kosmos/chef
kosmos
/
chef
8
3
Fork 0
Code Issues 37 Pull Requests 1 Projects 1 Activity

Move PostgreSQL to VMs and access via Zerotier #282

Merged
raucao merged 40 commits from feature/postgres_vms into master 2021-01-25 10:56:42 +00:00
Conversation 4 Commits 40 Files Changed 64 +2406 -1146

40 Commits

Author SHA1 Message Date
Greg 1ad7a6936c Generate the hosts entry for the PostgreSQL replica 2021-01-24 10:11:17 +01:00
Greg b1fea4b09f Update the postgres-3 node after Chef run 2021-01-23 19:25:49 +01:00
Greg 7ce8b7d461 Enable PostgreSQL service 2021-01-23 19:14:55 +01:00
Greg 112eb903ec Add a script to switch the primary PostgreSQL server 
Usage: scripts/postgresql/switch_primary.sh <old_primary_hostname> <new_primary_hostname>
 2021-01-23 19:13:54 +01:00
Greg 7e61e9cb45 Promote a new PostgreSQL primary: postgres-2 2021-01-23 19:09:41 +01:00
Greg a7116b8fe5 Switch the TLS mode to disabled for Gitea 
We connect through a Zerotier private IP
 2021-01-23 19:08:06 +01:00
Greg a4a35da0ff Replace the hardcoded primary pg IP with a hostname 2021-01-23 17:34:58 +01:00
Greg 5cb390f340 Remove the postgresql_replica from centaurus, run Chef 
I have also deleted the data directory (in /mnt/data)
 2021-01-23 17:11:45 +01:00
Greg 4e1bd458f3 Update the mastodon-1 node after Chef run 2021-01-23 17:11:45 +01:00
Greg 40fde8a861 Update the ejabberd nodes after Chef run 2021-01-23 17:11:45 +01:00
Greg 39d0304ab4 Update the akkounts-1 node after Chef run 2021-01-23 17:11:45 +01:00
Greg ee7b3626be Generate a host entry for the current PostgreSQL primary 2021-01-23 17:11:45 +01:00
Greg 286cd2f2a3 Move the postgresql_client role to the top 
We want the host file to be written before database connections happen
 2021-01-23 17:11:45 +01:00
Greg 1e3a2b40d4 Add the postgresql_client role to the akkounts role 2021-01-23 17:11:45 +01:00
Greg bb0e73d1b9 Switch ejabberd, mastodon and gitea to a hostname for Postgres 2021-01-23 17:11:45 +01:00
Greg fdd70d1872 Remove postgres-1 server 
It was created with an encfs volume inside a VM, we want full disk encryption
instead. I have deleted the VM from centaurus as well as its disk and
have also unauthorized its id from the zerotier controller
 2021-01-23 17:11:45 +01:00
Basti bd48dab1d8
Set up postgres-3 VM 2021-01-23 17:06:15 +01:00
Greg 41ca5938a2 Merge branch 'master' into feature/postgres_vms 2021-01-23 14:43:58 +01:00
Greg 6ec747d416 Add missing credentials for zerotier 2021-01-22 18:43:05 +01:00
Greg cbcb50bc86 Create a zerotier_controller role 2021-01-22 18:41:46 +01:00
Greg eba7d63b43 Delete the test-2 client and node file 2021-01-22 18:41:46 +01:00
Greg 5fa23fe872 Remove the andromeda client and node files 2021-01-22 18:41:46 +01:00
Greg 0e1a73b18f Set the private Zerotier IP for draco in the node file 2021-01-22 18:41:46 +01:00
Greg 9b4756441a Add a recipe to join the private Zerotier network 2021-01-22 18:41:45 +01:00
Greg dd78b8cf7e Use the PG primary private Zerotier IP if it exists 2021-01-22 18:41:45 +01:00
Greg 88e52607e3 Add a recipe to set up a hosts entry for the PG primary 2021-01-22 18:41:45 +01:00
Greg 511400a7b8 Update hostsfile and add zerotier cookbook 2021-01-22 18:41:45 +01:00
Greg 9a4420fc11 Add the ability to pass a disk size to the create_vm script 
Defaults to 10GB
 2021-01-22 18:41:45 +01:00
Basti fd4844a012 Fix ejabberd API permission for akkounts VMs 
It should have been using a /32, not a /8 subnet, in order to only allow
the akkounts VM(s) to use the API endpoints without further
authorization.
 2021-01-22 18:41:45 +01:00
Basti d018b6570d Use default Redis database now 2021-01-22 18:41:45 +01:00
Basti 69c1994840 Update node data 2021-01-22 18:41:45 +01:00
Basti d121971cca Set up mastodon-1 VM 2021-01-22 18:41:45 +01:00
Basti 1403d91631 Remove extra license header 2021-01-22 18:41:45 +01:00
Basti 6da190b110 Don't configure HTTPS site when certs missing 2021-01-22 18:41:45 +01:00
Basti 8a870f6fd6 Don't fail on first run, when Tor hostname missing 2021-01-22 18:41:45 +01:00
Basti ad64bfc0be Update system package dependencies for 20.04 2021-01-22 18:41:45 +01:00
Basti 971a3a25a1 Remove extra license headers 
And update year in LICENSE file
 2021-01-22 18:41:45 +01:00
Basti 4872677066
Configure postgres recipes for VMs and zerotier access 
* Remove encfs (using encrypted volumes instead)
* Allow access without TLS from zerotier network
 2021-01-07 13:53:30 +01:00
Basti 9d9907f0ed
Remove extra license copy from recipe, update year 2021-01-07 12:53:44 +01:00
Basti 4309efd228
Add postgres-2 VM 2021-01-07 12:53:20 +01:00