Commit Graph

1467 Commits

Author SHA1 Message Date
Jérémy Lecour 26c46bfb96 evocheck: the crontab is updated by the role 2018-08-18 09:41:59 +02:00
Gregory Colpart 51f41ff14a Workaround by Evolix security team for old kernels and vulnerabiliy CVE-2018-5391 (FragmentSmack) 2018-08-17 21:28:14 +02:00
Jérémy Lecour dbb72ef2a0 evocheck: fix quotes on grep regular expressions 2018-08-17 15:52:42 +02:00
Jérémy Lecour 4d7e9b1c3f evocheck: detect installed packages even if "held" by APT (manual fix) 2018-08-17 14:59:22 +02:00
Jérémy Lecour 40160e0c6e generate-ldif: detect installed packages even if "held" by APT 2018-08-17 11:56:41 +02:00
Jérémy Lecour 4461281945 evolinux-base: add internal FQDN/hostname in /etc/hosts if needed 2018-08-17 10:07:36 +02:00
Jérémy Lecour 46fed05fa2 evocheck: update upstream script 2018-08-17 10:04:07 +02:00
Jérémy Lecour bc8858fc0a evolinux-base: improve hostname configuration
We can have a "real" hostname and domain, but also an "internal" hostnae 
and domain, used mostly for internal tools.
2018-08-16 16:17:34 +02:00
Tristan PILAT d07af3ca55 Fix forgotten spaces in configuration directives 2018-08-14 11:09:48 +02:00
Tristan PILAT 1d021e0954 Fix mistaken task 2018-08-14 10:21:12 +02:00
Tristan PILAT d321814254 Add cluster members configuration 2018-08-13 17:49:24 +02:00
Jérémy Lecour ccd8c00e3a CHANGELOG : add missing entries 2018-08-09 18:24:48 +02:00
Jérémy Lecour 3f74cbaf47 uvrrpd role is not ready for stable yet 2018-08-09 18:21:07 +02:00
Jérémy Lecour 2752650ea3 The openvpn role is not ready for stable yet 2018-08-09 18:04:02 +02:00
Jérémy Lecour f2bd125cfc memcached: improve systemd units management 2018-08-09 17:46:31 +02:00
Jérémy Lecour adb0033722 memcached: add a TODO comment for multi-instances NRPE checks 2018-08-09 17:25:50 +02:00
Jérémy Lecour 17b8b4c3d5 nginx: add a backward compatible variable for backports 2018-08-09 17:13:04 +02:00
Jérémy Lecour fbc9bf3288 haproxy: add a backward compatible variable for backports 2018-08-09 17:11:47 +02:00
Jérémy Lecour b9b0183ec5 remount-usr: mount doesn't report a change
It is arguable that this is a real change or not,
but in practice we have playbooks that report changes only for this and
it's very fun to scroll back each time to see if it's remount-usr or
a "real" change.
2018-08-06 15:01:52 +02:00
Daniel Jakots e817dffc0f Ignore /sys/kernel/debug/tracing in check_disk1 2018-08-01 11:08:11 +02:00
Tristan PILAT b095f87f85 Nginx role now handle Nginx installation from backports for either Debian Jessie or Stretch 2018-07-31 16:06:05 +02:00
Victor LABORIE 57cf0a29ab kvm-host: install kvm-tools package instead of copying add-vm.sh 2018-07-27 11:27:50 +02:00
Eric Morino 14e270b688 Ajout verification minifirewall + /usr en ro + port management pour check_openvpn + certificat dhparam 2018-07-26 11:48:14 +02:00
Tristan PILAT 8ad8c2c798 Add the first version of OpenVPN role 2018-07-24 17:16:30 +02:00
Tristan PILAT db683ea9c3 Fix role - shift haproxy_apt_preferences file to the templates directory 2018-07-24 15:43:45 +02:00
Tristan PILAT e83ca81776 Haproxy role now handle haproxy installation from backports for Debian Stretch 2018-07-24 12:29:42 +02:00
Tristan PILAT 99747e72b5 500px is too narrow, let's switch to 768px 2018-07-24 12:17:07 +02:00
Benoît S. 758a537a8d For SANs certificates, also add a CN for the first domain 2018-07-12 11:12:29 +02:00
Jérémy Lecour 5e9d4906ad add quotes for shell command 2018-07-12 11:04:14 +02:00
Benoît S. de63c0747f Support for SAN in self-signed certificates 2018-07-10 17:46:41 +02:00
Benoît S. 17159676d9 Add exit 0 after the command -v commands.
Otherwise it would exit 1 on nginx if you have not nginx installed.
2018-07-10 17:09:20 +02:00
Jérémy Lecour c57b069bf5 Reorder lines in CHANGELOG 2018-07-10 16:28:56 +02:00
Jérémy Lecour d387ed660a munin: properly rename Munin cache directory 2018-07-10 16:27:10 +02:00
Jérémy Lecour ec12948398 mysql: add quotes in a few tasks 2018-07-10 16:27:10 +02:00
Jérémy Lecour 1439fdab8f metricbeat: add a role (copied from filebeat) 2018-07-10 16:27:10 +02:00
Benoît S. 961d9da5e5 Backport fix from Daniel Jakots
Original commit:

The code was taken from check_http_many which apparently deals only with return
codes 0, 1 and 2. Here, we uses check_nrpe which iff it can't connect, it
returns 255
(40717e320c).

So I decided that if the return code is greater or equal to 2, then we consider
it's critical. I can't see any return code greater than 2 which may not be
critical.
2018-07-10 11:32:18 +02:00
Tristan PILAT 55d05cd4f0 Don't install uvrrpd if already present 2018-07-04 11:36:39 +02:00
Tristan PILAT 17e31604af We need some packages installed beforehand 2018-07-04 11:15:02 +02:00
Victor LABORIE f3ab0b361b tomcat: better nrpe check output 2018-07-03 12:24:11 +02:00
Tristan PILAT db84e63940 Add role to install uvrrpd - https://forge.evolix.org/projects/uvrrpd 2018-06-28 14:18:31 +02:00
Jérémy Lecour 4eea7362e3 php: fix php-fpm service name for Stretch 2018-06-26 16:04:14 +02:00
Victor LABORIE b18b3d3404 roundcube: add missing slash to https redirection 2018-06-25 16:58:03 +02:00
Bruno TATU 2e2745290e squid: whitelist egain somes domains 2018-06-25 14:07:40 +02:00
Victor LABORIE f56f8f7615 evolinux-base: add mail related aliases 2018-06-25 11:20:37 +02:00
Victor LABORIE f32eee4b68 Update CHANGELOG 2018-06-25 11:12:33 +02:00
Victor LABORIE d2c37fe67b redmine: use .my.cnf for mysql password 2018-06-22 10:49:24 +02:00
Jérémy Lecour 77b5f84567 evoacme: disable old certbot cron also in cron.daily 2018-06-21 17:22:40 +02:00
Victor LABORIE 9f34db8f9a evoacme: fix module detection in apache config 2018-06-20 11:07:23 +02:00
Jérémy Lecour 045492be85 Update changelog 2018-06-19 16:51:27 +02:00
Tristan PILAT af6fcb8a57 Fix typing mistake 2018-06-18 10:34:20 +02:00