Gregor Michels
aa8e746faf
playbook_sysupgrade.yml: add empty firmware directory into vcs
...
Fixes: a9429b661a
2022-11-02 23:53:07 +01:00
Gregor Michels
8e44051abd
incident 024: include openwrt version header
2022-10-24 02:37:16 +02:00
Gregor Michels
c4d329fd49
correct hardware overview for gw-core01
...
since the "big" replacement of gw-core01 the device itself and the mac
changed.
Fixes: 0e838e7dc1
2022-10-24 02:25:58 +02:00
Gregor Michels
492c343af2
correct gigacube doc and pw entry
...
after Vodafone expired theire free tier for refugee camps the camp
received a different gigacube
2022-10-24 02:21:04 +02:00
Gregor Michels
54b8fdd7f2
incident 024: also upgrade gw-core01
...
Fixes: a030383fb8
2022-10-24 01:50:45 +02:00
Gregor Michels
59b841850d
gateways: define garet profile and release
2022-10-24 01:41:22 +02:00
Gregor Michels
01abb9c160
playbook_sysupgrade: extend fw upgrade automation onto gateways
2022-10-24 01:40:41 +02:00
Gregor Michels
a030383fb8
incidents: add maintenance incident 024 about fw upgrades on aps
2022-10-24 00:55:04 +02:00
Gregor Michels
8d79518516
accesspoints: pin fw to garet aruba-ap-105_21.02 (845a6ba)
2022-10-24 00:34:30 +02:00
Gregor Michels
a9429b661a
playbook_sysupgrade: make idempotent
...
only issue a sysupgrade if the desired garet version and profile
specified in the inventory does not match the firmware running on the
device.
Because we do not put the firmware files into this git, simply
clone the garet repo, checkout the desired commit, build the needed
profile and then put the firmware file into
firmware/garet_${profile}-${version}.bin
2022-10-24 00:25:18 +02:00
Gregor Michels
c51e5e438a
incidents: add incident 023 about broken public wifi
2022-10-19 02:13:35 +02:00
Gregor Michels
ec917a24c6
monitoring: add alarm "PublicWifiUpstreamLost"
2022-10-19 02:05:32 +02:00
Gregor Michels
df6a5a93ef
monitoring: remove non-dns e2e test
2022-10-19 02:01:08 +02:00
Gregor Michels
466fefeb8d
gw-core01: reenable traffic laundering for the public wifi
...
Fixes: 6297531dfd
2022-10-19 01:47:30 +02:00
Gregor Michels
6297531dfd
gw-core01: temporarily disable traffic laundering for the public wifi
...
because the vpn connection stopped handshaking yesterday
2022-10-18 12:58:19 +02:00
Gregor Michels
bb9f502eb9
accesspoints: limit backoffice wifi to aps inside office containers
2022-10-11 01:29:49 +02:00
Gregor Michels
7d4d297ef5
inventory: add location information to accesspoints
2022-10-11 01:29:49 +02:00
Gregor Michels
46d02e4822
todo: mark incident 022 as done
...
Fixes: 9313dc32ff
2022-10-11 00:56:47 +02:00
Gregor Michels
9313dc32ff
incidents: add maintenance incident 022 about directional lte antenna
2022-10-11 00:50:39 +02:00
Gregor Michels
5cc5c8e81d
todo: mark `incident 21` as done
...
Fixes: 0e838e7dc1
2022-10-11 00:48:30 +02:00
Gregor Michels
0e838e7dc1
incidents: add maintenance incident 021 - replace gw-core01
2022-10-10 23:17:05 +02:00
Gregor Michels
f83792749e
update todos
2022-10-08 16:42:02 +02:00
Gregor Michels
71965a2412
gw-core01: increase mtu of launder vpn (used for the public wifi)
...
apparently the LTE connection on site actually get's an MTU of 1500
`traceroute -n --mtu <destination>` confirmed that
2022-10-01 23:30:46 +02:00
Gregor Michels
05228f19cf
gw-core01: persist dhcp leases
...
/etc/dhcp.leases is not saved with `sysupgrade -b`
2022-10-01 20:47:01 +02:00
Gregor Michels
bd42961a8c
playbook_provision_accesspoints: remove unnecessary statements
...
since 836436e
all aps run on firmware with the correct packages
2022-10-01 20:34:49 +02:00
Gregor Michels
e7054c1b64
gw-core01: prepare configs for platform change
...
replace `Ubiquiti EdgeRouter X` with an `Sophos SG-125r2`
2022-09-28 01:54:16 +02:00
Gregor Michels
03e2986f7b
playbook_create_ssh_config: fix indentation of 'ProxyJump'
2022-09-28 00:49:10 +02:00
Gregor Michels
c4b282d7fb
playbook_distribute_authorized_keys: also set root pw on gw and aps
2022-09-28 00:47:14 +02:00
Gregor Michels
836436e625
incidents: (maintenance) add incident 020 about ap firmware upgrades
2022-09-28 00:40:12 +02:00
Gregor Michels
87e7767ea5
incidents: add incident 019 about broken ssh on ap-0b99
2022-09-27 23:55:16 +02:00
Gregor Michels
2db141ea4b
incidents: add incident 018 concerning power outages
...
in the facility management container
2022-09-27 23:41:22 +02:00
Gregor Michels
9580723103
documentation: fix typos
...
Fixes: 4a82e9fe69
2022-09-27 22:32:24 +02:00
Gregor Michels
4a82e9fe69
incident 017: close
...
* fixed instabilities by installing an ap into the social work container
* also installed an access switch for direct ethernet connections
2022-09-27 22:28:24 +02:00
Gregor Michels
b20538efaf
documentation: fix mac of `ap-1a38`
2022-09-27 18:38:54 +02:00
Gregor Michels
3664b97ab1
accesspoints: fix timezone
2022-09-26 01:25:20 +02:00
Gregor Michels
c311163884
playbook_provision_accesspoints: change vcs layout
...
* replace whole config files (instead of adding lines to existing files)
* move config tree beneath `templates/accesspoints`
* just like `gw-core01`
2022-09-26 00:59:49 +02:00
Gregor Michels
c00669664e
gw-core01: fix timezone
2022-09-26 00:34:07 +02:00
Gregor Michels
0084c1a742
playbook_provision_backbone: remove tunnel configuration for gw-core01
...
because that is already handled by `playbook_provision_gateway`
2022-09-26 00:34:07 +02:00
Gregor Michels
5461ae6e93
new playbook 'playbook_provision_gateway.yml'
...
finally move configuration of `gw-core01` into vcs
2022-09-26 00:34:06 +02:00
Gregor Michels
cc7a94127d
add new ap-ac7c
...
documentation will follow soon
2022-09-26 00:34:06 +02:00
Gregor Michels
60dcef23b7
limit txpower of ap-c5d1
2022-09-26 00:34:06 +02:00
Gregor Michels
6bcefd4955
incident 017: add another icmp probe `mon-e2e-wan01`
2022-09-15 02:02:22 +02:00
Gregor Michels
e1152c28a0
incidents: add 017 about instability of the network
2022-09-15 01:13:27 +02:00
Gregor Michels
9c5675cbf7
incidents: add 016 power outages on site
2022-09-15 00:48:26 +02:00
Gregor Michels
a3a9fdaa74
incident: create incident 015
...
switched gw-core01 back to the original hardware
2022-09-15 00:18:18 +02:00
Gregor Michels
01c3d3f300
grafana: filter jobs for `available devices` widget on public dashboard
...
ie. hiding the new blackbox jobs
also correct threshold for vms on `available devices` widget
2022-09-14 03:46:29 +02:00
Gregor Michels
c9843a4cdd
inventory: use /tmp as a the temporary dir on openwrt devices
...
* increases speed (in theory)
* conserve write cycles on the flash
2022-09-14 03:27:20 +02:00
Gregor Michels
f0115625f6
monitoring: add end to end tests to monitor internet reachability
...
via imcp (blackbox exporter)
There are two exporters.
One lives inside `monitoring01` and uses the "normal" route into the
internet without a vpn (job: `e2e_default_v4`).
The other one lives inside `mon-e2e-clients01` and routes into the
internet via the vpn (job: `e2e_clients_v4`).
2022-09-14 03:12:22 +02:00
Gregor Michels
60e57af853
hypervisor: create new container "mon-e2e-clients01"
...
* lives inside the public network
* configured static lease on `gw-core01` for `mon-e2e-clients01`
* because of the policy-based-routing `mon-e2e-clients01` is not able to
route into other network than the internet/wan. Jump via `gw-core01`
if you want to reach this container
2022-09-14 03:11:05 +02:00
Gregor Michels
bbfc548e23
rename playbook_provision_hyper01 -> playbook_provision_hypervisor
2022-09-14 03:01:41 +02:00