evolix
/
ansible-roles
22
2
Fork 2
Code Issues 61 Pull Requests 18 Releases 32 Wiki Activity
2,287 Commits 76 Branches 56 Tags 128 MiB
Commit Graph

2287 Commits

Author SHA1 Message Date
Jérémy Lecour f717c31acc Merge branch 'unstable' into stable
continuous-integration/drone/tag Build is passing Details
continuous-integration/drone/push Build is passing Details
2020-09-17 14:14:13 +02:00
Jérémy Lecour 8b48552e36 Release 10.2.0
continuous-integration/drone/push Build is passing Details
continuous-integration/drone/pr Build is failing Details
2020-09-17 14:06:46 +02:00
Jérémy Lecour 3e67d92fd3 certbot: an empty change shouldn't raise an exception
continuous-integration/drone/push Build is passing Details
2020-09-16 12:07:27 +02:00
Jérémy Lecour 48174ad618 evoacme: remount /usr if necessary
continuous-integration/drone/push Build is passing Details
2020-09-14 11:31:47 +02:00
Jérémy Lecour 4007b14c09 whitespaces
continuous-integration/drone/push Build is passing Details
2020-09-14 11:17:54 +02:00
Jérémy Lecour b818c348c2 evoacme: remove Debian 9 support
continuous-integration/drone/push Build is passing Details
2020-09-11 11:09:45 +02:00
Ludovic Poujol f9d6fe0ad4 evolinux-base: install wget
continuous-integration/drone/push Build is passing Details
2020-09-10 14:59:19 +02:00
Jérémy Lecour c7151a8de8 certbot: fix "no-self-upgrade" option
continuous-integration/drone/push Build is passing Details
2020-09-08 10:02:15 +02:00
Jérémy Lecour 37ed5dd393 evolinux-base: swappiness is customizable
continuous-integration/drone/push Build is passing Details
2020-09-01 14:08:39 +02:00
Jérémy Lecour afa0fd35c8 Change default public SSH/SFTP port from 2222 to 22222
continuous-integration/drone/push Build is passing Details
2020-08-28 18:32:47 +02:00
Jérémy Lecour d0622c6b20 tomcat: root directory owner/group are configurable
continuous-integration/drone/push Build is passing Details
2020-08-27 17:12:34 +02:00
Jérémy Lecour 8460938f35 Merge pull request 'Release 10.1.0' (#113) from unstable into stable
continuous-integration/drone/push Build is passing Details
continuous-integration/drone/tag Build is passing Details 
Reviewed-on: #113
 2020-08-21 14:51:29 +02:00
Jérémy Lecour fce6676eca Release 10.1.0 2020-08-21 14:51:30 +02:00
Jérémy Lecour 24dd420aac evoacme: disable empty task for hooks 2020-08-21 14:51:30 +02:00
Jérémy Lecour 82bd1ed49a sort lines in CHANGELOG 2020-08-21 14:51:30 +02:00
Jérémy Lecour ed45551a0c evoacme: use Let's Encrypt deploy hooks instead of evoacme hooks 2020-08-21 14:51:30 +02:00
Jérémy Lecour e5c759c7f0 evoacme: upstream release 20.08 2020-08-21 14:51:30 +02:00
Jérémy Lecour bf0676cbf8 evoacme: update for new certbot role 
* certbot is installed by the certbot role
* Apache/Nginx configuration is delegated to the certbot role
* No more "acme" user, everything is done with "root".
 2020-08-21 14:51:30 +02:00
Benoît S. 8ab79d5ece Updated CHANGELOG.md with recent merges 2020-08-21 14:51:30 +02:00
Jérémy Lecour 23cd57e9aa metricbeat: allow using a template 2020-08-21 14:51:30 +02:00
Jérémy Lecour f68a79c022 filebeat: allow using a template 2020-08-21 14:51:30 +02:00
Ludovic Poujol 08cdd0cd18 mongodb: Fix issue introduced by 8aa7f6cf33 2020-08-21 14:51:30 +02:00
Jérémy Lecour f55e5be2e5 elasticsearch: keep native values 2020-08-21 14:51:30 +02:00
Jérémy Lecour c89d699518 certbot: fix haproxy hook (ssl cert directory detection) 
It was matching additional parameters.
Now it matches on the first argument after "crt"
 2020-08-21 14:51:30 +02:00
Jérémy Lecour 43122a5ea9 elasticsearch: configure cluster with seed hosts and initial masters 2020-08-21 14:51:30 +02:00
Jérémy Lecour f2f63eee36 elasticsearch: set tmpdir before datadir 2020-08-21 14:51:30 +02:00
Jérémy Lecour 1063d2dc1c elasticsearch is compatible with buster 2020-08-21 14:51:30 +02:00
Jérémy Lecour ec95f9538f mongodb: install custom munin plugins 2020-08-21 14:51:30 +02:00
Benoît S. 0c9b9b2628 evolinux-base: check_hpraid.cron.sh: Fixed wrong `<<<` usage 2020-08-21 14:51:30 +02:00
Benoît S. 63bfef13ee generate-ldif: Patched computerOS detection 2020-08-21 14:51:30 +02:00
Benoît S. 8b34bec22b generate-ldif: Skip some odd ethernet devices 2020-08-21 14:51:30 +02:00
Benoît S. 5101547242 generate-ldif: Add NVMe disk support 2020-08-21 14:51:30 +02:00
Benoît S. fd57b17980 evolinux-base: check_hpraid.cron.sh: Fixed wrong else 
The logic was wrong, an else part was not necessary.
 2020-08-21 14:51:30 +02:00
Benoît S. fe1756d22a evolinux-base: check_hpraid.cron.sh: Better logic and use mail 
First step is to detect errors
Second step is to detect different state

Added mail comand to replace cron output
 2020-08-21 14:51:30 +02:00
Jérémy Lecour 14d8eaac2f haproxy: rotate logs with date extension and immediate compression 2020-08-21 14:51:30 +02:00
Benoît S. 10385ecf4d nagios-nrpe: check_amavis: Update regex 
I just installed a Debian Stretch with a pack mail and the check_amavis
was not checking the right regex.

Amavis is returning:
2.7.0 Ok, discarded, id=17556-09 - INFECTED: Eicar-Signature
So the regex should be:
-if ($result =~/2.7.0 Ok, discarded, id=[^,]+ - INFECTED: Eicar-Test-Signature/) {
+if ($result =~/2.7.0 Ok, discarded, id=\S+ - INFECTED: Eicar-Signature/) {
 2020-08-21 14:51:30 +02:00
Benoît S. 952b0d4521 squid: Update regex for sa-update domains. 
List of domains is like:

http://sa-update.dnswl.org/ weight=3

http://www.sa-update.pccc.com/ weight=5

http://sa-update.secnap.net/ weight=5

http://sa-update.space-pro.be/ weight=1

http://sa-update.ena.com/ weight=5

http://sa-update.razx.cloud/ weight=5

http://sa-update.fossies.org/ weight=1

http://sa-update.verein-clean.net/ weight=10

http://sa-update.bitwell.fi/ weight=5

http://sa-update.spamassassin.org/ weight=10

They all start sa-update.*, except for http://www.sa-update.pccc.com/.
In that case, we just match sa-update on the domain name.
 2020-08-21 14:51:30 +02:00
Jérémy Lecour fa49369929 varnish: fix start command when multiple addresses are present 2020-08-21 14:51:30 +02:00
Benoît S. 8a4ae16d73 evolinux-base: check_hpraid cron: Add -p 2020-08-21 14:51:30 +02:00
Benoît S. 0dee37a7e6 evolinux-base/tasks/hardware.yml: Removed trailing whitespace 2020-08-21 14:51:30 +02:00
Benoît S. 215ecd6c2c evolinux-base: harware: Support HP gen >=10 RAID controller 2020-08-21 14:51:30 +02:00
Benoît S. 2dc7d22c13 nagios-nrpe: check_hpraid: Update known working RAID controllers 2020-08-21 14:51:30 +02:00
Benoît S. 725b7ae77b nagios-nrpe: Add check_hpraid in template 2020-08-21 14:51:30 +02:00
Benoît S. 4f3e809b77 nagios-nrpe: check_hpraid: Use printf for return lines 2020-08-21 14:51:30 +02:00
Benoît S. 0eecc1a4ca nagios-nrpe: check_hpraid: Fixed wrong grep in EXCLUDE_BATTERY 2020-08-21 14:51:30 +02:00
Benoît S. 2a065abf5f nagios-nrpe: check_hpraid: Fix wrong command name in examples 2020-08-21 14:51:30 +02:00
Benoît S. 39c8daacf4 nagios-nrpe: check_hpraid: Be sure that variables are bound 2020-08-21 14:51:30 +02:00
Jérémy Lecour d67be3cd91 haproxy: deport SSL tuning to Mozilla SSL generator 
There are too many combinations and they change every so often.
It's better to direct the user to the generator to have a good 
configuration.
 2020-08-21 14:51:30 +02:00
Jérémy Lecour 2a5195078c haproxy: split stats variables 2020-08-21 14:51:30 +02:00
Jérémy Lecour 4c4771b3ab haproxy: add deny_ips file to reject connections 2020-08-21 14:51:30 +02:00