rc/servers
2
0
Fork 0
Code Issues Pull requests Actions Packages Projects 1 Releases Wiki Activity
servers/roles
History
Timotej Lazar 46a9ff6fc0 ceph: add LE certificates 
With a hook to restart RGW services on renewal, if there are any. Live
certificates are linked to the same path under /etc/ceph on each host,
so that the orch service spec is node-independent.

Use with something like this (port 80 must be kept free for standalone
certbot renewal):

    service_type: rgw
    spec:
      rgw_frontend_port: 8080
      rgw_frontend_extra_args:
        - ssl_port=443
        - ssl_private_key=/etc/ceph/privkey.pem
        - ssl_certificate=/etc/ceph/fullchain.pem
    extra_container_args:
      - "--volume"
      - "/etc/ceph:/etc/ceph:ro"
      - "--volume"
      - "/etc/letsencrypt:/etc/letsencrypt:ro"
2024-11-08 16:38:15 +01:00
..
alpine alpine: disable IPv6 automatic addresses 2024-09-21 22:41:36 +02:00
ceph ceph: add LE certificates 2024-11-08 16:38:15 +01:00
debian Deconsolidate network setup for proxmox and debian roles 2024-08-28 12:43:14 +02:00
dnsmasq dnsmasq: sort ranges by network name 2024-10-21 15:35:32 +02:00
dokuwiki doku: unoverride style for external link icons 2024-10-22 10:16:46 +02:00
facts/tasks facts: don’t barf on missing passwords 2024-09-27 14:02:39 +02:00
forgejo Factor out password store retrieval 2024-07-04 15:31:57 +02:00
friwall friwall: add missing notify 2024-07-05 11:04:01 +02:00
frr frr: use service module for reloading 2024-09-10 16:44:21 +02:00
grafana Add grafana role 2024-09-27 16:14:23 +02:00
influxdb Add influxdb role 2024-09-27 16:14:10 +02:00
netbox netbox: allow registered users to view everything 2024-08-15 17:11:29 +02:00
nginx nginx: reload server for renewed LE certificates 2024-10-22 10:02:55 +02:00
opensmtpd/tasks Import friwall role from network ansible scripts 2024-07-04 15:31:53 +02:00
postgres/tasks postgres: store DB password with other secrets 2024-08-15 12:58:24 +02:00
proxmox proxmox: set mail relay 2024-09-10 10:18:40 +02:00
proxmox-backup proxmox-backup add nftables template 2024-09-10 15:40:16 +02:00
redis/tasks netbox: factor out redis role 2024-06-25 00:52:57 +02:00
samba samba: check AD membership with net 2024-05-28 12:51:44 +02:00
synapse synapse: read DB password from secret store 2024-09-06 16:30:51 +02:00