William Hirigoyen
9821fc8f78
userlogrotate: rotate also php.log
2023-04-27 10:52:32 +02:00
William Hirigoyen
5c60fad29c
evolinux-users: remove Stretch references in tasks that also apply to next Debian versions.
2023-04-26 18:10:45 +02:00
Jérémy Lecour
6cd72cf9f4
Release 23.04
2023-04-23 10:48:39 +02:00
Jérémy Lecour
42e98791d9
Extract patroni role into its own branch for now
2023-04-23 10:31:02 +02:00
Brice Waegeneire
e8c7d2c3e3
lxc-php: add support for PHP 8.2 container
2023-04-20 11:27:56 +02:00
Eric Morino
8ec5c79ca1
Add new role Patroni in CHANGELOG
2023-04-03 14:45:17 +02:00
Alexis Ben Miloud--Josselin
ce247dba56
Add role for Graylog
2023-03-30 17:58:30 +02:00
Alexis Ben Miloud--Josselin
d37f6c0e3f
PgBouncer: add handler (restart)
2023-03-30 13:21:33 +02:00
Ludovic Poujol
34a0dae3e6
generate-ldif: Support for Debian 12
...
The script required few changes to adapt to the new output of lscpu & usage of lspci
lscpu
- Multiple Vendor ID fields (CPU & Bios) > We keep the first one tied to the CPU info
- No more CPU Speed displayed for virtual machines. We guess the CPU Speed with the CPU Name (Thanks intel puting it in the CPU Name). But that's not going to work with AMD CPUs. An alternative would be to have a peek at /proc/cpu
lspci
- Remove the "0x" prefix as it seems invalid with lscpi version on Debian 12. On older debian, vendor/device id are accepted with or without the "0x" prefix
2023-03-29 11:41:26 +02:00
Jérémy Dubois
939b2358a3
openvpn: updated the README file
2023-03-22 15:21:58 +01:00
Jérémy Lecour
6f61a0744c
apt: with Debian, 12 backports are installed but disabled by default
2023-03-18 15:38:05 +01:00
Jérémy Lecour
fac45cb64d
Release 23.03.1
2023-03-16 22:17:46 +01:00
Jérémy Lecour
8bfc4c28bc
listupgrade: remove old typo version of the cron task
2023-03-16 21:37:04 +01:00
Jérémy Lecour
be03dfcb08
apt: deb822 migration python script is looked relative to shell script
2023-03-16 21:37:04 +01:00
Jérémy Lecour
b7dea8d456
minifirewall: support protocols in numeric form
2023-03-16 21:37:04 +01:00
Alexis Ben Miloud--Josselin
eae2eed7b0
Add role for PgBouncer
2023-03-16 17:14:16 +01:00
Jérémy Lecour
65ee8c7e45
Release 23.03
2023-03-16 14:56:39 +01:00
Jérémy Lecour
8df930f016
import changelog line
2023-03-16 14:38:32 +01:00
Jérémy Lecour
70d34ac18d
listupgrade: upstream release 23.03.3
2023-03-16 14:38:32 +01:00
Jérémy Lecour
50216eb5c7
listupgrade: upstream release 23.03.2
2023-03-16 14:38:32 +01:00
Jérémy Lecour
8d698ec6cb
CHANGELOG cleanup
2023-03-16 14:38:29 +01:00
Alexis Ben Miloud--Josselin
dc6b340081
changelog: ajouter changements sur kvmstats
2023-03-16 14:21:21 +01:00
Jérémy Lecour
fa1935e46c
apt: add tools to migrate sources to deb822 format
2023-03-15 22:50:00 +01:00
David Prevot
c7940dc8c1
CHANGELOG: tfix
2023-03-13 15:12:37 +01:00
William Hirigoyen
419071f470
php: fix error introduced in 33503e4538
(False evaluated as a string instead of boolean)
2023-03-13 15:09:41 +01:00
Jérémy Lecour
b4a63d3d55
listupgrade: upstream release 23.03.1
2023-03-12 11:12:56 +01:00
Jérémy Lecour
b57fd16ee6
listupgrade: upstream release 23.03
2023-03-12 11:12:56 +01:00
Jérémy Lecour
d64193287d
postgresql: configure max_connections
2023-03-12 11:12:56 +01:00
William Hirigoyen
3f353ad072
elasticsearch: disable GC logging
2023-03-10 10:29:59 +01:00
William Hirigoyen
fc95f57711
elasticsearch: Disable GC rotation for JDK 8
2023-03-10 10:29:59 +01:00
William Hirigoyen
4759ed645c
lxc: copy /etc/profile.d/evolinux.sh from host into container (P10001)
2023-03-08 11:09:36 +01:00
William Hirigoyen
af569f8c26
userlogrotate: set rotate date format in right order (YYYY-MM-DD)!
2023-03-03 14:39:16 +01:00
William Hirigoyen
4d3f92df23
postfix: avoid Amavis transport to be considered dead when restarted.
2023-03-02 17:50:17 +01:00
William Hirigoyen
7ec58bf144
userlogrotate: skip zipping if .gz log already exists (prevents interactive question)
2023-03-01 17:50:58 +01:00
William Hirigoyen
cc7c2a7d4e
userlogrotate: fix bug introduced in commit 2e54944a24
(rotated files were not zipped)
2023-03-01 17:22:50 +01:00
William Hirigoyen
d9c5563fd6
postfix: remove unused "aliases_scope=sub" from virtual_aliases.cf (it generated warnings)
2023-03-01 14:35:51 +01:00
Ludovic Poujol
e896459d06
varnish: add variable varnish_update_config to disable configuration update
2023-02-28 15:24:18 +01:00
David Prevot
1d701b060e
apt: Use pub.evolix.org instead of pub.evolix.net
2023-02-27 18:11:51 +01:00
Jérémy Lecour
17946f7280
apt: add move-apt-keyrings script/tasks
2023-02-27 13:58:01 +01:00
Jérémy Lecour
431ffd5991
evolinux-base: subversion is not installed anymore
2023-02-26 21:31:02 +01:00
Eric Morino
68d34c8528
Add changelog for add feature in postfix / apache and php
2023-02-24 15:46:00 +01:00
Jérémy Lecour
8cbe837147
bind: refactor role
...
* queries log can be enabled or disabled
* split tasks
* check if AppArmor is present
* don't install Munin plugin whose data file is not present
* remove example ACL in authoritative configuration
2023-02-21 19:01:01 +01:00
William Hirigoyen
2c1db6a222
userlogrotate: create role separated from packweb-apache
2023-02-21 17:55:46 +01:00
William Hirigoyen
cd8a812288
bind: fix fail in check mode
2023-02-21 15:14:05 +01:00
Jérémy Lecour
86a3c78a04
yarn: update apt key
2023-02-21 15:09:05 +01:00
Jérémy Lecour
21a4f76330
bind: use systemd module
2023-02-21 15:08:02 +01:00
Alexis Ben Miloud--Josselin
6968128e7c
php: fix last commit and update changelog
2023-02-14 16:43:41 +01:00
Ludovic Poujol
49e92d20b0
evolinux-users: Update sudoers template to remove commands allowed without password
2023-02-01 15:23:51 +01:00
Jérémy Dubois
f354f16cd6
openvpn: Change check_openvpn destination file to comply with recent EvoBSD change
2023-01-31 11:13:08 +01:00
Jérémy Lecour
8244bd4615
nagios-nrpe: add tasks/files for a wrapper
2023-01-30 12:05:43 +01:00
William Hirigoyen
e0c143d9cf
postfix: come back to default value of for pack mails
2023-01-23 15:35:47 +01:00
William Hirigoyen
13f4578599
postfix: Do not notify errors of classes policy, protocol in of main.cf
2023-01-23 15:01:57 +01:00
William Hirigoyen
31e90abe57
fail2ban: add 'Internal login failure' to Dovecot filter
2023-01-23 10:33:10 +01:00
William Hirigoyen
8d16f17354
* clamav: set MaxConnectionQueueLength
to its default value (200), custom (15) was way too small and caused recurrent connections fail in Postfix.
...
* postfix (packmail only): disable `concurrency_failed_cohort_limit` for destination smtp-amavis to prevent the suspension of this destination when Amavis fails to answer. Indeed, we configure the suspension delay quite long in `minimal_backoff_time` (2h) and `maximal_backoff_time` (6h) to reduce the risk of ban from external SMTPs.
2023-01-18 10:30:41 +01:00
Jérémy Dubois
0cb751591a
nagios-nrpe : Rewrite check_vrrpd for a better check (check rp_filter, vrrpd and uvrrpd compatible, use arguments, …)
2023-01-17 11:11:33 +01:00
Ludovic Poujol
c27551939d
webapps/nextcloud : Small enhancement on the vhost template to lock out data dir
2023-01-13 11:05:55 +01:00
Ludovic Poujol
dcc378776c
webapp/nextcloud : Change default data directory to be outside web root
2023-01-13 11:04:32 +01:00
Jérémy Dubois
68017d8db9
openvpn: fix the client cipher configuration to match the server cipher configuration
2023-01-12 14:29:18 +01:00
William Hirigoyen
417734eed2
haproxy: fix missing admin ACL in stats module access permissions
2023-01-11 16:15:09 +01:00
Patrick Marchand
08db5a5140
Fix problems with docker-host daemon.json config
2023-01-10 11:26:57 -05:00
William Hirigoyen
48e3ced983
elasticsearch : use logrotate for garbage collector logs
2023-01-02 17:29:37 +01:00
William Hirigoyen
8401401716
Update CHANGELOG
2022-12-30 10:46:24 +01:00
Jérémy Lecour
7a0e0d81d6
Proper jinja spacing
2022-12-28 09:03:37 +01:00
Jérémy Lecour
8eae5bba63
Use systemd module instead of command
2022-12-28 09:02:17 +01:00
Patrick Marchand
0e6c2567e2
Fix presentation error in changelog markdown
2022-12-22 11:35:52 -05:00
Patrick Marchand
5611bb73a2
Remove warning ignores as they are depreciated
...
Will cause a hard fail in ansible 2.14, so better get rid of them now.
There is no alternative, but the ansible warnings for those modules
are not hard failures anyways.
2022-12-22 11:35:20 -05:00
Patrick Marchand
1c6fdbf85a
Remove warning ignores as they are depreciated
...
Will cause a hard fail in ansible 2.14, so better get rid of them now.
There is no alternative, but the ansible warnings for those modules
are not hard failures anyways.
2022-12-22 11:32:32 -05:00
William Hirigoyen
7005344a5b
evolinux-base: ensure dbus enabled and started
2022-12-19 17:07:18 +01:00
William Hirigoyen
55a64845ce
postfix: add localhost. to mydestination
2022-12-15 11:49:35 +01:00
Jérémy Lecour
0622e9ff1e
fix non-breaking spaces
2022-12-14 11:47:53 +01:00
Jérémy Lecour
240ccee12b
Release 22.12
2022-12-14 11:39:51 +01:00
Jérémy Lecour
34fefa1212
typos
2022-12-14 07:46:12 +01:00
Jérémy Dubois
91b40ce72f
openvpn: Fix mode of shellpki script
2022-12-13 19:37:54 +01:00
Jérémy Dubois
9918776286
openvpn: Deleted the task fixing the CRL rights since it has been fixed in upstream
2022-12-13 17:53:59 +01:00
Jérémy Dubois
0722b84341
openvpn: shellpki upstream release 22.12.2
2022-12-13 17:50:09 +01:00
Mathieu Trossevin
bc1facd1ba
proftpd: Fix mode of public key files and directory
2022-12-09 10:19:51 +01:00
Mathieu Trossevin
101c282846
proftpd: Fix format of public key files controlled by ansible
...
The comments used by ansible's blockinfile module break the format
expected by proftpd for public ssh keys, making them unusable.
Replace with a template, we will just have to accept that we need to use
ansible for all changes to these file.
2022-12-08 17:32:53 +01:00
Jérémy Lecour
ce361c6819
listupgrade: sort/uniq of packages/services lists in email template
2022-12-07 21:05:12 +01:00
Jérémy Lecour
3c2369a3a2
listupgrade: better detection for PostgreSQL
2022-12-07 21:04:33 +01:00
Alexis Ben Miloud--Josselin
982112bd64
rabbitmq: add link in default page
2022-12-07 15:49:03 +01:00
Jérémy Lecour
22f30b59f2
certbot: auto-detect HAPEE version in renewal hook
2022-12-05 14:22:12 +01:00
Jérémy Dubois
6cc3e03864
openvpn: specifies that the mail for expirations is for OpenVPN
2022-12-05 09:52:20 +01:00
Jérémy Dubois
cca072425b
openvpn: shellpki upstream release 22.12
2022-12-01 16:56:23 +01:00
Jérémy Dubois
cd2c1931b1
keepalived: change exit code (warning if runnin but not on expected state ; critical if not running)
2022-11-28 17:16:43 +01:00
Jérémy Lecour
c96f28e47b
evocheck: install script according to Debian version
2022-11-27 22:14:39 +01:00
Jérémy Lecour
08db230c29
Merge branch 'debian12' into unstable
2022-11-27 18:29:57 +01:00
Jérémy Lecour
54dca82838
varnish: fix missing state, that blocked the task
2022-11-26 19:10:21 +01:00
Jérémy Lecour
665177556e
evomaintenance: allow missing API endpoint if APi is disabled
2022-11-26 19:09:05 +01:00
Jérémy Lecour
ecd9d1543f
varnish: better package facts usage with check mode and tags
2022-11-21 15:46:46 +01:00
Alexis Ben Miloud--Josselin
396afa0a75
nagios-nrpe: add ceph checks to changelog
2022-11-15 11:08:01 +01:00
Mathieu Trossevin
83138f0a0b
nagios-nrpe: Correct port for check_opendkim
2022-11-09 17:05:54 +01:00
Jérémy Lecour
faeb92230b
packweb-apache: manual dependencies resolution
2022-11-06 15:25:17 +01:00
Jérémy Lecour
4050dbea7a
packweb-apache: enable log_forensic module
2022-11-06 15:25:17 +01:00
Jérémy Lecour
b36d4c4766
various fixes for Debian 12
2022-11-06 15:25:17 +01:00
Jérémy Lecour
4c9aaf6d86
Merge branch 'unstable' into debian12-keyring
2022-11-06 10:19:36 +01:00
Jérémy Lecour
a1bf300d54
bookworm-detect: transitional role to help dealing with unreleased bookworm version
2022-11-05 21:15:21 +01:00
Jérémy Lecour
28540247f0
Add signed-by option for additional APT sources
2022-11-02 23:17:08 +01:00
Jérémy Lecour
f531460f49
Use proper keyrings directory for APT version
...
Debian 9 → 11 : /etc/apt/trusted.gpg.d
Debian 12 : /etc/apt/keyrings
2022-11-02 23:16:32 +01:00
Jérémy Lecour
c9ccda2277
varnish: create special tmp directory for syntax validation
2022-11-02 19:45:15 +01:00
Jérémy Lecour
4d259d3c04
varnish: systemd override depends on Varnish
...
Use Varnish version instead of Debian version to choose systemd override template, to make it forward compatible
2022-11-02 13:55:03 +01:00