Gregory Colpart
30c47fcd50
A lot of improvments: add comments, add tests/tests/tests, add --cron option, drop HAProxy support, modify Apache/Nginx conf only first time
2017-09-21 03:50:24 +02:00
Gregory Colpart
7ea5982611
empty commit, only :retab
2017-09-21 03:48:24 +02:00
Gregory Colpart
81698d03de
by default copy use files/ directory
2017-09-21 03:48:17 +02:00
Gregory Colpart
26d823174f
use {{ evoacme_crt_dir }} var everywhere
2017-09-21 03:48:11 +02:00
Gregory Colpart
a006a604f2
Rename /etc/cron.d/certbot to .disabled as written in https://wiki.evolix.org/HowtoLetsEncrypt
2017-09-21 03:48:05 +02:00
Gregory Colpart
cdf0861821
More clear without include for determining apache/nginx presence
2017-09-21 03:47:57 +02:00
Victor LABORIE
d96e2ea5bf
evoacme: renew certs 30 days before expiration by default
2017-09-18 15:02:20 +02:00
Victor LABORIE
8a139b07b2
evoacme: fix SRV_IP overriding in make-csr
2017-09-13 11:38:38 +02:00
Victor LABORIE
f5fdd71681
evoacme: fix invalid domain printing in make-csr
2017-09-12 15:49:35 +02:00
Victor LABORIE
069e675c6b
evoacme: add basic check to evoacme.sh
2017-09-11 17:05:46 +02:00
Victor LABORIE
ab177c2dad
evoacme: add pem extension to dhparam file
2017-09-11 17:05:46 +02:00
Victor LABORIE
6c399ca60e
evoacme: fix live link path
2017-09-11 17:05:46 +02:00
Victor LABORIE
1fbcb61559
evoacme: fix typo
2017-09-11 17:05:45 +02:00
Victor LABORIE
ff392d8e26
evoacme: fix symlink generation
2017-09-11 17:05:45 +02:00
Victor LABORIE
0726d29796
evoacme: purge same day cert before recreating it
2017-09-11 17:05:45 +02:00
Victor LABORIE
740b60d838
evoacme: make-csr stdout is more verbose
2017-09-11 17:05:45 +02:00
Victor LABORIE
e16eafc1a0
evoacme: complete refactoring of make-csr.sh
2017-09-11 17:05:45 +02:00
Victor LABORIE
05afeea894
evoacme: remove obsolete sudoers file
2017-09-11 17:05:44 +02:00
Victor LABORIE
8d7cbab3a9
evoacme: refactoring of certbot.cron
2017-09-11 17:05:44 +02:00
Victor LABORIE
9deb594834
evoacme: move scripts in /usr/local/sbin
2017-09-11 17:05:44 +02:00
Victor LABORIE
e210de5f53
evoacme: complete refactoring of evoacme.sh
2017-09-11 17:05:44 +02:00
Gregory Colpart
207a2f6011
Improve distribution verification
2017-08-23 01:49:27 +02:00
Gregory Colpart
41329af173
Remove dynamic add of whitelist Squid proxy
2017-08-23 01:26:57 +02:00
Gregory Colpart
2bb7367edf
standardization for Debian versions : we use "jessie" or "9 or later" to prepare buster smoothly as possible
2017-08-18 03:50:30 +02:00
Jérémy Lecour
62fbbd2016
Rename role "apt-repositories" to "apt"
2017-07-19 08:56:46 +02:00
Jérémy Lecour
3a8093fb12
Apache: use "Require"
...
http://httpd.apache.org/docs/2.4/howto/auth.html
2017-07-18 20:13:58 +02:00
Jérémy Lecour
bc99227259
Better squid/squid3 whitelist and reload
2017-07-12 12:17:33 +02:00
Victor LABORIE
08b4b2fa4a
evoacme: change location priority for nginx
2017-07-03 17:37:05 +02:00
Victor LABORIE
f14ee0424e
evoacme: fix certbot verbosity
2017-06-12 14:09:29 +02:00
Victor LABORIE
267f1ffc88
evoacme: refactoring
2017-06-12 13:14:30 +02:00
Daniel Jakots
2eb194577f
use the correct var
2017-06-06 16:36:09 -04:00
Gabriel Periard-Tremblay
87ebadcadd
Kitchen: Change base image to evolix/ansible
2017-06-02 08:38:08 -04:00
Victor LABORIE
41f93bcd5d
evoacme: fix sed for nginx self-signed cert
2017-05-30 15:13:00 +02:00
Jérémy Lecour
404f4445d4
install backports with "tasks_from"
...
When including a specific tasks file, we bypass the "main" tasks of the role and the conditionals.
That way we don't play useless tasks and don't rely on default values.
2017-05-23 15:13:11 +02:00
Jérémy Lecour
d2eeb3ba69
evoacme/tomcat: check if /etc/aliases exists
2017-05-21 23:34:34 +02:00
Jérémy Lecour
1b24815491
whitespaces
2017-05-21 19:32:25 +02:00
Jérémy Lecour
ec1ba752e4
relative paths
2017-05-19 22:31:32 +02:00
Jérémy Lecour
f6cfe41a35
Use command instead of shell where possible
2017-05-19 22:31:17 +02:00
Jérémy Lecour
9fae99f8dc
Minor syntax and whitespaces fixes
2017-05-19 22:29:53 +02:00
Jérémy Lecour
6eb71daead
Let's Encrypt has many subdomains, let's whitelist them all
2017-05-19 21:35:51 +02:00
Jérémy Lecour
6386509d3b
Add Let's Encrypt domains in the squid's whitelist
2017-05-19 19:54:12 +02:00
Jérémy Lecour
2794929c22
Add some kitchen tests for many roles
2017-05-18 15:16:30 +02:00
Jérémy Lecour
d6c6674cdc
evoacme: add a vagrant test playbook
2017-05-16 15:05:43 +02:00
Jérémy Lecour
d4036df165
evoacme: simplify squid whitelist management
2017-05-16 15:04:24 +02:00
Jérémy Lecour
82b2ab1a67
evoacme: relative path to external roles
2017-05-16 15:04:02 +02:00
Jérémy Lecour
f068684a76
evoacme: add squid whitelist for ocsp server
2017-05-16 10:30:17 +02:00
Victor LABORIE
0883102747
evoacme: reinit ssl conf when overwrite csr and key
2017-05-10 11:28:53 +02:00
Victor LABORIE
8aadec03c1
evoacme: support for evoadmin-cluster
2017-05-10 11:05:31 +02:00
Victor LABORIE
3738a189c7
evoacme: always strip .conf suffix
2017-05-10 11:05:31 +02:00
Victor LABORIE
cf216ab96a
evoacme: fix forge link in README
2017-04-27 12:19:54 +02:00