Compare commits
34 commits
0d9a15447a
...
6f387b029c
Author | SHA1 | Date | |
---|---|---|---|
6f387b029c | |||
7b74e320c9 | |||
c34fe9a477 | |||
0dbd76f077 | |||
b442d5787e | |||
9e25821ecc | |||
1c91913c2a | |||
82b798972f | |||
90e25c708a | |||
8b94e94165 | |||
8be19c9032 | |||
e5f03413a7 | |||
2860546f00 | |||
ecdd26f350 | |||
e4c0f7838d | |||
f20eb73ed5 | |||
b0510d37ce | |||
879d7fc044 | |||
0350a97f8c | |||
3b8834ffce | |||
e57b3578f3 | |||
91588a7737 | |||
47de051ab9 | |||
68c443acd1 | |||
0ac6befce2 | |||
e52811b7eb | |||
f51dadc93e | |||
230c561292 | |||
5708e7205d | |||
4bbe2f4f72 | |||
Jérémy Lecour | 7a9be8d6fa | ||
5acb1956f5 | |||
96504b1deb | |||
56eef89084 |
|
@ -18,6 +18,9 @@ The **patch** part is incremented if multiple releases happen the same month
|
|||
* autosysadmin-agent: upstream release 24.03.2
|
||||
* evolinux-base: Add new variable to disable global customisation of bash config
|
||||
* roundcube: Use /var/log/roundcube directly
|
||||
* evolinux-users: Add sudo mvcli for nagios user
|
||||
* vrrpd : configure and restart minifirewall before starting VRRP
|
||||
* nrpe: !disk1 exclude filesystem type overlay
|
||||
|
||||
### Fixed
|
||||
|
||||
|
@ -25,6 +28,8 @@ The **patch** part is incremented if multiple releases happen the same month
|
|||
* keepalived: Fix tasks that use file instead of copy
|
||||
* memcached: Fix conditions not properly writen (installation was always in multi-instance mode)
|
||||
* fail2ban: SQLite purge script didn't vacuum as expected + error when vacuum cannot be done
|
||||
* nagios-nrpe: create /etc/bash_completion.d if missing
|
||||
* packweb: fix old bug (2017!) .orig file created by module patch and taken in account by ProFTPd
|
||||
|
||||
### Removed
|
||||
|
||||
|
|
|
@ -24,6 +24,8 @@ nagios ALL = NOPASSWD: /sbin/megacli -LdInfo -Lall -aALL -NoLog
|
|||
nagios ALL = NOPASSWD: /sbin/megacli -AdpBbuCmd -GetBbuStatus -aALL -NoLog
|
||||
nagios ALL = NOPASSWD: /sbin/ssacli controller all show status
|
||||
nagios ALL = NOPASSWD: /sbin/ssacli controller slot=0 logicaldrive all show
|
||||
nagios ALL = NOPASSWD: /usr/local/bin/mvcli info -o blk
|
||||
nagios ALL = NOPASSWD: /usr/local/bin/mvcli info -o vd
|
||||
nagios ALL = NOPASSWD: /usr/local/lib/nagios/plugins/check_gluster.rb
|
||||
|
||||
nagios ALL = (clamav) NOPASSWD: /usr/bin/clamscan /tmp/safe.txt
|
||||
|
|
|
@ -15,10 +15,16 @@
|
|||
dest: /usr/local/bin/check-local
|
||||
mode: "0755"
|
||||
|
||||
- name: Package bash-completion is intalled
|
||||
- name: Package bash-completion is installed
|
||||
ansible.builtin.apt:
|
||||
name: bash-completion
|
||||
|
||||
- name: Directory /etc/bash_completion.d exists
|
||||
ansible.builtin.file:
|
||||
path: '/etc/bash_completion.d'
|
||||
state: directory
|
||||
mode: '0644'
|
||||
|
||||
- name: Completion for utilitary check-local is installed
|
||||
ansible.builtin.copy:
|
||||
src: check-local_completion
|
||||
|
|
|
@ -9,7 +9,7 @@ allowed_hosts={{ nagios_nrpe_allowed_hosts | join(',') }}
|
|||
# System checks
|
||||
command[check_load]=/usr/lib/nagios/plugins/check_load --percpu --warning=0.7,0.6,0.5 --critical=0.9,0.8,0.7
|
||||
command[check_swap]=/usr/lib/nagios/plugins/check_swap -a -w 30% -c 20%
|
||||
command[check_disk1]=/usr/lib/nagios/plugins/check_disk -e -w 10% -c 3% -W 10% -K 3% -C -w 5% -c 2% -W 5% -K 2% -p /home -x /lib/init/rw -x /dev -x /dev/shm -x /run -I '^/run/' -I '^/sys/'
|
||||
command[check_disk1]=/usr/lib/nagios/plugins/check_disk -e -w 10% -c 3% -W 10% -K 3% -C -w 5% -c 2% -W 5% -K 2% -p /home -x /lib/init/rw -x /dev -x /dev/shm -x /run -I '^/run/' -I '^/sys/' -X overlay
|
||||
command[check_zombie_procs]=sudo /usr/lib/nagios/plugins/check_procs -w 5 -c 10 -s Z
|
||||
command[check_total_procs]=sudo /usr/lib/nagios/plugins/check_procs -w 400 -c 600
|
||||
command[check_users]=/usr/lib/nagios/plugins/check_users -w 5 -c 10
|
||||
|
|
|
@ -36,7 +36,6 @@
|
|||
ansible.builtin.template:
|
||||
src: postgresql.sources.j2
|
||||
dest: /etc/apt/sources.list.d/postgresql.sources
|
||||
state: present
|
||||
register: postgresql_sources
|
||||
when: ansible_distribution_major_version is version('12', '>=')
|
||||
|
||||
|
|
|
@ -1,25 +1,6 @@
|
|||
---
|
||||
|
||||
- name: set unit name
|
||||
ansible.builtin.set_fact:
|
||||
vrrp_systemd_unit_name: "vrrp-{{ vrrp_address.id }}.service"
|
||||
|
||||
- name: add systemd unit
|
||||
ansible.builtin.template:
|
||||
src: vrrp.service.j2
|
||||
dest: "/etc/systemd/system/{{ vrrp_systemd_unit_name }}"
|
||||
force: true
|
||||
register: vrrp_systemd_unit
|
||||
|
||||
- name: enable and start systemd unit
|
||||
ansible.builtin.systemd:
|
||||
name: "{{ vrrp_systemd_unit_name }}"
|
||||
daemon_reload: yes
|
||||
enabled: yes
|
||||
state: "{{ vrrp_address.state }}"
|
||||
when:
|
||||
- vrrp_systemd_unit is changed
|
||||
- not ansible_check_mode
|
||||
# Configure and restart minifirewall before starting the VRRP service
|
||||
|
||||
- name: Check if a recent minifirewall is present
|
||||
ansible.builtin.stat:
|
||||
|
@ -55,3 +36,31 @@
|
|||
loop_var: peer
|
||||
notify: "{{ minifirewall_restart_handler_name }}"
|
||||
when: _minifirewall_dir.stat.exists
|
||||
|
||||
- name: Flush handlers to restart minifirewall
|
||||
ansible.builtin.meta: flush_handlers
|
||||
when: _minifirewall_dir.stat.exists
|
||||
|
||||
|
||||
# Configure VRRP service
|
||||
|
||||
- name: set unit name
|
||||
ansible.builtin.set_fact:
|
||||
vrrp_systemd_unit_name: "vrrp-{{ vrrp_address.id }}.service"
|
||||
|
||||
- name: add systemd unit
|
||||
ansible.builtin.template:
|
||||
src: vrrp.service.j2
|
||||
dest: "/etc/systemd/system/{{ vrrp_systemd_unit_name }}"
|
||||
force: true
|
||||
register: vrrp_systemd_unit
|
||||
|
||||
- name: enable and start systemd unit
|
||||
ansible.builtin.systemd:
|
||||
name: "{{ vrrp_systemd_unit_name }}"
|
||||
daemon_reload: yes
|
||||
enabled: yes
|
||||
state: "{{ vrrp_address.state }}"
|
||||
when:
|
||||
- vrrp_systemd_unit is changed
|
||||
- not ansible_check_mode
|
||||
|
|
|
@ -10,3 +10,9 @@
|
|||
remote_src: False
|
||||
src: ftp/evolinux.conf.diff
|
||||
dest: /etc/proftpd/conf.d/z-evolinux.conf
|
||||
|
||||
- name: Remove .orig file created by previous patch task
|
||||
ansible.builtin.file:
|
||||
path: /etc/proftpd/conf.d/z-evolinux.conf.orig
|
||||
state: absent
|
||||
|
||||
|
|
Loading…
Reference in a new issue