dustin
/
configpolicy
1
1
Fork 0
Code Issues Releases Activity
Ansible configuration policy for the private network/home lab of Dustin C. Hatch http://dustin.hatch.name/
1,109 Commits
14 Branches
0 Tags
7.3 MiB
Jinja 86.3%
Python 6.7%
Shell 4.5%
Groovy 2.5%
 
 
 
 
Go to file
Dustin fd155aab49 kubernetes: Configure keepalived on control plane 
Control plane nodes will now run _keepalived_, to provide a "floating"
IP address that is assigned to one of the nodes at a time.  This
address (172.30.0.169) is now the target of the DNS A record for
_kubernetes.pyrocufflink.blue_, so clients will always communicate with
the server that currently holds the floating address, whichever that may
be.

I was originally inspired by the official Kubernetes [High Availability
Considerations][0] document when designing this.  At first, I planned to
deploy _keepalived_ and HAProxy as DaemonSets on the control plane
nodes, but this ended up being somewhat problematic whenever all of the
control plane nodes would go down at once, as the _keepalived_ and
HAProxy pods would not get scheduled and thus no clients communicate
with the API servers.

[0]: 9d7cfab6fe/docs/ha-considerations.md
 		2025-07-22 15:30:39 -05:00
.certs@0322911067
certs r/webites: Add apps.du5t1n.xyz F-Droid repo 2024-11-05 06:47:02 -06:00
ci ci: Add Jenkins pipeline for pxe.yml 2025-07-13 16:10:20 -05:00
deploy kubernetes: Manage worker nodes 2024-11-24 10:33:21 -06:00
group_vars kubernetes: Configure keepalived on control plane 2025-07-22 15:30:39 -05:00
host_vars gw1/squid: Allow proxy access from kube network 2025-07-12 16:45:47 -05:00
migration hosts: Add loki1.p.b 2024-11-05 06:54:27 -06:00
passwords/kojiweb_secret
plugins plugins: Add lookup cache plugin 2025-07-13 16:02:57 -05:00
pulumi pulumi: Manage HostVDS instances 2025-01-26 13:08:59 -06:00
roles r/keepalived: Deploy keepalived 2025-07-22 15:30:39 -05:00
scripts scripts: Add VM host maintenance scripts 2024-08-23 09:43:24 -05:00
vars applyConfigPolicy: Configure SSH user certificate 2024-11-25 21:17:44 -06:00
vault chromie: Set MinIO root password 2024-09-02 21:24:59 -05:00
.gitignore plugins: Add lookup cache plugin 2025-07-13 16:02:57 -05:00
.gitmodules
.vault-secret.sh
Pulumi.prod.yaml pulumi: Manage HostVDS instances 2025-01-26 13:08:59 -06:00
Pulumi.yaml pulumi: Manage HostVDS instances 2025-01-26 13:08:59 -06:00
alertmanager.yml
ansible.cfg plugins: Add lookup cache plugin 2025-07-13 16:02:57 -05:00
ansible.yml
aria2.yml
auto-updates.yml auto-updates: Install and configure dnf-automatic 2024-06-12 06:25:17 -05:00
base.yml base: Factor out SSH host, user cert roles 2025-02-01 17:36:58 -06:00
bitwarden_rs.yml
blackbox-exporter.yml
bootstrap.yml bootstrap: Import useproxy playbook 2025-03-19 07:46:28 -05:00
btop.yml btop: Install btop and run it on the console 2024-09-01 09:24:53 -05:00
burp-client.yml
burp-server.yml
certbot.yml
chrony.yml chrony: Add role/PB for chrony 2025-03-16 16:37:19 -05:00
clouds.yaml inventory: Configure for HostVDS openstack 2025-01-26 13:08:59 -06:00
collectd.yml
create-dc.sh create-dc: Add PB for creating new DCs 2024-06-23 10:43:15 -05:00
create-dc.yml create-dc: Add PB for creating new DCs 2024-06-23 10:43:15 -05:00
datavol.yml host-setup: Import datavol Playbook 2025-07-12 16:45:47 -05:00
dch-gw.yml
dch-proxy.yml r/dch-proxy: Update and clean up 2024-08-24 11:46:28 -05:00
dch-root-ca-r2.crt fixup-dch-root-ca-r2 2024-06-12 18:56:41 -05:00
dch-root-ca.crt
dch-root-ca.yml dch-root-ca: Add PB to trust DCH Root CA 2024-08-12 22:22:50 -05:00
dch-vpn.yml
deploy.sh kubernetes: Manage worker nodes 2024-11-24 10:33:21 -06:00
dhcpcd.yml
dhcpd.yml
docker-proxy.yml docker-proxy: Deploy a proxy/cache for Docker Hub 2025-07-12 16:45:47 -05:00
docker.yml
domain-controller.yml
dyngroups.yml
facts.yml
fileserver.yml
firewalld.yml
frigate.yml r/frigate-exporter: Deploy Prometheus exporter 2024-10-21 20:27:31 -05:00
gitea.yml
grafana.yml
graylog.yml
hassdb.yml
homeassistant.yml
host-setup.yml host-setup: Import datavol Playbook 2025-07-12 16:45:47 -05:00
hostname.yml
hosts Add k8s-test group 2025-07-22 15:30:00 -05:00
hosts.gw chrony: Add role/PB for chrony 2025-03-16 16:37:19 -05:00
hosts.pyrocufflink.yml Introduce dynamic inventory 2025-02-08 15:29:58 -06:00
hostvds.openstack.yml inventory: Configure for HostVDS openstack 2025-01-26 13:08:59 -06:00
jellyfin.yml
jenkins-slave.yml
journal2ntfy.yml
koji-builder.yml
koji-hub.yml
koji-web.yml
koji.yml
kube-root-ca.crt
kubernetes.yml kubernetes: Configure keepalived on control plane 2025-07-22 15:30:39 -05:00
loki.yml r/loki-caddy: Caddy reverse proxy for Loki 2024-11-05 06:54:27 -06:00
metricspi.yml
minio-backups.yml minio-backups: Deploy MinIO for backups 2024-09-01 08:59:28 -05:00
minio.yml
motioneye.yml
named-server.yml
net-ifaces.yml
network.yml
newvm.sh newvm: Stop waiting for VM events if install fails 2025-07-14 15:57:12 -05:00
nextcloud.yml nextcloud: Move database to db0 2024-09-02 21:03:33 -05:00
ntp.yml
nut.yml
postgresql.yml r/postgresql-data: Manage users and databases 2025-02-01 17:36:58 -06:00
promtail.yml
protonvpn.yml
pxe.yml
pyproject.toml pulumi: Manage HostVDS instances 2025-01-26 13:08:59 -06:00
pyrocufflink.yml pyrocufflink: Trust DCH Root CA R2 2024-06-12 18:40:17 -05:00
radius.yml
radvd.yml
raid-array.yml raid-array: Create udev rules to auto re-add disks 2024-11-05 06:52:20 -06:00
remount.yml
repohost.yml
restic.yml restic: Trust dch-root-ca certificate 2025-03-29 09:34:17 -05:00
rngd.yml
samba-dc.yml samba-dc: Gather facts for all DCs 2024-06-23 10:43:15 -05:00
scrape-collectd-configmap.yml scrape-collectd-configmap: Add PB 2025-07-20 21:27:54 -05:00
serterm.yml r/serterm: Deploy serial terminal multiplexer 2024-11-10 13:15:08 -06:00
site.yml site: Apply scrape-collectd-configmap PB 2025-07-18 12:46:22 -05:00
smtp-relay.yml
squid.yml
ssh-host-certs.yml base: Factor out SSH host, user cert roles 2025-02-01 17:36:58 -06:00
ssh-user-ca.yml base: Factor out SSH host, user cert roles 2025-02-01 17:36:58 -06:00
synapse.yml
systemd-networkd.yml
systemd-resolved.yml
taiga.yml
unifi.yml unifi: Switch from nginx to Caddy 2025-03-16 17:17:00 -05:00
useproxy.yml r/useproxy: Configure system-wide proxy 2024-08-12 18:47:04 -05:00
users.yml users: Do not clear supplemental groups 2025-06-08 09:00:16 -05:00
uv.lock pulumi: Manage HostVDS instances 2025-01-26 13:08:59 -06:00
victoria-logs.yml r/victoria-logs: Deploy VictoriaLogs 2025-05-30 21:19:05 -05:00
victoria-metrics.yml
vmhost.yml vmhost: Allow host provisioner to log in 2025-02-08 16:49:14 -06:00
wait-for-host.yml wait-for-host: PB to wait for a host to come up 2024-07-02 20:44:29 -05:00
websites.yml websites: Remove darkchestofwonders.us 2025-07-22 13:10:30 -05:00
wheelhost.yml
zabbix-agent.yml
zabbix-server.yml
zabbix.yml
zezere.yml
zigbee2mqtt.yml
zwavejs2mqtt.yml