14 commits

Author	SHA1	Message	Date
Jérémy Dubois	ff1f728102	Doas authorization for collectd ... We put the doas authorization for collectd in the global file and we let it if collectd is not there, because otherwise the authorization would be removed if the base role was run without the collectd role, even if collectd was still running. Collectd would have been broken.	2020-10-14 17:39:23 +02:00
Jérémy Dubois	2bf8a7e872	Stricter ssh and doas access - better version ... Fix #34 We now use a unique evobsd_group (evolix by default). Each user has 2 groups : evobsd_group and user.name. Only evobsd_group can ssh to server and use doas. I also added a password restrictions block for IPs/group. And we make sure the home folder is only readable by owner.	2020-10-13 16:03:54 +02:00
Jérémy Dubois	3a6cd20ab3	Configure the check_packetfilter in NRPE with doas	2020-07-28 17:57:30 +02:00
Jérémy Dubois	27006f8db7	Doas permissions rearrangement	2020-04-21 16:18:07 +02:00
Jérémy Dubois	05d2b707e1	Add OpenBGPD nrpe check with doas configuration	2020-04-21 14:25:42 +02:00
Patrick Marchand	8b1ce861e3	Add stricter ssh and doas access	2019-09-19 17:07:01 -04:00
Patrick Marchand	3e3eb695b4	Merge branch 'replace_sudo_with_doas' into dev ... Any new checks should use doas as well.	2019-09-03 17:43:22 +02:00
Patrick Marchand	18ac01cbb3	Apply latest dev branch to check_dhcpd branch	2019-09-03 11:38:34 -04:00
Patrick Marchand	a994225c27	Merge check_connections_state into dev	2019-09-03 11:34:14 -04:00
Jérémy Dubois	f305b3420b	Replace all sudo occurences with doas	2019-07-15 18:25:25 +02:00
Jérémy Dubois	a23a6efca8	Replace sudo with doas	2019-07-15 17:44:05 +02:00
Jérémy Dubois	1b5196d6a4	Replace sudo with doas	2019-07-15 17:29:36 +02:00
Tristan PILAT	798a482787	Load root's environment when using doas	2019-04-23 20:50:02 +02:00
Tristan PILAT	b555fb1222	Add initial project	2018-12-28 11:23:49 +01:00