ccdff552f1
DEV-596 playbook update-monitoring is broken
3 years ago
98c5f39c85
DEV-579: added prometheus basic auth
3 years ago
f47c5dc345
DEV-578 investigation for hetzner api rate limits
3 years ago
9919985e3d
DEV-593 updated versions
3 years ago
01049bf031
DEV-548: testcluster
3 years ago
bad109ad83
DEV-582: rollback prom2teamsd version due to problems during container start
3 years ago
0b1ef4f671
DEV-558: pinned helm chart version + adding some values for knative monitoring
3 years ago
ac7285bbcf
DEV-572: alertmanager metrics
3 years ago
a49e2923d5
DEV-529: Dynamic shared memory type fix from posix to mmap
3 years ago
1a529cf787
DEV-553: added remove hcloud volumes at the end of restore playbook
3 years ago
9e6f28c62a
DEV-563: added hetzner dashboard + svennes dashboard + refactoring alert for hetzner_api_rate_limit
3 years ago
01c972771b
Rollout main=>qa 13.09.2022
3 years ago
d644293f9b
Dev 544 backup storage
3 years ago
e6dddbe4c9
DEV 534: Added hetzner volume to prodnso-postgres-01 for /backups
3 years ago
ea79ce2a29
DEV-517: changed DO-token due to 'too many request' problem
3 years ago
4d8ea01578
DEV-507 process start from wordpress is broken
...
- after connect/wordpress update through the portal the
wordpress used a wrong useris in communication with
the connect backend
4 years ago
b1541dc747
DEV-497/DEV-505: changed startupprobe params for gitea
4 years ago
ab5cba3c7c
SC-05: add devscr variables to create harbor-pull secret
4 years ago
beb013aca3
DEV-497: added stuff for gitea to for bootstrapping k8s-clsuter
4 years ago
ca121933ea
DEV-503: bugfix: added missing configuration for harbor realm
4 years ago
c744eaa837
DEV-497: created new branch due to git-problems - dunno what exactly
4 years ago
41a065b048
bugfix: regression for etc/hosts update
...
- shouldn't run for non hcloud servers at all
when expression was wrongly negated
4 years ago
f00fdbe808
bugfix: fixed when expression (regression from DEV-492)
4 years ago
b23b571f79
DEV-492: fix /etc/hosts-issue for DO-VMs
4 years ago
9d418ccf11
DEV-476: consolidate dev-blackbox-01 on digitalocean platform
4 years ago
0186de2e94
feat: rollout certs on qa
4 years ago
acd2205aed
bugfix: removed variable k8s_namespace
...
- has to be set when a k8s namespace should be created
4 years ago
1fd63f3676
feat: updated elastic certs on dev stage
...
- create new certificates (--days 1095)
- rollout with playbook smardigo.yml + -t update_certs
all elasticsearch
all kibana
all logstash
- rollout with playbook setup.yml + -t update_certs
all filebeat
- manually updates connect certs
use smardigo.yml + -t update_certs - with connect role
4 years ago
84a013d169
MOB-148: added k8s cluster for mobene stuff
4 years ago
0f69260711
DEV-416: added stuff to enable filebeat for postgres + mariabb instances
4 years ago
55ebe36758
MOB-102: office 365 email account (QA/PROD)
4 years ago
8180523963
DEV-480: decrease prometheus retention time for DEV-stage
4 years ago
ebf2d41e48
DEV-473: changed custom metric queries to reduce messages in error.log
4 years ago
1c5b1c44dd
DEV-391: fix merge problems + fixing linter problems
4 years ago
05ccebc851
feat: added initial password creation to portal
...
- randomize passwords according to password policies
2 Uppercase Characters
2 Lowercase Characters
2 Special Characters
1 Digits
4 years ago
00ca2bc3f1
feat: added initial password creation to portal
...
- randomize passwords according to password policies
2 Uppercase Characters
2 Lowercase Characters
2 Special Characters
1 Digits
4 years ago
8c69471639
DEV-477 bugfix: delete wordpress database when service is deleted by portal
4 years ago
0eac3f3d3c
DEV-429: mariadb upgrade
4 years ago
06a395855b
feat: argo-cd
...
- activated json logging
- disabled application set controller
4 years ago
25bd87846c
feat: kibana - default index patterns
...
- uncategorized-*
- {{ stage }}-*-authlog-*
- {{ stage }}-*-syslog-*
- {{ stage }}-monitoring-*
- {{ stage }}-management-*-connect-*
4 years ago
0d5976898a
NOTICKET: corrected bloody typo
4 years ago
4bf4167216
DEV-386: to use techn.user to scrape metrics for ssh-root-login
4 years ago
ff9c0d94a1
Extended Monitoring/Alerting for PostgreSQL
4 years ago
acee683569
feat: added workflow heatmap flag to portal
...
- SMA_WORKFLOW_HEATMAP_ENABLED: [false]|true
4 years ago
5d1b951f39
DEV-466: added missing but needed package
4 years ago
0fe89b4985
DEV-452: tried to fix some stuff
4 years ago
0c8bfdb3d9
DEV-452: tried to fix some stuff
4 years ago
a3bf98465a
DEV-452: added workaround to fix problem with missing hetzner internal network
4 years ago
cd09b5bb5e
DEV-452: added workaround to fix problem with missing hetzner internal network
4 years ago
f7a43f5981
DEV-452: added workaround to fix problem with missing hetzner internal network
4 years ago
31e79f7ee6
DEV-452: added DEBUG statements to get more information in case of problems
4 years ago
5ce99dbb58
DEV-452: pimped recursive _set_server_state.yml - bugfixed
4 years ago
37ca359842
DEv-452: added recursive _set_server_state.yml to work around hetzners...
4 years ago
c4a7359e6c
chore: added argo-cd projects
...
- bootstrap
- kube-system
- infrastructure
4 years ago
104ede597d
chore: removed stage prefix from pull secret (namespace)
4 years ago
ae1e2854dc
chore: removed stage prefix from pull secret (namespace)
4 years ago
60a6c73be6
DEV-424 export for wordpress database (maria)
4 years ago
dac7002ad9
DEV-452: added potential fixes for our hetzner create_server - is locked/message problem
4 years ago
fff42dea2c
chore: removed ignore_errors due to a bug in smardigo
4 years ago
b4937db87a
DEV-375: bugfix to run stuff for testdb only when is set
4 years ago
750b109b54
chore: added ignore_errors due to a bug in smardigo
4 years ago
ad80ceeaaa
SMARCH-126: bootstrap argocd with argocd
4 years ago
20c745eeb4
SMARCH-126: bootstrap argocd with argocd
4 years ago
80c94ef184
SMARCH-126: bootstrap argocd with argocd
4 years ago
8923ab7574
SMARCH-126: Bootstrap ArgoCD by ArgoCD
4 years ago
315bee648d
DEV-439: removed leftovers from mariadb-transport-encyrption
4 years ago
f0eab6d3ae
DEv-421: refactored installation for postgres-exporter + installed newer...
4 years ago
f4c97a9a04
DEV-432: ansible stuff to change ssh ciphers on serverside + added new ssh key for fgoerz
4 years ago
819a658e50
DEV-422: mariadb deactivate ssl stuff to ensure stable smardigo-ENV
4 years ago
ea2e31cd27
DEV-383: fixing bug
4 years ago
62e0a64f26
DEV-414: follow-up tasks prod@hetzner-incident
4 years ago
49fc416764
DEV-382: enable SSL for postgres-connections
4 years ago
d99c9001bf
DEV-383: enable SSL for mariadb-connections
4 years ago
7d7dbcf622
NOTICKET: hetzner bugfix
4 years ago
fc5745eac2
NOTICKET: fix broken playbook due to renamed yml file
4 years ago
fe66a12c6e
bugfix: typo
4 years ago
5a728d97be
bugfix: typo
4 years ago
6fbc3af3c4
DEV-374: implemented logical restore-test to check if restore was succussful
4 years ago
43da648df6
DEV-389: added gpg-decryption for backup
4 years ago
0c9042da83
DEV-373: try to automate restore from database backup
4 years ago
80b321cd65
DEV-375 feat: new process for backup scheduling
4 years ago
49aa913213
bugfix: backup runs with gather_facts: false
4 years ago
1ee340fdd3
bugfix: added awx templates
...
- create-remote-database-backup
4 years ago
5733b20dc3
bugfix: server creation was broken due to backupuser
4 years ago
42f0ae114a
DEV-273 added branch to rollout for stages
...
- master/main -> DEV
- qa -> QA
- prodnso -> PRODNSO
4 years ago
6394d9150c
bugfix: awx uses now own user for automation
4 years ago
92c11ecef4
bugfix: ansible user for awx
4 years ago
81d9923332
bugfix: updated ssh key configuration
...
- + peter.heise
- + gitlabci
- - ansible
- added date suffix to outdated ssh keys
- updating root ssh key is now active per default
4 years ago
e17c62f81e
DEV-371: added stuff to do remote backup
4 years ago
9d5105f764
feat: updated awx-operator/awx
...
- extracted argocd revision into variable
- on dev stage revision is main
- default revision is <stage> (qa, prodnso, ...)
4 years ago
30c2e8f45a
DEV-379: bugfix: k9s is not installed on kube control plane
4 years ago
ac8998f212
DEV-273: automate rollout ansible by gitlab
4 years ago
4b8a80a4ef
DEV-309: added keycloak PW-policy stuff
4 years ago
2b86dfc20c
DEV-308: fixed user keycloak interaction stuff for some technical users
4 years ago
ea2ef949c9
DEV-360: rollout k8s on prodnso
4 years ago
7c891e472c
feat: activated jaeger traecing on dev
...
- traefik
- connect
- iam
4 years ago
4b74d64949
review: added changes discussed with fgrz
4 years ago
45a6d3c90b
bugfix: filter k8s execution to first master node
4 years ago
74e4174826
SMAR-21: feat: added jaeger tracing
4 years ago
65df2886e3
DEV-359: feat: added jaeger-operator/jaeger
4 years ago
bd6fb2f189
DEV-341: cleanup after merge
...
- removed shared_service_awx_hostname
4 years ago
c732ab8eb3
DEV-341: tried to implement review critics
4 years ago
df8a544a3a
cleanup
4 years ago
4a62bf9813
bugfix: keycloak clients for connect
...
- redirect_uris are broken
- web_origins are broken
4 years ago
a5ff2d53c9
bugfix: rollout new kubernetes cluster
4 years ago
243aa4c584
bugfix: downgraded grafana version to 8.3.5
...
- 8.4.1 is not backwards compatible
4 years ago
1031348887
feat updated prometheus/grafana
4 years ago
af4341f571
bugfix: gitea metrics endpoint is now enabled by default
4 years ago
8b885a30b7
bugfix: patchay was broken due to missing pip dependency
...
- kubernetes
4 years ago
d8acf8b894
consolidation: renamed hetzner-ansible project on gitea
...
- gitea-admin/hetzner-ansible-copy.git
gitea-admin/hetzner-ansible.git
4 years ago
211039f7e6
bugfix: kubernetes deployment without root user and global become
4 years ago
5d604700dd
DEV-319: feat: split dev/qa into own hetzner projects
4 years ago
b24ab2e823
DEV-326: added stuff to configure AWX installation
4 years ago
39c4ee6eb0
bugfix: removed hard coded staged service (dev)
4 years ago
9b7ce348eb
DEV-323: added some stuff
4 years ago
199e49432c
bugfix: connect uses now netgo_msteams_hook_cd as connection
...
- <CI/CD> vs. <Alerting {{ stage }}> channel
4 years ago
aa09887b9e
feat: rollout new tokens/passwords for qa stage
4 years ago
9c7cdfd24b
feat: rollout new tokens/passwords for dev stage
4 years ago
7bd1a1436b
DEv-323: try to fix merge-conflict
4 years ago
68bde6085e
DEV-322: enable ApplicationSet CRD for argoCD
...
- added mechanism to apply defined argocd CRD-objects
4 years ago
5fc9e3233a
DEV-322: enable ApplicationSet CRD for argoCD; added mechanism to apply defined argocd CRD-objects
4 years ago
59a409fc32
DEV-342: added patchday playbook
4 years ago
78d2661c4a
DEV-339: added anti-affinity-rule to improve distribution of ingress-controller pods
4 years ago
11352747b2
feat: added connect feature to portal
...
- webdav
- resubmission
- element_template
- config_delete_Scope
- external_tasks_script_worker
4 years ago
1e2dfc3212
SMARCH-112 feat: read docker images directly from harbor
4 years ago
46e021d22c
DEV-327: added several stuff for new prodnso-stage + bugfixing and improving other stuff
4 years ago
b33fbc3f55
cleanup: removed empty handler/meta files
4 years ago
cdd9c2543a
cleanup: removed vault for group/all > moved to stage groups
...
- every stage has now its own vault file
4 years ago
190b8394eb
feat: added metricbeat (inactive)
4 years ago
6bd573ec24
bugifx: create docker networks only when docker_enabled
4 years ago
70af623ba4
feat: elastic - activated syslog and authlog
...
- filebeat will now ship syslog
{{ inventory_hostname }}-syslog-...
- filebeat will now ship authlog
{{ inventory_hostname }}-authlog-...
- updated filebeat/logstash to "7.16.3"
4 years ago
dc7ab93632
bugfix: harbor - removed full qualified project group
4 years ago
b545432b6a
bugfix: harbor - removed full qualified admin group
4 years ago
7d211d93ad
bugfix: prometheus update_config didn't reload config
...
- container isn't restarted always anymore
- added reload by rest api
4 years ago
58413ca173
bugfix: update awx repository was broken
4 years ago
4004b34b64
Feature/dev 316 3rd
4 years ago
76289d2242
DEV-316: fixing linter problems
4 years ago
56f7859314
feat: add access to create/edit dashboards/visualizations
4 years ago
19fa1db9c8
Feature/dev 315
4 years ago
b7624efbca
feat: configuration of connections for connect management installation
...
- awx
- teams
4 years ago
77c27e706b
feat: configuration of connections for connect management installation
...
- awx
- teams
4 years ago
9ae762b6e1
DEV-315: fixed ansible error to get ansible-lint initially running
4 years ago
591e40a283
DEV-310: git-rm docker-role from geerlingguy - can be used via include...
4 years ago
44c7509e11
feat: consolidation for harbor
...
- dev-docker-registry-01 -> dev-harbor-01
- qa-docker-registry-01 -> qa-harbor-01
4 years ago
d1b41daa87
Feature/dev 302
4 years ago
37d94b5166
DEV-302: abolish manual installation steps
4 years ago
0f35703e03
bugfix: fixed retry logic for hetzner network check
4 years ago
05a6f8a67f
feat: added service filtering for kibana dashboard
4 years ago
40e0a44043
DEV-279: review / vaulted variables
4 years ago
333823fb4c
DEV-279: implemented 'svensons' review critics
4 years ago
f3fc209a02
feat: default configuration for keycloak master realm
...
- mail
- events
- language
4 years ago
1d8b7dae90
bugfix: added group mapper to default keycloak client config
4 years ago
3d304f4ec1
DEV-279: added oidc/rbac for argocd setup (keycloak)
4 years ago
20a2e8a2e3
DEV-257: implemented wish for smardigo star-architect <<sken>> :P
4 years ago
820b162b15
DEV-271: added systemd-file as workaround for hazzle with container start order
4 years ago
baed2bf51b
bugfix: smardigo_user_token creation doesn't require become
4 years ago
79cad695e7
feat: updated keycloak image version
...
- keycloak 12.0.4 -> 14.0.0
- updated smardigo images (netgo branding)
4 years ago
ed4ebc8630
feat: updated keycloak image version
...
- keycloak 12.0.4 -> 14.0.0
- updated smardigo images (netgo branding)
4 years ago
3cffeed705
feat: updated keycloak image version
...
- keycloak 12.0.4 -> 14.0.0
- updated smardigo images (netgo branding)
4 years ago
9eb945812d
feat: uptade prometheus stack images to current versions
4 years ago
c1460fa045
chore: set storage.tsdb.retention.time from 12w to 4w
4 years ago
d9d980b009
DEV-282: feat: added configuration of parameters through web portal
4 years ago
34a88236f3
DEV-298: added hacky shell script to make harbor upgrade a little bit easier
4 years ago
c9131276e3
bugfix: connect-wordpress orchestration
...
- added missing configuration to wordpress service
REALM_ID
REGISTRATION_ID
CLIENT_ID
CLIENT_SECRET
CLIENT_USERNAME
CLIENT_PASSWORD
SMARDIGO_AUTH_TOKEN_NAME
SMARDIGO_AUTH_TOKEN_VALUE
4 years ago
212ef00807
bugfix: connect-wordpress orchestration
...
- added missing configuration to wordpress service
REALM_ID
REGISTRATION_ID
CLIENT_ID
CLIENT_SECRET
CLIENT_USERNAME
CLIENT_PASSWORD
SMARDIGO_AUTH_TOKEN_NAME
SMARDIGO_AUTH_TOKEN_VALUE
4 years ago
abbe742118
feat: set storage.tsdb.retention.time from 15w to 12w
4 years ago
34e5f301e4
bugfix: disabled argocd dex server
...
- service isn't used at all
4 years ago
9f9a192432
DEV-269: added stuff to federate k8s-internal prometheus metrics
4 years ago
a0f70890f1
DEV-258: added code to configure (users|roles) objects in elastic
4 years ago
ea231be89f
DEV-277 feat: added stage for external usage
...
- stage without shared services
- setup isolated services
4 years ago
dabd42d40e
DEV-280: added comment and removed my senseless delay/retries params
4 years ago
e58e5a4e05
CVE-2021-44228: updates es from 7.14.0 to 7.16.1
4 years ago
e0f90428fd
DEV-280: added retries to get hcloud requests from ansible more reliable
4 years ago
9d3e839082
DEV-280: BUGFIXED wait_for task to to fix broken smardigo-step 'create-server'
4 years ago
00aacf90c6
DEV-280: added wait_for task to to fix broken smardigo-step 'create-server'
4 years ago
6f411c9743
feat: Task remove /etc/docker/daemon.json added
4 years ago
b0c3b5d947
feat: Set smardigo-theme for master realm
4 years ago
5bdff07d1b
DEV-253: digitalocean stuff - add droplet but not idempotentgit branch git branch plz check
4 years ago
54d6b82f1f
DEV-244 feat: added power dns to stage dev
4 years ago
dc31119c05
feat: new playbook to manipulate services from portal
...
- update-service-state.yml
service_state
up
down
upgrade
4 years ago
8baf07a85c
feat: added backups to smardigo portal
4 years ago
631e0b8778
bugfix: fixed variable name
...
- vault_replicator_user_password
> postgres_replicator_user_password
4 years ago
d24e009c48
DEV-254: added backup/restore playbooks
4 years ago
a792a7f9e7
feat: integrated monitoring updates in smardigo portal
4 years ago
31104d1e16
bugfix/cleanup
...
- update-monitoring
- k8s-cluster -> k8s_cluster
4 years ago
671c3a9657
DEV-240: added code for k8s-external single-instance redis instance for DEV+QA
4 years ago
bc39cdbb04
feat: added external-dns with digitalocean configuration
4 years ago
aeabec152c
SMARCH-106: added stuff for multi tenant setup
...
- workflow-index-postgres
- workflow-proxy-postgres
- workflow-proxy-realm
4 years ago
0dcdc9a13c
feat: added tag upgrade to playbook setup
...
- Updating apt cache
- Upgrade all packages
4 years ago
b9192557ab
feat: added service monitor for cert-manager (prometheus)
4 years ago
e78a11d431
cleanup:
...
- removed echo server
- stick cert manager to 1.5.4
4 years ago
123d1dd917
chore: prometheus add note for PersistentVolumeClaim
4 years ago
1450f91d2e
cleanup: added some tags to kubernetes roles
4 years ago
575e5cd131
feat: activated public ingress access over hetzner load balancer
...
- disable-public-network: true -> false
4 years ago
31298d109d
feat: deploy docker registry key to namespace
4 years ago
ef3634cf4e
feat: added nginx ingress monitoring
4 years ago
d580278227
Revert "bugfix: kube: monitoring removed wrong labels"
...
This reverts commit 49e7ee6ee7
4 years ago
49e7ee6ee7
bugfix: kube: monitoring removed wrong labels
4 years ago
c2ef361964
kubespray
...
- renamed groups to match kubespray
kube-master -> kube_control_plane
kube-node -> kube_node
4 years ago
8f94c4aae0
feat: added hetzner csi plugin
4 years ago
Ketelsen, Sven
Hoan To
Görz, Friedrich
friedrich goerz
Philipp Eichhorn
Michael Hähnel
Claus Paetow
Ketelsen, Sven