evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 18 Releases 32 Wiki Activity
1852 commits 76 branches 56 tags 128 MiB
Commit graph

1852 commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ludovic Poujol b185012469 apt: Remove jessie-update suite as it's no longer exists 2019-04-08 15:40:03 +02:00
Benoît S. 19800c071c Merge branch 'fail2ban-sshd-use-port-2222-too' into unstable 2019-04-04 16:20:27 +02:00
Benoît S. c91186c4f9 Merge branch 'fail2ban-increase-ban-limit' of evolix/ansible-roles into unstable 2019-04-04 16:15:56 +02:00
Eric Morino 48becaecf4 Replace mirror.evolix.org by archives.debian.org for jessie-backport 2019-04-03 15:08:06 +02:00
Eric Morino 951309e4a3 Remplace mirror.evolix.org by archives.debian.org for jessie-backport 2019-04-03 15:05:14 +02:00
Eric Morino eb0bbe4661 Set correct permissions on folder /etc/opendkim and add package dns-root-data in dependencies 2019-03-27 14:49:19 +01:00
Eric Morino 36515c9c89 aligning roles with our conventions, major changes in opendkim-add.sh 2019-03-27 11:01:11 +01:00
Jérémy Lecour 66381ae454 evomaintenance: embed version 0.5.0 2019-03-26 15:06:20 +01:00
Benoît S. 1a7349ee3d fail2ban: For sshd jail, protect 2222 port too 
2222 port is heavily attacked by bots like 22.
 2019-03-22 11:39:20 +01:00
Benoît S. 3ab6ecbf0e fail2ban: Add local sshd jail with maxretry at 10 
Default of 3 maxretry is too low!
 2019-03-22 11:35:23 +01:00
Jérémy Lecour de0a4c2ca8 update README 2019-03-21 15:38:36 +01:00
Jérémy Lecour aa28e9c1b8 change repositories URL 2019-03-21 15:31:58 +01:00
Eric Morino db71907155 Remove chown root: /etc/ssl/private in make-csr.sh 2019-03-19 16:13:17 +01:00
Ludovic Poujol 6e36b54adb webapps/evoadmin-web: add dbadmin.sh to sudoers file 2019-03-18 11:50:46 +01:00
Jérémy Lecour f3b54188d3 redis: higher limit of open files 2019-03-08 13:44:12 +01:00
Jérémy Lecour 02723ba0f3 redis: set variables on nclusion, not with set_facts 2019-03-08 13:44:12 +01:00
Jérémy Lecour 8279092037 evoacme: add a renewal hook to commit changes in /etc/.git 2019-03-07 00:19:43 +01:00
Victor LABORIE aebd46e4d7 tomcat-instance: deploy correct version of config files 2019-03-06 15:52:56 +01:00
Jérémy Lecour 3e37800994 evolinux-base: remove apt-listchanges on Stretch and later 2019-03-05 11:10:12 +01:00
Jérémy Lecour 54f44f0443 elasticsearch: install a script to help plugins upgrades 2019-02-22 10:25:27 +01:00
Jérémy Lecour 70f5504382 etc-git: ignore evobackup/.keep-* files 2019-02-22 10:25:27 +01:00
Victor LABORIE 346e556049 tomcat-instance: deploy correct version of server.xml 2019-02-20 11:29:11 +01:00
Victor LABORIE 49dc437880 tomcat: better tomcat version management 2019-02-20 11:28:59 +01:00
Benoît S. 6eb88cf43d squid: Add mirrors used by Jenkins 2019-02-06 17:10:15 +01:00
Victor LABORIE c1d727bb5d spamassasin: fix sa-update.sh and ensure service is started and enabled 2019-01-31 14:37:41 +01:00
Jérémy Lecour c296dd94c2 Release 9.8.0 2019-01-31 10:22:50 +01:00
Jérémy Lecour eb0879f3c2 New "percona" role to install Percona repositories and tools 2019-01-31 10:22:13 +01:00
Jérémy Lecour c8e7675a49 metricbeat: disable cloud_metadata processor by default 2019-01-31 10:15:02 +01:00
Jérémy Lecour ff275efd95 filebeat: disable cloud_metadata processor by default 2019-01-31 10:14:13 +01:00
Victor LABORIE 0794e6f620 redmine: refactoring of redmine role with use of rbenv 2019-01-28 14:29:01 +01:00
Victor LABORIE fabac07210 redis: add variable for configure unixsocketperm 2019-01-28 14:26:13 +01:00
Victor LABORIE 2c874afb3c proftpd: add FTPS and SFTP support 2019-01-24 11:47:03 +01:00
Ludovic Poujol af896fe1fc * ntpd: Update the restrictions to follow wiki.evolix.org/HowtoNTP client config 
- Ensure the client won't respond to anybody but accept the timeserver 
answers
- Should work on both Jessie and Stretch
 2019-01-18 15:32:45 +01:00
Jérémy Lecour 87860d5b7f Release 9.7.0 2019-01-17 18:11:46 +01:00
Jérémy Lecour fc0b1d6968 update changelog 2019-01-17 17:42:18 +01:00
Patrick Marchand 59c479582e Adds ips tag to fail2ban/tasks/ip_whitelist.yml 
You can already skip nginx and apache ip_whitelist tasks with this
tags, it makes sense for fail2ban to follow suite.
 2019-01-10 17:03:14 -05:00
Ludovic Poujol 40b2654141 php: added php-zip in the installed package list for debian 9 (and later) 2019-01-10 19:12:53 +01:00
Ludovic Poujol c4c091b362 squid: added packagist.org in the whitelist 2019-01-10 18:12:03 +01:00
Victor LABORIE f6ca2279bf java: update Oracle java package to 8u192 2019-01-10 16:16:35 +01:00
Jérémy Lecour df308b0396 fail2ban: fix "ignoreip" update 2019-01-09 16:44:16 +01:00
Jérémy Lecour 42ec5d62c8 whitespaces 2019-01-09 16:43:35 +01:00
Ludovic Poujol 67d7458ba6 nodejs: Update yarn repo GPG key (current key expired) 
Ref: https://github.com/yarnpkg/yarn/issues/6865
 2019-01-09 10:49:20 +01:00
Jérémy Lecour 7c2feea561 metricbeat: add a variable for the protocol to use with Elasticsearch 2019-01-08 11:05:27 +01:00
Victor LABORIE 719e9b35b2 evocheck: update evocheck.sh for source install 2019-01-08 10:25:10 +01:00
Jérémy Lecour 921c92fd5b redis: add a variable for renamed/disabled commands 2019-01-08 10:04:27 +01:00
Jérémy Lecour ebd65b2395 metricbeat: fix username/password replacement 2019-01-08 10:02:04 +01:00
Jérémy Lecour 1118486993 rbenv: add pkg-config to the list of packages to install 
Some Ruby gems (Nokogiri…) need this to detect system libraries.
 2019-01-03 10:16:46 +01:00
Jérémy Lecour 41c1ed5a70 apache: add Munin configuration for Apache server-status URL 2019-01-01 21:08:51 +01:00
Jérémy Lecour 6fadd4edb1 munin: better marker for blockinfile 2019-01-01 20:06:05 +01:00
Jérémy Lecour 1d2a648241 whitespaces 2019-01-01 20:04:56 +01:00