William Hirigoyen
4d3f92df23
postfix: avoid Amavis transport to be considered dead when restarted.
2023-03-02 17:50:17 +01:00
William Hirigoyen
7ec58bf144
userlogrotate: skip zipping if .gz log already exists (prevents interactive question)
2023-03-01 17:50:58 +01:00
William Hirigoyen
cc7c2a7d4e
userlogrotate: fix bug introduced in commit 2e54944a24
(rotated files were not zipped)
2023-03-01 17:22:50 +01:00
William Hirigoyen
d9c5563fd6
postfix: remove unused "aliases_scope=sub" from virtual_aliases.cf (it generated warnings)
2023-03-01 14:35:51 +01:00
Ludovic Poujol
e896459d06
varnish: add variable varnish_update_config to disable configuration update
2023-02-28 15:24:18 +01:00
David Prevot
1d701b060e
apt: Use pub.evolix.org instead of pub.evolix.net
2023-02-27 18:11:51 +01:00
Jérémy Lecour
17946f7280
apt: add move-apt-keyrings script/tasks
2023-02-27 13:58:01 +01:00
Jérémy Lecour
431ffd5991
evolinux-base: subversion is not installed anymore
2023-02-26 21:31:02 +01:00
Eric Morino
68d34c8528
Add changelog for add feature in postfix / apache and php
2023-02-24 15:46:00 +01:00
Jérémy Lecour
8cbe837147
bind: refactor role
...
* queries log can be enabled or disabled
* split tasks
* check if AppArmor is present
* don't install Munin plugin whose data file is not present
* remove example ACL in authoritative configuration
2023-02-21 19:01:01 +01:00
William Hirigoyen
2c1db6a222
userlogrotate: create role separated from packweb-apache
2023-02-21 17:55:46 +01:00
William Hirigoyen
cd8a812288
bind: fix fail in check mode
2023-02-21 15:14:05 +01:00
Jérémy Lecour
86a3c78a04
yarn: update apt key
2023-02-21 15:09:05 +01:00
Jérémy Lecour
21a4f76330
bind: use systemd module
2023-02-21 15:08:02 +01:00
Alexis Ben Miloud--Josselin
6968128e7c
php: fix last commit and update changelog
2023-02-14 16:43:41 +01:00
Ludovic Poujol
49e92d20b0
evolinux-users: Update sudoers template to remove commands allowed without password
2023-02-01 15:23:51 +01:00
Jérémy Dubois
f354f16cd6
openvpn: Change check_openvpn destination file to comply with recent EvoBSD change
2023-01-31 11:13:08 +01:00
Jérémy Lecour
8244bd4615
nagios-nrpe: add tasks/files for a wrapper
2023-01-30 12:05:43 +01:00
William Hirigoyen
e0c143d9cf
postfix: come back to default value of for pack mails
2023-01-23 15:35:47 +01:00
William Hirigoyen
13f4578599
postfix: Do not notify errors of classes policy, protocol in of main.cf
2023-01-23 15:01:57 +01:00
William Hirigoyen
31e90abe57
fail2ban: add 'Internal login failure' to Dovecot filter
2023-01-23 10:33:10 +01:00
William Hirigoyen
8d16f17354
* clamav: set MaxConnectionQueueLength
to its default value (200), custom (15) was way too small and caused recurrent connections fail in Postfix.
...
* postfix (packmail only): disable `concurrency_failed_cohort_limit` for destination smtp-amavis to prevent the suspension of this destination when Amavis fails to answer. Indeed, we configure the suspension delay quite long in `minimal_backoff_time` (2h) and `maximal_backoff_time` (6h) to reduce the risk of ban from external SMTPs.
2023-01-18 10:30:41 +01:00
Jérémy Dubois
0cb751591a
nagios-nrpe : Rewrite check_vrrpd for a better check (check rp_filter, vrrpd and uvrrpd compatible, use arguments, …)
2023-01-17 11:11:33 +01:00
Ludovic Poujol
c27551939d
webapps/nextcloud : Small enhancement on the vhost template to lock out data dir
2023-01-13 11:05:55 +01:00
Ludovic Poujol
dcc378776c
webapp/nextcloud : Change default data directory to be outside web root
2023-01-13 11:04:32 +01:00
Jérémy Dubois
68017d8db9
openvpn: fix the client cipher configuration to match the server cipher configuration
2023-01-12 14:29:18 +01:00
William Hirigoyen
417734eed2
haproxy: fix missing admin ACL in stats module access permissions
2023-01-11 16:15:09 +01:00
Patrick Marchand
08db5a5140
Fix problems with docker-host daemon.json config
2023-01-10 11:26:57 -05:00
William Hirigoyen
48e3ced983
elasticsearch : use logrotate for garbage collector logs
2023-01-02 17:29:37 +01:00
William Hirigoyen
8401401716
Update CHANGELOG
2022-12-30 10:46:24 +01:00
Jérémy Lecour
7a0e0d81d6
Proper jinja spacing
2022-12-28 09:03:37 +01:00
Jérémy Lecour
8eae5bba63
Use systemd module instead of command
2022-12-28 09:02:17 +01:00
Patrick Marchand
0e6c2567e2
Fix presentation error in changelog markdown
2022-12-22 11:35:52 -05:00
Patrick Marchand
5611bb73a2
Remove warning ignores as they are depreciated
...
Will cause a hard fail in ansible 2.14, so better get rid of them now.
There is no alternative, but the ansible warnings for those modules
are not hard failures anyways.
2022-12-22 11:35:20 -05:00
Patrick Marchand
1c6fdbf85a
Remove warning ignores as they are depreciated
...
Will cause a hard fail in ansible 2.14, so better get rid of them now.
There is no alternative, but the ansible warnings for those modules
are not hard failures anyways.
2022-12-22 11:32:32 -05:00
William Hirigoyen
7005344a5b
evolinux-base: ensure dbus enabled and started
2022-12-19 17:07:18 +01:00
William Hirigoyen
55a64845ce
postfix: add localhost. to mydestination
2022-12-15 11:49:35 +01:00
Jérémy Lecour
0622e9ff1e
fix non-breaking spaces
2022-12-14 11:47:53 +01:00
Jérémy Lecour
240ccee12b
Release 22.12
2022-12-14 11:39:51 +01:00
Jérémy Lecour
34fefa1212
typos
2022-12-14 07:46:12 +01:00
Jérémy Dubois
91b40ce72f
openvpn: Fix mode of shellpki script
2022-12-13 19:37:54 +01:00
Jérémy Dubois
9918776286
openvpn: Deleted the task fixing the CRL rights since it has been fixed in upstream
2022-12-13 17:53:59 +01:00
Jérémy Dubois
0722b84341
openvpn: shellpki upstream release 22.12.2
2022-12-13 17:50:09 +01:00
Mathieu Trossevin
bc1facd1ba
proftpd: Fix mode of public key files and directory
2022-12-09 10:19:51 +01:00
Mathieu Trossevin
101c282846
proftpd: Fix format of public key files controlled by ansible
...
The comments used by ansible's blockinfile module break the format
expected by proftpd for public ssh keys, making them unusable.
Replace with a template, we will just have to accept that we need to use
ansible for all changes to these file.
2022-12-08 17:32:53 +01:00
Jérémy Lecour
ce361c6819
listupgrade: sort/uniq of packages/services lists in email template
2022-12-07 21:05:12 +01:00
Jérémy Lecour
3c2369a3a2
listupgrade: better detection for PostgreSQL
2022-12-07 21:04:33 +01:00
Alexis Ben Miloud--Josselin
982112bd64
rabbitmq: add link in default page
2022-12-07 15:49:03 +01:00
Jérémy Lecour
22f30b59f2
certbot: auto-detect HAPEE version in renewal hook
2022-12-05 14:22:12 +01:00
Jérémy Dubois
6cc3e03864
openvpn: specifies that the mail for expirations is for OpenVPN
2022-12-05 09:52:20 +01:00
Jérémy Dubois
cca072425b
openvpn: shellpki upstream release 22.12
2022-12-01 16:56:23 +01:00
Jérémy Dubois
cd2c1931b1
keepalived: change exit code (warning if runnin but not on expected state ; critical if not running)
2022-11-28 17:16:43 +01:00
Jérémy Lecour
c96f28e47b
evocheck: install script according to Debian version
2022-11-27 22:14:39 +01:00
Jérémy Lecour
08db230c29
Merge branch 'debian12' into unstable
2022-11-27 18:29:57 +01:00
Jérémy Lecour
54dca82838
varnish: fix missing state, that blocked the task
2022-11-26 19:10:21 +01:00
Jérémy Lecour
665177556e
evomaintenance: allow missing API endpoint if APi is disabled
2022-11-26 19:09:05 +01:00
Jérémy Lecour
ecd9d1543f
varnish: better package facts usage with check mode and tags
2022-11-21 15:46:46 +01:00
Alexis Ben Miloud--Josselin
396afa0a75
nagios-nrpe: add ceph checks to changelog
2022-11-15 11:08:01 +01:00
Mathieu Trossevin
83138f0a0b
nagios-nrpe: Correct port for check_opendkim
2022-11-09 17:05:54 +01:00
Jérémy Lecour
faeb92230b
packweb-apache: manual dependencies resolution
2022-11-06 15:25:17 +01:00
Jérémy Lecour
4050dbea7a
packweb-apache: enable log_forensic module
2022-11-06 15:25:17 +01:00
Jérémy Lecour
b36d4c4766
various fixes for Debian 12
2022-11-06 15:25:17 +01:00
Jérémy Lecour
4c9aaf6d86
Merge branch 'unstable' into debian12-keyring
2022-11-06 10:19:36 +01:00
Jérémy Lecour
a1bf300d54
bookworm-detect: transitional role to help dealing with unreleased bookworm version
2022-11-05 21:15:21 +01:00
Jérémy Lecour
28540247f0
Add signed-by option for additional APT sources
2022-11-02 23:17:08 +01:00
Jérémy Lecour
f531460f49
Use proper keyrings directory for APT version
...
Debian 9 → 11 : /etc/apt/trusted.gpg.d
Debian 12 : /etc/apt/keyrings
2022-11-02 23:16:32 +01:00
Jérémy Lecour
c9ccda2277
varnish: create special tmp directory for syntax validation
2022-11-02 19:45:15 +01:00
Jérémy Lecour
4d259d3c04
varnish: systemd override depends on Varnish
...
Use Varnish version instead of Debian version to choose systemd override template, to make it forward compatible
2022-11-02 13:55:03 +01:00
William Hirigoyen
912cec5a78
lxc-php: update changelog.
2022-10-26 15:25:22 +02:00
Jérémy Lecour
857b3e0e45
nagios-nrpe: check_haproxy_stats supports DRAIN status
2022-10-20 15:46:04 +02:00
Jérémy Lecour
554c086b79
redis: variable to disable transparent hugepage (default: do nothing)
2022-10-20 14:38:12 +02:00
Jérémy Lecour
fc52fbf4bc
redis: some values should be quoted
...
When Redis overwrites its own config, it uses quoted string values, so it's better to do the same to avoid changes.
2022-10-20 14:36:47 +02:00
Jérémy Lecour
f71075d4ef
evolinux-base: replace regular kernel by cloud kernel on virtual servers
2022-10-19 16:33:25 +02:00
Jérémy Dubois
6be2ff3b48
evolinux-todo: execute tasks only for Debian distribution (because this task is a dependency for others roles used on different distributions)
2022-10-17 11:37:58 +02:00
Jérémy Lecour
2d16aeb41e
evolinux-base: utils.yml can be excluded
2022-10-11 13:37:21 +02:00
Mathieu Trossevin
4f9d6868e0
evolinux-user: sudoers privileges for check php\fpm80 and 81
2022-10-07 14:16:32 +02:00
Jérémy Lecour
15d7756881
minifirewall: whitelist deb.freexian.com
2022-10-03 18:54:29 +02:00
Jérémy Lecour
8e1b682ccc
squid: whitelist deb.freexian.com
2022-10-03 18:54:05 +02:00
Jérémy Lecour
c6fb24f7d8
lxc-solr: use default JRE package
2022-09-30 11:39:50 +02:00
Jérémy Lecour
792d1170ab
java: use default JRE when version is not specified
2022-09-30 11:39:05 +02:00
Jérémy Lecour
6aeaab078d
lxc-solr: set homedir and port at install
2022-09-27 07:47:26 +02:00
Jérémy Lecour
46deb04005
lxc-solr: choose java package and download URL according to Solr Version
2022-09-26 23:47:55 +02:00
Jérémy Lecour
26f9d171a4
lxc-solr: detect the real partition options
2022-09-26 23:46:29 +02:00
Jérémy Lecour
8089d90bd1
Release 22.09
2022-09-19 17:06:25 +02:00
Ludovic Poujol
a540235077
munin: Add ipmi_ plugins on dedicated hardware
2022-09-15 11:45:24 +02:00
William Hirigoyen
c310482ba6
domains: revert commits moved to dev branch domains
2022-09-15 10:48:55 +02:00
Jérémy Lecour
6f04a41557
fail2ban: fix dovecot-evolix regex syntax
2022-09-15 09:48:34 +02:00
William Hirigoyen
55f694f051
Update CHANGELOG
2022-09-14 12:21:13 +02:00
Jérémy Lecour
d8a2dccf36
evocheck: upstream release 22.09
2022-09-14 10:55:02 +02:00
Ludovic Poujol
cd46dd8320
proftpd: Add a warning if config file was overriden
2022-09-13 16:31:03 +02:00
Ludovic Poujol
9631476a06
proftpd: Allow user auth with ssh keys
2022-09-13 16:29:59 +02:00
Ludovic Poujol
7c4a169fb8
proftpd: Add options to override configs
2022-09-13 16:26:10 +02:00
Jérémy Lecour
28276b5d6f
evolinux-base: update-evobackup-canary upstream release 22.06
2022-09-12 13:54:57 +02:00
Jérémy Lecour
3c1ec588fd
minifirewall: use handlers to restart minifirewall
2022-09-09 16:09:48 +02:00
Jérémy Dubois
c3be57410d
openvpn: Run OpenVPN with the \_openvpn user and group instead of nobody which is originally for NFS
2022-09-06 11:27:20 +02:00
William Hirigoyen
6fa89e69a5
Update changelog
2022-09-02 15:48:09 +02:00
Ludovic Poujol
1f52700b47
memcached: NRPE check for multi-instance setup
...
Also some cleanup & split of tasks between single and multi instance
Note: Munin part seems still broken at the time
2022-09-01 15:33:00 +02:00
Ludovic Poujol
ee67ebca8b
webapps/nextcloud: Drop support for Nginx
2022-09-01 12:46:37 +02:00
William Hirigoyen
2bda54a7bd
Update CHANGELOG.md
2022-09-01 12:07:47 +02:00
Ludovic Poujol
d165a104f2
* webapps/nextcloud: Add missing dependencies for imagick
2022-09-01 11:28:08 +02:00
Ludovic Poujol
4a3b40d986
generate-ldif: Support any MariaDB version
2022-08-29 17:29:14 +02:00
Jérémy Lecour
c7a6b3e694
evocheck: upstream release 22.08.1
2022-08-29 17:03:31 +02:00
Jérémy Lecour
71aafe161c
evocheck: upstream release 22.08
2022-08-29 17:03:31 +02:00
Eric Morino
9a25d5981f
add webapps/nextcloud changelog
2022-08-26 16:34:19 +02:00
Jérémy Lecour
5fa7f4809c
vrrp: fix systemd unit name
2022-08-24 17:58:46 +02:00
Jérémy Lecour
018eee7ea0
Update 'CHANGELOG.md'
...
* use role name
* more descriptive message
* order items alphabetically
2022-08-24 15:22:25 +02:00
Patrick Marchand
2c1ec040d1
Simplify user subset creation
...
Instead of tags, allow only one subset of users to be created at a time.
2022-08-24 09:05:29 -04:00
Patrick Marchand
9dfcfe1ef3
Made it possible to only create a subset of users
...
The evolinux_users_create variable is a list of tags that defaults to ['active'].
Only the users that have one of the tags in the evolinux_users_create list will be created.
2022-08-23 20:18:45 -04:00
David Prevot
3bd4b92425
CHANGELOG: Document previous ($self) change
2022-08-18 10:27:26 +02:00
Jérémy Lecour
d0abfa985c
redis: config directory must be owned by the user that runs the service
...
… to be able to write tmp config files in it
2022-08-17 16:53:07 +02:00
Jérémy Dubois
de0c4fd314
openvpn: automate the initialization of the CA and the creation of the server certificate ; use openssl_dhparam module instead of a command
2022-08-10 17:23:47 +02:00
Mathieu Trossevin
78dcec8656
varnish: Repair systemd unit for jessie/stretch
2022-08-10 11:18:23 +02:00
Mathieu Trossevin
08a4f1ed5f
Document previous change
2022-08-10 10:26:37 +02:00
Jérémy Lecour
6c33e11d5f
evocheck: upstream release 22.07.1
2022-07-28 14:18:12 +02:00
Jérémy Lecour
0f899dcd09
evocheck: remove failure if deprecated variable is used
2022-07-28 13:58:09 +02:00
Jérémy Lecour
25b96c3283
Release 22.07.1
2022-07-28 13:49:57 +02:00
Jérémy Lecour
f10ebe8cd6
evocheck: upstream release 22.07
2022-07-28 13:38:33 +02:00
Jérémy Lecour
c8898a3d10
nagios-nrpe: use regexp to exclude paths/devices in check_disk1
2022-07-28 13:25:51 +02:00
Jérémy Lecour
0d086731ae
evomaintenance: upstream release 22.07
2022-07-27 15:49:41 +02:00
Jérémy Lecour
f7edd565a3
nagios-nrpe: check_disk1 returns only alerts
2022-07-27 09:24:46 +02:00
Jérémy Lecour
b453321b3d
nagios-nrpe: exclude /run/shm and /run/lock from check_disk1
2022-07-27 09:24:46 +02:00
Jérémy Lecour
0b41efd188
mongodb: replace version_compare() with version()
2022-07-18 15:54:42 +02:00
Bruno TATU
213c6dd6ac
Add change for fail2ban role
2022-07-08 11:28:29 +02:00
Jérémy Lecour
53847d9919
Release 22.07
2022-07-06 18:02:42 +02:00
Jérémy Lecour
a387304483
Fix CHANGELOG
2022-07-06 14:26:13 +02:00
Jérémy Lecour
0a3bfd7f27
evolinux-base: session timeout is configurable
2022-07-06 14:24:41 +02:00
Eric Morino
028bfe209a
Add change in kvm-host
2022-07-05 10:18:49 +02:00
Jérémy Dubois
68ac8fc058
openvpn: configure logrotate
2022-06-30 10:12:36 +02:00
Jérémy Dubois
07c3c0226f
openvpn: minimal rights on /etc/shellpki/ and crl.pem
2022-06-29 16:09:04 +02:00
Jérémy Lecour
205e699355
minifirewall: docker mode is configurable
2022-06-22 17:20:15 +02:00
Jérémy Lecour
abb14e5b52
haproxy: add haproxy_allow_ip_nonlocal_bind to set sysctl value
2022-06-22 15:32:10 +02:00
Ludovic Poujol
519ef930df
Update PermitRootLogin task to work on Debian 11
2022-06-21 15:13:38 +02:00
Jérémy Lecour
050c61c220
Release 22.06.3
2022-06-17 11:00:51 +02:00
Jérémy Lecour
57ecac01ba
evolinux-base: blacklist and do not install megaclisas-status package on incompatible servers
2022-06-16 15:19:44 +02:00
William Hirigoyen (Evolix)
3623363b94
Update changelog for version 22.06
2022-06-13 17:35:31 +02:00
Jérémy Lecour
556719bbf2
Release 22.06.2
2022-06-10 11:11:44 +02:00
Ludovic Poujol
b3ac39decd
postgresql: Fix task order when using pgdg repo & Install the right pg version
2022-06-09 10:33:28 +02:00
Jérémy Lecour
cea1408bba
evocheck: upstream release 22.06.2
2022-06-09 07:42:29 +02:00
Jérémy Lecour
4d1d77faaf
postgresql: add variable to configure binding addresses (default: 127.0.0.1)
2022-06-09 07:41:52 +02:00
Ludovic Poujol
1e19418fb0
Fail2ban: Multiple changes & improvements :
...
* Give the possibility to override jail.local (with fail2ban_override_jaillocal)
* If jail.local was overriden, add a warning
* Allow to tune some jail settings (maxretry, bantime, findtime) with ansible
* Allow to tune the default action with ansible
* Change default action to ban only (instead of ban + mail with whois report)
* Configure recidive jail (off by default) + extend dbpurgeage
2022-06-08 17:55:58 +02:00
Jérémy Lecour
bcaacdf57f
postgresql: fix nested loop for Munin plugins
2022-06-08 15:39:34 +02:00
Jérémy Lecour
cbe7985814
Enforce String notation for mode
2022-06-08 15:38:21 +02:00
Jérémy Lecour
b677defd97
redis: binding is possible on multiple interfaces
2022-06-08 15:36:47 +02:00
Jérémy Lecour
1895c549d4
Release 22.06.1
2022-06-06 15:07:10 +02:00
Jérémy Lecour
3d70438f7e
evocheck: upstream release 22.06.1
2022-06-06 15:05:59 +02:00
Jérémy Lecour
4cd7e0f4a1
minifirewall: upstream release 22.06
2022-06-06 14:42:22 +02:00
Jérémy Lecour
56c2c19d61
evomariabackup: release 22.06.1
2022-06-05 21:49:23 +02:00
Jérémy Lecour
6d0e49ba90
mysql: reorganize evomariabackup to use mtree instead of our own dir-check
2022-06-05 21:48:04 +02:00
Jérémy Lecour
e718156f86
fix CHANGELOG
2022-06-03 10:19:35 +02:00
Jérémy Lecour
e8e99bb9b6
Release 22.06
2022-06-03 09:27:01 +02:00
Jérémy Lecour
9378f5634c
add missing entry in CHANGELOG
2022-06-03 09:26:07 +02:00
Jérémy Lecour
51908f64b9
evocheck: upstream release 22.06
2022-06-03 09:15:04 +02:00
Jérémy Lecour
586aa206a8
mysql: add post-backup-hook to evomariabackup
2022-06-02 18:26:23 +02:00
Jérémy Lecour
b8b96bb5b7
mysql: use dir-check inside evomariabackup
2022-06-01 17:24:55 +02:00
Jérémy Lecour
249e53fc21
evolinux-base: add dir-check script
2022-06-01 17:24:55 +02:00
Jérémy Lecour
17a2032a10
evolinux-base: add update-evobackup-canary script
2022-06-01 10:46:13 +02:00
Jérémy Lecour
b3dbcb082f
certbot: add hapee (HAProxy Enterprise Edition) deploy hook
2022-05-31 14:06:25 +02:00
Ludovic Poujol
134355d190
docker: Allow live-restore to be toggled with docker_conf_live_restore
2022-05-24 16:22:49 +02:00
Jérémy Lecour
1a9c219c5b
Release 22.05.1
2022-05-12 15:49:18 +02:00
Jérémy Lecour
f82a81844d
evocheck: upstream release 22.05
2022-05-12 15:47:50 +02:00
Ludovic Poujol
9973a62c16
docker : Introduce new variables to tweak daemon settings
2022-05-10 19:04:58 +02:00
Ludovic Poujol
6aa7b89b78
docker : Introduce new default settings + allow to change the docker data directory
2022-05-10 18:21:59 +02:00
Ludovic Poujol
1b4d4c98fe
docker : Removed Debian Jessie support
2022-05-10 17:39:45 +02:00
Jérémy Lecour
09872fa4ad
Release 22.05
2022-05-10 16:58:32 +02:00
Jérémy Lecour
dd2072b86b
minifirewall: fix failed_when conditions on restart
2022-05-10 16:40:45 +02:00
Jérémy Lecour
378ee04c82
minifirewall: upstream release 22.05
2022-05-10 15:55:08 +02:00
Eric Morino
3663783509
add change in opendkim role
2022-05-09 10:19:18 +02:00
Jérémy Lecour
749d6a78cd
redis: Add log2mail user to redis group
2022-05-05 09:40:30 +02:00
Jérémy Lecour
61cd2b7428
minifirewall: upstream release 22.04
continuous-integration/drone/push Build is failing
2022-04-28 19:14:31 +02:00
Jérémy Lecour
a53159c93b
minifirewall: compatibility with "legacy" version of minifirewall
2022-04-28 12:40:02 +02:00
Jérémy Lecour
805a8ecb3a
etc-git: use "ansible-commit" to efficiently commit all available repositories (including /etc inside LXC) from Ansible
2022-04-27 14:22:59 +02:00
Jérémy Lecour
381a71aca1
dump-server-state: upstream release 22.04.3
2022-04-26 18:21:42 +02:00
Jérémy Lecour
55356857b2
dump-server-state: upstream release 22.04.2
2022-04-26 09:56:49 +02:00
Jérémy Lecour
daa54cac8f
evocheck: upstream release 22.04.1
2022-04-26 09:56:49 +02:00
Jérémy Lecour
5935d9d4a3
evocheck: upstream release 22.04
2022-04-25 09:58:07 +02:00
Jérémy Lecour
58909bc395
vrrpd: Store sysctl values in specific file
2022-04-22 09:32:37 +02:00
Jérémy Lecour
a5bae6645e
dump-server-state: upstream release 22.04.1
2022-04-20 11:07:20 +02:00
Jérémy Dubois
9161fae0c4
openvpn: use a local copy of files instead of cloning an external git repository
2022-04-14 16:34:43 +02:00
Jérémy Dubois
4bf14b9a22
munin: Add possibility to install local plugins, and install dhcp_pool plugin
2022-04-14 10:45:24 +02:00
Ludovic Poujol
959d6a8579
redis : Activate overcommit sysctl
2022-04-12 11:27:46 +02:00
Jérémy Lecour
84178d6b24
Tomcat 9 by default with Debian 11
2022-04-08 11:57:35 +02:00
Jérémy Dubois
5b2fecb49c
Make evocommit fully compatible with OpenBSD
2022-04-07 10:18:08 +02:00
Jérémy Lecour
e71201ab46
dump-server-state: upstream release 22.04
2022-04-03 11:18:43 +02:00
Jérémy Dubois
726735d269
etc-git : Remount /usr in rw for git gc in in /usr/share/scripts/
2022-04-01 15:47:44 +02:00
Jérémy Dubois
6434adcc62
nagios-nrpe: Add a check dhcp_pool
2022-03-31 16:01:23 +02:00
Jérémy Lecour
ed6ca9a85a
minifirewall: upstream release 22.03.5
2022-03-30 22:45:13 +02:00
Mathieu Trossevin
5dc6a1d36b
etc-git: Commit changes to /etc in containers
2022-03-30 16:33:00 +02:00
Jérémy Lecour
31c2629d31
minifirewall: configure proxy/backup/sysctl values
2022-03-30 09:42:56 +02:00
Mathieu Trossevin
20abe0e09a
postfix: Skip milters after amavis (in packmail)
...
Otherwise opendkim will sign local mails twice AND sign external mails
(pretending to be) from local domains as if they were local mails.
2022-03-29 16:06:12 +02:00
Jérémy Lecour
75459baa35
dump-server-state: upstream release 22.03.10
2022-03-29 09:11:35 +02:00
Jérémy Lecour
3feacd0c6d
update CHANGELOG
2022-03-28 13:28:48 +02:00
Jérémy Lecour
54bf9c1854
evolinux-base: rename backup-server-state to dump-server-state
2022-03-27 09:18:15 +02:00
Jérémy Lecour
85d429295f
minifirewall: tail template follows symlinks
2022-03-25 18:12:24 +01:00
Jérémy Lecour
bbc1bae437
minifirewall: upstream release 22.03.4
2022-03-25 14:57:10 +01:00
Jérémy Dubois
d2fa14fb4f
backup-server-state: release 22.03.5
2022-03-24 18:15:56 +01:00
Jérémy Dubois
42782b7f3d
evolinux-base: fix show_help in backup-server-state.sh
...
* --uname and --no-uname options were not in help
* --services and --no-services were in help whereas --systemctl and --no-systemctl are used in options parsing
2022-03-24 17:57:58 +01:00
Mathieu Trossevin
1646cc99bf
redis: Remount /usr with RW when adding nagios plugin
2022-03-23 13:55:54 +01:00
Jérémy Dubois
b4f83e54d0
openvpn: use a subnet topology instead of the net30 default topology
2022-03-23 10:46:17 +01:00
Jérémy Dubois
c2f6ff5249
evocheck: upstream release 22.03.1
2022-03-22 11:03:26 +01:00
Jérémy Lecour
5895f5a99b
minifirewall: upstream release 22.03.3
2022-03-21 14:35:20 +01:00
Jérémy Lecour
e7594c6c86
evolinux-base: backup-server-state release 22.03.2
2022-03-21 11:32:08 +01:00
Mathieu Trossevin
444bd72944
generate-ldif: Correct generated entries for php-fpm in containers
2022-03-17 17:36:35 +01:00
Jérémy Lecour
fb41c81e99
backup-server-state: release 22.03.2
...
update documentation for --dpkg-full vs. --dpkg-status
2022-03-17 10:45:44 +01:00
Jérémy Lecour
8a9faa0250
* minifirewall: upstream release 22.03.2
2022-03-16 23:49:34 +01:00
Jérémy Lecour
545226f6f6
evocheck: upstream release 22.03
2022-03-15 23:25:15 +01:00
Jérémy Lecour
ba90203f21
minifirewall: upstream release 22.03.1 and use includes directory
2022-03-15 23:07:33 +01:00
Ludovic Poujol
17f884b04a
evolinux-base: Add non-free repos & install non-free firmware on dedicated hardware
2022-03-15 11:35:20 +01:00
Ludovic Poujol
913e6d96e8
generate-ldif: Add services check for bkctld
2022-03-15 10:53:16 +01:00
Jérémy Lecour
a733e2794f
evolinux-base: backup-server-state release 22.03
2022-03-08 16:49:53 +01:00
Mathieu Trossevin
9c84e95182
Repair keepalived role
2022-03-02 16:23:01 +01:00
Jérémy Lecour
e5dc503cfd
Release 22.03
2022-03-02 09:42:12 +01:00
Jérémy Lecour
270d03b6a6
evolinx-users: optimize sudo configuration
2022-03-02 09:40:52 +01:00
Jérémy Lecour
1dc4d0e133
redis: always install check_redis_instances
2022-03-01 14:04:05 +01:00
Jérémy Lecour
c8ef7e9b75
redis: check_redis_instances tolerates absence of instances
2022-03-01 14:02:22 +01:00
Jérémy Lecour
d9e95218ce
apt_hold_packages: broadcast message with wall, if present
2022-02-24 11:49:12 +01:00
Ludovic Poujol
39949ea921
generate-ldif: Add support for php-fpm in containers
2022-02-21 11:31:00 +01:00
Ludovic Poujol
e79141d2d2
lxc: Fail if /var is nosuid
2022-02-17 16:25:20 +01:00
Jérémy Lecour
799466788f
lxc-php: preliminary support for PHP 8.1 container
2022-02-17 14:50:21 +01:00
Jérémy Dubois
f3c443d076
openvpn: now check that openvpn has been restarted since last certificates renewal
2022-02-15 15:52:21 +01:00
Ludovic Poujol
9995fca35d
varnish: update munin plugin to work with recent varnish versions
2022-02-08 16:16:24 +01:00
Ludovic Poujol
a2f73bb7df
elasticsearch: Use /etc/elasticsearch/jvm.options.d/evolinux
instead of default /etc/elasticsearch/jvm.options
2022-02-07 15:18:46 +01:00
Jérémy Dubois
981128dc17
openvpn: make it compatible with OpenBSD and add some improvements
2022-02-03 18:35:16 +01:00
Jérémy Lecour
0cbdda840d
Explicit permissions for systemd overrides
2022-02-03 14:18:20 +01:00
Jérémy Lecour
9e27d9707b
kvm-host: add missing default value
2022-02-03 14:16:45 +01:00
Jérémy Lecour
5153b88d01
evolinux-base: option to bypass raid-related tasks
2022-02-03 14:15:33 +01:00
Jérémy Lecour
3dd78fbf7e
Release 22.01.3
2022-01-31 11:57:21 +01:00
Jérémy Lecour
fcb0b8c80f
backup-server-state: 22.01.3
2022-01-28 16:27:39 +01:00
Jérémy Lecour
cd26081add
rbenv: install Ruby 3.1.0 by default
2022-01-28 16:27:20 +01:00
Jérémy Lecour
bb30402df3
Release 22.01.2
2022-01-27 14:12:40 +01:00
Jérémy Lecour
6ccd0ea440
Release 22.01.1
2022-01-27 14:04:41 +01:00
Jérémy Lecour
2849039fad
remount-usr: use findmnt to find if usr is a readonly partition
2022-01-27 11:21:19 +01:00
Jérémy Lecour
80f8a94798
evolinux-base: many improvements for backup-server-state script
2022-01-27 10:29:08 +01:00
Jérémy Lecour
bff8fcfebb
apt: upgrade packages after all the configuration is done
2022-01-25 18:25:47 +01:00
Jérémy Lecour
0e34d4cd4b
Merge remote-tracking branch 'origin/bullseye-swap-top' into unstable
2022-01-25 15:15:05 +01:00
Jérémy Lecour
1f4ee2de79
Prepare CHANGELOG for 22.01 release
2022-01-25 15:00:03 +01:00
Mathieu Trossevin
1902c40c3c
lxc-php: Fix config for opensmtpd on bullseye
2022-01-25 11:57:41 +01:00
Jérémy Dubois
3822696db6
Update CHANGELOG for new openvpn role
2022-01-24 19:23:26 +01:00
Jérémy Lecour
ca1f465aaa
nodejs: default to version 16 LTS
2022-01-12 13:04:22 +01:00
Jérémy Lecour
ec346a42a5
munin: systemd override to unprotect home directory
2021-12-23 16:56:23 +01:00
Mathieu Trossevin
d3eef71127
nagios-nrpe: Fix check_nfsserver for buster and bullseye
...
From buster onward the nfs server doesn't run NFSv4 over UDP (it is out
of spec, see RFC 7530). As such the check broke as it attempt to check
the availability of NFSv4 over UDP.
Right now the check doesn't check for NFSv2 over UDP as it would need to
check if it exist first, as on bullseye it isn't supported by default
anymore.
2021-11-24 11:11:39 +01:00
Jérémy Lecour
e4bb0c6f55
filebeat/metricbeat: version 7.x y default
2021-11-12 10:07:43 +01:00
Jérémy Lecour
039c740ef3
mysql: add evomariabackup 21.11
2021-11-01 10:16:55 +01:00
Jérémy Lecour
6cf8195744
evolinux-base: fix alert5.service dependency syntax
2021-10-29 07:52:38 +02:00
Jérémy Lecour
dcfea674a4
listupgrade: old-kernel-removal version 21.10
2021-10-25 14:23:52 +02:00
Jérémy Lecour
646a7b1813
evocheck: package install is not supported anymore
2021-10-25 10:08:40 +02:00
Jérémy Lecour
dd53c01027
evocheck: upstream release 21.10.4
2021-10-25 10:02:12 +02:00
Jérémy Dubois
90acb99c2a
nagios-nrpe: new check influxdb
2021-10-22 14:51:57 +02:00
Jérémy Lecour
ca28df1b75
evocheck: upstream release 21.10.3
2021-10-22 13:57:56 +02:00
Jérémy Lecour
1706361e8d
evocheck: upstream release 21.10.2
2021-10-22 13:43:43 +02:00
Jérémy Lecour
dcdde5f7f6
evocheck: upstream release 21.10.1
2021-10-21 17:32:11 +02:00