Mathieu Trossevin
62c596046d
Add role for automatically deploying autosysadmin
2023-12-18 17:00:51 +01:00
Jérémy Lecour
b4c9fcf6f7
mongodb: add gpg key for 7.0
2023-12-18 16:36:09 +01:00
William Hirigoyen
9e67db57e5
evolinux-base: fix hardware.yml (wrong repo, missing update cache)
2023-12-18 11:29:40 +01:00
Mathieu Trossevin
0c09763e87
fix(minifirewall): Properly detect old minifirewall versions
2023-12-14 16:59:55 +01:00
Jérémy Lecour
b0992bcaf9
mysql: disable performance schema for Debian 8
2023-12-11 18:21:57 +01:00
Jérémy Lecour
26e3dc1be6
apache: use backward compatible Redirect directive
2023-12-11 18:19:38 +01:00
Jérémy Lecour
a920d2d402
apt: Disable archive repository for Debian 8
2023-12-11 15:10:11 +01:00
Jérémy Lecour
6c0ca02391
apt: add task file to install ELTS repository (default: False)
2023-12-11 15:10:10 +01:00
Jérémy Lecour
db63902206
apt: use the GPG version of the key for Debian 8-9
2023-12-11 15:10:09 +01:00
Jérémy Lecour
fb7218972f
squid: config directory seems to have changed from /etc/squid3 to /etc/squid in Debian 8
2023-12-11 15:10:06 +01:00
William Hirigoyen
66b69f1502
remount-usr: do not try to remount /usr RW if /usr is not a mounted partition
2023-12-11 10:46:04 +01:00
Ludovic Poujol
e32e1c5496
Unbound: Big update & enhancements
...
* Move configuration generated to /etc/unbound/unbound.conf.d/evolinux.conf so we don't override default config file
* Make use of root hints provided by dns-root-data instead of downloading them
* Add configuration to ensure that configuration reload work out of the box on Debian11 and old
* Add required configuration in Unbound and munin to allow tge plugin to work
* Make ansible-lint a bit more happy
2023-12-08 16:13:41 +01:00
Tom David--Broglio
cbc51c462a
fix Add Ceph volume to fstab : missing UUID= in src
2023-12-07 11:02:04 +01:00
Alexis Ben Miloud--Josselin
4d7de89ad4
webapps/nextcloud: Add condition for config tasks
...
And update CHANGELOG
2023-12-07 10:19:42 +01:00
William Hirigoyen
c9e8b6c4e1
dovecot: Munin plugin conf path is now /etc/munin/plugin-conf.d/zzz-dovecot (instead of z-evolinux-dovecot)
2023-12-07 10:04:11 +01:00
David Prevot
b8732dffaf
Changelog for previous changes
2023-11-30 15:58:31 +01:00
Mathieu Trossevin
0ca31b91fe
fix(certbot): Fix hook for dovecot (too strict)
...
When we use a separate certificate for POP3 and IMAP there might be
blank characters (almost certainly spaces but might as well be more lax)
before `ssl_cert` which resulted in these lines not being detected and
the hook not being played, forcing manual intervention.
This commit fixes that problem by accepting blank characters before
ssl_certs. (`\b` might be even better...)
2023-11-30 10:11:05 +01:00
William Hirigoyen
1a74bef0bc
check stat.exists before stat.isdir
2023-11-29 10:13:43 +01:00
William Hirigoyen
83e61b25a5
etc-git: add /var/chroot-bind/etc/bind repo
2023-11-29 09:59:57 +01:00
Jérémy Lecour
06c47493e9
sort changelog
2023-11-29 09:24:28 +01:00
Jérémy Lecour
81d97bb3fb
vrrpd: variable to force update the switch script (default: false)
2023-11-29 09:24:00 +01:00
David Prevot
e5f5425f6d
lxc-php: Allow one to install php83 on Bookworm container
2023-11-28 17:15:44 +01:00
David Prevot
69bc93ff6e
lxc: Init /etc git repository in lxc container
...
Note: ugly loop, but “it works”…
2023-11-24 11:54:13 +01:00
Alexis Ben Miloud--Josselin
892067cf2b
kvmstats: use .capacity instead of .physical for disk size
2023-11-23 12:26:20 +01:00
David Prevot
c93748487b
evocheck: upstream release 23.11.1
2023-11-22 17:27:39 +01:00
David Prevot
2c86660e52
evocheck: upstream release 23.11
2023-11-22 17:06:39 +01:00
David Prevot
95aeb9a68e
Fix bind changelog entry
2023-11-22 16:13:37 +01:00
David Prevot
96d15eb5aa
Changelog entry for bind changes
2023-11-21 11:35:42 +01:00
Jérémy Lecour
4cba25d8fc
evolinux-base: no need to remove update-evobackup-canary from sbin anymore
2023-11-20 19:15:39 +01:00
Jérémy Lecour
f01e7453fb
no need to symlink backup-server-state to dump-server-state anymore
2023-11-20 19:13:51 +01:00
Jérémy Lecour
83c178f244
log2mail: move custom config in separate file
2023-11-20 19:02:48 +01:00
Jérémy Lecour
642fbb1ea4
evolinux-base: dump-server-state upstream release 23.11
2023-11-20 19:02:03 +01:00
William Hirigoyen
a5e4359d0e
#73871 ssl: no not execute haproxy tasks and reload if haproxy is disabled
2023-11-17 15:51:33 +01:00
Gregory Colpart
0578d5a3ec
apache : rename MaxRequestsPerChild to MaxConnectionsPerChild (new name)
2023-11-16 14:45:07 +01:00
Gregory Colpart
ac72c7ac31
apache: fix MaxRequestsPerChild value to be sync with wiki.e.o
2023-11-16 14:44:08 +01:00
Gregory Colpart
b1a67d1a5c
apache : fix goaway pattern for bad bots
2023-11-16 14:35:48 +01:00
William Hirigoyen
1394052fd6
ProFTPd: set missing default listen IP for SFTP, enable ed25525549 key only for Debian >= 11
2023-11-15 10:53:22 +01:00
William Hirigoyen
4a6e6e6ba2
ProFTPd: in SFTP vhost, enable SSH keys login, enable ed25549 host key
2023-11-15 09:43:10 +01:00
Ludovic Poujol
b77845cc8c
php: Bullseye/Sury > Honor the php_version asked in the pub.evolix.org repository
2023-11-13 16:17:22 +01:00
Tom David--Broglio
6ae9e04f27
webapps/nextcloud: fix misplaced gid attr and added check for nexctcloud uid
2023-11-09 16:48:17 +01:00
Tom David--Broglio
aab3381887
webapps/nextcloud: fix missing gid
2023-11-09 15:59:45 +01:00
Tom David--Broglio
009de62e28
webapps/nextcloud Added var nextcloud_user_uid to enforce uid for nextcloud user
2023-11-09 15:19:15 +01:00
William Hirigoyen
41ec5b737b
nagios: rename var into and check systemd-timesyncd instead of ntpd in Debian 12
2023-11-07 17:46:29 +01:00
William Hirigoyen
c9c8ade55d
nagios: fix default file to monitor for check_clamav_db
2023-11-03 18:03:35 +01:00
William Hirigoyen
bc284f8248
add-vm.sh: allow VM name max length > 20
2023-11-03 10:48:28 +01:00
Brice Waegeneire
74a6b2ead1
nagios-nrpe: add check_sentinel
2023-10-27 15:02:28 +02:00
David Prevot
953ca015c5
Changelog entries for latest changes
2023-10-26 16:09:42 +02:00
Brice Waegeneire
679e170dce
evolinux-base: use separate default config file for rsyslog
2023-10-18 15:10:35 +02:00
Jérémy Lecour
3b3b130248
Release 23.10
2023-10-14 07:37:18 +02:00
Jérémy Lecour
31990cfe80
Linting CHANGELOG
2023-10-14 07:36:29 +02:00
Alexis Ben Miloud--Josselin
bbf6ce6f6e
rbenv: Installer libyaml-dev
...
Le paquet est nécessaire en Debian 12.
2023-10-12 17:49:00 +02:00
Alexis Ben Miloud--Josselin
dbd1103078
docker-host: Retirer directive state en trop
2023-10-11 18:06:13 +02:00
Alexis Ben Miloud--Josselin
a80076a5ea
evolinux-base: Corriger autorisation pour evolinux_user
...
Cas configuration SSH séparée. Ticket #74636 .
2023-10-11 10:02:34 +02:00
Jérémy Lecour
3347ac4271
evomaintenance: upstream release 23.10.1
2023-10-09 18:13:48 +02:00
Alexis Ben Miloud--Josselin
0c9b55e5e1
evolix-base/root: fix module used
2023-10-09 17:12:15 +02:00
Jérémy Lecour
c673ed10c6
evomaintenance: upstream release 23.10
2023-10-09 16:24:47 +02:00
Jérémy Lecour
d6a777be72
kvm-host: migrate-vm: set migration speed even on bridges
2023-10-05 22:05:17 +02:00
Jérémy Lecour
9cd0426d2b
nagios-nrpe: sync Redis check from redis roles
2023-10-03 13:34:53 +02:00
David Prevot
f2c37dddff
Use timesyncd instead of ntpd starting with Debian 12 (not always)
2023-09-28 17:25:18 +02:00
David Prevot
a2306e6a15
Changelog for previous commit
2023-09-28 15:27:19 +02:00
David Prevot
aa13171f91
Changelog for previous commit
2023-09-26 18:00:59 +02:00
David Prevot
c03dd0ca2f
Changelog for previous commit
2023-09-26 18:00:48 +02:00
Ludovic Poujol
a65230b5e0
mysql: new munin graph to follow binlog_days over time
2023-09-26 17:35:14 +02:00
Jérémy Lecour
b5550d2ce2
lxc-php: fix APT keyring path inside containers
2023-09-21 15:47:23 +02:00
Jérémy Lecour
cc9d0c59d3
CHANGELOG cleanup
2023-09-20 14:33:45 +02:00
Jérémy Lecour
050b2ae419
kvm-host: migrate-vm sets the migration speed automatically
2023-09-20 13:08:42 +02:00
William Hirigoyen
d7d8ee63b2
Revert "lxc-php: Fix /etc/profile.d/evolinux.sh mode in containers (defauft umask -> 644)"
...
This reverts commit 92788a8b93
.
2023-09-15 15:20:45 +02:00
William Hirigoyen
92788a8b93
lxc-php: Fix /etc/profile.d/evolinux.sh mode in containers (defauft umask -> 644)
2023-09-14 17:11:46 +02:00
Jérémy Lecour
53a0e56472
metricbeat/logstash: fix Ansible syntax
2023-09-13 09:38:44 +02:00
Jérémy Lecour
41004e20b4
kvm-host: migrate-vm exits if DRBD is not up-to-date
2023-09-12 11:38:54 +02:00
William Hirigoyen
2af2e5ee78
nagios-nrpe: set default check_load --per-cpu for BSD
2023-09-11 09:25:21 +02:00
William Hirigoyen
2a7d2d9c58
postfix: disable IPv6
2023-09-05 15:44:37 +02:00
Mathieu Trossevin
cfca604670
nagios-nrpe: Add proper plugin to monitor glusterfs health
2023-09-05 15:21:08 +02:00
Alexis Ben Miloud--Josselin
73c0a0d29a
evolinux-base: include files under sshd_config.d
...
In case we need to add the Include directive, we add it at the
beginning of the global configuration file. This way the Include
directive can't be inside a Match directive.
2023-08-31 17:09:43 +02:00
Jérémy Lecour
8ca7cc4692
kvm-host: release 23.08 for migrate-vm.sh
2023-08-31 11:26:21 +02:00
Jérémy Lecour
e2dea8054f
kvm-host: add batch-mode and ignore stdin for SSH command in migrate-vm.sh
2023-08-31 11:26:20 +02:00
Eric Morino
df202197c7
Change lxc container in bookworm for php82
2023-08-29 15:28:09 +02:00
Ludovic Poujol
e71cffd8fd
php: add new variable to disable oveeriding settings of php-fpm default pool (www)
2023-08-28 17:08:33 +02:00
Alexis Ben Miloud--Josselin
b8b48bbcb9
evocheck: Fix IS_SSHALLOWUSERS condition
2023-08-23 16:18:35 +02:00
Jérémy Lecour
bb41d313a9
apt: Explicit "signed-by" directives for official sources
2023-08-18 16:28:03 +02:00
Jérémy Lecour
feba74c469
evolinux-base: reboot the server if the Cloud kernel has been installed
2023-08-18 12:10:01 +02:00
Jérémy Lecour
67c6167474
apt: Disable NonFreeFirmware warning for VM on Debian 12+
2023-08-18 12:10:00 +02:00
Alexis Ben Miloud--Josselin
536d051890
Fix mode for files under /etc/ssh/sshd_config.d
2023-08-16 18:21:06 +02:00
Alexis Ben Miloud--Josselin
263f940c3d
Update Changelog
2023-08-16 16:14:42 +02:00
William Hirigoyen
81849c6537
userlogrotate: new version, with separate conf file
2023-08-11 10:51:45 +02:00
Ludovic Poujol
f0abb53750
evolinux-base: New variable "evolinux_system_include_ntpd" to chose wether or not to include ntpd role
2023-08-04 11:47:42 +02:00
Eric Morino
87d09275a0
postgresql: fix file postgresql.pref.j2 for exclude package
2023-08-04 10:18:08 +02:00
Eric Morino
eca010d959
postgresql: fix task "update apt cache" for PGDG repo
2023-08-04 09:56:44 +02:00
Ludovic Poujol
16bba8b469
fail2ban: add variable fail2ban_sshd_port to configure sshd port
2023-07-31 11:50:36 +02:00
William Hirigoyen
3c3db4fefa
postfix: new spam.sh update script that avoids reloading if files did not change.
2023-07-25 15:24:00 +02:00
William Hirigoyen
b6886384b9
redis: replace errorneous ini_file module for Munin config, fix dedicted Munin config filename (z-XXX)
2023-07-21 16:51:02 +02:00
William Hirigoyen
ef642e564e
bind: Add reload-zone helper
2023-07-21 16:19:26 +02:00
William Hirigoyen
030871ea9b
opendkim: update apt cache before install
2023-07-20 16:33:15 +02:00
William Hirigoyen
f2eaac0894
nginx: set default server directive in default vhost
2023-07-17 17:31:21 +02:00
William Hirigoyen
67f0fa5942
evolinux-base: configure bashrc for all users
2023-07-17 17:18:55 +02:00
William Hirigoyen
7133783695
Update CHANGELOG
2023-07-17 17:09:38 +02:00
Jérémy Lecour
83f7b6cdca
evolinux: Install HPE Agentless Management Service (amsd)
2023-07-12 09:40:24 +02:00
Ludovic Poujol
f50848917a
fail2ban: Fix cron fail2ban_dbpurge (should be bash instead of sh)
2023-07-10 16:41:12 +02:00
Mathieu Trossevin
831715e44c
fix(nagios-nrpe): Fix check_ssl_local output
...
nrpe read output of plugins from stdout only, if there is no output it
return UNKNOWN regardless of return code.
2023-07-07 11:30:22 +02:00
William Hirigoyen
aa10f719b4
redis: standardize plugins path from /usr/local/share/munin/ to /usr/local/lib/munin/plugins/
2023-07-06 11:04:53 +02:00