Jérémy Dubois
4610661299
Fix add of multiple motd cron
...
Do not add motd cron again if the same line is already there but uncommented
2020-10-14 17:39:23 +02:00
Jérémy Dubois
ff1f728102
Doas authorization for collectd
...
We put the doas authorization for collectd in the global file and we let it if
collectd is not there, because otherwise the authorization would be removed if
the base role was run without the collectd role, even if collectd was still
running. Collectd would have been broken.
2020-10-14 17:39:23 +02:00
Jérémy Dubois
cc80aefac7
NRPE plugins dir was not created
2020-10-14 17:39:23 +02:00
Jérémy Dubois
6dd4b6b8aa
Syspatch is not available before OpenBSD 6.1
2020-10-14 17:39:23 +02:00
Jérémy Dubois
556d98c170
Variable ansible_fqdn is often not the name of the server
2020-10-14 17:39:23 +02:00
Jérémy Dubois
7ecf7be4a4
Do not remove line that would have a customized subject
2020-10-14 17:39:09 +02:00
Jérémy Dubois
213e4a7bcd
Comment on checks that cannot be used as is - v2
continuous-integration/drone/push Build is failing
Details
2020-10-14 14:55:10 +02:00
Jérémy Dubois
592a2f8337
Comment on checks that cannot be used as is
continuous-integration/drone/push Build is failing
Details
2020-10-14 12:25:55 +02:00
Jérémy Dubois
68586d6450
Fstab role : do not change lines beggining with "#"
continuous-integration/drone/push Build is failing
Details
2020-10-14 12:14:58 +02:00
Jérémy Dubois
37ec518850
The pf_states NRPE check does not contain any variable, it can be in files folder
continuous-integration/drone/push Build is failing
Details
2020-10-14 12:13:52 +02:00
Jérémy Dubois
5adeaa31e1
Add a pf tag that we skip for subsequent use
...
continuous-integration/drone/push Build is failing
Details
PacketFilter need to be customized only once, at the first use.
After that, pf.conf will be modified on the server for the needs of the
network. It must not be overwriten.
2020-10-14 09:40:59 +02:00
Jérémy Dubois
dc2707c004
Fix typo
continuous-integration/drone/push Build is failing
Details
2020-10-13 16:16:52 +02:00
Jérémy Dubois
2bf8a7e872
Stricter ssh and doas access - better version
...
continuous-integration/drone/push Build is failing
Details
Fix #34
We now use a unique evobsd_group (evolix by default).
Each user has 2 groups : evobsd_group and user.name.
Only evobsd_group can ssh to server and use doas.
I also added a password restrictions block for IPs/group.
And we make sure the home folder is only readable by owner.
2020-10-13 16:03:54 +02:00
Jérémy Dubois
a606230d93
We always need these Evolix vars_files which overwrite defaults values
continuous-integration/drone/push Build is failing
Details
2020-10-13 16:01:16 +02:00
b925a9f84d
Update CHANGELOG and bump to version 6.7.2
continuous-integration/drone/push Build is failing
Details
2020-10-13 14:46:14 +02:00
Jérémy Dubois
7ddc1ab72f
Fix NRPE check file name
continuous-integration/drone/push Build is failing
Details
2020-10-13 12:02:48 +02:00
Jérémy Dubois
a9ae1b57d4
Do not use litteral tab in configuration
...
Use "\t" instead of a litteral tab which can easily be broken. Also add a
deletion of line with spaces.
2020-10-13 12:01:18 +02:00
Jérémy Dubois
57acbd6091
Add jinja2 variable for PATH variable environment
2020-10-13 11:44:53 +02:00
20e7f950be
Merge pull request 'Writing of collectd role' ( #28 ) from collectd into dev
...
continuous-integration/drone/push Build is failing
Details
Reviewed-on: #28
Reviewed-by: Tristan Pilat <drustan@noreply.gitea.evolix.org>
2020-10-13 11:24:05 +02:00
Jérémy Dubois
11d3331958
Collectd role : deletion of collectd_plugin_exec variable
...
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/pr Build is failing
Details
This variable had to be activated only if collectd_plugin_exec_ifq_drops or
collectd_plugin_exec_dns_stats was also activated, for some configuration to be
taken into account. I changed the role so that the configuration is
automatically taken into account if one of these two variables is activated.
2020-10-12 15:45:13 +02:00
Jérémy Dubois
7cc374ea9e
yamllint : indentation, trailing-spaces and truthy value
2020-10-12 15:26:45 +02:00
Jérémy Dubois
337e80b670
Writing of collectd role
2020-10-12 15:12:31 +02:00
Jérémy Dubois
6abf573fae
Merge pull request 'Customize fstab with noexec and softdep' ( #36 ) from customize_fstab into dev
...
continuous-integration/drone/push Build is failing
Details
Reviewed-on: #36
Reviewed-by: Tristan Pilat <drustan@noreply.gitea.evolix.org>
2020-10-12 14:48:22 +02:00
Jérémy Dubois
a40e2b4750
Merge branch 'dev' into customize_fstab
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/pr Build is failing
Details
2020-10-12 14:47:02 +02:00
Jérémy Dubois
3255566edf
yamllint : disable rule:line-length for complete file evolixisation.yml
continuous-integration/drone/push Build is failing
Details
2020-10-12 14:29:37 +02:00
Jérémy Dubois
6b7c7b80c4
yamllint
continuous-integration/drone/push Build is failing
Details
2020-10-12 14:20:59 +02:00
Jérémy Dubois
bd22b0545b
sudoers configuration : the tab was broken
2020-10-12 14:16:00 +02:00
Jérémy Dubois
0615d3b555
Specify order of cron command in daily.local and fix full deletion of the cron
continuous-integration/drone/push Build is failing
Details
2020-10-12 12:00:28 +02:00
Jérémy Dubois
c1f66a92e2
Fix add of multiple evobackup cron
...
continuous-integration/drone/push Build is failing
Details
Do not add evobackup cron again if the same line
is already there but uncommented
2020-10-09 16:14:52 +02:00
01158227eb
Merge pull request 'Force replacement of some NRPE checks' ( #33 ) from force_NRPE_checks_replacement into dev
...
continuous-integration/drone/push Build is failing
Details
Reviewed-on: #33
Reviewed-by: Tristan Pilat <drustan@noreply.gitea.evolix.org>
2020-10-09 15:48:14 +02:00
Jérémy Dubois
92837424fb
Fix weird commits
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/pr Build is failing
Details
2020-10-09 15:35:23 +02:00
Jérémy Dubois
5fa8e0c9bb
Customize fstab with noexec and softdep
...
continuous-integration/drone/pr Build is failing
Details
continuous-integration/drone/push Build is failing
Details
Add softdep to each partitions
Add noexec to /tmp and remount it if necessary
2020-10-09 15:21:10 +02:00
Jérémy Dubois
bd4748b403
Customize root crontab and daily.local
...
Add custome PATH to root crontab
Add environment variable to daily.local
Add a "next_part" before the evocheck line in daily.local
2020-10-09 15:21:09 +02:00
Jérémy Dubois
0a4e970ab8
Customize fstab with noexec and softdep
...
Add softdep to each partitions
Add noexec to /tmp and remount it if necessary
2020-10-09 15:21:08 +02:00
Jérémy Dubois
4f201d3a73
Customize root crontab and daily.local
...
Add custome PATH to root crontab
Add environment variable to daily.local
Add a "next_part" before the evocheck line in daily.local
2020-10-09 15:21:07 +02:00
Jérémy Dubois
e019b79723
yamllint + correction /tmp softdep
...
softdep is not added anymore if noexec is
already defined after rw
2020-10-09 15:21:06 +02:00
Jérémy Dubois
88df904282
Customize fstab with noexec and softdep
...
Add softdep to each partitions
Add noexec to /tmp and remount it if necessary
2020-10-09 15:21:06 +02:00
Jérémy Dubois
c9d1bff1c6
Customize root crontab and daily.local
...
continuous-integration/drone/push Build is failing
Details
Add custome PATH to root crontab
Add environment variable to daily.local
Add a "next_part" before the evocheck line in daily.local
2020-10-09 14:15:46 +02:00
Jérémy Dubois
fe0c7f6add
Import evocheck v.6.7.5
2020-10-09 14:15:14 +02:00
Jérémy Dubois
07d83d4994
Delete empty line - yamllint
continuous-integration/drone/push Build is failing
Details
2020-10-09 10:45:23 +02:00
Jérémy Dubois
fa497b280e
Configure sudoers umask
...
continuous-integration/drone/push Build is failing
Details
This configuration is checked by evocheck,
so it should be present by default
2020-10-08 15:42:52 +02:00
Jérémy Dubois
12b2f3d280
Delete evobackup root crontab replaced by daily.local cron
2020-10-08 15:39:50 +02:00
Jérémy Dubois
f97317b767
Better rc.local configuration
...
continuous-integration/drone/push Build is failing
Details
Add line before the "echo '.'" line instead of the end
Delete old entry not precising the hostname if still there
2020-10-08 15:19:52 +02:00
Jérémy Dubois
b0f1f9c2ca
Fix OSPF role : add deletion of old log files
continuous-integration/drone/push Build is failing
Details
2020-09-24 16:11:49 +02:00
f4d9ec7359
New naming conventing based OpenBSD's one
continuous-integration/drone/push Build is failing
Details
2020-09-10 11:58:25 +02:00
070046b5ee
Add a CHANGELOG file
continuous-integration/drone/push Build is failing
Details
2020-09-10 11:55:43 +02:00
8ecaf81314
Update evocheck to 6.7.4
2020-09-10 11:55:43 +02:00
a2aec3f4a6
Rewrite README.md file
2020-09-10 11:55:43 +02:00
3f0b3cff1c
Update copyright to 2020
2020-09-10 11:55:43 +02:00
Jérémy Dubois
655099101c
LDAP script replace "ram0" name with "mem"
continuous-integration/drone/push Build is failing
Details
2020-09-02 15:10:16 +02:00
Jérémy Dubois
Tristan PILAT