166a2d33b8
new playbook 'playbook_provision_switches'
...
to finally provision switches via ansible.
Because we cannot fit python onto the switches we are using the awesome
ansible module/role from gekmihesg to still be able to automate this :)
https://github.com/gekmihesg/ansible-openwrt
2022-11-03 00:15:05 +01:00
4a784df86c
add submodule "gekmihesg.openwrt"
...
to be able to provision the switches (sadly not enough rom for python)
2022-11-03 00:07:31 +01:00
aa8e746faf
playbook_sysupgrade.yml: add empty firmware directory into vcs
...
Fixes: a9429b661a
2022-11-02 23:53:07 +01:00
8e44051abd
incident 024: include openwrt version header
2022-10-24 02:37:16 +02:00
c4d329fd49
correct hardware overview for gw-core01
...
since the "big" replacement of gw-core01 the device itself and the mac
changed.
Fixes: 0e838e7dc1
2022-10-24 02:25:58 +02:00
492c343af2
correct gigacube doc and pw entry
...
after Vodafone expired theire free tier for refugee camps the camp
received a different gigacube
2022-10-24 02:21:04 +02:00
54b8fdd7f2
incident 024: also upgrade gw-core01
...
Fixes: a030383fb8
2022-10-24 01:50:45 +02:00
59b841850d
gateways: define garet profile and release
2022-10-24 01:41:22 +02:00
01abb9c160
playbook_sysupgrade: extend fw upgrade automation onto gateways
2022-10-24 01:40:41 +02:00
a030383fb8
incidents: add maintenance incident 024 about fw upgrades on aps
2022-10-24 00:55:04 +02:00
8d79518516
accesspoints: pin fw to garet aruba-ap-105_21.02 (845a6ba)
2022-10-24 00:34:30 +02:00
a9429b661a
playbook_sysupgrade: make idempotent
...
only issue a sysupgrade if the desired garet version and profile
specified in the inventory does not match the firmware running on the
device.
Because we do not put the firmware files into this git, simply
clone the garet repo, checkout the desired commit, build the needed
profile and then put the firmware file into
firmware/garet_${profile}-${version}.bin
2022-10-24 00:25:18 +02:00
c51e5e438a
incidents: add incident 023 about broken public wifi
2022-10-19 02:13:35 +02:00
ec917a24c6
monitoring: add alarm "PublicWifiUpstreamLost"
2022-10-19 02:05:32 +02:00
df6a5a93ef
monitoring: remove non-dns e2e test
2022-10-19 02:01:08 +02:00
466fefeb8d
gw-core01: reenable traffic laundering for the public wifi
...
Fixes: 6297531dfd
2022-10-19 01:47:30 +02:00
6297531dfd
gw-core01: temporarily disable traffic laundering for the public wifi
...
because the vpn connection stopped handshaking yesterday
2022-10-18 12:58:19 +02:00
bb9f502eb9
accesspoints: limit backoffice wifi to aps inside office containers
2022-10-11 01:29:49 +02:00
7d4d297ef5
inventory: add location information to accesspoints
2022-10-11 01:29:49 +02:00
46d02e4822
todo: mark incident 022 as done
...
Fixes: 9313dc32ff
2022-10-11 00:56:47 +02:00
9313dc32ff
incidents: add maintenance incident 022 about directional lte antenna
2022-10-11 00:50:39 +02:00
5cc5c8e81d
todo: mark `incident 21` as done
...
Fixes: 0e838e7dc1
2022-10-11 00:48:30 +02:00
0e838e7dc1
incidents: add maintenance incident 021 - replace gw-core01
2022-10-10 23:17:05 +02:00
f83792749e
update todos
2022-10-08 16:42:02 +02:00
71965a2412
gw-core01: increase mtu of launder vpn (used for the public wifi)
...
apparently the LTE connection on site actually get's an MTU of 1500
`traceroute -n --mtu <destination>` confirmed that
2022-10-01 23:30:46 +02:00
05228f19cf
gw-core01: persist dhcp leases
...
/etc/dhcp.leases is not saved with `sysupgrade -b`
2022-10-01 20:47:01 +02:00
bd42961a8c
playbook_provision_accesspoints: remove unnecessary statements
...
since 836436e
2022-10-01 20:34:49 +02:00
e7054c1b64
gw-core01: prepare configs for platform change
...
replace `Ubiquiti EdgeRouter X` with an `Sophos SG-125r2`
2022-09-28 01:54:16 +02:00
03e2986f7b
playbook_create_ssh_config: fix indentation of 'ProxyJump'
2022-09-28 00:49:10 +02:00
c4b282d7fb
playbook_distribute_authorized_keys: also set root pw on gw and aps
2022-09-28 00:47:14 +02:00
836436e625
incidents: (maintenance) add incident 020 about ap firmware upgrades
2022-09-28 00:40:12 +02:00
87e7767ea5
incidents: add incident 019 about broken ssh on ap-0b99
2022-09-27 23:55:16 +02:00
2db141ea4b
incidents: add incident 018 concerning power outages
...
in the facility management container
2022-09-27 23:41:22 +02:00
9580723103
documentation: fix typos
...
Fixes: 4a82e9fe69
2022-09-27 22:32:24 +02:00
4a82e9fe69
incident 017: close
...
* fixed instabilities by installing an ap into the social work container
* also installed an access switch for direct ethernet connections
2022-09-27 22:28:24 +02:00
b20538efaf
documentation: fix mac of `ap-1a38`
2022-09-27 18:38:54 +02:00
3664b97ab1
accesspoints: fix timezone
2022-09-26 01:25:20 +02:00
c311163884
playbook_provision_accesspoints: change vcs layout
...
* replace whole config files (instead of adding lines to existing files)
* move config tree beneath `templates/accesspoints`
* just like `gw-core01`
2022-09-26 00:59:49 +02:00
c00669664e
gw-core01: fix timezone
2022-09-26 00:34:07 +02:00
0084c1a742
playbook_provision_backbone: remove tunnel configuration for gw-core01
...
because that is already handled by `playbook_provision_gateway`
2022-09-26 00:34:07 +02:00
5461ae6e93
new playbook 'playbook_provision_gateway.yml'
...
finally move configuration of `gw-core01` into vcs
2022-09-26 00:34:06 +02:00
cc7a94127d
add new ap-ac7c
...
documentation will follow soon
2022-09-26 00:34:06 +02:00
60dcef23b7
limit txpower of ap-c5d1
2022-09-26 00:34:06 +02:00
6bcefd4955
incident 017: add another icmp probe `mon-e2e-wan01`
2022-09-15 02:02:22 +02:00
e1152c28a0
incidents: add 017 about instability of the network
2022-09-15 01:13:27 +02:00
9c5675cbf7
incidents: add 016 power outages on site
2022-09-15 00:48:26 +02:00
a3a9fdaa74
incident: create incident 015
...
switched gw-core01 back to the original hardware
2022-09-15 00:18:18 +02:00
01c3d3f300
grafana: filter jobs for `available devices` widget on public dashboard
...
ie. hiding the new blackbox jobs
also correct threshold for vms on `available devices` widget
2022-09-14 03:46:29 +02:00
c9843a4cdd
inventory: use /tmp as a the temporary dir on openwrt devices
...
* increases speed (in theory)
* conserve write cycles on the flash
2022-09-14 03:27:20 +02:00
f0115625f6
monitoring: add end to end tests to monitor internet reachability
...
via imcp (blackbox exporter)
There are two exporters.
One lives inside `monitoring01` and uses the "normal" route into the
internet without a vpn (job: `e2e_default_v4`).
The other one lives inside `mon-e2e-clients01` and routes into the
internet via the vpn (job: `e2e_clients_v4`).
2022-09-14 03:12:22 +02:00
Gregor Michels