mirror/infrastructure
1
1
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/infrastructure.git synced 2024-09-28 19:41:26 +02:00
Code Issues

Add a way to let us provide additional addresses to machines configured via DHCP

Browse Source
This commit is contained in:
Sven-Hendrik Haase 2020-12-13 01:50:20 +01:00
parent 4644cf1184
commit 00f30da2d8
No known key found for this signature in database
GPG Key ID: 39E4B877E62EB915
6 changed files with 33 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
group_vars/hcloud.yml
View File

@ -1,2 +1,3 @@
---
enable_zram_swap: true
dhcp: true

1
host_vars/gitlab.archlinux.org
View File

@ -1,3 +1,4 @@
---
filesystem: btrfs
gitlab_backupdir: /srv/gitlab/data/backups
additional_addresses: ["116.203.6.156/32", "2a01:4f8:c2c:5d2d::2/64"]

7
playbooks/gitlab.archlinux.org.yml
View File

@ -9,7 +9,12 @@
- { role: firewalld }
- { role: sshd }
- { role: root_ssh }
- { role: gitlab, gitlab_domain: "gitlab.archlinux.org" }
- { role: gitlab,
gitlab_domain: "gitlab.archlinux.org",
gitlab_primary_addresses: ['159.69.41.129', '[2a01:4f8:c2c:5d2d::1]'],
gitlab_pages_http_addresses: ['116.203.6.156:80', '[2a01:4f8:c2c:5d2d::2]:80'],
gitlab_pages_https_addresses: ['116.203.6.156:443', '[2a01:4f8:c2c:5d2d::2]:443']
}
- { role: borg_client, tags: ["borg"] }
- { role: prometheus_exporters }
- { role: fail2ban }

10
roles/common/tasks/main.yml
View File

@ -75,6 +75,16 @@
service: name=systemd-networkd state=started enabled=yes
when: configure_network
- name: create additional network config directory
file: path=/etc/systemd/network/10-dhcp-ethernet.network.d state=directory owner=root group=root mode=0755
when: dhcp|default(False) and additional_addresses is defined
- name: configure additional network addresses
template: src=additional_addresses.conf.j2 dest=/etc/systemd/network/10-dhcp-ethernet.network.d/additional_addresses.conf owner=root group=root mode=0644
notify:
- restart networkd
when: dhcp|default(False) and additional_addresses is defined
- name: start resolved
service:
name: systemd-resolved

7
roles/common/templates/additional_addresses.conf.j2 Normal file
View File

@ -0,0 +1,7 @@
# Additional addresses to add to the default interface
{% for address in additional_addresses %}
[Address]
Address={{ address }}
{% endfor %}

16
roles/gitlab/tasks/main.yml
View File

@ -26,11 +26,18 @@
# 2. In order to logout properly we need to configure the "After sign out path" and set it to
# https://accounts.archlinux.org/auth/realms/archlinux/protocol/openid-connect/logout?redirect_uri=https%3A//gitlab.archlinux.org
# https://gitlab.com/gitlab-org/gitlab/issues/14414
#
# In addition, see https://docs.gitlab.com/ee/administration/pages/ for the GitLab Pages trickery done below.
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://{{ gitlab_domain }}'
nginx['client_max_body_size'] = '2g'
nginx['listen_addresses'] = ["0.0.0.0", "[::]"]
nginx['listen_addresses'] = {{ gitlab_primary_addresses }}
registry_nginx['listen_addresses'] = ['*', '[::]']
gitlab_pages['inplace_chroot'] = true
pages_external_url "http://gitlab.archlinux.org"
pages_nginx['enable'] = false
gitlab_pages['external_http'] = {{ gitlab_pages_http_addresses }}
gitlab_pages['external_https'] = {{ gitlab_pages_https_addresses }}
letsencrypt['enable'] = true
letsencrypt['contact_emails'] = ['webmaster@archlinux.org']
gitlab_rails['lfs_enabled'] = true
@ -82,13 +89,6 @@
}
}
]
# https://docs.gitlab.com/ee/administration/pages/
pages_external_url "http://noop.archlinux.org"
nginx['listen_addresses'] = ['159.69.41.129', '[2a01:4f8:c2c:5d2d::1]']
pages_nginx['enable'] = false
# "(Only for custom domains) Have a secondary IP."
gitlab_pages['external_http'] = ['1.2.3.4']
gitlab_pages['external_https'] = ['1.2.3.4']
volumes:
- "/srv/gitlab/config:/etc/gitlab"
- "/srv/gitlab/logs:/var/log/gitlab"