Ludovic Poujol
7c4a169fb8
proftpd: Add options to override configs
2022-09-13 16:26:10 +02:00
Jérémy Lecour
28276b5d6f
evolinux-base: update-evobackup-canary upstream release 22.06
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-12 13:54:57 +02:00
Jérémy Lecour
3c1ec588fd
minifirewall: use handlers to restart minifirewall
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-09 16:09:48 +02:00
Jérémy Dubois
c3be57410d
openvpn: Run OpenVPN with the \_openvpn user and group instead of nobody which is originally for NFS
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-06 11:27:20 +02:00
William Hirigoyen
6fa89e69a5
Update changelog
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-02 15:48:09 +02:00
Ludovic Poujol
1f52700b47
memcached: NRPE check for multi-instance setup
...
gitea/ansible-roles/pipeline/head This commit looks good
Also some cleanup & split of tasks between single and multi instance
Note: Munin part seems still broken at the time
2022-09-01 15:33:00 +02:00
Ludovic Poujol
ee67ebca8b
webapps/nextcloud: Drop support for Nginx
2022-09-01 12:46:37 +02:00
William Hirigoyen
2bda54a7bd
Update CHANGELOG.md
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-01 12:07:47 +02:00
Ludovic Poujol
d165a104f2
* webapps/nextcloud: Add missing dependencies for imagick
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-01 11:28:08 +02:00
Ludovic Poujol
4a3b40d986
generate-ldif: Support any MariaDB version
gitea/ansible-roles/pipeline/head This commit looks good
2022-08-29 17:29:14 +02:00
Jérémy Lecour
c7a6b3e694
evocheck: upstream release 22.08.1
gitea/ansible-roles/pipeline/head This commit looks good
2022-08-29 17:03:31 +02:00
Jérémy Lecour
71aafe161c
evocheck: upstream release 22.08
2022-08-29 17:03:31 +02:00
Eric Morino
9a25d5981f
add webapps/nextcloud changelog
gitea/ansible-roles/pipeline/head This commit looks good
2022-08-26 16:34:19 +02:00
Jérémy Lecour
5fa7f4809c
vrrp: fix systemd unit name
gitea/ansible-roles/pipeline/head This commit looks good
2022-08-24 17:58:46 +02:00
Jérémy Lecour
018eee7ea0
Update 'CHANGELOG.md'
...
* use role name
* more descriptive message
* order items alphabetically
2022-08-24 15:22:25 +02:00
Patrick Marchand
2c1ec040d1
Simplify user subset creation
...
Instead of tags, allow only one subset of users to be created at a time.
2022-08-24 09:05:29 -04:00
Patrick Marchand
9dfcfe1ef3
Made it possible to only create a subset of users
...
gitea/ansible-roles/pipeline/head This commit looks good
The evolinux_users_create variable is a list of tags that defaults to ['active'].
Only the users that have one of the tags in the evolinux_users_create list will be created.
2022-08-23 20:18:45 -04:00
David Prevot
3bd4b92425
CHANGELOG: Document previous ($self) change
gitea/ansible-roles/pipeline/head This commit looks good
2022-08-18 10:27:26 +02:00
Jérémy Lecour
d0abfa985c
redis: config directory must be owned by the user that runs the service
...
gitea/ansible-roles/pipeline/head This commit looks good
… to be able to write tmp config files in it
2022-08-17 16:53:07 +02:00
Jérémy Dubois
de0c4fd314
openvpn: automate the initialization of the CA and the creation of the server certificate ; use openssl_dhparam module instead of a command
gitea/ansible-roles/pipeline/head This commit looks good
2022-08-10 17:23:47 +02:00
Mathieu Trossevin
78dcec8656
varnish: Repair systemd unit for jessie/stretch
gitea/ansible-roles/pipeline/head This commit looks good
2022-08-10 11:18:23 +02:00
Mathieu Trossevin
08a4f1ed5f
Document previous change
gitea/ansible-roles/pipeline/head This commit looks good
2022-08-10 10:26:37 +02:00
Jérémy Lecour
6c33e11d5f
evocheck: upstream release 22.07.1
gitea/ansible-roles/pipeline/head This commit looks good
continuous-integration/drone/push Build is passing
2022-07-28 14:18:12 +02:00
Jérémy Lecour
0f899dcd09
evocheck: remove failure if deprecated variable is used
gitea/ansible-roles/pipeline/head This commit looks good
continuous-integration/drone/push Build is passing
2022-07-28 13:58:09 +02:00
Jérémy Lecour
25b96c3283
Release 22.07.1
continuous-integration/drone/push Build is running
gitea/ansible-roles/pipeline/head This commit looks good
continuous-integration/drone/pr Build is passing
gitea/ansible-roles/pipeline/pr-stable This commit looks good
2022-07-28 13:49:57 +02:00
Jérémy Lecour
f10ebe8cd6
evocheck: upstream release 22.07
2022-07-28 13:38:33 +02:00
Jérémy Lecour
c8898a3d10
nagios-nrpe: use regexp to exclude paths/devices in check_disk1
gitea/ansible-roles/pipeline/head This commit looks good
continuous-integration/drone/push Build is passing
2022-07-28 13:25:51 +02:00
Jérémy Lecour
0d086731ae
evomaintenance: upstream release 22.07
gitea/ansible-roles/pipeline/head This commit looks good
continuous-integration/drone/push Build is passing
2022-07-27 15:49:41 +02:00
Jérémy Lecour
f7edd565a3
nagios-nrpe: check_disk1 returns only alerts
continuous-integration/drone/push Build is passing
2022-07-27 09:24:46 +02:00
Jérémy Lecour
b453321b3d
nagios-nrpe: exclude /run/shm and /run/lock from check_disk1
2022-07-27 09:24:46 +02:00
Jérémy Lecour
0b41efd188
mongodb: replace version_compare() with version()
continuous-integration/drone/push Build is passing
2022-07-18 15:54:42 +02:00
Bruno TATU
213c6dd6ac
Add change for fail2ban role
continuous-integration/drone/push Build is passing
2022-07-08 11:28:29 +02:00
Jérémy Lecour
53847d9919
Release 22.07
continuous-integration/drone/push Build is passing
2022-07-06 18:02:42 +02:00
Jérémy Lecour
a387304483
Fix CHANGELOG
continuous-integration/drone/push Build is passing
2022-07-06 14:26:13 +02:00
Jérémy Lecour
0a3bfd7f27
evolinux-base: session timeout is configurable
continuous-integration/drone/push Build is passing
2022-07-06 14:24:41 +02:00
Eric Morino
028bfe209a
Add change in kvm-host
continuous-integration/drone/push Build is passing
2022-07-05 10:18:49 +02:00
Jérémy Dubois
68ac8fc058
openvpn: configure logrotate
continuous-integration/drone/push Build is passing
2022-06-30 10:12:36 +02:00
Jérémy Dubois
07c3c0226f
openvpn: minimal rights on /etc/shellpki/ and crl.pem
continuous-integration/drone/push Build is passing
2022-06-29 16:09:04 +02:00
Jérémy Lecour
205e699355
minifirewall: docker mode is configurable
continuous-integration/drone/push Build is passing
2022-06-22 17:20:15 +02:00
Jérémy Lecour
abb14e5b52
haproxy: add haproxy_allow_ip_nonlocal_bind to set sysctl value
continuous-integration/drone/push Build is passing
2022-06-22 15:32:10 +02:00
Ludovic Poujol
519ef930df
Update PermitRootLogin task to work on Debian 11
continuous-integration/drone/push Build is passing
2022-06-21 15:13:38 +02:00
Jérémy Lecour
050c61c220
Release 22.06.3
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2022-06-17 11:00:51 +02:00
Jérémy Lecour
57ecac01ba
evolinux-base: blacklist and do not install megaclisas-status package on incompatible servers
continuous-integration/drone/push Build is passing
2022-06-16 15:19:44 +02:00
William Hirigoyen (Evolix)
3623363b94
Update changelog for version 22.06
continuous-integration/drone/push Build is passing
2022-06-13 17:35:31 +02:00
Jérémy Lecour
556719bbf2
Release 22.06.2
continuous-integration/drone/push Build is passing
2022-06-10 11:11:44 +02:00
Ludovic Poujol
b3ac39decd
postgresql: Fix task order when using pgdg repo & Install the right pg version
continuous-integration/drone/push Build is passing
2022-06-09 10:33:28 +02:00
Jérémy Lecour
cea1408bba
evocheck: upstream release 22.06.2
continuous-integration/drone/push Build is passing
2022-06-09 07:42:29 +02:00
Jérémy Lecour
4d1d77faaf
postgresql: add variable to configure binding addresses (default: 127.0.0.1)
2022-06-09 07:41:52 +02:00
Ludovic Poujol
1e19418fb0
Fail2ban: Multiple changes & improvements :
...
continuous-integration/drone/push Build is passing
* Give the possibility to override jail.local (with fail2ban_override_jaillocal)
* If jail.local was overriden, add a warning
* Allow to tune some jail settings (maxretry, bantime, findtime) with ansible
* Allow to tune the default action with ansible
* Change default action to ban only (instead of ban + mail with whois report)
* Configure recidive jail (off by default) + extend dbpurgeage
2022-06-08 17:55:58 +02:00
Jérémy Lecour
bcaacdf57f
postgresql: fix nested loop for Munin plugins
continuous-integration/drone/push Build is passing
2022-06-08 15:39:34 +02:00
Jérémy Lecour
cbe7985814
Enforce String notation for mode
2022-06-08 15:38:21 +02:00
Jérémy Lecour
b677defd97
redis: binding is possible on multiple interfaces
2022-06-08 15:36:47 +02:00
Jérémy Lecour
1895c549d4
Release 22.06.1
continuous-integration/drone/push Build is passing
2022-06-06 15:07:10 +02:00
Jérémy Lecour
3d70438f7e
evocheck: upstream release 22.06.1
continuous-integration/drone/push Build is passing
2022-06-06 15:05:59 +02:00
Jérémy Lecour
4cd7e0f4a1
minifirewall: upstream release 22.06
2022-06-06 14:42:22 +02:00
Jérémy Lecour
56c2c19d61
evomariabackup: release 22.06.1
continuous-integration/drone/push Build is passing
2022-06-05 21:49:23 +02:00
Jérémy Lecour
6d0e49ba90
mysql: reorganize evomariabackup to use mtree instead of our own dir-check
continuous-integration/drone/push Build is passing
2022-06-05 21:48:04 +02:00
Jérémy Lecour
e718156f86
fix CHANGELOG
continuous-integration/drone/push Build is passing
2022-06-03 10:19:35 +02:00
Jérémy Lecour
e8e99bb9b6
Release 22.06
continuous-integration/drone/push Build is passing
2022-06-03 09:27:01 +02:00
Jérémy Lecour
9378f5634c
add missing entry in CHANGELOG
continuous-integration/drone/push Build is passing
2022-06-03 09:26:07 +02:00
Jérémy Lecour
51908f64b9
evocheck: upstream release 22.06
continuous-integration/drone/push Build is passing
2022-06-03 09:15:04 +02:00
Jérémy Lecour
586aa206a8
mysql: add post-backup-hook to evomariabackup
2022-06-02 18:26:23 +02:00
Jérémy Lecour
b8b96bb5b7
mysql: use dir-check inside evomariabackup
continuous-integration/drone/push Build is passing
2022-06-01 17:24:55 +02:00
Jérémy Lecour
249e53fc21
evolinux-base: add dir-check script
2022-06-01 17:24:55 +02:00
Jérémy Lecour
17a2032a10
evolinux-base: add update-evobackup-canary script
continuous-integration/drone/push Build is passing
2022-06-01 10:46:13 +02:00
Jérémy Lecour
b3dbcb082f
certbot: add hapee (HAProxy Enterprise Edition) deploy hook
continuous-integration/drone/push Build is passing
2022-05-31 14:06:25 +02:00
Ludovic Poujol
134355d190
docker: Allow live-restore to be toggled with docker_conf_live_restore
continuous-integration/drone/push Build is passing
2022-05-24 16:22:49 +02:00
Jérémy Lecour
1a9c219c5b
Release 22.05.1
continuous-integration/drone/push Build is passing
2022-05-12 15:49:18 +02:00
Jérémy Lecour
f82a81844d
evocheck: upstream release 22.05
continuous-integration/drone/push Build is passing
2022-05-12 15:47:50 +02:00
Ludovic Poujol
9973a62c16
docker : Introduce new variables to tweak daemon settings
continuous-integration/drone/push Build is passing
2022-05-10 19:04:58 +02:00
Ludovic Poujol
6aa7b89b78
docker : Introduce new default settings + allow to change the docker data directory
continuous-integration/drone/push Build is passing
2022-05-10 18:21:59 +02:00
Ludovic Poujol
1b4d4c98fe
docker : Removed Debian Jessie support
2022-05-10 17:39:45 +02:00
Jérémy Lecour
09872fa4ad
Release 22.05
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2022-05-10 16:58:32 +02:00
Jérémy Lecour
dd2072b86b
minifirewall: fix failed_when conditions on restart
continuous-integration/drone/push Build is passing
2022-05-10 16:40:45 +02:00
Jérémy Lecour
378ee04c82
minifirewall: upstream release 22.05
2022-05-10 15:55:08 +02:00
Eric Morino
3663783509
add change in opendkim role
continuous-integration/drone/push Build is passing
2022-05-09 10:19:18 +02:00
Jérémy Lecour
749d6a78cd
redis: Add log2mail user to redis group
2022-05-05 09:40:30 +02:00
Jérémy Lecour
61cd2b7428
minifirewall: upstream release 22.04
continuous-integration/drone/push Build is passing
2022-04-28 19:14:31 +02:00
Jérémy Lecour
a53159c93b
minifirewall: compatibility with "legacy" version of minifirewall
continuous-integration/drone/push Build is passing
2022-04-28 12:40:02 +02:00
Jérémy Lecour
805a8ecb3a
etc-git: use "ansible-commit" to efficiently commit all available repositories (including /etc inside LXC) from Ansible
2022-04-27 14:22:59 +02:00
Jérémy Lecour
381a71aca1
dump-server-state: upstream release 22.04.3
continuous-integration/drone/push Build is passing
2022-04-26 18:21:42 +02:00
Jérémy Lecour
55356857b2
dump-server-state: upstream release 22.04.2
continuous-integration/drone/push Build is passing
2022-04-26 09:56:49 +02:00
Jérémy Lecour
daa54cac8f
evocheck: upstream release 22.04.1
2022-04-26 09:56:49 +02:00
Jérémy Lecour
5935d9d4a3
evocheck: upstream release 22.04
continuous-integration/drone/push Build is passing
2022-04-25 09:58:07 +02:00
Jérémy Lecour
58909bc395
vrrpd: Store sysctl values in specific file
2022-04-22 09:32:37 +02:00
Jérémy Lecour
a5bae6645e
dump-server-state: upstream release 22.04.1
continuous-integration/drone/push Build encountered an error
2022-04-20 11:07:20 +02:00
Jérémy Dubois
9161fae0c4
openvpn: use a local copy of files instead of cloning an external git repository
continuous-integration/drone/push Build was killed
2022-04-14 16:34:43 +02:00
Jérémy Dubois
4bf14b9a22
munin: Add possibility to install local plugins, and install dhcp_pool plugin
continuous-integration/drone/push Build was killed
2022-04-14 10:45:24 +02:00
Ludovic Poujol
959d6a8579
redis : Activate overcommit sysctl
2022-04-12 11:27:46 +02:00
Jérémy Lecour
84178d6b24
Tomcat 9 by default with Debian 11
continuous-integration/drone/push Build was killed
2022-04-08 11:57:35 +02:00
Jérémy Dubois
5b2fecb49c
Make evocommit fully compatible with OpenBSD
continuous-integration/drone/push Build was killed
2022-04-07 10:18:08 +02:00
Jérémy Lecour
e71201ab46
dump-server-state: upstream release 22.04
continuous-integration/drone/push Build was killed
2022-04-03 11:18:43 +02:00
Jérémy Dubois
726735d269
etc-git : Remount /usr in rw for git gc in in /usr/share/scripts/
2022-04-01 15:47:44 +02:00
Jérémy Dubois
6434adcc62
nagios-nrpe: Add a check dhcp_pool
continuous-integration/drone/push Build was killed
2022-03-31 16:01:23 +02:00
Jérémy Lecour
ed6ca9a85a
minifirewall: upstream release 22.03.5
continuous-integration/drone/push Build was killed
2022-03-30 22:45:13 +02:00
Mathieu Trossevin
5dc6a1d36b
etc-git: Commit changes to /etc in containers
continuous-integration/drone/push Build was killed
continuous-integration/drone/pr Build was killed
2022-03-30 16:33:00 +02:00
Jérémy Lecour
31c2629d31
minifirewall: configure proxy/backup/sysctl values
continuous-integration/drone/push Build was killed
2022-03-30 09:42:56 +02:00
Mathieu Trossevin
20abe0e09a
postfix: Skip milters after amavis (in packmail)
...
continuous-integration/drone/push Build was killed
Otherwise opendkim will sign local mails twice AND sign external mails
(pretending to be) from local domains as if they were local mails.
2022-03-29 16:06:12 +02:00
Jérémy Lecour
75459baa35
dump-server-state: upstream release 22.03.10
continuous-integration/drone/push Build was killed
2022-03-29 09:11:35 +02:00
Jérémy Lecour
3feacd0c6d
update CHANGELOG
continuous-integration/drone/push Build was killed
2022-03-28 13:28:48 +02:00
Jérémy Lecour
54bf9c1854
evolinux-base: rename backup-server-state to dump-server-state
continuous-integration/drone/push Build was killed
2022-03-27 09:18:15 +02:00
Jérémy Lecour
85d429295f
minifirewall: tail template follows symlinks
continuous-integration/drone/push Build was killed
2022-03-25 18:12:24 +01:00
Jérémy Lecour
bbc1bae437
minifirewall: upstream release 22.03.4
continuous-integration/drone/push Build was killed
continuous-integration/drone/pr Build was killed
2022-03-25 14:57:10 +01:00
Jérémy Dubois
d2fa14fb4f
backup-server-state: release 22.03.5
continuous-integration/drone/push Build was killed
2022-03-24 18:15:56 +01:00
Jérémy Dubois
42782b7f3d
evolinux-base: fix show_help in backup-server-state.sh
...
continuous-integration/drone/push Build was killed
* --uname and --no-uname options were not in help
* --services and --no-services were in help whereas --systemctl and --no-systemctl are used in options parsing
2022-03-24 17:57:58 +01:00
Mathieu Trossevin
1646cc99bf
redis: Remount /usr with RW when adding nagios plugin
continuous-integration/drone/push Build was killed
2022-03-23 13:55:54 +01:00
Jérémy Dubois
b4f83e54d0
openvpn: use a subnet topology instead of the net30 default topology
continuous-integration/drone/push Build was killed
2022-03-23 10:46:17 +01:00
Jérémy Dubois
c2f6ff5249
evocheck: upstream release 22.03.1
continuous-integration/drone/push Build was killed
2022-03-22 11:03:26 +01:00
Jérémy Lecour
5895f5a99b
minifirewall: upstream release 22.03.3
continuous-integration/drone/push Build was killed
2022-03-21 14:35:20 +01:00
Jérémy Lecour
e7594c6c86
evolinux-base: backup-server-state release 22.03.2
continuous-integration/drone/push Build was killed
2022-03-21 11:32:08 +01:00
Mathieu Trossevin
444bd72944
generate-ldif: Correct generated entries for php-fpm in containers
continuous-integration/drone/push Build was killed
2022-03-17 17:36:35 +01:00
Jérémy Lecour
fb41c81e99
backup-server-state: release 22.03.2
...
continuous-integration/drone/push Build was killed
update documentation for --dpkg-full vs. --dpkg-status
2022-03-17 10:45:44 +01:00
Jérémy Lecour
8a9faa0250
* minifirewall: upstream release 22.03.2
continuous-integration/drone/push Build was killed
2022-03-16 23:49:34 +01:00
Jérémy Lecour
545226f6f6
evocheck: upstream release 22.03
continuous-integration/drone/push Build was killed
2022-03-15 23:25:15 +01:00
Jérémy Lecour
ba90203f21
minifirewall: upstream release 22.03.1 and use includes directory
continuous-integration/drone/push Build was killed
2022-03-15 23:07:33 +01:00
Ludovic Poujol
17f884b04a
evolinux-base: Add non-free repos & install non-free firmware on dedicated hardware
continuous-integration/drone/push Build was killed
2022-03-15 11:35:20 +01:00
Ludovic Poujol
913e6d96e8
generate-ldif: Add services check for bkctld
continuous-integration/drone/push Build was killed
2022-03-15 10:53:16 +01:00
Jérémy Lecour
a733e2794f
evolinux-base: backup-server-state release 22.03
continuous-integration/drone/push Build was killed
2022-03-08 16:49:53 +01:00
Mathieu Trossevin
9c84e95182
Repair keepalived role
continuous-integration/drone/push Build was killed
2022-03-02 16:23:01 +01:00
Jérémy Lecour
e5dc503cfd
Release 22.03
continuous-integration/drone/push Build was killed
2022-03-02 09:42:12 +01:00
Jérémy Lecour
270d03b6a6
evolinx-users: optimize sudo configuration
continuous-integration/drone/push Build was killed
2022-03-02 09:40:52 +01:00
Jérémy Lecour
1dc4d0e133
redis: always install check_redis_instances
continuous-integration/drone/push Build was killed
2022-03-01 14:04:05 +01:00
Jérémy Lecour
c8ef7e9b75
redis: check_redis_instances tolerates absence of instances
continuous-integration/drone/push Build was killed
2022-03-01 14:02:22 +01:00
Jérémy Lecour
d9e95218ce
apt_hold_packages: broadcast message with wall, if present
continuous-integration/drone/push Build was killed
2022-02-24 11:49:12 +01:00
Ludovic Poujol
39949ea921
generate-ldif: Add support for php-fpm in containers
continuous-integration/drone/push Build was killed
2022-02-21 11:31:00 +01:00
Ludovic Poujol
e79141d2d2
lxc: Fail if /var is nosuid
2022-02-17 16:25:20 +01:00
Jérémy Lecour
799466788f
lxc-php: preliminary support for PHP 8.1 container
continuous-integration/drone/push Build was killed
2022-02-17 14:50:21 +01:00
Jérémy Dubois
f3c443d076
openvpn: now check that openvpn has been restarted since last certificates renewal
continuous-integration/drone/push Build was killed
2022-02-15 15:52:21 +01:00
Ludovic Poujol
9995fca35d
varnish: update munin plugin to work with recent varnish versions
continuous-integration/drone/push Build was killed
2022-02-08 16:16:24 +01:00
Ludovic Poujol
a2f73bb7df
elasticsearch: Use /etc/elasticsearch/jvm.options.d/evolinux instead of default /etc/elasticsearch/jvm.options
continuous-integration/drone/push Build was killed
2022-02-07 15:18:46 +01:00
Jérémy Dubois
981128dc17
openvpn: make it compatible with OpenBSD and add some improvements
continuous-integration/drone/push Build was killed
2022-02-03 18:35:16 +01:00
Jérémy Lecour
0cbdda840d
Explicit permissions for systemd overrides
continuous-integration/drone/push Build was killed
2022-02-03 14:18:20 +01:00
Jérémy Lecour
9e27d9707b
kvm-host: add missing default value
2022-02-03 14:16:45 +01:00
Jérémy Lecour
5153b88d01
evolinux-base: option to bypass raid-related tasks
2022-02-03 14:15:33 +01:00
Jérémy Lecour
3dd78fbf7e
Release 22.01.3
continuous-integration/drone/push Build was killed
continuous-integration/drone/pr Build was killed
2022-01-31 11:57:21 +01:00
Jérémy Lecour
fcb0b8c80f
backup-server-state: 22.01.3
continuous-integration/drone/push Build was killed
2022-01-28 16:27:39 +01:00
Jérémy Lecour
cd26081add
rbenv: install Ruby 3.1.0 by default
2022-01-28 16:27:20 +01:00
Jérémy Lecour
bb30402df3
Release 22.01.2
continuous-integration/drone/push Build was killed
continuous-integration/drone/pr Build was killed
2022-01-27 14:12:40 +01:00
Jérémy Lecour
6ccd0ea440
Release 22.01.1
continuous-integration/drone/pr Build was killed
continuous-integration/drone/push Build was killed
2022-01-27 14:04:41 +01:00
Jérémy Lecour
2849039fad
remount-usr: use findmnt to find if usr is a readonly partition
continuous-integration/drone/push Build was killed
2022-01-27 11:21:19 +01:00
Jérémy Lecour
80f8a94798
evolinux-base: many improvements for backup-server-state script
continuous-integration/drone/push Build was killed
2022-01-27 10:29:08 +01:00
Jérémy Lecour
bff8fcfebb
apt: upgrade packages after all the configuration is done
continuous-integration/drone/push Build was killed
continuous-integration/drone/pr Build was killed
2022-01-25 18:25:47 +01:00
Jérémy Lecour
0e34d4cd4b
Merge remote-tracking branch 'origin/bullseye-swap-top' into unstable
continuous-integration/drone/push Build was killed
2022-01-25 15:15:05 +01:00
Jérémy Lecour
1f4ee2de79
Prepare CHANGELOG for 22.01 release
continuous-integration/drone/push Build was killed
2022-01-25 15:00:03 +01:00
Mathieu Trossevin
1902c40c3c
lxc-php: Fix config for opensmtpd on bullseye
continuous-integration/drone/pr Build was killed
2022-01-25 11:57:41 +01:00
Jérémy Dubois
3822696db6
Update CHANGELOG for new openvpn role
continuous-integration/drone/push Build was killed
2022-01-24 19:23:26 +01:00
Jérémy Lecour
ca1f465aaa
nodejs: default to version 16 LTS
2022-01-12 13:04:22 +01:00
Jérémy Lecour
ec346a42a5
munin: systemd override to unprotect home directory
continuous-integration/drone/push Build was killed
2021-12-23 16:56:23 +01:00
Mathieu Trossevin
d3eef71127
nagios-nrpe: Fix check_nfsserver for buster and bullseye
...
continuous-integration/drone/pr Build is failing
From buster onward the nfs server doesn't run NFSv4 over UDP (it is out
of spec, see RFC 7530). As such the check broke as it attempt to check
the availability of NFSv4 over UDP.
Right now the check doesn't check for NFSv2 over UDP as it would need to
check if it exist first, as on bullseye it isn't supported by default
anymore.
2021-11-24 11:11:39 +01:00
Jérémy Lecour
e4bb0c6f55
filebeat/metricbeat: version 7.x y default
continuous-integration/drone/push Build is failing
2021-11-12 10:07:43 +01:00
Jérémy Lecour
039c740ef3
mysql: add evomariabackup 21.11
2021-11-01 10:16:55 +01:00
Jérémy Lecour
6cf8195744
evolinux-base: fix alert5.service dependency syntax
2021-10-29 07:52:38 +02:00
Jérémy Lecour
dcfea674a4
listupgrade: old-kernel-removal version 21.10
2021-10-25 14:23:52 +02:00
Jérémy Lecour
646a7b1813
evocheck: package install is not supported anymore
2021-10-25 10:08:40 +02:00
Jérémy Lecour
dd53c01027
evocheck: upstream release 21.10.4
2021-10-25 10:02:12 +02:00
Jérémy Dubois
90acb99c2a
nagios-nrpe: new check influxdb
2021-10-22 14:51:57 +02:00
Jérémy Lecour
ca28df1b75
evocheck: upstream release 21.10.3
2021-10-22 13:57:56 +02:00
Jérémy Lecour
1706361e8d
evocheck: upstream release 21.10.2
2021-10-22 13:43:43 +02:00
Jérémy Lecour
dcdde5f7f6
evocheck: upstream release 21.10.1
2021-10-21 17:32:11 +02:00
Ludovic Poujol
9b3bb39bd0
mysql : Create a default ~root/.my.cnf for compatibility reasons
2021-10-20 16:31:05 +02:00
Ludovic Poujol
b120a92203
evolinux-users + nagios-nrpe: Add support for php-fpm80 in lxc
2021-10-20 15:59:20 +02:00
Ludovic Poujol
a9d0d0958d
packweb-apache : Support php 8.0
2021-10-18 18:30:47 +02:00
Jérémy Dubois
d38119eb0f
nginx : fix variable name and debug
...
nginx_minimal defined the nginx_package_name_default variable which was not
used instead of the nginx_default_package_name variable
also fixed debug which was reversed, and add another one to be sure which mode
is used
2021-10-18 15:01:59 +02:00
Jérémy Lecour
bbd16dc5b4
evolinux-base: add script backup-server-state
2021-10-15 10:50:42 +02:00
Ludovic Poujol
73d6979e72
Various changes on mongodb (support 5.0) + fixes & compatibility
...
* mongodb: Deny the install on Debian 11 « Bullseye » when the version is unsupported
* mongodb: Support version 5.0 (for buster)
* mongodb: Allow to specify a mongodb version for buster & bullseye
* mongodb: Add missing remount-usr for munin plugins
2021-10-05 15:49:47 +02:00
Jérémy Lecour
7d63f20336
evoacme: exclude renewal-hooks directory from cron
2021-10-05 08:28:47 +02:00
Jérémy Lecour
7b14296503
etc-git: optimize maintenance tasks
...
* manage commits with an optimized shell script instead of many slow Ansible tasks
* centralize cron jobs in dedicated crontab
2021-10-02 12:50:01 +02:00
Jérémy Lecour
e089ddf091
evocheck: upstream release 21.10
2021-10-01 18:27:44 +02:00
Jérémy Lecour
b293cf2cf9
Install python 2 or 3 libraries according to running python version
2021-09-30 17:05:10 +02:00
Jérémy Lecour
5cbfda8f52
docker-host: install additional dependencies
2021-09-30 12:09:11 +02:00
Jérémy Lecour
9b479f9c05
evolinux-base: logs are rotated with dateext by default
2021-09-30 12:07:02 +02:00
Jérémy Lecour
4a035d248d
evocheck: upstream release 21.09
2021-09-30 10:45:07 +02:00
Jérémy Lecour
3de5de5304
mysql: improve Bullseye compatibility
2021-09-30 10:13:11 +02:00
Jérémy Lecour
0eb7332a34
php: enforce Debian version with assert instead of fail
2021-09-29 16:43:55 +02:00
Jérémy Lecour
73efee9caa
etc-git: purge old .git/index.lock (default: True)
2021-09-23 14:45:24 +02:00
Jérémy Lecour
1d55965527
logstash: no more dependency on Java
2021-09-21 14:43:58 +02:00
Jérémy Lecour
8233264d2a
logstash: logging to syslog is configurable (default: True)
2021-09-21 14:43:58 +02:00
Jérémy Lecour
ef1472cbba
logstash: elastic_stack_version = 7.x
2021-09-21 14:43:58 +02:00
Ludovic Poujol
f75354bb84
generate-ldif: detect mdadm
2021-09-16 17:26:58 +02:00
Ludovic Poujol
de4d814d74
generate-ldif: detect hardware raid card
2021-09-16 17:17:32 +02:00
Ludovic Poujol
6a2cd59e6d
nagios-nrpe + evolinux-users: new check ipmi
2021-09-16 16:48:03 +02:00
Ludovic Poujol
51fd2337f0
nagios-nrpe + evolinux-users: new check raid (soft + hard)
2021-09-16 16:40:57 +02:00
Ludovic Poujol
fa0c668cec
evolinux-base: install freeipmi by default on dedicated hw
2021-09-16 15:58:10 +02:00
Jérémy Lecour
2b549af7d9
evolinux-base: split dpkg logrotate configuration
2021-09-09 10:23:53 +02:00
Jérémy Lecour
e429f7aecb
squid: add *.o.lencr.org to default whitelist
2021-09-07 14:01:52 +02:00
Jérémy Lecour
e45ee59801
mysql: script "mysql-queries-killer.sh" to kill MySQL queries
2021-08-30 14:05:15 +02:00
Jérémy Lecour
65750d2aa6
evomaintenance: extract a config.yyml tasks file
2021-08-30 09:24:57 +02:00
Jérémy Lecour
ecba57ad75
evolinux-base: install molly-guard by default
2021-08-25 17:57:38 +02:00
Jérémy Lecour
2c7380240c
nagios-nrpe + evolinux-users: new checks for bkctld
2021-08-25 11:56:26 +02:00
Jérémy Lecour
066baf3538
Revert "bullseye-detect: this role is obsolete, Debian 11 has been fully released"
...
continuous-integration/drone/push Build is passing
This reverts commit c9f25f4638
2021-08-17 15:33:06 +02:00
Jérémy Lecour
ad457dd7ba
apt: use the new security repository for Bullseye
continuous-integration/drone/push Build is passing
2021-08-16 14:12:31 +02:00
Jérémy Lecour
969a5bce7d
apt: remove workaround for Evolix public repositories with Debian 11
continuous-integration/drone/push Build is passing
2021-08-16 13:50:53 +02:00
Jérémy Lecour
d186e21239
evoadmin-web: simpler PHP packages lists
2021-08-16 13:49:13 +02:00
Jérémy Lecour
c9f25f4638
bullseye-detect: this role is obsolete, Debian 11 has been fully released
2021-08-16 13:47:33 +02:00
Jérémy Lecour
139b342fbd
certbot: silence letsencrypt deprecation warnings
2021-07-20 17:19:57 +02:00
Jérémy Lecour
bf49ec8df5
mysql: script "mysql_connections" to display a compact list of connections
continuous-integration/drone/push Build is passing
2021-07-08 15:10:35 +02:00
Jérémy Lecour
32b5efa30e
evocheck: upstream release 21.07
continuous-integration/drone/push Build is passing
2021-07-07 15:20:24 +02:00
Jérémy Lecour
29ec7bdcf2
Remove embedded GPG keys only if legacy keyring is present
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
2021-07-04 22:08:47 +02:00
Jérémy Lecour
ffd7d0e504
evolinux-base: alert5 comes after the network
2021-07-04 22:07:51 +02:00
Jérémy Lecour
4167b6d2a9
fix CHANGELOG
2021-07-03 09:10:22 +02:00
Jérémy Lecour
3721c2ab38
squid: improve default whitelist
2021-07-03 08:56:23 +02:00
Jérémy Lecour
5905751a82
squid: must be started in foreground mode for systemd
2021-07-02 23:45:42 +02:00
Jérémy Lecour
a5658b7f26
packweb-apache: install phpMyAdmin from buster-backports
2021-07-02 21:18:06 +02:00
Jérémy Lecour
5c1ae6ed0c
spamassassin: change dependency on evomaintenance
...
Fail with an error if evomaintenance config is missing
instead of trying to install a package that doesn't exist anymore.
2021-07-02 21:16:43 +02:00
Jérémy Lecour
8a784c39ab
mongodb: create munin plugins directory if missing
2021-07-02 21:16:40 +02:00
Jérémy Lecour
9c8dd743c8
Use python3 packages on Debian 11 and later
2021-07-02 21:16:15 +02:00
Jérémy Lecour
6b87ead5b4
update changelog
2021-07-02 21:16:12 +02:00
Jérémy Lecour
e8a8e85819
redis: instance service for Debian 11
2021-07-02 21:13:42 +02:00
Jérémy Lecour
c5ab0c0ff9
squid: remove obsolete variable on Squid 4
2021-07-02 21:13:05 +02:00
Jérémy Lecour
f673ea85d1
Force Debian version to buster for Evolix repository
2021-07-02 21:12:33 +02:00
Jérémy Lecour
2c441f176a
mysql: mariadb-client-10.5 on Debian 11
2021-07-02 21:11:27 +02:00
Jérémy Lecour
c5bb8f06ae
mysql: use python3 with Debian 11 and later
2021-07-02 21:10:52 +02:00
Jérémy Lecour
51d4ec1bb2
php: remove php-gettext for 7.4
2021-07-02 21:10:04 +02:00
Jérémy Lecour
2f68ae5339
Preliminary support for Bullseye
2021-07-02 20:58:09 +02:00
Jérémy Lecour
90cbd17f9b
listupgrade: crontab is configurable
2021-07-02 14:01:46 +02:00
Jérémy Lecour
b0b24744d6
listupgrade: upstream release 21.06.3
2021-07-02 13:59:42 +02:00
Jérémy Lecour
11813c31a4
certbot: add script for manual deploy hooks execution
continuous-integration/drone/push Build is passing
2021-06-30 14:29:03 +02:00
Jérémy Lecour
51462c724c
certbot: sync_remote excludes itself
2021-06-30 07:39:57 +02:00
Jérémy Lecour
2ed1dac16b
Release 10.6.0
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2021-06-28 15:56:19 +02:00
Jérémy Lecour
0fe0244116
Update Galaxy metadata (company, platforms and galaxy_tags)
2021-06-28 15:26:28 +02:00
Jérémy Lecour
1890a79702
elasticsearch: inline YAML formatting of seed_hosts and initial_master_nodes
continuous-integration/drone/push Build is passing
2021-06-23 22:38:24 +02:00
Jérémy Lecour
4c1ef1bd56
elasticsearch: recent versiond don't depend on external JRE
2021-06-23 22:38:24 +02:00
Jérémy Lecour
6190c66445
listupgrade: upstream release 21.06.2
continuous-integration/drone/push Build is passing
2021-06-20 12:06:49 +02:00
Jérémy Lecour
dd32ab5688
listupgrade: upstream release 21.06.1
2021-06-20 10:32:16 +02:00
Jérémy Lecour
dbc853a815
listupgrade: upstream release 21.06
continuous-integration/drone/push Build is passing
2021-06-17 18:23:13 +02:00
Jérémy Lecour
4c7fed77c4
squid: add Yarn apt repository in default whitelist
continuous-integration/drone/push Build is passing
2021-06-17 18:19:20 +02:00
Jérémy Lecour
fe9b7ee5f7
evomaintenance: upstream release 0.6.4
continuous-integration/drone/push Build is passing
2021-06-17 10:57:07 +02:00
Jérémy Lecour
3d715bae35
kvm-host: replace the "kvm-tools" package with scripts deployed by Ansible
continuous-integration/drone/push Build is passing
2021-06-10 11:09:48 +02:00
Jérémy Lecour
ca40fad186
nodejs: change GPG key name
continuous-integration/drone/push Build is passing
2021-06-08 11:19:26 +02:00
Jérémy Lecour
856d11aced
nodejs: update apt cache before installing the package
2021-06-07 13:03:18 +02:00
Jérémy Lecour
2c47871fa7
Add Elastic GPG key to kibana, filebeat, logstash, metricbeat roles
continuous-integration/drone/push Build is passing
2021-05-25 15:10:04 +02:00
Jérémy Lecour
06b8314211
evolinux-base: fix motd lookup path
2021-05-19 17:02:20 +02:00
Jérémy Lecour
02451f1e67
add default (useless) value for file lookup
continuous-integration/drone/push Build is passing
2021-05-19 14:35:08 +02:00
Jérémy Lecour
4d83f25ae6
fix pipefail option for shell invocations
continuous-integration/drone/push Build is passing
2021-05-18 14:04:54 +02:00
Jérémy Lecour
cae0de17df
listupgrade: fix wget error + shellcheck cleanup
continuous-integration/drone/push Build is passing
2021-05-17 23:05:18 +02:00
Jérémy Lecour
56af68e5b3
listupgrade: print error if wget fails
continuous-integration/drone/push Build is passing
2021-05-17 12:19:57 +02:00
Jérémy Lecour
d823c8116a
update CHANGELOG
continuous-integration/drone/push Build is passing
2021-05-09 23:21:21 +02:00
Jérémy Lecour
e5e4dc95fa
packweb-apache: install phpMyAdmin from buster-backports
2021-05-04 14:57:18 +02:00
Jérémy Lecour
e7ddf9d46c
Use 'loop' syntax instead of 'with_list'
2021-05-04 14:31:22 +02:00
Jérémy Lecour
485ec39674
Use 'loop' syntax instead of 'with_nested'
2021-05-04 14:29:50 +02:00
Jérémy Lecour
07fd6451e1
Use 'loop' syntax instead of 'with_dict'
2021-05-04 14:20:53 +02:00
Jérémy Lecour
5138065059
Use 'loop' syntax instead of 'with_items'
2021-05-04 14:19:18 +02:00
Jérémy Lecour
debc4a82ca
Use 'loop' syntax instead of 'with_first_found'
continuous-integration/drone/push Build is passing
2021-05-04 13:39:47 +02:00
Jérémy Lecour
a7971abb04
apt: store keys in /etc/apt/trusted.gpg.d in ascii format
2021-05-03 12:02:31 +02:00
Jérémy Lecour
cc6acdbf34
certbot: sync_remote.sh is configurable
continuous-integration/drone/push Build is passing
2021-05-03 11:25:24 +02:00
Jérémy Lecour
6eaeb90f6e
ldap: fix edge cases where passwords were not set/get properly
continuous-integration/drone/push Build is passing
2021-05-02 23:28:09 +02:00
Jérémy Lecour
43c726e86a
spamassassin: change dependency on evomaintenance
...
continuous-integration/drone/push Build is passing
Fail with an error if evomaintenance config is missing
instead of trying to install a package that doesn't exist anymore.
2021-05-02 01:24:03 +02:00
Jérémy Lecour
920cb7eaeb
update changelog
continuous-integration/drone/push Build is passing
2021-05-01 16:51:20 +02:00
Jérémy Lecour
5d79c31dc3
kvm-host: add migrate-vm script
continuous-integration/drone/push Build is passing
2021-04-28 15:53:38 +02:00
Jérémy Lecour
94a5d7daa2
mysql: variable to disable myadd script overwrite (default: True)
continuous-integration/drone/push Build is passing
2021-04-23 14:59:29 +02:00
Jérémy Lecour
eab68545fe
evolinux-base: add default motd template
continuous-integration/drone/push Build is passing
2021-04-23 11:41:27 +02:00
Ludovic Poujol
3457b14fed
ntpd: Add leapfile configuration setting to ntpd on debian 10+
continuous-integration/drone/push Build is passing
2021-04-21 17:22:45 +02:00
Ludovic Poujol
d56c545183
apache: new variable for mpm mode (+ updated default config accordingly)
...
continuous-integration/drone/push Build is passing
Also, itk package will only be installed if required
2021-04-19 17:35:49 +02:00
Jérémy Lecour
5e0ca0e3ff
Release 10.5.1
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2021-04-13 15:56:09 +02:00
Ludovic Poujol
0f8804a8ab
etc-git: commit in /usr/share/scripts when there's an active repository
continuous-integration/drone/push Build is passing
2021-04-08 16:07:49 +02:00
Jérémy Lecour
a5a2c6e335
haproxy: dedicated internal address/binding (without SSL)
continuous-integration/drone/push Build is passing
2021-04-06 14:41:03 +02:00
Jérémy Lecour
2686eea2b1
Release 10.5.0
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2021-04-01 15:38:10 +02:00
Jérémy Lecour
7041a70eeb
elasticsearch: log rotation is more readable/maintainable
2021-04-01 15:36:34 +02:00
Ludovic Poujol
f2ebe2d878
lxc-php: Add php 7.4 support
continuous-integration/drone/push Build is passing
2021-03-31 10:57:29 +02:00
Jérémy Lecour
d7d057e435
filebeat: fix Ansible syntax error
continuous-integration/drone/push Build is passing
2021-03-23 16:29:03 +01:00
Jérémy Lecour
2593784ab0
metricbeat: new variables to configure SSL mode
2021-03-23 16:28:14 +01:00
Jérémy Lecour
3a3cf1395e
listupgrade: update script from upstream
2021-03-23 16:27:15 +01:00
Jérémy Lecour
5a4bd28eaf
nagios-nrpe: libfcgi-client-perl is not available before Debian 10
continuous-integration/drone/push Build is passing
2021-03-18 15:16:23 +01:00
Jérémy Lecour
5582d6e724
redis: socket/pid directories have the correct permissions
2021-03-18 15:15:39 +01:00
Patrick Marchand
e5511eafc6
Revert changes to bind log path from apparmor fix
...
continuous-integration/drone/push Build is passing
I realised it wasnt the best idea to change the path we are used to using just for this, so I overwrite the apparmor configuration instead.
2021-03-09 16:58:14 -05:00
Patrick Marchand
ffd3ff97f1
Fix conflict in changelog
continuous-integration/drone/push Build is passing
2021-03-09 12:28:01 -05:00
Patrick Marchand
7da22e243e
Changed log directory for bind9
...
It is now /var/log/named, this is what debian 10 and apparmor expect by default. This fixes the bind9 service crashing at start.
2021-03-09 12:25:15 -05:00
Jérémy Lecour
3103af67a7
redis: escape password in Munin configuration
continuous-integration/drone/push Build is passing
2021-03-09 18:24:15 +01:00
Ludovic Poujol
3cb18faf28
evolinux-users: Add sudo rights for nagios for multi-php lxc
continuous-integration/drone/push Build is passing
2021-03-04 16:48:55 +01:00
Jérémy Lecour
1f4079b1b3
haproxy: possible admin access with login/pass
continuous-integration/drone/push Build is passing
2021-02-27 18:43:59 +01:00
Ludovic Poujol
df9db31725
deny requests to ^/evolinux_fpm_status-.*
continuous-integration/drone/push Build is passing
2021-02-22 16:06:57 +01:00
Jérémy Lecour
3709808fdc
redis: use /run instead or /var/run
continuous-integration/drone/push Build is passing
2021-02-18 16:42:54 +01:00
Ludovic Poujol
ddd3e1aa06
nagios-nrpe: new script check_phpfpm_multi
continuous-integration/drone/push Build is passing
2021-02-17 17:23:11 +01:00
Jérémy Lecour
f862ffc42e
beats packages can be upgraded to latest (default: False)
continuous-integration/drone/push Build is passing
2021-02-16 16:35:25 +01:00
Jérémy Lecour
622bbca4c2
apache: rotate logs daily instead of weekly
continuous-integration/drone/push Build is passing
2021-02-12 18:05:47 +01:00
Ludovic Poujol
b0cb14eb5b
* nagios-nrpe: update check_phpfpm_status.pl & install perl dependencies
continuous-integration/drone/push Build is passing
2021-02-12 15:22:57 +01:00
Jérémy Lecour
2b328dc764
postfix: add smtpd_relay_restrictions in configuration
continuous-integration/drone/push Build is passing
2021-02-12 14:10:04 +01:00
Jérémy Lecour
17f1a1a55e
update changelog
continuous-integration/drone/push Build is passing
2021-02-11 12:09:32 +01:00
Jérémy Lecour
dde2672715
nginx: no more "minimal" mode, but the package remains customizable.
continuous-integration/drone/push Build is passing
2021-02-04 11:31:36 +01:00
Jérémy Lecour
cff309ff41
nginx: add access to server status on default VHost
2021-02-04 11:30:32 +01:00
Jérémy Lecour
5588ed6009
minifirewall: change some defaults
...
Only SSH (22) is open on privilegied IPs
Remove volatile.debian.org domain
2021-02-04 10:55:31 +01:00
Jérémy Lecour
024d30ea43
evoacme: upstream release 21.01
continuous-integration/drone/push Build is passing
2021-01-07 19:16:06 +01:00
Jérémy Lecour
0e32e0d2aa
certbot: use a fixed 1.9.0 version of the certbot-auto script (renamed "letsencrypt-auto")
continuous-integration/drone/push Build is passing
2021-01-07 18:55:44 +01:00
Jérémy Lecour
8c54fd8c16
apache: new variables for logrotate + server-status
continuous-integration/drone/push Build is passing
2021-01-05 17:47:56 +01:00
Jérémy Lecour
19da5ea1f7
Release 10.4.0
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2020-12-24 14:00:37 +01:00
Jérémy Lecour
7ec0748383
certbot: detect domains if missing
continuous-integration/drone/push Build is passing
2020-12-24 13:56:43 +01:00
Jérémy Lecour
442e9bcda8
cerbot: hook to sync certificates to remote servers
2020-12-24 13:56:43 +01:00
Jérémy Lecour
4dbd1b0bee
certbot: disable auth for Let's Encrypt challenge
2020-12-24 10:33:48 +01:00
Jérémy Lecour
1d56e002b4
nginx: change from "nginx_status-XXX" to "server-status-XXX"
continuous-integration/drone/push Build is passing
2020-12-23 15:53:36 +01:00
Jérémy Lecour
66a6e67de2
varnish: variable for jail configuration
continuous-integration/drone/push Build is passing
2020-12-21 23:33:14 +01:00
Jérémy Lecour
1922b51fbe
Release 10.3.0
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2020-12-21 16:03:49 +01:00
Jérémy Lecour
67ce8de85e
varnish: custom reload script is now useless
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2020-12-20 23:25:34 +01:00
Jérémy Lecour
3e72d6961c
varnish: no threadpool delay by default
2020-12-20 23:03:37 +01:00
Jérémy Lecour
8861169a04
varnish: config file name is configurable
2020-12-20 23:03:10 +01:00
Jérémy Lecour
81fbd98a5f
evolinux-users: improve uid/login checks
continuous-integration/drone/push Build is passing
2020-12-17 15:25:48 +01:00
Jérémy Lecour
0b528f15da
tomcat-instance: fail if uid already exists
continuous-integration/drone/push Build is passing
2020-12-17 08:06:44 +01:00
Jérémy Lecour
5b2d3b09d0
Create system users for vmail (dovecot) and evoadmin
2020-12-17 08:05:16 +01:00
Jérémy Lecour
3c4986275c
evocheck: upstream release 20.12
continuous-integration/drone/push Build is passing
2020-12-08 11:07:42 +01:00
Jérémy Lecour
772bce8c0b
dovecot: vmail uid/gid are configurable
2020-12-07 17:26:45 +01:00
Jérémy Lecour
4d6f88f0f4
minifirewall: add variables to force upgrade the script and the config (default: False)
continuous-integration/drone/push Build is passing
2020-12-07 17:23:37 +01:00
Jérémy Lecour
98f798b9fb
cerbot: parse HAProxy config file only if HAProxy is found
continuous-integration/drone/push Build is passing
2020-12-03 17:26:16 +01:00
Jérémy Lecour
fc71bb5945
minifirewall: upstream release 20.12
2020-12-01 22:57:13 +01:00
Jérémy Lecour
9aa24f4cde
minifirewall: Docker support
continuous-integration/drone/push Build is passing
2020-12-01 22:47:38 +01:00
Jérémy Lecour
b6817cb62c
evoacme: upstream release 20.12
continuous-integration/drone/push Build is passing
2020-12-01 22:27:05 +01:00
Jérémy Lecour
18ac1e7279
redis: check maxmemory in NRPE check
...
continuous-integration/drone/push Build is passing
If "maxmemory" is set and "maxmemory-policy" is missing or set to
"noeviction" then we enforce the "maxmemory" limit
2020-12-01 19:02:42 +01:00
Jérémy Lecour
86d59cbb5f
mysql: install save_mysql_processlist script
2020-11-24 13:59:04 +01:00
Ludovic Poujol
1d8b7c3bea
apt: disable APT Periodic
...
This interfere with our usual workflow (listupgrade)
Note : Using 0 instead of false is intentional, The value is used by the
apt-daily script that except a "0" to disable itself.
2020-11-24 11:19:18 +01:00
Jérémy Lecour
592030ee9a
evoacme: variable to disable Debian version check (default: False)
2020-11-21 09:59:10 +01:00
Jérémy Lecour
b43d0f3629
evoacme: upstream release 20.11
2020-11-19 21:21:07 +01:00
Ludovic Poujol
15154169cf
kvm-host: Add drbd role dependency (toggleable with kvm_install_drbd)
continuous-integration/drone/push Build is passing
2020-10-30 11:56:24 +01:00
Mathieu Trossevin
71f85a5863
Merge branch 'unstable' into packweb-multi-php2
continuous-integration/drone/pr Build is failing
2020-10-20 17:41:36 +02:00
Mathieu Trossevin
2ea4745f93
lxc-php: Update changelog
continuous-integration/drone/pr Build is failing
2020-10-20 17:27:34 +02:00
Ludovic Poujol
c8d4da532f
evoacme: Don't ignore hooks with . in the name (ignore when it's ".disable")
continuous-integration/drone/push Build is passing
2020-10-20 10:58:51 +02:00
Ludovic Poujol
9e5d041210
dovecot: Update munin plugin & configure it
2020-10-20 10:56:41 +02:00
Jérémy Lecour
d80461e39a
redis: variable to force use of port 6379 in instances mode
continuous-integration/drone/push Build is passing
2020-10-19 16:03:58 +02:00
Ludovic Poujol
929f258bf8
nextcloud: New role
continuous-integration/drone/push Build is passing
2020-10-02 16:51:05 +02:00
Jérémy Lecour
8b48552e36
Release 10.2.0
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
2020-09-17 14:06:46 +02:00
Jérémy Lecour
3e67d92fd3
certbot: an empty change shouldn't raise an exception
continuous-integration/drone/push Build is passing
2020-09-16 12:07:27 +02:00
Jérémy Lecour
48174ad618
evoacme: remount /usr if necessary
continuous-integration/drone/push Build is passing
2020-09-14 11:31:47 +02:00
Jérémy Lecour
b818c348c2
evoacme: remove Debian 9 support
continuous-integration/drone/push Build is passing
2020-09-11 11:09:45 +02:00
Ludovic Poujol
f9d6fe0ad4
evolinux-base: install wget
continuous-integration/drone/push Build is passing
2020-09-10 14:59:19 +02:00
Jérémy Lecour
c7151a8de8
certbot: fix "no-self-upgrade" option
continuous-integration/drone/push Build is passing
2020-09-08 10:02:15 +02:00
Jérémy Lecour
37ed5dd393
evolinux-base: swappiness is customizable
continuous-integration/drone/push Build is passing
2020-09-01 14:08:39 +02:00
Jérémy Lecour
afa0fd35c8
Change default public SSH/SFTP port from 2222 to 22222
continuous-integration/drone/push Build is passing
2020-08-28 18:32:47 +02:00
Jérémy Lecour
d0622c6b20
tomcat: root directory owner/group are configurable
continuous-integration/drone/push Build is passing
2020-08-27 17:12:34 +02:00
Jérémy Lecour
7413a242a8
Release 10.1.0
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2020-08-21 14:50:17 +02:00
Jérémy Lecour
1e6d6cdd13
sort lines in CHANGELOG
2020-08-21 14:03:41 +02:00
Jérémy Lecour
a60deb276b
evoacme: upstream release 20.08
2020-08-21 14:01:06 +02:00
Jérémy Lecour
8ea1bac000
evoacme: update for new certbot role
...
* certbot is installed by the certbot role
* Apache/Nginx configuration is delegated to the certbot role
* No more "acme" user, everything is done with "root".
2020-08-21 13:36:24 +02:00
Benoît S.
a8095b1c36
Updated CHANGELOG.md with recent merges
continuous-integration/drone/push Build is passing
2020-08-20 15:49:22 +09:00
Jérémy Lecour
57ac4e467c
metricbeat: allow using a template
continuous-integration/drone/push Build is passing
2020-08-18 14:01:09 +02:00
Jérémy Lecour
ce35f7292f
filebeat: allow using a template
2020-08-18 14:00:46 +02:00
Jérémy Lecour
d3e69eeeb5
certbot: fix haproxy hook (ssl cert directory detection)
...
continuous-integration/drone/push Build is passing
It was matching additional parameters.
Now it matches on the first argument after "crt"
2020-07-21 10:46:01 +02:00
Jérémy Lecour
21b8104654
elasticsearch: configure cluster with seed hosts and initial masters
continuous-integration/drone/push Build is passing
2020-07-19 11:40:59 +02:00
Jérémy Lecour
9270852349
elasticsearch: set tmpdir before datadir
continuous-integration/drone/push Build is passing
2020-07-19 11:30:00 +02:00
Jérémy Lecour
8aa7f6cf33
mongodb: install custom munin plugins
continuous-integration/drone/push Build is passing
2020-07-17 13:48:18 +02:00
Jérémy Lecour
9bdd5ad9e7
haproxy: rotate logs with date extension and immediate compression
continuous-integration/drone/push Build is passing
2020-06-22 19:02:29 +02:00
Jérémy Lecour
977c28c720
varnish: fix start command when multiple addresses are present
continuous-integration/drone/push Build is passing
2020-06-16 13:51:07 +02:00
Jérémy Lecour
ce7468816f
haproxy: deport SSL tuning to Mozilla SSL generator
...
continuous-integration/drone/push Build is passing
There are too many combinations and they change every so often.
It's better to direct the user to the generator to have a good
configuration.
2020-06-15 22:47:08 +02:00
Jérémy Lecour
30cdbae981
haproxy: split stats variables
2020-06-15 22:45:22 +02:00
Jérémy Lecour
011761eb8f
haproxy: add deny_ips file to reject connections
continuous-integration/drone/push Build is passing
2020-06-14 23:28:29 +02:00
Jérémy Lecour
8465743973
haproxy: add some comments to default config
2020-06-14 23:27:50 +02:00
Jérémy Lecour
4bf5b1daa6
nginx: read server-status values before changing the config
continuous-integration/drone/push Build is passing
2020-06-14 12:49:10 +02:00
Jérémy Lecour
f47af9f54f
haproxy: preconfigure SSL with defaults
continuous-integration/drone/push Build is passing
2020-06-14 12:37:04 +02:00
Jérémy Lecour
7f54b8ab60
haproxy: adapt backports installed package list to distibution
2020-06-14 12:37:04 +02:00
Jérémy Lecour
e5d4ea3c18
nginx: make default vhost configurable
2020-06-14 12:37:04 +02:00
Jérémy Lecour
ce0d61bcbd
certbot: detect HAProxy cert directory
2020-06-14 12:37:04 +02:00
Jérémy Lecour
a8887aaa8e
update changelog
continuous-integration/drone/push Build is passing
2020-06-09 11:45:19 +02:00
Jérémy Lecour
4c71ea2012
haproxy: enable stats frontend with access lists
continuous-integration/drone/push Build is passing
2020-06-09 11:41:33 +02:00
Patrick Marchand
c9daa8ba35
evobackup-client: Fix ssh connection test in zzz_evobackup.sh
...
continuous-integration/drone/push Build is passing
When I made the ssh key name a variable and defaulted it to id_ed25519,
I forgot to change the hardcoded value for the ssh test in
evobackup-client/templates/zzz_evobackup.default.sh.j2
2020-06-08 17:22:18 -04:00
Ludovic Poujol
Jérémy Lecour
Jérémy Dubois
Eric Morino
Patrick Marchand
Mathieu Trossevin
Bruno TATU
William Hirigoyen (Evolix)
Patrick Marchand
Benoît S.