noc.git
8 months agofix equinox gpg key-id master
Christian Pointner [Sat, 14 Sep 2019 23:46:29 +0000 (01:46 +0200)]
fix equinox gpg key-id

10 months agoMerge PR#66: VM bootstraping improvements
nicoo [Fri, 2 Aug 2019 23:06:32 +0000 (01:06 +0200)]
Merge PR#66: VM bootstraping improvements

10 months agoMerge PR#64: added fixes for ansible 2.8
nicoo [Fri, 2 Aug 2019 22:57:44 +0000 (00:57 +0200)]
Merge PR#64: added fixes for ansible 2.8

10 months agomake sure facts from previous installs are removed before reinstalling a machine
Christian Pointner [Tue, 16 Jul 2019 20:42:24 +0000 (22:42 +0200)]
make sure facts from previous installs are removed before reinstalling a machine

10 months agonicer loop labels
Christian Pointner [Tue, 16 Jul 2019 20:36:39 +0000 (22:36 +0200)]
nicer loop labels

10 months agopreseed: add option to allow installation using dhcp
Christian Pointner [Tue, 16 Jul 2019 20:15:39 +0000 (22:15 +0200)]
preseed: add option to allow installation using dhcp

10 months agopreseed: debian buster names interfaces differently than stretch and in a way that...
Christian Pointner [Tue, 16 Jul 2019 20:14:47 +0000 (22:14 +0200)]
preseed: debian buster names interfaces differently than stretch and in a way that is incompatible with our vm network interface scheme. This patch fixes the problem by making the name policy for network interfaces configurable

10 months agovm/define: the vm autostart flag survives even if the vm is undefined so we need...
Christian Pointner [Tue, 16 Jul 2019 20:10:55 +0000 (22:10 +0200)]
vm/define: the vm autostart flag survives even if the vm is undefined so we need a way to force disabling autostart

10 months agovm/host: add missing dependencies
Christian Pointner [Tue, 16 Jul 2019 20:05:38 +0000 (22:05 +0200)]
vm/host: add missing dependencies

10 months agofix wrong deprecation warning for group-names
Christian Pointner [Tue, 16 Jul 2019 20:18:39 +0000 (22:18 +0200)]
fix wrong deprecation warning for group-names

11 months agoadded fixes for ansible 2.8
Christian Pointner [Sat, 6 Jul 2019 00:24:24 +0000 (02:24 +0200)]
added fixes for ansible 2.8

11 months agoMerge pull request #63 from realraum/sack-workaround
Christian Pointner [Mon, 17 Jun 2019 21:39:27 +0000 (23:39 +0200)]
Merge pull request #63 from realraum/sack-workaround

ansible/base: Workaround SACK DoS ([NFLX-2019-001])

11 months agoansible/base: Workaround [NFLX-2019-001] (CVE-2019-1147{7,8,9})
nicoo [Mon, 17 Jun 2019 21:04:15 +0000 (17:04 -0400)]
ansible/base: Workaround [NFLX-2019-001] (CVE-2019-1147{7,8,9})

Disable Selective Acknowledgement (SACK)

[NFLX-2019-001]: https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md

15 months agoMerge PR#62: vault/gpg: show long key-ids
nicoo [Mon, 25 Feb 2019 17:47:14 +0000 (18:47 +0100)]
Merge PR#62: vault/gpg: show long key-ids

15 months agovault/gpg: show long key-ids
Christian Pointner [Wed, 13 Feb 2019 14:17:36 +0000 (15:17 +0100)]
vault/gpg: show long key-ids

15 months agoMerge pull request #58 from realraum/accesspoints/no-roaming-for-iot-wifi
Christian Pointner [Wed, 6 Feb 2019 18:16:05 +0000 (19:16 +0100)]
Merge pull request #58 from realraum/accesspoints/no-roaming-for-iot-wifi

don't force roaming on iot wifi

15 months agoMerge PR#57: preseed: fix partman syntax
nicoo [Wed, 6 Feb 2019 17:36:47 +0000 (18:36 +0100)]
Merge PR#57: preseed: fix partman syntax

16 months agodon't force roaming on iot wifi
Christian Pointner [Sat, 2 Feb 2019 02:04:01 +0000 (03:04 +0100)]
don't force roaming on iot wifi

16 months agopreseed: fix partman syntax
Christian Pointner [Sat, 2 Feb 2019 01:29:38 +0000 (02:29 +0100)]
preseed: fix partman syntax

16 months agoMerge pull request #56 from realraum/update-vm-config
Christian Pointner [Sat, 2 Feb 2019 01:47:24 +0000 (02:47 +0100)]
Merge pull request #56 from realraum/update-vm-config

Playbook for updating a VM's configuration

16 months agovm-update: Gather facts before running vm/network
nicoo [Tue, 29 Jan 2019 14:00:37 +0000 (15:00 +0100)]
vm-update: Gather facts before running vm/network

That role needs the fact `ansible_distribution` & such.

16 months agoRefactor VM definition playbook and template to a separate role
nicoo [Tue, 29 Jan 2019 13:16:32 +0000 (14:16 +0100)]
Refactor VM definition playbook and template to a separate role

16 months agovm-update: Use post_tasks rather than explicit flush_handlers
nicoo [Mon, 28 Jan 2019 15:41:23 +0000 (16:41 +0100)]
vm-update: Use post_tasks rather than explicit flush_handlers

16 months agoMake `run_installer` default to no in the libvirt template
nicoo [Mon, 28 Jan 2019 15:40:09 +0000 (16:40 +0100)]
Make `run_installer` default to no in the libvirt template

16 months agoansible/host_vars: Add installation metadata for the metrics VM
nicoo [Thu, 24 Jan 2019 19:08:30 +0000 (20:08 +0100)]
ansible/host_vars: Add installation metadata for the metrics VM

16 months agoansible: Add vm-update playbook
nicoo [Thu, 24 Jan 2019 19:06:38 +0000 (20:06 +0100)]
ansible: Add vm-update playbook

This playbook updates the domain definition for an existing VM,
allowing to upgrade to newer features (like virtio-rng) without
reinstalling.

16 months agoMerge PR#55: disable facts gathering for usb-install playbook
nicoo [Thu, 24 Jan 2019 12:09:12 +0000 (13:09 +0100)]
Merge PR#55: disable facts gathering for usb-install playbook

16 months agodisable facts gathering for usb-install playbook
Christian Pointner [Wed, 23 Jan 2019 18:29:05 +0000 (19:29 +0100)]
disable facts gathering for usb-install playbook

16 months agoremove useless empty file
Christian Pointner [Thu, 17 Jan 2019 10:13:44 +0000 (11:13 +0100)]
remove useless empty file

16 months agoMerge PR#54: Friendly loop indexes when setting adduser options
nicoo [Sat, 12 Jan 2019 23:39:01 +0000 (00:39 +0100)]
Merge PR#54: Friendly loop indexes when setting adduser options

Reviewed-by: equinox0815

16 months agoansible/base: Friendly loop indexes when setting adduser options
nicoo [Sat, 12 Jan 2019 23:13:41 +0000 (00:13 +0100)]
ansible/base: Friendly loop indexes when setting adduser options

16 months agoMerge pull request #53 from realraum/install/serial
Christian Pointner [Sat, 12 Jan 2019 23:25:57 +0000 (00:25 +0100)]
Merge pull request #53 from realraum/install/serial

make kernel command line options configurable

16 months agojinja2 != python ...
Christian Pointner [Sat, 12 Jan 2019 23:22:37 +0000 (00:22 +0100)]
jinja2 != python ...

16 months agonot need to set a default for install.kernel_cmdline because is skipped if the varaib...
Christian Pointner [Sat, 12 Jan 2019 23:19:33 +0000 (00:19 +0100)]
not need to set a default for install.kernel_cmdline because is skipped if the varaibled is undefined

16 months agoansible: Make install.kernel_cmdline a list
nicoo [Sat, 12 Jan 2019 23:02:33 +0000 (00:02 +0100)]
ansible: Make install.kernel_cmdline a list

Not all kernel command-line parameters look like key=value.

16 months agoansible/base: Use map + join rather than a complicated loop
nicoo [Sat, 12 Jan 2019 22:53:59 +0000 (23:53 +0100)]
ansible/base: Use map + join rather than a complicated loop

16 months agovga=off is deprecated
Christian Pointner [Fri, 11 Jan 2019 00:26:36 +0000 (01:26 +0100)]
vga=off is deprecated

16 months agocall update-grub after changing config
Christian Pointner [Fri, 11 Jan 2019 00:13:36 +0000 (01:13 +0100)]
call update-grub after changing config

16 months agomake kernel command line options configurable.
Christian Pointner [Thu, 10 Jan 2019 00:07:16 +0000 (01:07 +0100)]
make kernel command line options configurable.

fixes #51

16 months agoMerge pull request #52 from realraum/preseed/disk-selection
Christian Pointner [Sat, 12 Jan 2019 22:47:06 +0000 (23:47 +0100)]
Merge pull request #52 from realraum/preseed/disk-selection

preseed/install: make disk selection work with udev device paths

16 months agoMerge pull request #50 from realraum/ansible/openwrt-image-links
Christian Pointner [Sat, 12 Jan 2019 22:46:23 +0000 (23:46 +0100)]
Merge pull request #50 from realraum/ansible/openwrt-image-links

add support for symlinks on openwrt/image role

16 months agoMerge pull request #49 from realraum/ansible/lint
Christian Pointner [Sat, 12 Jan 2019 22:46:07 +0000 (23:46 +0100)]
Merge pull request #49 from realraum/ansible/lint

add ansible-lint for roles

16 months agopreseed/install: make disk selection work with udev device paths
Christian Pointner [Wed, 9 Jan 2019 01:08:47 +0000 (02:08 +0100)]
preseed/install: make disk selection work with udev device paths

17 months agoansible: added support for symlinks on openwrt/image role
Christian Pointner [Sat, 29 Dec 2018 05:03:31 +0000 (06:03 +0100)]
ansible: added support for symlinks on openwrt/image role

17 months agomove call to ansible lint to /ansible/lint.sh
Christian Pointner [Sun, 23 Dec 2018 21:20:07 +0000 (22:20 +0100)]
move call to ansible lint to /ansible/lint.sh

17 months agofix wording in generic linter playbook
Christian Pointner [Sun, 23 Dec 2018 21:17:25 +0000 (22:17 +0100)]
fix wording in generic linter playbook

17 months agoupdated ansible/Readme.md again...
Christian Pointner [Sun, 23 Dec 2018 14:22:05 +0000 (15:22 +0100)]
updated ansible/Readme.md again...

17 months agoupdated ansible/Readme.md
Christian Pointner [Sun, 23 Dec 2018 14:20:49 +0000 (15:20 +0100)]
updated ansible/Readme.md

17 months agoadd some info about ansible-lint
Christian Pointner [Sun, 23 Dec 2018 14:12:56 +0000 (15:12 +0100)]
add some info about ansible-lint

17 months agofix ansible syntax
Christian Pointner [Sun, 23 Dec 2018 13:52:22 +0000 (14:52 +0100)]
fix ansible syntax

17 months agosome more linter fixes
Christian Pointner [Sun, 23 Dec 2018 13:49:41 +0000 (14:49 +0100)]
some more linter fixes

17 months agoadd all roles to linter
Christian Pointner [Sun, 23 Dec 2018 13:29:02 +0000 (14:29 +0100)]
add all roles to linter

17 months agouse pushd/popd to change to ansible dir
Christian Pointner [Sun, 23 Dec 2018 13:25:51 +0000 (14:25 +0100)]
use pushd/popd to change to ansible dir

17 months agoansible-lint: fix base role
Christian Pointner [Sun, 23 Dec 2018 13:21:11 +0000 (14:21 +0100)]
ansible-lint: fix base role

17 months agoadded ansible linter config
Christian Pointner [Sun, 23 Dec 2018 13:17:02 +0000 (14:17 +0100)]
added ansible linter config

17 months agotry to fix pip in travis
Christian Pointner [Sun, 23 Dec 2018 13:10:41 +0000 (14:10 +0100)]
try to fix pip in travis

17 months agoadded ansible-lint to travis
Christian Pointner [Sun, 23 Dec 2018 13:06:34 +0000 (14:06 +0100)]
added ansible-lint to travis

17 months agoMerge PR#48: replace command module running mktemp with tempfile module
nicoo [Sat, 22 Dec 2018 23:34:52 +0000 (00:34 +0100)]
Merge PR#48: replace command module running mktemp with tempfile module

17 months agoreplace command module running mktemp with tempfile module
Christian Pointner [Sat, 22 Dec 2018 00:02:43 +0000 (01:02 +0100)]
replace command module running mktemp with tempfile module

17 months agoMerge pull request #47 from realraum/net/congestion-control
Christian Pointner [Fri, 21 Dec 2018 18:14:00 +0000 (19:14 +0100)]
Merge pull request #47 from realraum/net/congestion-control

base: Set congestion control option

17 months agoubuntu xenial install hew kernel by default
Christian Pointner [Thu, 20 Dec 2018 22:02:48 +0000 (23:02 +0100)]
ubuntu xenial install hew kernel by default

17 months agoctf has been moved
Christian Pointner [Tue, 18 Dec 2018 23:07:29 +0000 (00:07 +0100)]
ctf has been moved

17 months agoansible/base: Drop network_modules variable
nicoo [Tue, 18 Dec 2018 01:29:36 +0000 (02:29 +0100)]
ansible/base: Drop network_modules variable

17 months agoansible/base: Add network tasks, set congestion control options
nicoo [Mon, 17 Dec 2018 16:09:02 +0000 (17:09 +0100)]
ansible/base: Add network tasks, set congestion control options

17 months agoansible: Split base role into separate task files
nicoo [Mon, 17 Dec 2018 15:14:47 +0000 (16:14 +0100)]
ansible: Split base role into separate task files

It was becoming difficult to find things in there.

17 months agoMerge PR#46: add fgenesis ssh key to tuergit
nicoo [Tue, 11 Dec 2018 11:19:21 +0000 (12:19 +0100)]
Merge PR#46: add fgenesis ssh key to tuergit

17 months agoMerge PR#44: added new ctf host
nicoo [Tue, 11 Dec 2018 11:16:36 +0000 (12:16 +0100)]
Merge PR#44: added new ctf host

17 months agoadd fgenesis ssh key to tuergit
Christian Pointner [Mon, 10 Dec 2018 21:23:27 +0000 (22:23 +0100)]
add fgenesis ssh key to tuergit

17 months agoctf: Move host vars from inventory to host_vars/ & document them
nicoo [Sat, 8 Dec 2018 09:51:48 +0000 (10:51 +0100)]
ctf: Move host vars from inventory to host_vars/ & document them

17 months agoMerge PR#45: Preseed fixes
nicoo [Sat, 8 Dec 2018 09:46:23 +0000 (10:46 +0100)]
Merge PR#45: Preseed fixes

17 months agopreseed: fix hostname and domain setting
Christian Pointner [Sat, 8 Dec 2018 00:14:26 +0000 (01:14 +0100)]
preseed: fix hostname and domain setting

17 months agopreseed: don't load firmware for unknown hardware
Christian Pointner [Fri, 7 Dec 2018 22:56:37 +0000 (23:56 +0100)]
preseed: don't load firmware for unknown hardware

17 months agoaccesspoints are now deployed using ansible
Christian Pointner [Sat, 8 Dec 2018 03:16:15 +0000 (04:16 +0100)]
accesspoints are now deployed using ansible

17 months agoadded new ctf host
Christian Pointner [Wed, 5 Dec 2018 22:01:48 +0000 (23:01 +0100)]
added new ctf host

18 months agowhitespace-only fix
Christian Pointner [Sun, 2 Dec 2018 08:28:45 +0000 (09:28 +0100)]
whitespace-only fix

18 months agoMerge PR#43: nicer handling for ssh keys
nicoo [Fri, 30 Nov 2018 23:11:53 +0000 (00:11 +0100)]
Merge PR#43: nicer handling for ssh keys

18 months agonicer template to generate authorized keys for openwrt
Christian Pointner [Fri, 30 Nov 2018 21:36:19 +0000 (22:36 +0100)]
nicer template to generate authorized keys for openwrt

18 months agoadd filter plugin to generate ssh key list
Christian Pointner [Fri, 30 Nov 2018 20:01:19 +0000 (21:01 +0100)]
add filter plugin to generate ssh key list

18 months agointroduce ssh_users_root
Christian Pointner [Fri, 30 Nov 2018 07:03:55 +0000 (08:03 +0100)]
introduce ssh_users_root

18 months agoMerge PR#41: updated preseed templates for ubuntu xenial and bionic
nicoo [Fri, 30 Nov 2018 19:04:47 +0000 (20:04 +0100)]
Merge PR#41: updated preseed templates for ubuntu xenial and bionic

18 months agoadd support for netplan on ubuntu bionic
Christian Pointner [Wed, 28 Nov 2018 01:20:44 +0000 (02:20 +0100)]
add support for netplan on ubuntu bionic

fixes #42

18 months agovm/network: ubuntu bionic uses netplan...
Christian Pointner [Wed, 28 Nov 2018 00:40:14 +0000 (01:40 +0100)]
vm/network: ubuntu bionic uses netplan...

18 months agoupdated preseed templates for ubuntu xenial and bionic
Christian Pointner [Mon, 26 Nov 2018 23:38:53 +0000 (00:38 +0100)]
updated preseed templates for ubuntu xenial and bionic

18 months agofix role name for openwrt/image
Christian Pointner [Mon, 26 Nov 2018 22:42:25 +0000 (23:42 +0100)]
fix role name for openwrt/image

18 months agoMerge pull request #39 from realraum/openwrt/roles-rename
Christian Pointner [Mon, 26 Nov 2018 22:37:51 +0000 (23:37 +0100)]
Merge pull request #39 from realraum/openwrt/roles-rename

Rename openwrt-image role to openwrt/image

18 months agoMerge pull request #38 from realraum/gpg/nicoo
Christian Pointner [Mon, 26 Nov 2018 22:37:30 +0000 (23:37 +0100)]
Merge pull request #38 from realraum/gpg/nicoo

gpg: Remove my old key from the keyring

18 months agoMerge pull request #37 from realraum/files-vs-artifacts
Christian Pointner [Mon, 26 Nov 2018 22:37:05 +0000 (23:37 +0100)]
Merge pull request #37 from realraum/files-vs-artifacts

Files vs artifacts

18 months agoShip default /etc/htoprc in access points & base
nicoo [Mon, 26 Nov 2018 22:31:24 +0000 (23:31 +0100)]
Ship default /etc/htoprc in access points & base

18 months agobase: Refactor deployment of default config files
nicoo [Mon, 26 Nov 2018 22:30:58 +0000 (23:30 +0100)]
base: Refactor deployment of default config files

18 months agoaccesspoints: Extract htop config to a common file
nicoo [Mon, 26 Nov 2018 22:17:38 +0000 (23:17 +0100)]
accesspoints: Extract htop config to a common file

18 months agoRename openwrt-image role to openwrt/image
nicoo [Mon, 26 Nov 2018 22:10:54 +0000 (23:10 +0100)]
Rename openwrt-image role to openwrt/image

18 months agogpg: Remove my old key from the keyring
nicoo [Mon, 26 Nov 2018 21:59:46 +0000 (22:59 +0100)]
gpg: Remove my old key from the keyring

0x772B11B4F2DC80E1212B3F41B0739AAD91B7CDC0 was removed.

18 months agoFix permissions on files/torwaechter/update-keys-from-stdin.sh
nicoo [Mon, 26 Nov 2018 21:46:22 +0000 (22:46 +0100)]
Fix permissions on files/torwaechter/update-keys-from-stdin.sh

18 months agoansible: Split files and artifact directories
nicoo [Mon, 26 Nov 2018 21:45:10 +0000 (22:45 +0100)]
ansible: Split files and artifact directories

- artifacts are assets generated by Ansible, not under version control
- files are static assets under version control

18 months agofixed renaming of gnocci host_vars directories
Christian Pointner [Mon, 26 Nov 2018 21:44:59 +0000 (22:44 +0100)]
fixed renaming of gnocci host_vars directories

18 months agoMerge PR#17: add accesspoints playbook
nicoo [Mon, 26 Nov 2018 21:36:54 +0000 (22:36 +0100)]
Merge PR#17: add accesspoints playbook

18 months agoAdd a dummy ansible.cfg at the root, to make git helpers work
nicoo [Mon, 26 Nov 2018 21:29:28 +0000 (22:29 +0100)]
Add a dummy ansible.cfg at the root, to make git helpers work

18 months agoGenerate accesspoint_wireless_ifaces from a template
Christian Pointner [Mon, 26 Nov 2018 21:08:46 +0000 (22:08 +0100)]
Generate accesspoint_wireless_ifaces from a template

18 months agoadded some minimal wifi tuning
Christian Pointner [Sun, 25 Nov 2018 03:36:29 +0000 (04:36 +0100)]
added some minimal wifi tuning

18 months agoconfiguring network zones works now
Christian Pointner [Sun, 25 Nov 2018 02:50:57 +0000 (03:50 +0100)]
configuring network zones works now