evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 19 Releases 33 Wiki Activity
2157 commits 77 branches 57 tags 128 MiB
Commit graph

399 commits

Author SHA1 Message Date
Jérémy Lecour e80e4197c2 evocheck: upstream version 19.10
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-10-25 13:17:16 +02:00
Jérémy Lecour d5a6487315 Merge branch 'mongodb-buster' into unstable
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-10-24 17:23:53 +02:00
Jérémy Lecour 27adad616f squid: compatibility wit Debian 10
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-10-24 16:23:48 +02:00
Jérémy Lecour 85b0e36f33 CHANGELOG: sort alphabetically
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-10-24 15:37:58 +02:00
Jérémy Lecour 76864f226e WIP mongodb: compatibility with Debian 10
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-10-24 15:36:51 +02:00
Jérémy Lecour ee72dd07ff rbenv: install Ruby 2.6.5 by default
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-10-22 15:03:45 +02:00
Jérémy Lecour 2ea88dc385 mysql-oracle: backport tasks from mysql role
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-10-21 16:32:59 +02:00
Jérémy Lecour 12cebfa71c lxc-php: refactor tasks for better maintainability 2019-10-21 15:26:03 +02:00
Ludovic Poujol 2d2889ac16 php: Don't set a chroot for the default fpm pool
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-10-16 15:59:33 +02:00
Ludovic Poujol 0a7262081a php: add missing handler for php7.3-fpm
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-10-16 15:17:35 +02:00
Jérémy Lecour edb5ace762 haproxy: add a variable to keep the existing configuration
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-10-10 11:27:39 +02:00
Patrick Marchand c6804e73e7 Adapted the bind role to respect the evocheck warnings 
The required munin plugins and the logging necessary for them to work is
now activated depending on the type of resolver and the logrotate file is
changed from bind to bind9.
 2019-10-09 11:54:30 -04:00
Ludovic Poujol 4aaeb4590b lxc: rely on lxc_container module instead of command module 2019-10-02 16:32:20 +02:00
Ludovic Poujol e985f5778c evoadmin-web: Put the php config at the right place for Buster 2019-10-02 15:48:03 +02:00
Ludovic Poujol a5378c783e lxc: update our default template to be compatible with Debian 10 2019-10-01 17:54:13 +02:00
Ludovic Poujol ae97276e13 lxc: remove useless loop in apt execution 2019-10-01 17:54:13 +02:00
Jérémy Lecour a478c773eb apt: check if cron is installed before adding a cron job 2019-09-30 14:12:38 +02:00
Jérémy Lecour 394e28b815 WIP: new certbot role 2019-09-27 00:21:29 +02:00
Jérémy Lecour e3e908dd4c Merge branch 'redis-instances' into unstable 2019-09-25 22:25:42 +02:00
Gregory Colpart 6fe86a76c5 remove reload-vcl.sh (Custom Varnish ExecReload script) when Debian >= 10 2019-09-24 14:00:22 +02:00
Jérémy Lecour f09a405d84 mongodb: still incompatible with Debian 10 2019-09-23 22:18:52 +02:00
Jérémy Lecour bea11352be Merge branch 'buster' into unstable 2019-09-23 18:34:35 +02:00
Jérémy Lecour 45d48eedb0 changelog cleanup 2019-09-23 13:47:19 +02:00
Jérémy Lecour 3999e7d4f8 listupgrade: install old-kernel-autoremoval script 2019-09-23 13:46:29 +02:00
Jérémy Lecour 0829efc8a6 evocheck: upstream version 19.09 2019-09-23 09:22:58 +02:00
Jérémy Lecour 9f619adf68 evocheck: cron jobs execute in verbose 2019-09-23 09:22:40 +02:00
Jérémy Lecour 1a647d0546 evocheck : update (version 19.09) from upstream 2019-09-22 22:41:03 +02:00
Jérémy Lecour b31159c9d2 evolinux-base: use "evolinux_internal_group" for SSH authentication 2019-09-22 22:26:21 +02:00
Jérémy Lecour 8f868b8612 evolinux-base: default value for "evolinux_ssh_group" 2019-09-22 22:25:30 +02:00
Jérémy Lecour 2d249f1815 squid: split systemd tasks into own file 2019-09-22 22:18:09 +02:00
Patrick Marchand a358db065b Merge branch 'htpasswd_evoadmin' into unstable 2019-09-20 10:06:20 -04:00
Patrick Marchand 0009272462 Allow setting a custom mysql server_id 2019-09-12 11:46:12 -04:00
Patrick Marchand 109191ccd8 Added mysql_log_bin variable to enable binary logs 2019-09-12 08:54:18 -04:00
Jérémy Lecour 442353ce73 Update changelog 2019-09-06 16:04:47 +02:00
Jérémy Lecour 4acd61a072 generate-ldif: support MariaDB 10.3 2019-09-02 10:39:49 +02:00
Patrick Marchand 1c12827c9c Added evobackup-client role
Some checks reported errors
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build encountered an error
Details
2019-08-30 14:43:52 -04:00
Patrick Marchand d75846ed28 Make it possible to add an htpasswd file to evoadmin
Some checks reported errors
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build encountered an error
Details
2019-08-30 10:32:44 -04:00
Jérémy Lecour 5925a12b3d evocheck: upstream version 19.08
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-08-30 14:23:35 +02:00
Jérémy Lecour 6db519c2b0 redis: max clients is configurable
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-08-30 08:53:12 +02:00
Jérémy Lecour 2c2f13e17f update CHANGELOG
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details
2019-08-30 08:52:08 +02:00
Patrick Marchand 276177900b Merge branch 'evoadmin-web-template-override' into unstable
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details 
I had to apply some of the yamllint fixes to the new multi-php tasks
as well. Notably it removes the need to explicitely check for the
truthy "True"
 2019-08-27 10:23:04 -04:00
Ludovic Poujol 8d71965ec9 nginx: fix munin fcgi not working (missing chmod 660 on logs)
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details
2019-08-22 14:47:32 +02:00
Ludovic Poujol e2fd56bdcd php: By default, allow 128M for OpCache (instead of 64M)
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details
2019-08-21 15:56:35 +02:00
Jérémy Lecour f5f4a82114 evomaintenance: upstream version 0.5.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-08-21 15:40:15 +02:00
Ludovic Poujol b116c47b58 packweb-apache: Deploy opcache.php to give some insights on PHP's opcache status
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details
2019-08-21 15:24:58 +02:00
Jérémy Lecour c0ed2fa620 php: variable to install the mysqlnd module instead of the default mysql module
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details
2019-08-16 10:11:23 +02:00
Ludovic Poujol 6d2db1341f evomaintenance: Turn on API by default (instead of DB)
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details
2019-08-07 15:42:23 +02:00
Ludovic Poujol b7844dd804 squid: Remove wait time when we turn off squid
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-08-06 10:26:47 +02:00
Ludovic Poujol f630d93587 evolinux-base: On debian 10 and later, add noexec on /dev/shm
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details
2019-07-23 18:18:29 +02:00
Victor LABORIE cb8116fff0 tomcat: fix typo for default tomcat_version
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details
2019-07-12 15:29:05 +02:00
Victor LABORIE 031c4c29b9 roundcube: fix typo for roundcube vhost
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details
2019-07-08 15:35:05 +02:00
Jérémy Lecour 11a039bfac elasticsearch: listen on local interface only by default 2019-07-01 17:17:32 +02:00
Ludovic Poujol e13543bf07 lxc-php: Don't remove the default pool - That's making PHP-FPM sad :(
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-06-26 11:10:23 +02:00
Jérémy Lecour 16bdd6893d Release 9.10.1
Some checks reported errors
continuous-integration/drone/pr Build encountered an error
Details
continuous-integration/drone/push Build is passing
Details
2019-06-21 14:36:20 +02:00
Jérémy Lecour a5ee2771ca evocheck : update (version 19.06) from upstream 2019-06-21 14:35:59 +02:00
Jérémy Lecour 39d0167408 Release 9.10.0
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2019-06-21 10:46:08 +02:00
Jérémy Lecour bb0189e5a4 rbenv: install Ruby 2.6.3 by default
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details
2019-06-21 10:43:20 +02:00
Jérémy Lecour 8420791224 fluentd: store gpg key locally 2019-06-21 10:29:18 +02:00
Jérémy Lecour ce12e32375 evocheck : update from upstream
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details
2019-06-21 09:42:02 +02:00
Jérémy Lecour 49d90fff09 apache: add a variable to customize the server-status host
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-06-20 17:29:48 +02:00
Jérémy Lecour a8ef97fcde Revert "evolinux-base: install "spectre-meltdown-checker" (Debian 9 and later)" 
This reverts commit 65414d8ae7.
 2019-06-20 17:29:48 +02:00
Jérémy Lecour 8cb604aa93 etc-git: gitignore /etc/letsencrypt/.certbot.lock
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-06-17 15:02:17 +02:00
Ludovic Poujol 7b9cc7c2b1 apt: Add Debian Buster repositories
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details
2019-06-17 14:24:09 +02:00
Jérémy Lecour 65414d8ae7 evolinux-base: install "spectre-meltdown-checker" (Debian 9 and later)
All checks were successful
continuous-integration/drone/push Build is passing
Details
2019-06-17 14:22:00 +02:00
Jérémy Lecour a643c96cca evomaintenance: make hooks configurable
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details
2019-06-17 14:17:30 +02:00
Ludovic Poujol 8413fa137c nagios-nrpe: Replace the dummy packages nagios-plugins-* with monitoring-plugins-* 2019-06-17 10:25:46 +02:00
Ludovic Poujol 890055753e evolinux-users: Validate sshd config with "-t" instead of "-T" 
See #52
 2019-06-17 10:23:56 +02:00
Ludovic Poujol 75a8c90258 evolinux-base: Ensure rename is present 2019-06-17 09:58:10 +02:00
Ludovic Poujol 20a4c082d7 php: Stop enforcing /var/www/html as chroot while we use /var/www..... 2019-06-06 13:45:53 +02:00
Victor LABORIE e2ae37fa3d nagios-nrpe: check_load is now based on ansible_processor_vcpus 2019-06-05 11:09:52 +02:00
Victor LABORIE 08ae9d73c4 redmine: fix 500 error on logging 2019-05-29 11:49:10 +02:00
Victor LABORIE 490708c76d redmine: use custom errors-pages in Nginx vhost 2019-05-22 12:07:51 +02:00
Victor LABORIE 360150d57b nagios-nrpe: fix redis_instances check when Redis port equal 0 2019-05-20 14:28:52 +02:00
Victor LABORIE 6c1991196a nagios-nrpe: change required status code for http and https check 2019-05-14 14:29:50 +02:00
Jérémy Lecour 7cc1777cf5 apt: add a script to manage packages with "hold" mark 2019-05-13 17:48:55 +02:00
Victor LABORIE e40aefb4e0 redmine: enable gzip compression in nginx vhost 2019-05-13 12:06:22 +02:00
Victor LABORIE 0dd7b26ade redmine: update default version to 4.0.3 2019-05-13 11:21:32 +02:00
Victor LABORIE c2ed7faeb7 rbenv: update defaults rbenv version to 1.1.2 and ruby version to 2.5.5 2019-05-13 11:21:32 +02:00
Victor LABORIE 4a703978a8 rbenv: add check_mode for versions checking 2019-05-13 11:21:32 +02:00
Patrick Marchand d8385bff84 Make it possible to overwrite the default evoadmin-web templates 
The templates can also be forced to update if so desired.
 2019-05-06 22:00:45 +02:00
Jérémy Lecour 4394d795e0 update changelog 2019-04-26 11:09:36 +02:00
Jérémy Lecour b6499671fa apache/nginx: add server status suffix in default site if missing 2019-04-26 11:02:02 +02:00
Jérémy Lecour 8e618ce70a apache/nginx: add server status suffix in VHost if missing 2019-04-25 17:12:19 +02:00
Jérémy Lecour afea232858 evocheck : version 19.04 from upstream 2019-04-25 13:34:28 +02:00
Jérémy Lecour daae099aef Release 9.9.0 2019-04-16 16:41:28 +02:00
Jérémy Lecour 69e45dab84 update CHANGELOG for lxc changes 2019-04-16 16:36:27 +02:00
Jérémy Lecour c61e40bdf8 clean CHANGELOG 2019-04-16 16:27:10 +02:00
Jérémy Lecour 7bb15e7b70 evocheck : add "x-frame-options: sameorigin" for Munin 2019-04-16 10:47:26 +02:00
Jérémy Lecour 6b52f89ad3 evocheck : update script from upstream 2019-04-16 10:46:44 +02:00
Ludovic Poujol 48226ff7b6 apt: Ensure jessie-backport from archives.debian.org is accepted 2019-04-08 16:11:10 +02:00
Ludovic Poujol b185012469 apt: Remove jessie-update suite as it's no longer exists 2019-04-08 15:40:03 +02:00
Eric Morino 48becaecf4 Replace mirror.evolix.org by archives.debian.org for jessie-backport 2019-04-03 15:08:06 +02:00
Eric Morino 36515c9c89 aligning roles with our conventions, major changes in opendkim-add.sh 2019-03-27 11:01:11 +01:00
Jérémy Lecour 66381ae454 evomaintenance: embed version 0.5.0 2019-03-26 15:06:20 +01:00
Jérémy Lecour de0a4c2ca8 update README 2019-03-21 15:38:36 +01:00
Ludovic Poujol 6e36b54adb webapps/evoadmin-web: add dbadmin.sh to sudoers file 2019-03-18 11:50:46 +01:00
Jérémy Lecour f3b54188d3 redis: higher limit of open files 2019-03-08 13:44:12 +01:00
Jérémy Lecour 02723ba0f3 redis: set variables on nclusion, not with set_facts 2019-03-08 13:44:12 +01:00
Victor LABORIE aebd46e4d7 tomcat-instance: deploy correct version of config files 2019-03-06 15:52:56 +01:00
Jérémy Lecour 3e37800994 evolinux-base: remove apt-listchanges on Stretch and later 2019-03-05 11:10:12 +01:00
Jérémy Lecour 70f5504382 etc-git: ignore evobackup/.keep-* files 2019-02-22 10:25:27 +01:00
Victor LABORIE 346e556049 tomcat-instance: deploy correct version of server.xml 2019-02-20 11:29:11 +01:00
Victor LABORIE 49dc437880 tomcat: better tomcat version management 2019-02-20 11:28:59 +01:00
Victor LABORIE c1d727bb5d spamassasin: fix sa-update.sh and ensure service is started and enabled 2019-01-31 14:37:41 +01:00
Jérémy Lecour c296dd94c2 Release 9.8.0 2019-01-31 10:22:50 +01:00
Jérémy Lecour eb0879f3c2 New "percona" role to install Percona repositories and tools 2019-01-31 10:22:13 +01:00
Jérémy Lecour c8e7675a49 metricbeat: disable cloud_metadata processor by default 2019-01-31 10:15:02 +01:00
Jérémy Lecour ff275efd95 filebeat: disable cloud_metadata processor by default 2019-01-31 10:14:13 +01:00
Victor LABORIE 0794e6f620 redmine: refactoring of redmine role with use of rbenv 2019-01-28 14:29:01 +01:00
Victor LABORIE fabac07210 redis: add variable for configure unixsocketperm 2019-01-28 14:26:13 +01:00
Victor LABORIE 2c874afb3c proftpd: add FTPS and SFTP support 2019-01-24 11:47:03 +01:00
Ludovic Poujol af896fe1fc * ntpd: Update the restrictions to follow wiki.evolix.org/HowtoNTP client config 
- Ensure the client won't respond to anybody but accept the timeserver 
answers
- Should work on both Jessie and Stretch
 2019-01-18 15:32:45 +01:00
Jérémy Lecour 87860d5b7f Release 9.7.0 2019-01-17 18:11:46 +01:00
Jérémy Lecour fc0b1d6968 update changelog 2019-01-17 17:42:18 +01:00
Patrick Marchand 59c479582e Adds ips tag to fail2ban/tasks/ip_whitelist.yml 
You can already skip nginx and apache ip_whitelist tasks with this
tags, it makes sense for fail2ban to follow suite.
 2019-01-10 17:03:14 -05:00
Ludovic Poujol 40b2654141 php: added php-zip in the installed package list for debian 9 (and later) 2019-01-10 19:12:53 +01:00
Ludovic Poujol c4c091b362 squid: added packagist.org in the whitelist 2019-01-10 18:12:03 +01:00
Victor LABORIE f6ca2279bf java: update Oracle java package to 8u192 2019-01-10 16:16:35 +01:00
Jérémy Lecour df308b0396 fail2ban: fix "ignoreip" update 2019-01-09 16:44:16 +01:00
Ludovic Poujol 67d7458ba6 nodejs: Update yarn repo GPG key (current key expired) 
Ref: https://github.com/yarnpkg/yarn/issues/6865
 2019-01-09 10:49:20 +01:00
Jérémy Lecour 7c2feea561 metricbeat: add a variable for the protocol to use with Elasticsearch 2019-01-08 11:05:27 +01:00
Victor LABORIE 719e9b35b2 evocheck: update evocheck.sh for source install 2019-01-08 10:25:10 +01:00
Jérémy Lecour 921c92fd5b redis: add a variable for renamed/disabled commands 2019-01-08 10:04:27 +01:00
Jérémy Lecour ebd65b2395 metricbeat: fix username/password replacement 2019-01-08 10:02:04 +01:00
Jérémy Lecour 1118486993 rbenv: add pkg-config to the list of packages to install 
Some Ruby gems (Nokogiri…) need this to detect system libraries.
 2019-01-03 10:16:46 +01:00
Jérémy Lecour 41c1ed5a70 apache: add Munin configuration for Apache server-status URL 2019-01-01 21:08:51 +01:00
Jérémy Lecour 92a25a9502 redis: add variables to prevent or force restart 2018-12-21 11:11:15 +01:00
Jérémy Lecour 3b63172532 redis: distinction between main and master password 2018-12-21 11:08:18 +01:00
Ludovic Poujol effdb4c7eb redis: Configure munin when working in instance mode 2018-12-17 14:47:07 +01:00
Ludovic Poujol fa49f249e7 redis: Don't set the owner of /var/{lib,log}/redis to a redis instance account 2018-12-17 14:43:42 +01:00
Ludovic Poujol f46f5ccbde nagios-nrpe: check_process now return the error code (making the check more usefull than /bin/true) 2018-12-12 14:58:12 +01:00
Jérémy Lecour d0b3b6d6b8 evomaintenance: database variables must be set or the task fails 2018-12-11 12:08:04 +01:00
Victor LABORIE 2a6cb3b381 evoadmin-mail: complete refactoring, use Debian Package 2018-12-07 15:26:08 +01:00
Ludovic Poujol f2f595af13 redis: In instance mode, ensure to replace the nrpe check_redis with the instance check script 2018-12-05 16:37:52 +01:00
Ludovic Poujol c9ba37614c nginx: Munin url config is now a template to insert the server-status prefix 2018-12-05 16:25:48 +01:00
Jérémy Lecour 69d9b949e2 Release 9.6.0 2018-12-04 14:51:17 +01:00
Jérémy Lecour 2bcc1133c0 minifirewall: all variables are configurable 
By default, a Null value keeps the variable current value as-is.
Set an Array (can be empty) to replace the value.
 2018-12-04 14:49:50 +01:00
Jérémy Lecour 50e16e0dee minifirewall: compare config before/after (for restart condition) 2018-12-04 14:46:32 +01:00
Jérémy Lecour 59dd03c91e squid: better replacement in minifirewall config 2018-12-04 14:46:32 +01:00
Jérémy Lecour 33e29657a7 update changelog 2018-12-04 14:46:32 +01:00
Victor LABORIE 74f25e8183 evolinux-base: deploy custom motd if template are present 2018-11-30 15:14:39 +01:00
Victor LABORIE 6469733d2f evoacme: fix error handling in sed_cert_path_for_(apache|nginx) 2018-11-22 15:06:23 +01:00
Jérémy Lecour d5e34a58d2 Release 9.5.0 2018-11-14 17:15:25 +01:00
Jérémy Lecour b3f9932c4d evolinux-users: add newaliases handler 2018-11-14 17:04:51 +01:00
Jérémy Lecour 2f8cad3c7c packweb-apache: mod-security config is already included elsewhere 2018-11-14 17:04:03 +01:00
Jérémy Lecour 5056f93283 mysql: logdir can be customized 2018-11-14 16:13:06 +01:00
Jérémy Lecour bd1b1a7775 update CHANGELOG 2018-11-14 16:13:06 +01:00
Jérémy Lecour 3425711ecf redis: update CHANGELOG 2018-11-14 15:35:11 +01:00
Victor LABORIE cfb87a7b65 haproxy: add vars for tls configuration 
Permit simply include of TLS configuration, eg. in [global] :

{{ haproxy_ssl_intermediate | indent(width=4) }}
 2018-11-13 11:07:06 +01:00
Jérémy Lecour df48a60684 evocheck: update script from upstream 2018-11-08 09:46:57 +01:00