mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-09-28 20:51:20 +02:00
Add a way to let us provide additional addresses to machines configured via DHCP
This commit is contained in:
parent
4644cf1184
commit
00f30da2d8
@ -1,2 +1,3 @@
|
|||||||
---
|
---
|
||||||
enable_zram_swap: true
|
enable_zram_swap: true
|
||||||
|
dhcp: true
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
---
|
---
|
||||||
filesystem: btrfs
|
filesystem: btrfs
|
||||||
gitlab_backupdir: /srv/gitlab/data/backups
|
gitlab_backupdir: /srv/gitlab/data/backups
|
||||||
|
additional_addresses: ["116.203.6.156/32", "2a01:4f8:c2c:5d2d::2/64"]
|
||||||
|
@ -9,7 +9,12 @@
|
|||||||
- { role: firewalld }
|
- { role: firewalld }
|
||||||
- { role: sshd }
|
- { role: sshd }
|
||||||
- { role: root_ssh }
|
- { role: root_ssh }
|
||||||
- { role: gitlab, gitlab_domain: "gitlab.archlinux.org" }
|
- { role: gitlab,
|
||||||
|
gitlab_domain: "gitlab.archlinux.org",
|
||||||
|
gitlab_primary_addresses: ['159.69.41.129', '[2a01:4f8:c2c:5d2d::1]'],
|
||||||
|
gitlab_pages_http_addresses: ['116.203.6.156:80', '[2a01:4f8:c2c:5d2d::2]:80'],
|
||||||
|
gitlab_pages_https_addresses: ['116.203.6.156:443', '[2a01:4f8:c2c:5d2d::2]:443']
|
||||||
|
}
|
||||||
- { role: borg_client, tags: ["borg"] }
|
- { role: borg_client, tags: ["borg"] }
|
||||||
- { role: prometheus_exporters }
|
- { role: prometheus_exporters }
|
||||||
- { role: fail2ban }
|
- { role: fail2ban }
|
||||||
|
@ -75,6 +75,16 @@
|
|||||||
service: name=systemd-networkd state=started enabled=yes
|
service: name=systemd-networkd state=started enabled=yes
|
||||||
when: configure_network
|
when: configure_network
|
||||||
|
|
||||||
|
- name: create additional network config directory
|
||||||
|
file: path=/etc/systemd/network/10-dhcp-ethernet.network.d state=directory owner=root group=root mode=0755
|
||||||
|
when: dhcp|default(False) and additional_addresses is defined
|
||||||
|
|
||||||
|
- name: configure additional network addresses
|
||||||
|
template: src=additional_addresses.conf.j2 dest=/etc/systemd/network/10-dhcp-ethernet.network.d/additional_addresses.conf owner=root group=root mode=0644
|
||||||
|
notify:
|
||||||
|
- restart networkd
|
||||||
|
when: dhcp|default(False) and additional_addresses is defined
|
||||||
|
|
||||||
- name: start resolved
|
- name: start resolved
|
||||||
service:
|
service:
|
||||||
name: systemd-resolved
|
name: systemd-resolved
|
||||||
|
7
roles/common/templates/additional_addresses.conf.j2
Normal file
7
roles/common/templates/additional_addresses.conf.j2
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
# Additional addresses to add to the default interface
|
||||||
|
|
||||||
|
{% for address in additional_addresses %}
|
||||||
|
[Address]
|
||||||
|
Address={{ address }}
|
||||||
|
|
||||||
|
{% endfor %}
|
@ -26,11 +26,18 @@
|
|||||||
# 2. In order to logout properly we need to configure the "After sign out path" and set it to
|
# 2. In order to logout properly we need to configure the "After sign out path" and set it to
|
||||||
# https://accounts.archlinux.org/auth/realms/archlinux/protocol/openid-connect/logout?redirect_uri=https%3A//gitlab.archlinux.org
|
# https://accounts.archlinux.org/auth/realms/archlinux/protocol/openid-connect/logout?redirect_uri=https%3A//gitlab.archlinux.org
|
||||||
# https://gitlab.com/gitlab-org/gitlab/issues/14414
|
# https://gitlab.com/gitlab-org/gitlab/issues/14414
|
||||||
|
#
|
||||||
|
# In addition, see https://docs.gitlab.com/ee/administration/pages/ for the GitLab Pages trickery done below.
|
||||||
GITLAB_OMNIBUS_CONFIG: |
|
GITLAB_OMNIBUS_CONFIG: |
|
||||||
external_url 'https://{{ gitlab_domain }}'
|
external_url 'https://{{ gitlab_domain }}'
|
||||||
nginx['client_max_body_size'] = '2g'
|
nginx['client_max_body_size'] = '2g'
|
||||||
nginx['listen_addresses'] = ["0.0.0.0", "[::]"]
|
nginx['listen_addresses'] = {{ gitlab_primary_addresses }}
|
||||||
registry_nginx['listen_addresses'] = ['*', '[::]']
|
registry_nginx['listen_addresses'] = ['*', '[::]']
|
||||||
|
gitlab_pages['inplace_chroot'] = true
|
||||||
|
pages_external_url "http://gitlab.archlinux.org"
|
||||||
|
pages_nginx['enable'] = false
|
||||||
|
gitlab_pages['external_http'] = {{ gitlab_pages_http_addresses }}
|
||||||
|
gitlab_pages['external_https'] = {{ gitlab_pages_https_addresses }}
|
||||||
letsencrypt['enable'] = true
|
letsencrypt['enable'] = true
|
||||||
letsencrypt['contact_emails'] = ['webmaster@archlinux.org']
|
letsencrypt['contact_emails'] = ['webmaster@archlinux.org']
|
||||||
gitlab_rails['lfs_enabled'] = true
|
gitlab_rails['lfs_enabled'] = true
|
||||||
@ -82,13 +89,6 @@
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
# https://docs.gitlab.com/ee/administration/pages/
|
|
||||||
pages_external_url "http://noop.archlinux.org"
|
|
||||||
nginx['listen_addresses'] = ['159.69.41.129', '[2a01:4f8:c2c:5d2d::1]']
|
|
||||||
pages_nginx['enable'] = false
|
|
||||||
# "(Only for custom domains) Have a secondary IP."
|
|
||||||
gitlab_pages['external_http'] = ['1.2.3.4']
|
|
||||||
gitlab_pages['external_https'] = ['1.2.3.4']
|
|
||||||
volumes:
|
volumes:
|
||||||
- "/srv/gitlab/config:/etc/gitlab"
|
- "/srv/gitlab/config:/etc/gitlab"
|
||||||
- "/srv/gitlab/logs:/var/log/gitlab"
|
- "/srv/gitlab/logs:/var/log/gitlab"
|
||||||
|
Loading…
Reference in New Issue
Block a user