aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeLines
...
* chore(deps): update ghost docker tag to v5.88Gravatar renovate[bot]2024-07-22-1/+1
| | | | | | | datasource | package | from | to | | ---------- | ------- | ---- | ---- | | docker | ghost | 5.87 | 5.88 |
* Run the LDAP role on the LDAP host in AnsibleGravatar Joe Banks2024-07-21-0/+5
| | | | Signed-off-by: Joe Banks <[email protected]>
* Add a trust store to Keycloak for the IPA generated CAGravatar Joe Banks2024-07-21-1/+44
| | | | | | | This allows us to authenticate requests to LDAP with LDAPS and ensure a) authenticity and b) security of the transmission. Signed-off-by: Joe Banks <[email protected]>
* Add LDAP roleGravatar Joe Banks2024-07-21-0/+39
| | | | | | | This does not configure the LDAP server but configures the environment and installs the necessary packages, as well as configuring the firewall. Signed-off-by: Joe Banks <[email protected]>
* Template hostname in Alloy to the inventory hostnameGravatar Joe Banks2024-07-21-1/+1
| | | | | | | | | This maintains previous behaviour in which the hostname would have just been the inventory hostname, but as the hostname is being updated to the FQDN we should explicitly set the inventory_hostname to ensure continuity of logs. Signed-off-by: Joe Banks <[email protected]>
* Remove /etc/hosts alias for FQDN to 127.0.0.1 on hostsGravatar Joe Banks2024-07-21-1/+0
| | | | Signed-off-by: Joe Banks <[email protected]>
* Don't add limits to LDAP hostsGravatar Joe Banks2024-07-21-0/+1
| | | | | | | | | | | | | This prevented the IPA installation from completing, presumably because it creates a high number of threads/subprocesses/whatever to get the installation complete. Regardless, with SELinux and other security tools that ship with the Rocky security profile we are on. This should be fine. Limits are not a security risk other than resource exhaustion which is not mission critical here. Signed-off-by: Joe Banks <[email protected]>
* Set hostnames of hosts to FQDNsGravatar Joe Banks2024-07-21-1/+1
| | | | Signed-off-by: Joe Banks <[email protected]>
* Add ldap01 host to ldap groupGravatar Joe Banks2024-07-21-0/+3
| | | | Signed-off-by: Joe Banks <[email protected]>
* fix(deps): update dependency ruff to v0.5.4Gravatar renovate[bot]2024-07-20-21/+21
| | | | | | | datasource | package | from | to | | ---------- | ------- | ----- | ----- | | pypi | ruff | 0.5.3 | 0.5.4 |
* Only template node exporter for Ansible hostsGravatar Joe Banks2024-07-19-3/+2
|
* Separate install stage for Emacs in common roleGravatar Joe Banks2024-07-19-8/+18
|
* Explicitly create sudo group for user creationGravatar Joe Banks2024-07-19-1/+9
|
* Update SSH role to handle both Rocky and Debian reloadsGravatar Joe Banks2024-07-19-1/+10
|
* Update Wireguard to only template for netcup hostsGravatar Joe Banks2024-07-19-4/+4
|
* Split netcup services into separate top-level task in playbookGravatar Joe Banks2024-07-19-2/+6
|
* Add new ldap01 hostGravatar Joe Banks2024-07-19-0/+6
|
* Add DNS record for ldap01.box.pydis.wtfGravatar Joe Banks2024-07-19-9/+18
|
* fix(deps): update dependency ruff to v0.5.3Gravatar renovate[bot]2024-07-18-21/+22
| | | | | | | datasource | package | from | to | | ---------- | ------- | ----- | ----- | | pypi | ruff | 0.5.2 | 0.5.3 |
* chore(deps): update quay.io/keycloak/keycloak docker tag to v25.0.2Gravatar renovate[bot]2024-07-18-1/+1
| | | | | | | datasource | package | from | to | | ---------- | ------------------------- | ------ | ------ | | docker | quay.io/keycloak/keycloak | 25.0.1 | 25.0.2 |
* Lock poetry.lock lockfileGravatar Joe Banks2024-07-18-125/+125
|
* Update node_exporter daemonset to 1.27+ featuresetGravatar Joe Banks2024-07-18-3/+3
|
* chore(deps): update quay.io/prometheus/node-exporter docker tag to v1.8.2Gravatar renovate[bot]2024-07-18-1/+1
| | | | | | | datasource | package | from | to | | ---------- | -------------------------------- | ------ | ------ | | docker | quay.io/prometheus/node-exporter | v1.2.0 | v1.8.2 |
* chore(deps): update dependency community.general to v9Gravatar renovate[bot]2024-07-18-1/+1
| | | | | | | datasource | package | from | to | | ----------------- | ----------------- | ----- | ----- | | galaxy-collection | community.general | 8.6.2 | 9.2.0 |
* chore(deps): update ansibleGravatar renovate[bot]2024-07-18-2/+2
| | | | | | | | datasource | package | from | to | | ----------------- | ----------------- | ------ | ------ | | galaxy-collection | community.crypto | 2.20.0 | 2.21.0 | | galaxy-collection | community.general | 8.6.2 | 8.6.3 |
* chore(deps): update poetryGravatar renovate[bot]2024-07-18-24/+24
| | | | | | | | datasource | package | from | to | | ---------- | ------------ | ------ | ------ | | pypi | ansible-core | 2.17.1 | 2.17.2 | | pypi | ruff | 0.5.1 | 0.5.2 |
* chore(deps): update ghost docker tag to v5.87Gravatar renovate[bot]2024-07-18-1/+1
| | | | | | | datasource | package | from | to | | ---------- | ------- | ---- | ---- | | docker | ghost | 5.78 | 5.87 |
* Add certbot post deploy hook to reload nginxGravatar Chris Lovering2024-07-16-1/+15
|
* Document current redis database usageGravatar Chris Lovering2024-07-16-0/+7
|
* Add redis url secret to forms-backendGravatar Chris Lovering2024-07-16-0/+0
|
* renovate: always attempt rebase when behind base branchGravatar Joe Banks2024-07-15-1/+2
|
* Add Admins to Grafana authorized Team IDsGravatar Joe Banks2024-07-14-1/+1
|
* Update dependency ansible-lint to v24.7.0 (#404)Gravatar renovate[bot]2024-07-10-5/+5
| | | | | | | | datasource | package | from | to | | ---------- | ------------ | ------ | ------ | | pypi | ansible-lint | 24.6.1 | 24.7.0 | Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* Bump mogno mem requests and limitGravatar Chris Lovering2024-07-10-2/+2
|
* Include instructions for killing dependency update mailsGravatar Johannes Christ2024-07-07-0/+4
|
* Finish meeting notes for todayGravatar Johannes Christ2024-07-07-3/+95
|
* Update meeting doc to correct dateGravatar Chris Lovering2024-07-07-1/+1
|
* Add topic points for Flux & poloniumGravatar Chris Lovering2024-07-07-0/+7
|
* Add topic point regarding finger serverGravatar Johannes Christ2024-07-07-0/+9
|
* Add topic point on Rethinking BellaGravatar Johannes Christ2024-07-07-0/+8
|
* Add topic point about new blogGravatar Johannes Christ2024-07-07-0/+9
|
* Add initial meeting notes for 2024-07-02Gravatar Johannes Christ2024-07-07-0/+34
|
* Add sumer code jam announcement channel idGravatar Chris Lovering2024-07-05-0/+1
|
* Add YouTube API key to king-arthurGravatar Chris Lovering2024-07-05-0/+3
| | | | This also documents secrets that were already present in the file.
* Update dependency ruff to v0.5.1Gravatar renovate[bot]2024-07-05-21/+21
| | | | | | | datasource | package | from | to | | ---------- | ------- | ----- | ----- | | pypi | ruff | 0.5.0 | 0.5.1 |
* Update Sir Robin to CJ11 (#399)Gravatar Boris Muratov2024-07-03-1/+1
|
* Update docs/themes/hugo-book digest to 7c26d9bGravatar renovate[bot]2024-07-01-0/+0
|
* Update ansible/roles/nftables digest to 2af023bGravatar renovate[bot]2024-07-01-0/+0
|
* Update ansibleGravatar renovate[bot]2024-07-01-3/+3
| | | | | | | | | datasource | package | from | to | | ----------------- | -------------------- | ------ | ------ | | galaxy-collection | community.crypto | 2.19.0 | 2.20.0 | | galaxy-collection | community.general | 8.6.0 | 8.6.2 | | galaxy-collection | community.postgresql | 3.4.0 | 3.4.1 |
* Move noqa definition required in latest ruff versionGravatar Chris Lovering2024-07-01-2/+2
|
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-27 03:28:45 +0000