aboutsummaryrefslogtreecommitdiffstats
path: root/roles/space_server/tasks
AgeCommit message (Collapse)Author
2021-01-29space_server: chrony: start chrony after we're onlineEmil Renner Berthing
2021-01-22space_server: named: add trust-ad option to resolv.confEmil Renner Berthing
2021-01-19space_server: radius: use letsencrypt certificateEmil Renner Berthing
2021-01-19space_server: certbot: get space.labitat.dk certificateEmil Renner Berthing
2021-01-19space_server: ssh: add config for switchesEmil Renner Berthing
2021-01-19space_server: chrony: run chrony ntp serverEmil Renner Berthing
2020-03-01space_server: radius: configure certificatesEmil Renner Berthing
2020-02-29space_server: update to Fedora 31Emil Renner Berthing
2020-02-27roles: remove useless |bool filtersEmil Renner Berthing
This used to be a fix for some bogus warnings, but they seem to have gone in recent versions of Ansible
2020-02-27space_server: show nicer loop itemsEmil Renner Berthing
2020-02-27space_server: avahi: use shorter dict formatEmil Renner Berthing
2020-02-27space_server: move sudo tasks to fedora roleEmil Renner Berthing
..to align with debian role
2020-02-27space_server: use common secrets.yml in ansible rootEmil Renner Berthing
..and generalize and move sshd tasks to fedora role.
2019-07-06roles: fix warnings about bare boolean variablesEmil Renner Berthing
2019-04-03space_server: named: support dynamic updatesEmil Renner Berthing
..of the dhcp zone and reverse dns for 10.42.0.0/16 This way the dhcp daemon can add entries when it handles out leases.
2019-04-02space_server: named: create reverse ipv4 zoneEmil Renner Berthing
2019-04-01space_server: named: use named instead of unboundEmil Renner Berthing
This reverts commit 3b795796bd03488a385f3ad42b10b8c0d61282c1, "space_server: unbound: use unbound instad of bind". Unlike unbound, bind supports synthesizing DNS64 answers only for certain clients, so only requests from the Labitat NAT64 network will get DNS64 answers.
2018-12-06space_server: networkd: fix unneeded calculationEmil Renner Berthing
2018-12-05space_server: enable NAT64/DNS64 networkEmil Renner Berthing
2018-12-05space_server: avahi: ask myhostname 2ndEmil Renner Berthing
2018-12-05space_server: unbound: create /etc/resolv.confEmil Renner Berthing
2018-11-30space_server: use systemd-network for RAsEmil Renner Berthing
..rather radvd
2018-11-30space_server: networkd: use Link.RequiredForOnlineEmil Renner Berthing
..rather than overriding ExecStart to call networkd-wait-online with --ignore
2018-11-29space_server: use dnf_packages when possibleEmil Renner Berthing
2018-11-29space_server: radvd: wait-online.conf no longer neededEmil Renner Berthing
The package-provided radvd.service now has After=network-online.target Wants=network-online.target
2018-11-27space_server: radius: omit src when state != linkEmil Renner Berthing
This fixes some ansible warnings.
2018-11-24space_server: networkd: smarter set differenceEmil Renner Berthing
2018-11-11fedora: align with debian roleEmil Renner Berthing
2018-11-10space_server: replace blackhole scriptEmil Renner Berthing
2018-11-10space_server: update for Fedora 29Emil Renner Berthing
2018-11-10space_server: drop uneccessary subdirsEmil Renner Berthing
2018-10-27space_server: radius: use python for ASSHA authEmil Renner Berthing
..rather than our own patched radiusd
2018-10-11Migrate to new ipv6 prefixEmil Renner Berthing
..to avoid overlapping /32 announced by DKUUG.
2018-10-02space_server: networkd: delete leftover configurationEmil Renner Berthing
2018-10-02space_server: networkd: don't restart running networkdEmil Renner Berthing
..this might cut the pipe we're connected through, and new network configuration should be tested to work after reboot anyway
2018-09-30Make it easier to run locallyEmil Renner Berthing
Now you just need ansible-playbook <playbook> when running ansible from your workstation. However when running ansible on the target machine it's a good idea to add "-clocal". Otherwise ansible will ssh to itself :/
2018-09-30space_server: sshd: keep host keys in secrets.ymlEmil Renner Berthing
2018-09-26Format yaml lists like yaml.orgEmil Renner Berthing
2018-09-25space_server: avahi: install packages in one goEmil Renner Berthing
2018-09-25Keep consistent ordering of rulesEmil Renner Berthing
Do - name: ... module: dest/path: 'destination on target' src: ... state: ... owner: ... group: ... mode: ... with_*: ... notify: ... tags: ...
2018-09-23space_server: networkd: drop flaky cleanupEmil Renner Berthing
It's still unfortunate that you can't easily tell ansible to manage a directory completely including which files should exists in it. Remove flaky code trying to implement that.
2018-09-23space_server: kernel: order entries by timeEmil Renner Berthing
2018-09-23Don't upgrade individual packagesEmil Renner Berthing
2018-09-23Add owner, group and mode to all created filesEmil Renner Berthing
2018-09-21Use one variable for chroot or nspawn environmentEmil Renner Berthing
2017-11-20space_server: networkd: use drop-in file for wait-onlineEmil Renner Berthing
The trick to overwriting the ExecStart option is to clear it first with ExecStart=
2017-11-20space_server: sshd: disable GSSAPIAuthenticationEmil Renner Berthing
2017-11-20space_server: radius: start radiusd we're onlineEmil Renner Berthing
2017-11-19space_server: generate DNS, mDNS and dhcp entriesEmil Renner Berthing
..from the same variables
2017-11-19space_server: unbound: use unbound instad of bindEmil Renner Berthing
generated by cgit v1.2.1 (git 2.18.0) at 2024-06-29 05:03:37 +0000