Jérémy Lecour
be32fd9a23
Remove useless comments
2017-10-05 00:29:14 +02:00
Jérémy Lecour
622698fb99
Don't disable root access by default
...
It will be caught by evocheck if we forget to disable it
but will prevent locking ourselves out if we don't create users
2017-10-05 00:29:14 +02:00
Jérémy Lecour
ee80235e14
evolinux-base: etc-git is included after apt customization
...
APT sources must be customized before installing any package
2017-10-04 23:32:27 +02:00
Jérémy Lecour
f050608596
evolinux-base/meta: compatible with stretch
2017-10-04 23:31:29 +02:00
Jérémy Lecour
5ffc94281f
evolinux-base: parse fstab with better regex
...
The fstab file usually has fields separated by spaces
but sometimes they are separated by tabs.
2017-10-04 14:31:01 +02:00
Benoît S.
c1b719f16a
Merge branch 'unstable' into 'bash-completion'
...
# Conflicts:
# evolinux-base/tasks/packages.yml
2017-09-20 15:56:45 +02:00
Jérémy Lecour
3a9b95cedc
evolinux-base: fallback with warning for ssh without addresses
2017-09-14 14:26:00 +02:00
Gregory Colpart
06184a44bf
remove *ssl_subject vars to avoid errors
2017-09-08 01:26:53 +02:00
Gregory Colpart
d4e800a263
enable evoadmin-web link in default site index
2017-09-08 01:26:53 +02:00
Gregory Colpart
a074f6488a
we use now evolinux-sudo group to set sudo rights
2017-09-08 01:26:53 +02:00
Gregory Colpart
87ef758891
we need force=no for files who will be lineinfile/blockinfile
2017-09-07 02:32:08 +02:00
Gregory Colpart
26b76aed17
review default vhost
2017-09-07 02:31:48 +02:00
Gregory Colpart
be4e811c47
phpMyAdmin configuration
2017-09-07 02:26:35 +02:00
Gregory Colpart
4eb891b8b7
use role ntpd in evolinux-base
2017-08-31 03:31:00 +02:00
Gregory Colpart
b801c883ac
minor fix: true -> True
2017-08-31 03:23:07 +02:00
Gregory Colpart
ca4b0d5b1d
log2mail need to be started and not restarted each time
2017-08-30 04:07:26 +02:00
Gregory Colpart
859822709d
Revert "Fix: openssl req -subj arg need to be "/CN="" because bad var during test
...
This reverts commit 8cfa0a6ef2
.
2017-08-30 04:07:26 +02:00
Gregory Colpart
8cfa0a6ef2
Fix: openssl req -subj arg need to be "/CN="
2017-08-29 02:32:20 +02:00
Gregory Colpart
207a2f6011
Improve distribution verification
2017-08-23 01:49:27 +02:00
Gregory Colpart
5226082db0
evolinux-base and admin-users are only compatible Debian >=8, declare once in main.yml and that's all
...
(will be probably generalized to others modules if needed)
2017-08-22 01:37:04 +02:00
Benoît S.
a95d7893c5
Add a comment about AcceptEnv
2017-08-18 14:37:34 +02:00
Gregory Colpart
d82b12b614
fail when evolinux_ssh_password_auth_addresses is empty instead of Ansible crash (like for minifirewall)
2017-08-18 04:13:56 +02:00
Gregory Colpart
2bb7367edf
standardization for Debian versions : we use "jessie" or "9 or later" to prepare buster smoothly as possible
2017-08-18 03:50:30 +02:00
Jérémy Lecour
4b8456c5b7
Fix ssh security policy
2017-08-05 12:13:42 -04:00
Jérémy Lecour
db2b418be4
evolinux-base: fix typo in README
2017-08-05 12:13:42 -04:00
Gregory Colpart
e212f3043f
Set right URL for our custom role
2017-07-23 00:55:23 +02:00
Gregory Colpart
bbb0e579a6
Fix #2154 : we don't need lsb-invalid-mta and package is not anymore in stretch
2017-07-22 08:19:14 +02:00
Victor LABORIE
64a134355b
evolinux-base: override logmail service
2017-07-19 16:03:36 +02:00
Jérémy Lecour
adc3bd7a93
Fix ssh LogLevel
...
* the directive can be present but commented
* the version comparison was wrong
2017-07-19 13:49:08 +02:00
Jérémy Lecour
62fbbd2016
Rename role "apt-repositories" to "apt"
2017-07-19 08:56:46 +02:00
Jérémy Lecour
3e3e1c368e
Lighter /root/.vimrc
2017-07-18 20:03:57 +02:00
Jérémy Lecour
388a2c058e
Over-simplified /root/.gitconfig
2017-07-18 20:00:20 +02:00
Jérémy Lecour
0c2170cf5c
Remove some backups, again
2017-07-18 19:38:03 +02:00
Benoît S.
fa3047bdc4
Fix #2198 . Purge openntpd
2017-07-17 16:18:10 +02:00
Jérémy Lecour
be68f9ac0a
remove a few useless "backup: yes"
2017-07-17 14:46:01 +02:00
Gregory Colpart
a189b7935b
NTPD : Listen only on lo interface by default
2017-07-17 14:21:46 +02:00
Gregory Colpart
f78e93e0ff
we want always packages ssl-cert et ca-certificates (probably will go to serveur-base package, we will see)
2017-07-13 02:41:12 +02:00
Gregory Colpart
ea4ec27f08
Oops, last commit was broken. I think "when: TAG" need always to be boolean, then I patch for that.
2017-07-13 02:20:28 +02:00
Gregory Colpart
fcfea428b7
pet commit: remove not ecessary params
2017-07-13 01:18:25 +02:00
Jérémy Lecour
e23edbd5f4
this have nothing to do in the previous commit
2017-07-12 10:24:09 +02:00
Jérémy Lecour
ce37282feb
Effectively change the timezone
2017-07-12 10:23:21 +02:00
Jérémy Lecour
a318e6065c
Disable new vim defaults
2017-07-12 10:15:47 +02:00
Jérémy Lecour
6514f64a1f
Better english
2017-07-12 09:34:46 +02:00
Jérémy Lecour
1cdbcaa5fb
Install packages for Stretch and later
2017-07-11 18:43:22 +02:00
Gregory Colpart
12b5d9a97a
Fix #2207 : set -L 15 for Cron
2017-07-11 00:42:38 +02:00
Gregory Colpart
eab03993d0
improvment, don't touch to /etc/profile and instead use /etc/profile.d/evolinux.sh
2017-07-11 00:29:06 +02:00
Gregory Colpart
05b7588953
no more apt-listchanges in Stretch
2017-07-10 22:17:58 +02:00
Gregory Colpart
0d79db4ed5
Improve dpkg pre / post - invoke
2017-07-10 21:52:57 +02:00
Gregory Colpart
8505ef5b5e
exit 0 -> true
2017-07-09 19:59:12 +02:00
Gregory Colpart
0d0937aa4e
Use "false" instead of "0" to be more explicit
2017-07-09 19:59:12 +02:00
Jérémy Lecour
0fdc1565a8
Default site CSS slightly beautified
2017-07-06 17:14:29 +02:00
Jérémy Lecour
553025d199
enable server-status in default site
2017-07-06 17:14:29 +02:00
Jérémy Lecour
0e0bc1cbbd
Split default vhost into nginx ad apache roles
2017-07-06 17:14:28 +02:00
Jérémy Lecour
de37aac243
Don't overwrite default apache vhost
2017-07-06 17:14:27 +02:00
Benoît S.
effbfc3189
Be sure to have the bash-completion package
...
It is very handy to have this package to have completion of commands like
systemctl.
2017-07-06 11:58:48 +02:00
Jérémy Lecour
bae8961e99
packweb/evoadmin: cleanup
...
* extracted tasks
* more variables
* more templates
* less bugs
2017-07-03 18:23:39 +02:00
Jérémy Lecour
664a926caa
evolinux: fix rotate value customization
...
with "[0-9]*" too much lines would be changed
2017-07-03 17:57:00 +02:00
Jérémy Lecour
d3af1320c9
SSH: log level to verbose for Stretch and later
2017-06-14 15:53:15 +02:00
Jérémy Lecour
13fccb1f3f
Fix Ansible syntax for include_role
2017-06-13 11:45:34 +02:00
Jérémy Lecour
25e017fa28
Add contrib/non-free components for APT sources if needed
2017-06-13 11:21:27 +02:00
Jérémy Lecour
65f91f09b0
Disable warnings for mount commands related to /usr read-only
2017-06-12 15:11:40 +02:00
Jérémy Lecour
4d9961b0f9
evolinux-base: configure apt-repositories role
2017-06-07 09:59:55 +02:00
Victor LABORIE
a1c69bdf84
apt-repositories/evolinux-base: fix default sources.list configuration
2017-06-05 11:43:25 +02:00
Jérémy Lecour
c66438a2a3
evolinux-base: remount /usr when needed
2017-05-23 14:55:31 +02:00
Jérémy Lecour
6e104d8689
evolinux-base: include_role apt-repositories
2017-05-23 14:55:15 +02:00
Jérémy Lecour
17be773822
Extract Evolix public APT sources
2017-05-21 11:00:46 +02:00
Jérémy Lecour
89d8ac32c4
Non octal notation
...
When permissions octal notation doesn't begin with 0, prefer the text
notation.
2017-05-19 22:46:34 +02:00
Jérémy Lecour
e2452cdf6c
Don't warn for some known commands
2017-05-19 22:30:51 +02:00
Jérémy Lecour
9fae99f8dc
Minor syntax and whitespaces fixes
2017-05-19 22:29:53 +02:00
Jérémy Lecour
23f0b97897
evolinux-base: add logrotate package
...
It should be installed by default, but make sure that it is really
present.
2017-05-18 13:57:30 +02:00
Jérémy Lecour
82c4c9d745
Use apt module with 2.2 option "allow_unauthenticated"
2017-05-16 15:36:46 +02:00
Victor LABORIE
8227e7a617
evolinux-base: add curl and telnet to diagnostic tool
2017-05-02 17:12:08 +02:00
Jérémy Lecour
c0d43f72ef
evolinx-base: no comma for postfix config
2017-05-02 13:56:20 +02:00
Victor LABORIE
9dfe6fd175
evolinux-base: use fqdn in default postfix config and add handler
2017-04-27 10:51:21 +02:00
Victor LABORIE
0ad39a1be7
evolinux-base: update hostname in default postfix config
2017-04-25 15:50:22 +02:00
Jérémy Lecour
3f09d938eb
disable some parts of evolinux-base in tests
2017-04-24 09:46:43 +02:00
Jérémy Lecour
53a1134b6f
detect presence of hotplug network interface
2017-04-24 09:46:42 +02:00
Jérémy Lecour
eec84fca8a
detect absence of acl in filesystem
2017-04-24 09:46:42 +02:00
Jérémy Lecour
2427fcc7f3
Respect hostname variable value
2017-04-24 09:46:42 +02:00
Jérémy Lecour
72d0f6ddc4
No change recorded when updating apt cache
2017-04-24 09:46:42 +02:00
Jérémy Lecour
d23d2f6080
evolinux-base: improve the kitchen recipe
...
but it's still disabled for the omment
2017-04-20 15:51:48 +02:00
Jérémy Lecour
47f8f5d75f
evolinux-base can't be tested within Docker yet
...
because of sshd not being a proper service in the Docker container
2017-04-20 13:57:11 +02:00
Jérémy Lecour
4c1c0c6c23
[WIP] tests for evolinux-base
2017-04-20 13:48:23 +02:00
Jérémy Lecour
fad4b78775
evolinux-base: better regexp for fstab customization
...
- we must exclude lines containing a # before the partition name
- it's better to use "not space" (\S) instead of "word character" (\w)
between the partition name and the fs type
2017-04-19 10:59:25 +02:00
Jérémy Lecour
c30e6b189c
evolinux-base: fstab is more customizable
2017-04-05 17:50:50 +02:00
Jérémy Lecour
8ba9c0081a
evolinux: finer grained kernel configuration
2017-03-30 15:33:23 +02:00
Jérémy Lecour
4eab8c319a
evolinux: custom email for logcheck
2017-03-30 15:32:59 +02:00
Jérémy Lecour
5b2ab0d8d3
Ansible >= 2.2 supported
2017-03-24 14:15:09 +01:00
Jérémy Lecour
294cea44e8
Change mode with leading 0, but still as String
2017-03-23 16:59:43 +01:00
Jérémy Lecour
c666099ef8
Evolinux-base: dynamic release name
2017-03-16 16:50:21 +01:00
Benoît S.
f3d1f5b04c
Fix #2159 . Wrong path for cciss-vol-statusd.
2017-03-10 11:24:19 +01:00
Tristan PILAT
78a2fd9830
Fix error in handler
2017-03-08 16:33:23 +01:00
Jérémy Lecour
6ed870e94e
Can't dynamically choose module based on version
...
If the condition is in a when attribute, the module is still
evaluated. If it doesn't exist in the current verison of Ansible
it will blow up.
2017-02-09 17:36:49 +01:00
Jérémy Lecour
8920ff1ee4
Add "always_run: yes" where it's pertinent
...
There is also the "check_mode: no", but commented,
for when we switch to Ansible 2.2
2017-01-31 11:45:35 +01:00
Benoît S.
e173407baa
Typo sysctl vs systemd.
2017-01-18 15:53:43 +01:00
Jérémy Lecour
478e9a8272
replace "state: installed" with "state: present"
2017-01-12 17:37:48 +01:00
Jérémy Lecour
61f5219f48
Improve documentation
...
Each role has a README and a meta/main.yml file
2017-01-05 18:22:06 +01:00
Jérémy Lecour
5a4f838375
Unix mode MUST be a quoted string when using octal notation
2017-01-05 12:03:54 +01:00
Jérémy Lecour
5277f58598
evolinux-base: enable service according to ansible_version
2017-01-05 12:03:53 +01:00
Jérémy Lecour
0ff5467bce
add a "reload sshd" handler
2017-01-04 10:21:41 +01:00