toby
|
fc2e803533
|
adding a function to build only on the master branch. this avoids releasing packages to the repo before they are at least somewhat ready
|
2018-10-15 18:04:41 +02:00 |
toby
|
d30e523aed
|
disabling strongswan service by default. I turn it back on in ansible when certs are in place
|
2018-10-10 18:59:23 +02:00 |
toby
|
db5f5107fa
|
nicer output formatting
|
2018-10-09 18:46:35 +00:00 |
toby
|
e69f60957c
|
.... me being anal...
|
2018-10-09 18:09:38 +00:00 |
toby
|
347291d1a9
|
re-factor of interface config compile process
|
2018-10-09 18:06:28 +00:00 |
toby
|
4a89aa2c93
|
re-arranging before interface config refactor
|
2018-10-09 16:25:45 +00:00 |
toby
|
1f58cd3918
|
cleaning up leading space vs tab bs
|
2018-10-09 16:23:52 +00:00 |
toby
|
4f7f177cc6
|
fixing bug in regex of qemu-ifup-public public IP matching
|
2018-10-08 18:22:22 +02:00 |
toby
|
1b891db635
|
renaming WIT customers prefix-list to be more consistent, in preparation for edge support
|
2018-10-08 18:20:48 +02:00 |
toby
|
460ee34f03
|
adding support for ibgp interfaces and feth/up/ibgp support for up to 4 nics
|
2018-10-08 11:33:18 +02:00 |
toby
|
a343ade9c4
|
adding new firewall rule for stackapi
|
2018-10-05 22:27:10 +00:00 |
toby
|
928142ce70
|
updating the qemu-ifup scripts to reflect the new versions usling local files
|
2018-10-05 18:29:12 +00:00 |
toby
|
bc97208b34
|
typo in ipv6 prefix list for new customer blocks
|
2018-10-04 20:07:50 +02:00 |
toby
|
836822aebe
|
minor but critical typo in udev rule logic
|
2018-10-04 19:21:55 +02:00 |
toby
|
23c5b533c1
|
adding more IPv6 customer blocks for paul for the new v2 stack in usw2
|
2018-10-04 18:22:45 +02:00 |
toby
|
22edbf98f3
|
adding mac udev rules through DNS lookup configs
|
2018-10-04 18:12:55 +02:00 |
toby
|
b5860daf1d
|
typo in firewall rule
|
2018-10-01 18:25:50 +02:00 |
toby
|
7a948a6fbf
|
adding ipv6 ssh support from bastion (in theory we should actually only need that, but keep ipv4 for now ... just in case)
|
2018-10-01 15:04:23 +02:00 |
toby
|
1cff4bac8e
|
keeping the loopback ip as main tld of the host for simplicity of own lookup
|
2018-10-01 14:59:33 +02:00 |
toby
|
45a70bc9b6
|
build trigger
|
2018-10-01 10:57:10 +02:00 |
toby
|
1c50cecdb5
|
adding direct ssh access on default for bastion, and migrating to admin domain instead of 3 different zones
|
2018-10-01 10:39:17 +02:00 |
toby
|
b18d2c03c8
|
adding mirrors.wit.com to the firewall
|
2018-09-26 23:47:01 +02:00 |
toby
|
4e47aa17e7
|
build trigger
|
2018-09-26 09:04:42 +02:00 |
toby
|
d87f7c1720
|
configuring etc/network/interfaces from postinst instead of installing a static file
|
2018-09-25 23:24:42 +02:00 |
toby
|
a7588ab6c7
|
build trigger
|
2018-09-25 16:08:14 +02:00 |
toby
|
7f51717f21
|
adding strongswan-pki to dependency list
|
2018-09-23 22:07:50 +02:00 |
Adam Frank
|
6a01e4988b
|
adding local ceph traffic rules
|
2018-09-22 04:57:07 +00:00 |
toby
|
8851b3a67e
|
build trigger
|
2018-09-21 07:33:24 +00:00 |
toby
|
95b84e0b25
|
undoing alfonso before ;)
|
2018-09-20 19:48:59 +02:00 |
aseguro
|
0e1b2dcdba
|
Adding smartmontools
|
2018-09-20 16:32:27 +00:00 |
aseguro
|
2084193d0c
|
Adding sas3ircu pciutils
|
2018-09-20 16:28:38 +00:00 |
toby
|
c8195a9cf8
|
adding first estimated rules for ceph
|
2018-09-20 16:40:25 +02:00 |
toby
|
37c69ab507
|
adding ipv6 tunnel to strongswan and matching firewall rules
|
2018-09-17 21:28:02 +02:00 |
toby
|
05cb6ef35f
|
quick fix for ifup since introduction of IPv6 loopback IPs
|
2018-09-13 23:51:03 +02:00 |
toby
|
002d2e0221
|
fixing firewall scirpt and rolling back to hardcoded IP till I get the systemd unit file
|
2018-09-13 23:41:28 +02:00 |
toby
|
2e95eb7bad
|
orginizing the firewall a little bit, no changes in theory
|
2018-09-13 12:08:40 +02:00 |
toby
|
8bdbba3016
|
orginizing the firewall a little bit, no changes in theory
|
2018-09-13 01:17:40 +02:00 |
toby
|
4a69025703
|
removing legacy dhcp stuff and starting to rely on DNS for loopback v4/v6 and asn
|
2018-09-12 20:01:52 +02:00 |
toby
|
4a24a5a513
|
switching back mgmt1 to ipv6 auto/slaac since ipmi is that way too regardless and finally found jinja2 filter
|
2018-09-12 12:27:37 +02:00 |
toby
|
dc6a02d0d4
|
fixing ipv6 mgmt firewall rules (again) and setting mgmt1 interface to be dhcp as well (not just auto)
|
2018-09-10 21:03:57 +02:00 |
toby
|
4d3026d7c4
|
fixing a damn typo...
|
2018-09-10 18:21:04 +02:00 |
toby
|
7d30951603
|
fixing DHCP6 offer packets on firewall to come through
|
2018-09-09 23:37:24 +02:00 |
toby
|
d96371752d
|
adding DHCP6 offer packets on firewall to come through
|
2018-09-09 23:20:30 +02:00 |
toby
|
028e2d455d
|
fixing bug in IPv6 LOOPBACK, pulling that from DNS as well, ASN is still generated for now
|
2018-09-09 23:11:54 +02:00 |
toby
|
52e4f93928
|
cleanup / orginizing frr.conf a little bit for dual stack
|
2018-09-09 20:06:05 +02:00 |
toby
|
660343046e
|
fix firewall to support our DNS
|
2018-09-09 15:42:45 +02:00 |
toby
|
4df3901bc2
|
adjusting ipv6 prefix filter to match new subnet definitions
|
2018-09-09 14:30:22 +02:00 |
toby
|
769ef9695f
|
fixing the preinst script to rely on DNS as well
|
2018-09-09 13:32:32 +02:00 |
toby
|
8a53109d81
|
fixing typo ...
|
2018-09-09 13:30:43 +02:00 |
toby
|
8beb8a5aa9
|
removing pre-defined loopback subnet from firewall dependency
|
2018-09-09 13:30:30 +02:00 |