Jérémy Lecour
ecd9d1543f
varnish: better package facts usage with check mode and tags
gitea/ansible-roles/pipeline/head This commit looks good
2022-11-21 15:46:46 +01:00
Alexis Ben Miloud--Josselin
396afa0a75
nagios-nrpe: add ceph checks to changelog
gitea/ansible-roles/pipeline/head This commit looks good
2022-11-15 11:08:01 +01:00
Mathieu Trossevin
83138f0a0b
nagios-nrpe: Correct port for check_opendkim
gitea/ansible-roles/pipeline/head This commit looks good
2022-11-09 17:05:54 +01:00
Jérémy Lecour
faeb92230b
packweb-apache: manual dependencies resolution
gitea/ansible-roles/pipeline/head This commit looks good
2022-11-06 15:25:17 +01:00
Jérémy Lecour
4050dbea7a
packweb-apache: enable log_forensic module
2022-11-06 15:25:17 +01:00
Jérémy Lecour
b36d4c4766
various fixes for Debian 12
2022-11-06 15:25:17 +01:00
Jérémy Lecour
4c9aaf6d86
Merge branch 'unstable' into debian12-keyring
gitea/ansible-roles/pipeline/head This commit looks good
2022-11-06 10:19:36 +01:00
Jérémy Lecour
a1bf300d54
bookworm-detect: transitional role to help dealing with unreleased bookworm version
gitea/ansible-roles/pipeline/head This commit looks good
2022-11-05 21:15:21 +01:00
Jérémy Lecour
28540247f0
Add signed-by option for additional APT sources
gitea/ansible-roles/pipeline/head This commit looks good
2022-11-02 23:17:08 +01:00
Jérémy Lecour
f531460f49
Use proper keyrings directory for APT version
...
Debian 9 → 11 : /etc/apt/trusted.gpg.d
Debian 12 : /etc/apt/keyrings
2022-11-02 23:16:32 +01:00
Jérémy Lecour
c9ccda2277
varnish: create special tmp directory for syntax validation
gitea/ansible-roles/pipeline/head This commit looks good
2022-11-02 19:45:15 +01:00
Jérémy Lecour
4d259d3c04
varnish: systemd override depends on Varnish
...
gitea/ansible-roles/pipeline/head This commit looks good
Use Varnish version instead of Debian version to choose systemd override template, to make it forward compatible
2022-11-02 13:55:03 +01:00
William Hirigoyen
912cec5a78
lxc-php: update changelog.
gitea/ansible-roles/pipeline/head This commit looks good
2022-10-26 15:25:22 +02:00
Jérémy Lecour
857b3e0e45
nagios-nrpe: check_haproxy_stats supports DRAIN status
gitea/ansible-roles/pipeline/head This commit looks good
2022-10-20 15:46:04 +02:00
Jérémy Lecour
554c086b79
redis: variable to disable transparent hugepage (default: do nothing)
gitea/ansible-roles/pipeline/head This commit looks good
2022-10-20 14:38:12 +02:00
Jérémy Lecour
fc52fbf4bc
redis: some values should be quoted
...
When Redis overwrites its own config, it uses quoted string values, so it's better to do the same to avoid changes.
2022-10-20 14:36:47 +02:00
Jérémy Lecour
f71075d4ef
evolinux-base: replace regular kernel by cloud kernel on virtual servers
2022-10-19 16:33:25 +02:00
Jérémy Dubois
6be2ff3b48
evolinux-todo: execute tasks only for Debian distribution (because this task is a dependency for others roles used on different distributions)
gitea/ansible-roles/pipeline/head This commit looks good
2022-10-17 11:37:58 +02:00
Jérémy Lecour
2d16aeb41e
evolinux-base: utils.yml can be excluded
gitea/ansible-roles/pipeline/head This commit looks good
2022-10-11 13:37:21 +02:00
Mathieu Trossevin
4f9d6868e0
evolinux-user: sudoers privileges for check php\fpm80 and 81
gitea/ansible-roles/pipeline/head This commit looks good
2022-10-07 14:16:32 +02:00
Jérémy Lecour
15d7756881
minifirewall: whitelist deb.freexian.com
gitea/ansible-roles/pipeline/head This commit looks good
2022-10-03 18:54:29 +02:00
Jérémy Lecour
8e1b682ccc
squid: whitelist deb.freexian.com
2022-10-03 18:54:05 +02:00
Jérémy Lecour
c6fb24f7d8
lxc-solr: use default JRE package
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-30 11:39:50 +02:00
Jérémy Lecour
792d1170ab
java: use default JRE when version is not specified
2022-09-30 11:39:05 +02:00
Jérémy Lecour
6aeaab078d
lxc-solr: set homedir and port at install
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-27 07:47:26 +02:00
Jérémy Lecour
46deb04005
lxc-solr: choose java package and download URL according to Solr Version
2022-09-26 23:47:55 +02:00
Jérémy Lecour
26f9d171a4
lxc-solr: detect the real partition options
2022-09-26 23:46:29 +02:00
Jérémy Lecour
8089d90bd1
Release 22.09
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-19 17:06:25 +02:00
Ludovic Poujol
a540235077
munin: Add ipmi_ plugins on dedicated hardware
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-15 11:45:24 +02:00
William Hirigoyen
c310482ba6
domains: revert commits moved to dev branch domains
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-15 10:48:55 +02:00
Jérémy Lecour
6f04a41557
fail2ban: fix dovecot-evolix regex syntax
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-15 09:48:34 +02:00
William Hirigoyen
55f694f051
Update CHANGELOG
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-14 12:21:13 +02:00
Jérémy Lecour
d8a2dccf36
evocheck: upstream release 22.09
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-14 10:55:02 +02:00
Ludovic Poujol
cd46dd8320
proftpd: Add a warning if config file was overriden
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-13 16:31:03 +02:00
Ludovic Poujol
9631476a06
proftpd: Allow user auth with ssh keys
2022-09-13 16:29:59 +02:00
Ludovic Poujol
7c4a169fb8
proftpd: Add options to override configs
2022-09-13 16:26:10 +02:00
Jérémy Lecour
28276b5d6f
evolinux-base: update-evobackup-canary upstream release 22.06
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-12 13:54:57 +02:00
Jérémy Lecour
3c1ec588fd
minifirewall: use handlers to restart minifirewall
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-09 16:09:48 +02:00
Jérémy Dubois
c3be57410d
openvpn: Run OpenVPN with the \_openvpn user and group instead of nobody which is originally for NFS
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-06 11:27:20 +02:00
William Hirigoyen
6fa89e69a5
Update changelog
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-02 15:48:09 +02:00
Ludovic Poujol
1f52700b47
memcached: NRPE check for multi-instance setup
...
gitea/ansible-roles/pipeline/head This commit looks good
Also some cleanup & split of tasks between single and multi instance
Note: Munin part seems still broken at the time
2022-09-01 15:33:00 +02:00
Ludovic Poujol
ee67ebca8b
webapps/nextcloud: Drop support for Nginx
2022-09-01 12:46:37 +02:00
William Hirigoyen
2bda54a7bd
Update CHANGELOG.md
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-01 12:07:47 +02:00
Ludovic Poujol
d165a104f2
* webapps/nextcloud: Add missing dependencies for imagick
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-01 11:28:08 +02:00
Ludovic Poujol
4a3b40d986
generate-ldif: Support any MariaDB version
gitea/ansible-roles/pipeline/head This commit looks good
2022-08-29 17:29:14 +02:00
Jérémy Lecour
c7a6b3e694
evocheck: upstream release 22.08.1
gitea/ansible-roles/pipeline/head This commit looks good
2022-08-29 17:03:31 +02:00
Jérémy Lecour
71aafe161c
evocheck: upstream release 22.08
2022-08-29 17:03:31 +02:00
Eric Morino
9a25d5981f
add webapps/nextcloud changelog
gitea/ansible-roles/pipeline/head This commit looks good
2022-08-26 16:34:19 +02:00
Jérémy Lecour
5fa7f4809c
vrrp: fix systemd unit name
gitea/ansible-roles/pipeline/head This commit looks good
2022-08-24 17:58:46 +02:00
Jérémy Lecour
018eee7ea0
Update 'CHANGELOG.md'
...
* use role name
* more descriptive message
* order items alphabetically
2022-08-24 15:22:25 +02:00
Patrick Marchand
2c1ec040d1
Simplify user subset creation
...
Instead of tags, allow only one subset of users to be created at a time.
2022-08-24 09:05:29 -04:00
Patrick Marchand
9dfcfe1ef3
Made it possible to only create a subset of users
...
gitea/ansible-roles/pipeline/head This commit looks good
The evolinux_users_create variable is a list of tags that defaults to ['active'].
Only the users that have one of the tags in the evolinux_users_create list will be created.
2022-08-23 20:18:45 -04:00
David Prevot
3bd4b92425
CHANGELOG: Document previous ($self) change
gitea/ansible-roles/pipeline/head This commit looks good
2022-08-18 10:27:26 +02:00
Jérémy Lecour
d0abfa985c
redis: config directory must be owned by the user that runs the service
...
gitea/ansible-roles/pipeline/head This commit looks good
… to be able to write tmp config files in it
2022-08-17 16:53:07 +02:00
Jérémy Dubois
de0c4fd314
openvpn: automate the initialization of the CA and the creation of the server certificate ; use openssl_dhparam module instead of a command
gitea/ansible-roles/pipeline/head This commit looks good
2022-08-10 17:23:47 +02:00
Mathieu Trossevin
78dcec8656
varnish: Repair systemd unit for jessie/stretch
gitea/ansible-roles/pipeline/head This commit looks good
2022-08-10 11:18:23 +02:00
Mathieu Trossevin
08a4f1ed5f
Document previous change
gitea/ansible-roles/pipeline/head This commit looks good
2022-08-10 10:26:37 +02:00
Jérémy Lecour
6c33e11d5f
evocheck: upstream release 22.07.1
gitea/ansible-roles/pipeline/head This commit looks good
continuous-integration/drone/push Build is passing
2022-07-28 14:18:12 +02:00
Jérémy Lecour
0f899dcd09
evocheck: remove failure if deprecated variable is used
gitea/ansible-roles/pipeline/head This commit looks good
continuous-integration/drone/push Build is passing
2022-07-28 13:58:09 +02:00
Jérémy Lecour
25b96c3283
Release 22.07.1
continuous-integration/drone/push Build is running
gitea/ansible-roles/pipeline/head This commit looks good
continuous-integration/drone/pr Build is passing
gitea/ansible-roles/pipeline/pr-stable This commit looks good
2022-07-28 13:49:57 +02:00
Jérémy Lecour
f10ebe8cd6
evocheck: upstream release 22.07
2022-07-28 13:38:33 +02:00
Jérémy Lecour
c8898a3d10
nagios-nrpe: use regexp to exclude paths/devices in check_disk1
gitea/ansible-roles/pipeline/head This commit looks good
continuous-integration/drone/push Build is passing
2022-07-28 13:25:51 +02:00
Jérémy Lecour
0d086731ae
evomaintenance: upstream release 22.07
gitea/ansible-roles/pipeline/head This commit looks good
continuous-integration/drone/push Build is passing
2022-07-27 15:49:41 +02:00
Jérémy Lecour
f7edd565a3
nagios-nrpe: check_disk1 returns only alerts
continuous-integration/drone/push Build is passing
2022-07-27 09:24:46 +02:00
Jérémy Lecour
b453321b3d
nagios-nrpe: exclude /run/shm and /run/lock from check_disk1
2022-07-27 09:24:46 +02:00
Jérémy Lecour
0b41efd188
mongodb: replace version_compare() with version()
continuous-integration/drone/push Build is passing
2022-07-18 15:54:42 +02:00
Bruno TATU
213c6dd6ac
Add change for fail2ban role
continuous-integration/drone/push Build is passing
2022-07-08 11:28:29 +02:00
Jérémy Lecour
53847d9919
Release 22.07
continuous-integration/drone/push Build is passing
2022-07-06 18:02:42 +02:00
Jérémy Lecour
a387304483
Fix CHANGELOG
continuous-integration/drone/push Build is passing
2022-07-06 14:26:13 +02:00
Jérémy Lecour
0a3bfd7f27
evolinux-base: session timeout is configurable
continuous-integration/drone/push Build is passing
2022-07-06 14:24:41 +02:00
Eric Morino
028bfe209a
Add change in kvm-host
continuous-integration/drone/push Build is passing
2022-07-05 10:18:49 +02:00
Jérémy Dubois
68ac8fc058
openvpn: configure logrotate
continuous-integration/drone/push Build is passing
2022-06-30 10:12:36 +02:00
Jérémy Dubois
07c3c0226f
openvpn: minimal rights on /etc/shellpki/ and crl.pem
continuous-integration/drone/push Build is passing
2022-06-29 16:09:04 +02:00
Jérémy Lecour
205e699355
minifirewall: docker mode is configurable
continuous-integration/drone/push Build is passing
2022-06-22 17:20:15 +02:00
Jérémy Lecour
abb14e5b52
haproxy: add haproxy_allow_ip_nonlocal_bind to set sysctl value
continuous-integration/drone/push Build is passing
2022-06-22 15:32:10 +02:00
Ludovic Poujol
519ef930df
Update PermitRootLogin task to work on Debian 11
continuous-integration/drone/push Build is passing
2022-06-21 15:13:38 +02:00
Jérémy Lecour
050c61c220
Release 22.06.3
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2022-06-17 11:00:51 +02:00
Jérémy Lecour
57ecac01ba
evolinux-base: blacklist and do not install megaclisas-status package on incompatible servers
continuous-integration/drone/push Build is passing
2022-06-16 15:19:44 +02:00
William Hirigoyen (Evolix)
3623363b94
Update changelog for version 22.06
continuous-integration/drone/push Build is passing
2022-06-13 17:35:31 +02:00
Jérémy Lecour
556719bbf2
Release 22.06.2
continuous-integration/drone/push Build is passing
2022-06-10 11:11:44 +02:00
Ludovic Poujol
b3ac39decd
postgresql: Fix task order when using pgdg repo & Install the right pg version
continuous-integration/drone/push Build is passing
2022-06-09 10:33:28 +02:00
Jérémy Lecour
cea1408bba
evocheck: upstream release 22.06.2
continuous-integration/drone/push Build is passing
2022-06-09 07:42:29 +02:00
Jérémy Lecour
4d1d77faaf
postgresql: add variable to configure binding addresses (default: 127.0.0.1)
2022-06-09 07:41:52 +02:00
Ludovic Poujol
1e19418fb0
Fail2ban: Multiple changes & improvements :
...
continuous-integration/drone/push Build is passing
* Give the possibility to override jail.local (with fail2ban_override_jaillocal)
* If jail.local was overriden, add a warning
* Allow to tune some jail settings (maxretry, bantime, findtime) with ansible
* Allow to tune the default action with ansible
* Change default action to ban only (instead of ban + mail with whois report)
* Configure recidive jail (off by default) + extend dbpurgeage
2022-06-08 17:55:58 +02:00
Jérémy Lecour
bcaacdf57f
postgresql: fix nested loop for Munin plugins
continuous-integration/drone/push Build is passing
2022-06-08 15:39:34 +02:00
Jérémy Lecour
cbe7985814
Enforce String notation for mode
2022-06-08 15:38:21 +02:00
Jérémy Lecour
b677defd97
redis: binding is possible on multiple interfaces
2022-06-08 15:36:47 +02:00
Jérémy Lecour
1895c549d4
Release 22.06.1
continuous-integration/drone/push Build is passing
2022-06-06 15:07:10 +02:00
Jérémy Lecour
3d70438f7e
evocheck: upstream release 22.06.1
continuous-integration/drone/push Build is passing
2022-06-06 15:05:59 +02:00
Jérémy Lecour
4cd7e0f4a1
minifirewall: upstream release 22.06
2022-06-06 14:42:22 +02:00
Jérémy Lecour
56c2c19d61
evomariabackup: release 22.06.1
continuous-integration/drone/push Build is passing
2022-06-05 21:49:23 +02:00
Jérémy Lecour
6d0e49ba90
mysql: reorganize evomariabackup to use mtree instead of our own dir-check
continuous-integration/drone/push Build is passing
2022-06-05 21:48:04 +02:00
Jérémy Lecour
e718156f86
fix CHANGELOG
continuous-integration/drone/push Build is passing
2022-06-03 10:19:35 +02:00
Jérémy Lecour
e8e99bb9b6
Release 22.06
continuous-integration/drone/push Build is passing
2022-06-03 09:27:01 +02:00
Jérémy Lecour
9378f5634c
add missing entry in CHANGELOG
continuous-integration/drone/push Build is passing
2022-06-03 09:26:07 +02:00
Jérémy Lecour
51908f64b9
evocheck: upstream release 22.06
continuous-integration/drone/push Build is passing
2022-06-03 09:15:04 +02:00
Jérémy Lecour
586aa206a8
mysql: add post-backup-hook to evomariabackup
2022-06-02 18:26:23 +02:00
Jérémy Lecour
b8b96bb5b7
mysql: use dir-check inside evomariabackup
continuous-integration/drone/push Build is passing
2022-06-01 17:24:55 +02:00
Jérémy Lecour
249e53fc21
evolinux-base: add dir-check script
2022-06-01 17:24:55 +02:00
Jérémy Lecour
17a2032a10
evolinux-base: add update-evobackup-canary script
continuous-integration/drone/push Build is passing
2022-06-01 10:46:13 +02:00