evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 19 Releases 33 Wiki Activity
1725 commits 77 branches 57 tags 128 MiB
Commit graph

238 commits

Author SHA1 Message Date
Ludovic Poujol af896fe1fc * ntpd: Update the restrictions to follow wiki.evolix.org/HowtoNTP client config 
- Ensure the client won't respond to anybody but accept the timeserver 
answers
- Should work on both Jessie and Stretch
 2019-01-18 15:32:45 +01:00
Jérémy Lecour 87860d5b7f Release 9.7.0 2019-01-17 18:11:46 +01:00
Jérémy Lecour fc0b1d6968 update changelog 2019-01-17 17:42:18 +01:00
Patrick Marchand 59c479582e Adds ips tag to fail2ban/tasks/ip_whitelist.yml 
You can already skip nginx and apache ip_whitelist tasks with this
tags, it makes sense for fail2ban to follow suite.
 2019-01-10 17:03:14 -05:00
Ludovic Poujol 40b2654141 php: added php-zip in the installed package list for debian 9 (and later) 2019-01-10 19:12:53 +01:00
Ludovic Poujol c4c091b362 squid: added packagist.org in the whitelist 2019-01-10 18:12:03 +01:00
Victor LABORIE f6ca2279bf java: update Oracle java package to 8u192 2019-01-10 16:16:35 +01:00
Jérémy Lecour df308b0396 fail2ban: fix "ignoreip" update 2019-01-09 16:44:16 +01:00
Ludovic Poujol 67d7458ba6 nodejs: Update yarn repo GPG key (current key expired) 
Ref: https://github.com/yarnpkg/yarn/issues/6865
 2019-01-09 10:49:20 +01:00
Jérémy Lecour 7c2feea561 metricbeat: add a variable for the protocol to use with Elasticsearch 2019-01-08 11:05:27 +01:00
Victor LABORIE 719e9b35b2 evocheck: update evocheck.sh for source install 2019-01-08 10:25:10 +01:00
Jérémy Lecour 921c92fd5b redis: add a variable for renamed/disabled commands 2019-01-08 10:04:27 +01:00
Jérémy Lecour ebd65b2395 metricbeat: fix username/password replacement 2019-01-08 10:02:04 +01:00
Jérémy Lecour 1118486993 rbenv: add pkg-config to the list of packages to install 
Some Ruby gems (Nokogiri…) need this to detect system libraries.
 2019-01-03 10:16:46 +01:00
Jérémy Lecour 41c1ed5a70 apache: add Munin configuration for Apache server-status URL 2019-01-01 21:08:51 +01:00
Jérémy Lecour 92a25a9502 redis: add variables to prevent or force restart 2018-12-21 11:11:15 +01:00
Jérémy Lecour 3b63172532 redis: distinction between main and master password 2018-12-21 11:08:18 +01:00
Ludovic Poujol effdb4c7eb redis: Configure munin when working in instance mode 2018-12-17 14:47:07 +01:00
Ludovic Poujol fa49f249e7 redis: Don't set the owner of /var/{lib,log}/redis to a redis instance account 2018-12-17 14:43:42 +01:00
Ludovic Poujol f46f5ccbde nagios-nrpe: check_process now return the error code (making the check more usefull than /bin/true) 2018-12-12 14:58:12 +01:00
Jérémy Lecour d0b3b6d6b8 evomaintenance: database variables must be set or the task fails 2018-12-11 12:08:04 +01:00
Victor LABORIE 2a6cb3b381 evoadmin-mail: complete refactoring, use Debian Package 2018-12-07 15:26:08 +01:00
Ludovic Poujol f2f595af13 redis: In instance mode, ensure to replace the nrpe check_redis with the instance check script 2018-12-05 16:37:52 +01:00
Ludovic Poujol c9ba37614c nginx: Munin url config is now a template to insert the server-status prefix 2018-12-05 16:25:48 +01:00
Jérémy Lecour 69d9b949e2 Release 9.6.0 2018-12-04 14:51:17 +01:00
Jérémy Lecour 2bcc1133c0 minifirewall: all variables are configurable 
By default, a Null value keeps the variable current value as-is.
Set an Array (can be empty) to replace the value.
 2018-12-04 14:49:50 +01:00
Jérémy Lecour 50e16e0dee minifirewall: compare config before/after (for restart condition) 2018-12-04 14:46:32 +01:00
Jérémy Lecour 59dd03c91e squid: better replacement in minifirewall config 2018-12-04 14:46:32 +01:00
Jérémy Lecour 33e29657a7 update changelog 2018-12-04 14:46:32 +01:00
Victor LABORIE 74f25e8183 evolinux-base: deploy custom motd if template are present 2018-11-30 15:14:39 +01:00
Victor LABORIE 6469733d2f evoacme: fix error handling in sed_cert_path_for_(apache|nginx) 2018-11-22 15:06:23 +01:00
Jérémy Lecour d5e34a58d2 Release 9.5.0 2018-11-14 17:15:25 +01:00
Jérémy Lecour b3f9932c4d evolinux-users: add newaliases handler 2018-11-14 17:04:51 +01:00
Jérémy Lecour 2f8cad3c7c packweb-apache: mod-security config is already included elsewhere 2018-11-14 17:04:03 +01:00
Jérémy Lecour 5056f93283 mysql: logdir can be customized 2018-11-14 16:13:06 +01:00
Jérémy Lecour bd1b1a7775 update CHANGELOG 2018-11-14 16:13:06 +01:00
Jérémy Lecour 3425711ecf redis: update CHANGELOG 2018-11-14 15:35:11 +01:00
Victor LABORIE cfb87a7b65 haproxy: add vars for tls configuration 
Permit simply include of TLS configuration, eg. in [global] :

{{ haproxy_ssl_intermediate | indent(width=4) }}
 2018-11-13 11:07:06 +01:00
Jérémy Lecour df48a60684 evocheck: update script from upstream 2018-11-08 09:46:57 +01:00
Victor LABORIE c6a504c6c5 Add an SSL role for certificates deployment 2018-11-06 16:15:48 +01:00
Jérémy Lecour 4a411685ff evomaintenance: FROM domain is configurable 2018-11-06 10:39:30 +01:00
Jérémy Lecour 2f9348e3d1 update CHANGELOG 2018-11-02 18:16:29 +01:00
Jérémy Lecour 3d76454984 update CHANGELOG for postfix 2018-11-02 10:14:49 +01:00
Jérémy Lecour c03be65ed9 evomaintenance: update script from upstream 2018-11-02 10:13:40 +01:00
Victor LABORIE 83e9f12669 evolinux-base: install man package 2018-10-23 11:38:52 +02:00
Victor LABORIE 6e6820805d nginx: add tag for ips management 2018-10-19 10:31:45 +02:00
Jérémy Lecour 79aceac380 Release 9.4.2 2018-10-12 10:16:40 +02:00
Jérémy Lecour 85c779164a evomaintenance: fix role compatibility with OpenBSD 2018-10-12 10:13:27 +02:00
Victor LABORIE 357914b44e amavis: fix output result checking 2018-10-11 17:18:03 +02:00
Jérémy Lecour 1d06721b96 update CHANGELOG 2018-10-08 09:43:09 +02:00
Jérémy Lecour 20e8d9f432 evomaintenance: install dependencies when installing vendored version 2018-10-08 09:37:18 +02:00
Victor LABORIE f2469dbdd9 * spamassassin: add missing right for amavis 2018-10-03 14:41:41 +02:00
Victor LABORIE 8dd2fcac55 Update CHANGELOG for haproxy/nagios-nrpe 2018-09-28 15:33:56 +02:00
Jérémy Lecour d442473370 Release 9.4.1 2018-09-28 10:45:50 +02:00
Jérémy Lecour 40ac98cb79 mysql-oracle: better handle packages and users 2018-09-27 15:05:02 +02:00
Jérémy Lecour 829da4bb40 update CHANGELOG for evomaintenance 2018-09-25 12:15:51 +02:00
Victor LABORIE c7cc63444d redis: set masterauth when redis_password is defined 2018-09-20 16:42:35 +02:00
Jérémy Lecour 9ddb297961 Release 9.4.0 2018-09-20 12:30:52 +02:00
Jérémy Lecour 517d7c0d9a Update CHANGELOG with generate-ldif changes 2018-09-20 12:28:48 +02:00
Jérémy Lecour 21e24df8c8 Update CHANGELOG with logstash recent changes. 2018-09-20 12:24:19 +02:00
Victor LABORIE 5f4601f611 nagios-nrpe: add check_redis_instances 2018-09-20 10:21:49 +02:00
Victor LABORIE 8546f0f34f redis: add support for multi instances 2018-09-19 17:24:26 +02:00
Victor LABORIE 09e48516c6 redis: add missing tags 2018-09-19 16:25:47 +02:00
Jérémy Lecour d6e71353dd Add a role to switch from networkd to ifconfig 2018-09-14 14:53:38 +02:00
Jérémy Lecour b2596aad2a mysql: add a variable to prevent mysql from restarting 2018-09-13 18:32:23 +02:00
Jérémy Lecour 2a4a993f09 update CHANGELOG 2018-09-11 14:20:13 +02:00
Victor LABORIE 47bf0ed2d2 dovecot: stronger TLS configuration 2018-09-11 11:13:02 +02:00
Jérémy Lecour c76cbd1887 evolinux-users: add user to /etc/aliases 2018-09-09 23:42:38 +02:00
Jérémy Lecour 8c9c5782e1 webapps/evoadmin-web: add users to /etc/aliases 2018-09-09 23:42:15 +02:00
Jérémy Lecour ac1a3e5f09 nginx: cleaner way to overwrite the server status suffix 2018-09-09 23:02:02 +02:00
Jérémy Lecour bfb591dc74 apache: cleaner way to overwrite the server status suffix 2018-09-09 23:01:43 +02:00
Jérémy Lecour efcd2ed391 packweb-apache: don't regenerate phpMyAdmin suffix each time 2018-09-09 23:00:41 +02:00
Jérémy Lecour 92f14a496f etc-git: conditional for cron job 2018-09-08 00:27:03 +02:00
Jérémy Lecour 37ea8d292e Release 9.3.2 2018-09-06 15:14:34 +02:00
Victor LABORIE bf3e5b4cb6 dovecot: enable SSL/TLS by default with snakeoil certificate 2018-09-04 14:50:22 +02:00
Jérémy Lecour 9869a1f269 typo 2018-08-31 19:28:06 +02:00
Jérémy Lecour c25c3c6a31 minifirewall: improve variables values and documentation 2018-08-30 17:06:21 +02:00
Jérémy Lecour 9787328a0b minifirewall: add a variable to force a restart of the firewall 2018-08-30 17:05:30 +02:00
Jérémy Lecour 96cd04ae40 minifirewall: add a variable to disable the restart handler 2018-08-30 17:04:14 +02:00
Jérémy Lecour 944006e63c Release 9.3.1 2018-08-30 14:06:06 +02:00
Jérémy Lecour cfd5e3d7f2 metricbeat: new variables to configure elasticsearch hosts and auth 2018-08-30 13:47:48 +02:00
Jérémy Lecour cb9e48b41d update the CHANGELOG with a forgotten line for mysql 2018-08-24 18:38:12 +02:00
Jérémy Lecour 191a49784d Release 9.3.0 2018-08-24 18:27:03 +02:00
Jérémy Lecour d138c00db8 etc-git: some entries of .gitignore are mandatory 2018-08-24 14:44:51 +02:00
Jérémy Lecour fe064c16d1 update CHANGELOG for evolinux-todo 2018-08-24 14:43:14 +02:00
Jérémy Lecour 3e3c6437e8 etc-git: install a script to optimize the repository each month 2018-08-24 00:28:15 +02:00
Jérémy Lecour bb956fb5e7 apache: logrotate replacement is more subtle/precise 
It replaces only the proper directive and not every occurence of the 
word.
 2018-08-23 13:02:25 +02:00
Jérémy Lecour 12c49ed93b fail2ban: add a variable to update the list of ignored IP addresses 2018-08-23 11:43:34 +02:00
Jérémy Lecour e939198159 fail2ban: add a variable to disable the ssh filter (default: False) 2018-08-23 09:16:33 +02:00
Jérémy Lecour 012dabf657 fail2ban: fix fail2ban_ignore_ips definition 
If the final variable is combined in the defaults file, it's component 
can be overridden, but the final variable can't be overriden.
 2018-08-21 23:14:31 +02:00
Jérémy Lecour 77aeb60544 bind: chroot-bind.sh must not be executed in check mode 2018-08-21 18:46:16 +02:00
Jérémy Lecour 26c46bfb96 evocheck: the crontab is updated by the role 2018-08-18 09:41:59 +02:00
Jérémy Lecour 4d7e9b1c3f evocheck: detect installed packages even if "held" by APT (manual fix) 2018-08-17 14:59:22 +02:00
Jérémy Lecour 40160e0c6e generate-ldif: detect installed packages even if "held" by APT 2018-08-17 11:56:41 +02:00
Jérémy Lecour 46fed05fa2 evocheck: update upstream script 2018-08-17 10:04:07 +02:00
Jérémy Lecour bc8858fc0a evolinux-base: improve hostname configuration 
We can have a "real" hostname and domain, but also an "internal" hostnae 
and domain, used mostly for internal tools.
 2018-08-16 16:17:34 +02:00
Jérémy Lecour ccd8c00e3a CHANGELOG : add missing entries 2018-08-09 18:24:48 +02:00
Jérémy Lecour b9b0183ec5 remount-usr: mount doesn't report a change 
It is arguable that this is a real change or not,
but in practice we have playbooks that report changes only for this and
it's very fun to scroll back each time to see if it's remount-usr or
a "real" change.
 2018-08-06 15:01:52 +02:00
Victor LABORIE 57cf0a29ab kvm-host: install kvm-tools package instead of copying add-vm.sh 2018-07-27 11:27:50 +02:00
Jérémy Lecour c57b069bf5 Reorder lines in CHANGELOG 2018-07-10 16:28:56 +02:00