Compare commits
4 commits
09371b095f
...
8a87fecbe4
Author | SHA1 | Date | |
---|---|---|---|
Jérémy Lecour | 8a87fecbe4 | ||
Jérémy Lecour | 47d11308ba | ||
Jérémy Lecour | 86cab2ab94 | ||
Jérémy Lecour | 3fe1138a98 |
|
@ -15,6 +15,9 @@ The **patch** part changes incrementally at each release.
|
|||
### Changed
|
||||
|
||||
* packweb-apache: Don't turn on mod-evasive emails by default
|
||||
* haproxy: chroot and socket path are configurable
|
||||
* redis: create sudoers file if missing
|
||||
* redis: new syntax for match filter
|
||||
|
||||
### Fixed
|
||||
|
||||
|
|
|
@ -4,3 +4,6 @@ haproxy_backports: "{{ haproxy_jessie_backports | default(false, true) }}"
|
|||
haproxy_stats_url: "http://127.0.0.1:8080/"
|
||||
haproxy_update_config: True
|
||||
haproxy_force_config: True
|
||||
|
||||
haproxy_socket: /run/haproxy/admin.sock
|
||||
haproxy_chroot: /var/lib/haproxy
|
||||
|
|
|
@ -3,8 +3,8 @@
|
|||
global
|
||||
log /dev/log local0
|
||||
log /dev/log local1 notice
|
||||
chroot /var/lib/haproxy
|
||||
stats socket /run/haproxy/admin.sock mode 660 level admin
|
||||
chroot {{ haproxy_chroot }}
|
||||
stats socket {{ haproxy_socket }} mode 660 level admin
|
||||
stats timeout 30s
|
||||
user haproxy
|
||||
group haproxy
|
||||
|
@ -22,12 +22,14 @@ global
|
|||
|
||||
defaults
|
||||
log global
|
||||
|
||||
mode http
|
||||
option httplog
|
||||
option dontlognull
|
||||
timeout connect 5000
|
||||
timeout client 50000
|
||||
timeout server 50000
|
||||
timeout connect 5000
|
||||
timeout client 50000
|
||||
timeout server 50000
|
||||
|
||||
errorfile 400 /etc/haproxy/errors/400.http
|
||||
errorfile 403 /etc/haproxy/errors/403.http
|
||||
errorfile 408 /etc/haproxy/errors/408.http
|
||||
|
|
|
@ -50,6 +50,7 @@
|
|||
line: 'nagios ALL = NOPASSWD: {{ redis_check_redis_path }}'
|
||||
insertafter: '^nagios'
|
||||
validate: "visudo -cf %s"
|
||||
create: yes
|
||||
when: redis_instance_name is defined
|
||||
tags:
|
||||
- redis
|
||||
|
|
|
@ -22,7 +22,7 @@ UMask=007
|
|||
PrivateTmp=yes
|
||||
LimitNOFILE=65535
|
||||
PrivateDevices=yes
|
||||
ProtectHome={{ redis_data_dir_prefix | match('/home') | ternary('no', 'yes') }}
|
||||
ProtectHome={{ redis_data_dir_prefix is match('/home') | ternary('no', 'yes') }}
|
||||
ReadOnlyDirectories=/
|
||||
ReadWriteDirectories=-{{ redis_data_dir_prefix }}-%i
|
||||
ReadWriteDirectories=-{{ redis_log_dir_prefix }}-%i
|
||||
|
|
Loading…
Reference in a new issue