catgrl/ansible
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Remove all occurrences of chapoline backend

Browse source
This commit is contained in:
chapeau 2025-06-13 20:33:17 +02:00
parent ccdeccd48f
commit bab59d1602
14 changed files with 17 additions and 107 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
group_vars/backend-mail.yml
View file

@ -12,7 +12,7 @@ postfix:
62613132366164386138
dovecot:
master: mail.chapoline.intra.catgrl.org
master: mail.metz.intra.catgrl.org
database_user: dovecot_aliases
database_password: !vault |
$ANSIBLE_VAULT;1.1;AES256

4
group_vars/ilb.yml
View file

@ -29,13 +29,13 @@ haproxy_services:
port: 993
protocol: tcp
primaries:
- mail.chapoline.intra.catgrl.org
- mail.metz.intra.catgrl.org
secondaries:
- mail.britaliope.intra.catgrl.org
- name: submission
port: 465
protocol: tcp
primaries:
- mail.chapoline.intra.catgrl.org
- mail.metz.intra.catgrl.org
secondaries:
- mail.britaliope.intra.catgrl.org

2
group_vars/pmg.yml
View file

@ -1,5 +1,5 @@
pmg:
master: pmg1.chapoline.intra.catgrl.org
master: pmg3.metz.intra.catgrl.org
root_password: !vault |
$ANSIBLE_VAULT;1.1;AES256

1
group_vars/postgres.yml
View file

@ -2,7 +2,6 @@ postgres:
version: 15
master: "{{ postgres_master }}"
replicas:
- pg.chapoline.intra.catgrl.org
- pg.metz.intra.catgrl.org
replication_user: replicator
replication_password: !vault |

2
group_vars/rp.yml
View file

@ -43,7 +43,7 @@ nginx:
redirect: true
# backends:
# - name: git
# primary: "{{ hostvars['git.chapoline.intra.catgrl.org'].ansible_host }}:8000"
# primary: "{{ hostvars['git.metz.intra.catgrl.org'].ansible_host }}:8000"
# secondaries: []
location:
- route: "/"

8
group_vars/vps.yml
View file

@ -4,7 +4,6 @@ haproxy_services:
protocol: tcp
balance: source
loadbalance:
- rp.chapoline.intra.catgrl.org
- rp.britaliope.intra.catgrl.org
- rp.metz.intra.catgrl.org
send_proxy: True
@ -14,7 +13,6 @@ haproxy_services:
protocol: tcp
balance: source
loadbalance:
- rp.chapoline.intra.catgrl.org
- rp.britaliope.intra.catgrl.org
- rp.metz.intra.catgrl.org
send_proxy: True
@ -23,7 +21,7 @@ haproxy_services:
port: 993
protocol: tcp
primaries:
- mail.chapoline.intra.catgrl.org
- mail.metz.intra.catgrl.org
secondaries:
- mail.britaliope.intra.catgrl.org
@ -31,7 +29,7 @@ haproxy_services:
port: 465
protocol: tcp
primaries:
- mail.chapoline.intra.catgrl.org
- mail.metz.intra.catgrl.org
secondaries:
- mail.britaliope.intra.catgrl.org
@ -39,7 +37,7 @@ haproxy_services:
port: 25
protocol: tcp
primaries:
- pmg1.chapoline.intra.catgrl.org
- pmg3.metz.intra.catgrl.org
secondaries:
- pmg2.britaliope.intra.catgrl.org
send_proxy: True

1
group_vars/webmail.yml
View file

@ -33,6 +33,7 @@ roundcube:
nginx:
vhost:
- name: webmail.catgrl.org
alias: []
root: "/srv/roundcubemail-{{roundcube.version }}"
index: index.php
ssl: False

5
group_vars/wireguard.yml
View file

@ -13,11 +13,6 @@ peers:
# ip: 10.90.200.110
backend:
- name: gw.chapoline.intra.catgrl.org
public_key: shjxKRRluX9Z8aKRBWEsfEKE2N9HdOXSav+mQ5D6nmo=
ip: 10.90.200.20
subnet: 10.90.20.0/24
- name: gw.britaliope.intra.catgrl.org
public_key: D70qjoVI3SZxbqqhMTRdpN3nsxYUKKriSKZTQM1IeWU=
ip: 10.90.200.10

0
host_vars/backup.faercol.intra.catgrl.org.yml → host_vars/backup.faercol.wg.intra.catgrl.org.yml
View file

15
host_vars/gw.chapoline.intra.catgrl.org.yml
View file

@ -1,15 +0,0 @@
host:
external: False
interface_dmz: eth0
local_gateway: 10.255.3.254
wireguard_privkey: !vault |
$ANSIBLE_VAULT;1.1;AES256
65356662643764633737386131633230376339623264336336356138343662663561653833366566
6637343437326663633236633563306633363339333136380a316632353130626263616233643338
30626665616537343734363634393061613464383833386234393536623338323163616339316563
3962636234616434340a373664336665653935303030363766643633653965633432616466376237
33323935626362323736653761653064333630636430383133613432356563633965616236383437
3831666334393635666161343431343135363261626466333765
address: 10.90.200.20/24

1
host_vars/prom.chapoline.intra.catgrl.org.yml
View file

@ -1 +0,0 @@
monitors_group: chapoline

77
inventory.yml
View file

@ -16,50 +16,6 @@ vps:
- 10.90.30.100
- 1.1.1.1
chapoline:
hosts:
gw.chapoline.intra.catgrl.org:
ansible_host: 10.90.20.254
rp.chapoline.intra.catgrl.org:
ansible_host: 10.90.20.1
web.chapoline.intra.catgrl.org:
ansible_host: 10.90.20.2
mail.chapoline.intra.catgrl.org:
ansible_host: 10.90.20.3
sso.chapoline.intra.catgrl.org:
ansible_host: 10.90.20.4
git.chapoline.intra.catgrl.org:
ansible_host: 10.90.20.5
pmg1.chapoline.intra.catgrl.org:
ansible_host: 10.90.20.6
vault.chapoline.intra.catgrl.org:
ansible_host: 10.90.20.7
webmail.chapoline.intra.catgrl.org:
ansible_host: 10.90.20.8
dns.chapoline.intra.catgrl.org:
ansible_host: 10.90.20.100
dns-ext.chapoline.intra.catgrl.org:
ansible_host: 10.90.20.101
pg.chapoline.intra.catgrl.org:
ansible_host: 10.90.20.102
ldap.chapoline.intra.catgrl.org:
ansible_host: 10.90.20.103
ilb.chapoline.intra.catgrl.org:
ansible_host: 10.90.20.104
# prom.chapoline.intra.catgrl.org:
# ansible_host: 10.90.20.105
vars:
# The order is important!
dns_servers:
- 10.90.30.100
- 10.90.10.100
- 1.1.1.1
local_ilb: ilb.chapoline.intra.catgrl.org
local_ldap: ldap.chapoline.intra.catgrl.org
local_alias: web.chapoline.intra.catgrl.org
local_monitoring: prom.chapoline.intra.catgrl.org
zone: chapoline
britaliope:
hosts:
gw.britaliope.intra.catgrl.org:
@ -151,8 +107,6 @@ metz:
wg:
hosts:
gw.chapoline.wg.intra.catgrl.org:
ansible_host: 10.90.200.20
gw.britaliope.wg.intra.catgrl.org:
ansible_host: 10.90.200.10
gw.metz.wg.intra.catgrl.org:
@ -190,7 +144,6 @@ metz-hw:
lxc:
children:
chapoline:
britaliope:
metz:
backup:
@ -206,33 +159,26 @@ managed:
ilb:
hosts:
ilb.chapoline.intra.catgrl.org:
ilb.britaliope.intra.catgrl.org:
ilb.metz.intra.catgrl.org:
docker:
hosts:
ldap.chapoline.intra.catgrl.org:
ldap.britaliope.intra.catgrl.org:
ldap.metz.intra.catgrl.org:
git.chapoline.intra.catgrl.org:
git.metz.intra.catgrl.org:
vault.chapoline.intra.catgrl.org:
vault.britaliope.intra.catgrl.org:
vault.metz.intra.catgrl.org:
wireguard:
hosts:
front1.contabo.catgrl.org:
gw.chapoline.intra.catgrl.org:
gw.britaliope.intra.catgrl.org:
gw.metz.intra.catgrl.org:
backup.faercol.wg.intra.catgrl.org:
dns:
hosts:
dns.chapoline.intra.catgrl.org:
is_master: False
dns.britaliope.intra.catgrl.org:
is_master: False
dns.metz.intra.catgrl.org:
@ -240,8 +186,6 @@ dns:
dns_ext:
hosts:
dns-ext.chapoline.intra.catgrl.org:
is_master: False
dns-ext.britaliope.intra.catgrl.org:
is_master: False
dns-ext.metz.intra.catgrl.org:
@ -249,13 +193,11 @@ dns_ext:
rp:
hosts:
rp.chapoline.intra.catgrl.org:
rp.britaliope.intra.catgrl.org:
rp.metz.intra.catgrl.org:
website:
hosts:
web.chapoline.intra.catgrl.org:
web.britaliope.intra.catgrl.org:
web.metz.intra.catgrl.org:
@ -263,7 +205,6 @@ acme:
children:
rp:
hosts:
rp.chapoline.intra.catgrl.org:
rp.britaliope.intra.catgrl.org:
rp.metz.intra.catgrl.org:
vars:
@ -284,12 +225,14 @@ acme:
- acme_domain: autoconfig.catgrl.org
acme_alias: []
renewal_hook: systemctl restart nginx
- acme_domain: git.catgrl.org
acme_alias: []
renewal_hook: systemctl restart nginx
- acme_domain: webmail.catgrl.org
acme_alias: []
renewal_hook: systemctl restart nginx
mail:
hosts:
mail.chapoline.intra.catgrl.org:
mail.britaliope.intra.catgrl.org:
mail.metz.intra.catgrl.org:
vars:
@ -302,8 +245,6 @@ acme:
postgres:
hosts:
pg.chapoline.intra.catgrl.org:
is_master: False
pg.britaliope.intra.catgrl.org:
is_master: False
pg.metz.intra.catgrl.org:
@ -311,32 +252,27 @@ postgres:
ldap:
hosts:
ldap.chapoline.intra.catgrl.org:
ldap.britaliope.intra.catgrl.org:
ldap.metz.intra.catgrl.org:
sso:
hosts:
sso.chapoline.intra.catgrl.org:
sso.britaliope.intra.catgrl.org:
sso.metz.intra.catgrl.org:
forgejo:
hosts:
git.chapoline.intra.catgrl.org:
git.metz.intra.catgrl.org:
backend-mail:
hosts:
mail.chapoline.intra.catgrl.org:
is_master: True
mail.britaliope.intra.catgrl.org:
is_master: False
mail.metz.intra.catgrl.org:
is_master: True
pmg:
hosts:
pmg1.chapoline.intra.catgrl.org:
is_master: True
pmg2.britaliope.intra.catgrl.org:
is_master: False
pmg3.metz.intra.catgrl.org:
@ -344,18 +280,15 @@ pmg:
vault:
hosts:
vault.chapoline.intra.catgrl.org:
vault.britaliope.intra.catgrl.org:
vault.metz.intra.catgrl.org:
webmail:
hosts:
webmail.chapoline.intra.catgrl.org:
webmail.britaliope.intra.catgrl.org:
webmail.metz.intra.catgrl.org:
monitoring:
hosts:
# prom.chapoline.intra.catgrl.org:
prom.britaliope.intra.catgrl.org:
prom.metz.intra.catgrl.org:

4
roles/pmg/finish-pmg-install.md
View file

@ -7,11 +7,11 @@ create a acme-plugin.env file containing:
```
NSUPDATE_KEY=/var/local/nsupdate.key
NSUPDATE_SERVER=dns-ext.chapoline.intra.catgrl.org
NSUPDATE_SERVER=dns-ext.metz.intra.catgrl.org
```
```
pmgconfig acme plugin add dns dns --api nsupdate --data acme-plugin.env --nodes pmg1,pmg2
pmgconfig acme plugin add dns dns --api nsupdate --data acme-plugin.env --nodes pmg3,pmg2
```
login on the web interface of every PMG instance

2
roles/vaultwarden/templates/docker-compose.yml.j2
View file

@ -9,7 +9,7 @@ services:
USER_ATTACHMENT_LIMIT: 0
ORG_ATTACHMENT_LIMIT: 0
DATABASE_URL: "postgresql://vaultwarden:{{ postgres_password }}@{{ local_ilb }}:5433/vaultwarden"
SMTP_HOST: mail.chapoline.intra.catgrl.org
SMTP_HOST: mail.metz.intra.catgrl.org
SMTP_PORT: 25
SMTP_SSL: "off"
SMTP_FROM: vaultwarden@catgrl.org