Jérémy Lecour
62fbbd2016
Rename role "apt-repositories" to "apt"
2017-07-19 08:56:46 +02:00
Jérémy Lecour
3a8093fb12
Apache: use "Require"
...
http://httpd.apache.org/docs/2.4/howto/auth.html
2017-07-18 20:13:58 +02:00
Jérémy Lecour
bc99227259
Better squid/squid3 whitelist and reload
2017-07-12 12:17:33 +02:00
Victor LABORIE
08b4b2fa4a
evoacme: change location priority for nginx
2017-07-03 17:37:05 +02:00
Victor LABORIE
f14ee0424e
evoacme: fix certbot verbosity
2017-06-12 14:09:29 +02:00
Victor LABORIE
267f1ffc88
evoacme: refactoring
2017-06-12 13:14:30 +02:00
Daniel Jakots
2eb194577f
use the correct var
2017-06-06 16:36:09 -04:00
Gabriel Periard-Tremblay
87ebadcadd
Kitchen: Change base image to evolix/ansible
2017-06-02 08:38:08 -04:00
Victor LABORIE
41f93bcd5d
evoacme: fix sed for nginx self-signed cert
2017-05-30 15:13:00 +02:00
Jérémy Lecour
404f4445d4
install backports with "tasks_from"
...
When including a specific tasks file, we bypass the "main" tasks of the role and the conditionals.
That way we don't play useless tasks and don't rely on default values.
2017-05-23 15:13:11 +02:00
Jérémy Lecour
d2eeb3ba69
evoacme/tomcat: check if /etc/aliases exists
2017-05-21 23:34:34 +02:00
Jérémy Lecour
1b24815491
whitespaces
2017-05-21 19:32:25 +02:00
Jérémy Lecour
ec1ba752e4
relative paths
2017-05-19 22:31:32 +02:00
Jérémy Lecour
f6cfe41a35
Use command instead of shell where possible
2017-05-19 22:31:17 +02:00
Jérémy Lecour
9fae99f8dc
Minor syntax and whitespaces fixes
2017-05-19 22:29:53 +02:00
Jérémy Lecour
6eb71daead
Let's Encrypt has many subdomains, let's whitelist them all
2017-05-19 21:35:51 +02:00
Jérémy Lecour
6386509d3b
Add Let's Encrypt domains in the squid's whitelist
2017-05-19 19:54:12 +02:00
Jérémy Lecour
2794929c22
Add some kitchen tests for many roles
2017-05-18 15:16:30 +02:00
Jérémy Lecour
d6c6674cdc
evoacme: add a vagrant test playbook
2017-05-16 15:05:43 +02:00
Jérémy Lecour
d4036df165
evoacme: simplify squid whitelist management
2017-05-16 15:04:24 +02:00
Jérémy Lecour
82b2ab1a67
evoacme: relative path to external roles
2017-05-16 15:04:02 +02:00
Jérémy Lecour
f068684a76
evoacme: add squid whitelist for ocsp server
2017-05-16 10:30:17 +02:00
Victor LABORIE
0883102747
evoacme: reinit ssl conf when overwrite csr and key
2017-05-10 11:28:53 +02:00
Victor LABORIE
8aadec03c1
evoacme: support for evoadmin-cluster
2017-05-10 11:05:31 +02:00
Victor LABORIE
3738a189c7
evoacme: always strip .conf suffix
2017-05-10 11:05:31 +02:00
Victor LABORIE
cf216ab96a
evoacme: fix forge link in README
2017-04-27 12:19:54 +02:00
Victor LABORIE
7dba7f5855
Revert "Load Apache proxy module (IfModule added to apache conf)"
...
This reverts commit 07a24c8438
.
2017-04-18 12:03:20 +02:00
Victor LABORIE
51763f9d95
evoacme: check apache2 module
2017-04-18 10:54:37 +02:00
Victor LABORIE
acc3f90bae
evoacme: create system user for acme
2017-04-03 15:36:54 +02:00
Romain Dessort
07a24c8438
Load Apache proxy module
2017-03-29 12:08:50 -04:00
Jérémy Lecour
5b2ab0d8d3
Ansible >= 2.2 supported
2017-03-24 14:15:09 +01:00
Jérémy Lecour
af2351486d
evoacme: use apt-repositories role
2017-03-24 14:13:39 +01:00
Jérémy Lecour
294cea44e8
Change mode with leading 0, but still as String
2017-03-23 16:59:43 +01:00
Gregory Colpart
ad2a36036a
Improve backports handling
2017-03-22 01:10:01 +01:00
Victor LABORIE
71294a39df
evoacme: exclude Let's Ecnrypt path from ProxyPass
2017-03-17 10:47:36 +01:00
Victor LABORIE
25bdddbd92
evoacme: fix nginx ssl_certificate replacement
2017-03-15 17:33:12 +01:00
Victor LABORIE
338c083c5b
evoacme: support for haproxy
2017-03-09 17:58:42 +01:00
Victor LABORIE
aac8e90c21
evoacme:
...
- Fix ssl conf replacement
- Fix acme user home
2017-02-08 14:14:55 +01:00
Victor LABORIE
d3310007c3
evoacme :
...
- Don't generate dhparams (not evoacme role)
- Generate ssl conf file for vhost
2017-02-03 16:24:39 +01:00
Victor LABORIE
b884bdb1c9
evoacme: fix constants check and autosigned cert
2017-01-31 17:09:42 +01:00
Victor LABORIE
63565d0f01
evoacme:
...
- check apache conf dirs
- look for vhost file with or without .conf extension
2017-01-31 15:14:49 +01:00
Jérémy Lecour
8920ff1ee4
Add "always_run: yes" where it's pertinent
...
There is also the "check_mode: no", but commented,
for when we switch to Ansible 2.2
2017-01-31 11:45:35 +01:00
Victor LABORIE
ca9d90fb07
evoacme: fix check domain in make-csr
2017-01-25 11:16:50 +01:00
Victor LABORIE
59c982b46d
evoacme : fix nginx challenge, check domain in make-csr
2017-01-19 10:52:00 +01:00
Victor LABORIE
8d3be99042
evoacme: fix changed for backports
2017-01-17 14:13:05 +01:00
Jérémy Lecour
5a7a561cca
Remount /usr only if it is a dedicated partition
2017-01-12 16:23:48 +01:00
Victor LABORIE
c4fc42092c
evoacme: generate autosign cert on certbot fail
2017-01-11 10:42:32 +01:00
Victor LABORIE
4bbfd32a87
evoacme: Fix error when no .crt available
2017-01-09 10:00:08 +01:00
Jérémy Lecour
61f5219f48
Improve documentation
...
Each role has a README and a meta/main.yml file
2017-01-05 18:22:06 +01:00
Jérémy Lecour
5a4f838375
Unix mode MUST be a quoted string when using octal notation
2017-01-05 12:03:54 +01:00
Victor LABORIE
a9faeb7fbc
Fix update after add backports
2017-01-03 17:21:35 +01:00
Victor LABORIE
0ba65cbe05
Fix variable name
2016-12-22 15:58:45 +01:00
Jérémy Lecour
d9d2535be0
evoacme: better syntax
2016-12-21 16:23:29 +01:00
Jérémy Lecour
3c20c3faf3
evoacme: multiline file content
2016-12-21 16:23:29 +01:00
Jérémy Lecour
931de64086
evoacme: better validation for Apache
2016-12-21 16:23:29 +01:00
Jérémy Lecour
935026c973
evoacme: namespaced variables
2016-12-21 16:23:28 +01:00
Victor LABORIE
b485b0b49c
Evoacme: merge role from evoacme private repo
2016-12-21 16:12:27 +01:00