points & base
nicoo [Mon, 26 Nov 2018 22:31:24 +0000 (23:31 +0100)]
Ship default /etc/htoprc in access points & base

6 years agobase: Refactor deployment of default config files
nicoo [Mon, 26 Nov 2018 22:30:58 +0000 (23:30 +0100)]
base: Refactor deployment of default config files