evolix
/
ansible-roles
18
2
Fork 2
Code Issues 61 Pull Requests 18 Releases 32 Wiki Activity
2,024 Commits 76 Branches 56 Tags 128 MiB
Commit Graph

231 Commits

Author SHA1 Message Date
Jérémy Lecour ac98aa2d18 evolinux-base: install Evocheck (default: `True`)
continuous-integration/drone/push Build is passing Details
2020-03-09 17:02:23 +01:00
Jérémy Lecour ec54af596c evolinux-base: Don't customize the logcheck recipient by default.
continuous-integration/drone/push Build is failing Details 
By default the package sends its messages to the logcheck user.
By default we alias the "logcheck" user to "root" which is redirected to 
our custom address.
 2020-03-04 14:03:18 +01:00
Jérémy Lecour 7283e34077 Replace version_compare() with version() 2020-02-25 10:45:35 +01:00
Jérémy Lecour 80081aa26e evolinux-base: remove the chrony package
continuous-integration/drone/push Build is failing Details
2020-01-16 10:57:47 +01:00
Jérémy Lecour 6801f4e00e Add names to many blocks 2019-12-31 16:56:03 +01:00
Jérémy Lecour 27e217467e Change "|changed" with "is changed" 2019-12-31 16:18:56 +01:00
Jérémy Lecour e04d881988 replace "with_items" in apt modules 2019-12-31 16:18:56 +01:00
Jérémy Lecour 79bb6103b8 Change "|version_compare" with "is version_compare" 2019-12-31 10:18:19 +01:00
Victor LABORIE 2a1e0b7ef6 evolinux-base: install ssacli for HP Smart Array
continuous-integration/drone/push Build is passing Details
2019-12-13 11:00:20 +01:00
Victor LABORIE 6f5e13f8b8 Add evolix prefix to include_role 2019-11-29 14:00:25 +01:00
Ludovic Poujol 6e918d166e
evolinux-base: Don't make alert5.service executable
continuous-integration/drone/push Build is passing Details 
Every 3 mins, systemd complain that the service file is marked as
executable, and asks the executable bit to be remove.

Nov 27 01:35:11 foo systemd[1]: Configuration file /etc/systemd/system/alert5.service is marked executable. Please remove executable permission bits. Proceeding anyway.
 2019-11-28 10:59:29 +01:00
Ludovic Poujol dc1c78e08a evolinux-base: Fix our zsyslog rotate config that doesn't work on Debian 10
continuous-integration/drone/push Build is passing Details 
I've noticed that some log files, especially /var/log/syslog were empty.
After investigating, I've realized that it was happening after a log
rotation by logrotate.

The old mechanism, `invoke-rc.d rsyslog rotate` isn't working anymore on
Debian 10. It will fail with a not so explicit message :

[FAIL] Closing open files: rsyslogd failed!

Long story short, it seems that the pid file (`/run/rsyslogd.pid`) isn't
created any more, so start-stop-daemon as used by /etc/init.d/rsyslog
will fail. Explaining the error message.

Debian 10 rsyslog now brings `/usr/lib/rsyslog/rsyslog-rotate` that is
used by logrotate. It will send the signal HUP the 'right' way, so
rsyslog will be aware of the log rotation.

Sadly, this script isn't present in Debian 9 nor 8, so the logrotate
configuration for rsyslog is now a template, using the right command for
the right version.
 2019-11-22 16:48:19 +01:00
Eric Morino c15f8963e4 Add compatibility for debian 9 and debian 10 in HW tool and megacli package
continuous-integration/drone/push Build is passing Details
2019-11-14 14:29:04 +01:00
Ludovic Poujol 174bfa5ba0 Fix a syntax error in a task name (a missplaced double quote)
continuous-integration/drone/push Build is passing Details
2019-11-12 17:59:36 +01:00
Jérémy Lecour f2dacac139 evolinux-base: add /usr/share/scripts in root's PATH (Debian 10+) 2019-10-30 14:32:32 +01:00
Jérémy Lecour 8679da4cb6 evolinux-base: install /sbin/deny 2019-10-30 14:32:32 +01:00
Jérémy Lecour 78ea4a61e1 typo 2019-10-30 14:32:32 +01:00
Jérémy Lecour 24edbd680a Add crontabs only when cron package is installed (many roles)
continuous-integration/drone/push Build is passing Details
2019-10-21 15:26:03 +02:00
Jérémy Lecour bea11352be Merge branch 'buster' into unstable 2019-09-23 18:34:35 +02:00
Jérémy Lecour b31159c9d2 evolinux-base: use "evolinux_internal_group" for SSH authentication 2019-09-22 22:26:21 +02:00
Jérémy Lecour 8f868b8612 evolinux-base: default value for "evolinux_ssh_group" 2019-09-22 22:25:30 +02:00
Ludovic Poujol f630d93587 evolinux-base: On debian 10 and later, add noexec on /dev/shm
continuous-integration/drone/push Build encountered an error Details
2019-07-23 18:18:29 +02:00
Benoît S. d5751150af evolinux-base: spectre-meltdown-checker need binutils
continuous-integration/drone/push Build encountered an error Details
continuous-integration/drone/pr Build is passing Details
2019-07-03 09:56:17 +02:00
Benoît S. 771c75c1de all-roles: Dot not use ansible_lsb as it is deprecated
continuous-integration/drone/push Build encountered an error Details
continuous-integration/drone/pr Build is passing Details 
We move from `ansible_lsb.codename` to `ansible_distribution_release`.
 2019-07-03 09:41:35 +02:00
Jérémy Lecour fecdbb0406 evolinux-base: use the variable for the "ssh" group name
continuous-integration/drone/pr Build encountered an error Details
continuous-integration/drone/push Build is passing Details
2019-06-24 17:08:01 +02:00
Jérémy Lecour a8ef97fcde Revert "evolinux-base: install "spectre-meltdown-checker" (Debian 9 and later)" 
This reverts commit 65414d8ae7.
 2019-06-20 17:29:48 +02:00
Jérémy Lecour b362f422df evolinux-base: packages for Buster and later
continuous-integration/drone/push Build is passing Details
2019-06-19 15:08:54 +02:00
Jérémy Lecour bee57a0b3c change distribution release codename
continuous-integration/drone/push Build encountered an error Details
continuous-integration/drone/pr Build is failing Details 
Ansible 2.2 is too old to know about buster.
Let's use LSB for that.
 2019-06-18 17:35:28 +02:00
Jérémy Lecour 65414d8ae7 evolinux-base: install "spectre-meltdown-checker" (Debian 9 and later)
continuous-integration/drone/push Build is passing Details
2019-06-17 14:22:00 +02:00
Ludovic Poujol 75a8c90258 evolinux-base: Ensure rename is present 2019-06-17 09:58:10 +02:00
Ludovic Poujol 334b8a3f0d evolinux-base: Validate sshd config with "sshd -t" 
See #52 - It seems the behaviour changed with the recent releases, -T 
that does an extended test now fails on "Match" blocks when no context 
is given through -C
 2019-06-17 09:47:22 +02:00
Jérémy Lecour aa28e9c1b8 change repositories URL 2019-03-21 15:31:58 +01:00
Jérémy Lecour 3e37800994 evolinux-base: remove apt-listchanges on Stretch and later 2019-03-05 11:10:12 +01:00
Jérémy Lecour a94c94018c normalize some arguments positions 2019-01-01 20:02:50 +01:00
Benoît S. 776839fe61 Typo: rcpbind and not rcpbin 2018-12-19 15:58:47 +01:00
Victor LABORIE 74f25e8183 evolinux-base: deploy custom motd if template are present 2018-11-30 15:14:39 +01:00
Patrick Marchand 9198c1e2c0 ansible-lint does not like trailing whitespace 2018-11-13 16:56:31 -05:00
Victor LABORIE 83e9f12669 evolinux-base: install man package 2018-10-23 11:38:52 +02:00
Jérémy Lecour 81e9b3d33c don't reload history on each prompt 2018-09-13 16:54:07 +02:00
Jérémy Lecour 2a89b8ff22 evolinux-base: better shell history 
* remove duplicates from history
* reload/save history at prompt time
 2018-09-11 14:13:29 +02:00
Jérémy Lecour fe064c16d1 update CHANGELOG for evolinux-todo 2018-08-24 14:43:14 +02:00
Jérémy Lecour b6fa349394 evolinux-base: compact multiple systctl tasks into one 2018-08-21 13:34:03 +02:00
Gregory Colpart 51f41ff14a Workaround by Evolix security team for old kernels and vulnerabiliy CVE-2018-5391 (FragmentSmack) 2018-08-17 21:28:14 +02:00
Jérémy Lecour 4461281945 evolinux-base: add internal FQDN/hostname in /etc/hosts if needed 2018-08-17 10:07:36 +02:00
Jérémy Lecour bc8858fc0a evolinux-base: improve hostname configuration 
We can have a "real" hostname and domain, but also an "internal" hostnae 
and domain, used mostly for internal tools.
 2018-08-16 16:17:34 +02:00
Tristan PILAT 99747e72b5 500px is too narrow, let's switch to 768px 2018-07-24 12:17:07 +02:00
Victor LABORIE f56f8f7615 evolinux-base: add mail related aliases 2018-06-25 11:20:37 +02:00
Jérémy Lecour ec535b036c apt module: Use "state: present" instead of "state: installed" 
"state: installed" is deprecated in Ansible 2.5
 2018-05-18 09:33:25 +02:00
Gregory Colpart 20f6371980 typo 2018-05-01 19:38:55 +02:00
Jérémy Lecour 8384e8ba43 evolinux: groups for SSH configuration are used with Debian 10 and later 2018-04-20 14:38:55 +02:00