Maximilian Wilhelm
|
a494a18240
SDN: NACL now exposes PPPoE underlay interfaces, ignore them
|
1 year ago |
Philipp Fromme
|
172990e9c3
graylog: Use mongodb with authentication
|
1 year ago |
Philipp Fromme
|
29b4318138
mongodb: Enable authorization by default
|
1 year ago |
Maximilian Wilhelm
|
9619087f37
icinga2: Store primary node role in configuration
|
1 year ago |
Maximilian Wilhelm
|
b1dbf6c161
prometheus-server: Scrape routers (bird_exporter)
|
1 year ago |
Maximilian Wilhelm
|
c69ac4fd59
Prometheus: Install bird-exporter on routers
|
1 year ago |
Maximilian Wilhelm
|
5d8869e75a
Ignore VIM's *.swp files
|
1 year ago |
Maximilian Wilhelm
|
8416ee42b4
nftables: Check for system role too when calculating monitoring config
|
1 year ago |
Maximilian Wilhelm
|
e10852f001
Install Set up nginx reverse proxy on Prometheus servers
|
1 year ago |
Maximilian Wilhelm
|
738938fcf1
prometheus-server: Scrape DNS servers
|
1 year ago |
Maximilian Wilhelm
|
7e809bc621
Prometheus: Install bind-exporter on DNS servers:
|
1 year ago |
Maximilian Wilhelm
|
5998da7d83
nftables: Allow specifying node role specific monitoring services
|
1 year ago |
Maximilian Wilhelm
|
d8ac36a679
bind9: Allow statistics scraping by bind-exporter
|
1 year ago |
Maximilian Wilhelm
|
38c9622968
locales: Store full generatd configuration to avoid unnecessary diff
|
1 year ago |
Maximilian Wilhelm
|
07349ed721
nftables: Derive/compute monitoring access rules from node information
|
1 year ago |
Maximilian Wilhelm
|
10e0a0465e
Add basic config to set up prometheus servers
|
1 year ago |
Maximilian Wilhelm
|
42fdb07d21
certs: Allow more flexibal configuration
|
1 year ago |
Maximilian Wilhelm
|
9c7c0bd8b1
KVM: Remove need for ifupdown* to configure VM interfaces
|
1 year ago |
Maximilian Wilhelm
|
3f5eb5be5f
SDN: Only enable OSPf in interface in main VRF
|
1 year ago |
Maximilian Wilhelm
|
2fec8fd839
SDN: Add definition for vrf_mgmt
|
1 year ago |
Maximilian Wilhelm
|
8f98e910df
netfilter: VIFs can exist on top of bridges, too.
|
1 year ago |
Maximilian Wilhelm
|
db28535889
nftables: Don't purge iptables on docker and KVM hosts
|
1 year ago |
Maximilian Wilhelm
|
57645b4099
Set up install server on infra service VMs
|
1 year ago |
Maximilian Wilhelm
|
d7f89f6be1
Groups states for infra services in one stanza
|
1 year ago |
Maximilian Wilhelm
|
26bc096db5
Update README
|
1 year ago |
Maximilian Wilhelm
|
ab3833e402
ffinfo: Store main node role (from NetBox) on the system
|
1 year ago |
Maximilian Wilhelm
|
58bd7a6443
Netfilter: No uRPF on interface with a default gateway
|
1 year ago |
Maximilian Wilhelm
|
51aba08c0b
unattended-upgrades: Use Bullseye repos for icinga2/Salt
|
1 year ago |
Maximilian Wilhelm
|
dd46e91fbe
icingaweb2: The icingaweb2-module-monitoring pkg doesn't seem required
|
1 year ago |
Maximilian Wilhelm
|
6cb331e575
GIT: Use internal DNS alias for our GIT
|
1 year ago |