evolix
/
ansible-roles
22
2
Fork 2
Code Issues 61 Pull Requests 18 Releases 32 Wiki Activity
3,582 Commits 76 Branches 56 Tags 128 MiB
Commit Graph

3582 Commits

Author SHA1 Message Date
Jérémy Lecour 792e319694 packweb-apache: install evoadmin as a dependency 
A bug in Ansible 2.2 disables some included roles when dependencies have
a conditional evaluated to false.
 2018-04-20 10:23:35 +02:00
Jérémy Lecour d9767aeb86 whitespaces 2018-04-20 10:22:11 +02:00
Ludovic Poujol da13a478c6 webapps/evoadmin-web : Name the fail task 2018-04-19 16:04:21 +02:00
Ludovic Poujol e37b3f569a generate-ldif: add a minifirewall service when /etc/default/minifirewall exists 2018-04-19 16:04:21 +02:00
Jérémy Lecour 92bb60495d mysql: add a name attribute for systemd daemon-reload module 2018-04-19 15:44:05 +02:00
Jérémy Lecour 6daf6877c1 Merge branch 'ssh-groups' into unstable 2018-04-18 18:21:39 +02:00
Jérémy Lecour 43d86f5541 evolinux-users: cover more cases for AllowUsers/Groups in sshd config 2018-04-18 18:21:09 +02:00
Jérémy Lecour 2f631f1ae7 update Changelog 2018-04-18 12:16:57 +02:00
Jérémy Lecour b0b4e13130 evolinux-users: Add users to group for SSH on Debian 9+ 2018-04-18 12:16:04 +02:00
Jérémy Lecour 32c289d915 evolinux: improve case switching 
A case was missing : no AllowUsers/AllowGroups, on Debian 9
 2018-04-18 12:16:04 +02:00
Jérémy Lecour 5bcd7e44cf evolinux-users: really look for evomaintenance 
The file was missing in the grep command :/
 2018-04-18 12:16:04 +02:00
Jérémy Lecour a782ef3180 evolinux-users: better names for a fewtasks 2018-04-18 12:16:04 +02:00
Jérémy Lecour dba26fbbaf evolinux-users: sudoers file should be 0440 also in Stretch 2018-04-18 12:16:04 +02:00
Jérémy Lecour f065310ca6 evolinux-users: use command instead of shell when possible 2018-04-18 12:16:04 +02:00
Jérémy Lecour 2027420877 whitespaces 2018-04-18 12:16:04 +02:00
Jérémy Lecour 13abc44992 evolinux-users: use assert instead of fail 2018-04-18 12:16:04 +02:00
Jérémy Lecour f152ba66cd evolinux-users: regroup tasks 
1. create all accounts
2. configure sudo for everyone
3. configure ssh for everyone
 2018-04-18 12:16:04 +02:00
Jérémy Lecour e0ac7760f0 Use AllowGroups mode also if no AllowUsers is present at all 2018-04-18 12:16:04 +02:00
Jérémy Lecour 4fc58e4b1e evolinux-users: rename included files 2018-04-18 12:16:04 +02:00
Jérémy Lecour b01d9178d0 evolinux-users: split AllowGroups/AllowUsers modes 
If an AllowGroups directive is found or when using Debian 9+,
we use the AllowGroups directive and comment AllowUsers that may be
already present.
When adding a user, we make sure that the allowed group exists
and the use is in that group, to be sure that at least this user
is allowed to connect.

In other situations, we use the AllowUsers directive.
 2018-04-18 12:16:04 +02:00
Jérémy Lecour b866b6fa0a evolinux-base: fail2ban is not enabled by default 2018-04-18 12:15:43 +02:00
Jérémy Lecour 423acc79fd mysql-oracle: copy evolinux config files in mysql.cond.d 2018-04-18 12:06:15 +02:00
Jérémy Lecour cdbce0ae24 mysql-oracle: use systemd module to reload daemon 2018-04-18 12:05:09 +02:00
Jérémy Lecour b843a528be mysql: abort if MariaDB on Debian 8 
We can't create other users with 'debian-sys-maint' on Debian 8 with
MariaDB.
We must give it the GRANT privilege before continuing.
 2018-04-17 10:24:47 +02:00
Jérémy Lecour 602836a6e7 mysql: whitespaces 2018-04-17 10:24:12 +02:00
Jérémy Lecour 87d865508f Merge branch 'unstable' into stable 2018-04-16 00:06:52 +02:00
Jérémy Lecour 4749667f58 Release 9.1.8 2018-04-16 00:00:13 +02:00
Jérémy Lecour ae6e376048 mysql: properly reload systemd 2018-04-15 23:58:31 +02:00
Jérémy Lecour 48dad83c4f evomaintenance: remove double-quotes where not necessary 2018-04-15 22:25:44 +02:00
Victor LABORIE 4612c5ec89 packweb-apache: use check_mode for apg command 
* Fix usage of packweb-apache role with --check
 2018-04-13 12:13:43 +02:00
Victor LABORIE 81861bad80 mysql: use check_mode for apg command 
* Fix usage of mysql role with --check
 2018-04-13 12:08:58 +02:00
Victor LABORIE f5a914bf63 Fix CHANGELOG 2018-04-13 12:05:48 +02:00
Victor LABORIE ef127d89dc packweb-apache: use dependencies instead of include_role for apache and php roles 2018-04-13 11:54:42 +02:00
Jérémy Lecour c53403570a Merge branch 'unstable' into stable 2018-04-06 10:49:54 +02:00
Jérémy Lecour 619a0a8c72 Release 9.1.7 2018-04-06 10:49:23 +02:00
Jérémy Lecour 1194f75510 Merge branch 'lpoujol-listupgrade' into unstable 2018-04-06 10:44:07 +02:00
Jérémy Lecour 2e375b9506 update CHANGELOG 2018-04-06 10:43:38 +02:00
Ludovic Poujol 602c9fbf3b listupgrade: Add service restart notification for squid 2018-04-06 10:42:46 +02:00
Ludovic Poujol 5650b79c81 listupgrade: Add service restart notification for libstdc++6 2018-04-06 10:42:46 +02:00
Jérémy Lecour 46a6a35486 evolinux-users: add check_minifirewall in sudoers commands 2018-04-06 10:36:48 +02:00
Jérémy Lecour 831b733dfe minifirewall: nrpe/sudo config only if possible 2018-04-06 10:35:43 +02:00
Jérémy Lecour baf6ddd66c Merge branch 'check_minifirewall' into unstable 2018-04-06 09:54:21 +02:00
Jérémy Lecour 654c0a261f update CHANGELOG 2018-04-06 09:53:37 +02:00
Jérémy Lecour 61c268b395 nagios-nrpe: add check_minifirewall by default 2018-04-06 09:52:18 +02:00
Jérémy Lecour e984e46b83 minifirewall: nagios plugins directory is configurable 2018-04-06 09:52:18 +02:00
Jérémy Lecour 03c53433d6 Add minifirewal_status and check_minifirewall 
minifirewall_status returns "started" on stdout and exit code 0,
or "stopped" on stdout and exit code 1. The state of minifirewall
is determined by looking for common iptables rules applied by
minifirewall.

check_minifirewall is an NRPE plugin for minifirewall. It returns:
* 0 (OK) if the firewall state is consistent with its configuration
(from the alert5 script)
* 1 (WARNING) if the firewall is started but alert5 is not configured
properly
* 2 (CRITICAL) if the firewall is not running but it should be.
 2018-04-06 09:52:18 +02:00
Jérémy Lecour c2ed10e2e4 CHANGELOG cleanup 2018-04-06 09:26:51 +02:00
Jérémy Lecour 8b9c8288c9 Merge branch 'lpoujol-node-yarn' into unstable 2018-04-06 09:23:42 +02:00
Jérémy Lecour b68d0765ed update CHANGELOG 2018-04-06 09:22:05 +02:00
Jérémy Lecour 2c9acfb12d nodejs: extract yarn tasks in a file 2018-04-06 09:19:36 +02:00