dustin
/
configpolicy
1
1
Fork 0
Code Issues Releases Activity
253 Commits
14 Branches
0 Tags
7.3 MiB
Commit Graph

39 Commits (6341d972f6dd9e11a98c10bc9e3132618e8aa028)

Author SHA1 Message Date
Dustin 997951d59e hosts: Add file0.p.b to burp-client 
Adding *file0.pyrocufflink.blue* to enable automatic backups. The
`/home` and `/srv/cifs/Downloads` paths are backed up.
 2018-08-08 22:07:32 -05:00
Dustin 06b2d3163b hosts: Add burp0.p.b 
The machine *burp0.pyrocufflink.blue* runs a BURP server.
 2018-08-08 20:14:40 -05:00
Dustin 7ebc2bdfa2 burp-{client,server}: PBs to deploy BURP 
The `burp-client.yml` and `burp-server.yml` playbooks apply the
*burp-client* and *burp-server* roles to BURP clients and servers,
respectively. The server playbook also applies the *postfix* role to
ensure that SMTP is configured and backup notifications can be sent.
 2018-08-08 20:14:25 -05:00
Dustin 171edd72d9 hosts: Move vmhost1.p.b to hosts.offline 
Because *vmhost1.pyrocufflink.blue* is usually sleeping, continuous
enforcement jobs always fail. By keeping it in a separate inventory
file, configuration policy can still be applied to it manually, but it
will be ignored by continuous enforcement.
 2018-08-04 11:31:40 -05:00
Dustin 69a7e869b4 hosts: Add file0.p.b 2018-08-01 22:11:40 -05:00
Dustin 155cb091f4 fileserver: PB to deploy fileserver role 2018-08-01 22:08:24 -05:00
Dustin 67fc5c8c05 hosts: Add web0.p.b 
*web0.pyrocufflink.blue* hosts the public-facing websites
 2018-07-29 09:39:02 -05:00
Dustin 2d8418c7a7 websites: PB to deploy public-facing websites 2018-07-29 09:37:47 -05:00
Dustin 11dc40bc76 hosts: Add vmhost{0,1}.p.b 2018-07-23 17:35:10 -05:00
Dustin a8dd2e9ec3 vmhost: PB to set up VM hosts 2018-07-23 17:35:10 -05:00
Dustin b13f28f505 hosts: Add jenkins0.p.b 2018-06-24 13:27:47 -05:00
Dustin 5188250cfc hosts: Add dch-gw to zabbix group 
The gateway device is now monitored by Zabbix. Adding it to the *zabbix*
group ensures that the Zabbix agent is installed and configured
correctly.

Because the *zabbix-agent* role has a task to configure FirewallD, the
`host_uses_firewalld` variable needs to be set to `false` for *gw0*,
since it does not use FirewallD.
 2018-06-19 20:40:58 -05:00
Dustin 5ad0104500 hosts: Add git0.p.b to certbot 
The *git.pyrocufflink.blue* site now uses a certificate issued by Let's
Encrypt.
 2018-06-13 22:23:27 -05:00
Dustin d5769c254d certbot: Playbook to deploy certbot 2018-06-13 22:23:27 -05:00
Dustin 5318f0c5a1 hosts: Add rprx0.p.b 
*rprx0.pyrocufflink.blue* provides a reverse proxy for HTTP and HTTPS
for all public-facing web services
 2018-06-12 22:44:54 -05:00
Dustin 2f41ac3520 hosts: Add all domain members to zabbix group 
By making the *pyrocufflink* group a child of the *zabbix* group, all
hosts that are members of the former will have Zabbix installed.
 2018-06-12 21:13:39 -05:00
Dustin c2f819554c hosts: Alphabetize groups 2018-06-12 21:13:15 -05:00
Dustin d97dbaa189 hosts: Add git0.pyrocufflink.blue 
*git0.pyrocufflink.blue* hosts Gitea.
 2018-06-04 20:03:55 -05:00
Dustin aba3fe8e04 hosts: Add DCs to radius group 
All domain controllers for the *pyrocufflink.blue* domain are RADIUS
servers as well.
 2018-05-06 13:10:31 -05:00
Dustin 48a5c19232 hosts: Add dc0.p.b to nptd group 2018-04-22 11:20:02 -05:00
Dustin 424275fc57 ntp: Initial PB and role to set up ntpd 2018-04-22 11:19:22 -05:00
Dustin 7ce3c0e2c6 hosts: Add smtp0.p.b to zabbix 2018-04-15 13:30:08 -05:00
Dustin 2b127e1616 hosts: Add zbx0.p.b to smtp-server 
Zabbix servers should also be SMTP relays, so as to limit the
possibility for lost trigger alerts caused by outages.
 2018-04-15 13:28:45 -05:00
Dustin 2d58fdcebf hosts: Add smtp0.pyrocufflink.blue 
The host *smtp0.pyrocufflink.blue* serves the main SMTP relay for the
Pyrocufflink network.
 2018-04-15 11:39:33 -05:00
Dustin 94a89d8d78 smtp-relay: PB to deploy Postfix SMTP relay 
The `smtp-relay.yml` playbook configures Postfix on the managed node as
an SMTP relay.
 2018-04-15 11:38:51 -05:00
Dustin f3739d91ac hosts: Add hosts to zabbix group 
Hosts in the *zabbix* group will get the Zabbix agent deployed to them.
 2018-04-14 15:47:49 -05:00
Dustin 3bbe5aee6a hosts: Add zbx0.pyrocufflink.blue 
The host *zbx0.pyrocufflink.blue* (a Raspberry Pi) runs the Zabbix
server and web UI. It has a reserved IPv4 address to simplify reverse
DNS management for now, since Samba's dynamic DNS client does not
register PTR records.
 2018-04-14 15:47:30 -05:00
Dustin 9ace01788a zabbix: Playbooks for Zabbix server, agents 2018-04-14 15:31:17 -05:00
Dustin 1f6cc840eb hosts: Add cm0.pyrocufflink.blue 
This host is a Jenkins slave dedicated configuration management using
Ansible.
 2018-04-08 12:20:13 -05:00
Dustin ac4e9fc390 ansible: Install Ansible 
The `ansible.yml` playbook and corresponding *ansible* role simply
install Ansible and related utilities, such as OpenSSH and GnuPG.
 2018-04-08 12:20:03 -05:00
Dustin 54bc5570f1 jenkins-slave: PB to deploy Jenkins slave 2018-04-08 12:04:03 -05:00
Dustin 6bc55cfb45 hosts: Remove hard-coded IP addresses 
Now that DNS is up and running on the blue network, these hosts no
longer need their IP addresses in the inventory. These were wrong,
anyway.
 2018-04-07 22:57:15 -05:00
Dustin da5da95894 hosts: add gw0 2018-03-29 07:52:20 -05:00
Dustin a7ac6c586d dch-gw: Initial commit 
The *dch-gw* role, and the corresponding `dch-gw.yml` playbook, apply
all of the necessary configuration to the edge router on my home
network.
 2018-03-27 20:44:43 -05:00
Dustin e99db22765 hosts: dns0.p.b: Add to AD 2018-03-11 18:16:17 -05:00
Dustin 61b918242a hosts: Add dns0.p.b 2018-02-21 22:43:06 -06:00
Dustin 71f28dfee2 Add pyrocufflink-dns group 
The *pyrocufflink-dns* group specifies the BIND configuration for the
primary DNS servers on the "new" Pyrocufflink network.
 2018-02-21 22:42:18 -06:00
Dustin bf820c482e hosts: Add new domain controllers 2018-02-19 22:46:27 -06:00
Dustin 7f86881b7c Initial commit 2018-01-02 23:36:42 -06:00