|
5fb605231d
|
Allow pings to ingress
/ terraform (push) Successful in 33s
/ ansible (push) Successful in 1m50s
This makes testing connections much simpler
|
2023-11-05 21:48:25 +00:00 |
|
|
850278ab19
|
Allow nebula through firewall
/ terraform (push) Successful in 1m6s
/ ansible (push) Failing after 2m8s
|
2023-11-03 18:06:36 +00:00 |
|
|
9f83efa53b
|
Use nftables for firewall on ingress
See ya never, iptables!
|
2023-10-26 21:34:06 +01:00 |
|
|
1db289b604
|
Show domain in logs rather than upstream
The upstream is always the same, and no use to us
|
2022-01-19 09:00:20 +00:00 |
|
|
a278443850
|
Use auto on nginx configs
Let nginx work it out, and default to 1 per core
|
2021-09-04 22:41:30 +01:00 |
|
|
453a374801
|
Replace ingress proxy with nginx
This enables HTTPS redirecting at it too much more easily, and matches the gateway configuration.
Requires using upstream versions of nginx to enable https://nginx.org/en/docs/stream/ngx_stream_realip_module.html
|
2021-08-24 14:21:51 +01:00 |
|
|
edc5c325b7
|
Correctly check hostname against PVE hosts
Some of the hostnames have `-` in instead, which caused issues with the SSH config detecting which users to allow
|
2021-08-23 19:56:04 +01:00 |
|
|
93cba46dd1
|
Redirect to HTTPS at the edge
|
2021-08-23 16:10:37 +01:00 |
|
|
797c44a27d
|
Use proxy protocol v2
Apparently it's better for chaining, and may be faster anyway
|
2021-07-01 22:28:25 +01:00 |
|
|
3485f8e1f0
|
Actually version the ingress haproxy config
|
2021-06-12 17:32:47 +01:00 |
|
|
30cb9e52e7
|
Install and provision wireguard client on ingress server
|
2020-12-21 18:24:35 +00:00 |
|