aboutsummaryrefslogtreecommitdiffstats
path: root/roles/space_server
AgeCommit message (Collapse)Author
2019-04-11space_server: dhcpd: add timezone infoEmil Renner Berthing
2019-04-07space_server: dhcpd: only do ddns for sane hostnamesEmil Renner Berthing
2019-04-05space_server: named: allow local transfer queriesEmil Renner Berthing
..so now you can see all registered dhcp hostnames with: dig axfr dhcp
2019-04-03space_server: vars: add SIP box as voip.sEmil Renner Berthing
2019-04-03space_server: dhcpd: reclaim 10.42.0.70Emil Renner Berthing
There used to be a server with this address, so the available dhcp range had to be broken up.
2019-04-03space_server: dhcpd: add hosts to .dhcp zoneEmil Renner Berthing
Only requests with the host-name header set will be added to the dhcp zone (so it can be looked up at <hostname>.dhcp). This will fail if the host-name is not a valid dns name though. Also leases on the member wired, member wireless, and free are added to the zone, but just like the s zone the dhcp zone and reverse dns for 10.42.0.0/16 cannot be queried from Labitat (free). This way you can connect gadgets to Labitat (free), but still look them up in dns and connect to them from the member networks.
2019-04-03space_server: named: support dynamic updatesEmil Renner Berthing
..of the dhcp zone and reverse dns for 10.42.0.0/16 This way the dhcp daemon can add entries when it handles out leases.
2019-04-02space_server: named: create reverse ipv4 zoneEmil Renner Berthing
2019-04-01space_server: vars: rework local_hostsEmil Renner Berthing
..to get rid of the need for ipv4/ipv6 filters and python-netaddr dependency.
2019-04-01space_server: named: use named instead of unboundEmil Renner Berthing
This reverts commit 3b795796bd03488a385f3ad42b10b8c0d61282c1, "space_server: unbound: use unbound instad of bind". Unlike unbound, bind supports synthesizing DNS64 answers only for certain clients, so only requests from the Labitat NAT64 network will get DNS64 answers.
2019-03-31space_server: kernel: make sure selinux is disabledEmil Renner Berthing
2019-03-31space_server: dhcpd: update dhcpd.confEmil Renner Berthing
Host declerations are global and dhcpd has been warning about this for some time.
2019-03-31space_server: vars: remove old APEmil Renner Berthing
..and unused ip address for ap2
2019-01-13users: add more flexible user managementEmil Renner Berthing
Now user data is in roles/users/defaults/main.yml and each server should have a hash like this users: 'foo': sudo 'bar': true 'baz': false #'qux': false This means the user foo will be created with sudo access, the user bar will be created without sudo access, while baz and qux will be removed.
2019-01-13space_server: add xeroxwax printerEmil Renner Berthing
2019-01-10space_server: fix one last reference to the old prefixAsbjørn Sloth Tønnesen
Fixes: 78688483 space_server: add Asbjorn's colo addresses and net
2018-12-06space_server: networkd: fix unneeded calculationEmil Renner Berthing
2018-12-05space_server: enable NAT64/DNS64 networkEmil Renner Berthing
2018-12-05space_server: avahi: ask myhostname 2ndEmil Renner Berthing
2018-12-05space_server: unbound: create /etc/resolv.confEmil Renner Berthing
2018-12-03space_server: networkd: announce proper DNS on mgtEmil Renner Berthing
2018-12-03space_server: networkd: disable ARP on untagged interfaceEmil Renner Berthing
2018-11-30space_server: networkd: small cleanupsEmil Renner Berthing
2018-11-30space_server: use systemd-network for RAsEmil Renner Berthing
..rather radvd
2018-11-30space_server: networkd: use Link.RequiredForOnlineEmil Renner Berthing
..rather than overriding ExecStart to call networkd-wait-online with --ignore
2018-11-29space_server: use dnf_packages when possibleEmil Renner Berthing
2018-11-29space_server: radvd: wait-online.conf no longer neededEmil Renner Berthing
The package-provided radvd.service now has After=network-online.target Wants=network-online.target
2018-11-28space_server: nat Labitat free from 185.38.175.1Emil Renner Berthing
2018-11-28space_server: add Asbjorn's colo addresses and netAsbjørn Sloth Tønnesen
2018-11-28space_server: nftables: accept all traffic to colo netsEmil Renner Berthing
..but don't let colo servers connect to internal addresses.
2018-11-27space_server: radius: omit src when state != linkEmil Renner Berthing
This fixes some ansible warnings.
2018-11-24space_server: networkd: smarter set differenceEmil Renner Berthing
2018-11-22space_server: radvd: up DNS server valid timeEmil Renner Berthing
2018-11-22space_server: bootstrap: chmod subvolumeEmil Renner Berthing
2018-11-11fedora: align with debian roleEmil Renner Berthing
2018-11-10space_server: replace blackhole scriptEmil Renner Berthing
2018-11-10space_server: update for Fedora 29Emil Renner Berthing
2018-11-10space_server: drop uneccessary subdirsEmil Renner Berthing
2018-11-06space_server: add spacebrain.labitat.dkAsbjørn Sloth Tønnesen
2018-10-27space_server: radius: use python for ASSHA authEmil Renner Berthing
..rather than our own patched radiusd
2018-10-11Migrate to new ipv6 prefixEmil Renner Berthing
..to avoid overlapping /32 announced by DKUUG.
2018-10-11space_server: vars: move snakeskin.s ipEmil Renner Berthing
..out of dynamic dhcp range and clean up old sound server entries.
2018-10-06space_server: vars: fix doorputer MAC addressEmil Renner Berthing
2018-10-06space_server: move variables from defaults to varsEmil Renner Berthing
these variables only applies to the space server and should never be overwritten from somewhere else
2018-10-03all: add site-wide locale/timezone defaultEmil Renner Berthing
2018-10-03fedora: locale: align variable layout with debianEmil Renner Berthing
2018-10-02space_server: networkd: delete leftover configurationEmil Renner Berthing
2018-10-02space_server: networkd: don't restart running networkdEmil Renner Berthing
..this might cut the pipe we're connected through, and new network configuration should be tested to work after reboot anyway
2018-10-02space_server: defaults: added snakeskin rpimax campbell
2018-09-30Make it easier to run locallyEmil Renner Berthing
Now you just need ansible-playbook <playbook> when running ansible from your workstation. However when running ansible on the target machine it's a good idea to add "-clocal". Otherwise ansible will ssh to itself :/