Mathieu Trossevin
7c632352a0
Replace the include
module with include_tasks
or import_tasks
...
The behaviour of the `include` module is badly defined (it try to choose
between statically importing the tasks and dynamically including them)
and can cause problems depending on any number of constraints (mostly if
it choose the wrong behaviour).
Replace it with the `import_tasks` (always statically import tasks) unless
the `include` is in a loop in which case we replace it with
`include_tasks` (always dynamically include tasks).
2023-01-03 14:43:42 +01:00
Jérémy Lecour
2ed77c60f0
Improve Ansible syntax
...
replace « x | changed » by « x is changed »
add explicit « bool » filter
use « length » filter instead of string comparison
2021-05-09 23:06:42 +02:00
Jérémy Lecour
5138065059
Use 'loop' syntax instead of 'with_items'
2021-05-04 14:19:18 +02:00
Jérémy Lecour
f940bc3866
cerbot: use the legacy script on Debian 8 and 9
continuous-integration/drone/push Build is passing
2021-02-04 16:34:24 +01:00
Jérémy Lecour
592030ee9a
evoacme: variable to disable Debian version check (default: False)
2020-11-21 09:59:10 +01:00
Jérémy Lecour
48174ad618
evoacme: remount /usr if necessary
continuous-integration/drone/push Build is passing
2020-09-14 11:31:47 +02:00
Jérémy Lecour
4007b14c09
whitespaces
continuous-integration/drone/push Build is passing
2020-09-14 11:17:54 +02:00
Jérémy Lecour
b818c348c2
evoacme: remove Debian 9 support
continuous-integration/drone/push Build is passing
2020-09-11 11:09:45 +02:00
Jérémy Lecour
44ddc8047d
evoacme: disable empty task for hooks
2020-08-21 14:21:28 +02:00
Jérémy Lecour
f49bf5c72d
evoacme: use Let's Encrypt deploy hooks instead of evoacme hooks
continuous-integration/drone/push Build is passing
2020-08-21 14:02:07 +02:00
Jérémy Lecour
8ea1bac000
evoacme: update for new certbot role
...
* certbot is installed by the certbot role
* Apache/Nginx configuration is delegated to the certbot role
* No more "acme" user, everything is done with "root".
2020-08-21 13:36:24 +02:00
Jérémy Lecour
7283e34077
Replace version_compare() with version()
2020-02-25 10:45:35 +01:00
Jérémy Lecour
6801f4e00e
Add names to many blocks
2019-12-31 16:56:03 +01:00
Jérémy Lecour
79bb6103b8
Change "|version_compare" with "is version_compare"
2019-12-31 10:18:19 +01:00
Victor LABORIE
6f5e13f8b8
Add evolix prefix to include_role
2019-11-29 14:00:25 +01:00
Jérémy Lecour
8279092037
evoacme: add a renewal hook to commit changes in /etc/.git
2019-03-07 00:19:43 +01:00
Jérémy Lecour
77b5f84567
evoacme: disable old certbot cron also in cron.daily
2018-06-21 17:22:40 +02:00
Jérémy Lecour
ce11c39ce4
evoacme: add a symlink for vhosts with old path
2018-03-30 18:45:26 +02:00
Jérémy Lecour
37f701eb54
evoacme: typos
2017-12-08 10:22:32 +01:00
Jérémy Lecour
5980593470
evoacme: move nginx acme challenge conf
2017-12-08 09:46:16 +01:00
Jérémy Lecour
708428d088
evoacme: store Nginx letsencrypt config file in snippets
2017-11-25 14:17:36 +01:00
Jérémy Lecour
375c3e6760
evoacme: crontab management
...
* simply rename certbot script to disable it
* use "evoacme" as file name for our custom cron script
2017-11-25 14:17:36 +01:00
Jérémy Lecour
5c6c92ab69
evoacme: install hooks in a loop
2017-11-15 11:40:42 +01:00
Victor LABORIE
1c48df025c
Move /usr rw remount into remount-usr role
2017-11-07 13:34:05 +01:00
Jérémy Lecour
2aa26e2d68
copy vhosts-domains script
2017-10-24 17:39:49 +02:00
Jérémy Lecour
608b0a5bbc
evoacme: fix hooks tasks
2017-10-24 17:39:32 +02:00
Jérémy Lecour
0ed1ca1356
evoacme: install hooks
2017-10-20 10:14:46 +02:00
Gregory Colpart
81698d03de
by default copy use files/ directory
2017-09-21 03:48:17 +02:00
Gregory Colpart
26d823174f
use {{ evoacme_crt_dir }} var everywhere
2017-09-21 03:48:11 +02:00
Gregory Colpart
a006a604f2
Rename /etc/cron.d/certbot to .disabled as written in https://wiki.evolix.org/HowtoLetsEncrypt
2017-09-21 03:48:05 +02:00
Gregory Colpart
cdf0861821
More clear without include for determining apache/nginx presence
2017-09-21 03:47:57 +02:00
Victor LABORIE
9deb594834
evoacme: move scripts in /usr/local/sbin
2017-09-11 17:05:44 +02:00
Gregory Colpart
207a2f6011
Improve distribution verification
2017-08-23 01:49:27 +02:00
Gregory Colpart
41329af173
Remove dynamic add of whitelist Squid proxy
2017-08-23 01:26:57 +02:00
Gregory Colpart
2bb7367edf
standardization for Debian versions : we use "jessie" or "9 or later" to prepare buster smoothly as possible
2017-08-18 03:50:30 +02:00
Jérémy Lecour
62fbbd2016
Rename role "apt-repositories" to "apt"
2017-07-19 08:56:46 +02:00
Jérémy Lecour
bc99227259
Better squid/squid3 whitelist and reload
2017-07-12 12:17:33 +02:00
Jérémy Lecour
404f4445d4
install backports with "tasks_from"
...
When including a specific tasks file, we bypass the "main" tasks of the role and the conditionals.
That way we don't play useless tasks and don't rely on default values.
2017-05-23 15:13:11 +02:00
Jérémy Lecour
d2eeb3ba69
evoacme/tomcat: check if /etc/aliases exists
2017-05-21 23:34:34 +02:00
Jérémy Lecour
1b24815491
whitespaces
2017-05-21 19:32:25 +02:00
Jérémy Lecour
ec1ba752e4
relative paths
2017-05-19 22:31:32 +02:00
Jérémy Lecour
6eb71daead
Let's Encrypt has many subdomains, let's whitelist them all
2017-05-19 21:35:51 +02:00
Jérémy Lecour
6386509d3b
Add Let's Encrypt domains in the squid's whitelist
2017-05-19 19:54:12 +02:00
Jérémy Lecour
d4036df165
evoacme: simplify squid whitelist management
2017-05-16 15:04:24 +02:00
Jérémy Lecour
82b2ab1a67
evoacme: relative path to external roles
2017-05-16 15:04:02 +02:00
Jérémy Lecour
f068684a76
evoacme: add squid whitelist for ocsp server
2017-05-16 10:30:17 +02:00
Victor LABORIE
7dba7f5855
Revert "Load Apache proxy module (IfModule added to apache conf)"
...
This reverts commit 07a24c8438
.
2017-04-18 12:03:20 +02:00
Victor LABORIE
acc3f90bae
evoacme: create system user for acme
2017-04-03 15:36:54 +02:00
Romain Dessort
07a24c8438
Load Apache proxy module
2017-03-29 12:08:50 -04:00
Jérémy Lecour
5b2ab0d8d3
Ansible >= 2.2 supported
2017-03-24 14:15:09 +01:00