Ludovic Poujol
|
9fe7825499
|
base: Generate default (self-signed) certificate
Create /etc/ssl/certs on OpenBSD to follow Linux/Debian
Don't change the owner/group of generated files (for now)
|
2024-02-16 10:45:32 +01:00 |
|
Ludovic Poujol
|
f7b29deda3
|
base: Generate default (self-signed) certificate
|
2024-02-15 12:18:29 +01:00 |
|
Ludovic Poujol
|
43e8ebfa0a
|
Changelog for previous commit bce501dee0
|
2024-02-15 11:50:32 +01:00 |
|
Ludovic Poujol
|
bce501dee0
|
etc-git: Remove deprecated/unsupported "warn" parameter
|
2024-02-15 11:28:42 +01:00 |
|
Jérémy Dubois
|
70ab0c80de
|
accounts: add a "users" tag
So that new users are not created and customized password are not reset based on vars files when executing evolixisation.yml again
|
2024-01-26 14:39:42 +01:00 |
|
Jérémy Dubois
|
bf1bb2f80e
|
base: dump-server-state.sh upstream release 24.01
|
2024-01-12 15:02:32 +01:00 |
|
Jérémy Dubois
|
a61f2423bc
|
Remove multiple spaces
|
2023-12-15 16:23:31 +01:00 |
|
Jérémy Dubois
|
7dd930afcb
|
nagios-nrpe: configure allowed_hosts in template and make use of the 'nagios_nrpe_additional_allowed_hosts' var in inventory for additional IP
|
2023-12-15 15:46:15 +01:00 |
|
Jérémy Dubois
|
8e18b6972a
|
post-install: execute motd-carp-state.sh every 10 minuts
|
2023-12-11 17:44:41 +01:00 |
|
Jérémy Dubois
|
63212accdd
|
forwarding: added tags to distinguish IPv4 from IPv6
|
2023-11-13 17:45:33 +01:00 |
|
Jérémy Dubois
|
aee18bfde9
|
base: configure "/var/log" for servers that have a mount on it
|
2023-11-13 16:01:47 +01:00 |
|
Jérémy Dubois
|
1f0011ad2a
|
accounts, etc-git, evocheck, nagios-nrpe: multiple changes to not fail when run in check mode
|
2023-11-09 17:08:13 +01:00 |
|
Jérémy Dubois
|
6822eaa4f0
|
base: added handlers for entries in fstab
|
2023-11-09 17:06:00 +01:00 |
|
Jérémy Dubois
|
aed20187de
|
use Fully Qualified Collection Name everywhere
|
2023-10-23 09:33:54 +02:00 |
|
Jérémy Dubois
|
28021670f0
|
yamllint, ansible-lint, and tags everywhere
|
2023-10-23 09:33:33 +02:00 |
|
Jérémy Dubois
|
a217bb2e56
|
base: deactivate insults in sudo
|
2023-10-13 11:52:41 +02:00 |
|
Jérémy Dubois
|
832e93da0d
|
base: ignore errors on packages installation because it fails for some packages when run in check mode
|
2023-10-13 11:52:40 +02:00 |
|
Jérémy Dubois
|
ced4098192
|
collectd: fix rights for collectd directory
|
2023-10-13 11:52:22 +02:00 |
|
Jérémy Dubois
|
7aa588528c
|
base: doas configuration for ipmi_sensor NRPE check
|
2023-10-13 11:52:22 +02:00 |
|
Jérémy Dubois
|
afba3ad7e1
|
nagios-nrpe: add the ipmi_sensor check
|
2023-10-13 11:52:21 +02:00 |
|
Jérémy Dubois
|
05bdef9ab8
|
etc-git: add versioning for /var/unbound/etc
|
2023-10-13 11:52:19 +02:00 |
|
Jérémy Lecour
|
b2438dde80
|
evomaintenance: upstream release 23.10.1
|
2023-10-09 18:12:05 +02:00 |
|
Jérémy Lecour
|
f644f8c449
|
evomaintenance: upstream release 23.10
|
2023-10-09 17:03:21 +02:00 |
|
Jérémy Dubois
|
a0139688c6
|
accounts: create only users who have a certain value for the create key (default: always )
|
2023-06-20 11:03:55 +02:00 |
|
Jérémy Dubois
|
a66e1c1ee9
|
accounts: configure user home, ssh keys and groups only if it already exists, so that there is no error when run in check mode and user doesn't exist yet
|
2023-06-20 10:41:52 +02:00 |
|
Jérémy Dubois
|
b4e1afa698
|
base: rename sudo task
|
2023-06-20 10:21:18 +02:00 |
|
Jérémy Dubois
|
5ca86431eb
|
base: add evobsd_alias_fwupdate variable and make kshrc file a template so we can set or not a fw_update alias to servers that need it
|
2023-06-20 10:17:00 +02:00 |
|
Jérémy Dubois
|
8a63c8336f
|
evocheck: upstream release 23.06
|
2023-06-05 11:46:12 +02:00 |
|
Jérémy Dubois
|
d2574faaef
|
base: dump-server-state.sh upstream release 23.06
|
2023-06-05 10:46:53 +02:00 |
|
Jérémy Dubois
|
f43405991e
|
base: install ncdu and htop often used as diagnostic tools
|
2023-05-30 11:09:50 +02:00 |
|
Jérémy Dubois
|
e4bc6c1d97
|
collectd: modified collectd scripts directory and scripts files right so that only _collectd group can execute them
|
2023-04-25 10:12:44 +02:00 |
|
Jérémy Dubois
|
6f97857b91
|
post-install: execute motd-carp-state.sh only once an hour
|
2023-04-13 17:57:54 +02:00 |
|
Jérémy Dubois
|
264c58a03d
|
evobackup: execute canary script before executing backup script
|
2023-03-23 11:41:28 +01:00 |
|
Jérémy Dubois
|
7ab102376f
|
base: dump-server-state.sh upstream release 23.03
|
2023-03-23 11:41:27 +01:00 |
|
Jérémy Dubois
|
81d8774885
|
evobackup: zzz_evobackup upstream release 22.12, and call zzz_evobackup with bash ; base: install bash, now needed for zzz_evobackup script
|
2023-03-23 11:41:27 +01:00 |
|
Jérémy Dubois
|
9c450ff11b
|
nagios-nrpe: fix allowed_hosts configuration: keep potential added IP, but we cannot use backrefs if the line does not exist yet
|
2023-03-23 11:41:21 +01:00 |
|
Jérémy Dubois
|
f801218789
|
nagios-nrpe: allow older cipher suites for older Icinga version
|
2023-03-15 16:13:41 +01:00 |
|
Jérémy Dubois
|
a045995c01
|
post-install: add the pf_states check by default in generateldif.sh script
|
2023-03-15 16:03:58 +01:00 |
|
Jérémy Dubois
|
c7e3b2d9ac
|
base: set the lookup option so that resolv.conf searches /etc/hosts before querying a domain name server; the default is the opposite
|
2023-03-15 15:55:41 +01:00 |
|
Jérémy Dubois
|
f42477c8fb
|
nagios-nrpe: check_ipsecctl.sh is never used standalone for check_vpn, always called by check_ipsecctl_critiques.sh
|
2023-03-15 15:27:04 +01:00 |
|
Jérémy Dubois
|
3a0db4bfb4
|
nagios-nrpe: changed check_load to make it more relevant
|
2023-03-03 16:28:43 +01:00 |
|
Jérémy Dubois
|
394b71c947
|
ospf: do not repeat use of command, use variable instead with output of command
|
2023-03-01 14:57:22 +01:00 |
|
Jérémy Dubois
|
ccdd16c523
|
collectd: improve dns_stats.sh script for more metrics
|
2023-02-17 16:21:36 +01:00 |
|
Jérémy Dubois
|
84e6ccec4f
|
base: doas configuration for _collectd user is managed in collectd role, not needed to have it by default
|
2023-02-17 16:20:32 +01:00 |
|
Jérémy Dubois
|
7258d99d13
|
logsentry: delete unused default file that we put in /usr/share/scripts
|
2023-02-16 16:44:06 +01:00 |
|
Jérémy Dubois
|
60fd0e1e38
|
logsentry: fix variables for configuration files
|
2023-02-16 16:40:53 +01:00 |
|
Jérémy Dubois
|
e7ff98662f
|
ospf: precise in the readme file that no daemon is configured/activated
|
2023-02-16 16:31:17 +01:00 |
|
William Hirigoyen
|
079d807c7f
|
evocheck: upstream release 23.02
|
2023-02-10 14:32:06 +01:00 |
|
William Hirigoyen
|
69ab1503b3
|
evocheck: upstream release 22.12
|
2023-02-10 11:47:40 +01:00 |
|
Jérémy Dubois
|
4b971b19fb
|
base: doas is used for evomaintenance, not sudo ; wheel group mustn't be sudo because we use the evolinux-sudo group
|
2023-02-09 15:18:53 +01:00 |
|