sunet-cdn/cdn-ops
2
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
435 commits 1 branch 203 tags 1.4 MiB
Commit graph

435 commits

This branch
This branch
All branches
Author SHA1 Message Date
Patrik Lundin 29c81d13a0
Expose postgres at standard port 2024-11-14 12:14:18 +01:00
Patrik Lundin cb46a3b6fb
Expose postgres port 2024-11-14 12:12:50 +01:00
Patrik Lundin 58dc985e12
Update cdn password 2024-11-13 16:06:13 +01:00
Patrik Lundin dc7bf71dd9
No need to escape single quites in here-doc 2024-11-13 16:04:17 +01:00
Patrik Lundin f1b4d5ad07
Fix path typo 2024-11-13 14:59:59 +01:00
Patrik Lundin 7a91f6df19
Properly ensure files 2024-11-13 14:54:33 +01:00
Patrik Lundin 206e450c99
Add init script for setting up cdn database 2024-11-13 14:52:17 +01:00
Patrik Lundin 3cc1b602fd
Add cdn user password 2024-11-13 14:35:18 +01:00
Patrik Lundin 61f47320a7
Use named volume for persistence 2024-11-13 13:52:26 +01:00
Patrik Lundin b121790b77
Fix password variable 2024-11-13 13:39:42 +01:00
Patrik Lundin 17219fd226
Install dockerhost2 on db machine 2024-11-13 13:35:15 +01:00
Patrik Lundin 728ed4126f
Fix naming for db compose file 2024-11-13 13:33:18 +01:00
Patrik Lundin c82df547ee
Merge remote-tracking branch 'multiverse/main' 2024-11-13 13:31:39 +01:00
Patrik Lundin 85afb706ed
Add initial support for handling a DB server 
Used to store varnish config etc
 2024-11-13 13:27:58 +01:00
Patrik Lundin 78894e7500
internal-sto3-test-db-1.cdn.sunet.se added 2024-11-12 17:14:20 +01:00
Patrik Lundin e7efc59870
Update cdnp to v0.0.6 2024-11-12 16:59:08 +01:00
Patrik Lundin f27eb9c07d
Update cdnp to v0.0.5 2024-11-12 16:47:17 +01:00
Patrik Lundin 0447b7b106
Restart sunet-cdnp if extracting new version 2024-11-12 16:31:29 +01:00
Patrik Lundin 56b16a6d44
Update cdnp to v0.0.4 2024-11-12 16:28:52 +01:00
Patrik Lundin da099a5e53
Make sure cdnp is running 2024-11-12 10:31:23 +01:00
Patrik Lundin 6d6f1b632d
Add "," 2024-11-12 10:19:11 +01:00
Patrik Lundin 2e49e12c70
Start creating sunet-cdnp unit file 2024-11-12 10:11:03 +01:00
Patrik Lundin dba0e2e107
Test firewall config 2024-11-11 15:37:59 +01:00
Patrik Lundin 0a61c8ad28
Update sunet-cdnp to v0.0.3 2024-11-08 09:41:14 +01:00
Patrik Lundin 91fe726b61
Update sunet-cdnp to v0.0.2 2024-11-08 08:45:53 +01:00
Patrik Lundin f0eed8e804
Revert "Test updated certbot sync script" 
This reverts commit 57b1700759.
 2024-11-07 12:42:44 +01:00
Patrik Lundin 9a73d8bdfe
Improve comment 2024-11-07 12:41:43 +01:00
Patrik Lundin 1164b59747
Install tool for managing ACME provisioner 2024-11-07 12:41:14 +01:00
Patrik Lundin f07e6708e3
Another update of certbot-sync dir 2024-11-05 15:37:05 +01:00
Patrik Lundin 8cd801bd64
Replace cp+chown with install 2024-11-05 14:45:37 +01:00
Patrik Lundin 0461a8f0b8
mqtt: fix certfile usage 
Use fullchain.pem instead of cert.pem which fixes "certificate signed by
unknown authority" problems.
Also point cafile to correct root cert.
 2024-11-05 14:39:13 +01:00
Patrik Lundin a858a1973f
Sync dc and hostname 2024-11-04 12:34:38 +01:00
Patrik Lundin 80df8d10ff
Add real client contents to mqtt server 2024-11-04 12:02:25 +01:00
Patrik Lundin 3413446ce4
Less stuttering in variable naming 2024-11-04 11:58:15 +01:00
Patrik Lundin efa269ab33
Add back $clients 
Should not have been removed in last commit
 2024-11-04 11:56:00 +01:00
Patrik Lundin a71a8f5639
mqtt: open local firewall for any clients 2024-11-04 11:52:31 +01:00
Patrik Lundin 9cee243af6
Allow ACME validation from step-ca to cache 2024-11-04 09:39:02 +01:00
Patrik Lundin e5a23593bf
Apply IP-specific certbot command to cache instead 2024-11-04 09:31:50 +01:00
Patrik Lundin 6f2dd2df0f
Revert "Only bind certbot to machine-specific IP" 
Incorrectly applied to MQTT class, was supposed to be done for cache servers.

This reverts commit b4261094a7.
 2024-11-04 09:30:39 +01:00
Patrik Lundin b4261094a7
Only bind certbot to machine-specific IP 
Because there will be haproxy instances running next to this service we
can only listen to the machine-local address not the default of "all addreses":

Error seen:
```
Could not bind TCP port 80 because it is already in use by another process on this system (such as a web server). Please stop the program in question and then try again.
```
 2024-11-04 09:26:42 +01:00
Patrik Lundin d4f938770a
Get internal cert for hostname 
Used for client cert auth to MQTT server
 2024-11-04 09:14:42 +01:00
Patrik Lundin 101f11fdad
Use new synced certbot dir 2024-11-01 14:38:04 +01:00
Patrik Lundin 57b1700759
Test updated certbot sync script 2024-11-01 14:21:29 +01:00
Patrik Lundin a9fd90efb7
Add cache-2 ipv6 address to cert sync server 2024-11-01 14:07:41 +01:00
Patrik Lundin a39f5cdbae
Remove "command" and fix indent 2024-10-31 15:39:11 +01:00
Patrik Lundin ca94d62c62
Make sure root owns sunet-cdnp binary 2024-10-31 15:38:17 +01:00
Patrik Lundin 740c5d29c1
Missing "," 2024-10-31 15:35:44 +01:00
Patrik Lundin 48d9866a7c
Call tar from command to make notify simpler 2024-10-31 15:33:48 +01:00
Patrik Lundin 0ad91d34d1
Missing "," 2024-10-31 15:30:36 +01:00
Patrik Lundin e15225d1b5
Extract sunet-cdnp and create symlink in PATH 
Store files in /var/lib/sunet-cdnp instead of /root
 2024-10-31 15:26:08 +01:00