Commit Graph

1673 Commits

Author SHA1 Message Date
Râu Cao d06f5d7723 Set up fail2ban for nginx, move IPFS gateway to proxy role 2022-11-24 14:02:43 +01:00
Râu Cao 7f545404b1 Update node info 2022-11-22 21:23:39 +01:00
raucao 9dc2b387d1 Merge pull request 'Upgrade kosmos.social to Mastodon 3.5.3' (#448) from chore/upgrade_mastodon into master
Reviewed-on: #448
2022-11-22 20:19:52 +00:00
Greg Karékinian 5a5f8425af Add missing postgresql-client package for backup gem 2022-11-07 16:30:45 +01:00
Greg Karékinian 97fe328312 Add missing pg_db recipe on postgresql_primary role 2022-11-07 16:30:02 +01:00
Greg Karékinian ed04753318 Update mastodon-3 node after chef run 2022-11-07 16:28:09 +01:00
Greg Karékinian 4bfb7d5f5d Extract mastodon db backup to its own recipe 2022-11-07 16:22:15 +01:00
Râu Cao 4188b2976b Use Ruby 3.0.3, skip post-deployment migrations 2022-11-07 14:53:52 +01:00
Râu Cao 3620a43190 Upgrade Elasticsearch from 6.x to latest 7.x 2022-11-06 13:56:15 +01:00
greg 5a94050555 Merge pull request 'Prune VM backups after every run' (#447) from feature/439-prune_backups into master
Reviewed-on: #447
2022-11-05 20:42:31 +00:00
Râu Cao 28454c0849 Change VM backup schedule for draco 2022-11-05 17:43:53 +01:00
Râu Cao 6df168f32f Prune VM backups after every run 2022-11-05 17:43:48 +01:00
greg 9c0764a2eb Merge pull request 'Migrate hal8000 to new kredits and nodejs VM' (#445) from feature/migrate_hal8000 into master
Reviewed-on: #445
2022-11-04 18:14:17 +00:00
Râu Cao 65933bef4b Move hubot nginx sites to proxy role, deploy to fornax 2022-11-04 14:41:21 +01:00
Râu Cao 6cce1d9df8 Upgrade hal8000 setup for new hubot-kredits 2022-11-04 14:41:12 +01:00
Râu Cao 534f23eebc Remove obsolete recipes 2022-11-04 14:38:51 +01:00
Râu Cao 37710be28b Bundle main IPFS node recipes in a role
So we can find the VM/IP
2022-11-04 14:37:23 +01:00
raucao 1c17906a41 Merge pull request 'Deploy new kredits ipfs-pinner' (#444) from feature/deploy_new_kredits_pinner into master
Reviewed-on: #444
2022-11-03 13:17:47 +00:00
Râu Cao 76fd629e40 Deploy new kredits ipfs-pinner
refs kredits/meta#10
2022-11-03 14:16:37 +01:00
raucao 88fa0f12dd Merge pull request 'Upgrade LND to 0.15.4' (#443) from chore/upgrade_lnd into master
Reviewed-on: #443
2022-11-03 10:04:05 +00:00
Râu Cao 0297298ce0 Upgrade LND to 0.15.4
Fixes a critical issue that prevents block sync in production
2022-11-03 11:02:52 +01:00
raucao 08bcdcc395 Merge pull request 'Fix IPFS node connectivity from the outside as well as the private network' (#442) from bugfix/ipfs_connectivity into master
Reviewed-on: #442
2022-11-02 18:32:44 +00:00
Râu Cao 90b62e3fc1 Remove ufw logging for ipfs 2022-11-02 19:27:09 +01:00
greg c9a0310511 Merge branch 'master' into bugfix/ipfs_connectivity 2022-11-02 17:13:55 +00:00
greg b8d6ba4c89 Merge pull request 'Move block data to CIFS share, other data to VM's own storage' (#438) from feature/bitcoin_data_directories into master
Reviewed-on: #438
2022-11-02 17:13:37 +00:00
Râu Cao b1922d26f6 Allow IPFS connections on private network
(HAProxy is now also using the private network.)

This fixes IPFS connections to Kosmos nodes from outside the network, as
well as in between nodes on the private network.
2022-11-02 14:06:07 +01:00
Râu Cao f7ff1248fe Enable Web UI on private network 2022-11-02 14:05:43 +01:00
Râu Cao bc11301782 Move bitcoind datadir from host to VM storage 2022-10-27 11:52:05 +02:00
Râu Cao 756382ec9f Move block data files to CIFS share
This is the vast majority of disk space used on the host currently.
2022-10-26 15:49:03 +02:00
Râu Cao 458558fb26 Deploy different content on kosmos.org for now 2022-10-24 15:13:18 +02:00
raucao 446148b28a Merge pull request 'Downgrade go-ipfs to 0.15' (#437) from chore/downgrade_ipfs into master
Reviewed-on: #437
2022-10-24 12:19:25 +00:00
Râu Cao 67f6e1b34a Downgrade go-ipfs to 0.15
Fixes #435
2022-10-24 14:18:19 +02:00
greg 945283738a Merge pull request 'Set up live backups for all VMs' (#433) from feature/qemu_snapshots into master
Reviewed-on: #433
2022-10-22 11:52:26 +00:00
greg 33ae6befaa Merge pull request 'Block outgoing traffic to local networks by default' (#434) from feature/block_outoing_local_traffic into feature/qemu_snapshots
Reviewed-on: #434
2022-10-22 11:50:28 +00:00
Râu Cao 58e6e7de03 Remove ufw logs
Just added them to check the blocking for a while
2022-10-22 13:03:16 +02:00
Râu Cao 1afc3a5de5 Block outgoing traffic to local networks by default
Some software, e.g. go-ipfs, is rather aggressive in scanning local
networks for peers, which can trigger abuse reports and IP locks in the
data center.
2022-10-21 13:37:38 +02:00
Râu Cao 61710aa4a4 Set up systemd service and timer for backups 2022-10-21 10:50:04 +02:00
Râu Cao 95941c830f Remove verbose stats outout from backup script 2022-10-21 10:49:30 +02:00
Râu Cao a5b2eb5f97 Move borg credentials to a separate file
To be used from a service
2022-10-21 10:49:02 +02:00
Râu Cao 374654f8fd Update chef/ohai on hosts 2022-10-21 10:47:46 +02:00
Râu Cao 7051cc9da8 Update draco's main IP address 2022-10-21 10:47:17 +02:00
Râu Cao 51163ca3a3 Whitelist Chef attributes for newer client versions 2022-10-21 10:46:16 +02:00
Râu Cao 927bb63535 Add kvm_guest role to nodes 2022-10-19 16:28:07 +02:00
Râu Cao 34a57fa298 Merge branch 'lnd_tor_changes' into feature/qemu_snapshots 2022-10-19 15:23:39 +02:00
Râu Cao 6d765f959d Fix backup VM name for ldap-3
(and potentially other guests where the name differs from the libvirt
domain name)
2022-10-19 12:51:46 +02:00
Râu Cao 82f50b0caa Only back up domain-specific XML per archive 2022-10-19 12:24:10 +02:00
Râu Cao 6c8f9055c1 Create directories for KVM host backup files 2022-10-19 12:23:54 +02:00
Râu Cao 2e2ebbcc02 Fix filenames for guest agent sockets 2022-10-19 12:23:17 +02:00
Râu Cao a3844b7ef6 WIP Add KVM host backup recipe
Add a recipe that configures scripts for live backups of VM images via
libvirt and borg.
2022-10-19 12:08:05 +02:00
Râu Cao 6d50a32aca Add FIXME note 2022-10-19 12:08:05 +02:00