71965a2412
gw-core01: increase mtu of launder vpn (used for the public wifi)
...
apparently the LTE connection on site actually get's an MTU of 1500
`traceroute -n --mtu <destination>` confirmed that
2022-10-01 23:30:46 +02:00
05228f19cf
gw-core01: persist dhcp leases
...
/etc/dhcp.leases is not saved with `sysupgrade -b`
2022-10-01 20:47:01 +02:00
bd42961a8c
playbook_provision_accesspoints: remove unnecessary statements
...
since 836436e
2022-10-01 20:34:49 +02:00
e7054c1b64
gw-core01: prepare configs for platform change
...
replace `Ubiquiti EdgeRouter X` with an `Sophos SG-125r2`
2022-09-28 01:54:16 +02:00
03e2986f7b
playbook_create_ssh_config: fix indentation of 'ProxyJump'
2022-09-28 00:49:10 +02:00
c4b282d7fb
playbook_distribute_authorized_keys: also set root pw on gw and aps
2022-09-28 00:47:14 +02:00
836436e625
incidents: (maintenance) add incident 020 about ap firmware upgrades
2022-09-28 00:40:12 +02:00
87e7767ea5
incidents: add incident 019 about broken ssh on ap-0b99
2022-09-27 23:55:16 +02:00
2db141ea4b
incidents: add incident 018 concerning power outages
...
in the facility management container
2022-09-27 23:41:22 +02:00
9580723103
documentation: fix typos
...
Fixes: 4a82e9fe69
2022-09-27 22:32:24 +02:00
4a82e9fe69
incident 017: close
...
* fixed instabilities by installing an ap into the social work container
* also installed an access switch for direct ethernet connections
2022-09-27 22:28:24 +02:00
b20538efaf
documentation: fix mac of `ap-1a38`
2022-09-27 18:38:54 +02:00
3664b97ab1
accesspoints: fix timezone
2022-09-26 01:25:20 +02:00
c311163884
playbook_provision_accesspoints: change vcs layout
...
* replace whole config files (instead of adding lines to existing files)
* move config tree beneath `templates/accesspoints`
* just like `gw-core01`
2022-09-26 00:59:49 +02:00
c00669664e
gw-core01: fix timezone
2022-09-26 00:34:07 +02:00
0084c1a742
playbook_provision_backbone: remove tunnel configuration for gw-core01
...
because that is already handled by `playbook_provision_gateway`
2022-09-26 00:34:07 +02:00
5461ae6e93
new playbook 'playbook_provision_gateway.yml'
...
finally move configuration of `gw-core01` into vcs
2022-09-26 00:34:06 +02:00
cc7a94127d
add new ap-ac7c
...
documentation will follow soon
2022-09-26 00:34:06 +02:00
60dcef23b7
limit txpower of ap-c5d1
2022-09-26 00:34:06 +02:00
6bcefd4955
incident 017: add another icmp probe `mon-e2e-wan01`
2022-09-15 02:02:22 +02:00
e1152c28a0
incidents: add 017 about instability of the network
2022-09-15 01:13:27 +02:00
9c5675cbf7
incidents: add 016 power outages on site
2022-09-15 00:48:26 +02:00
a3a9fdaa74
incident: create incident 015
...
switched gw-core01 back to the original hardware
2022-09-15 00:18:18 +02:00
01c3d3f300
grafana: filter jobs for `available devices` widget on public dashboard
...
ie. hiding the new blackbox jobs
also correct threshold for vms on `available devices` widget
2022-09-14 03:46:29 +02:00
c9843a4cdd
inventory: use /tmp as a the temporary dir on openwrt devices
...
* increases speed (in theory)
* conserve write cycles on the flash
2022-09-14 03:27:20 +02:00
f0115625f6
monitoring: add end to end tests to monitor internet reachability
...
via imcp (blackbox exporter)
There are two exporters.
One lives inside `monitoring01` and uses the "normal" route into the
internet without a vpn (job: `e2e_default_v4`).
The other one lives inside `mon-e2e-clients01` and routes into the
internet via the vpn (job: `e2e_clients_v4`).
2022-09-14 03:12:22 +02:00
60e57af853
hypervisor: create new container "mon-e2e-clients01"
...
* lives inside the public network
* configured static lease on `gw-core01` for `mon-e2e-clients01`
* because of the policy-based-routing `mon-e2e-clients01` is not able to
route into other network than the internet/wan. Jump via `gw-core01`
if you want to reach this container
2022-09-14 03:11:05 +02:00
bbfc548e23
rename playbook_provision_hyper01 -> playbook_provision_hypervisor
2022-09-14 03:01:41 +02:00
10d8e0133e
monitoring: rollout node exporters on new inventory group "container"
...
Fixes: e350445a4b
2022-09-14 02:59:48 +02:00
e539d6c36f
pass: move container credentials into own folder
2022-09-14 02:58:42 +02:00
e350445a4b
playbook_provision_hyper01: generify playbook
...
now we read the containers to create dynamically from the inventory
2022-09-14 02:56:05 +02:00
24a31603ef
monitoring: move node exporter installation into single task
2022-09-14 02:26:27 +02:00
6623cc0e09
monitoring: alert on node reboots
2022-09-14 02:16:15 +02:00
79d46e3100
add `ap-8f38`
...
also document mullvad vpn tunnel
2022-09-09 02:07:13 +02:00
dfab9afcde
update incident log
...
* update 012
* create 013 - 015
2022-09-09 01:50:22 +02:00
67ebf9b9bb
monitoring: automagically provision grafana
2022-09-04 18:56:20 +02:00
6e108868cb
incident 012: still not fixed after power supply replacement
2022-09-04 15:23:16 +02:00
b57200bd6c
incidents: add 012 about the ongoing random reboots of gw-core01
2022-09-02 22:05:25 +02:00
b5698a6c90
incident 009: document traffic laundering
2022-09-01 16:32:13 +02:00
5349baa100
incident 011: update to inform about long term solution
2022-09-01 13:11:25 +02:00
d57b0ae362
incidents: add incidents 009 till 011
2022-09-01 13:06:15 +02:00
1d01fa7020
incidents: clean up 008
...
Fixes: b96fa8542c
2022-08-22 15:56:40 +02:00
b96fa8542c
add backoffice wifi
2022-08-22 15:53:37 +02:00
dc5be9eacf
documentation: fix IPAM typo for client v4 space
2022-08-21 22:23:30 +02:00
f240192bab
incidents: paginate incidents
2022-08-21 22:19:19 +02:00
6e5d4448db
incident - 2022.08.01: no internet access for 2 weeks
2022-08-21 22:15:09 +02:00
f481f91e5f
incident - 2022.07.23: update regarding facility access
2022-07-28 02:44:25 +02:00
974e141f6e
incidents: os upgrades (maintenance)
2022-07-28 02:41:32 +02:00
21362b546b
doc - OVERVIEW: info regarding the upstream connectivity
2022-07-28 02:28:37 +02:00
830f99036f
pass: add entry for gigacube-E950
2022-07-28 02:19:33 +02:00
Gregor Michels