Merge branch 'evoacme-squid-ocsp' into unstable
This commit is contained in:
commit
606c9973c6
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -1 +1,2 @@
|
||||||
.kitchen/
|
.kitchen/
|
||||||
|
.vagrant/
|
||||||
|
|
|
@ -13,3 +13,8 @@
|
||||||
- name: apt update
|
- name: apt update
|
||||||
apt:
|
apt:
|
||||||
update_cache: yes
|
update_cache: yes
|
||||||
|
|
||||||
|
- name: reload squid3
|
||||||
|
service:
|
||||||
|
name: squid3
|
||||||
|
state: reloaded
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
- block:
|
- block:
|
||||||
- name: install jessie-backports
|
- name: install jessie-backports
|
||||||
include_role:
|
include_role:
|
||||||
name: "{{ roles }}/apt-repositories"
|
name: apt-repositories
|
||||||
vars:
|
vars:
|
||||||
apt_repositories_install_backports: True
|
apt_repositories_install_backports: True
|
||||||
|
|
||||||
|
@ -53,3 +53,18 @@
|
||||||
src: certbot.cron
|
src: certbot.cron
|
||||||
dest: /etc/cron.daily/certbot
|
dest: /etc/cron.daily/certbot
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
|
|
||||||
|
- name: Find squid3 config whitelist
|
||||||
|
shell: find /etc/squid3/whitelist-custom.conf /etc/squid3/whitelist.conf 2> /dev/null
|
||||||
|
failed_when: false
|
||||||
|
changed_when: false
|
||||||
|
check_mode: no
|
||||||
|
register: squid3_whitelist_files
|
||||||
|
|
||||||
|
- name: Let's Encrypt OCSP server is authorized by squid
|
||||||
|
lineinfile:
|
||||||
|
dest: "{{ squid3_whitelist_files.stdout_lines | first }}"
|
||||||
|
line: "http://ocsp.int-x3.letsencrypt.org/.*"
|
||||||
|
state: present
|
||||||
|
notify: reload squid3
|
||||||
|
when: squid3_whitelist_files.stdout != ""
|
||||||
|
|
30
evoacme/tests/Vagrantfile
vendored
Normal file
30
evoacme/tests/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
# -*- mode: ruby -*-
|
||||||
|
# vi: set ft=ruby :
|
||||||
|
|
||||||
|
VAGRANTFILE_API_VERSION = "2"
|
||||||
|
|
||||||
|
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
|
||||||
|
config.vm.box = "debian/jessie64"
|
||||||
|
|
||||||
|
config.vm.synced_folder "./vagrant_share/", "/vagrant", disabled: true
|
||||||
|
|
||||||
|
config.vm.provider :virtualbox do |v|
|
||||||
|
v.memory = 2048
|
||||||
|
v.cpus = 2
|
||||||
|
v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
|
||||||
|
v.customize ["modifyvm", :id, "--ioapic", "on"]
|
||||||
|
end
|
||||||
|
|
||||||
|
# Master
|
||||||
|
config.vm.define :default do |default|
|
||||||
|
default.vm.hostname = "default"
|
||||||
|
default.vm.provision :ansible, run: "always" do |ansible|
|
||||||
|
ansible.limit = "default"
|
||||||
|
ansible.playbook = "vagrant.yml"
|
||||||
|
# ansible.tags = "mysql"
|
||||||
|
# ansible.raw_arguments = ["-b", "--ask-vault-pass"]
|
||||||
|
ansible.raw_arguments = ["-vv"]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
9
evoacme/tests/vagrant.yml
Normal file
9
evoacme/tests/vagrant.yml
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
- hosts: default
|
||||||
|
gather_facts: yes
|
||||||
|
become: yes
|
||||||
|
|
||||||
|
roles:
|
||||||
|
# - squid
|
||||||
|
- evoacme
|
||||||
|
|
||||||
|
# vim:ft=ansible
|
Loading…
Reference in a new issue