Change Details

Deprecate as much of the application VM infrastructure as possible into lighter-weight docker containers * [x] Ansible - shutoff * [x] ~~SSH Bastion~~ => out of scope; security barrier * [x] NextCloud => wekan * [x] EmonCMS (or remove?) - PoC, no migration should be needed * [x] GitLab (or remove?) - Experimental, no migration should be needed - https://docs.gitlab.com/omnibus/docker/ * [x] httpsrv (unused?) - I think this is unused, so can be dropped? * [x] ~~Management bastion~~ => out of scope; security barrier * [ ] Monitoring - Might need special networking handling * [x] MQTT => wekan - There's an outstanding authentication issue here with the sonoff plugs. - The hostname/port is hardcoded in a lot of embedded devices. - Postgres database on this VM too. * [x] Netbox - Requires Postgres - Requires Redis - Custom-build docker-compose - the built in one adds a HTTP proxy on the front, and we'll be supplying our own. * [x] Oracle - deprecated * [x] piholesrv - deprecated * [x] Postgres - data migration - this is all DNSManager stuff. Perhaps redeploy as container in stack? * [x] ~~VPN~~ => requires special networking configuration

Deprecate as much of the application VM infrastructure as possible into lighter-weight docker containers * [x] Ansible - shutoff * [x] ~~SSH Bastion~~ => out of scope; security barrier * [x] NextCloud => wekan * [x] EmonCMS (or remove?) - PoC, no migration should be needed * [x] GitLab (or remove?) - Experimental, no migration should be needed - https://docs.gitlab.com/omnibus/docker/ * [x] httpsrv (unused?) - I think this is unused, so can be dropped? * [x] ~~Management bastion~~ => out of scope; security barrier * [ ] Monitoring => not planned - Might need special networking handling * [x] MQTT => wekan - There's an outstanding authentication issue here with the sonoff plugs. - The hostname/port is hardcoded in a lot of embedded devices. - Postgres database on this VM too. * [x] Netbox - Requires Postgres - Requires Redis - Custom-build docker-compose - the built in one adds a HTTP proxy on the front, and we'll be supplying our own. * [x] Oracle - deprecated * [x] piholesrv - deprecated * [x] Postgres - data migration - this is all DNSManager stuff. Perhaps redeploy as container in stack? * [x] ~~VPN~~ => requires special networking configuration

Deprecate as much of the application VM infrastructure as possible into lighter-weight docker containers * [x] Ansible - shutoff * [x] ~~SSH Bastion~~ => out of scope; security barrier * [x] NextCloud => wekan * [x] EmonCMS (or remove?) - PoC, no migration should be needed * [x] GitLab (or remove?) - Experimental, no migration should be needed - https://docs.gitlab.com/omnibus/docker/ * [x] httpsrv (unused?) - I think this is unused, so can be dropped? * [x] ~~Management bastion~~ => out of scope; security barrier * [ ] Monitoring => not planned - Might need special networking handling * [x] MQTT => wekan - There's an outstanding authentication issue here with the sonoff plugs. - The hostname/port is hardcoded in a lot of embedded devices. - Postgres database on this VM too. * [x] Netbox - Requires Postgres - Requires Redis - Custom-build docker-compose - the built in one adds a HTTP proxy on the front, and we'll be supplying our own. * [x] Oracle - deprecated * [x] piholesrv - deprecated * [x] Postgres - data migration - this is all DNSManager stuff. Perhaps redeploy as container in stack? * [x] ~~VPN~~ => requires special networking configuration