You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

204 lines
7.3 KiB

# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](,
and this project adheres to [Semantic Versioning](
## [Unreleased]
### Added
* base: set the title of the terminal when connecting to a server
* base: import script
* post-install: add a version number to
* nagios-nrpe: add a check dhcp_pool
* collectd: add script
* base: add a "next_part" before executing evobackup in daily.local file
* base: add update-evobackup-canary script
* base: session timeout is configurable
* add a update-utils.yml playbook to update scripts
* base: use a variable to define ntpd server
* base: add entry in doas.conf for sd0 in case we have a hard raid
* base: add munin files in newsyslog.conf by default
* nagios-nrpe: add some information in check
### Changed
* accounts: use "evobsd_internal_group" for SSH authentication
* evocheck: imported version 22.03
* base: zzz_evobackup upstream release 22.03
* etc-git: manage commits with an optimized shell script instead of many slow Ansible tasks
* etc-git: use "ansible-commit" to efficiently commit all available repositories from Ansible
* etc-git: add versioning for /usr/share/scripts
* nagios-nrpe: add a wraper to check_dhcpd to define the number of dhcpd processes that must be running depending on the CARP state
* evocheck: renamed install.yml to main.yml and add evocheck cron at the beginning of the daily.local file
* pf: reorder some rules, more details on some comments
* update of tags for each tasks and ease the update of scripts
* evocheck: execute evocheck without --cron the first of the month
* etc-git: chmod 600 for local periodic files (daily, weekly, monthly)
* base: loop over fstab entries instead of copying the same task for each entries
* etc-git: do not erase custom entries of servers in .gitignore files
* nagios-nrpe: check_disk1 returns only alerts
* base: do not erase custom configuration of servers in doas.conf
* base: vmd and pass are not used in our infrastructure, deletion of autocompletion
* nagios-nrpe: do not erase custom configuration of servers in nrpe.d/evolix.cfg, and do not use zzz_evolix.cfg anymore
* base: export evomaintenance and evobackup tasks into their own roles
* nagios-nrpe: multiples IP can now be checked with
* base: use a variable for /etc/installurl content
* base: use "servers" option instead of "server" option for ntpd.conf
* base: fstab options can be activated or not
* base: configure "/usr/X11R6" and "/usr/local" for servers that have a mount on it
* base: we can chose to deploy or not utils files
* base: reordering default variable file and deleting unused one
* base: use a template for ntp configuration to ease the management of the different cases
* logsentry: update config files, add "[logsentry]" in subject, and simplify task
* nagios-nrpe: deleted unused variables and added a ntp check server variable
* post-install: use basename of path in to define file from elsewhere
* bgp, collectd, logsentry, ospf: update scripts
### Fixed
* base: fix shell configuration, increase $HISTSIZE, and change history alias so it displays full history
* nagios-nrpe: handle the case where cached_mem is in GB to convert it in MB in
* post-install: improve management of ldif file for ldap
* post-install: ignore errors from syspatch
* nagios-nrpe: grep in was too large
* post-install: fix missing space in script
### Removed
* openvpn: deleted this deprecated role ; use the one provided in the ansible-roles repo
## [21.12] - 2021-12-17
### Changed
* Configure locale to en_US.UTF-8 in .profile file so that "git log" displays the accents correctly
* Use vim as default git editor
* Change version pattern and fix release scheme
### Added
* Add a bioctl NRPE check for RAID devices
## [6.9.2] - 2021-10-15
### Added
* Add a more complete ipsecctl check script
* Add doas configuration for
### Fixed
* Fix check_dhcpd for dhcpd server themselves: use back check_procs -c1: -C dhcpd
* Fix check_mailq: check from monitoring-plugins current version is not compatible with opensmtpd
## [6.9.1] - 2021-07-19
### Added
* Configure the ntpd.conf file
## [6.9.0] - 2021-05-06
### Changed
* Remove the variable VERBOSESTATUS in daily.local configuration file since it is no longer valid.
## [6.8.3] - 2021-02-15
### Added
* Add a customization of the logsentry configuration
* Add a check_openvpn_certificates in NRPE and OpenVPN role to check expiration date of server CA and certificates files
### Fixed
* Fix the check_mem command in the NRPE role, precising the percentage sign for it not to check the memory in MB.
* Fix the check_mem script in the NRPE role, adding cached RAM as free RAM
* Fix by updating the OpenBSD release in our customized motd after an upgrade
### Changed
* The PF role now use a variable for trusted IPs
## [6.8.2] - 2020-10-30
### Added
* Add a Logsentry role
## [6.8.1] - 2020-10-26
### Fixed
* Fix a task using a register where simple quotes prevented the register to be properly filled, breaking the following task
## [6.8.0] - 2020-10-23
### Added
* Add a PF tag to be able to skip that part when rerunning EvoBSD
* Add a doas authorization for NRPE check_ipsecctl_critiques
### Changed
* The task mail.yml replace the former boot/reboot message only if it is untouched
* Replace the variable used to set the email address in etc-git role - now using inventory_hostname
* Not checking syspatch when OpenBSD <= 6.1
* Amend fstab file adding noatime option to each entrie
* Import evocheck v.6.7.7
* Comment NRPE checks that cannot be used as is
### Fixed
* Add the creation of the NRPE plugins directory in nagios-nrpe role
* Add collectd doas rights in the base role to avoid broking anything if EvoBSD is rerun without the collectd role included
* Do not add the motd cron if the same line is already there but uncommented
* Amend fstab entries only when the filesystem is ffs
## [6.7.2] - 2020-10-13
### Added
* Now handling deletion of evobackup crontab (replaced by daily.local cron)
* Customize fstab with noexec and softdep
* Collectd role
### Changed
* Improve rc.local file configuration
* Update evocheck to version 6.7.5
* Hide default daily output mail content (VERBOSESTATUS=0)
* Add deletion of old log files in the OSPF role
### Fixed
* Fix duplicate evobackup cron if the entry is uncommented in daily.local
## [6.7.1] - 2020-09-10
### Added
* Add completions functions in root's profile dotfile
* Add NRPE plugin
* Add an evocheck role
* Add stricter ssh and doas access
* Add an openvpn role
* Add an OpenBGPd NRPE plugin
* Add ospf and bgp roles
* Add an unbound NRPE check since it is part of the base system
* Add a script that checks the carp state and generates the /etc/motd file
### Changed
* Disable sndiod since it is not required on serveurs
* Replace sudo with doas for script executions
* Update evomaintenance version to 0.6.3
* Disable mouse function in vim configuration
* Drop openup since syspatch can apply stable patches now
* Update evobackup script
* Rewrite newsyslog configuration
* Drop postgresql-client package since evomaintenance use an API now