Jérémy Dubois
e6e05268e5
Fix check_ipsecctl_critiques.sh
2021-11-18 14:53:45 +01:00
Jérémy Dubois
218568fc13
Add comment to check_ipsecctl_critiques.sh : how to use
2021-10-20 16:05:27 +02:00
Jérémy Dubois
fe3d2035f5
Add full ipsecctl check script
...
Different ipsecctl checks are currently used one the servers with no convention,
so I created one template with all that has to be checked.
2021-10-15 11:55:46 +02:00
Jérémy Dubois
9269b13123
Convert values in string
2021-10-14 18:07:54 +02:00
Jérémy Dubois
3ccc0ca924
Force task to run in check mode for NTP configuration
2021-10-14 18:06:50 +02:00
Jérémy Dubois
1bfa1d61f0
Import last evocheck.sh version
2021-10-07 15:02:26 +02:00
Jérémy Dubois
b68a18a4f5
Import last version of evocheck script
2021-09-17 17:16:17 +02:00
Jérémy Dubois
c5f478c584
Update NRPE and doas configuration for checks mailq and openvpn_certificates
...
- Fix check_mailq : the check from monitoring-plugins current version is not
compatible with opensmtpd. I picked the last version from the GIT repository,
and adjusted nrpe and doas configuration
- Add doas configuration for check_openvpn_certificates.sh : some servers need
doas, others don't. Better to set it everywhere.
2021-07-27 18:02:49 +02:00
Jérémy Dubois
1abf0f636c
Fix check_dhcpd
...
/usr/local/libexec/nagios/check_dhcp does not work on server itself
Using back /usr/local/libexec/nagios/check_procs -c1: -C dhcpd
And removing doas configuration
2021-07-23 16:34:34 +02:00
Jérémy Dubois
82137026db
Import fix of evocheck.sh script
2021-07-23 16:33:36 +02:00
Jérémy Dubois
91ef49f7b3
Import 6.9.1 version of evocheck
2021-07-23 16:02:40 +02:00
Jérémy Dubois
7046e193e0
Configure the ntpd.conf file and bump version
2021-07-19 15:27:57 +02:00
Jérémy Dubois
b1aa50a717
Import 6.9.0 evocheck version
2021-07-16 14:58:20 +02:00
Jérémy Dubois
14ec1ca13b
Shifting check carp number to match the interface number
2021-07-16 11:27:44 +02:00
Jérémy Dubois
3fc1dabec4
check_openvpn_certificates.sh : fix conf_file var definition
...
Sometimes, OpenVPN run multiples processes
2021-06-10 16:15:35 +02:00
Jérémy Dubois
8cd6b0bda6
Import last version of zzz_evobackup and evocheck.sh scripts
2021-05-25 21:09:23 +02:00
Jérémy Dubois
f8a9a86bdd
Added info on possible causes of error for openvpn check
2021-05-25 15:19:06 +02:00
Jérémy Dubois
a0f8339705
Change evomaintenance files mode
2021-05-17 11:36:36 +02:00
Tristan Pilat
1364451198
Following the release of OpenBSD 6.9, the VERBOSESTATUS variable is no longer valid in the daily.local configuration file
2021-05-06 15:03:37 +02:00
Jérémy Dubois
2dae2d1ae4
Fix typo
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-15 18:56:24 +01:00
Jérémy Dubois
b3496692b2
Fix motd-carp-state.sh
...
Update the OpenBSD release in our customized motd
2021-02-15 18:25:52 +01:00
Jérémy Dubois
54455a63df
Fix check_free_mem.sh : cached RAM now is free RAM
2021-02-15 17:30:25 +01:00
Jérémy Dubois
d7a427bd7f
check_openvpn_certificates.sh : fix date format
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-08 17:29:46 +01:00
Jérémy Dubois
0c55f87727
Update CHANGELOG and add a check_openvpn_certificates
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2021-02-08 16:30:05 +01:00
Jérémy Dubois
60103070f2
Fix NRPE check_mem
...
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
The percentage sign must be precised. Without it, the check is done checking
the memory in MB.
2021-02-03 11:57:47 +01:00
Jérémy Dubois
7f5627f6bd
Import last version of zzz_evobackup file
continuous-integration/drone/pr Build is failing
continuous-integration/drone/push Build is failing
2021-01-07 09:48:38 +01:00
Jérémy Dubois
55745e1a62
nagios-nrpe role : change variables name
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2020-12-10 19:36:00 +01:00
Jérémy Dubois
8a2111561f
Improve PacketFilter role
...
Replace hards IP with variable
Add a README file
2020-12-10 19:23:18 +01:00
Tristan PILAT
48ea75957d
Add new exceptions to Logsentry ignore files
continuous-integration/drone/pr Build is failing
continuous-integration/drone/push Build is failing
2020-12-02 17:45:38 +01:00
Tristan PILAT
7d24b11fa9
Add tasks to copy customized configuration files
2020-11-24 16:27:29 +01:00
Tristan PILAT
6782746f3c
Add customized logsentry configuration
2020-11-24 16:26:02 +01:00
Jérémy Dubois
389f1a8eae
Import last zzz_evobackup file version
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
2020-11-16 11:24:47 +01:00
Jérémy Dubois
8cddc5e9ae
Fix logsentry.sh file name in task
continuous-integration/drone/pr Build is failing
continuous-integration/drone/push Build is failing
2020-10-30 10:49:23 +01:00
Tristan PILAT
d84fc581d8
Add a new role - Logsentry is a tool that scans system logs to report suspicious/unusual activity
2020-10-30 10:06:36 +01:00
Jérémy Dubois
e9a1373a30
Add file to .gitignore
...
continuous-integration/drone/pr Build is failing
continuous-integration/drone/push Build is failing
This file is frequently updated after a user connection to OpenVPN, so we do
not want to track it.
2020-10-27 11:05:46 +01:00
Jérémy Dubois
9a07552731
Import last zzz_evobackup file version
continuous-integration/drone/pr Build is failing
continuous-integration/drone/push Build is failing
2020-10-27 10:45:11 +01:00
Jérémy Dubois
381aa50e37
Deletion of simple quotes preventing the task to be correctly executed
continuous-integration/drone/push Build is failing
2020-10-26 16:40:53 +01:00
Jérémy Dubois
6613c70446
Revert "Add user with legacy hash ($2a…) instead of current hash ($2b…) for OpenBSD versions older than 5.7"
...
continuous-integration/drone/push Build is failing
This reverts commit 4012a014ce
.
Versions older than 5.7 are … old.
We do not handle versions that old.
2020-10-23 10:17:12 +02:00
Jérémy Dubois
a26d6e13cb
yamllint line-lenght and empty-line
continuous-integration/drone/push Build is failing
2020-10-23 10:15:57 +02:00
Jérémy Dubois
f648f332dd
Import 6.7.7 evocheck version
continuous-integration/drone/push Build is failing
2020-10-22 18:18:28 +02:00
Jérémy Dubois
4012a014ce
Add user with legacy hash ($2a…) instead of current hash ($2b…) for OpenBSD versions older than 5.7
continuous-integration/drone/push Build is failing
2020-10-22 11:52:54 +02:00
Jérémy Dubois
4db9d006a2
Allow evolinux-sudo group to sudo
...
continuous-integration/drone/push Build is failing
evolinux-sudo group can already use doas, it should also
be allowed to use sudo
2020-10-22 11:28:06 +02:00
Jérémy Dubois
d7701d32da
Comment on checks that cannot be used as is - v3
continuous-integration/drone/push Build is failing
2020-10-22 10:34:13 +02:00
Jérémy Dubois
42f5d2c10e
Add "create; true" to other task, needed when running in check mode
continuous-integration/drone/push Build is failing
2020-10-21 15:47:23 +02:00
Jérémy Dubois
44d145e33b
Add "create; true" to task, needed when running in check mode
continuous-integration/drone/push Build is failing
2020-10-21 10:52:39 +02:00
Jérémy Dubois
5ef4a403d2
We should be able to execute evomaintence.sh as soon as we can SSH to the server
2020-10-20 15:57:35 +02:00
Jérémy Dubois
9eeba0c0ab
Add a doas authorization for NRPE
2020-10-20 15:10:12 +02:00
Jérémy Dubois
78686b8730
Stricter ssh and doas access - two separate groups actually needed
...
Fix #34 again
After some discussions, with actually need two separates groups :
- One group for ssh access (evobsd_ssh_group)
- One group for sudo/doas access (evobsd_sudo_group)
We won't need any client group. A client user will be added to the ssh group,
so that we won't have to think about what specific group a user need to be
added in.
2020-10-15 11:01:52 +02:00
Jérémy Dubois
4a0e552691
Import evocheck v.6.7.6
2020-10-15 10:21:02 +02:00
Jérémy Dubois
a7b96d9f67
Fstab : we now also add noatime to each partitions
2020-10-15 09:57:02 +02:00