sunet-cdn/cdn-ops
2
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
360 commits 1 branch 203 tags 1.4 MiB
Commit graph

360 commits

This branch
This branch
All branches
Author SHA1 Message Date
Patrik Lundin 1ddf93c330
Disable cilium by default 
We will go for IPVS for now which can deal with the l4lb hosts being
multihomed.
 2024-10-22 15:20:09 +02:00
Patrik Lundin 272be292ad
Revert "Test chrony branch" 
This reverts commit c15070dd28.
 2024-10-22 14:22:39 +02:00
Patrik Lundin 19c864cb77
Manage ntp with sunet::server again 2024-10-18 15:23:26 +02:00
Patrik Lundin c15070dd28
Test chrony branch 2024-10-18 15:21:48 +02:00
Patrik Lundin 7286dec3ff
Make sure X-Forwarded-Proto is set 
Needed to cache http and https responses separately via Vary header
 2024-10-15 16:29:31 +02:00
Patrik Lundin ad66745a90
Missing " 2024-10-13 14:32:42 +02:00
Patrik Lundin 4f2428575c
Fix name 2024-10-13 14:31:23 +02:00
Patrik Lundin b018c81f81
cache: initial rules to allow traffic from l4lb 2024-10-13 14:28:50 +02:00
Patrik Lundin 4bf6b2d79b
Enable certbot sync for cache-2 2024-10-13 11:28:00 +02:00
Patrik Lundin dad7f50195
Add secrets for cache-2 2024-10-13 11:12:52 +02:00
Patrik Lundin 0aae7f3504
internal-sto3-test-cache-2.cdn.sunet.se added 2024-10-13 11:02:39 +02:00
Patrik Lundin 37ad05ca6b
Missing [ 2024-10-11 22:12:05 +02:00
Patrik Lundin ca7fbbe945
Combine networkctl reload command 2024-10-11 22:10:50 +02:00
Patrik Lundin d289ffa656
Add config for ipip interface 
Supplying an empty .network file is weird but without it the tunl0
interface is left in a DOWN state even with Independent=true.

Maybe this is related to "tunl0" being automatically created when the
"ipip" kernel module is loaded.
 2024-10-11 22:05:11 +02:00
Patrik Lundin cb50714f4f
Rename remaining file 2024-10-11 22:00:37 +02:00
Patrik Lundin 44c73b78ae
Prefix files with numbers as recommended by docs 
See "systemd.netdev" docs.
 2024-10-11 21:57:59 +02:00
Patrik Lundin 382214ef2b
Make puppet-lint happy 2024-10-11 20:04:13 +02:00
Patrik Lundin 3e393a62f9
Add '' 2024-10-11 19:05:29 +02:00
Patrik Lundin a82798ead5
Add network reload support 2024-10-11 19:04:17 +02:00
Patrik Lundin fe428a9e74
Also include cidr suffix 2024-10-11 18:57:10 +02:00
Patrik Lundin b5d9682e01
This is a hash 2024-10-11 18:55:39 +02:00
Patrik Lundin 637e2ae307
Add address config for dummy interface 2024-10-11 18:52:53 +02:00
Patrik Lundin 1e8cad6ea0
Add dummy0 interface 
The netplan version we have is too old to do this so handle it manually.
 2024-10-11 18:45:54 +02:00
Patrik Lundin eb49f13c49
Fix backend name 2024-10-11 18:14:30 +02:00
Patrik Lundin 8227300a34
Enclose ipv6 addresses in [] 2024-10-11 14:00:23 +02:00
Patrik Lundin 4d7283e361
Allow haproxy to bind to ports 80/443 
This way we can run haproxy as an unprivileged user and still use what
is normally considered privileged ports.
 2024-10-11 13:49:04 +02:00
Patrik Lundin 1247c7f0be
Use hiera data for ip4/ip6 2024-10-11 12:03:24 +02:00
Patrik Lundin 498ee6d2f1
Add ip4 and ip6 addresses for service config 2024-10-11 12:00:36 +02:00
Patrik Lundin 7402f8cfc1
More tweaks 2024-10-11 11:51:36 +02:00
Patrik Lundin 5185b62431
Syntax fixes 2024-10-11 11:47:44 +02:00
Patrik Lundin 31d7a3c93a
puppet-lint fixes 2024-10-11 11:46:06 +02:00
Patrik Lundin ca9f7fbe50
Replace "." with "," 
While here fix some variable usage and puppet-lint complaints
 2024-10-11 11:42:12 +02:00
Patrik Lundin 88e3771f6e
Install certificate files 2024-10-11 11:38:58 +02:00
Patrik Lundin 3df9990cdc
Fix option string 2024-10-11 10:52:59 +02:00
Patrik Lundin 50b0865434
Point out sync server 2024-10-11 10:37:13 +02:00
Patrik Lundin b635ce3793
Move keys from eyaml to yaml 
Also inclide ip list
 2024-10-11 09:54:58 +02:00
Patrik Lundin 4fd59a194b
Add sync server config for cache-1 2024-10-11 09:48:25 +02:00
Patrik Lundin 4e276ed613
Add pubkey for cert sync 2024-10-11 09:45:31 +02:00
Patrik Lundin d2c61200db
Add certbot_sync_client_ssh_key 2024-10-11 09:41:33 +02:00
Patrik Lundin aa5788f34a
Make cache hosts a certbot sync client 2024-10-11 08:41:24 +02:00
Patrik Lundin c860812f2a
Apply certbot class to cs hosts 2024-10-11 08:38:29 +02:00
Patrik Lundin ad61c8e23c
Update host to match cert 2024-10-10 21:38:35 +02:00
Patrik Lundin 894c416b22
Apply acmed class to cs hosts 2024-10-10 21:33:30 +02:00
Patrik Lundin 8b487ecdab
Use cert name in cdn subdomain 2024-10-10 21:27:42 +02:00
Patrik Lundin c9525d6200
Add cert entry 2024-10-10 21:26:18 +02:00
Patrik Lundin 43aa005c26
internal-sto3-test-cs-1.cdn.sunet.se added 2024-10-10 21:14:58 +02:00
Patrik Lundin 747059cd92
Missing " 2024-10-10 20:44:23 +02:00
Patrik Lundin ff6376b68d
Add basic varnish VCL for testing 2024-10-10 20:39:35 +02:00
Patrik Lundin efa9455fe9
Add key 2024-10-10 20:34:10 +02:00
Patrik Lundin 33bebd7627
Add host key 2024-10-10 20:32:10 +02:00