Compare commits
4 commits
09371b095f
...
8a87fecbe4
Author | SHA1 | Date | |
---|---|---|---|
Jérémy Lecour | 8a87fecbe4 | ||
Jérémy Lecour | 47d11308ba | ||
Jérémy Lecour | 86cab2ab94 | ||
Jérémy Lecour | 3fe1138a98 |
|
@ -15,6 +15,9 @@ The **patch** part changes incrementally at each release.
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* packweb-apache: Don't turn on mod-evasive emails by default
|
* packweb-apache: Don't turn on mod-evasive emails by default
|
||||||
|
* haproxy: chroot and socket path are configurable
|
||||||
|
* redis: create sudoers file if missing
|
||||||
|
* redis: new syntax for match filter
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
|
|
|
@ -4,3 +4,6 @@ haproxy_backports: "{{ haproxy_jessie_backports | default(false, true) }}"
|
||||||
haproxy_stats_url: "http://127.0.0.1:8080/"
|
haproxy_stats_url: "http://127.0.0.1:8080/"
|
||||||
haproxy_update_config: True
|
haproxy_update_config: True
|
||||||
haproxy_force_config: True
|
haproxy_force_config: True
|
||||||
|
|
||||||
|
haproxy_socket: /run/haproxy/admin.sock
|
||||||
|
haproxy_chroot: /var/lib/haproxy
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
global
|
global
|
||||||
log /dev/log local0
|
log /dev/log local0
|
||||||
log /dev/log local1 notice
|
log /dev/log local1 notice
|
||||||
chroot /var/lib/haproxy
|
chroot {{ haproxy_chroot }}
|
||||||
stats socket /run/haproxy/admin.sock mode 660 level admin
|
stats socket {{ haproxy_socket }} mode 660 level admin
|
||||||
stats timeout 30s
|
stats timeout 30s
|
||||||
user haproxy
|
user haproxy
|
||||||
group haproxy
|
group haproxy
|
||||||
|
@ -22,12 +22,14 @@ global
|
||||||
|
|
||||||
defaults
|
defaults
|
||||||
log global
|
log global
|
||||||
|
|
||||||
mode http
|
mode http
|
||||||
option httplog
|
option httplog
|
||||||
option dontlognull
|
option dontlognull
|
||||||
timeout connect 5000
|
timeout connect 5000
|
||||||
timeout client 50000
|
timeout client 50000
|
||||||
timeout server 50000
|
timeout server 50000
|
||||||
|
|
||||||
errorfile 400 /etc/haproxy/errors/400.http
|
errorfile 400 /etc/haproxy/errors/400.http
|
||||||
errorfile 403 /etc/haproxy/errors/403.http
|
errorfile 403 /etc/haproxy/errors/403.http
|
||||||
errorfile 408 /etc/haproxy/errors/408.http
|
errorfile 408 /etc/haproxy/errors/408.http
|
||||||
|
|
|
@ -50,6 +50,7 @@
|
||||||
line: 'nagios ALL = NOPASSWD: {{ redis_check_redis_path }}'
|
line: 'nagios ALL = NOPASSWD: {{ redis_check_redis_path }}'
|
||||||
insertafter: '^nagios'
|
insertafter: '^nagios'
|
||||||
validate: "visudo -cf %s"
|
validate: "visudo -cf %s"
|
||||||
|
create: yes
|
||||||
when: redis_instance_name is defined
|
when: redis_instance_name is defined
|
||||||
tags:
|
tags:
|
||||||
- redis
|
- redis
|
||||||
|
|
|
@ -22,7 +22,7 @@ UMask=007
|
||||||
PrivateTmp=yes
|
PrivateTmp=yes
|
||||||
LimitNOFILE=65535
|
LimitNOFILE=65535
|
||||||
PrivateDevices=yes
|
PrivateDevices=yes
|
||||||
ProtectHome={{ redis_data_dir_prefix | match('/home') | ternary('no', 'yes') }}
|
ProtectHome={{ redis_data_dir_prefix is match('/home') | ternary('no', 'yes') }}
|
||||||
ReadOnlyDirectories=/
|
ReadOnlyDirectories=/
|
||||||
ReadWriteDirectories=-{{ redis_data_dir_prefix }}-%i
|
ReadWriteDirectories=-{{ redis_data_dir_prefix }}-%i
|
||||||
ReadWriteDirectories=-{{ redis_log_dir_prefix }}-%i
|
ReadWriteDirectories=-{{ redis_log_dir_prefix }}-%i
|
||||||
|
|
Loading…
Reference in a new issue