Commit Graph

89 Commits

Author SHA1 Message Date
genofire c18f53b8ea Add rspamd support.
Postfix uses the Rspamd proxy as spam filtering milter
and HAProxy exposes the Rspamd webinterface through HTTPS.

Updates #10
2020-10-26 23:46:16 +01:00
genofire 28fbdff74b Make HAProxy use its new chroot jail in /var/run/haproxy.
Fixes #19
2020-10-26 23:31:57 +01:00
genofire 97daf854d0 Add the missing sender_access map to Postfix's configuration.
Updates #18
2020-10-24 19:34:42 +02:00
genofire 0a6b680cda Write a role to setup a Redis instance.
The role expects two parameters:

  * `redis_instance`: the instance name
  * `redis_client_group`: the group allowed to access the instance's unix socket

Fixes #17
Updates #10
2020-10-24 14:07:10 +02:00
genofire 593d8deddf Only delete old service databases after a *successful* update 2020-10-24 05:25:49 +02:00
genofire 36e65e6fe3 Install and configure nsd and unbound on emma.ccchb.de
Fixes #15
2020-10-23 19:37:15 +02:00
genofire 8ea37c14df Wait for readiness.
Fixes #16.
2020-10-23 19:28:36 +02:00
genofire 7d811568e5 Make use of the Hetzner NTP servers.
Fixes #14 (again)
2020-10-23 19:12:55 +02:00
genofire 4addf597cc Install OpenNTPD on mail servers
Fixes #14
2020-10-23 19:03:23 +02:00
genofire 9110d9df82 Add a Postfix role and apply it to emma
Changes #10
2020-10-23 03:32:54 +02:00
genofire 372f5265d7 Add a Dovecot role
Changes #10
2020-10-21 16:18:30 +02:00
genofire 4dfd89dff1 Add Let's Encrypt support to HAProxy.
Closes #13
2020-10-21 16:10:23 +02:00
genofire 4696d140aa Use s6-log's native readiness notification support.
Fixes #9
2020-10-20 14:08:28 +02:00
genofire d3f447dce4 Tag the /var/log/haproxy tmpfs as a late file system.
Fixes #8
2020-10-19 14:21:11 +02:00
genofire cb8403a0d3 Create a tmpfs at /var/log/haproxy.
Fixes #6.
2020-10-16 15:55:54 +02:00
genofire 6031ddc028 Apply a 16 or 56 bit mask to source IP addresses 2020-10-03 04:00:30 +02:00
genofire dd16e9281d Make HAProxy happy (overwrite log type) 2020-10-03 03:19:12 +02:00
genofire 3609982b4c Enable HAProxy service 2020-10-03 03:14:01 +02:00
genofire 02fdf86327 Add SNI support as requested in #1 2020-10-03 03:04:44 +02:00
genofire 276cff4373 Add HAProxy role. Fixes #4 2020-10-03 02:30:41 +02:00
genofire 45f8337144 use current template version of gitea 2020-09-18 16:22:28 +00:00
genofire c6fee04ba6 roles/gitea-ccchb: make menu black 2020-09-18 16:10:02 +00:00
genofire 5378e6f7f9 gitea: add logo 2020-09-18 15:47:42 +00:00
genofire e5afb434a5 move ansible-role-gitea to fork 2020-09-18 13:02:21 +00:00
genofire 1b35ee4de3 roles/user_mgmt: fix state for ssh_keys 2020-09-18 11:17:02 +00:00
genofire 48541be6dd roles/debian: fix networking disable 2020-09-18 11:16:42 +00:00
genofire bff7609ec4 add gitea 2020-09-18 11:15:57 +00:00
Geno a771624793 roles/user_mgmt: improve by using state and default values 2020-09-17 14:12:22 +00:00
Geno dee5a45271 roles/user_mgmt: for add/delete users and ssh_keys 2020-09-17 12:55:13 +00:00
Crest 53f795faf6 Autostart the enabled bhyve guests 2020-09-17 02:38:24 +02:00
Geno d39eb49c37 roles: Add nextcloud (for debian) 2020-09-17 00:16:55 +00:00
Geno fcf03aaea7 roles: Add php (for debian) 2020-09-17 00:16:36 +00:00
Geno 1bcada7ffe roles: Add nginx (for debian) 2020-09-17 00:16:19 +00:00
Geno 2803c0aaea Add default setup for debian (HACKY/WIP) 2020-09-17 00:14:54 +00:00
Crest 2bae7c9cc1 Run bhyve guests under s6 supervision 2020-09-14 03:52:49 +02:00
Crest e03c04873c Create (multiple) ZFS volumes per guest 2020-09-14 01:25:20 +02:00
Crest 05ec7f2022 Use ansible ipath to derive /31 and /127 from the guest index 2020-09-14 01:24:17 +02:00
Crest 82df9558cd Split bhyve into network, storage and s6 2020-09-14 00:40:21 +02:00
Crest 9783faab61 Add a s6-rc role 2020-09-14 00:38:41 +02:00