dprevot/ansible-roles
1
0
Fork 0
forked from evolix/ansible-roles
Code Issues Pull requests 1 Projects Releases Wiki Activity
3558 commits 45 branches 41 tags 9.7 MiB
Commit graph

1019 commits

Author SHA1 Message Date
Jérémy Lecour fb7218972f
squid: config directory seems to have changed from /etc/squid3 to /etc/squid in Debian 8 2023-12-11 15:10:06 +01:00
William Hirigoyen 66b69f1502 remount-usr: do not try to remount /usr RW if /usr is not a mounted partition 2023-12-11 10:46:04 +01:00
Ludovic Poujol e32e1c5496 Unbound: Big update & enhancements 
* Move configuration generated to /etc/unbound/unbound.conf.d/evolinux.conf so we don't override default config file
* Make use of root hints provided by dns-root-data instead of downloading them
* Add configuration to ensure that configuration reload work out of the box on Debian11 and old
* Add required configuration in Unbound and munin to allow tge plugin to work
* Make ansible-lint a bit more happy
 2023-12-08 16:13:41 +01:00
Tom David--Broglio cbc51c462a fix Add Ceph volume to fstab : missing UUID= in src 2023-12-07 11:02:04 +01:00
Alexis Ben Miloud--Josselin 4d7de89ad4 webapps/nextcloud: Add condition for config tasks 
And update CHANGELOG
 2023-12-07 10:19:42 +01:00
William Hirigoyen c9e8b6c4e1 dovecot: Munin plugin conf path is now /etc/munin/plugin-conf.d/zzz-dovecot (instead of z-evolinux-dovecot) 2023-12-07 10:04:11 +01:00
David Prevot b8732dffaf Changelog for previous changes 2023-11-30 15:58:31 +01:00
Mathieu Trossevin 0ca31b91fe
fix(certbot): Fix hook for dovecot (too strict) 
When we use a separate certificate for POP3 and IMAP there might be
blank characters (almost certainly spaces but might as well be more lax)
before `ssl_cert` which resulted in these lines not being detected and
the hook not being played, forcing manual intervention.

This commit fixes that problem by accepting blank characters before
ssl_certs. (`\b` might be even better...)
 2023-11-30 10:11:05 +01:00
William Hirigoyen 1a74bef0bc check stat.exists before stat.isdir 2023-11-29 10:13:43 +01:00
William Hirigoyen 83e61b25a5 etc-git: add /var/chroot-bind/etc/bind repo 2023-11-29 09:59:57 +01:00
Jérémy Lecour 06c47493e9
sort changelog 2023-11-29 09:24:28 +01:00
Jérémy Lecour 81d97bb3fb
vrrpd: variable to force update the switch script (default: false) 2023-11-29 09:24:00 +01:00
David Prevot e5f5425f6d lxc-php: Allow one to install php83 on Bookworm container 2023-11-28 17:15:44 +01:00
David Prevot 69bc93ff6e lxc: Init /etc git repository in lxc container 
Note: ugly loop, but “it works”…
 2023-11-24 11:54:13 +01:00
Alexis Ben Miloud--Josselin 892067cf2b kvmstats: use .capacity instead of .physical for disk size 2023-11-23 12:26:20 +01:00
David Prevot c93748487b evocheck: upstream release 23.11.1 2023-11-22 17:27:39 +01:00
David Prevot 2c86660e52 evocheck: upstream release 23.11 2023-11-22 17:06:39 +01:00
David Prevot 95aeb9a68e Fix bind changelog entry 2023-11-22 16:13:37 +01:00
David Prevot 96d15eb5aa Changelog entry for bind changes 2023-11-21 11:35:42 +01:00
Jérémy Lecour 4cba25d8fc
evolinux-base: no need to remove update-evobackup-canary from sbin anymore 2023-11-20 19:15:39 +01:00
Jérémy Lecour f01e7453fb
no need to symlink backup-server-state to dump-server-state anymore 2023-11-20 19:13:51 +01:00
Jérémy Lecour 83c178f244
log2mail: move custom config in separate file 2023-11-20 19:02:48 +01:00
Jérémy Lecour 642fbb1ea4
evolinux-base: dump-server-state upstream release 23.11 2023-11-20 19:02:03 +01:00
William Hirigoyen a5e4359d0e #73871 ssl: no not execute haproxy tasks and reload if haproxy is disabled 2023-11-17 15:51:33 +01:00
Gregory Colpart 0578d5a3ec apache : rename MaxRequestsPerChild to MaxConnectionsPerChild (new name) 2023-11-16 14:45:07 +01:00
Gregory Colpart ac72c7ac31 apache: fix MaxRequestsPerChild value to be sync with wiki.e.o 2023-11-16 14:44:08 +01:00
Gregory Colpart b1a67d1a5c apache : fix goaway pattern for bad bots 2023-11-16 14:35:48 +01:00
William Hirigoyen 1394052fd6 ProFTPd: set missing default listen IP for SFTP, enable ed25525549 key only for Debian >= 11 2023-11-15 10:53:22 +01:00
William Hirigoyen 4a6e6e6ba2 ProFTPd: in SFTP vhost, enable SSH keys login, enable ed25549 host key 2023-11-15 09:43:10 +01:00
Ludovic Poujol b77845cc8c php: Bullseye/Sury > Honor the php_version asked in the pub.evolix.org repository 2023-11-13 16:17:22 +01:00
Tom David--Broglio 6ae9e04f27 webapps/nextcloud: fix misplaced gid attr and added check for nexctcloud uid 2023-11-09 16:48:17 +01:00
Tom David--Broglio aab3381887 webapps/nextcloud: fix missing gid 2023-11-09 15:59:45 +01:00
Tom David--Broglio 009de62e28 webapps/nextcloud Added var nextcloud_user_uid to enforce uid for nextcloud user 2023-11-09 15:19:15 +01:00
William Hirigoyen 41ec5b737b nagios: rename var into and check systemd-timesyncd instead of ntpd in Debian 12 2023-11-07 17:46:29 +01:00
William Hirigoyen c9c8ade55d nagios: fix default file to monitor for check_clamav_db 2023-11-03 18:03:35 +01:00
William Hirigoyen bc284f8248 add-vm.sh: allow VM name max length > 20 2023-11-03 10:48:28 +01:00
Brice Waegeneire 74a6b2ead1 nagios-nrpe: add check_sentinel 2023-10-27 15:02:28 +02:00
David Prevot 953ca015c5 Changelog entries for latest changes 2023-10-26 16:09:42 +02:00
Brice Waegeneire 679e170dce evolinux-base: use separate default config file for rsyslog 2023-10-18 15:10:35 +02:00
Jérémy Lecour 3b3b130248
Release 23.10 2023-10-14 07:37:18 +02:00
Jérémy Lecour 31990cfe80
Linting CHANGELOG 2023-10-14 07:36:29 +02:00
Alexis Ben Miloud--Josselin bbf6ce6f6e rbenv: Installer libyaml-dev 
Le paquet est nécessaire en Debian 12.
 2023-10-12 17:49:00 +02:00
Alexis Ben Miloud--Josselin dbd1103078 docker-host: Retirer directive state en trop 2023-10-11 18:06:13 +02:00
Alexis Ben Miloud--Josselin a80076a5ea evolinux-base: Corriger autorisation pour evolinux_user 
Cas configuration SSH séparée. Ticket #74636.
 2023-10-11 10:02:34 +02:00
Jérémy Lecour 3347ac4271
evomaintenance: upstream release 23.10.1 2023-10-09 18:13:48 +02:00
Alexis Ben Miloud--Josselin 0c9b55e5e1 evolix-base/root: fix module used 2023-10-09 17:12:15 +02:00
Jérémy Lecour c673ed10c6
evomaintenance: upstream release 23.10 2023-10-09 16:24:47 +02:00
Jérémy Lecour d6a777be72
kvm-host: migrate-vm: set migration speed even on bridges 2023-10-05 22:05:17 +02:00
Jérémy Lecour 9cd0426d2b
nagios-nrpe: sync Redis check from redis roles 2023-10-03 13:34:53 +02:00
David Prevot f2c37dddff Use timesyncd instead of ntpd starting with Debian 12 (not always) 2023-09-28 17:25:18 +02:00
David Prevot a2306e6a15 Changelog for previous commit 2023-09-28 15:27:19 +02:00
David Prevot aa13171f91 Changelog for previous commit 2023-09-26 18:00:59 +02:00
David Prevot c03dd0ca2f Changelog for previous commit 2023-09-26 18:00:48 +02:00
Ludovic Poujol a65230b5e0 mysql: new munin graph to follow binlog_days over time 2023-09-26 17:35:14 +02:00
Jérémy Lecour b5550d2ce2
lxc-php: fix APT keyring path inside containers 2023-09-21 15:47:23 +02:00
Jérémy Lecour cc9d0c59d3
CHANGELOG cleanup 2023-09-20 14:33:45 +02:00
Jérémy Lecour 050b2ae419
kvm-host: migrate-vm sets the migration speed automatically 2023-09-20 13:08:42 +02:00
William Hirigoyen d7d8ee63b2 Revert "lxc-php: Fix /etc/profile.d/evolinux.sh mode in containers (defauft umask -> 644)" 
This reverts commit 92788a8b93.
 2023-09-15 15:20:45 +02:00
William Hirigoyen 92788a8b93 lxc-php: Fix /etc/profile.d/evolinux.sh mode in containers (defauft umask -> 644) 2023-09-14 17:11:46 +02:00
Jérémy Lecour 53a0e56472
metricbeat/logstash: fix Ansible syntax 2023-09-13 09:38:44 +02:00
Jérémy Lecour 41004e20b4
kvm-host: migrate-vm exits if DRBD is not up-to-date 2023-09-12 11:38:54 +02:00
William Hirigoyen 2af2e5ee78 nagios-nrpe: set default check_load --per-cpu for BSD 2023-09-11 09:25:21 +02:00
William Hirigoyen 2a7d2d9c58 postfix: disable IPv6 2023-09-05 15:44:37 +02:00
Mathieu Trossevin cfca604670
nagios-nrpe: Add proper plugin to monitor glusterfs health 2023-09-05 15:21:08 +02:00
Alexis Ben Miloud--Josselin 73c0a0d29a evolinux-base: include files under sshd_config.d 
In case we need to add the Include directive, we add it at the
beginning of the global configuration file. This way the Include
directive can't be inside a Match directive.
 2023-08-31 17:09:43 +02:00
Jérémy Lecour 8ca7cc4692
kvm-host: release 23.08 for migrate-vm.sh 2023-08-31 11:26:21 +02:00
Jérémy Lecour e2dea8054f
kvm-host: add batch-mode and ignore stdin for SSH command in migrate-vm.sh 2023-08-31 11:26:20 +02:00
Eric Morino df202197c7 Change lxc container in bookworm for php82 2023-08-29 15:28:09 +02:00
Ludovic Poujol e71cffd8fd php: add new variable to disable oveeriding settings of php-fpm default pool (www) 2023-08-28 17:08:33 +02:00
Alexis Ben Miloud--Josselin b8b48bbcb9 evocheck: Fix IS_SSHALLOWUSERS condition 2023-08-23 16:18:35 +02:00
Jérémy Lecour bb41d313a9
apt: Explicit "signed-by" directives for official sources 2023-08-18 16:28:03 +02:00
Jérémy Lecour feba74c469
evolinux-base: reboot the server if the Cloud kernel has been installed 2023-08-18 12:10:01 +02:00
Jérémy Lecour 67c6167474
apt: Disable NonFreeFirmware warning for VM on Debian 12+ 2023-08-18 12:10:00 +02:00
Alexis Ben Miloud--Josselin 536d051890 Fix mode for files under /etc/ssh/sshd_config.d 2023-08-16 18:21:06 +02:00
Alexis Ben Miloud--Josselin 263f940c3d Update Changelog 2023-08-16 16:14:42 +02:00
William Hirigoyen 81849c6537 userlogrotate: new version, with separate conf file 2023-08-11 10:51:45 +02:00
Ludovic Poujol f0abb53750 evolinux-base: New variable "evolinux_system_include_ntpd" to chose wether or not to include ntpd role 2023-08-04 11:47:42 +02:00
Eric Morino 87d09275a0 postgresql: fix file postgresql.pref.j2 for exclude package 2023-08-04 10:18:08 +02:00
Eric Morino eca010d959 postgresql: fix task "update apt cache" for PGDG repo 2023-08-04 09:56:44 +02:00
Ludovic Poujol 16bba8b469 fail2ban: add variable fail2ban_sshd_port to configure sshd port 2023-07-31 11:50:36 +02:00
William Hirigoyen 3c3db4fefa postfix: new spam.sh update script that avoids reloading if files did not change. 2023-07-25 15:24:00 +02:00
William Hirigoyen b6886384b9 redis: replace errorneous ini_file module for Munin config, fix dedicted Munin config filename (z-XXX) 2023-07-21 16:51:02 +02:00
William Hirigoyen ef642e564e bind: Add reload-zone helper 2023-07-21 16:19:26 +02:00
William Hirigoyen 030871ea9b opendkim: update apt cache before install 2023-07-20 16:33:15 +02:00
William Hirigoyen f2eaac0894 nginx: set default server directive in default vhost 2023-07-17 17:31:21 +02:00
William Hirigoyen 67f0fa5942 evolinux-base: configure bashrc for all users 2023-07-17 17:18:55 +02:00
William Hirigoyen 7133783695 Update CHANGELOG 2023-07-17 17:09:38 +02:00
Jérémy Lecour 83f7b6cdca
evolinux: Install HPE Agentless Management Service (amsd) 2023-07-12 09:40:24 +02:00
Ludovic Poujol f50848917a fail2ban: Fix cron fail2ban_dbpurge (should be bash instead of sh) 2023-07-10 16:41:12 +02:00
Mathieu Trossevin 831715e44c
fix(nagios-nrpe): Fix check_ssl_local output 
nrpe read output of plugins from stdout only, if there is no output it
return UNKNOWN regardless of return code.
 2023-07-07 11:30:22 +02:00
William Hirigoyen aa10f719b4 redis: standardize plugins path from /usr/local/share/munin/ to /usr/local/lib/munin/plugins/ 2023-07-06 11:04:53 +02:00
Jérémy Lecour 0331c23ad6
minifirewall: update nrpe script to check active configuration 2023-07-05 09:54:53 +02:00
Jérémy Lecour e347b6eca8
minifirewall: upstream release 23.07 2023-07-05 09:54:52 +02:00
Bruno TATU fb184a0ecf Set fail2ban_dbpurgeage_default variable for fail2ban 2023-07-04 15:36:02 +02:00
Gregory Colpart bb54c9209e add options for Amavis integration in Postfix packmail 2023-07-04 09:52:47 +02:00
Gregory Colpart 1ecb463104 change default minimal_backoff_time (Postfix role) 2023-07-04 09:50:20 +02:00
Tom David--Broglio e4436d9066 docker-host: added var for user namespace setting 2023-07-03 18:37:15 +02:00
Jérémy Lecour a6bac1f20b
change syntax "become: [yes,no]" → "become: [true,false]" 2023-07-03 14:21:22 +02:00
Jérémy Lecour 00fe225a3c
force: [yes,no] → force [true,false] 2023-06-28 13:25:30 +02:00
William Hirigoyen 42ad894d45 dovecot: new Munin plugins, fix old_stats config 2023-06-23 11:26:35 +02:00