ansible-infra

Author	SHA1	Message	Date
NaeiKinDus	21185a17c4	feat(security): moved nftables reserved networks behind a feature flag and no longer block 0.0.0.0/8 and 169.254.0.0/16 by default to ease DHCP and APIPA configuration	2024-12-27 00:00:00 +00:00
NaeiKinDus	667c7de87e	fix(provisioner): fixed wrong variable used to retrieve github token when installing k3sup	2024-12-27 00:00:00 +00:00
NaeiKinDus	04fa08133e	feat(development): moved Virtualbox installation behind a feature flag, defaults to false	2024-12-27 00:00:00 +00:00
NaeiKinDus	6ef571ceb9	fix(common): added missing privileges elevation to firmware management tools installation step	2024-12-27 00:00:00 +00:00
NaeiKinDus	8275ee4790	chore(git): updated gitignore	2024-12-27 00:00:00 +00:00
NaeiKinDus	904b067816	feat: add terraform deployment for K8s invidious	2024-10-17 00:00:00 +00:00
NaeiKinDus	ff7c9d8b91	feat(common): add new timer function to ZSH	2024-09-23 00:00:00 +00:00
NaeiKinDus	c3305093e4	feat(vault): separated vault binary install and service configuration; use provisioner artifacts directory to store HC vault setup information; set group level HC vault instance info	2024-09-23 00:00:00 +00:00
NaeiKinDus	b6695cf49c	feat(tooling): added role skeleton for new ansible roles generated using Task	2024-08-18 00:00:00 +00:00
NaeiKinDus	31aaf10a5c	feat(nginx): added new nginx role to install and configure nginx webservers	2024-08-17 00:00:00 +00:00
NaeiKinDus	15cd8bf8da	feat(common): moved installation of firmware management tools behind a check, useful for external servers that prohibit usage of such tools	2024-08-08 00:00:00 +00:00
NaeiKinDus	3701ea6276	fix(security,common)!: moved sysctl and resolvconf tasks from common to security role to fix DNS resolution fail due to firewall rules	2024-08-08 00:00:00 +00:00
NaeiKinDus	b7ba39bce9	feat(security): tightened files mode for ssh configuration and enabled ipv6 on ssh, along with an increase on max sessions from 3 to 5	2024-08-08 00:00:00 +00:00
NaeiKinDus	3acdd804df	fix(security): fixed invalid template generation for nft rules 02 and 03 when ipv6 addresses are specified in controllers ips list	2024-08-08 00:00:00 +00:00
NaeiKinDus	b83c6c1d4f	fix(security): fixed wordwrap breaking long strings (ipv6 addresses) in nftables.conf	2024-08-08 00:00:00 +00:00
NaeiKinDus	9ab416993e	chore(playbooks)!: moved provisioners setup from internal to provisioner playbook	2024-08-08 00:00:00 +00:00
NaeiKinDus	ae79544b95	chore(playbooks): update external playbook to load provisioners facts and add tags	2024-08-08 00:00:00 +00:00
NaeiKinDus	dcb3b887f9	chore(inventory): update lithium and external group vars	2024-08-08 00:00:00 +00:00
NaeiKinDus	8577acb156	feat(security): add a way to override supervisors ip addresses for external devices	2024-08-08 00:00:00 +00:00
NaeiKinDus	641bf17fa4	feat(security): add tags to target security role or firewall actions	2024-08-08 00:00:00 +00:00
NaeiKinDus	6b15ecc3a6	feat(k3s): add possibility to provide a custom backend; moved opentofu states to postgresql on actinium	2024-07-29 00:00:00 +00:00
NaeiKinDus	1cd41762fc	feat(inventory): added invidious deployment to actinium	2024-07-29 00:00:00 +00:00
NaeiKinDus	193ee7c447	feat(k3s): allow custom Helm manifests installation	2024-07-29 00:00:00 +00:00
NaeiKinDus	f9aa2cfed5	fix(postgresql): added check to detect possible errors when executing custom init script	2024-07-28 00:00:00 +00:00
NaeiKinDus	7d6155f97e	feat(postgresql): added new role to install pgsql server	2024-07-27 00:00:00 +00:00
NaeiKinDus	068a2e2790	fix(security): fixed an issue leading to an invalid nftables.conf file being generated using provisioners ip addresses	2024-07-27 00:00:00 +00:00
NaeiKinDus	9914c7921a	chore(actinium): update invoice ninja to version 0.0.8	2024-07-26 00:00:00 +00:00
NaeiKinDus	e260d25245	feat(common): add acl package	2024-07-21 00:00:00 +00:00
NaeiKinDus	3ec536f299	feat: added tags for multiple roles used by internal.yml playbook	2024-07-13 00:00:00 +00:00
NaeiKinDus	736d90b82d	chore(python)!: cleanup and upgrade python3 dependencies	2024-07-12 00:00:00 +00:00
NaeiKinDus	6876a18241	fix(provisioner): added missing github_token parameter when installing k3sup	2024-07-11 00:00:00 +00:00
NaeiKinDus	50e7b53f97	chore(ansible): upgrade ansible community collections	2024-07-11 00:00:00 +00:00
NaeiKinDus	e52f87a448	feat(security): update / install clamav only if desired version and installed version differs	2024-07-11 00:00:00 +00:00
NaeiKinDus	31e40cc47a	fix(security): fixed incorrect target file for wait_for step when deploying clamav	2024-07-11 00:00:00 +00:00
NaeiKinDus	14a46715c7	feat(security): allow all registered provisioners to connect without limitations instead of the one running playbooks only	2024-07-11 00:00:00 +00:00
NaeiKinDus	332e367c3c	feat(provisioner): add variable that contains hostnames and DNS IP of registered provisioners in provisioner_facts	2024-07-11 00:00:00 +00:00
NaeiKinDus	679518872e	chore(inventory): removed useless unsepttrium subdirectory	2024-07-10 00:00:00 +00:00
NaeiKinDus	5d716cbf51	feat(workstation): added apt-file package	2024-07-10 00:00:00 +00:00
NaeiKinDus	49cfb442b7	chore(actinium): update invoice ninja to version 0.0.7	2024-07-10 00:00:00 +00:00
NaeiKinDus	95bb861049	refactor(k3s): replace code with what the provisioner role now offers and store opentofu data accordingly	2024-07-10 00:00:00 +00:00
NaeiKinDus	1b3e0c401c	feat(role): add provisioner role	2024-07-10 00:00:00 +00:00
NaeiKinDus	b22b39c92b	chore(README): fixed invalid requirements section which referenced the virtualenv package instead of venv	2024-07-10 00:00:00 +00:00
NaeiKinDus	2d4a8de985	fix(ansible): added missing galaxy requirement	2024-07-10 00:00:00 +00:00
NaeiKinDus	5c67a916ee	feat(github_artifact): add force parameter to force installation	2024-07-07 00:00:00 +00:00
NaeiKinDus	890c7646fa	refactor(development): use kubectl role instead of custom code	2024-07-07 00:00:00 +00:00
NaeiKinDus	41cb71e364	feat(role): add kubectl role	2024-07-07 00:00:00 +00:00
NaeiKinDus	247e2dbdad	refactor(development): use helm role instead of custom code	2024-07-07 00:00:00 +00:00
NaeiKinDus	d151db8ebf	feat(role): add helm role	2024-07-07 12:43:01 +00:00
NaeiKinDus	60a9f0a8cb	doc(README): added missing MD escape chars for module task section	2024-07-04 00:00:00 +00:00
NaeiKinDus	fc11d3ee83	feat(tooling): added tasks to generate a new ansible role or collection with default skeleton	2024-07-04 18:25:24 +00:00

1 2

98 commits