Change Details

Deprecate as much of the application VM infrastructure as possible into lighter-weight docker containers * [x] Ansible - Unsure how this is going to work, as it needs SSH access to other machines * [x] ~~SSH Bastion~~ => out of scope; security barrier * [ ] NextCloud - Requires database (mariadb?) - Data migration concerns - https://rendoaw.github.io/2018/04/Migrate-Nextcloud-To-Docker - https://hub.docker.com/_/nextcloud * [x] EmonCMS (or remove?) - PoC, no migration should be needed * [x] GitLab (or remove?) - Experimental, no migration should be needed - https://docs.gitlab.com/omnibus/docker/ * [x] httpsrv (unused?) - I think this is unused, so can be dropped? * [x] ~~Management bastion~~ => out of scope; security barrier * [ ] Monitoring - Might need special networking handling * [ ] MQTT - There's an outstanding authentication issue here with the sonoff plugs. - The hostname/port is hardcoded in a lot of embedded devices. - Postgres database on this VM too. * [ ] Netbox - Requires Postgres - Requires Redis - Custom-build docker-compose - the built in one adds a HTTP proxy on the front, and we'll be supplying our own. * [x] Oracle - data migration * [x] Postgres - data migration - this is all DNSManager stuff. Perhaps redeploy as container in stack? * [x] ~~VPN~~ => requires special networking configuration

Deprecate as much of the application VM infrastructure as possible into lighter-weight docker containers * [ ] Ansible - shutoff * [x] ~~SSH Bastion~~ => out of scope; security barrier * [ ] NextCloud - Requires database (mariadb?) - Data migration concerns - https://rendoaw.github.io/2018/04/Migrate-Nextcloud-To-Docker - https://hub.docker.com/_/nextcloud * [x] EmonCMS (or remove?) - PoC, no migration should be needed * [x] GitLab (or remove?) - Experimental, no migration should be needed - https://docs.gitlab.com/omnibus/docker/ * [x] httpsrv (unused?) - I think this is unused, so can be dropped? * [x] ~~Management bastion~~ => out of scope; security barrier * [ ] Monitoring - Might need special networking handling * [ ] MQTT - There's an outstanding authentication issue here with the sonoff plugs. - The hostname/port is hardcoded in a lot of embedded devices. - Postgres database on this VM too. * [x] Netbox - Requires Postgres - Requires Redis - Custom-build docker-compose - the built in one adds a HTTP proxy on the front, and we'll be supplying our own. * [x] Oracle - data migration * [ ] piholesrv - tricky because networking * [x] Postgres - data migration - this is all DNSManager stuff. Perhaps redeploy as container in stack? * [x] ~~VPN~~ => requires special networking configuration

Deprecate as much of the application VM infrastructure as possible into lighter-weight docker containers * [x* [ ] Ansible - Unsure how this is going to work, as it needs SSH access to other machinesshutoff * [x] ~~SSH Bastion~~ => out of scope; security barrier * [ ] NextCloud - Requires database (mariadb?) - Data migration concerns - https://rendoaw.github.io/2018/04/Migrate-Nextcloud-To-Docker - https://hub.docker.com/_/nextcloud * [x] EmonCMS (or remove?) - PoC, no migration should be needed * [x] GitLab (or remove?) - Experimental, no migration should be needed - https://docs.gitlab.com/omnibus/docker/ * [x] httpsrv (unused?) - I think this is unused, so can be dropped? * [x] ~~Management bastion~~ => out of scope; security barrier * [ ] Monitoring - Might need special networking handling * [ ] MQTT - There's an outstanding authentication issue here with the sonoff plugs. - The hostname/port is hardcoded in a lot of embedded devices. - Postgres database on this VM too. * [ * [x] Netbox - Requires Postgres - Requires Redis - Custom-build docker-compose - the built in one adds a HTTP proxy on the front, and we'll be supplying our own. * [x] Oracle - data migration * [ ] piholesrv - tricky because networking * [x] Postgres - data migration - this is all DNSManager stuff. Perhaps redeploy as container in stack? * [x] ~~VPN~~ => requires special networking configuration