redis: new syntax for match filter

redis: create sudoers file if missing
haproxy: chroot and socket path are configurable
2020-06-02 11:00:06 +02:00 · 2020-06-02 10:59:51 +02:00 · 2020-06-02 10:58:10 +02:00 · 2020-06-02 10:57:16 +02:00
5 changed files with 15 additions and 6 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -15,6 +15,9 @@ The **patch** part changes incrementally at each release.
 ### Changed

 * packweb-apache: Don't turn on mod-evasive emails by default
+* haproxy: chroot and socket path are configurable
+* redis: create sudoers file if missing
+* redis: new syntax for match filter

 ### Fixed

--- a/haproxy/defaults/main.yml
+++ b/haproxy/defaults/main.yml
@ -4,3 +4,6 @@ haproxy_backports: "{{ haproxy_jessie_backports | default(false, true) }}"
 haproxy_stats_url: "http://127.0.0.1:8080/"
 haproxy_update_config: True
 haproxy_force_config: True
+
+haproxy_socket: /run/haproxy/admin.sock
+haproxy_chroot: /var/lib/haproxy
--- a/haproxy/templates/haproxy.default.cfg.j2
+++ b/haproxy/templates/haproxy.default.cfg.j2
@ -3,8 +3,8 @@
 global
    log /dev/log    local0
    log /dev/log    local1 notice
-    chroot /var/lib/haproxy
-    stats socket /run/haproxy/admin.sock mode 660 level admin
+    chroot {{ haproxy_chroot }}
+    stats socket {{ haproxy_socket }} mode 660 level admin
    stats timeout 30s
    user haproxy
    group haproxy
@ -22,12 +22,14 @@ global

 defaults
    log global
+
    mode    http
    option  httplog
    option  dontlognull
-        timeout connect 5000
-        timeout client  50000
-        timeout server  50000
+    timeout connect 5000
+    timeout client  50000
+    timeout server  50000
+
    errorfile 400 /etc/haproxy/errors/400.http
    errorfile 403 /etc/haproxy/errors/403.http
    errorfile 408 /etc/haproxy/errors/408.http
--- a/redis/tasks/nrpe.yml
+++ b/redis/tasks/nrpe.yml
@ -50,6 +50,7 @@
    line: 'nagios          ALL = NOPASSWD: {{ redis_check_redis_path }}'
    insertafter: '^nagios'
    validate: "visudo -cf %s"
+    create: yes
  when: redis_instance_name is defined
  tags:
    - redis
--- a/redis/templates/redis-server@stretch.service.j2
+++ b/redis/templates/redis-server@stretch.service.j2
@ -22,7 +22,7 @@ UMask=007
 PrivateTmp=yes
 LimitNOFILE=65535
 PrivateDevices=yes
-ProtectHome={{ redis_data_dir_prefix | match('/home') | ternary('no', 'yes') }}
+ProtectHome={{ redis_data_dir_prefix is match('/home') | ternary('no', 'yes') }}
 ReadOnlyDirectories=/
 ReadWriteDirectories=-{{ redis_data_dir_prefix }}-%i
 ReadWriteDirectories=-{{ redis_log_dir_prefix }}-%i
Author	SHA1	Message	Date
Jérémy Lecour	8a87fecbe4	redis: new syntax for match filter All checks were successful continuous-integration/drone/push Build is passing Details	2020-06-02 11:00:06 +02:00
Jérémy Lecour	47d11308ba	redis: create sudoers file if missing	2020-06-02 10:59:51 +02:00
Jérémy Lecour	86cab2ab94	haproxy: chroot and socket path are configurable	2020-06-02 10:58:10 +02:00
Jérémy Lecour	3fe1138a98	whitespaces	2020-06-02 10:57:16 +02:00