Jérémy Lecour
72f5dc70f8
apt: hold packages only if package is installed
continuous-integration/drone/push Build is passing
2020-02-04 18:14:57 +01:00
Jérémy Lecour
dc7358bc4c
nagios-nrpe: change default haproxy socket path
continuous-integration/drone/push Build is failing
2020-01-23 15:04:25 +01:00
Jérémy Lecour
02858692bb
evomaintenance: don't configure firewall for database if not necessary
continuous-integration/drone/push Build is failing
2020-01-23 14:34:03 +01:00
Jérémy Lecour
71a2a19847
apache: the default VHost doesn't redirect to https for ".well-known" paths
2020-01-23 14:34:03 +01:00
Eric Morino
3740a6782b
Add packages dependencies for Postgis
continuous-integration/drone/push Build is passing
2020-01-21 15:48:03 +01:00
Jérémy Lecour
adc1aad883
redis: data directory is configurable
continuous-integration/drone/push Build is passing
2020-01-17 14:54:05 +01:00
Ludovic Poujol
d3dc98a778
Merge branch 'lpoujol/fpm-php' of evolix/ansible-roles into unstable
continuous-integration/drone/push Build is passing
2020-01-16 15:56:29 +01:00
Ludovic Poujol
31df2d2fbc
php: Add a task to remove Debian's default FPM pool file (off by default)
...
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
Can be triggered by switching php_fpm_remove_default_pool to True.
2020-01-16 15:55:35 +01:00
Ludovic Poujol
ef5ed6911e
php: Change the default pool names to something more explicit (and same for the variables names)
...
Because it's more than just pure configuration, but a fpm pool
definition, I've changed the following variables in Ansible :
- php_fpm_defaults_conf_file to replaced by php_fpm_default_pool_file
- php_fpm_custom_conf_file to php_fpm_default_pool_custom_file.
On the FPM side, I've also changed the files names of the pool to make
them more explicit. No more z and zzz. It's the www pool, so let's put
www in the file name for coherence :
- z-evolinux-defaults.conf changes to www-evolinux-defaults.conf
- zzz-evolinux-custom.conf changes to www-evolinux-zcustom.conf
2020-01-16 15:55:25 +01:00
Ludovic Poujol
c9d3635cf8
php: Make sure the default pool we define can be fully functionnal witout debian's default pool file
2020-01-16 15:55:17 +01:00
Patrick Marchand
af61b7f97d
Temp fix for regression introduced by bkctld 2.x
...
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
The erroneous error codes returned by bkctld will make playbooks
fail even though the commands run succesfully.
See evolix/evobackup#31
2020-01-16 12:18:51 +01:00
Jérémy Lecour
80081aa26e
evolinux-base: remove the chrony package
continuous-integration/drone/push Build is failing
2020-01-16 10:57:47 +01:00
Patrick Marchand
131004136e
Fix mistake in bind logrotate template name
...
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
Just a minor typo, but stops it from running.
2020-01-14 15:15:58 +01:00
Eric Morino
c4ede03f3a
Add package list in board for compatibility Ansible 2.7
continuous-integration/drone/push Build is passing
2020-01-09 15:40:47 +01:00
Eric Morino
12cdf35126
Add multi: "" patch
2020-01-09 15:40:46 +01:00
Jérémy Lecour
65d914098c
whitespaces
continuous-integration/drone/push Build is failing
2020-01-09 15:05:44 +01:00
Alexis Ben Miloud--Josselin
3ba846cc38
redis: change log path
continuous-integration/drone/push Build is passing
2020-01-08 17:24:27 +01:00
Alexis Ben Miloud--Josselin
97719d28f2
redis: add log2mail
continuous-integration/drone/push Build is passing
2020-01-08 17:23:05 +01:00
Jérémy Lecour
e7952dc3c8
etc-git: fix warnings ansible-lint
continuous-integration/drone/push Build is passing
2020-01-08 17:19:36 +01:00
Jérémy Lecour
bf7de332ea
minifirewall: fix warnings ansible-lint
2020-01-08 17:19:13 +01:00
Jérémy Lecour
f79b30eeb4
update changelog
continuous-integration/drone/push Build is passing
2020-01-03 16:40:53 +01:00
Jérémy Lecour
6801f4e00e
Add names to many blocks
2019-12-31 16:56:03 +01:00
Jérémy Lecour
3b258cc43e
tomcat: package version derived from Debian version if missing
2019-12-31 16:43:51 +01:00
Jérémy Lecour
b8bdedaa2e
packweb-apache: update phpmyadmin package for Debian 10+
...
phpmyadmin_4.6.6-5_all.deb is no longer available, let's use 4.6.6-4
2019-12-31 16:27:05 +01:00
Jérémy Lecour
27e217467e
Change "|changed" with "is changed"
2019-12-31 16:18:56 +01:00
Jérémy Lecour
eded11f88f
Change "|search" with "is search"
2019-12-31 16:18:56 +01:00
Jérémy Lecour
e04d881988
replace "with_items" in apt modules
2019-12-31 16:18:56 +01:00
Jérémy Lecour
79bb6103b8
Change "|version_compare" with "is version_compare"
2019-12-31 10:18:19 +01:00
Jérémy Lecour
5b847ec91c
whitespace
continuous-integration/drone/push Build is passing
2019-12-31 09:54:59 +01:00
Eric Morino
270e42ac77
Remove hooks directories if debian 10 and superior
continuous-integration/drone/push Build is passing
2019-12-30 17:32:08 +01:00
Eric Morino
be2ea39158
Add buster for RabbitMQ
2019-12-30 17:27:39 +01:00
Eric Morino
1bf271a4f4
Add install PostGIS in postgresql rôle
continuous-integration/drone/push Build is passing
2019-12-26 16:16:05 +01:00
Patrick Marchand
20191c8873
Fixed regression introduced by commit 276177900b
...
continuous-integration/drone/push Build is passing
The default behavior for ansible template is to overwrite the
targeted file. Since we dont always want to overwrite a file when
we play this role, we set `force` to `False` by default. This means
that if the `dest` already exists, ansible will not overwrite it
with it's given template.
This is fine for most of the tasks in this role, but in the case
of `{{ evoadmin_scripts_dir }}/web-mail.tpl`,the file is created
by a task that runs prior to the template task, so setting it to
`False` by default means it never gets updated and clients dont get
notified when they create new websites.
2019-12-24 14:10:24 -05:00
Patrick Marchand
0b4095d8dd
bkctld restart works better than bkctld start
...
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
a simple start will fail if the jail is already started, there is potential for a race condition.
2019-12-19 10:30:58 -05:00
Victor LABORIE
2a1e0b7ef6
evolinux-base: install ssacli for HP Smart Array
continuous-integration/drone/push Build is passing
2019-12-13 11:00:20 +01:00
Jérémy Lecour
ce45a39b8b
redis: manage runtime directories manually on Jessie
continuous-integration/drone/push Build is failing
2019-12-13 10:44:44 +01:00
Jérémy Lecour
607ee119ec
redis: sudo nopasswd for nagios check
2019-12-13 10:44:44 +01:00
Jérémy Lecour
e557a3eaae
apache: improve permissions in save_apache_status script
2019-12-13 10:44:44 +01:00
Eric Morino
8b6c1341f9
Fix logrotate configuration
continuous-integration/drone/push Build is failing
2019-12-10 14:29:57 +01:00
Victor LABORIE
1b74db194a
Add missing evolix prefix to role dependencies
continuous-integration/drone/push Build is passing
2019-12-03 14:32:34 +01:00
Victor LABORIE
0873bb49e0
Add evolix prefix to role dependencies
continuous-integration/drone/push Build is passing
2019-11-29 14:19:52 +01:00
Victor LABORIE
6f5e13f8b8
Add evolix prefix to include_role
2019-11-29 14:00:25 +01:00
Ludovic Poujol
6e918d166e
evolinux-base: Don't make alert5.service executable
...
continuous-integration/drone/push Build is passing
Every 3 mins, systemd complain that the service file is marked as
executable, and asks the executable bit to be remove.
Nov 27 01:35:11 foo systemd[1]: Configuration file /etc/systemd/system/alert5.service is marked executable. Please remove executable permission bits. Proceeding anyway.
2019-11-28 10:59:29 +01:00
Patrick Marchand
cf8cca745e
hardcode chrooted bind variables
...
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
The current chroot-bind.sh is legacy code that cannot be migrated
without a proper understanding of it's historical context. This
context might still apply and this script is still used on a variety
of new and old machines. By hardcoding the paths when the user
requests a chroot, we limit possible breakage.
2019-11-26 17:17:48 -05:00
Patrick Marchand
5008b79ef5
Remove remaining hardcoded log paths from bind role
...
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
We had variables for the log paths, but these were not being used
by all templates.
2019-11-26 14:04:20 -05:00
Patrick Marchand
7728f5f0c5
Made sure munin and logrotate use the proper path for bind logs
...
Not all code paths made sure that the chroot was taken into account.
2019-11-26 14:02:28 -05:00
Patrick Marchand
b7a223dbdd
use yes / no instead of True / False for certain flags in bind role
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
2019-11-26 11:58:42 -05:00
Patrick Marchand
3ede484242
Standardization of booleans for bind role
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
2019-11-26 11:53:05 -05:00
Patrick Marchand
839db42c81
Revert "yaml lint and quoting standardisation for bind role"
...
This reverts commit 6118dda7c9
.
2019-11-26 11:48:21 -05:00
Ludovic Poujol
0e58f34e18
certbot: Properly evaluate when apache is installed
...
continuous-integration/drone/push Build is failing
Checking the existence of /etc/apache2 is not enough as a condition to
validate the presence of apache.
Indeed, some packages (including certbot!!!), put some files in
/etc/apache2/conf-available even if apache isn't installed.
In those cases, the check is not correct, and we'll enter in the apache
block, and fail when we try to enable the configuration.
With this commit, we now validate the presence apache with the presence
of /usr/sbin/apachectl
2019-11-26 11:58:52 +01:00