infra-the-hive

Commit Graph

Author	SHA1	Message	Date
Jakub Sokołowski	296f9636c2	bootstrap: fix credentials and update roles Signed-off-by: Jakub Sokołowski <jakub@status.im>	2022-02-24 00:56:38 +01:00
Jakub Sokołowski	6cd1036f1d	wireguard: bump role and add Consul ACL token Part of effort to lock down Consul ACLs: https://github.com/status-im/infra-hq/issues/70 Signed-off-by: Jakub Sokołowski <jakub@status.im>	2022-02-08 19:43:37 +01:00
Jakub Sokołowski	ee859934b1	consul: add mandatory agent ACL token https://github.com/status-im/infra-hq/issues/70 Signed-off-by: Jakub Sokołowski <jakub@status.im>	2022-02-08 12:05:03 +01:00
Jakub Sokołowski	67d3282e62	consul: upgrade from 1.10.1 to 1.11.1 https://github.com/hashicorp/consul/releases/tag/v1.11.1 Signed-off-by: Jakub Sokołowski <jakub@status.im>	2022-01-04 13:40:07 +01:00
Jakub Sokołowski	9a03b1994d	cortex/the-hive: Make sure Java OpenJRE 11 is used Fix for startupn issue caused by running `apt upgrade`: https://github.com/status-im/infra-the-hive/issues/3 Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-09-17 13:02:33 +02:00
Jakub Sokołowski	480acd3698	ansible/requirements: bump roles Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-08-26 20:31:15 +02:00
Jakub Sokołowski	0903743591	firewall: use new IP sets and iptables chains https://github.com/status-im/infra-hq/issues/69 https://github.com/status-im/infra-role-bootstrap-linux/commit/92d8923b https://github.com/status-im/infra-role-wireguard/commit/8394639e Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-08-03 12:39:23 +02:00
Jakub Sokołowski	77a7db9b17	update WireGuard config files layout Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-07-29 22:07:14 +02:00
Jakub Sokołowski	d85e4c3c49	rename infra-role-bootstrap-linux, upgrade consul Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-07-29 22:06:34 +02:00
Jakub Sokołowski	5d02fec663	upgrade Terraform to 1.0, upgrade all providers https://www.terraform.io/upgrade-guides/0-15.html https://www.terraform.io/upgrade-guides/1-0.html Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-06-23 12:42:11 +02:00
Jakub Sokołowski	0307fb3fa5	add BitWarden lookup plugin, port secrets to BW https://github.com/status-im/infra-docs/issues/9 Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-06-09 17:16:55 +02:00
Jakub Sokołowski	705d2d622e	thehive-slave: drop use of Tinc VPN for WireGuard Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-06-09 17:16:55 +02:00
Jakub Sokołowski	bfeb4d5921	replace Tinc VPN with WireGuard https://github.com/status-im/infra-hq/issues/58 Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-05-19 23:11:24 +02:00
Jakub Sokołowski	051563d341	ansible/requirements: bump origin-certs role https://github.com/status-im/infra-role-origin-certs/commit/586d81d6 Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-05-13 10:50:43 +02:00
Jakub Sokołowski	f26032e983	ansible: add versioncheck.py script to verify role versions This was originally introduced to `infra-nimbus` and proved robust. Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-05-11 09:57:32 +02:00
Jakub Sokołowski	9c53d48e54	cortex: add Docker fix that removes our configuration This is necessary because our logging config and UID remapping breaks how Cortex runs it's analyzers/responders. https://github.com/status-im/infra-the-hive/issues/2 Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-03-31 20:38:26 +02:00
Jakub Sokołowski	029daa842f	cortex: add explicit job configuration, set 30 min timeout Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-03-31 20:37:57 +02:00
Jakub Sokołowski	4b2ca980aa	cortex: update analyzer/responder download URLs Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-03-31 20:37:12 +02:00
Jakub Sokołowski	50ad2d8be5	bootstrap: provide Consul encryption key from infra-pass Related: https://github.com/status-im/infra-role-bootstrap/commit/0d40f81d Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-03-22 11:13:49 +01:00
Jakub Sokołowski	8a83456de0	remove duplicate variable definition Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-12-10 12:25:44 +01:00
Jakub Sokołowski	8246018adf	update variables for open-ports role Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-11-27 17:22:35 +01:00
Jakub Sokołowski	d01e6f733f	cortex: add GitHub OAuth configuration Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-11-13 18:37:03 +01:00
Jakub Sokołowski	9835031923	the-hive: configure connection with Cortex Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-11-13 18:06:15 +01:00
Jakub Sokołowski	f84f9c6a9a	cortex: create superadmin and thehive users Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-11-13 17:56:22 +01:00
Jakub Sokołowski	6d25ba9c08	cortex: call /api/maintenance/migrate to create index Makes no sense but okay... Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-11-13 14:07:23 +01:00
Jakub Sokołowski	5cabc22058	cortex: deploy 3.1.0 and add config for TheHive Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-11-04 17:00:46 +01:00
Jakub Sokołowski	4093ed7491	rename cortex secrets to TheHive-Cortex Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-26 09:27:14 +01:00
Jakub Sokołowski	04699b5f03	cortex: add ElasticSearch index creation Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-22 20:14:24 +02:00
Jakub Sokołowski	38a8ef79ae	cortex: upgrade to 3.1.0-RC1 to support ElasticSearch 7 Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-22 14:34:57 +02:00
Jakub Sokołowski	9b3a50d574	cortex: fix logging configuration Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-22 14:29:23 +02:00
Jakub Sokołowski	4628eec7a9	the-hive: set OAuth secrets Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-20 18:20:24 +02:00
Jakub Sokołowski	fda79b6066	rename move thehive-es under infra.status.im Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-13 16:35:59 +02:00
Jakub Sokołowski	b47a8df7f6	cortex: adjust service name to not clash with infra-hq Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-13 13:01:43 +02:00
Jakub Sokołowski	9ef85ceeb4	configure an Nginx proxy for cortex.status.im Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-13 12:50:56 +02:00
Jakub Sokołowski	ca0936b573	deploy Cortex on master node Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-12 19:32:56 +02:00
Jakub Sokołowski	0cdae1d3cd	add Ansible role for configuring Cortex Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-12 19:30:43 +02:00
Jakub Sokołowski	06159181ed	thehive-slave: rename ES cluster to 'cortex' Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-12 17:09:35 +02:00
Jakub Sokołowski	a0e15deb83	the-hive: create group before creating user Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-12 16:41:34 +02:00
Jakub Sokołowski	dae50c95f4	move swap size config to group_vars/all.yml Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-12 16:28:48 +02:00
Jakub Sokołowski	83a58bdae1	move extracting Cassandra info to group_vars Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-12 16:23:16 +02:00
Jakub Sokołowski	891304ede7	the-hive: fix missing logs in journald Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-12 16:17:40 +02:00
Jakub Sokołowski	7e74e1afae	the-hive: download specifically 4.0.0-1 version Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-12 16:06:49 +02:00
Jakub Sokołowski	c12b93dc0b	set proxy_read_timeout to 3600 seconds, 1 hour This fixes errors like: upstream timed out (110: Connection timed out) while reading response header from upstream Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-12 12:29:45 +02:00
Jakub Sokołowski	dc77d248e7	the-hive: add GitHub OAuth configuration It works only if you first create a user with public email of given user in their GitHub profile. Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-12 11:25:39 +02:00
Jakub Sokołowski	060fac2d20	use HTTP 1.1 for Nginx reverse proxy Otherwise we were getting: POST /api/v0/query returned 500 play.core.server.common.ServerResultException: HTTP 1.0 client does not support chunked respo Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-12 10:51:42 +02:00
Jakub Sokołowski	e496295412	the-hive: fix location of secret.conf Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-12 10:18:19 +02:00
Jakub Sokołowski	b7a3d2d3bc	the-hive: add log level control via logback.xml Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-09 20:33:04 +02:00
Jakub Sokołowski	7d79872663	the-hive: drop unused admin password variable Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-09 19:40:39 +02:00
Jakub Sokołowski	3e26144260	add DNS record and deploy Nginx proxy for The Hive UI Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-09 19:01:13 +02:00
Jakub Sokołowski	f9ef66285d	deploy The Hive on the master-01 host Signed-off-by: Jakub Sokołowski <jakub@status.im>	2020-10-09 18:48:49 +02:00

1 2

62 Commits