dprevot/ansible-roles
1
0
Fork 0
forked from evolix/ansible-roles
Code Issues Pull requests 1 Projects Releases Wiki Activity
3143 commits 45 branches 41 tags 9.7 MiB
Commit graph

835 commits

Author SHA1 Message Date
Mathieu Trossevin bc1facd1ba
proftpd: Fix mode of public key files and directory 2022-12-09 10:19:51 +01:00
Mathieu Trossevin 101c282846
proftpd: Fix format of public key files controlled by ansible 
The comments used by ansible's blockinfile module break the format
expected by proftpd for public ssh keys, making them unusable.

Replace with a template, we will just have to accept that we need to use
ansible for all changes to these file.
 2022-12-08 17:32:53 +01:00
Jérémy Lecour ce361c6819 listupgrade: sort/uniq of packages/services lists in email template 2022-12-07 21:05:12 +01:00
Jérémy Lecour 3c2369a3a2 listupgrade: better detection for PostgreSQL 2022-12-07 21:04:33 +01:00
Alexis Ben Miloud--Josselin 982112bd64 rabbitmq: add link in default page 2022-12-07 15:49:03 +01:00
Jérémy Lecour 22f30b59f2 certbot: auto-detect HAPEE version in renewal hook 2022-12-05 14:22:12 +01:00
Jérémy Dubois 6cc3e03864 openvpn: specifies that the mail for expirations is for OpenVPN 2022-12-05 09:52:20 +01:00
Jérémy Dubois cca072425b openvpn: shellpki upstream release 22.12 2022-12-01 16:56:23 +01:00
Jérémy Dubois cd2c1931b1 keepalived: change exit code (warning if runnin but not on expected state ; critical if not running) 2022-11-28 17:16:43 +01:00
Jérémy Lecour c96f28e47b evocheck: install script according to Debian version 2022-11-27 22:14:39 +01:00
Jérémy Lecour 08db230c29 Merge branch 'debian12' into unstable 2022-11-27 18:29:57 +01:00
Jérémy Lecour 54dca82838 varnish: fix missing state, that blocked the task 2022-11-26 19:10:21 +01:00
Jérémy Lecour 665177556e evomaintenance: allow missing API endpoint if APi is disabled 2022-11-26 19:09:05 +01:00
Jérémy Lecour ecd9d1543f varnish: better package facts usage with check mode and tags 2022-11-21 15:46:46 +01:00
Alexis Ben Miloud--Josselin 396afa0a75 nagios-nrpe: add ceph checks to changelog 2022-11-15 11:08:01 +01:00
Mathieu Trossevin 83138f0a0b
nagios-nrpe: Correct port for check_opendkim 2022-11-09 17:05:54 +01:00
Jérémy Lecour faeb92230b packweb-apache: manual dependencies resolution 2022-11-06 15:25:17 +01:00
Jérémy Lecour 4050dbea7a packweb-apache: enable log_forensic module 2022-11-06 15:25:17 +01:00
Jérémy Lecour b36d4c4766 various fixes for Debian 12 2022-11-06 15:25:17 +01:00
Jérémy Lecour 4c9aaf6d86 Merge branch 'unstable' into debian12-keyring 2022-11-06 10:19:36 +01:00
Jérémy Lecour a1bf300d54 bookworm-detect: transitional role to help dealing with unreleased bookworm version 2022-11-05 21:15:21 +01:00
Jérémy Lecour 28540247f0 Add signed-by option for additional APT sources 2022-11-02 23:17:08 +01:00
Jérémy Lecour f531460f49 Use proper keyrings directory for APT version 
Debian 9 → 11 : /etc/apt/trusted.gpg.d
Debian 12 : /etc/apt/keyrings
 2022-11-02 23:16:32 +01:00
Jérémy Lecour c9ccda2277 varnish: create special tmp directory for syntax validation 2022-11-02 19:45:15 +01:00
Jérémy Lecour 4d259d3c04 varnish: systemd override depends on Varnish 
Use Varnish version instead of Debian version to choose systemd override template, to make it forward compatible
 2022-11-02 13:55:03 +01:00
William Hirigoyen 912cec5a78 lxc-php: update changelog. 2022-10-26 15:25:22 +02:00
Jérémy Lecour 857b3e0e45 nagios-nrpe: check_haproxy_stats supports DRAIN status 2022-10-20 15:46:04 +02:00
Jérémy Lecour 554c086b79 redis: variable to disable transparent hugepage (default: do nothing) 2022-10-20 14:38:12 +02:00
Jérémy Lecour fc52fbf4bc redis: some values should be quoted 
When Redis overwrites its own config, it uses quoted string values, so it's better to do the same to avoid changes.
 2022-10-20 14:36:47 +02:00
Jérémy Lecour f71075d4ef evolinux-base: replace regular kernel by cloud kernel on virtual servers 2022-10-19 16:33:25 +02:00
Jérémy Dubois 6be2ff3b48 evolinux-todo: execute tasks only for Debian distribution (because this task is a dependency for others roles used on different distributions) 2022-10-17 11:37:58 +02:00
Jérémy Lecour 2d16aeb41e evolinux-base: utils.yml can be excluded 2022-10-11 13:37:21 +02:00
Mathieu Trossevin 4f9d6868e0
evolinux-user: sudoers privileges for check php\fpm80 and 81 2022-10-07 14:16:32 +02:00
Jérémy Lecour 15d7756881 minifirewall: whitelist deb.freexian.com 2022-10-03 18:54:29 +02:00
Jérémy Lecour 8e1b682ccc squid: whitelist deb.freexian.com 2022-10-03 18:54:05 +02:00
Jérémy Lecour c6fb24f7d8 lxc-solr: use default JRE package 2022-09-30 11:39:50 +02:00
Jérémy Lecour 792d1170ab java: use default JRE when version is not specified 2022-09-30 11:39:05 +02:00
Jérémy Lecour 6aeaab078d lxc-solr: set homedir and port at install 2022-09-27 07:47:26 +02:00
Jérémy Lecour 46deb04005 lxc-solr: choose java package and download URL according to Solr Version 2022-09-26 23:47:55 +02:00
Jérémy Lecour 26f9d171a4 lxc-solr: detect the real partition options 2022-09-26 23:46:29 +02:00
Jérémy Lecour 8089d90bd1 Release 22.09 2022-09-19 17:06:25 +02:00
Ludovic Poujol a540235077 munin: Add ipmi_ plugins on dedicated hardware 2022-09-15 11:45:24 +02:00
William Hirigoyen c310482ba6 domains: revert commits moved to dev branch domains 2022-09-15 10:48:55 +02:00
Jérémy Lecour 6f04a41557 fail2ban: fix dovecot-evolix regex syntax 2022-09-15 09:48:34 +02:00
William Hirigoyen 55f694f051 Update CHANGELOG 2022-09-14 12:21:13 +02:00
Jérémy Lecour d8a2dccf36 evocheck: upstream release 22.09 2022-09-14 10:55:02 +02:00
Ludovic Poujol cd46dd8320 proftpd: Add a warning if config file was overriden 2022-09-13 16:31:03 +02:00
Ludovic Poujol 9631476a06 proftpd: Allow user auth with ssh keys 2022-09-13 16:29:59 +02:00
Ludovic Poujol 7c4a169fb8 proftpd: Add options to override configs 2022-09-13 16:26:10 +02:00
Jérémy Lecour 28276b5d6f evolinux-base: update-evobackup-canary upstream release 22.06 2022-09-12 13:54:57 +02:00
Jérémy Lecour 3c1ec588fd minifirewall: use handlers to restart minifirewall 2022-09-09 16:09:48 +02:00
Jérémy Dubois c3be57410d openvpn: Run OpenVPN with the \_openvpn user and group instead of nobody which is originally for NFS 2022-09-06 11:27:20 +02:00
William Hirigoyen 6fa89e69a5 Update changelog 2022-09-02 15:48:09 +02:00
Ludovic Poujol 1f52700b47 memcached: NRPE check for multi-instance setup 
Also some cleanup & split of tasks between single and multi instance

Note: Munin part seems still broken at the time
 2022-09-01 15:33:00 +02:00
Ludovic Poujol ee67ebca8b webapps/nextcloud: Drop support for Nginx 2022-09-01 12:46:37 +02:00
William Hirigoyen 2bda54a7bd Update CHANGELOG.md 2022-09-01 12:07:47 +02:00
Ludovic Poujol d165a104f2 * webapps/nextcloud: Add missing dependencies for imagick 2022-09-01 11:28:08 +02:00
Ludovic Poujol 4a3b40d986 generate-ldif: Support any MariaDB version 2022-08-29 17:29:14 +02:00
Jérémy Lecour c7a6b3e694 evocheck: upstream release 22.08.1 2022-08-29 17:03:31 +02:00
Jérémy Lecour 71aafe161c evocheck: upstream release 22.08 2022-08-29 17:03:31 +02:00
Eric Morino 9a25d5981f add webapps/nextcloud changelog 2022-08-26 16:34:19 +02:00
Jérémy Lecour 5fa7f4809c vrrp: fix systemd unit name 2022-08-24 17:58:46 +02:00
Jérémy Lecour 018eee7ea0 Update 'CHANGELOG.md' 
* use role name
* more descriptive message
* order items alphabetically
 2022-08-24 15:22:25 +02:00
Patrick Marchand 2c1ec040d1 Simplify user subset creation 
Instead of tags, allow only one subset of users to be created at a time.
 2022-08-24 09:05:29 -04:00
Patrick Marchand 9dfcfe1ef3 Made it possible to only create a subset of users 
The evolinux_users_create variable is a list of tags that defaults to ['active'].
Only the users that have one of the tags in the evolinux_users_create list will be created.
 2022-08-23 20:18:45 -04:00
David Prevot 3bd4b92425 CHANGELOG: Document previous ($self) change 2022-08-18 10:27:26 +02:00
Jérémy Lecour d0abfa985c redis: config directory must be owned by the user that runs the service 
… to be able to write tmp config files in it
 2022-08-17 16:53:07 +02:00
Jérémy Dubois de0c4fd314 openvpn: automate the initialization of the CA and the creation of the server certificate ; use openssl_dhparam module instead of a command 2022-08-10 17:23:47 +02:00
Mathieu Trossevin 78dcec8656
varnish: Repair systemd unit for jessie/stretch 2022-08-10 11:18:23 +02:00
Mathieu Trossevin 08a4f1ed5f
Document previous change 2022-08-10 10:26:37 +02:00
Jérémy Lecour 6c33e11d5f evocheck: upstream release 22.07.1 2022-07-28 14:18:12 +02:00
Jérémy Lecour 0f899dcd09 evocheck: remove failure if deprecated variable is used 2022-07-28 13:58:09 +02:00
Jérémy Lecour 25b96c3283 Release 22.07.1 2022-07-28 13:49:57 +02:00
Jérémy Lecour f10ebe8cd6 evocheck: upstream release 22.07 2022-07-28 13:38:33 +02:00
Jérémy Lecour c8898a3d10 nagios-nrpe: use regexp to exclude paths/devices in check_disk1 2022-07-28 13:25:51 +02:00
Jérémy Lecour 0d086731ae evomaintenance: upstream release 22.07 2022-07-27 15:49:41 +02:00
Jérémy Lecour f7edd565a3 nagios-nrpe: check_disk1 returns only alerts 2022-07-27 09:24:46 +02:00
Jérémy Lecour b453321b3d nagios-nrpe: exclude /run/shm and /run/lock from check_disk1 2022-07-27 09:24:46 +02:00
Jérémy Lecour 0b41efd188 mongodb: replace version_compare() with version() 2022-07-18 15:54:42 +02:00
Bruno TATU 213c6dd6ac Add change for fail2ban role 2022-07-08 11:28:29 +02:00
Jérémy Lecour 53847d9919 Release 22.07 2022-07-06 18:02:42 +02:00
Jérémy Lecour a387304483 Fix CHANGELOG 2022-07-06 14:26:13 +02:00
Jérémy Lecour 0a3bfd7f27 evolinux-base: session timeout is configurable 2022-07-06 14:24:41 +02:00
Eric Morino 028bfe209a Add change in kvm-host 2022-07-05 10:18:49 +02:00
Jérémy Dubois 68ac8fc058 openvpn: configure logrotate 2022-06-30 10:12:36 +02:00
Jérémy Dubois 07c3c0226f openvpn: minimal rights on /etc/shellpki/ and crl.pem 2022-06-29 16:09:04 +02:00
Jérémy Lecour 205e699355 minifirewall: docker mode is configurable 2022-06-22 17:20:15 +02:00
Jérémy Lecour abb14e5b52 haproxy: add haproxy_allow_ip_nonlocal_bind to set sysctl value 2022-06-22 15:32:10 +02:00
Ludovic Poujol 519ef930df Update PermitRootLogin task to work on Debian 11 2022-06-21 15:13:38 +02:00
Jérémy Lecour 050c61c220 Release 22.06.3 2022-06-17 11:00:51 +02:00
Jérémy Lecour 57ecac01ba evolinux-base: blacklist and do not install megaclisas-status package on incompatible servers 2022-06-16 15:19:44 +02:00
William Hirigoyen (Evolix) 3623363b94 Update changelog for version 22.06 2022-06-13 17:35:31 +02:00
Jérémy Lecour 556719bbf2 Release 22.06.2 2022-06-10 11:11:44 +02:00
Ludovic Poujol b3ac39decd postgresql: Fix task order when using pgdg repo & Install the right pg version 2022-06-09 10:33:28 +02:00
Jérémy Lecour cea1408bba evocheck: upstream release 22.06.2 2022-06-09 07:42:29 +02:00
Jérémy Lecour 4d1d77faaf postgresql: add variable to configure binding addresses (default: 127.0.0.1) 2022-06-09 07:41:52 +02:00
Ludovic Poujol 1e19418fb0 Fail2ban: Multiple changes & improvements : 
* Give the possibility to override jail.local (with fail2ban_override_jaillocal)
* If jail.local was overriden, add a warning
* Allow to tune some jail settings (maxretry, bantime, findtime) with ansible
* Allow to tune the default action with ansible
* Change default action to ban only (instead of ban + mail with whois report)
* Configure recidive jail (off by default) + extend dbpurgeage
 2022-06-08 17:55:58 +02:00
Jérémy Lecour bcaacdf57f postgresql: fix nested loop for Munin plugins 2022-06-08 15:39:34 +02:00
Jérémy Lecour cbe7985814 Enforce String notation for mode 2022-06-08 15:38:21 +02:00
Jérémy Lecour b677defd97 redis: binding is possible on multiple interfaces 2022-06-08 15:36:47 +02:00