Jérémy Lecour
2480088f8b
Change DIR_MODE only if adduser.conf is pristine
2017-10-07 22:59:06 +02:00
Jérémy Lecour
ccaecf690c
proftpd: don't overwrite z-evolinux.conf
2017-10-07 22:57:30 +02:00
Jérémy Lecour
518353268a
evolinux-base: logname command doesn't change
2017-10-07 22:56:37 +02:00
Jérémy Lecour
094ad8c28d
evolinux-base: improve AllowUsers for current user
2017-10-07 22:17:38 +02:00
Jérémy Lecour
c4bdd88e27
evoadmin-web: stay privileged
...
Becoming an unprivilegied user is problemetic for Ansible.
We continue being root, but change the permissions on created files.
2017-10-07 21:48:00 +02:00
Jérémy Lecour
89fe1561b8
evoadmin-web depends on proftpd
2017-10-07 21:45:46 +02:00
Jérémy Lecour
3a34a78045
evoadmin-web: remove a trailing /
2017-10-07 21:43:36 +02:00
Jérémy Lecour
8e86429ea4
proftpd: enforce permissions on password file
2017-10-07 21:43:05 +02:00
Jérémy Lecour
3e12be6a0c
poftpd is compatible with stretch
2017-10-07 21:42:33 +02:00
Jérémy Lecour
c4e61a18d4
evolinux-base includes a few external roles
...
* minifirewall
* munin
* nagios-nrpe
* fail2ban
* listupgrade
2017-10-07 18:13:52 +02:00
Jérémy Lecour
dba77f3bbc
packweb-apache: dependency on squid and mysql
2017-10-07 18:12:28 +02:00
Jérémy Lecour
adade8ae3c
formatting
2017-10-07 17:54:25 +02:00
Jérémy Lecour
e7e9f9e125
Apache/Nginx: use ipaddr_whitelist
2017-10-07 13:48:04 +02:00
Jérémy Lecour
03bc456dfa
evolinux-base: allow ssh for current user
...
When you're not sure to have a proper ssh connection after install,
you can keep the current user authorized.
Example: when using vagrant
This is disabled by default
2017-10-07 13:12:03 +02:00
Jérémy Lecour
382d545d0d
evolinux-base: fix netextreme device detection
2017-10-07 13:12:03 +02:00
Jérémy Lecour
0e9fab48f5
apache: fix ipaddr_whitelist path
2017-10-07 13:12:03 +02:00
Jérémy Lecour
be84ab434e
apache: install save_apache_status.sh
2017-10-07 13:12:01 +02:00
Jérémy Lecour
2395777194
apache: no need for server status suffix anymore
...
The location is restricted, so we don't need to obfuscate
2017-10-07 13:11:25 +02:00
Jérémy Lecour
ddeb39b886
apache: phpmyadmin is not managed here anymore
2017-10-07 13:03:43 +02:00
Jérémy Lecour
dc3b735445
apache: cleanup munin tasks
2017-10-07 11:54:31 +02:00
Jérémy Lecour
1776b4bc24
Apache: improve munin integration
...
* ansible syntax
* remove duplicate tasks
* improve tasks names
2017-10-07 11:17:02 +02:00
Jérémy Lecour
3d7a544820
minifirewall: restore default ports
...
Copied from
https://forge.evolix.org/projects/minifirewall/repository/revisions/master/entry/minifirewall.conf
2017-10-07 10:59:22 +02:00
Benoît S.
9a93e8d449
Merge remote-tracking branch 'origin/unstable' into unstable
2017-10-06 15:45:09 +02:00
Benoît S.
50cba28f7b
Merge branch 'apache-munin' into unstable
2017-10-06 15:42:45 +02:00
Jérémy Lecour
7f4eb747de
change alert5 only for buster
2017-10-06 15:27:22 +02:00
Jérémy Lecour
ed17676432
A real systemd unit for alert5
2017-10-06 15:27:22 +02:00
Jérémy Lecour
fedbc5b579
evolinux-users: no need to repeat condition
2017-10-06 12:05:07 +02:00
Jérémy Lecour
2b253e075c
Users can be added to secondary groups
2017-10-06 01:06:59 +02:00
Jérémy Lecour
f759b849a5
evolinux-users: install many ssh keys if needed
2017-10-06 01:06:59 +02:00
Jérémy Lecour
ef93d56799
evolinux-base: better task name for postfix
2017-10-06 01:06:59 +02:00
Jérémy Lecour
7b88393ccf
Refactoring of admin-users + evolinux-base roles
...
* rename admin-users to evolinux-users
* splitting the "sudo" part for users between jessie and stretch
* with stretch, the sudo group is customizable and properly configured
* import evolinux-users role from evolinux-base at proper time
to ensure ssh connections are possible for other users before
cutting root's access
* evomaintenance is also included in evolinux-base to have it available
when users are created
2017-10-06 01:06:59 +02:00
Jérémy Lecour
116f086b86
drbd: cleanup readme
2017-10-06 01:06:59 +02:00
Jérémy Lecour
b180ca432b
apt: remove a debug task
2017-10-06 01:06:59 +02:00
Jérémy Lecour
24948cf4fa
proftpd: blank vpasswd if missing
2017-10-05 18:46:40 +02:00
Ludovic Poujol
713ca3fbf4
Merge branch 'redis-lpoujol' into unstable
2017-10-05 11:51:02 +02:00
Jérémy Lecour
be32fd9a23
Remove useless comments
2017-10-05 00:29:14 +02:00
Jérémy Lecour
622698fb99
Don't disable root access by default
...
It will be caught by evocheck if we forget to disable it
but will prevent locking ourselves out if we don't create users
2017-10-05 00:29:14 +02:00
Jérémy Lecour
ee80235e14
evolinux-base: etc-git is included after apt customization
...
APT sources must be customized before installing any package
2017-10-04 23:32:27 +02:00
Jérémy Lecour
f050608596
evolinux-base/meta: compatible with stretch
2017-10-04 23:31:29 +02:00
Jérémy Lecour
d35068cf11
postgresql: forgotten files, sorry
2017-10-04 17:20:33 +02:00
Jérémy Lecour
3f350e7955
nagios: don't overwrite the config file
2017-10-04 17:19:49 +02:00
Jérémy Lecour
72c1bb4834
postgresql: version 9.6 by default
...
For Jessie we use external repositories
For Stretch we install from Debian repositories
2017-10-04 14:54:46 +02:00
Jérémy Lecour
5ffc94281f
evolinux-base: parse fstab with better regex
...
The fstab file usually has fields separated by spaces
but sometimes they are separated by tabs.
2017-10-04 14:31:01 +02:00
Gregory Colpart
46c1cbd1a4
update title
2017-10-03 23:45:17 +02:00
Ludovic Poujol
27e4512e50
Redis: Ensure that we do not modify munin-node config if there is multiple redis config blocs
2017-10-03 10:21:13 +02:00
Gregory Colpart
3e92696556
Improve evoacme, mainly evoacme.sh script
2017-10-03 00:02:19 +02:00
Ludovic Poujol
36419c5b3c
Redis: Set pasword variable as NULL instead of ''
2017-10-02 17:13:10 +02:00
Gregory Colpart
31a8aa0a32
update tasks description.
2017-10-02 15:33:10 +02:00
Benoît S.
7d5ecc3685
Merge branch 'bash-completion' into 'unstable'
...
Bash completion
See merge request !9
2017-10-02 11:30:05 +02:00
Benoît S.
b6775bda65
Merge branch 'evoadmin-web-bad-mail-template' into 'unstable'
...
Sed keyword missing
Closes #2
See merge request !11
2017-10-02 11:27:49 +02:00