cdn-ops

Author	SHA1	Message	Date
Patrik Lundin	e2d550bf29	Start managing bird2 Also give dummy-interface support to sunet-l4lb-namespace tool, used to hold IPv4/IPv6 service addresses that should be announced via BGP.	2024-10-25 15:19:21 +02:00
Patrik Lundin	d632aaca5c	Update script to use new conf path	2024-10-22 17:12:56 +02:00
Patrik Lundin	4856be3f06	Rework dir layout to match other hosts	2024-10-22 17:11:58 +02:00
Patrik Lundin	f588078b75	Add namespace management files	2024-10-22 17:06:29 +02:00
Patrik Lundin	74c0bf76a1	Fix type name	2024-10-22 15:23:03 +02:00
Patrik Lundin	1ddf93c330	Disable cilium by default We will go for IPVS for now which can deal with the l4lb hosts being multihomed.	2024-10-22 15:20:09 +02:00
Patrik Lundin	272be292ad	Revert "Test chrony branch" This reverts commit `c15070dd28`.	2024-10-22 14:22:39 +02:00
Patrik Lundin	19c864cb77	Manage ntp with sunet::server again	2024-10-18 15:23:26 +02:00
Patrik Lundin	c15070dd28	Test chrony branch	2024-10-18 15:21:48 +02:00
Patrik Lundin	7286dec3ff	Make sure X-Forwarded-Proto is set Needed to cache http and https responses separately via Vary header	2024-10-15 16:29:31 +02:00
Patrik Lundin	ad66745a90	Missing "	2024-10-13 14:32:42 +02:00
Patrik Lundin	4f2428575c	Fix name	2024-10-13 14:31:23 +02:00
Patrik Lundin	b018c81f81	cache: initial rules to allow traffic from l4lb	2024-10-13 14:28:50 +02:00
Patrik Lundin	4bf6b2d79b	Enable certbot sync for cache-2	2024-10-13 11:28:00 +02:00
Patrik Lundin	dad7f50195	Add secrets for cache-2	2024-10-13 11:12:52 +02:00
Patrik Lundin	0aae7f3504	internal-sto3-test-cache-2.cdn.sunet.se added	2024-10-13 11:02:39 +02:00
Patrik Lundin	37ad05ca6b	Missing [	2024-10-11 22:12:05 +02:00
Patrik Lundin	ca7fbbe945	Combine networkctl reload command	2024-10-11 22:10:50 +02:00
Patrik Lundin	d289ffa656	Add config for ipip interface Supplying an empty .network file is weird but without it the tunl0 interface is left in a DOWN state even with Independent=true. Maybe this is related to "tunl0" being automatically created when the "ipip" kernel module is loaded.	2024-10-11 22:05:11 +02:00
Patrik Lundin	cb50714f4f	Rename remaining file	2024-10-11 22:00:37 +02:00
Patrik Lundin	44c73b78ae	Prefix files with numbers as recommended by docs See "systemd.netdev" docs.	2024-10-11 21:57:59 +02:00
Patrik Lundin	382214ef2b	Make puppet-lint happy	2024-10-11 20:04:13 +02:00
Patrik Lundin	3e393a62f9	Add ''	2024-10-11 19:05:29 +02:00
Patrik Lundin	a82798ead5	Add network reload support	2024-10-11 19:04:17 +02:00
Patrik Lundin	fe428a9e74	Also include cidr suffix	2024-10-11 18:57:10 +02:00
Patrik Lundin	b5d9682e01	This is a hash	2024-10-11 18:55:39 +02:00
Patrik Lundin	637e2ae307	Add address config for dummy interface	2024-10-11 18:52:53 +02:00
Patrik Lundin	1e8cad6ea0	Add dummy0 interface The netplan version we have is too old to do this so handle it manually.	2024-10-11 18:45:54 +02:00
Patrik Lundin	eb49f13c49	Fix backend name	2024-10-11 18:14:30 +02:00
Patrik Lundin	8227300a34	Enclose ipv6 addresses in []	2024-10-11 14:00:23 +02:00
Patrik Lundin	4d7283e361	Allow haproxy to bind to ports 80/443 This way we can run haproxy as an unprivileged user and still use what is normally considered privileged ports.	2024-10-11 13:49:04 +02:00
Patrik Lundin	1247c7f0be	Use hiera data for ip4/ip6	2024-10-11 12:03:24 +02:00
Patrik Lundin	498ee6d2f1	Add ip4 and ip6 addresses for service config	2024-10-11 12:00:36 +02:00
Patrik Lundin	7402f8cfc1	More tweaks	2024-10-11 11:51:36 +02:00
Patrik Lundin	5185b62431	Syntax fixes	2024-10-11 11:47:44 +02:00
Patrik Lundin	31d7a3c93a	puppet-lint fixes	2024-10-11 11:46:06 +02:00
Patrik Lundin	ca9f7fbe50	Replace "." with "," While here fix some variable usage and puppet-lint complaints	2024-10-11 11:42:12 +02:00
Patrik Lundin	88e3771f6e	Install certificate files	2024-10-11 11:38:58 +02:00
Patrik Lundin	3df9990cdc	Fix option string	2024-10-11 10:52:59 +02:00
Patrik Lundin	50b0865434	Point out sync server	2024-10-11 10:37:13 +02:00
Patrik Lundin	b635ce3793	Move keys from eyaml to yaml Also inclide ip list	2024-10-11 09:54:58 +02:00
Patrik Lundin	4fd59a194b	Add sync server config for cache-1	2024-10-11 09:48:25 +02:00
Patrik Lundin	4e276ed613	Add pubkey for cert sync	2024-10-11 09:45:31 +02:00
Patrik Lundin	d2c61200db	Add certbot_sync_client_ssh_key	2024-10-11 09:41:33 +02:00
Patrik Lundin	aa5788f34a	Make cache hosts a certbot sync client	2024-10-11 08:41:24 +02:00
Patrik Lundin	c860812f2a	Apply certbot class to cs hosts	2024-10-11 08:38:29 +02:00
Patrik Lundin	ad61c8e23c	Update host to match cert	2024-10-10 21:38:35 +02:00
Patrik Lundin	894c416b22	Apply acmed class to cs hosts	2024-10-10 21:33:30 +02:00
Patrik Lundin	8b487ecdab	Use cert name in cdn subdomain	2024-10-10 21:27:42 +02:00
Patrik Lundin	c9525d6200	Add cert entry	2024-10-10 21:26:18 +02:00

1 2 3 4 5 ...

365 commits