sunet-cdn/cdn-ops
2
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
389 commits 1 branch 203 tags 1.4 MiB
Commit graph

389 commits

This branch
This branch
All branches
Author SHA1 Message Date
Patrik Lundin 101f11fdad
Use new synced certbot dir 2024-11-01 14:38:04 +01:00
Patrik Lundin 57b1700759
Test updated certbot sync script 2024-11-01 14:21:29 +01:00
Patrik Lundin a9fd90efb7
Add cache-2 ipv6 address to cert sync server 2024-11-01 14:07:41 +01:00
Patrik Lundin a39f5cdbae
Remove "command" and fix indent 2024-10-31 15:39:11 +01:00
Patrik Lundin ca94d62c62
Make sure root owns sunet-cdnp binary 2024-10-31 15:38:17 +01:00
Patrik Lundin 740c5d29c1
Missing "," 2024-10-31 15:35:44 +01:00
Patrik Lundin 48d9866a7c
Call tar from command to make notify simpler 2024-10-31 15:33:48 +01:00
Patrik Lundin 0ad91d34d1
Missing "," 2024-10-31 15:30:36 +01:00
Patrik Lundin e15225d1b5
Extract sunet-cdnp and create symlink in PATH 
Store files in /var/lib/sunet-cdnp instead of /root
 2024-10-31 15:26:08 +01:00
Patrik Lundin 19aa10dc05
Missing "," 2024-10-31 12:56:33 +01:00
Patrik Lundin 395e67c918
Download CDN purger to cache 2024-10-31 12:55:07 +01:00
Patrik Lundin 196c1403e6
Allow decapsulated ip6ip6 packets 2024-10-30 09:25:12 +01:00
Patrik Lundin 41298df063
Setup interface for ip6ip6 tunneling 
Running into systemd-networkd bugs, don't be fooled by "Local=::1" and
"Remote=::1". This still results in the equivalent of setting them to
'any' or '::' because we are using the default interface name.
 2024-10-29 17:01:46 +01:00
Patrik Lundin 2ad7073858
Fix name 2024-10-29 14:23:34 +01:00
Patrik Lundin 0b3e9c48ff
Add nftables rule for ip6tnl packets 2024-10-29 14:21:34 +01:00
Patrik Lundin bd055b1ac8
Run puppet-lint 2024-10-29 08:30:49 +01:00
Patrik Lundin c4b9bef3c5
Set net.ipv4.vs.sloppy_tcp=1 
Needed if taking over packets for a connection that was established via
another node.
 2024-10-29 08:29:21 +01:00
Patrik Lundin c93846d03b
Use @ 2024-10-28 13:35:55 +01:00
Patrik Lundin c7b74c27fc
Use fact that exists 2024-10-28 13:34:59 +01:00
Patrik Lundin 6a8671fa3e
Add import filters for bgp 2024-10-28 13:26:13 +01:00
Patrik Lundin 7dc787cb68
Less indentation 2024-10-28 13:22:53 +01:00
Patrik Lundin af96f5e985
Manage bird.conf on l4lb machines 
Currently just add basic template
 2024-10-28 13:18:59 +01:00
Patrik Lundin fb956e4198
Add basic dummy0 interface 2024-10-25 15:28:03 +02:00
Patrik Lundin 5d60c2dd02
Move template to correct location 2024-10-25 15:23:49 +02:00
Patrik Lundin e2d550bf29
Start managing bird2 
Also give dummy-interface support to sunet-l4lb-namespace tool, used
to hold IPv4/IPv6 service addresses that should be announced via BGP.
 2024-10-25 15:19:21 +02:00
Patrik Lundin d632aaca5c
Update script to use new conf path 2024-10-22 17:12:56 +02:00
Patrik Lundin 4856be3f06
Rework dir layout to match other hosts 2024-10-22 17:11:58 +02:00
Patrik Lundin f588078b75
Add namespace management files 2024-10-22 17:06:29 +02:00
Patrik Lundin 74c0bf76a1
Fix type name 2024-10-22 15:23:03 +02:00
Patrik Lundin 1ddf93c330
Disable cilium by default 
We will go for IPVS for now which can deal with the l4lb hosts being
multihomed.
 2024-10-22 15:20:09 +02:00
Patrik Lundin 272be292ad
Revert "Test chrony branch" 
This reverts commit c15070dd28.
 2024-10-22 14:22:39 +02:00
Patrik Lundin 19c864cb77
Manage ntp with sunet::server again 2024-10-18 15:23:26 +02:00
Patrik Lundin c15070dd28
Test chrony branch 2024-10-18 15:21:48 +02:00
Patrik Lundin 7286dec3ff
Make sure X-Forwarded-Proto is set 
Needed to cache http and https responses separately via Vary header
 2024-10-15 16:29:31 +02:00
Patrik Lundin ad66745a90
Missing " 2024-10-13 14:32:42 +02:00
Patrik Lundin 4f2428575c
Fix name 2024-10-13 14:31:23 +02:00
Patrik Lundin b018c81f81
cache: initial rules to allow traffic from l4lb 2024-10-13 14:28:50 +02:00
Patrik Lundin 4bf6b2d79b
Enable certbot sync for cache-2 2024-10-13 11:28:00 +02:00
Patrik Lundin dad7f50195
Add secrets for cache-2 2024-10-13 11:12:52 +02:00
Patrik Lundin 0aae7f3504
internal-sto3-test-cache-2.cdn.sunet.se added 2024-10-13 11:02:39 +02:00
Patrik Lundin 37ad05ca6b
Missing [ 2024-10-11 22:12:05 +02:00
Patrik Lundin ca7fbbe945
Combine networkctl reload command 2024-10-11 22:10:50 +02:00
Patrik Lundin d289ffa656
Add config for ipip interface 
Supplying an empty .network file is weird but without it the tunl0
interface is left in a DOWN state even with Independent=true.

Maybe this is related to "tunl0" being automatically created when the
"ipip" kernel module is loaded.
 2024-10-11 22:05:11 +02:00
Patrik Lundin cb50714f4f
Rename remaining file 2024-10-11 22:00:37 +02:00
Patrik Lundin 44c73b78ae
Prefix files with numbers as recommended by docs 
See "systemd.netdev" docs.
 2024-10-11 21:57:59 +02:00
Patrik Lundin 382214ef2b
Make puppet-lint happy 2024-10-11 20:04:13 +02:00
Patrik Lundin 3e393a62f9
Add '' 2024-10-11 19:05:29 +02:00
Patrik Lundin a82798ead5
Add network reload support 2024-10-11 19:04:17 +02:00
Patrik Lundin fe428a9e74
Also include cidr suffix 2024-10-11 18:57:10 +02:00
Patrik Lundin b5d9682e01
This is a hash 2024-10-11 18:55:39 +02:00