0641e6b03a
DEV-646 skip docker network removal by nightly cron job
3 years ago
ad6f470920
Revert "DEV-647 added hetzner domain smardigo.dev"
...
This reverts commit 0b7b2a0f01
3 years ago
0b7b2a0f01
DEV-647 added hetzner domain smardigo.dev
3 years ago
a9c0e86f36
Revert "DEV-647 added hetzner domain smardigo.dev"
3 years ago
7cdc602534
DEV-647 added hetzner domain smardigo.dev
3 years ago
8f4b884ba1
added bootstrap for prodwork01
3 years ago
87a286dd60
DEV-624 New alert for failed db backups
3 years ago
89d11d1d06
NOTICKET: detected bug in failed rollout helm secret due to missing RBAC permissions
3 years ago
43b77acefd
DEV-624 adjust mtime to find files older 48h
3 years ago
f873092498
DEV-624: bugfixed create-restore-backup stuff
3 years ago
b9e48a3260
DEV-601 added playbook for bdev demo setup
3 years ago
593b1fb743
added volume to backup storage space
3 years ago
c59cd4c715
DEV-579 add basic auth to prometheus stack
3 years ago
db57bcb7ca
DEV-579 add basic auth to prometheus stack
3 years ago
b3d75c4da8
DEV-585: added new infrastructure project in harbor
3 years ago
664edd2d43
DEV-592: added stuff for argocd to enable helm sops decryption
3 years ago
0b0cb3dd95
DEV-568: Decreased process priority and count of parallel processes for pg backup task
3 years ago
ccdff552f1
DEV-596 playbook update-monitoring is broken
3 years ago
98c5f39c85
DEV-579: added prometheus basic auth
3 years ago
f47c5dc345
DEV-578 investigation for hetzner api rate limits
3 years ago
9919985e3d
DEV-593 updated versions
3 years ago
01049bf031
DEV-548: testcluster
3 years ago
bad109ad83
DEV-582: rollback prom2teamsd version due to problems during container start
3 years ago
0b1ef4f671
DEV-558: pinned helm chart version + adding some values for knative monitoring
3 years ago
ac7285bbcf
DEV-572: alertmanager metrics
3 years ago
a49e2923d5
DEV-529: Dynamic shared memory type fix from posix to mmap
3 years ago
1a529cf787
DEV-553: added remove hcloud volumes at the end of restore playbook
3 years ago
9e6f28c62a
DEV-563: added hetzner dashboard + svennes dashboard + refactoring alert for hetzner_api_rate_limit
3 years ago
01c972771b
Rollout main=>qa 13.09.2022
3 years ago
d644293f9b
Dev 544 backup storage
3 years ago
e6dddbe4c9
DEV 534: Added hetzner volume to prodnso-postgres-01 for /backups
3 years ago
ea79ce2a29
DEV-517: changed DO-token due to 'too many request' problem
3 years ago
4d8ea01578
DEV-507 process start from wordpress is broken
...
- after connect/wordpress update through the portal the
wordpress used a wrong useris in communication with
the connect backend
4 years ago
b1541dc747
DEV-497/DEV-505: changed startupprobe params for gitea
4 years ago
ab5cba3c7c
SC-05: add devscr variables to create harbor-pull secret
4 years ago
beb013aca3
DEV-497: added stuff for gitea to for bootstrapping k8s-clsuter
4 years ago
ca121933ea
DEV-503: bugfix: added missing configuration for harbor realm
4 years ago
c744eaa837
DEV-497: created new branch due to git-problems - dunno what exactly
4 years ago
41a065b048
bugfix: regression for etc/hosts update
...
- shouldn't run for non hcloud servers at all
when expression was wrongly negated
4 years ago
f00fdbe808
bugfix: fixed when expression (regression from DEV-492)
4 years ago
b23b571f79
DEV-492: fix /etc/hosts-issue for DO-VMs
4 years ago
9d418ccf11
DEV-476: consolidate dev-blackbox-01 on digitalocean platform
4 years ago
0186de2e94
feat: rollout certs on qa
4 years ago
acd2205aed
bugfix: removed variable k8s_namespace
...
- has to be set when a k8s namespace should be created
4 years ago
1fd63f3676
feat: updated elastic certs on dev stage
...
- create new certificates (--days 1095)
- rollout with playbook smardigo.yml + -t update_certs
all elasticsearch
all kibana
all logstash
- rollout with playbook setup.yml + -t update_certs
all filebeat
- manually updates connect certs
use smardigo.yml + -t update_certs - with connect role
4 years ago
84a013d169
MOB-148: added k8s cluster for mobene stuff
4 years ago
0f69260711
DEV-416: added stuff to enable filebeat for postgres + mariabb instances
4 years ago
55ebe36758
MOB-102: office 365 email account (QA/PROD)
4 years ago
8180523963
DEV-480: decrease prometheus retention time for DEV-stage
4 years ago
ebf2d41e48
DEV-473: changed custom metric queries to reduce messages in error.log
4 years ago
1c5b1c44dd
DEV-391: fix merge problems + fixing linter problems
4 years ago
05ccebc851
feat: added initial password creation to portal
...
- randomize passwords according to password policies
2 Uppercase Characters
2 Lowercase Characters
2 Special Characters
1 Digits
4 years ago
00ca2bc3f1
feat: added initial password creation to portal
...
- randomize passwords according to password policies
2 Uppercase Characters
2 Lowercase Characters
2 Special Characters
1 Digits
4 years ago
8c69471639
DEV-477 bugfix: delete wordpress database when service is deleted by portal
4 years ago
0eac3f3d3c
DEV-429: mariadb upgrade
4 years ago
06a395855b
feat: argo-cd
...
- activated json logging
- disabled application set controller
4 years ago
25bd87846c
feat: kibana - default index patterns
...
- uncategorized-*
- {{ stage }}-*-authlog-*
- {{ stage }}-*-syslog-*
- {{ stage }}-monitoring-*
- {{ stage }}-management-*-connect-*
4 years ago
0d5976898a
NOTICKET: corrected bloody typo
4 years ago
4bf4167216
DEV-386: to use techn.user to scrape metrics for ssh-root-login
4 years ago
ff9c0d94a1
Extended Monitoring/Alerting for PostgreSQL
4 years ago
acee683569
feat: added workflow heatmap flag to portal
...
- SMA_WORKFLOW_HEATMAP_ENABLED: [false]|true
4 years ago
5d1b951f39
DEV-466: added missing but needed package
4 years ago
0fe89b4985
DEV-452: tried to fix some stuff
4 years ago
0c8bfdb3d9
DEV-452: tried to fix some stuff
4 years ago
a3bf98465a
DEV-452: added workaround to fix problem with missing hetzner internal network
4 years ago
cd09b5bb5e
DEV-452: added workaround to fix problem with missing hetzner internal network
4 years ago
f7a43f5981
DEV-452: added workaround to fix problem with missing hetzner internal network
4 years ago
31e79f7ee6
DEV-452: added DEBUG statements to get more information in case of problems
4 years ago
5ce99dbb58
DEV-452: pimped recursive _set_server_state.yml - bugfixed
4 years ago
37ca359842
DEv-452: added recursive _set_server_state.yml to work around hetzners...
4 years ago
c4a7359e6c
chore: added argo-cd projects
...
- bootstrap
- kube-system
- infrastructure
4 years ago
104ede597d
chore: removed stage prefix from pull secret (namespace)
4 years ago
ae1e2854dc
chore: removed stage prefix from pull secret (namespace)
4 years ago
60a6c73be6
DEV-424 export for wordpress database (maria)
4 years ago
dac7002ad9
DEV-452: added potential fixes for our hetzner create_server - is locked/message problem
4 years ago
fff42dea2c
chore: removed ignore_errors due to a bug in smardigo
4 years ago
b4937db87a
DEV-375: bugfix to run stuff for testdb only when is set
4 years ago
750b109b54
chore: added ignore_errors due to a bug in smardigo
4 years ago
ad80ceeaaa
SMARCH-126: bootstrap argocd with argocd
4 years ago
20c745eeb4
SMARCH-126: bootstrap argocd with argocd
4 years ago
80c94ef184
SMARCH-126: bootstrap argocd with argocd
4 years ago
8923ab7574
SMARCH-126: Bootstrap ArgoCD by ArgoCD
4 years ago
315bee648d
DEV-439: removed leftovers from mariadb-transport-encyrption
4 years ago
f0eab6d3ae
DEv-421: refactored installation for postgres-exporter + installed newer...
4 years ago
f4c97a9a04
DEV-432: ansible stuff to change ssh ciphers on serverside + added new ssh key for fgoerz
4 years ago
819a658e50
DEV-422: mariadb deactivate ssl stuff to ensure stable smardigo-ENV
4 years ago
ea2e31cd27
DEV-383: fixing bug
4 years ago
62e0a64f26
DEV-414: follow-up tasks prod@hetzner-incident
4 years ago
49fc416764
DEV-382: enable SSL for postgres-connections
4 years ago
d99c9001bf
DEV-383: enable SSL for mariadb-connections
4 years ago
7d7dbcf622
NOTICKET: hetzner bugfix
4 years ago
fc5745eac2
NOTICKET: fix broken playbook due to renamed yml file
4 years ago
fe66a12c6e
bugfix: typo
4 years ago
5a728d97be
bugfix: typo
4 years ago
6fbc3af3c4
DEV-374: implemented logical restore-test to check if restore was succussful
4 years ago
43da648df6
DEV-389: added gpg-decryption for backup
4 years ago
0c9042da83
DEV-373: try to automate restore from database backup
4 years ago
80b321cd65
DEV-375 feat: new process for backup scheduling
4 years ago
49aa913213
bugfix: backup runs with gather_facts: false
4 years ago
1ee340fdd3
bugfix: added awx templates
...
- create-remote-database-backup
4 years ago
5733b20dc3
bugfix: server creation was broken due to backupuser
4 years ago
42f0ae114a
DEV-273 added branch to rollout for stages
...
- master/main -> DEV
- qa -> QA
- prodnso -> PRODNSO
4 years ago
6394d9150c
bugfix: awx uses now own user for automation
4 years ago
92c11ecef4
bugfix: ansible user for awx
4 years ago
81d9923332
bugfix: updated ssh key configuration
...
- + peter.heise
- + gitlabci
- - ansible
- added date suffix to outdated ssh keys
- updating root ssh key is now active per default
4 years ago
e17c62f81e
DEV-371: added stuff to do remote backup
4 years ago
9d5105f764
feat: updated awx-operator/awx
...
- extracted argocd revision into variable
- on dev stage revision is main
- default revision is <stage> (qa, prodnso, ...)
4 years ago
30c2e8f45a
DEV-379: bugfix: k9s is not installed on kube control plane
4 years ago
ac8998f212
DEV-273: automate rollout ansible by gitlab
4 years ago
4b8a80a4ef
DEV-309: added keycloak PW-policy stuff
4 years ago
2b86dfc20c
DEV-308: fixed user keycloak interaction stuff for some technical users
4 years ago
ea2ef949c9
DEV-360: rollout k8s on prodnso
4 years ago
7c891e472c
feat: activated jaeger traecing on dev
...
- traefik
- connect
- iam
4 years ago
4b74d64949
review: added changes discussed with fgrz
4 years ago
45a6d3c90b
bugfix: filter k8s execution to first master node
4 years ago
74e4174826
SMAR-21: feat: added jaeger tracing
4 years ago
65df2886e3
DEV-359: feat: added jaeger-operator/jaeger
4 years ago
bd6fb2f189
DEV-341: cleanup after merge
...
- removed shared_service_awx_hostname
4 years ago
c732ab8eb3
DEV-341: tried to implement review critics
4 years ago
df8a544a3a
cleanup
4 years ago
4a62bf9813
bugfix: keycloak clients for connect
...
- redirect_uris are broken
- web_origins are broken
4 years ago
a5ff2d53c9
bugfix: rollout new kubernetes cluster
4 years ago
243aa4c584
bugfix: downgraded grafana version to 8.3.5
...
- 8.4.1 is not backwards compatible
4 years ago
1031348887
feat updated prometheus/grafana
4 years ago
af4341f571
bugfix: gitea metrics endpoint is now enabled by default
4 years ago
8b885a30b7
bugfix: patchay was broken due to missing pip dependency
...
- kubernetes
4 years ago
d8acf8b894
consolidation: renamed hetzner-ansible project on gitea
...
- gitea-admin/hetzner-ansible-copy.git
gitea-admin/hetzner-ansible.git
4 years ago
211039f7e6
bugfix: kubernetes deployment without root user and global become
4 years ago
5d604700dd
DEV-319: feat: split dev/qa into own hetzner projects
4 years ago
b24ab2e823
DEV-326: added stuff to configure AWX installation
4 years ago
39c4ee6eb0
bugfix: removed hard coded staged service (dev)
4 years ago
9b7ce348eb
DEV-323: added some stuff
4 years ago
199e49432c
bugfix: connect uses now netgo_msteams_hook_cd as connection
...
- <CI/CD> vs. <Alerting {{ stage }}> channel
4 years ago
aa09887b9e
feat: rollout new tokens/passwords for qa stage
4 years ago
9c7cdfd24b
feat: rollout new tokens/passwords for dev stage
4 years ago
7bd1a1436b
DEv-323: try to fix merge-conflict
4 years ago
68bde6085e
DEV-322: enable ApplicationSet CRD for argoCD
...
- added mechanism to apply defined argocd CRD-objects
4 years ago
5fc9e3233a
DEV-322: enable ApplicationSet CRD for argoCD; added mechanism to apply defined argocd CRD-objects
4 years ago
59a409fc32
DEV-342: added patchday playbook
4 years ago
78d2661c4a
DEV-339: added anti-affinity-rule to improve distribution of ingress-controller pods
4 years ago
11352747b2
feat: added connect feature to portal
...
- webdav
- resubmission
- element_template
- config_delete_Scope
- external_tasks_script_worker
4 years ago
1e2dfc3212
SMARCH-112 feat: read docker images directly from harbor
4 years ago
46e021d22c
DEV-327: added several stuff for new prodnso-stage + bugfixing and improving other stuff
4 years ago
b33fbc3f55
cleanup: removed empty handler/meta files
4 years ago
cdd9c2543a
cleanup: removed vault for group/all > moved to stage groups
...
- every stage has now its own vault file
4 years ago
190b8394eb
feat: added metricbeat (inactive)
4 years ago
6bd573ec24
bugifx: create docker networks only when docker_enabled
4 years ago
70af623ba4
feat: elastic - activated syslog and authlog
...
- filebeat will now ship syslog
{{ inventory_hostname }}-syslog-...
- filebeat will now ship authlog
{{ inventory_hostname }}-authlog-...
- updated filebeat/logstash to "7.16.3"
4 years ago
dc7ab93632
bugfix: harbor - removed full qualified project group
4 years ago
b545432b6a
bugfix: harbor - removed full qualified admin group
4 years ago
Ketelsen, Sven
sven.ketelsen
Görz, Friedrich
Hoan To
Michael Hähnel
friedrich goerz
Michael Haehnel
Philipp Eichhorn