Commit Graph

855 Commits

Author SHA1 Message Date
Jérémy Lecour 3b93ba0768 fail2ban: install local jail before starting 2017-07-19 11:39:38 +02:00
Jérémy Lecour 2077af2992 fail2ban: change ips variables 2017-07-19 11:39:09 +02:00
Jérémy Lecour 7c92645c5c admin users: fix uidisbusy for proper rc check
because of "failed_when: False", the register would never fail
so we check the return code of "getent passwd"
2017-07-19 11:31:21 +02:00
Jérémy Lecour 0115a16675 whitespaces 2017-07-19 11:31:21 +02:00
Jérémy Lecour cb128a897b Apache: new syntax for auth 2017-07-19 11:31:21 +02:00
Gregory Colpart 86e1e057a8 We don't want anymore a 301 redirect for 403 errors, it's too confusing 2017-07-19 10:21:37 +02:00
Gregory Colpart 6e329d2820 Deny by default (default conf allow from all) 2017-07-19 10:20:54 +02:00
Jérémy Lecour 62fbbd2016 Rename role "apt-repositories" to "apt" 2017-07-19 08:56:46 +02:00
Jérémy Lecour 9c797ea273 kvm-host: images path is customizable 2017-07-19 01:34:13 +02:00
Jérémy Lecour 3a8093fb12 Apache: use "Require"
http://httpd.apache.org/docs/2.4/howto/auth.html
2017-07-18 20:13:58 +02:00
Jérémy Lecour 3e3e1c368e Lighter /root/.vimrc 2017-07-18 20:03:57 +02:00
Jérémy Lecour 388a2c058e Over-simplified /root/.gitconfig 2017-07-18 20:00:20 +02:00
Jérémy Lecour 8505bb9d3c … so the backup is not needed anymore 2017-07-18 19:43:28 +02:00
Jérémy Lecour 20c575ee1e named.conf.options is managed by ansible 2017-07-18 19:42:54 +02:00
Jérémy Lecour 4110d22802 Remove yet some other backups 2017-07-18 19:40:56 +02:00
Jérémy Lecour 0c2170cf5c Remove some backups, again 2017-07-18 19:38:03 +02:00
Benoît S. 92f699b84c A better default vhost for Apache.
This is my proposal to a better vhost.
I added comments to understand the tricky behavior of Directory directive when
using Alias or ScriptAlias.
2017-07-18 17:05:47 +02:00
Gregory Colpart 8981ea4228 Fix for Debian 9, _apt user need right to apt stuff 2017-07-18 16:51:06 +02:00
Benoît S. 54d9dbf7aa Implement #1092. We use custom error pages for Apache
Note: The pack web will maybe modify these pages to have Evolix logo or theme,
or other things to customize.
2017-07-18 15:40:04 +02:00
Jérémy Lecour 2aff6b94c6 Merge branch 'check_http_many-fix-custom-values' into unstable 2017-07-18 12:03:49 +02:00
Jérémy Lecour 7b6781cc1d Merge branch '1836-improve-check-http' into unstable 2017-07-18 12:01:38 +02:00
Jérémy Lecour 08a84e2fed Merge branch '1892-html_errors-off' into unstable 2017-07-18 12:00:58 +02:00
Jérémy Lecour 04ba813ea1 Merge branch '2198-purge-openntpd' into unstable 2017-07-18 12:00:20 +02:00
Benoît S. d2f0996445 Remove custom values.
Someone has copied this script from a production server with custom values.
2017-07-18 10:45:07 +02:00
Benoît S. 7d87a53a2f Fix #1836. We add -e 200 to nagios's check_http. 2017-07-18 10:42:26 +02:00
Benoît S. c1e53f7fe4 Set html_errors to Off for Stretch. 2017-07-18 10:26:54 +02:00
Jérémy Lecour 62534baccf squid: add UserTrust OCSP endpoint to whitelist 2017-07-17 16:44:16 +02:00
Benoît S. fa3047bdc4 Fix #2198. Purge openntpd 2017-07-17 16:18:10 +02:00
Jérémy Lecour be68f9ac0a remove a few useless "backup: yes" 2017-07-17 14:46:01 +02:00
Jérémy Lecour 639a4baf75 Bind: use the chroot variable for Munin 2017-07-17 14:45:36 +02:00
Gregory Colpart a189b7935b NTPD : Listen only on lo interface by default 2017-07-17 14:21:46 +02:00
Jérémy Lecour 7d4e388141 apache: use snakeoil cert by default 2017-07-17 10:54:22 +02:00
Jérémy Lecour a179f824f1 merge nginx-light into nginx 2017-07-14 15:42:36 +02:00
Jérémy Lecour a6db2c9428 More ipsec to a feature branch 2017-07-14 11:36:18 +02:00
Jérémy Lecour 68130495c1 More courier to a feature branch 2017-07-14 11:36:01 +02:00
Jérémy Lecour 19e8b55c83 More clamav to a feature branch 2017-07-14 11:35:37 +02:00
Jérémy Lecour 340ca0e9a0 More amavis to a feature branch 2017-07-14 11:34:28 +02:00
Jérémy Lecour c396536a55 Spamassasin: move to a feature branch 2017-07-14 11:20:38 +02:00
Jérémy Lecour 6111698494 Samba: move to a feature branch 2017-07-14 11:17:49 +02:00
Jérémy Lecour fc2bd395b9 Minifirewall: install Git for tests 2017-07-13 16:36:27 +02:00
Jérémy Lecour d02cef44bd nginx: fix file path 2017-07-13 16:26:14 +02:00
Jérémy Lecour 65c8b4a81f Rename drbd-utils to drbd 2017-07-13 16:11:25 +02:00
Jérémy Lecour 5175ea679b Rename dhcp to dhcpd 2017-07-13 16:10:11 +02:00
Jérémy Lecour b6fac44dab Rename ntp to ntpd 2017-07-13 16:09:51 +02:00
Jérémy Lecour 13b4fbb6bb Newrelic: merge roles 2017-07-13 15:57:42 +02:00
Jérémy Lecour 9caf04e01f elastic-stack: this meta role is useless 2017-07-13 15:31:59 +02:00
Jérémy Lecour f31a9db64c Elasticsearch: merge the curator role back into the main role 2017-07-13 15:31:04 +02:00
Jérémy Lecour 183c467621 Elasticsearch: merge the head plugin install back into the main role 2017-07-13 15:23:23 +02:00
Jérémy Lecour b2278a151c minifirewall: merge the "tail" pattern back into the main role 2017-07-13 15:06:49 +02:00
Jérémy Lecour 913e547f04 Kibana: merge the proxy back into the main role 2017-07-13 14:58:44 +02:00