kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 30 Pull Requests 3 Projects 2 Activity

Move PostgreSQL to VMs and access via Zerotier #282

Merged
raucao merged 40 commits from feature/postgres_vms into master 2021-01-25 10:56:42 +00:00
Conversation 5 Commits 40 Files Changed 64 +2406 -1146

40 Commits

Author SHA1 Message Date
Greg Karékinian
1ad7a6936c Generate the hosts entry for the PostgreSQL replica 2021-01-24 10:11:17 +01:00
Greg Karékinian
b1fea4b09f Update the postgres-3 node after Chef run 2021-01-23 19:25:49 +01:00
Greg Karékinian
7ce8b7d461 Enable PostgreSQL service 2021-01-23 19:14:55 +01:00
Greg Karékinian
112eb903ec Add a script to switch the primary PostgreSQL server 
Usage: scripts/postgresql/switch_primary.sh <old_primary_hostname> <new_primary_hostname>
 2021-01-23 19:13:54 +01:00
Greg Karékinian
7e61e9cb45 Promote a new PostgreSQL primary: postgres-2 2021-01-23 19:09:41 +01:00
Greg Karékinian
a7116b8fe5 Switch the TLS mode to disabled for Gitea 
We connect through a Zerotier private IP
 2021-01-23 19:08:06 +01:00
Greg Karékinian
a4a35da0ff Replace the hardcoded primary pg IP with a hostname 2021-01-23 17:34:58 +01:00
Greg Karékinian
5cb390f340 Remove the postgresql_replica from centaurus, run Chef 
I have also deleted the data directory (in /mnt/data)
 2021-01-23 17:11:45 +01:00
Greg Karékinian
4e1bd458f3 Update the mastodon-1 node after Chef run 2021-01-23 17:11:45 +01:00
Greg Karékinian
40fde8a861 Update the ejabberd nodes after Chef run 2021-01-23 17:11:45 +01:00
Greg Karékinian
39d0304ab4 Update the akkounts-1 node after Chef run 2021-01-23 17:11:45 +01:00
Greg Karékinian
ee7b3626be Generate a host entry for the current PostgreSQL primary 2021-01-23 17:11:45 +01:00
Greg Karékinian
286cd2f2a3 Move the postgresql_client role to the top 
We want the host file to be written before database connections happen
 2021-01-23 17:11:45 +01:00
Greg Karékinian
1e3a2b40d4 Add the postgresql_client role to the akkounts role 2021-01-23 17:11:45 +01:00
Greg Karékinian
bb0e73d1b9 Switch ejabberd, mastodon and gitea to a hostname for Postgres 2021-01-23 17:11:45 +01:00
Greg Karékinian
fdd70d1872 Remove postgres-1 server 
It was created with an encfs volume inside a VM, we want full disk encryption
instead. I have deleted the VM from centaurus as well as its disk and
have also unauthorized its id from the zerotier controller
 2021-01-23 17:11:45 +01:00
Sebastian Kippe
bd48dab1d8
Set up postgres-3 VM 2021-01-23 17:06:15 +01:00
Greg Karékinian
41ca5938a2 Merge branch 'master' into feature/postgres_vms 2021-01-23 14:43:58 +01:00
Greg Karékinian
6ec747d416 Add missing credentials for zerotier 2021-01-22 18:43:05 +01:00
Greg Karékinian
cbcb50bc86 Create a zerotier_controller role 2021-01-22 18:41:46 +01:00
Greg Karékinian
eba7d63b43 Delete the test-2 client and node file 2021-01-22 18:41:46 +01:00
Greg Karékinian
5fa23fe872 Remove the andromeda client and node files 2021-01-22 18:41:46 +01:00
Greg Karékinian
0e1a73b18f Set the private Zerotier IP for draco in the node file 2021-01-22 18:41:46 +01:00
Greg Karékinian
9b4756441a Add a recipe to join the private Zerotier network 2021-01-22 18:41:45 +01:00
Greg Karékinian
dd78b8cf7e Use the PG primary private Zerotier IP if it exists 2021-01-22 18:41:45 +01:00
Greg Karékinian
88e52607e3 Add a recipe to set up a hosts entry for the PG primary 2021-01-22 18:41:45 +01:00
Greg Karékinian
511400a7b8 Update hostsfile and add zerotier cookbook 2021-01-22 18:41:45 +01:00
Greg Karékinian
9a4420fc11 Add the ability to pass a disk size to the create_vm script 
Defaults to 10GB
 2021-01-22 18:41:45 +01:00
Sebastian Kippe
fd4844a012 Fix ejabberd API permission for akkounts VMs 
It should have been using a /32, not a /8 subnet, in order to only allow
the akkounts VM(s) to use the API endpoints without further
authorization.
 2021-01-22 18:41:45 +01:00
Sebastian Kippe
d018b6570d Use default Redis database now 2021-01-22 18:41:45 +01:00
Sebastian Kippe
69c1994840 Update node data 2021-01-22 18:41:45 +01:00
Sebastian Kippe
d121971cca Set up mastodon-1 VM 2021-01-22 18:41:45 +01:00
Sebastian Kippe
1403d91631 Remove extra license header 2021-01-22 18:41:45 +01:00
Sebastian Kippe
6da190b110 Don't configure HTTPS site when certs missing 2021-01-22 18:41:45 +01:00
Sebastian Kippe
8a870f6fd6 Don't fail on first run, when Tor hostname missing 2021-01-22 18:41:45 +01:00
Sebastian Kippe
ad64bfc0be Update system package dependencies for 20.04 2021-01-22 18:41:45 +01:00
Sebastian Kippe
971a3a25a1 Remove extra license headers 
And update year in LICENSE file
 2021-01-22 18:41:45 +01:00
Sebastian Kippe
4872677066
Configure postgres recipes for VMs and zerotier access 
* Remove encfs (using encrypted volumes instead)
* Allow access without TLS from zerotier network
 2021-01-07 13:53:30 +01:00
Sebastian Kippe
9d9907f0ed
Remove extra license copy from recipe, update year 2021-01-07 12:53:44 +01:00
Sebastian Kippe
4309efd228
Add postgres-2 VM 2021-01-07 12:53:20 +01:00