Add external-dns vault policy

Add mounting disks to k8s for longhorn
Remove airsonic
2022-12-29 00:20:01 -05:00 · 2022-12-29 00:19:12 -05:00 · 2022-12-29 00:18:43 -05:00 · 2022-12-29 00:18:17 -05:00 · 2022-12-29 00:18:06 -05:00
8 changed files with 19 additions and 17 deletions
--- a/ansible/group_vars/hardtack/main.yml
+++ b/ansible/group_vars/hardtack/main.yml
@ -3,6 +3,5 @@ hashi_arch: arm
 consul_arch: arm64
 nomad_arch: arm64
 docker_arch: arm64
 k3s_version: v1.24.1+k3s1
 k3s_role: 'client'
 k3s_server_hostname: hardtack1.minhas.io
--- a/ansible/group_vars/teapot/main.yml
+++ b/ansible/group_vars/teapot/main.yml
@ -1,6 +1,7 @@
 ---
 hashi_arch: arm
 consul_arch: arm64
-k3s_version: v1.25.4+k3s1
+k3s_version: v1.24.8+k3s1
 k3s_role: 'client'
 k3s_server_hostname: teapot01.minhas.io
 kube_storage: True
--- a/ansible/host_vars/sedan.minhas.io/haproxy.yml
+++ b/ansible/host_vars/sedan.minhas.io/haproxy.yml
@ -4,7 +4,6 @@ haproxy_domains:
    - { name: "gitea", url: "git.minhas.io" }
    - { name: "kanban", url: "kanban.minhas.io" }
    - { name: "nextcloud", url: "nextcloud.minhas.io" }
    - { name: "radicale", url: "dav.minhas.io" }
    - { name: "sudoscientist-go-backend", url: "api.sudoscientist.com" }
    - { name: "wallabag", url: "wallabag.minhas.io" }
 ...
--- a/ansible/roles/haproxy/templates/haproxy.cfg.j2
+++ b/ansible/roles/haproxy/templates/haproxy.cfg.j2
@ -32,11 +32,6 @@ defaults
    errorfile 503 /etc/haproxy/errors/503.http
    errorfile 504 /etc/haproxy/errors/504.http
 frontend fe_tcp
    mode    tcp
    bind    :8000
    default_backend be_airsonic
 frontend fe_default
    mode    http
    bind    :443 ssl crt /etc/haproxy/certs/ alpn h2,http/1.1
@ -57,10 +52,6 @@ backend be_{{ domain.name }}
 {% endfor %}
 backend be_airsonic
    balance leastconn
    server airsonic 192.168.0.12:8001
 resolvers consul
    nameserver consul 127.0.0.1:8600
    accepted_payload_size 8192
--- a/ansible/roles/k3s/defaults/main.yml
+++ b/ansible/roles/k3s/defaults/main.yml
@ -0,0 +1,3 @@
 ---
 k3s_version: v1.24.8+k3s1
 kube_storage: False
--- a/ansible/roles/k3s/tasks/clients.yml
+++ b/ansible/roles/k3s/tasks/clients.yml
@ -13,9 +13,4 @@
    enabled: yes
    name: k3s
    state: started
 - name: ensure nfsd is installed
  apt:
    name: nfs-common
    state: present
 ...
--- a/ansible/roles/k3s/tasks/get_k3s.yml
+++ b/ansible/roles/k3s/tasks/get_k3s.yml
@ -4,6 +4,8 @@
    name:
      - apparmor
      - apparmor-utils
      - nfs-common
      - open-iscsi
 - name: check k3s version
  shell:
@ -21,6 +23,7 @@
    mode: 0755
    owner: root
    group: root
    force: True
  when: installed_k3s_version.stdout != k3s_version
  notify: restart k3s
@ -45,4 +48,12 @@
    owner: root
    group: root
    mode: 0644
 - name: ensure mount is configured
  ansible.posix.mount:
    path: /mnt/storage
    src: /dev/nvme0n1p1
    fstype: ext4
    state: mounted
  when: kube_storage
 ...
--- a/vault/policies/external-dns.hcl
+++ b/vault/policies/external-dns.hcl
@ -0,0 +1,3 @@
 path "kv/data/external-dns" {
  capabilities = ["read"]
 }
Author	SHA1	Message	Date
Asara	f8922d51bd	Add external-dns vault policy	2022-12-29 00:20:01 -05:00
Asara	8c715171ff	Add mounting disks to k8s for longhorn	2022-12-29 00:19:12 -05:00
Asara	f84098dec8	Remove airsonic	2022-12-29 00:18:43 -05:00
Asara	acb18e77f6	Remove radicale	2022-12-29 00:18:17 -05:00
Asara	1893ca6d99	Downgrade k8s	2022-12-29 00:18:06 -05:00