Compare commits
23 commits
Author | SHA1 | Date | |
---|---|---|---|
62dce66cbd | |||
fe7d9290bf | |||
208d7d603c | |||
6fb78be66c | |||
c51669531b | |||
2b08a2d81d | |||
082e02fe6f | |||
9e0202d3de | |||
119e134373 | |||
dc5d206488 | |||
498d85b549 | |||
c3caa31bf2 | |||
97d3d29210 | |||
478beab856 | |||
93f981be3b | |||
d206ae4c85 | |||
5cf81335e6 | |||
440bec2feb | |||
63a0894906 | |||
26eec48954 | |||
0825d88552 | |||
3ec85f9560 | |||
2036db938b |
64
.Jenkinsfile
64
.Jenkinsfile
|
@ -1,64 +0,0 @@
|
||||||
pipeline {
|
|
||||||
agent { label 'docker' }
|
|
||||||
|
|
||||||
environment {
|
|
||||||
ROLES_VERSION = "${env.GIT_COMMIT}"
|
|
||||||
}
|
|
||||||
|
|
||||||
stages {
|
|
||||||
stage('Anible Lint') {
|
|
||||||
agent {
|
|
||||||
docker {
|
|
||||||
image 'evolix/ansible-lint:latest'
|
|
||||||
}
|
|
||||||
}
|
|
||||||
steps {
|
|
||||||
script {
|
|
||||||
sh 'for role_dir in ./*/; do HOME=$WORKSPACE_TMP ansible-lint -p $role_dir || : ; done'
|
|
||||||
recordIssues(tools: [ansibleLint()])
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
stage('Build tagged docker image') {
|
|
||||||
when {
|
|
||||||
buildingTag()
|
|
||||||
}
|
|
||||||
steps {
|
|
||||||
script {
|
|
||||||
def im = docker.build("evolix/ansible-roles:build${env.BUILD_ID}")
|
|
||||||
im.inside {
|
|
||||||
sh 'echo Test needed'
|
|
||||||
}
|
|
||||||
def version = TAG_NAME
|
|
||||||
def versions = version.split('\\.')
|
|
||||||
def major = versions[0]
|
|
||||||
def minor = versions[0] + '.' + versions[1]
|
|
||||||
def patch = version.trim()
|
|
||||||
docker.withRegistry('', 'hub.docker') {
|
|
||||||
im.push(major)
|
|
||||||
im.push(minor)
|
|
||||||
im.push(patch)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
stage('Build latest docker image') {
|
|
||||||
when {
|
|
||||||
branch 'unstable'
|
|
||||||
}
|
|
||||||
steps {
|
|
||||||
script {
|
|
||||||
def im = docker.build("evolix/ansible-roles:build${env.BUILD_ID}")
|
|
||||||
im.inside {
|
|
||||||
sh 'echo Test needed'
|
|
||||||
}
|
|
||||||
docker.withRegistry('', 'hub.docker') {
|
|
||||||
im.push('latest')
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
36
.drone.yml
Normal file
36
.drone.yml
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
kind: pipeline
|
||||||
|
name: default
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: build tagged docker image
|
||||||
|
image: plugins/docker
|
||||||
|
settings:
|
||||||
|
username:
|
||||||
|
from_secret: docker_username
|
||||||
|
password:
|
||||||
|
from_secret: docker_password
|
||||||
|
dockerfile: Dockerfile
|
||||||
|
repo: evolix/ansible-roles
|
||||||
|
auto_tag: true
|
||||||
|
environment:
|
||||||
|
ROLES_VERSION: $DRONE_COMMIT_SHA
|
||||||
|
when:
|
||||||
|
event:
|
||||||
|
- tag
|
||||||
|
|
||||||
|
- name: build latest docker image
|
||||||
|
image: plugins/docker
|
||||||
|
settings:
|
||||||
|
username:
|
||||||
|
from_secret: docker_username
|
||||||
|
password:
|
||||||
|
from_secret: docker_password
|
||||||
|
dockerfile: Dockerfile
|
||||||
|
repo: evolix/ansible-roles
|
||||||
|
tags: latest
|
||||||
|
environment:
|
||||||
|
ROLES_VERSION: $DRONE_COMMIT_SHA
|
||||||
|
when:
|
||||||
|
branch:
|
||||||
|
- unstable
|
||||||
|
|
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -2,4 +2,3 @@
|
||||||
.kateproject.d
|
.kateproject.d
|
||||||
.vagrant/
|
.vagrant/
|
||||||
*.swp
|
*.swp
|
||||||
.vscode
|
|
|
@ -1,4 +0,0 @@
|
||||||
{
|
|
||||||
"MD013": false,
|
|
||||||
"MD024": false
|
|
||||||
}
|
|
8
.vscode/settings.json
vendored
8
.vscode/settings.json
vendored
|
@ -1,8 +0,0 @@
|
||||||
{
|
|
||||||
"files.associations": {
|
|
||||||
"*.yml": "ansible",
|
|
||||||
"*.yaml": "ansible"
|
|
||||||
},
|
|
||||||
"yaml.format.enable": false,
|
|
||||||
"ansible.python.interpreterPath": "/bin/python"
|
|
||||||
}
|
|
919
CHANGELOG.md
919
CHANGELOG.md
|
@ -1,18 +1,19 @@
|
||||||
# Changelog
|
# Changelog
|
||||||
|
|
||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
|
|
||||||
The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
|
The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
|
||||||
|
|
||||||
This project does not follow semantic versioning.
|
This project does not follow semantic versioning.
|
||||||
The **major** part of the version is the year
|
The **major** part of the version is aligned with the stable version of Debian.
|
||||||
The **minor** part is the month
|
The **minor** part changes with big changes (probably incompatible).
|
||||||
The **patch** part is incremented if multiple releases happen the same month
|
The **patch** part changes incrementally at each release.
|
||||||
|
|
||||||
## [Unreleased]
|
## [Unreleased]
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
|
* varnish: variable for jail configuration
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
@ -21,845 +22,14 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
|
|
||||||
### Security
|
### Security
|
||||||
|
|
||||||
## [24.05] 2024-05-15
|
### Other
|
||||||
|
|
||||||
### Added
|
* Generic cleanup of roles
|
||||||
|
|
||||||
* apt: add list-upgradable-held-packages.sh
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* evobackup-client: upstream release 24.05.1
|
|
||||||
* evolinux-base: improve adding the current user to SSH AllowGroups of AllowUsers
|
|
||||||
* evolinux-users: improve SSH configuration
|
|
||||||
* evomaintenance: upstream release 24.05
|
|
||||||
* evomaintenance: move upstream files into upstream folder
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
* apt: use archive.debian.org with Buster
|
|
||||||
|
|
||||||
## [24.04] 2024-04-30
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* proftpd: optional configuration of IP whitelists per groups of users
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* autosysadmin-agent: upstream release 24.03.2
|
|
||||||
* evobackup-client: replace non-functional role with install tasks
|
|
||||||
* evobackup-client: upstream release 24.04.1
|
|
||||||
* evolinux-base: Add new variable to disable global customisation of bash config
|
|
||||||
* evolinux-base: Disable logcheck monitoring of journald only if journald.logfiles exists
|
|
||||||
* evolinux-users: Add sudo mvcli for nagios user
|
|
||||||
* haproxy: support bookworm for backport packages
|
|
||||||
* nrpe: !disk1 exclude filesystem type overlay
|
|
||||||
* postfix/amavis: max servers is now 3 (previously 2)
|
|
||||||
* roundcube: Use /var/log/roundcube directly
|
|
||||||
* vrrpd: configure and restart minifirewall before starting VRRP
|
|
||||||
* vrrpd: configure minifirewall with blocks instead of lines
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
* certbot: Fix HAPEE renewal hook
|
|
||||||
* certbot: Fix HAProxy renewal hook
|
|
||||||
* evolinux-base/logcheck: fix conf patch, journal check was not disabled when asked
|
|
||||||
* fail2ban: SQLite purge script didn't vacuum as expected + error when vacuum cannot be done
|
|
||||||
* keepalived: Fix tasks that use file instead of copy
|
|
||||||
* memcached: Fix conditions not properly writen (installation was always in multi-instance mode)
|
|
||||||
* nagios-nrpe: create /etc/bash_completion.d if missing
|
|
||||||
* openvpn: install packages manually, because openbsd_pkg module is broken since OpenBSD 7.4 with the version of Ansible we currently use
|
|
||||||
* packweb: fix old bug (2017!) .orig file created by module patch and taken in account by ProFTPd
|
|
||||||
* redis: replace inline argument with environment variable for the password
|
|
||||||
|
|
||||||
### Removed
|
|
||||||
|
|
||||||
* docker-host: Removed `docker_conf_use_iptables` variable (iptable usage forced to true)
|
|
||||||
|
|
||||||
## [24.03] 2024-03-01
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* autosysadmin-agent: upstream release 24.03
|
|
||||||
* autosysadmin-restart_nrpe: add role
|
|
||||||
* certbot: Renewal hook for NRPE
|
|
||||||
* kvm-host: add minifirewall rules if DRBD interface is configured
|
|
||||||
* proftpd: add whitelist ip
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* apt: add ftp.evolix.org as recognized system source
|
|
||||||
* autosysadmin-agent: logs clearing is done weekly
|
|
||||||
* autosysadmin-agent: rename /usr/share/scripts/autosysadmin/{auto,restart}
|
|
||||||
* certbot: use pkey to test the key
|
|
||||||
* evolinux-base: execute autosysadmin-agent and autosysadmin-restart_nrpe roles
|
|
||||||
* lxc-php, php: Update sury PGP key
|
|
||||||
* openvpn: earlier alert for CA expiration
|
|
||||||
* redis: create sysfs config file if missing
|
|
||||||
* nextcloud: use latest version by default
|
|
||||||
|
|
||||||
### Removed
|
|
||||||
|
|
||||||
* autosysadmin: replaced by autosysadmin-agent
|
|
||||||
|
|
||||||
## [24.02.1] 2024-02-08
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
* fail2ban: fix Ansible syntax
|
|
||||||
|
|
||||||
## [24.02] 2024-02-08
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* Support for PHP 8.3 with bookworm LXC containers
|
|
||||||
* apt: add task file to install ELTS repository (default: False)
|
|
||||||
* autosysadmin: Add a role to automatically deploy autosysadmin on evolixisation
|
|
||||||
* check_free_space: added role
|
|
||||||
* etc-git: add /var/chroot-bind/etc/bind repo
|
|
||||||
* fail2ban: add script unban_ip
|
|
||||||
* generateldif: new Services for check_pressure_{cpu,io,mem}
|
|
||||||
* kvm-host: Automatically add an LVM filter when LVM is present
|
|
||||||
* lxc-php: Allow one to install php83 on Bookworm container
|
|
||||||
* minifirewall: Fix nagios check for old versions of minifirewall
|
|
||||||
* mongodb: add gpg key for 7.0
|
|
||||||
* nagios-nrpe: add check_sentinel for monitoring Redis Sentinel
|
|
||||||
* nagios-nrpe: new check_pressure_{cpu,io,mem}
|
|
||||||
* remount-usr: do not try to remount /usr RW if /usr is not a mounted partition
|
|
||||||
* vrrpd: configure minifirewall
|
|
||||||
* vrrpd: test if interface exists before deleting it
|
|
||||||
* webapps/evoadmin-mail: package installed via public.evolix.org/evolix repo starting with Bookworm
|
|
||||||
* webapps/nextcloud: Add condition for archive tasks
|
|
||||||
* webapps/nextcloud: Add condition for config tasks
|
|
||||||
* webapps/nextcloud: Added var nextcloud_user_uid to enforce uid for nextcloud user
|
|
||||||
* webapps/nextcloud: Set ownership and permissions of data directory
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* add-vm.sh: allow VM name max length > 20
|
|
||||||
* amavis: make ldap_suffix mandatory
|
|
||||||
* apache : fix goaway pattern for bad bots
|
|
||||||
* apache : rename MaxRequestsPerChild to MaxConnectionsPerChild (new name)
|
|
||||||
* apache: use backward compatible Redirect directive
|
|
||||||
* apt: Disable archive repository for Debian 8
|
|
||||||
* apt: Use the GPG version of the key for Debian 8-9
|
|
||||||
* bind: Update role for Buster, Bullseye and Bookworm support
|
|
||||||
* dovecot: add variables for LDAP
|
|
||||||
* dovecot: Munin plugin conf path is now `/etc/munin/plugin-conf.d/zzz-dovecot` (instead of `z-evolinux-dovecot`)
|
|
||||||
* evocheck: upstream release 24.01
|
|
||||||
* evolinux-base: dump-server-state upstream release 23.11
|
|
||||||
* evolinux-base: use separate default config file for rsyslog
|
|
||||||
* kvmstats: use .capacity instead of .physical for disk size
|
|
||||||
* ldap: make ldap_suffix mandatory
|
|
||||||
* listupgrade : old-kernel-removal.sh upstream release 24.01
|
|
||||||
* log2mail: move custom config in separate file
|
|
||||||
* lxc: init /etc git repository in lxc container
|
|
||||||
* mysql: disable performance schema for Debian 8
|
|
||||||
* nagios: add dockerd check in nrpe check template
|
|
||||||
* nagios: cleaning nrpe check template
|
|
||||||
* nagios: rename var `nagios_nrpe_process_processes` into `nagios_nrpe_processes` and check systemd-timesyncd instead of ntpd in Debian 12
|
|
||||||
* nagios: add option --full to check pressure IO and mem to avoid flaps
|
|
||||||
* proftpd: in SFTP vhost, enable SSH keys login, enable ed25549 host key for Debian >= 11
|
|
||||||
* redis: manage config template inside a block, to allow custom modifications outside
|
|
||||||
* spamassassin: Use spamd starting with Bookworm
|
|
||||||
* squid: config directory seems to have changed from /etc/squid3 to /etc/squid in Debian 8
|
|
||||||
* unbound: Add config file to allow configuration reload on Debian 11 and lower
|
|
||||||
* unbound: Add munin configuration & setup plugin
|
|
||||||
* unbound: Big cleanup
|
|
||||||
* unbound: Move generated config file to `/etc/unbound/unbound.conf.d/evolinux.conf`
|
|
||||||
* unbound: Use root hints provided by debian package dns-root-data instead of downloading them
|
|
||||||
* vrrpd: replace switch script with custom one (fix MAC issue, use `ip(8)`, shell cleanup…)
|
|
||||||
* vrrpd: variable to force update the switch script (default: false)
|
|
||||||
* webapps/nextcloud: Add Ceph volume to fstab
|
|
||||||
* webapps/nextcloud: Set home directory's mode
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
* Add php-fpm82 to LDAP when relevant
|
|
||||||
* Check stat.exists before stat.isdir
|
|
||||||
* apache: fix MaxRequestsPerChild value to be sync with wiki.e.o
|
|
||||||
* apt: use archive.debian.org with Stretch
|
|
||||||
* certbot: fix hook for dovecot when more than one certificate is used (eg. different certificates for POP3 and IMAP)
|
|
||||||
* dovecot: add missing LDAP conf iterate_filter to exclude disabled accounts in users list (caused « User no longer exists » errors in commands listing users like « doveadm user -u '*' » or « doveadm expunge -u "*" mailbox INBOX savedbefore 7d »).
|
|
||||||
* dovecot: fix missing default mails
|
|
||||||
* dovecot: fix plugin dovecot1
|
|
||||||
* evoadmin-web: Fix PHP version for Bookworm
|
|
||||||
* evolinux-base: fix hardware.yml (wrong repo, missing update cache)
|
|
||||||
* evolinux-base: start to install linux-image-cloud-amd64 with Buster
|
|
||||||
* fail2ban: fix template marker
|
|
||||||
* minifirewall: ports 25, 53, 443, 993, 995 not opened publicly by default anymore, ports 20, 21, 110, 143 not opened semi-publicly by default anymore.
|
|
||||||
* nagios: fix default file to monitor for check_clamav_db
|
|
||||||
* nginx: add "when: not ansible_check_mode" in various tasks to prevent fail in check mode
|
|
||||||
* nginx: fix mistake between "check_mode: no" and "when: not ansible_check_mode" (fail in check mode)
|
|
||||||
* nginx: fix mistake between "check_mode: no" and "when: not ansible_check_mode" (fail in check mode)
|
|
||||||
* nginx: keep indentation
|
|
||||||
* nginx: take care of « already defined » and « not yet defined » server status suffix in check mode
|
|
||||||
* php: Bullseye/Sury > Honor the php_version asked in the pub.evolix.org repository
|
|
||||||
* php: drop apt_preferences(5) file for sury
|
|
||||||
* postfix: remove dependency on evolinux_fqdn var
|
|
||||||
* proftpd: set missing default listen IP for SFTP
|
|
||||||
* roundcube: set default SMTP port to 25 instead of 587, which failed because of missing SSL conf (local connexion does not need SSL)
|
|
||||||
* ssl: no not execute haproxy tasks and reload if haproxy is disabled
|
|
||||||
* unbound: Add a apt cache validity to enforce an apt update if needed
|
|
||||||
* webapps/nextcloud: added check that nextcloud uid is over 3000
|
|
||||||
* webapps/nextcloud: fix Add Ceph volume to fstab : missing UUID= in src
|
|
||||||
* webapps/nextcloud: fix misplaced gid attribute
|
|
||||||
* webapps/nextcloud: fix missing gid
|
|
||||||
* webapps/roundcube & evoadminmail: make roles more idempotent (were failing when played twice)
|
|
||||||
* amavis: Add variables for generate "ldap_suffix"
|
|
||||||
* proftpd: fix error when no SSH key is provided
|
|
||||||
|
|
||||||
### Removed
|
|
||||||
|
|
||||||
* evolinux-base: no need to remove update-evobackup-canary from sbin anymore
|
|
||||||
* evolinux-base: no need to symlink backup-server-state to dump-server-state anymore
|
|
||||||
|
|
||||||
## [23.10] 2023-10-14
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* apt: disable `NonFreeFirmware` warning for VM on Debian 12+
|
|
||||||
* apt: explicit `signed-by` directives for official sources
|
|
||||||
* bind: add reload-zone helper
|
|
||||||
* certbot: deploy-hook for proftpd
|
|
||||||
* docker-host: added var for user namespace setting
|
|
||||||
* dovecot: add Munin plugins dovecot1 and dovecot_stats (patched)
|
|
||||||
* dovecot: fix old_stats plugin for Dovecot 2.3
|
|
||||||
* evocheck: add support for Debian >= 12 split SSH configuration
|
|
||||||
* evolinux-base: add split SSH configuration for Debian >= 12
|
|
||||||
* evolinux-base: configure `.bashrc` for all users
|
|
||||||
* evolinux-base: New variable `evolinux_system_include_ntpd` to chose wether or not to include `ntpd` role
|
|
||||||
* evolinux-base: reboot the server if the Cloud kernel has been installed
|
|
||||||
* evolinux-users: add split SSH configuration for Debian >= 12
|
|
||||||
* evolinux: install HPE Agentless Management Service (amsd)
|
|
||||||
* fail2ban: add default variable fail2ban_dbpurgeage_default
|
|
||||||
* fail2ban: add `fail2ban_sshd_port` variable to configure sshd port
|
|
||||||
* kvm-host: release 23.10 for migrate-vm.sh
|
|
||||||
* metricbeat/logstash: fix Ansible syntax
|
|
||||||
* mysql: new munin graph to follow binlog_days over time
|
|
||||||
* nagios-nrpe: add a NRPE check-local command with completion.
|
|
||||||
* nagios-nrpe: add a proper monitoring plugin for GlusterFS (on servers, not for clients)
|
|
||||||
* php: add new variable to disable overriding settings of php-fpm default pool (www)
|
|
||||||
* policy_pam: New role to manage password policy with `pam_pwquality` & `pam_pwhistory`
|
|
||||||
* userlogrotate: add a `userlogpurge` script disabled by default
|
|
||||||
* userlogrotate: new version, with separate conf file
|
|
||||||
* userlogrotate: rotate also php.log
|
|
||||||
* java:Â allow version 17
|
|
||||||
* timesyncd: new role, used instead of ntpd by default starting with Debian 12
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* all: change syntax "become: [yes,no]" → "become: [true,false]"
|
|
||||||
* all: change syntax "force: [yes,no]" → "force: [true,false]"
|
|
||||||
* elasticsearch: improve networking configuration
|
|
||||||
* evolinux-base: include files under `sshd_config.d`
|
|
||||||
* evolinux-users: remove Stretch references in tasks that also apply to next Debian versions
|
|
||||||
* evomaintenance: upstream release 23.10.1
|
|
||||||
* lxc-php: change LXC container in bookworm for php82
|
|
||||||
* minifirewall: update nrpe script to check active configuration
|
|
||||||
* minifirewall: upstream release 23.07
|
|
||||||
* mysql: improve shell syntax for mysql_skip script
|
|
||||||
* nagios-nrpe: set default check_load --per-cpu for BSD
|
|
||||||
* pgbouncer: minor fixes
|
|
||||||
* postfix (packmail or when postfix_slow_transport_include is True): change `miniprofmal_backoff_time` from 2h to 15m (see HowtoPostfix)
|
|
||||||
* postfix (packmail) : optimize Amavis integration
|
|
||||||
* postfix: disable sending mails via IPv6
|
|
||||||
* postfix: new spam.sh update script that avoids reloading if files did not change.
|
|
||||||
* postgresql: fix file `postgresql.pref.j2` for exclude package
|
|
||||||
* postgresql: fix task `update apt cache` for PGDG repo
|
|
||||||
* redis: standardize plugins path from `/usr/local/share/munin/` to `/usr/local/lib/munin/plugins/`
|
|
||||||
* varnish: allow the systemd template to be overridden with a template outside of the role
|
|
||||||
* lxc: purge openssh-server from container on install
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
* elasticsearch: comment the `Xlog:gc` line instead of changing it completely
|
|
||||||
* evocheck: fix IS_SSHALLOWUSERS condition
|
|
||||||
* evolinux-base, evolinux-users: Fix files mode under `/etc/ssh/sshd_config.d`
|
|
||||||
* evolinux-base: fix file extension
|
|
||||||
* fail2ban: fix cron `fail2ban_dbpurge` (should be bash instead of sh)
|
|
||||||
* lxc-php: fix APT keyring path inside containers
|
|
||||||
* nagios-nrpe: `check_ssl_local` now has an output that nrpe can understand when it isn't OK
|
|
||||||
* nagios-nrpe: remount `/usr` **after** installing the packages
|
|
||||||
* nagios-nrpe: sync Redis check from redis roles
|
|
||||||
* nginx: set default server directive in default vhost
|
|
||||||
* opendkim: update apt cache before install
|
|
||||||
* packweb-apache,nagios-nrpe: add missing task and config for PHP 8.2 container
|
|
||||||
* postfix: add missing `localhost.$mydomain` to `mydestination`
|
|
||||||
* redis: replace erroneous `ini_file` module for Munin config, fix dedicated Munin config filename (z-XXX).
|
|
||||||
* evolinux-base: use lineinfile instead of replace under root task
|
|
||||||
* evolinux-base: Corriger autorisation pour evolinux_user
|
|
||||||
* docker-host: Retirer directive state en trop
|
|
||||||
* rbenv: Installer libyaml-dev
|
|
||||||
|
|
||||||
### Removed
|
|
||||||
|
|
||||||
* dovecot: remove Munin plugin dovecot (not working)
|
|
||||||
|
|
||||||
## [23.04] 2023-04-23
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* graylog: new role
|
|
||||||
* lxc-php: add support for PHP 8.2 container
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* Use FQCN (Fully Qualified Collection Name)
|
|
||||||
* apt: with Debian 12, backports are installed but disabled by default
|
|
||||||
* openvpn: updated the README file
|
|
||||||
* pgbouncer: add handler to restart the service
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
* generate-ldif: Support for Debian 12
|
|
||||||
|
|
||||||
## [23.03.1] 2023-03-16
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* pgbouncer: new role
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* apt: deb822 migration python script is looked relative to shell script
|
|
||||||
* listupgrade: remove old typo version of the cron task
|
|
||||||
* minifirewall: support protocols in numeric form
|
|
||||||
|
|
||||||
## [23.03] 2023-03-16
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* apache: add task to enable mailgraph on default vhost and index.html
|
|
||||||
* apt: add move-apt-keyrings script/tasks
|
|
||||||
* apt: add tools to migrate sources to deb822 format
|
|
||||||
* fail2ban: add "Internal login failure" to Dovecot filter
|
|
||||||
* lxc: copy `/etc/profile.d/evolinux.sh` from host into container
|
|
||||||
* nagios-nrpe: add tasks/files for a wrapper
|
|
||||||
* nagios-nrpe: Print pool config path in check_phpfpm_multi output
|
|
||||||
* php: add `php_version` variable when sury is activated for each Debian version
|
|
||||||
* php: add a way to choose which version to install using sury repository
|
|
||||||
* postfix: Add task to enable mailgraph on packmail
|
|
||||||
* postgresql: configure max_connections
|
|
||||||
* userlogrotate: create dedicated role, separated from packweb-apache
|
|
||||||
* varnish: add `varnish_update_config` variable to disable configuration update
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* Use systemd module instead of command
|
|
||||||
* Removed all `warn: False` args in command, shell and other modules as it's been deprecated and will give a hard fail in ansible-core 2.14.0.
|
|
||||||
* apt: Use pub.evolix.org instead of pub.evolix.net
|
|
||||||
* bind: refactor role
|
|
||||||
* elasticsearch: Disable garabge collector logging (JDK >= 9)
|
|
||||||
* evolinux-users: Update sudoers template to remove commands allowed without password
|
|
||||||
* listupgrade: upstream release 23.03.3
|
|
||||||
* kvmstats: use virsh domstats | awk to get guests informations
|
|
||||||
* nagios-nrpe : Rewrite `check_vrrpd` for a better check (check `rp_filter`, `vrrpd` and `uvrrpd` compatible, use arguments, …)
|
|
||||||
* openvpn: Change `check_openvpn` destination file to comply with recent EvoBSD change
|
|
||||||
* postfix: come back to default value of `notify_classes` for pack mails.
|
|
||||||
* userlogrotate: set rotate date format in right order (YYYY-MM-DD)!
|
|
||||||
* webapps/nextcloud : Change default data directory to be outside web root
|
|
||||||
* webapps/nextcloud : Small enhancement on the vhost template to lock out data dir
|
|
||||||
* yarn: update apt key
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
* Proper jinja spacing
|
|
||||||
* clamav: set `MaxConnectionQueueLength` to its default value (200), custom (15) was way too small and caused recurring failures in Postfix.
|
|
||||||
* docker-host: fix type in `daemon.json` and remove host configuration that is already in the systemd service by default
|
|
||||||
* evolinux-base: ensure dbus is started and enabled (not by default in the case of an offline netinst)
|
|
||||||
* haproxy: fix missing admin ACL in stats module access permissions
|
|
||||||
* openvpn: fix the client cipher configuration to match the server cipher configuration
|
|
||||||
* php: fix error introduced in #33503e4538 (`False` evaluated as a String instead of Boolean)
|
|
||||||
* php: install using Sury repositories on Bullseye
|
|
||||||
* postfix (packmail only): disable `concurrency_failed_cohort_limit` for destination smtp-amavis to prevent the suspension of this destination when Amavis fails to answer. Indeed, we configure the suspension delay quite long in `minimal_backoff_time` (2h) and `maximal_backoff_time` (6h) to reduce the risk of ban from external SMTPs.
|
|
||||||
* postfix: avoid Amavis transport to be considered dead when restarted.
|
|
||||||
* postfix: remove unused `aliases_scope=sub` from virtual_aliases.cf (it generated warnings)
|
|
||||||
* userlogrotate: fix bug introduced in commit 2e54944a246 (rotated files were not zipped)
|
|
||||||
* userlogrotate: skip zipping if .gz log already exists (prevents interactive question)
|
|
||||||
|
|
||||||
### Removed
|
|
||||||
|
|
||||||
* evolinux-base: subversion is not installed anymore
|
|
||||||
|
|
||||||
## [22.12] 2022-12-14
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* all: add signed-by option for additional APT sources
|
|
||||||
* all: preliminary work to support Debian 12
|
|
||||||
* all: use proper keyrings directory for APT version
|
|
||||||
* evolinux-base: replace regular kernel by cloud kernel on virtual servers
|
|
||||||
* lxc-php: set php-fpm umask to `007`
|
|
||||||
* nagios-nrpe: `check_ceph_*`
|
|
||||||
* nagios-nrpe: `check_haproxy_stats` supports DRAIN status
|
|
||||||
* packweb-apache: enable `log_forensic` module
|
|
||||||
* rabbitmq: add link in default page
|
|
||||||
* varnish: create special tmp directory for syntax validation
|
|
||||||
* postfix: add localhost.$mydomain to mydestination
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* certbot: auto-detect HAPEE version in renewal hook
|
|
||||||
* evocheck: install script according to Debian version
|
|
||||||
* evolinux-base: `utils.yml` can be excluded
|
|
||||||
* evolinux-todo: execute tasks only for Debian distribution (because this task is a dependency for others roles used on different distributions)
|
|
||||||
* evolinux-user: add sudoers privilege for check `php_fpm81`
|
|
||||||
* evomaintenance: allow missing API endpoint if APi is disabled
|
|
||||||
* java: use default JRE package when version is not specified
|
|
||||||
* keepalived: change exit code (_warning_ if running but not on expected state ; _critical_ if not running)
|
|
||||||
* listupgrade: better detection for PostgreSQL
|
|
||||||
* listupgrade: sort/uniq of packages/services lists in email template
|
|
||||||
* lxc-solr: detect the real partition options
|
|
||||||
* lxc-solr: download URL according to Solr Version
|
|
||||||
* lxc-solr: set homedir and port at install
|
|
||||||
* minifirewall: whitelist deb.freexian.com
|
|
||||||
* openvpn: shellpki upstream release 22.12.2
|
|
||||||
* openvpn: specifies that the mail for expirations is for OpenVPN
|
|
||||||
* packweb-apache: manual dependencies resolution
|
|
||||||
* redis: some values should be quoted
|
|
||||||
* redis: variable to disable transparent hugepage (default: do nothing)
|
|
||||||
* squid: whitelist `deb.freexian.com`
|
|
||||||
* varnish: better package facts usage with check mode and tags
|
|
||||||
* varnish: systemd override depends on Varnish version instead of Debian version
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
* evolinux-user: Fix sudoers privilege for check `php_fpm80`
|
|
||||||
* nagios-nrpe: Fix check opendkim for recent change in listening port
|
|
||||||
* openvpn: Fix mode of shellpki script
|
|
||||||
* proftpd: Fix format of public key files controlled by Ansible
|
|
||||||
* proftpd: Fix mode of public key directory and files (they have to be accessible by `proftpd:nobody`)
|
|
||||||
* varnish: fix missing state, that blocked the task
|
|
||||||
|
|
||||||
### Removed
|
|
||||||
|
|
||||||
* openvpn: Deleted the task fixing the CRL rights since it has been fixed in upstream
|
|
||||||
|
|
||||||
## [22.09] 2022-09-19
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* evolinux_users: create only users who have a certain value for the `create` key (default: `always`).
|
|
||||||
* php: install php-xml with recent PHP versions
|
|
||||||
* vrrp: add an `ip.yml` task file to help create VRRP addresses
|
|
||||||
* webapps/nextcloud: Add compatibility with apache2, and apache2 mod_php.
|
|
||||||
* memcached: NRPE check for multi-instance setup
|
|
||||||
* munin: Add ipmi_ plugins on dedicated hardware
|
|
||||||
* proftpd: Add options to override configs (and add a warning if file was overriden)
|
|
||||||
* proftpd: Allow user auth with ssh keys
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* evocheck: upstream release 22.09
|
|
||||||
* evolinux-base: update-evobackup-canary upstream release 22.06
|
|
||||||
* generate-ldif: Support any MariaDB version
|
|
||||||
* minifirewall: use handlers to restart minifirewall
|
|
||||||
* openvpn: automate the initialization of the CA and the creation of the server certificate ; use openssl_dhparam module instead of a command
|
|
||||||
* generate-ldif: support any version of MariaDB (instead of only 10.0, 10.1 and 10.3)
|
|
||||||
* openvpn: Run OpenVPN with the \_openvpn user and group instead of nobody which is originally for NFS
|
|
||||||
* nagios-nrpe: Upgrade check_mongo
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
* fail2ban: fix dovecot-evolix regex syntax
|
|
||||||
* haproxy: make it so that munin doesn't break if there is a non default `haproxy_stats_path`
|
|
||||||
* mysql: Add missing Munin conf for Debian 11
|
|
||||||
* redis: config directory must be owned by the user that runs the service (to be able to write tmp config files in it)
|
|
||||||
* varnish: make `-j <jail_config>` the first argument on jessie/stretch as it has to be the first argument there.
|
|
||||||
* webapps/nextcloud: Add missing dependencies for imagick
|
|
||||||
|
|
||||||
### Removed
|
|
||||||
|
|
||||||
* evocheck: remove failure if deprecated variable is used
|
|
||||||
* webapps/nextcloud: Drop support for Nginx
|
|
||||||
|
|
||||||
## [22.07.1] 2022-07-28
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* evocheck: upstream release 22.07
|
|
||||||
* evomaintenance: upstream release 22.07
|
|
||||||
* mongodb: replace version_compare() with version()
|
|
||||||
* nagios-nrpe: check_disk1 returns only alerts
|
|
||||||
* nagios-nrpe: use regexp to exclude paths/devices in check_disk1
|
|
||||||
|
|
||||||
## [22.07] 2022-07-08
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* fail2ban: Ensure apply dbpurgeage from stretch and buster
|
|
||||||
|
|
||||||
## [22.07] 2022-07-06
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* evolinux-base: session timeout is configurable (default: 36000 seconds = 10 hours)
|
|
||||||
* haproxy: add haproxy_allow_ip_nonlocal_bind to set sysctl value (optional)
|
|
||||||
* kvm-host: fix depreciation of "drbd-overview" by "drbdadm status" in add-vm.sh
|
|
||||||
* openvpn: configure logrotate
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* openvpn: minimal rights on /etc/shellpki/ and crl.pem
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
* evolinux-base: Update PermitRootLogin task to work on Debian 11
|
|
||||||
* evolinux-user: Update PermitRootLogin task to work on Debian 11
|
|
||||||
* minifirewall: docker mode is configurable
|
|
||||||
|
|
||||||
## [22.06.3] 2022-06-17
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* evolinux-base: blacklist and do not install megaclisas-status package on incompatible servers
|
|
||||||
|
|
||||||
## [22.06.2] 2022-06-10
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* postgresql: add variable to configure binding addresses (default: 127.0.0.1)
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* evocheck: upstream release 22.06.2
|
|
||||||
* fail2ban: Give the possibility to override jail.local (with fail2ban_override_jaillocal)
|
|
||||||
* fail2ban: If jail.local was overriden, add a warning
|
|
||||||
* fail2ban: Allow to tune some jail settings (maxretry, bantime, findtime) with ansible
|
|
||||||
* fail2ban: Allow to tune the default action with ansible
|
|
||||||
* fail2ban: Change default action to ban only (instead of ban + mail with whois report)
|
|
||||||
* fail2ban: Configure recidive jail (off by default) + extend dbpurgeage
|
|
||||||
* redis: binding is possible on multiple interfaces (breaking change)
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
* Enforce String notation for mode
|
|
||||||
* postgresql: fix nested loop for Munin plugins
|
|
||||||
* postgresql: Fix task order when using pgdg repo
|
|
||||||
* postgresql: Install the right pg version
|
|
||||||
|
|
||||||
## [22.06.1] 2022-06-06
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* evocheck: upstream release 22.06.1
|
|
||||||
* minifirewall: upstream release 22.06
|
|
||||||
* mysql: evomariabackup release 22.06.1
|
|
||||||
* mysql: reorganize evomariabackup to use mtree instead of our own dir-check
|
|
||||||
|
|
||||||
## [22.06] 2022-06-03
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* certbot: add hapee (HAProxy Enterprise Edition) deploy hook
|
|
||||||
* evolinux-base: add dir-check script
|
|
||||||
* evolinux-base: add update-evobackup-canary script
|
|
||||||
* mysql: add post-backup-hook to evomariabackup
|
|
||||||
* mysql: use dir-check inside evomariabackup
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* docker: Allow "live-restore" to be toggled with docker_conf_live_restore
|
|
||||||
* evocheck: upstream release 22.06
|
|
||||||
* evolinux-base: Replacement of variable `evolinux_packages_hardware` by `ansible_virtualization_role == "host"` automatize host type detection and avoids installing smartd & other on VM.
|
|
||||||
* minifirewall: tail template follows symlinks
|
|
||||||
* mysql: add "set crypt_use_gpgme=no" Mutt option, for mysqltuner
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
* Role `postfix`: Add missing `localhost.localdomain localhost` to `mydestination` variable which caused undelivered of some local mails.
|
|
||||||
|
|
||||||
## [22.05.1] 2022-05-12
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* docker: Introduce new default settings + allow to change the docker data directory
|
|
||||||
* docker: Introduce new variables to tweak daemon settings
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* evocheck: Upstream release 22.05
|
|
||||||
|
|
||||||
### Removed
|
|
||||||
|
|
||||||
* docker: Removed Debian Jessie support
|
|
||||||
|
|
||||||
## [22.05] 2022-05-10
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* etc-git: use "ansible-commit" to efficiently commit all available repositories (including /etc inside LXC) from Ansible
|
|
||||||
* minifirewall: compatibility with "legacy" version of minifirewall
|
|
||||||
* minifirewall: configure proxy/backup/sysctl values
|
|
||||||
* munin: Add possibility to install local plugins, and install dhcp_pool plugin
|
|
||||||
* nagios-nrpe: Add a check dhcp_pool
|
|
||||||
* redis: Activate overcommit sysctl
|
|
||||||
* redis: Add log2mail user to redis group
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* dump-server-state: upstream release 22.04.3
|
|
||||||
* evocheck: upstream release 22.04.1
|
|
||||||
* evolinux-base: Add non-free repos & install non-free firmware on dedicated hardware
|
|
||||||
* evolinux-base: rename backup-server-state to dump-server-state
|
|
||||||
* generate-ldif: Add services check for bkctld
|
|
||||||
* minifirewall: restore "force-restart" and fix "restart-if-needed"
|
|
||||||
* minifirewall: tail template follows symlinks
|
|
||||||
* minifirewall: upstream release 22.05
|
|
||||||
* opendkim : add generate opendkim-genkey in sha256 and key 4096
|
|
||||||
* openvpn: use a local copy of files instead of cloning an external git repository
|
|
||||||
* openvpn: use a subnet topology instead of the net30 default topology
|
|
||||||
* tomcat: Tomcat 9 by default with Debian 11
|
|
||||||
* vrrpd: Store sysctl values in specific file
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
* etc-git : Remount /usr in rw for git gc in in /usr/share/scripts/
|
|
||||||
* etc-git: Make evocommit fully compatible with OpenBSD
|
|
||||||
* generate-ldif: Correct generated entries for php-fpm in containers
|
|
||||||
* keepalived: repair broken role
|
|
||||||
* minifirewall: fix `failed_when` condition on restart
|
|
||||||
* postfix: Do not send mails through milters a second time after amavis (in packmail)
|
|
||||||
* redis: Remount /usr with RW before adding nagios plugin
|
|
||||||
|
|
||||||
## [22.03] 2022-03-02
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* apt: apt_hold_packages: broadcast message with wall, if present
|
|
||||||
* evolinux-base: option to bypass raid-related tasks
|
|
||||||
* Explicit permissions for systemd overrides
|
|
||||||
* generate-ldif: Add support for php-fpm in containers
|
|
||||||
* kvm-host: add missing default value
|
|
||||||
* lxc-php: preliminary support for PHP 8.1 container
|
|
||||||
* openvpn: now check that openvpn has been restarted since last certificates renewal
|
|
||||||
* redis: always install check_redis_instances
|
|
||||||
* redis: check_redis_instances tolerates absence of instances
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* elasticsearch: Use `/etc/elasticsearch/jvm.options.d/evolinux` instead of default `/etc/elasticsearch/jvm.options`
|
|
||||||
* evolinux-users: check permissions for /etc/sudoers.d
|
|
||||||
* evolinux-users: optimize sudo configuration
|
|
||||||
* lxc: Fail if /var is nosuid
|
|
||||||
* openvpn: make it compatible with OpenBSD and add some improvements
|
|
||||||
|
|
||||||
## [22.01.3] 2022-01-31
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* rbenv: install Ruby 3.1.0 by default
|
|
||||||
* evolinux-base: backup-server-state: add "force" mode
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
* evolinux-base: backup-server-state: fix systemctl invocation
|
|
||||||
* varnish: update munin plugin to work with recent varnish versions
|
|
||||||
|
|
||||||
## [22.01.2] 2022-01-27
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* evolinux-base: many improvements for backup-server-state script
|
|
||||||
* remount-usr: use findmnt to find if usr is a readonly partition
|
|
||||||
|
|
||||||
## [22.01] 2022-01-25
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* Support for Debian 11 « Bullseye » (with possible remaining blind spots)
|
|
||||||
* apache: new variable for MPM mode (+ updated default config accordingly)
|
|
||||||
* apache: prevent accessing Git or "env" related files
|
|
||||||
* certbot: add script for manual deploy hooks execution
|
|
||||||
* docker-host: install additional dependencies
|
|
||||||
* dovecot: switch to TLS 1.2+ and external DH params
|
|
||||||
* etc-git: centralize cron jobs in dedicated crontab
|
|
||||||
* etc-git: manage commits with an optimized shell script instead of many slow Ansible tasks
|
|
||||||
* evolinux-base: add script backup-server-state
|
|
||||||
* evolinux-base: configure top and htop to display the swap column
|
|
||||||
* evolinux-base: install molly-guard by default
|
|
||||||
* generate-ldif: detect RAID controller
|
|
||||||
* generate-ldif: detect mdadm
|
|
||||||
* listupgrade: crontab is configurable
|
|
||||||
* logstash: logging to syslog is configurable (default: True)
|
|
||||||
* mongodb: create munin plugins directory if missing
|
|
||||||
* munin: systemd override to unprotect home directory
|
|
||||||
* mysql: add evomariabackup 21.11
|
|
||||||
* mysql: improve Bullseye compatibility
|
|
||||||
* mysql: script "mysql_connections" to display a compact list of connections
|
|
||||||
* mysql: script "mysql-queries-killer.sh" to kill MySQL queries
|
|
||||||
* nagios-nrpe + evolinux-users: new check for ipmi
|
|
||||||
* nagios-nrpe + evolinux-users: new check for RAID (soft + hard)
|
|
||||||
* nagios-nrpe + evolinux-users: new checks for bkctld
|
|
||||||
* nagios-nrpe: new check influxdb
|
|
||||||
* openvpn: new role (beta)
|
|
||||||
* redis: instance service for Debian 11
|
|
||||||
* squid: add *.o.lencr.org to default whitelist
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* Change version pattern
|
|
||||||
* Install python 2 or 3 libraries according to running python version
|
|
||||||
* Remove embedded GPG keys only if legacy keyring is present
|
|
||||||
* apt: remove workaround for Evolix public repositories with Debian 11
|
|
||||||
* apt: upgrade packages after all the configuration is done
|
|
||||||
* apt: use the new security repository for Bullseye
|
|
||||||
* certbot: silence letsencrypt deprecation warnings
|
|
||||||
* elasticsearch: elastic_stack_version = 7.x
|
|
||||||
* evoacme: exclude renewal-hooks directory from cron
|
|
||||||
* evoadmin-web: simpler PHP packages lists
|
|
||||||
* evocheck: upstream release 21.10.4
|
|
||||||
* evolinux-base: alert5 comes after the network
|
|
||||||
* evolinux-base: force Debian version to buster for Evolix repository (temporary)
|
|
||||||
* evolinux-base: install freeipmi by default on dedicated hw
|
|
||||||
* evolinux-base: logs are rotated with dateext by default
|
|
||||||
* evolinux-base: split dpkg logrotate configuration
|
|
||||||
* evolinux-users + nagios-nrpe: Add support for php-fpm80 in lxc
|
|
||||||
* evomaintenance: extract a config.yml tasks file
|
|
||||||
* evomaintenance: upstream release 22.01
|
|
||||||
* filebeat/metricbeat: elastic_stack_version = 7.x
|
|
||||||
* kibana: elastic_stack_version = 7.x
|
|
||||||
* listupgrade: old-kernel-removal version 21.10
|
|
||||||
* listupgrade: upstream release 21.06.3
|
|
||||||
* logstash: elastic_stack_version = 7.x
|
|
||||||
* mongodb: Allow to specify a mongodb version for buster & bullseye
|
|
||||||
* mongodb: Deny the install on Debian 11 « Bullseye » when the version is unsupported
|
|
||||||
* mongodb: Support version 5.0 (for buster)
|
|
||||||
* mysql: use python3 and mariadb-client-10.5 with Debian 11 and later
|
|
||||||
* nodejs: default to version 16 LTS
|
|
||||||
* php: enforce Debian version with assert instead of fail
|
|
||||||
* squid: improve default whitelist (more specific patterns)
|
|
||||||
* squid: must be started in foreground mode for systemd
|
|
||||||
* squid: remove obsolete variable on Squid 4
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
* evolinux-base: fix alert5.service dependency syntax
|
|
||||||
* certbot: sync_remote excludes itself
|
|
||||||
* lxc-php: fix config for opensmtpd on bullseye containers
|
|
||||||
* mysql : Create a default ~root/.my.cnf for compatibility reasons
|
|
||||||
* nginx : fix variable name and debug to actually use nginx-light
|
|
||||||
* packweb-apache : Support php 8.0
|
|
||||||
* nagios-nrpe: Fix check_nfsserver for buster and bullseye
|
|
||||||
|
|
||||||
### Removed
|
|
||||||
|
|
||||||
* evocheck: package install is not supported anymore
|
|
||||||
* logstash: no more dependency on Java
|
|
||||||
* php: remove php-gettext for 7.4
|
|
||||||
|
|
||||||
## [10.6.0] 2021-06-28
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* Add Elastic GPG key to kibana, filebeat, logstash, metricbeat roles
|
|
||||||
* apache: new variable for mpm mode (+ updated default config accordingly)
|
|
||||||
* evolinux-base: add default motd template
|
|
||||||
* kvm-host: add migrate-vm script
|
|
||||||
* mysql: variable to disable myadd script overwrite (default: True)
|
|
||||||
* nodejs: update apt cache before installing the package
|
|
||||||
* squid: add Yarn apt repository in default whitelist
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* Update Galaxy metadata (company, platforms and galaxy_tags)
|
|
||||||
* Use 'loop' syntax instead of 'with_first_found/with_items/with_dict/with_nested/with_list'
|
|
||||||
* Use Ansible syntax used in Ansible 2.8+
|
|
||||||
* apt: store keys in /etc/apt/trusted.gpg.d in ascii format
|
|
||||||
* certbot: sync_remote.sh is configurable
|
|
||||||
* evolinux-base: copy GPG key instead of using apt-key
|
|
||||||
* evomaintenance: upstream release 0.6.4
|
|
||||||
* kvm-host: replace the "kvm-tools" package with scripts deployed by Ansible
|
|
||||||
* listupgrade: upstream release 21.06.2
|
|
||||||
* nodejs: change GPG key name
|
|
||||||
* ntpd: Add leapfile configuration setting to ntpd on debian 10+
|
|
||||||
* packweb-apache: install phpMyAdmin from buster-backports
|
|
||||||
* spamassassin: change dependency on evomaintenance
|
|
||||||
* squid: remove obsolete variable on Squid 4
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
* add default (useless) value for file lookup (first_found)
|
|
||||||
* fix pipefail option for shell invocations
|
|
||||||
* elasticsearch: inline YAML formatting of seed_hosts and initial_master_nodes
|
|
||||||
* evolinux-base: fix motd lookup path
|
|
||||||
* ldap: fix edge cases where passwords were not set/get properly
|
|
||||||
* listupgrade: fix wget error + shellcheck cleanup
|
|
||||||
|
|
||||||
### Removed
|
|
||||||
|
|
||||||
* elasticsearch: recent versiond don't depend on external JRE
|
|
||||||
|
|
||||||
## [10.5.1] 2021-04-13
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* haproxy: dedicated internal address/binding (without SSL)
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* etc-git: commit in /usr/share/scripts when there's an active repository
|
|
||||||
|
|
||||||
## [10.5.0] 2021-04-01
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* apache: new variables for logrotate + server-status
|
|
||||||
* filebeat: package can be upgraded to latest (default: False)
|
|
||||||
* haproxy: possible admin access with login/pass
|
|
||||||
* lxc-php: Add PHP 7.4 support
|
|
||||||
* metricbeat: package can be upgraded to latest (default: False)
|
|
||||||
* metricbeat: new variables to configure SSL mode
|
|
||||||
* nagios-nrpe: new script check_phpfpm_multi
|
|
||||||
* nginx: add access to server status on default VHost
|
|
||||||
* postfix: add smtpd_relay_restrictions in configuration
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* apache: rotate logs daily instead of weekly
|
|
||||||
* apache: deny requests to ^/evolinux_fpm_status-.*
|
|
||||||
* certbot: use a fixed 1.9.0 version of the certbot-auto script (renamed "letsencrypt-auto")
|
|
||||||
* certbot: use the legacy script on Debian 8 and 9
|
|
||||||
* elasticsearch: log rotation is more readable/maintainable
|
|
||||||
* evoacme: upstream release 21.01
|
|
||||||
* evolinux-users: Add sudo rights for nagios for multi-php lxc
|
|
||||||
* listupgrade: update script from upstream
|
|
||||||
* minifirewall: change some defaults
|
|
||||||
* nagios-nrpe: update check_phpfpm_status.pl & install perl dependencies
|
|
||||||
* redis: use /run instead or /var/run
|
|
||||||
* redis: escape password in Munin configuration
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
* bind9: added log files to apparmor definition so bind can run
|
|
||||||
* filebeat: fix Ansible syntax error
|
|
||||||
* nagios-nrpe: libfcgi-client-perl is not available before Debian 10
|
|
||||||
* redis: socket/pid directories have the correct permissions
|
|
||||||
|
|
||||||
### Removed
|
|
||||||
|
|
||||||
* nginx: no more "minimal" mode, but the package remains customizable.
|
|
||||||
|
|
||||||
## [10.4.0] 2020-12-24
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
* certbot: detect domains if missing
|
|
||||||
* certbot: new "sync_remote.sh" hook to sync certificates and execute hooks on remote servers
|
|
||||||
* varnish: variable for jail configuration
|
|
||||||
|
|
||||||
### Changed
|
|
||||||
|
|
||||||
* certbot: disable auth for Let's Encrypt challenge
|
|
||||||
* nginx: change from "nginx_status-XXX" to "server-status-XXX"
|
|
||||||
|
|
||||||
## [10.3.0] 2020-12-21
|
## [10.3.0] 2020-12-21
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* bookworm-detect: transitional role to help dealing with unreleased bookworm version
|
|
||||||
* dovecot: Update munin plugin & configure it
|
* dovecot: Update munin plugin & configure it
|
||||||
* dovecot: vmail uid/gid are configurable
|
* dovecot: vmail uid/gid are configurable
|
||||||
* evoacme: variable to disable Debian version check (default: False)
|
* evoacme: variable to disable Debian version check (default: False)
|
||||||
|
@ -971,7 +141,6 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
## [10.0.0] - 2020-05-13
|
## [10.0.0] - 2020-05-13
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* apache: the default VHost doesn't redirect to https for ".well-known" paths
|
* apache: the default VHost doesn't redirect to https for ".well-known" paths
|
||||||
* apt: added buster backports prerferences
|
* apt: added buster backports prerferences
|
||||||
* apt: check if cron is installed before adding a cron job
|
* apt: check if cron is installed before adding a cron job
|
||||||
|
@ -1008,7 +177,6 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* bind: enable bind9 munin plugin for recursive resolvers
|
* bind: enable bind9 munin plugin for recursive resolvers
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* replace version_compare() with version()s
|
* replace version_compare() with version()s
|
||||||
* removed some deprecations for Ansible 2.7
|
* removed some deprecations for Ansible 2.7
|
||||||
* apache: improve permissions in save_apache_status script
|
* apache: improve permissions in save_apache_status script
|
||||||
|
@ -1054,7 +222,6 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* varnish: remove custom ExecReload= script for Debian 10+
|
* varnish: remove custom ExecReload= script for Debian 10+
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* etc-git: fix warnings ansible-lint
|
* etc-git: fix warnings ansible-lint
|
||||||
* evoadmin-web: Put the php config at the right place for Buster
|
* evoadmin-web: Put the php config at the right place for Buster
|
||||||
* lxc: Don't stop the container if it already exists
|
* lxc: Don't stop the container if it already exists
|
||||||
|
@ -1077,19 +244,16 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* packweb-apache: Don't try to install PHPMyAdmin on Buster as it's not available
|
* packweb-apache: Don't try to install PHPMyAdmin on Buster as it's not available
|
||||||
|
|
||||||
### Removed
|
### Removed
|
||||||
|
|
||||||
* clamav : do not install the zoo package anymore
|
* clamav : do not install the zoo package anymore
|
||||||
|
|
||||||
## [9.10.1] - 2019-06-21
|
## [9.10.1] - 2019-06-21
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* evocheck : update (version 19.06) from upstream
|
* evocheck : update (version 19.06) from upstream
|
||||||
|
|
||||||
## [9.10.0] - 2019-06-21
|
## [9.10.0] - 2019-06-21
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* apache: add server status suffix in VHost (and default site) if missing
|
* apache: add server status suffix in VHost (and default site) if missing
|
||||||
* apache: add a variable to customize the server-status host
|
* apache: add a variable to customize the server-status host
|
||||||
* apt: add a script to manage packages with "hold" mark
|
* apt: add a script to manage packages with "hold" mark
|
||||||
|
@ -1100,7 +264,6 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* redmine: enable gzip compression in nginx vhost
|
* redmine: enable gzip compression in nginx vhost
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* evocheck : update (unreleased) from upstream
|
* evocheck : update (unreleased) from upstream
|
||||||
* evomaintenance : use the web API instead of PG Insert
|
* evomaintenance : use the web API instead of PG Insert
|
||||||
* fluentd: store gpg key locally
|
* fluentd: store gpg key locally
|
||||||
|
@ -1113,26 +276,23 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* apt: Add Debian Buster repositories
|
* apt: Add Debian Buster repositories
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* rbenv: add check_mode for check rbenv and ruby versions
|
* rbenv: add check_mode for check rbenv and ruby versions
|
||||||
* nagios-nrpe: fix redis_instances check when Redis port equal 0
|
* nagios-nrpe: fix redis_instances check when Redis port equal 0
|
||||||
* redmine: fix 500 error on logging
|
* redmine: fix 500 error on logging
|
||||||
* evolinux-base: Validate sshd config with "-t" instead of "-T"
|
* evolinux-base: Validate sshd config with "-t" instead of "-T"
|
||||||
* evolinux-base: Ensure rename is present
|
* evolinux-base: Ensure rename is present
|
||||||
* evolinux-users: Validate sshd config with "-t" instead of "-T"
|
* evolinux-users: Validate sshd config with "-t" instead of "-T"
|
||||||
* nagios-nrpe: Replace the dummy packages nagios-plugins-*with monitoring-plugins-*
|
* nagios-nrpe: Replace the dummy packages nagios-plugins-* with monitoring-plugins-*
|
||||||
|
|
||||||
## [9.9.0] - 2019-04-16
|
## [9.9.0] - 2019-04-16
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* etc-git: ignore evobackup/.keep-* files
|
* etc-git: ignore evobackup/.keep-* files
|
||||||
* lxc: /home is mounted in the container by default
|
* lxc: /home is mounted in the container by default
|
||||||
* nginx : add "x-frame-options: sameorigin" for Munin
|
* nginx : add "x-frame-options: sameorigin" for Munin
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
* changed remote repository to https://gitea.evolix.org/evolix/ansible-roles
|
||||||
* changed remote repository to <https://gitea.evolix.org/evolix/ansible-roles>
|
|
||||||
* apt: Ensure jessie-backport from archives.debian.org is accepted
|
* apt: Ensure jessie-backport from archives.debian.org is accepted
|
||||||
* apt: Remove jessie-update suite as it's no longer exists
|
* apt: Remove jessie-update suite as it's no longer exists
|
||||||
* apt: Replace mirror.evolix.org by archives.debian.org for jessie-backport
|
* apt: Replace mirror.evolix.org by archives.debian.org for jessie-backport
|
||||||
|
@ -1145,8 +305,8 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* tomcat: better tomcat version management
|
* tomcat: better tomcat version management
|
||||||
* webapps/evoadmin-web: add dbadmin.sh to sudoers file
|
* webapps/evoadmin-web: add dbadmin.sh to sudoers file
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
|
### Fixed
|
||||||
* spamassasin: fix sa-update.sh and ensure service is started and enabled
|
* spamassasin: fix sa-update.sh and ensure service is started and enabled
|
||||||
* tomcat-instance: deploy correct version of config files
|
* tomcat-instance: deploy correct version of config files
|
||||||
* tomcat-instance: deploy correct version of server.xml
|
* tomcat-instance: deploy correct version of server.xml
|
||||||
|
@ -1154,24 +314,20 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
## [9.8.0] - 2019-01-31
|
## [9.8.0] - 2019-01-31
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* filebeat: disable cloud_metadata processor by default
|
* filebeat: disable cloud_metadata processor by default
|
||||||
* metricbeat: disable cloud_metadata processor by default
|
* metricbeat: disable cloud_metadata processor by default
|
||||||
* percona : new role to install Percona repositories and tools
|
* percona : new role to install Percona repositories and tools
|
||||||
* redis: add variable for configure unixsocketperm
|
* redis: add variable for configure unixsocketperm
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* redmine: refactoring of redmine role with use of rbenv
|
* redmine: refactoring of redmine role with use of rbenv
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* ntpd: Update the restrictions to follow wiki.evolix.org/HowtoNTP client config
|
* ntpd: Update the restrictions to follow wiki.evolix.org/HowtoNTP client config
|
||||||
|
|
||||||
## [9.7.0] - 2019-01-17
|
## [9.7.0] - 2019-01-17
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* apache: add Munin configuration for Apache server-status URL
|
* apache: add Munin configuration for Apache server-status URL
|
||||||
* evomaintenance: database variables must be set or the task fails
|
* evomaintenance: database variables must be set or the task fails
|
||||||
* fail2ban: add "ips" tag added to fail2ban/tasks/ip_whitelist.yml
|
* fail2ban: add "ips" tag added to fail2ban/tasks/ip_whitelist.yml
|
||||||
|
@ -1184,7 +340,6 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* proftpd: add FTPS and SFTP support
|
* proftpd: add FTPS and SFTP support
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* redis: distinction between main and master password
|
* redis: distinction between main and master password
|
||||||
* evocheck: update evocheck.sh for source install
|
* evocheck: update evocheck.sh for source install
|
||||||
* php: added php-zip in the installed package list for debian 9 (and later)
|
* php: added php-zip in the installed package list for debian 9 (and later)
|
||||||
|
@ -1192,7 +347,6 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* java: update Oracle java package to 8u192
|
* java: update Oracle java package to 8u192
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* fail2ban: fix "ignoreip" update
|
* fail2ban: fix "ignoreip" update
|
||||||
* metricbeat: fix username/password replacement
|
* metricbeat: fix username/password replacement
|
||||||
* nagios-nrpe: check_process now return the error code (making the check more usefull than /bin/true)
|
* nagios-nrpe: check_process now return the error code (making the check more usefull than /bin/true)
|
||||||
|
@ -1201,17 +355,16 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* redis: In instance mode, ensure to replace the nrpe check_redis with the instance check script
|
* redis: In instance mode, ensure to replace the nrpe check_redis with the instance check script
|
||||||
* redis: Don't set the owner of /var/{lib,log}/redis to a redis instance account
|
* redis: Don't set the owner of /var/{lib,log}/redis to a redis instance account
|
||||||
|
|
||||||
|
|
||||||
## [9.6.0] - 2018-12-04
|
## [9.6.0] - 2018-12-04
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* evolinux-base: deploy custom motd if template are present
|
* evolinux-base: deploy custom motd if template are present
|
||||||
* minifirewall: all variables are configurable (untouched by default)
|
* minifirewall: all variables are configurable (untouched by default)
|
||||||
* minifirewall: main file is configurable
|
* minifirewall: main file is configurable
|
||||||
* squid: minifirewall main file is configurable
|
* squid: minifirewall main file is configurable
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* minifirewall: compare config before/after (for restart condition)
|
* minifirewall: compare config before/after (for restart condition)
|
||||||
* squid: better replacement in minifirewall config
|
* squid: better replacement in minifirewall config
|
||||||
* evoadmin-mail: complete refactoring, use Debian Package
|
* evoadmin-mail: complete refactoring, use Debian Package
|
||||||
|
@ -1219,7 +372,6 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
## [9.5.0] - 2018-11-14
|
## [9.5.0] - 2018-11-14
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* apache: separate task to update IP whitelist
|
* apache: separate task to update IP whitelist
|
||||||
* evolinux-base: install man package
|
* evolinux-base: install man package
|
||||||
* evolinux-users: add newaliases handler
|
* evolinux-users: add newaliases handler
|
||||||
|
@ -1233,13 +385,11 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* mysql: logdir can be customized
|
* mysql: logdir can be customized
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* evocheck: update script from upstream
|
* evocheck: update script from upstream
|
||||||
* evomaintenance: update script from upstream
|
* evomaintenance: update script from upstream
|
||||||
* mysql: restart service if systemd unit has been patched
|
* mysql: restart service if systemd unit has been patched
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* packweb-apache: mod-security config is already included elsewhere
|
* packweb-apache: mod-security config is already included elsewhere
|
||||||
* redis: for permissions on log and lib directories
|
* redis: for permissions on log and lib directories
|
||||||
* redis: fix shell for instance users
|
* redis: fix shell for instance users
|
||||||
|
@ -1248,16 +398,13 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
## [9.4.2] - 2018-10-12
|
## [9.4.2] - 2018-10-12
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* evomaintenance: install dependencies manually when installing vendored version
|
* evomaintenance: install dependencies manually when installing vendored version
|
||||||
* nagios-nrpe: add an option to ignore servers in NOLB status
|
* nagios-nrpe: add an option to ignore servers in NOLB status
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* haproxy: move check_haproxy_stats to nagios-nrpe role
|
* haproxy: move check_haproxy_stats to nagios-nrpe role
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* evoacme: better error when apache2ctl fails
|
* evoacme: better error when apache2ctl fails
|
||||||
* evomaintenance: fix role compatibility with OpenBSD
|
* evomaintenance: fix role compatibility with OpenBSD
|
||||||
* spamassassin: add missing right for amavis
|
* spamassassin: add missing right for amavis
|
||||||
|
@ -1266,19 +413,16 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
## [9.4.1] - 2018-09-28
|
## [9.4.1] - 2018-09-28
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* redis: set masterauth when redis_password is defined
|
* redis: set masterauth when redis_password is defined
|
||||||
* evomaintenance: variable to install a vendored version
|
* evomaintenance: variable to install a vendored version
|
||||||
* evomaintenance: tasks/variables to handle minifirewall restarts
|
* evomaintenance: tasks/variables to handle minifirewall restarts
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* mysql-oracle: better handle packages and users
|
* mysql-oracle: better handle packages and users
|
||||||
|
|
||||||
## [9.4.0] - 2018-09-20
|
## [9.4.0] - 2018-09-20
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* etc-git: manage a cron job to monitor uncommited changes in /etc/.git (default: `True`)
|
* etc-git: manage a cron job to monitor uncommited changes in /etc/.git (default: `True`)
|
||||||
* evolinux-base: better shell history
|
* evolinux-base: better shell history
|
||||||
* evolinux-users: add user to /etc/aliases
|
* evolinux-users: add user to /etc/aliases
|
||||||
|
@ -1293,11 +437,9 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* nagios-nrpe: add check_redis_instances
|
* nagios-nrpe: add check_redis_instances
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* dovecot: stronger TLS configuration
|
* dovecot: stronger TLS configuration
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* apache: cleaner way to overwrite the server status suffix
|
* apache: cleaner way to overwrite the server status suffix
|
||||||
* packweb-apache: don't regenerate phpMyAdmin suffix each time
|
* packweb-apache: don't regenerate phpMyAdmin suffix each time
|
||||||
* nginx: cleaner way to overwrite the server status suffix
|
* nginx: cleaner way to overwrite the server status suffix
|
||||||
|
@ -1306,13 +448,11 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
## [9.3.2] - 2018-09-06
|
## [9.3.2] - 2018-09-06
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* minifirewall: add a variable to disable the restart handler
|
* minifirewall: add a variable to disable the restart handler
|
||||||
* minifirewall: add a variable to force a restart of the firewall (even with no change)
|
* minifirewall: add a variable to force a restart of the firewall (even with no change)
|
||||||
* minifirewall: improve variables values and documentation
|
* minifirewall: improve variables values and documentation
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* dovecot: enable SSL/TLS by default with snakeoil certificate
|
* dovecot: enable SSL/TLS by default with snakeoil certificate
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
@ -1322,13 +462,11 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
## [9.3.1] - 2018-08-30
|
## [9.3.1] - 2018-08-30
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* metricbeat: new variables to configure elasticsearch hosts and auth
|
* metricbeat: new variables to configure elasticsearch hosts and auth
|
||||||
|
|
||||||
## [9.3.0] - 2018-08-24
|
## [9.3.0] - 2018-08-24
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* elasticsearch: tmpdir configuration compatible with 5.x also
|
* elasticsearch: tmpdir configuration compatible with 5.x also
|
||||||
* elasticsearch: add http.publish_host variable
|
* elasticsearch: add http.publish_host variable
|
||||||
* evoacme: disable old certbot cron also in cron.daily
|
* evoacme: disable old certbot cron also in cron.daily
|
||||||
|
@ -1349,7 +487,6 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* nagios-nrpe: add check_postgrey
|
* nagios-nrpe: add check_postgrey
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* etc-git: some entries of .gitignore are mandatory
|
* etc-git: some entries of .gitignore are mandatory
|
||||||
* evocheck: update upstream script
|
* evocheck: update upstream script
|
||||||
* evolinux-base: improve hostname configuration (real vs. internal)
|
* evolinux-base: improve hostname configuration (real vs. internal)
|
||||||
|
@ -1368,7 +505,6 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* kvm-host: install kvm-tools package instead of copying add-vm.sh
|
* kvm-host: install kvm-tools package instead of copying add-vm.sh
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* apache: logrotate replacement is more subtle/precise. It replaces only the proper directive and not every occurence of the word.
|
* apache: logrotate replacement is more subtle/precise. It replaces only the proper directive and not every occurence of the word.
|
||||||
* bind: chroot-bind.sh must not be executed in check mode
|
* bind: chroot-bind.sh must not be executed in check mode
|
||||||
* evoacme: fix module detection in apache config
|
* evoacme: fix module detection in apache config
|
||||||
|
@ -1380,14 +516,12 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
## [9.2.0] - 2018-05-16
|
## [9.2.0] - 2018-05-16
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* filebeat: install version 6.x by default
|
* filebeat: install version 6.x by default
|
||||||
* filebeat: cleanup unused code
|
* filebeat: cleanup unused code
|
||||||
* squid: add some domaine and fix broken restrictions
|
* squid: add some domaine and fix broken restrictions
|
||||||
* elasticsearch: defaults to version 6.x
|
* elasticsearch: defaults to version 6.x
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* evolinux-users: secondary groups are comma-separated
|
* evolinux-users: secondary groups are comma-separated
|
||||||
* ntpd: fix configuration (server and ACL)
|
* ntpd: fix configuration (server and ACL)
|
||||||
* varnish: don't fork the process on startup with systemd
|
* varnish: don't fork the process on startup with systemd
|
||||||
|
@ -1397,7 +531,6 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* apache: customize logrotate (52 weeks)
|
* apache: customize logrotate (52 weeks)
|
||||||
* evolinux: groups for SSH configuration are used with Debian 10 and later
|
* evolinux: groups for SSH configuration are used with Debian 10 and later
|
||||||
* evolinux-base: fail2ban is not enabled by default
|
* evolinux-base: fail2ban is not enabled by default
|
||||||
|
@ -1409,11 +542,9 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
## [9.1.8] - 2018-04-16
|
## [9.1.8] - 2018-04-16
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* packweb-apache: use dependencies instead of include_role for apache and php roles
|
* packweb-apache: use dependencies instead of include_role for apache and php roles
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* mysql: use check_mode for apg command (Fix --check)
|
* mysql: use check_mode for apg command (Fix --check)
|
||||||
* mysql/mysql-oracle: properly reload systemd
|
* mysql/mysql-oracle: properly reload systemd
|
||||||
* packweb-apache: use check_mode for apg command (Fix --check)
|
* packweb-apache: use check_mode for apg command (Fix --check)
|
||||||
|
@ -1421,7 +552,6 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
## [9.1.7] - 2018-04-06
|
## [9.1.7] - 2018-04-06
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* added a few become attributes where missing
|
* added a few become attributes where missing
|
||||||
* etc-git: add tags for Ansible
|
* etc-git: add tags for Ansible
|
||||||
* evolinux-base: install ncurses-term package
|
* evolinux-base: install ncurses-term package
|
||||||
|
@ -1439,7 +569,6 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* redmine: added missing tags
|
* redmine: added missing tags
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* elasticsearch: RESTART_ON_UPGRADE is configurable (default: `true`)
|
* elasticsearch: RESTART_ON_UPGRADE is configurable (default: `true`)
|
||||||
* elasticsearch: use ES_TMPDIR variable for custom tmpdir, (from `/etc/default/elasticsearch` instead of changing `/etc/elesticsearch/jvm.options`).
|
* elasticsearch: use ES_TMPDIR variable for custom tmpdir, (from `/etc/default/elasticsearch` instead of changing `/etc/elesticsearch/jvm.options`).
|
||||||
* evolinux-base: Exec the firewall tasks sooner (to avoid dependency issues)
|
* evolinux-base: Exec the firewall tasks sooner (to avoid dependency issues)
|
||||||
|
@ -1455,7 +584,6 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* webapps/evoadmin-web: Fail if variable evoadmin_contact_email isn't defined
|
* webapps/evoadmin-web: Fail if variable evoadmin_contact_email isn't defined
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* dovecot: fix support of plus sign
|
* dovecot: fix support of plus sign
|
||||||
* mysql/mysql-oracle: mysqltuner cron task is executable
|
* mysql/mysql-oracle: mysqltuner cron task is executable
|
||||||
* nginx: fix basic auth for default vhost
|
* nginx: fix basic auth for default vhost
|
||||||
|
@ -1464,25 +592,21 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
## [9.1.6] - 2018-02-02
|
## [9.1.6] - 2018-02-02
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* mongodb: install python-pymongo for monitoring
|
* mongodb: install python-pymongo for monitoring
|
||||||
* nagios-nrpe: allowed_hosts can be updated
|
* nagios-nrpe: allowed_hosts can be updated
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* Changelog: explain the versioning scheme
|
* Changelog: explain the versioning scheme
|
||||||
* Changelog: add a release date for 9.1.5
|
* Changelog: add a release date for 9.1.5
|
||||||
* evoacme: exclude typical certbot directories
|
* evoacme: exclude typical certbot directories
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* fail2ban: fix horrible typo, Python is not Ruby
|
* fail2ban: fix horrible typo, Python is not Ruby
|
||||||
* nginx: fix servers status dirname
|
* nginx: fix servers status dirname
|
||||||
|
|
||||||
## [9.1.5] - 2018-01-18
|
## [9.1.5] - 2018-01-18
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* There is a changelog!
|
* There is a changelog!
|
||||||
* redis: configuration variable for protected mode (v3.2+)
|
* redis: configuration variable for protected mode (v3.2+)
|
||||||
* evolinux-users: users are in "adm" group for Debian 9 or later
|
* evolinux-users: users are in "adm" group for Debian 9 or later
|
||||||
|
@ -1494,49 +618,41 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* redmine: ability to install themes and plugins
|
* redmine: ability to install themes and plugins
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* rbenv: Ruby 2.5 becomes the default version
|
* rbenv: Ruby 2.5 becomes the default version
|
||||||
* evocheck: update upstream version embedded in role (c993244)
|
* evocheck: update upstream version embedded in role (c993244)
|
||||||
* bind: keep 52 weeks of logs
|
* bind: keep 52 weeks of logs
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* squid: different logrotate file for Jessie or Stretch+
|
* squid: different logrotate file for Jessie or Stretch+
|
||||||
* evoacme: don't invoke evoacme if no vhost is found
|
* evoacme: don't invoke evoacme if no vhost is found
|
||||||
* evomaintenance: explicit quotes in config file
|
* evomaintenance: explicit quotes in config file
|
||||||
* redmine: force xpath gem < 3.0.0
|
* redmine: force xpath gem < 3.0.0
|
||||||
|
|
||||||
### Security
|
### Security
|
||||||
|
|
||||||
* evomaintenance: fix permissions for config file
|
* evomaintenance: fix permissions for config file
|
||||||
|
|
||||||
## [9.1.4] - 2017-12-20
|
## [9.1.4] - 2017-12-20
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* php: install php5-intl (for Jessie) and php-intl (for Debian 9 or later)
|
* php: install php5-intl (for Jessie) and php-intl (for Debian 9 or later)
|
||||||
* mysql: add a check_mysql_slave in nrpe configuration
|
* mysql: add a check_mysql_slave in nrpe configuration
|
||||||
* ldap: slapd tcp port is configurable
|
* ldap: slapd tcp port is configurable
|
||||||
* elasticsearch: broader patterns for log rotation
|
* elasticsearch: broader patterns for log rotation
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* split IP lists in 2 – default and additional – for easier customization.
|
* split IP lists in 2 – default and additional – for easier customization.
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* minifirewall: allow outgoing SSH connections over IPv6
|
* minifirewall: allow outgoing SSH connections over IPv6
|
||||||
* nodejs: rename source.list file
|
* nodejs: rename source.list file
|
||||||
|
|
||||||
### Security
|
### Security
|
||||||
|
|
||||||
* evoadmin-web: change config.local.php file permissions
|
* evoadmin-web: change config.local.php file permissions
|
||||||
* evolinux-base: change default_www file permissions
|
* evolinux-base: change default_www file permissions
|
||||||
|
|
||||||
## [9.1.3] 2017-12-08
|
## [9.1.3] 2017-12-08
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* evolinux-base: install traceroute package
|
* evolinux-base: install traceroute package
|
||||||
* evolinux-base/ntpd: purge openntpd
|
* evolinux-base/ntpd: purge openntpd
|
||||||
* tomcat: add Tomcat 8 cmpatibility
|
* tomcat: add Tomcat 8 cmpatibility
|
||||||
|
@ -1548,7 +664,6 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* elastic: option for stack main version
|
* elastic: option for stack main version
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* nginx: rename Let's Encrypt snippet
|
* nginx: rename Let's Encrypt snippet
|
||||||
* nginx: simpler apt preferences for backports
|
* nginx: simpler apt preferences for backports
|
||||||
* generate-ldif: add clamd service instead of clamav_db
|
* generate-ldif: add clamd service instead of clamav_db
|
||||||
|
@ -1560,12 +675,10 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
* mongodb: comatible with Stretch
|
* mongodb: comatible with Stretch
|
||||||
|
|
||||||
### Removed
|
### Removed
|
||||||
|
|
||||||
* mongodb: logfile/pidfile are not configurable on Jessie
|
* mongodb: logfile/pidfile are not configurable on Jessie
|
||||||
* minifirewall: remove zidane.evolix.net from HTTPSITES
|
* minifirewall: remove zidane.evolix.net from HTTPSITES
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* nginx: fix munin CGI graphs
|
* nginx: fix munin CGI graphs
|
||||||
* ntpd: fix default configuration (localhost only)
|
* ntpd: fix default configuration (localhost only)
|
||||||
* logstash: fix permissions on pipeline configuration
|
* logstash: fix permissions on pipeline configuration
|
||||||
|
@ -1576,17 +689,14 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
## [9.1.2] 2017-12-05
|
## [9.1.2] 2017-12-05
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* listupgrade: remount /usr as rw
|
* listupgrade: remount /usr as rw
|
||||||
|
|
||||||
## [9.1.1] 2017-11-21
|
## [9.1.1] 2017-11-21
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* amazon-ec2: add egress rules
|
* amazon-ec2: add egress rules
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* evoacme: fix multiple bugs
|
* evoacme: fix multiple bugs
|
||||||
|
|
||||||
## [9.1.0] 2017-11-19
|
## [9.1.0] 2017-11-19
|
||||||
|
@ -1594,7 +704,6 @@ The **patch** part is incremented if multiple releases happen the same month
|
||||||
_Warning: huge release, many entries are missing below._
|
_Warning: huge release, many entries are missing below._
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* amazon-ec2: new role, for EC2 instances creation
|
* amazon-ec2: new role, for EC2 instances creation
|
||||||
* Move /usr rw remount into remount-usr role
|
* Move /usr rw remount into remount-usr role
|
||||||
* kibana: host and basepath configuration
|
* kibana: host and basepath configuration
|
||||||
|
@ -1605,7 +714,6 @@ _Warning: huge release, many entries are missing below._
|
||||||
* nagios-nrpe: add opendkim check
|
* nagios-nrpe: add opendkim check
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* Combine evolix and additional trusted IP addresses
|
* Combine evolix and additional trusted IP addresses
|
||||||
* amazon-ec2: split tasks
|
* amazon-ec2: split tasks
|
||||||
* apt: don't upgrade by default
|
* apt: don't upgrade by default
|
||||||
|
@ -1616,7 +724,6 @@ _Warning: huge release, many entries are missing below._
|
||||||
* ldap: better variables
|
* ldap: better variables
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* fail2ban: create config hierarchy beforehand
|
* fail2ban: create config hierarchy beforehand
|
||||||
* elasticsearch: fix datadir/tmpdir conditions
|
* elasticsearch: fix datadir/tmpdir conditions
|
||||||
* elastic: remove double ".list" suffix
|
* elastic: remove double ".list" suffix
|
||||||
|
@ -1627,10 +734,10 @@ _Warning: huge release, many entries are missing below._
|
||||||
|
|
||||||
### Security
|
### Security
|
||||||
|
|
||||||
|
|
||||||
## [9.0.1] 2017-10-02
|
## [9.0.1] 2017-10-02
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
* haproxy: add a Nagios check
|
* haproxy: add a Nagios check
|
||||||
* php: add "sury" mode for PHP 7.1 on Stretch
|
* php: add "sury" mode for PHP 7.1 on Stretch
|
||||||
* minifirewall: explicit dependency on iptables
|
* minifirewall: explicit dependency on iptables
|
||||||
|
@ -1638,11 +745,9 @@ _Warning: huge release, many entries are missing below._
|
||||||
* docker-host: new variable for docker home
|
* docker-host: new variable for docker home
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* php: install php5/php package after fpm/libapache2-mod-php
|
* php: install php5/php package after fpm/libapache2-mod-php
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
* mysql: add "REPLICATION CLIENT" privilege for nrpe
|
* mysql: add "REPLICATION CLIENT" privilege for nrpe
|
||||||
* evoadmin-web: revert from variables to keywords in the templates
|
* evoadmin-web: revert from variables to keywords in the templates
|
||||||
* evoacme: many fixes
|
* evoacme: many fixes
|
||||||
|
|
|
@ -50,8 +50,6 @@ Before starting anything of importance, we suggest contacting us to discuss what
|
||||||
|
|
||||||
Our conventions are available in the "ansible-public":https://gitea.evolix.org/evolix/ansible-public repository, in the CONVENTIONS.md file.
|
Our conventions are available in the "ansible-public":https://gitea.evolix.org/evolix/ansible-public repository, in the CONVENTIONS.md file.
|
||||||
|
|
||||||
All modifications should be documented in the CHANGELOG file, to help review releases. We encourage atomic commits, on a single role, and with the CHANGELOG in the same commit.
|
|
||||||
|
|
||||||
## Workflow
|
## Workflow
|
||||||
|
|
||||||
The ideal and most typical workflow is to create a branch, based on the "unstable" branch. The branch should have a descriptive name (a ticket/issue number is great). The branch can be treated as a pull-request or merge-request. It should be propery tested and reviewed before merging into "unstable".
|
The ideal and most typical workflow is to create a branch, based on the "unstable" branch. The branch should have a descriptive name (a ticket/issue number is great). The branch can be treated as a pull-request or merge-request. It should be propery tested and reviewed before merging into "unstable".
|
||||||
|
|
|
@ -1,5 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
ldap_hostname: "{{ ansible_hostname }}"
|
|
||||||
ldap_domain: "{{ ansible_domain }}"
|
|
||||||
ldap_suffix: "dc={{ ldap_hostname }},dc={{ ldap_domain.split('.')[-2] }},dc={{ ldap_domain.split('.')[-1] }}"
|
|
|
@ -1,2 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
find /var/lib/amavis/virusmails/ -type f -mtime +30 -delete
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
- name: restart amavis
|
- name: restart amavis
|
||||||
ansible.builtin.service:
|
service:
|
||||||
name: amavis
|
name: amavis
|
||||||
state: restarted
|
state: restarted
|
||||||
|
|
|
@ -1,27 +1,18 @@
|
||||||
---
|
---
|
||||||
- name: install Amavis
|
- name: install Amavis
|
||||||
ansible.builtin.apt:
|
apt:
|
||||||
name:
|
name:
|
||||||
- postgrey
|
- postgrey
|
||||||
- amavisd-new
|
- amavisd-new
|
||||||
state: present
|
state: present
|
||||||
tags:
|
tags:
|
||||||
- amavis
|
- amavis
|
||||||
|
|
||||||
- name: configure Amavis
|
- name: configure Amavis
|
||||||
ansible.builtin.template:
|
template:
|
||||||
src: amavis.conf.j2
|
src: amavis.conf.j2
|
||||||
dest: /etc/amavis/conf.d/49-evolinux-defaults
|
dest: /etc/amavis/conf.d/49-evolinux-defaults
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
notify: restart amavis
|
notify: restart amavis
|
||||||
tags:
|
tags:
|
||||||
- amavis
|
- amavis
|
||||||
|
|
||||||
- name: Install purge custom cron
|
|
||||||
ansible.builtin.copy:
|
|
||||||
src: amavis_purge_virusmails
|
|
||||||
dest: /etc/cron.daily/amavis_purge_virusmails
|
|
||||||
mode: "0755"
|
|
||||||
tags:
|
|
||||||
- amavis
|
|
||||||
- amavis_purge_cron
|
|
||||||
|
|
|
@ -39,12 +39,12 @@ $sa_spam_subject_tag = '[SPAM]';
|
||||||
$log_level = 2;
|
$log_level = 2;
|
||||||
|
|
||||||
# En fonction besoin/ressources, on a juste le nbre de process
|
# En fonction besoin/ressources, on a juste le nbre de process
|
||||||
$max_servers = 3;
|
$max_servers = 2;
|
||||||
|
|
||||||
$enable_ldap = 1;
|
$enable_ldap = 1;
|
||||||
$default_ldap = {
|
$default_ldap = {
|
||||||
hostname => '127.0.0.1', tls => 0,
|
hostname => '127.0.0.1', tls => 0,
|
||||||
base => '{{ ldap_suffix | mandatory }}', scope => 'sub',
|
base => '{{ ldap_suffix }}', scope => 'sub',
|
||||||
query_filter => '(&(mailacceptinggeneralid=%m)(isActive=TRUE))'
|
query_filter => '(&(mailacceptinggeneralid=%m)(isActive=TRUE))'
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -9,16 +9,16 @@
|
||||||
aws_region: ca-central-1
|
aws_region: ca-central-1
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- ansible.builtin.include_role:
|
- include_role:
|
||||||
name: evolix/amazon-ec2
|
name: evolix/amazon-ec2
|
||||||
tasks_from: setup.yml
|
tasks_from: setup.yml
|
||||||
- ansible.builtin.include_role:
|
- include_role:
|
||||||
name: evolix/amazon-ec2
|
name: evolix/amazon-ec2
|
||||||
tasks_from: create-instance.yml
|
tasks_from: create-instance.yml
|
||||||
|
|
||||||
- name: Install Evolinux
|
- name: Install Evolinux
|
||||||
hosts: launched-instances
|
hosts: launched-instances
|
||||||
become: true
|
become: yes
|
||||||
|
|
||||||
vars_files:
|
vars_files:
|
||||||
- 'vars/secrets.yml'
|
- 'vars/secrets.yml'
|
||||||
|
@ -51,7 +51,7 @@
|
||||||
- mysql
|
- mysql
|
||||||
|
|
||||||
post_tasks:
|
post_tasks:
|
||||||
- ansible.builtin.include_role:
|
- include_role:
|
||||||
name: evolix/etc-git
|
name: evolix/etc-git
|
||||||
tasks_from: commit.yml
|
tasks_from: commit.yml
|
||||||
vars:
|
vars:
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Launch new instance(s)
|
- name: Launch new instance(s)
|
||||||
amazon.aws.ec2:
|
ec2:
|
||||||
state: present
|
state: present
|
||||||
aws_access_key: "{{ aws_access_key }}"
|
aws_access_key: "{{ aws_access_key }}"
|
||||||
aws_secret_key: "{{ aws_secret_key }}"
|
aws_secret_key: "{{ aws_secret_key }}"
|
||||||
|
@ -16,21 +16,21 @@
|
||||||
register: ec2
|
register: ec2
|
||||||
|
|
||||||
- name: Add newly created instance(s) to inventory
|
- name: Add newly created instance(s) to inventory
|
||||||
ansible.builtin.add_host:
|
add_host:
|
||||||
hostname: "{{ item.public_dns_name }}"
|
hostname: "{{ item.public_dns_name }}"
|
||||||
groupname: launched-instances
|
groupname: launched-instances
|
||||||
ansible_user: admin
|
ansible_user: admin
|
||||||
ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
|
ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
|
||||||
loop: "{{ ec2.instances }}"
|
with_items: "{{ ec2.instances }}"
|
||||||
|
|
||||||
- ansible.builtin.debug:
|
- debug:
|
||||||
msg: "Your newly created instance is reachable at: {{ item.public_dns_name }}"
|
msg: "Your newly created instance is reachable at: {{ item.public_dns_name }}"
|
||||||
loop: "{{ ec2.instances }}"
|
with_items: "{{ ec2.instances }}"
|
||||||
|
|
||||||
- name: Wait for SSH to come up on all instances (give up after 2m)
|
- name: Wait for SSH to come up on all instances (give up after 2m)
|
||||||
ansible.builtin.wait_for:
|
wait_for:
|
||||||
state: started
|
state: started
|
||||||
host: "{{ item.public_dns_name }}"
|
host: "{{ item.public_dns_name }}"
|
||||||
port: 22
|
port: 22
|
||||||
timeout: 120
|
timeout: 120
|
||||||
loop: "{{ ec2.instances }}"
|
with_items: "{{ ec2.instances }}"
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
- name: Remove admin user
|
- name: Remove admin user
|
||||||
ansible.builtin.user:
|
user:
|
||||||
name: admin
|
name: admin
|
||||||
state: absent
|
state: absent
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Create default security group
|
- name: Create default security group
|
||||||
amazon.aws.ec2_group:
|
ec2_group:
|
||||||
name: "{{ ec2_security_group.name }}"
|
name: "{{ ec2_security_group.name }}"
|
||||||
state: present
|
state: present
|
||||||
aws_access_key: "{{ aws_access_key }}"
|
aws_access_key: "{{ aws_access_key }}"
|
||||||
|
@ -12,7 +12,7 @@
|
||||||
rules_egress: "{{ ec2_security_group.rules_egress }}"
|
rules_egress: "{{ ec2_security_group.rules_egress }}"
|
||||||
|
|
||||||
- name: Create key pair
|
- name: Create key pair
|
||||||
amazon.aws.ec2_key:
|
ec2_key:
|
||||||
name: "{{ ec2_keyname }}"
|
name: "{{ ec2_keyname }}"
|
||||||
state: present
|
state: present
|
||||||
aws_access_key: "{{ aws_access_key }}"
|
aws_access_key: "{{ aws_access_key }}"
|
||||||
|
|
|
@ -11,7 +11,6 @@ apache_evolinux_default_enabled: True
|
||||||
apache_evolinux_default_ssl_cert: /etc/ssl/certs/ssl-cert-snakeoil.pem
|
apache_evolinux_default_ssl_cert: /etc/ssl/certs/ssl-cert-snakeoil.pem
|
||||||
apache_evolinux_default_ssl_key: /etc/ssl/private/ssl-cert-snakeoil.key
|
apache_evolinux_default_ssl_key: /etc/ssl/private/ssl-cert-snakeoil.key
|
||||||
|
|
||||||
apache_serverstatus_host: 127.0.0.1
|
|
||||||
apache_serverstatus_suffix: ""
|
apache_serverstatus_suffix: ""
|
||||||
apache_serverstatus_suffix_file: "/etc/evolinux/apache_serverstatus_suffix"
|
apache_serverstatus_suffix_file: "/etc/evolinux/apache_serverstatus_suffix"
|
||||||
|
|
||||||
|
@ -21,7 +20,4 @@ apache_munin_include: True
|
||||||
general_alert_email: "root@localhost"
|
general_alert_email: "root@localhost"
|
||||||
log2mail_alert_email: Null
|
log2mail_alert_email: Null
|
||||||
|
|
||||||
apache_logrotate_frequency: daily
|
apache_serverstatus_host: 127.0.0.1
|
||||||
apache_logrotate_rotate: 365
|
|
||||||
|
|
||||||
apache_mpm: "itk"
|
|
||||||
|
|
|
@ -24,6 +24,3 @@ SetEnvIf User-Agent "ApacheBench" GoAway=1
|
||||||
#<FilesMatch ".(eot|ttf|otf|woff)">
|
#<FilesMatch ".(eot|ttf|otf|woff)">
|
||||||
# Header set Access-Control-Allow-Origin "*"
|
# Header set Access-Control-Allow-Origin "*"
|
||||||
#</FilesMatch>
|
#</FilesMatch>
|
||||||
|
|
||||||
# you need disable EnableCapabilities to use data on NFS mounts
|
|
||||||
#EnableCapabilities off
|
|
||||||
|
|
|
@ -3,65 +3,34 @@ Timeout 10
|
||||||
KeepAliveTimeout 2
|
KeepAliveTimeout 2
|
||||||
MaxKeepAliveRequests 10
|
MaxKeepAliveRequests 10
|
||||||
#MaxClients 250
|
#MaxClients 250
|
||||||
|
MaxRequestWorkers 250
|
||||||
<IfModule mpm_prefork_module>
|
ServerLimit 250
|
||||||
MaxRequestWorkers 250
|
StartServers 50
|
||||||
ServerLimit 250
|
MinSpareServers 20
|
||||||
StartServers 50
|
MaxSpareServers 30
|
||||||
MinSpareServers 20
|
MaxRequestsPerChild 0
|
||||||
MaxSpareServers 30
|
<Directory /home/>
|
||||||
MaxConnectionsPerChild 100
|
AllowOverride None
|
||||||
|
Require all granted
|
||||||
|
# "Require not env XXX" is not supported :(
|
||||||
|
Deny from env=GoAway
|
||||||
|
</Directory>
|
||||||
|
<IfModule mod_ssl.c>
|
||||||
|
SSLProtocol all -SSLv2 -SSLv3
|
||||||
|
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!RC4
|
||||||
</IfModule>
|
</IfModule>
|
||||||
|
<Files ~ "\.(inc|bak)$">
|
||||||
|
Require all denied
|
||||||
|
</Files>
|
||||||
|
|
||||||
<IfModule mpm_worker_module>
|
<IfModule mod_status.c>
|
||||||
StartServers 3
|
|
||||||
MinSpareThreads 25
|
|
||||||
MaxSpareThreads 75
|
|
||||||
ThreadLimit 64
|
|
||||||
ThreadsPerChild 25
|
|
||||||
MaxRequestWorkers 150
|
|
||||||
MaxConnectionsPerChild 100
|
|
||||||
</IfModule>
|
|
||||||
|
|
||||||
<IfModule mpm_itk_module>
|
|
||||||
LimitUIDRange 0 6000
|
|
||||||
LimitGIDRange 0 6000
|
|
||||||
</IfModule>
|
|
||||||
|
|
||||||
<IfModule ssl_module>
|
|
||||||
SSLProtocol all -SSLv2 -SSLv3
|
|
||||||
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!RC4
|
|
||||||
</IfModule>
|
|
||||||
|
|
||||||
<IfModule status_module>
|
|
||||||
ExtendedStatus On
|
ExtendedStatus On
|
||||||
<IfModule proxy_module>
|
<IfModule mod_proxy.c>
|
||||||
ProxyStatus On
|
ProxyStatus On
|
||||||
</IfModule>
|
</IfModule>
|
||||||
</IfModule>
|
</IfModule>
|
||||||
|
|
||||||
# Go away bad bots (define "bad bots" in zzz-evolinux-custom.conf)
|
<IfModule mpm_itk.c>
|
||||||
<If "reqenv('GoAway') -eq 1">
|
LimitUIDRange 0 6000
|
||||||
Require all denied
|
LimitGIDRange 0 6000
|
||||||
</If>
|
</IfModule>
|
||||||
|
|
||||||
<DirectoryMatch "/\.git">
|
|
||||||
# We don't want to let the client know a file exist on the server,
|
|
||||||
# so we return 404 "Not found" instead of 403 "Forbidden".
|
|
||||||
Redirect 404 "-"
|
|
||||||
</DirectoryMatch>
|
|
||||||
|
|
||||||
# File names starting with
|
|
||||||
<FilesMatch "^\.(git|env)">
|
|
||||||
Redirect 404 "-"
|
|
||||||
</FilesMatch>
|
|
||||||
|
|
||||||
# File names ending with
|
|
||||||
<FilesMatch "\.(inc|bak)$">
|
|
||||||
Redirect 404 "-"
|
|
||||||
</FilesMatch>
|
|
||||||
|
|
||||||
<LocationMatch "^/evolinux_fpm_status-.*">
|
|
||||||
Require all denied
|
|
||||||
</LocationMatch>
|
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,7 @@ set -e
|
||||||
|
|
||||||
DIR="/var/log/apache-status"
|
DIR="/var/log/apache-status"
|
||||||
URL="http://127.0.0.1/server-status"
|
URL="http://127.0.0.1/server-status"
|
||||||
TS=$(date +%Y%m%d%H%M%S)
|
TS=`date +%Y%m%d%H%M%S`
|
||||||
FILE="${DIR}/${TS}.html"
|
FILE="${DIR}/${TS}.html"
|
||||||
|
|
||||||
if [ ! -d "${DIR}" ]; then
|
if [ ! -d "${DIR}" ]; then
|
||||||
|
|
|
@ -1,15 +1,15 @@
|
||||||
---
|
---
|
||||||
- name: restart apache
|
- name: restart apache
|
||||||
ansible.builtin.service:
|
service:
|
||||||
name: apache2
|
name: apache2
|
||||||
state: restarted
|
state: restarted
|
||||||
|
|
||||||
- name: reload apache
|
- name: reload apache
|
||||||
ansible.builtin.service:
|
service:
|
||||||
name: apache2
|
name: apache2
|
||||||
state: reloaded
|
state: reloaded
|
||||||
|
|
||||||
- name: restart munin-node
|
- name: restart munin-node
|
||||||
ansible.builtin.service:
|
service:
|
||||||
name: munin-node
|
name: munin-node
|
||||||
state: restarted
|
state: restarted
|
||||||
|
|
|
@ -1,24 +1,18 @@
|
||||||
---
|
|
||||||
galaxy_info:
|
galaxy_info:
|
||||||
company: Evolix
|
author: Evolix
|
||||||
description: Installation and basic configuration of Apache
|
description: Installation and basic configuration of Apache
|
||||||
|
|
||||||
issue_tracker_url: https://gitea.evolix.org/evolix/ansible-roles/issues
|
issue_tracker_url: https://gitea.evolix.org/evolix/ansible-roles/issues
|
||||||
|
|
||||||
license: GPLv2
|
license: GPLv2
|
||||||
|
|
||||||
min_ansible_version: "2.2"
|
min_ansible_version: 2.2
|
||||||
|
|
||||||
platforms:
|
platforms:
|
||||||
- name: Debian
|
- name: Debian
|
||||||
versions:
|
versions:
|
||||||
- jessie
|
- jessie
|
||||||
- stretch
|
- stretch
|
||||||
- buster
|
|
||||||
|
|
||||||
galaxy_tags: []
|
|
||||||
# Be sure to remove the '[]' above if you add dependencies
|
|
||||||
# to this list.
|
|
||||||
|
|
||||||
dependencies: []
|
dependencies: []
|
||||||
# List your role dependencies here, one per line.
|
# List your role dependencies here, one per line.
|
||||||
|
|
|
@ -1,21 +1,21 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Init ipaddr_whitelist.conf file
|
- name: Init ipaddr_whitelist.conf file
|
||||||
ansible.builtin.copy:
|
copy:
|
||||||
src: ipaddr_whitelist.conf
|
src: ipaddr_whitelist.conf
|
||||||
dest: /etc/apache2/ipaddr_whitelist.conf
|
dest: /etc/apache2/ipaddr_whitelist.conf
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: "0640"
|
mode: "0640"
|
||||||
force: false
|
force: no
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: Load IP whitelist task
|
- name: Load IP whitelist task
|
||||||
ansible.builtin.import_tasks: ip_whitelist.yml
|
include: ip_whitelist.yml
|
||||||
|
|
||||||
- name: include private IP whitelist for server-status
|
- name: include private IP whitelist for server-status
|
||||||
ansible.builtin.lineinfile:
|
lineinfile:
|
||||||
dest: /etc/apache2/mods-available/status.conf
|
dest: /etc/apache2/mods-available/status.conf
|
||||||
line: " include /etc/apache2/ipaddr_whitelist.conf"
|
line: " include /etc/apache2/ipaddr_whitelist.conf"
|
||||||
insertafter: 'SetHandler server-status'
|
insertafter: 'SetHandler server-status'
|
||||||
|
@ -24,33 +24,33 @@
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: Copy private_htpasswd
|
- name: Copy private_htpasswd
|
||||||
ansible.builtin.copy:
|
copy:
|
||||||
src: private_htpasswd
|
src: private_htpasswd
|
||||||
dest: /etc/apache2/private_htpasswd
|
dest: /etc/apache2/private_htpasswd
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: "0640"
|
mode: "0640"
|
||||||
force: false
|
force: no
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: add user:pwd to private htpasswd
|
- name: add user:pwd to private htpasswd
|
||||||
ansible.builtin.lineinfile:
|
lineinfile:
|
||||||
dest: /etc/apache2/private_htpasswd
|
dest: /etc/apache2/private_htpasswd
|
||||||
line: "{{ item }}"
|
line: "{{ item }}"
|
||||||
state: present
|
state: present
|
||||||
loop: "{{ apache_private_htpasswd_present }}"
|
with_items: "{{ apache_private_htpasswd_present }}"
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: remove user:pwd from private htpasswd
|
- name: remove user:pwd from private htpasswd
|
||||||
ansible.builtin.lineinfile:
|
lineinfile:
|
||||||
dest: /etc/apache2/private_htpasswd
|
dest: /etc/apache2/private_htpasswd
|
||||||
line: "{{ item }}"
|
line: "{{ item }}"
|
||||||
state: absent
|
state: absent
|
||||||
loop: "{{ apache_private_htpasswd_absent }}"
|
with_items: "{{ apache_private_htpasswd_absent }}"
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
|
@ -1,23 +1,22 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: add IP addresses to private IP whitelist
|
- name: add IP addresses to private IP whitelist
|
||||||
ansible.builtin.lineinfile:
|
lineinfile:
|
||||||
dest: /etc/apache2/ipaddr_whitelist.conf
|
dest: /etc/apache2/ipaddr_whitelist.conf
|
||||||
line: "Require ip {{ item }}"
|
line: "Require ip {{ item }}"
|
||||||
state: present
|
state: present
|
||||||
create: yes
|
with_items: "{{ apache_ipaddr_whitelist_present }}"
|
||||||
loop: "{{ apache_ipaddr_whitelist_present }}"
|
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
- ips
|
- ips
|
||||||
|
|
||||||
- name: remove IP addresses from private IP whitelist
|
- name: remove IP addresses from private IP whitelist
|
||||||
ansible.builtin.lineinfile:
|
lineinfile:
|
||||||
dest: /etc/apache2/ipaddr_whitelist.conf
|
dest: /etc/apache2/ipaddr_whitelist.conf
|
||||||
line: "Require ip {{ item }}"
|
line: "Require ip {{ item }}"
|
||||||
state: absent
|
state: absent
|
||||||
loop: "{{ apache_ipaddr_whitelist_absent }}"
|
with_items: "{{ apache_ipaddr_whitelist_absent }}"
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
|
@ -1,19 +1,19 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: log2mail is installed
|
- name: log2mail is installed
|
||||||
ansible.builtin.apt:
|
apt:
|
||||||
name: log2mail
|
name: log2mail
|
||||||
state: present
|
state: present
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: Add log2mail config for Apache segfaults
|
- name: Add log2mail config for Apache segfaults
|
||||||
ansible.builtin.template:
|
template:
|
||||||
src: log2mail-apache.j2
|
src: log2mail-apache.j2
|
||||||
dest: "/etc/log2mail/config/apache"
|
dest: "/etc/log2mail/config/apache"
|
||||||
owner: log2mail
|
owner: log2mail
|
||||||
group: adm
|
group: adm
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
force: false
|
force: no
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
|
@ -1,9 +1,10 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: packages are installed (Debian 9 or later)
|
- name: packages are installed (Debian 9 or later)
|
||||||
ansible.builtin.apt:
|
apt:
|
||||||
name:
|
name:
|
||||||
- apache2
|
- apache2
|
||||||
|
- libapache2-mpm-itk
|
||||||
- libapache2-mod-evasive
|
- libapache2-mod-evasive
|
||||||
- apachetop
|
- apachetop
|
||||||
- libwww-perl
|
- libwww-perl
|
||||||
|
@ -13,20 +14,8 @@
|
||||||
- packages
|
- packages
|
||||||
when: ansible_distribution_major_version is version('9', '>=')
|
when: ansible_distribution_major_version is version('9', '>=')
|
||||||
|
|
||||||
- name: itk package is installed if required (Debian 9 or later)
|
|
||||||
ansible.builtin.apt:
|
|
||||||
name:
|
|
||||||
- libapache2-mpm-itk
|
|
||||||
state: present
|
|
||||||
tags:
|
|
||||||
- apache
|
|
||||||
- packages
|
|
||||||
when:
|
|
||||||
- ansible_distribution_major_version is version('9', '>=')
|
|
||||||
- apache_mpm == "itk"
|
|
||||||
|
|
||||||
- name: packages are installed (jessie)
|
- name: packages are installed (jessie)
|
||||||
ansible.builtin.apt:
|
apt:
|
||||||
name:
|
name:
|
||||||
- apache2-mpm-itk
|
- apache2-mpm-itk
|
||||||
- libapache2-mod-evasive
|
- libapache2-mod-evasive
|
||||||
|
@ -39,13 +28,14 @@
|
||||||
when: ansible_distribution_release == "jessie"
|
when: ansible_distribution_release == "jessie"
|
||||||
|
|
||||||
- name: basic modules are enabled
|
- name: basic modules are enabled
|
||||||
community.general.apache2_module:
|
apache2_module:
|
||||||
name: '{{ item }}'
|
name: '{{ item }}'
|
||||||
state: present
|
state: present
|
||||||
loop:
|
with_items:
|
||||||
- rewrite
|
- rewrite
|
||||||
- expires
|
- expires
|
||||||
- headers
|
- headers
|
||||||
|
- cgi
|
||||||
- ssl
|
- ssl
|
||||||
- include
|
- include
|
||||||
- negotiation
|
- negotiation
|
||||||
|
@ -54,44 +44,32 @@
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: basic modules are enabled
|
|
||||||
community.general.apache2_module:
|
|
||||||
name: '{{ item }}'
|
|
||||||
state: present
|
|
||||||
loop:
|
|
||||||
- cgi
|
|
||||||
notify: reload apache
|
|
||||||
when: apache_mpm == "prefork" or apache_mpm == "itk"
|
|
||||||
tags:
|
|
||||||
- apache
|
|
||||||
|
|
||||||
|
|
||||||
- name: Copy Apache defaults config file
|
- name: Copy Apache defaults config file
|
||||||
ansible.builtin.copy:
|
copy:
|
||||||
src: evolinux-defaults.conf
|
src: evolinux-defaults.conf
|
||||||
dest: "/etc/apache2/conf-available/z-evolinux-defaults.conf"
|
dest: "/etc/apache2/conf-available/z-evolinux-defaults.conf"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: "0640"
|
mode: "0640"
|
||||||
force: true
|
force: yes
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: Copy Apache custom config file
|
- name: Copy Apache custom config file
|
||||||
ansible.builtin.copy:
|
copy:
|
||||||
src: evolinux-custom.conf
|
src: evolinux-custom.conf
|
||||||
dest: "/etc/apache2/conf-available/zzz-evolinux-custom.conf"
|
dest: "/etc/apache2/conf-available/zzz-evolinux-custom.conf"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: "0640"
|
mode: "0640"
|
||||||
force: false
|
force: no
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: disable status.conf
|
- name: disable status.conf
|
||||||
ansible.builtin.file:
|
file:
|
||||||
dest: /etc/apache2/mods-enabled/status.conf
|
dest: /etc/apache2/mods-enabled/status.conf
|
||||||
state: absent
|
state: absent
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
|
@ -99,49 +77,47 @@
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: Ensure Apache config files are enabled
|
- name: Ensure Apache config files are enabled
|
||||||
ansible.builtin.command:
|
command: "a2enconf {{ item }}"
|
||||||
cmd: "a2enconf {{ item }}"
|
|
||||||
register: command_result
|
register: command_result
|
||||||
changed_when: "'Enabling' in command_result.stderr"
|
changed_when: "'Enabling' in command_result.stderr"
|
||||||
loop:
|
with_items:
|
||||||
- z-evolinux-defaults.conf
|
- z-evolinux-defaults.conf
|
||||||
- zzz-evolinux-custom.conf
|
- zzz-evolinux-custom.conf
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- ansible.builtin.include: auth.yml
|
- include: auth.yml
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: default vhost is installed
|
- name: default vhost is installed
|
||||||
ansible.builtin.template:
|
template:
|
||||||
src: evolinux-default.conf.j2
|
src: evolinux-default.conf.j2
|
||||||
dest: /etc/apache2/sites-available/000-evolinux-default.conf
|
dest: /etc/apache2/sites-available/000-evolinux-default.conf
|
||||||
mode: "0640"
|
mode: "0640"
|
||||||
force: false
|
force: no
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: default vhost is enabled
|
- name: default vhost is enabled
|
||||||
ansible.builtin.file:
|
file:
|
||||||
src: /etc/apache2/sites-available/000-evolinux-default.conf
|
src: /etc/apache2/sites-available/000-evolinux-default.conf
|
||||||
dest: /etc/apache2/sites-enabled/000-default.conf
|
dest: /etc/apache2/sites-enabled/000-default.conf
|
||||||
state: link
|
state: link
|
||||||
force: true
|
force: yes
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
when: apache_evolinux_default_enabled | bool
|
when: apache_evolinux_default_enabled
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- ansible.builtin.include: server_status.yml
|
- include: server_status.yml
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: is umask already present?
|
- name: is umask already present?
|
||||||
ansible.builtin.command:
|
command: "grep -E '^umask ' /etc/apache2/envvars"
|
||||||
cmd: "grep -E '^umask ' /etc/apache2/envvars"
|
|
||||||
failed_when: False
|
failed_when: False
|
||||||
changed_when: False
|
changed_when: False
|
||||||
register: envvar_grep_umask
|
register: envvar_grep_umask
|
||||||
|
@ -150,7 +126,7 @@
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: Add a mark in envvars for umask
|
- name: Add a mark in envvars for umask
|
||||||
ansible.builtin.blockinfile:
|
blockinfile:
|
||||||
dest: /etc/apache2/envvars
|
dest: /etc/apache2/envvars
|
||||||
marker: "## {mark} ANSIBLE MANAGED BLOCK"
|
marker: "## {mark} ANSIBLE MANAGED BLOCK"
|
||||||
block: |
|
block: |
|
||||||
|
@ -161,13 +137,13 @@
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- ansible.builtin.include_role:
|
- include_role:
|
||||||
name: evolix/remount-usr
|
name: evolix/remount-usr
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: /usr/share/scripts exists
|
- name: /usr/share/scripts exists
|
||||||
ansible.builtin.file:
|
file:
|
||||||
dest: /usr/share/scripts
|
dest: /usr/share/scripts
|
||||||
mode: "0700"
|
mode: "0700"
|
||||||
owner: root
|
owner: root
|
||||||
|
@ -177,36 +153,36 @@
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: "Install save_apache_status.sh"
|
- name: "Install save_apache_status.sh"
|
||||||
ansible.builtin.copy:
|
copy:
|
||||||
src: save_apache_status.sh
|
src: save_apache_status.sh
|
||||||
dest: /usr/share/scripts/save_apache_status.sh
|
dest: /usr/share/scripts/save_apache_status.sh
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
force: false
|
force: no
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: "logrotate: {{ apache_logrotate_frequency }}"
|
- name: "logrotate: rotate weekly"
|
||||||
ansible.builtin.replace:
|
replace:
|
||||||
dest: /etc/logrotate.d/apache2
|
dest: /etc/logrotate.d/apache2
|
||||||
regexp: "(daily|weekly|monthly)"
|
regexp: "(daily|weekly|monthly)"
|
||||||
replace: "{{ apache_logrotate_frequency }}"
|
replace: "weekly"
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: "logrotate: rotate {{ apache_logrotate_rotate }}"
|
- name: "logrotate: keep 52 files"
|
||||||
ansible.builtin.replace:
|
replace:
|
||||||
dest: /etc/logrotate.d/apache2
|
dest: /etc/logrotate.d/apache2
|
||||||
regexp: '^(\s+rotate) \d+$'
|
regexp: '^(\s+rotate) \d+$'
|
||||||
replace: '\1 {{ apache_logrotate_rotate }}'
|
replace: '\1 52'
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- ansible.builtin.include: log2mail.yml
|
- include: log2mail.yml
|
||||||
when: apache_log2mail_include
|
when: apache_log2mail_include
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- ansible.builtin.include: munin.yml
|
- include: munin.yml
|
||||||
when: apache_munin_include | bool
|
when: apache_munin_include
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: "Install munin-node and core plugins packages"
|
- name: "Install munin-node and core plugins packages"
|
||||||
ansible.builtin.apt:
|
apt:
|
||||||
name:
|
name:
|
||||||
- munin-node
|
- munin-node
|
||||||
- munin-plugins-core
|
- munin-plugins-core
|
||||||
|
@ -11,11 +11,11 @@
|
||||||
- munin
|
- munin
|
||||||
|
|
||||||
- name: "Enable Munin plugins"
|
- name: "Enable Munin plugins"
|
||||||
ansible.builtin.file:
|
file:
|
||||||
src: "/usr/share/munin/plugins/{{ item }}"
|
src: "/usr/share/munin/plugins/{{ item }}"
|
||||||
dest: "/etc/munin/plugins/{{ item }}"
|
dest: "/etc/munin/plugins/{{ item }}"
|
||||||
state: link
|
state: link
|
||||||
loop:
|
with_items:
|
||||||
- apache_accesses
|
- apache_accesses
|
||||||
- apache_processes
|
- apache_processes
|
||||||
- apache_volume
|
- apache_volume
|
||||||
|
@ -25,7 +25,7 @@
|
||||||
- munin
|
- munin
|
||||||
|
|
||||||
- name: "Install fcgi packages for Munin graphs"
|
- name: "Install fcgi packages for Munin graphs"
|
||||||
ansible.builtin.apt:
|
apt:
|
||||||
name:
|
name:
|
||||||
- libapache2-mod-fcgid
|
- libapache2-mod-fcgid
|
||||||
- libcgi-fast-perl
|
- libcgi-fast-perl
|
||||||
|
@ -36,8 +36,7 @@
|
||||||
- munin
|
- munin
|
||||||
|
|
||||||
- name: "Enable libapache2-mod-fcgid"
|
- name: "Enable libapache2-mod-fcgid"
|
||||||
ansible.builtin.command:
|
command: a2enmod fcgid
|
||||||
cmd: a2enmod fcgid
|
|
||||||
register: cmd_enable_fcgid
|
register: cmd_enable_fcgid
|
||||||
changed_when: "'Module fcgid already enabled' not in cmd_enable_fcgid.stdout"
|
changed_when: "'Module fcgid already enabled' not in cmd_enable_fcgid.stdout"
|
||||||
notify: restart apache
|
notify: restart apache
|
||||||
|
@ -46,7 +45,7 @@
|
||||||
- munin
|
- munin
|
||||||
|
|
||||||
- name: "Apache has access to /var/log/munin/"
|
- name: "Apache has access to /var/log/munin/"
|
||||||
ansible.builtin.file:
|
file:
|
||||||
path: /var/log/munin/
|
path: /var/log/munin/
|
||||||
group: www-data
|
group: www-data
|
||||||
tags:
|
tags:
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: server status dirname exists
|
- name: server status dirname exists
|
||||||
ansible.builtin.file:
|
file:
|
||||||
dest: "{{ apache_serverstatus_suffix_file | dirname }}"
|
dest: "{{ apache_serverstatus_suffix_file | dirname }}"
|
||||||
mode: "0700"
|
mode: "0700"
|
||||||
owner: root
|
owner: root
|
||||||
|
@ -9,71 +9,61 @@
|
||||||
state: directory
|
state: directory
|
||||||
|
|
||||||
- name: set apache serverstatus suffix if provided
|
- name: set apache serverstatus suffix if provided
|
||||||
ansible.builtin.copy:
|
copy:
|
||||||
dest: "{{ apache_serverstatus_suffix_file }}"
|
dest: "{{ apache_serverstatus_suffix_file }}"
|
||||||
# The last character "\u000A" is a line feed (LF), it's better to keep it
|
# The last character "\u000A" is a line feed (LF), it's better to keep it
|
||||||
content: "{{ apache_serverstatus_suffix }}\u000A"
|
content: "{{ apache_serverstatus_suffix }}\u000A"
|
||||||
force: true
|
force: yes
|
||||||
when: apache_serverstatus_suffix | length > 0
|
when: apache_serverstatus_suffix
|
||||||
|
|
||||||
- name: generate random string for server-status suffix
|
- name: generate random string for server-status suffix
|
||||||
ansible.builtin.shell:
|
shell: "apg -a 1 -M N -n 1 > {{ apache_serverstatus_suffix_file }}"
|
||||||
cmd: "apg -a 1 -M N -n 1 > {{ apache_serverstatus_suffix_file }}"
|
|
||||||
args:
|
args:
|
||||||
creates: "{{ apache_serverstatus_suffix_file }}"
|
creates: "{{ apache_serverstatus_suffix_file }}"
|
||||||
|
|
||||||
- name: read apache server status suffix
|
- name: read apache server status suffix
|
||||||
ansible.builtin.command:
|
command: "tail -n 1 {{ apache_serverstatus_suffix_file }}"
|
||||||
cmd: "tail -n 1 {{ apache_serverstatus_suffix_file }}"
|
|
||||||
changed_when: False
|
changed_when: False
|
||||||
check_mode: no
|
check_mode: no
|
||||||
register: new_apache_serverstatus_suffix
|
register: new_apache_serverstatus_suffix
|
||||||
|
|
||||||
- name: overwrite apache_serverstatus_suffix
|
- name: overwrite apache_serverstatus_suffix
|
||||||
ansible.builtin.set_fact:
|
set_fact:
|
||||||
apache_serverstatus_suffix: "{{ new_apache_serverstatus_suffix.stdout }}"
|
apache_serverstatus_suffix: "{{ new_apache_serverstatus_suffix.stdout }}"
|
||||||
|
|
||||||
- ansible.builtin.debug:
|
- debug:
|
||||||
var: apache_serverstatus_suffix
|
var: apache_serverstatus_suffix
|
||||||
verbosity: 1
|
|
||||||
|
|
||||||
- name: replace server-status suffix in default site index
|
- name: replace server-status suffix in default site index
|
||||||
ansible.builtin.replace:
|
replace:
|
||||||
dest: /var/www/index.html
|
dest: /var/www/index.html
|
||||||
regexp: '__SERVERSTATUS_SUFFIX__'
|
regexp: '__SERVERSTATUS_SUFFIX__'
|
||||||
replace: "{{ apache_serverstatus_suffix }}"
|
replace: "{{ apache_serverstatus_suffix }}"
|
||||||
|
|
||||||
- name: add server-status suffix in default site index if missing
|
- name: add server-status suffix in default site index if missing
|
||||||
ansible.builtin.replace:
|
replace:
|
||||||
dest: /var/www/index.html
|
dest: /var/www/index.html
|
||||||
regexp: '"/server-status-?"'
|
regexp: '"/server-status-?"'
|
||||||
replace: '"/server-status-{{ apache_serverstatus_suffix }}"'
|
replace: '"/server-status-{{ apache_serverstatus_suffix }}"'
|
||||||
|
|
||||||
- name: add server-status suffix in default VHost
|
- name: add server-status suffix in default VHost
|
||||||
ansible.builtin.replace:
|
replace:
|
||||||
dest: /etc/apache2/sites-available/000-evolinux-default.conf
|
dest: /etc/apache2/sites-available/000-evolinux-default.conf
|
||||||
regexp: '<Location /server-status-?>'
|
regexp: '<Location /server-status-?>'
|
||||||
replace: '<Location /server-status-{{ apache_serverstatus_suffix }}>'
|
replace: '<Location /server-status-{{ apache_serverstatus_suffix }}>'
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
|
|
||||||
- name: Munin configuration has a section for apache
|
- name: Munin configuration has a section for apache
|
||||||
ansible.builtin.lineinfile:
|
lineinfile:
|
||||||
dest: /etc/munin/plugin-conf.d/munin-node
|
dest: /etc/munin/plugin-conf.d/munin-node
|
||||||
line: "[apache_*]"
|
line: "[apache_*]"
|
||||||
create: no
|
create: no
|
||||||
|
|
||||||
- name: apache-status URL is configured for Munin
|
- name: apache-status URL is configured for Munin
|
||||||
ansible.builtin.lineinfile:
|
lineinfile:
|
||||||
dest: /etc/munin/plugin-conf.d/munin-node
|
dest: /etc/munin/plugin-conf.d/munin-node
|
||||||
line: "env.url http://{{ apache_serverstatus_host }}/server-status-{{ apache_serverstatus_suffix }}?auto"
|
line: "env.url http://{{ apache_serverstatus_host }}/server-status-{{ apache_serverstatus_suffix }}?auto"
|
||||||
regexp: 'env.url http://[^\\/]+/server-status'
|
regexp: 'env.url http://[^\\/]+/server-status'
|
||||||
insertafter: "[apache_*]"
|
insertafter: "[apache_*]"
|
||||||
create: no
|
create: no
|
||||||
notify: restart munin-node
|
notify: restart munin-node
|
||||||
|
|
||||||
- name: add mailgraph URL in index.html
|
|
||||||
ansible.builtin.lineinfile:
|
|
||||||
dest: /var/www/index.html
|
|
||||||
state: present
|
|
||||||
line: ' <li><a href="/mailgraph">Stats Mail</a></li>'
|
|
||||||
insertbefore: "</ul>"
|
|
||||||
|
|
|
@ -35,15 +35,6 @@
|
||||||
Include /etc/apache2/ipaddr_whitelist.conf
|
Include /etc/apache2/ipaddr_whitelist.conf
|
||||||
</Directory>
|
</Directory>
|
||||||
|
|
||||||
# Mailgraph configuration
|
|
||||||
Alias /mailgraph /usr/share/mailgraph
|
|
||||||
<Directory /usr/share/mailgraph>
|
|
||||||
DirectoryIndex mailgraph.cgi
|
|
||||||
Require all granted
|
|
||||||
Options +FollowSymLinks +ExecCGI
|
|
||||||
AddHandler cgi-script .cgi
|
|
||||||
</Directory>
|
|
||||||
|
|
||||||
CustomLog /var/log/apache2/access.log vhost_combined
|
CustomLog /var/log/apache2/access.log vhost_combined
|
||||||
ErrorLog /var/log/apache2/error.log
|
ErrorLog /var/log/apache2/error.log
|
||||||
LogLevel warn
|
LogLevel warn
|
||||||
|
@ -127,15 +118,6 @@
|
||||||
Include /etc/apache2/ipaddr_whitelist.conf
|
Include /etc/apache2/ipaddr_whitelist.conf
|
||||||
</Location>
|
</Location>
|
||||||
|
|
||||||
# Mailgraph configuration
|
|
||||||
Alias /mailgraph /usr/share/mailgraph
|
|
||||||
<Directory /usr/share/mailgraph>
|
|
||||||
DirectoryIndex mailgraph.cgi
|
|
||||||
Require all granted
|
|
||||||
Options +FollowSymLinks +ExecCGI
|
|
||||||
AddHandler cgi-script .cgi
|
|
||||||
</Directory>
|
|
||||||
|
|
||||||
# BEGIN phpMyAdmin section
|
# BEGIN phpMyAdmin section
|
||||||
# END phpMyAdmin section
|
# END phpMyAdmin section
|
||||||
|
|
||||||
|
|
|
@ -8,13 +8,10 @@ apt_upgrade: False
|
||||||
apt_install_basics: True
|
apt_install_basics: True
|
||||||
apt_basics_components: "main"
|
apt_basics_components: "main"
|
||||||
|
|
||||||
# With Debian 12+ and the deb822 format of source files
|
|
||||||
# backports are always installed but enabled according to `apt_install_backports`
|
|
||||||
apt_install_backports: False
|
apt_install_backports: False
|
||||||
apt_backports_components: "main"
|
apt_backports_components: "main"
|
||||||
|
|
||||||
apt_install_evolix_public: True
|
apt_install_evolix_public: True
|
||||||
apt_install_extended_lts: False
|
|
||||||
|
|
||||||
apt_clean_gandi_sourceslist: False
|
apt_clean_gandi_sourceslist: False
|
||||||
|
|
||||||
|
@ -28,8 +25,3 @@ apt_check_hold_cron_hour: "*/4"
|
||||||
apt_check_hold_cron_weekday: "*"
|
apt_check_hold_cron_weekday: "*"
|
||||||
apt_check_hold_cron_day: "*"
|
apt_check_hold_cron_day: "*"
|
||||||
apt_check_hold_cron_month: "*"
|
apt_check_hold_cron_month: "*"
|
||||||
|
|
||||||
apt_list_upgradable_held_enabled: False
|
|
||||||
apt_list_upgradable_held_special_time: "weekly"
|
|
||||||
|
|
||||||
apt_keyring_dir: "{{ ansible_distribution_major_version is version('12', '<') | ternary('/etc/apt/trusted.gpg.d', '/etc/apt/keyrings') }}"
|
|
||||||
|
|
3
apt/files/buster_backports_preferences
Normal file
3
apt/files/buster_backports_preferences
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
Package: *
|
||||||
|
Pin: release a=buster-backports
|
||||||
|
Pin-Priority: 50
|
|
@ -21,12 +21,7 @@ if [ -f ${config_file} ]; then
|
||||||
if [ -n "${package}" ]; then
|
if [ -n "${package}" ]; then
|
||||||
if is_installed ${package} && ! is_held ${package}; then
|
if is_installed ${package} && ! is_held ${package}; then
|
||||||
apt-mark hold ${package}
|
apt-mark hold ${package}
|
||||||
msg="Package \`${package}' has been marked \`hold'."
|
>&2 echo "Package \`${package}' has been marked \`hold'."
|
||||||
>&2 echo "${msg}"
|
|
||||||
wall_bin=$(command -v wall)
|
|
||||||
if [ -n "${wall_bin}" ]; then
|
|
||||||
"${wall_bin}" --timeout 5 "${msg}"
|
|
||||||
fi
|
|
||||||
return_code=1
|
return_code=1
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -1,168 +0,0 @@
|
||||||
#!/usr/bin/env python3
|
|
||||||
|
|
||||||
##########
|
|
||||||
# This script takes a multi-lines input of "oneliner-style" APT sources definitions.
|
|
||||||
# It converts them into "deb822-style" sources.
|
|
||||||
# Each generated file will have only one stanza, possibly with multiple Types/Suites/Components
|
|
||||||
##########
|
|
||||||
|
|
||||||
import re
|
|
||||||
import sys
|
|
||||||
import os
|
|
||||||
import select
|
|
||||||
import apt
|
|
||||||
import apt_pkg
|
|
||||||
|
|
||||||
# Order matters !
|
|
||||||
destinations = {
|
|
||||||
"debian-security": "security.sources",
|
|
||||||
|
|
||||||
".*-backports": "backports.sources",
|
|
||||||
|
|
||||||
".debian.org": "system.sources",
|
|
||||||
"mirror.evolix.org": "system.sources",
|
|
||||||
"ftp.evolix.org": "system.sources",
|
|
||||||
|
|
||||||
"pub.evolix.net": "evolix_public_old.sources.bak",
|
|
||||||
"pub.evolix.org": "evolix_public.sources",
|
|
||||||
|
|
||||||
"artifacts.elastic.co": "elastic.sources",
|
|
||||||
"download.docker.com": "docker.sources",
|
|
||||||
"downloads.linux.hpe.com": "hp.sources",
|
|
||||||
"pkg.jenkins-ci.org": "jenkins.sources",
|
|
||||||
"packages.sury.org": "sury.sources",
|
|
||||||
"repo.mongodb.org": "mongodb.sources",
|
|
||||||
"apt.newrelic.com": "newrelic.sources",
|
|
||||||
"deb.nodesource.com": "nodesource.sources",
|
|
||||||
"dl.yarnpkg.com": "yarn.sources",
|
|
||||||
"apt.postgresql.org": "postgresql.sources",
|
|
||||||
"packages.microsoft.com/repos/vscode": "microsoft-vscode.sources",
|
|
||||||
"packages.microsoft.com/repos/ms-teams": "microsoft-teams.sources",
|
|
||||||
"updates.signal.org": "signal.sources",
|
|
||||||
"downloads.1password.com/linux/debian": "1password.sources",
|
|
||||||
"download.virtualbox.org": "virtualbox.sources"
|
|
||||||
}
|
|
||||||
|
|
||||||
sources_parts = apt_pkg.config.find_dir('Dir::Etc::sourceparts')
|
|
||||||
|
|
||||||
def split_options(raw):
|
|
||||||
table = str.maketrans({
|
|
||||||
"[": None,
|
|
||||||
"]": None
|
|
||||||
})
|
|
||||||
options = raw.translate(table).split(' ')
|
|
||||||
|
|
||||||
return options
|
|
||||||
|
|
||||||
def auto_destination(uri):
|
|
||||||
basename = uri
|
|
||||||
basename = re.sub('\[[^\]]+\]', '', basename)
|
|
||||||
basename = re.sub('\w+://', '', basename)
|
|
||||||
basename = '_'.join(re.sub('[^a-zA-Z0-9]', ' ', basename).split())
|
|
||||||
return '%s.sources' % basename
|
|
||||||
|
|
||||||
|
|
||||||
def destination(matches):
|
|
||||||
for search_str in destinations.keys():
|
|
||||||
search_pattern = re.compile(f'{search_str}(/|\s|$)')
|
|
||||||
if re.search(search_pattern, matches['uri']) or re.search(search_pattern, matches["suite"]):
|
|
||||||
return destinations[search_str]
|
|
||||||
# fallback if nothing matches
|
|
||||||
return auto_destination(matches['uri'])
|
|
||||||
|
|
||||||
def prepare_sources(lines):
|
|
||||||
sources = {}
|
|
||||||
pattern = re.compile('^(?: *(?P<type>deb|deb-src)) +(?P<options>\[.+\] ?)*(?P<uri>\w+:\/\/\S+) +(?P<suite>\S+)(?: +(?P<components>.*))?$')
|
|
||||||
|
|
||||||
for line in lines:
|
|
||||||
matches = re.match(pattern, line)
|
|
||||||
|
|
||||||
if matches is not None:
|
|
||||||
dest = destination(matches)
|
|
||||||
options = {}
|
|
||||||
|
|
||||||
if matches.group('options'):
|
|
||||||
for option in split_options(matches['options']):
|
|
||||||
if "=" in option:
|
|
||||||
key, value = option.split("=")
|
|
||||||
options[key] = value
|
|
||||||
|
|
||||||
### WARNING ###
|
|
||||||
# if there are multiple lines with different URIS for a given destination (eg. "system")
|
|
||||||
# each one will overwrite the previous one
|
|
||||||
# and the last evaluated will be what remains.
|
|
||||||
|
|
||||||
if dest in sources:
|
|
||||||
sources[dest]["Types"].add(matches["type"])
|
|
||||||
sources[dest]["URIs"] = matches["uri"]
|
|
||||||
sources[dest]["Suites"].add(matches["suite"])
|
|
||||||
sources[dest]["Components"].update(matches["components"].split(' '))
|
|
||||||
else:
|
|
||||||
source = {
|
|
||||||
"Types": {matches['type']},
|
|
||||||
"URIs": matches['uri'],
|
|
||||||
"Enabled": "yes",
|
|
||||||
}
|
|
||||||
|
|
||||||
if matches.group('suite'):
|
|
||||||
source["Suites"] = set(matches['suite'].split(' '))
|
|
||||||
|
|
||||||
if matches.group('components'):
|
|
||||||
source["Components"] = set(matches['components'].split(' '))
|
|
||||||
|
|
||||||
if "arch" in options:
|
|
||||||
if "Architectures" in source:
|
|
||||||
source["Architectures"].append(options["arch"])
|
|
||||||
else:
|
|
||||||
source["Architectures"] = {options["arch"]}
|
|
||||||
|
|
||||||
if "signed-by" in options:
|
|
||||||
if "Signed-by" in source:
|
|
||||||
source["Signed-by"].append(options["signed-by"])
|
|
||||||
else:
|
|
||||||
source["Signed-by"] = {options["signed-by"]}
|
|
||||||
|
|
||||||
if "lang" in options:
|
|
||||||
if "Languages" in source:
|
|
||||||
source["Languages"].append(options["lang"])
|
|
||||||
else:
|
|
||||||
source["Languages"] = {options["lang"]}
|
|
||||||
|
|
||||||
if "target" in options:
|
|
||||||
if "Targets" in source:
|
|
||||||
source["Targets"].append(options["target"])
|
|
||||||
else:
|
|
||||||
source["Targets"] = {options["target"]}
|
|
||||||
|
|
||||||
sources[dest] = source
|
|
||||||
return sources
|
|
||||||
|
|
||||||
def save_sources(sources, output_dir):
|
|
||||||
# print(output_dir)
|
|
||||||
# print(sources)
|
|
||||||
for dest, source in sources.items():
|
|
||||||
source_path = output_dir + dest
|
|
||||||
|
|
||||||
with open(source_path, 'w') as file:
|
|
||||||
for key, value in source.items():
|
|
||||||
if isinstance(value, str):
|
|
||||||
file.write("{}: {}\n".format(key, value))
|
|
||||||
else:
|
|
||||||
file.write("{}: {}\n".format(key, ' '.join(value)))
|
|
||||||
|
|
||||||
def main():
|
|
||||||
if select.select([sys.stdin, ], [], [], 0.0)[0]:
|
|
||||||
sources = prepare_sources(sys.stdin)
|
|
||||||
# elif len(sys.argv) > 1:
|
|
||||||
# sources = prepare_sources([sys.argv[1]])
|
|
||||||
else:
|
|
||||||
print("You must provide source lines to stdin", file=sys.stderr)
|
|
||||||
sys.exit(1)
|
|
||||||
|
|
||||||
output_dir = apt_pkg.config.find_dir('Dir::Etc::sourceparts')
|
|
||||||
save_sources(sources, output_dir)
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
|
||||||
main()
|
|
||||||
|
|
||||||
sys.exit(0)
|
|
|
@ -1,55 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
|
|
||||||
##########
|
|
||||||
# This script changes all "one-line" APT sources into "deb822" sources.
|
|
||||||
# It is responsible for searching and processing the files.
|
|
||||||
# The actual format migration is done by a python script.
|
|
||||||
##########
|
|
||||||
|
|
||||||
deb822_migrate_script=$(command -v deb822-migration.py)
|
|
||||||
|
|
||||||
if [ -z "${deb822_migrate_script}" ]; then
|
|
||||||
deb822_migrate_script="$(dirname "$0")/deb822-migration.py"
|
|
||||||
fi
|
|
||||||
if [ ! -x "${deb822_migrate_script}" ]; then
|
|
||||||
>&2 echo "ERROR: '${deb822_migrate_script}' not found or not executable"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
sources_from_file() {
|
|
||||||
grep --extended-regexp "^\s*(deb|deb-src) " $1
|
|
||||||
}
|
|
||||||
|
|
||||||
rc=0
|
|
||||||
count=0
|
|
||||||
|
|
||||||
if [ -f /etc/apt/sources.list ]; then
|
|
||||||
sources_from_file /etc/apt/sources.list | ${deb822_migrate_script}
|
|
||||||
python_rc=$?
|
|
||||||
|
|
||||||
if [ ${python_rc} -eq 0 ]; then
|
|
||||||
mv /etc/apt/sources.list /etc/apt/sources.list.bak
|
|
||||||
echo "OK: /etc/apt/sources.list"
|
|
||||||
count=$(( count + 1 ))
|
|
||||||
else
|
|
||||||
>&2 echo "ERROR: failed migration for /etc/apt/sources.list"
|
|
||||||
rc=1
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
for file in $(find /etc/apt/sources.list.d -mindepth 1 -maxdepth 1 -type f -name '*.list'); do
|
|
||||||
sources_from_file "${file}" | ${deb822_migrate_script}
|
|
||||||
python_rc=$?
|
|
||||||
|
|
||||||
if [ ${python_rc} -eq 0 ]; then
|
|
||||||
mv "${file}" "${file}.bak"
|
|
||||||
echo "OK: ${file}"
|
|
||||||
count=$(( count + 1 ))
|
|
||||||
else
|
|
||||||
>&2 echo "ERROR: failed migration for ${file}"
|
|
||||||
rc=1
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
echo "${count} file(s) migrated"
|
|
||||||
exit ${rc}
|
|
Binary file not shown.
3
apt/files/jessie_backports_preferences
Normal file
3
apt/files/jessie_backports_preferences
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
Package: *
|
||||||
|
Pin: release a=jessie-backports
|
||||||
|
Pin-Priority: 50
|
|
@ -1,127 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
#####
|
|
||||||
# This script will send an email if some packages are on hold
|
|
||||||
# but have available updates.
|
|
||||||
#####
|
|
||||||
|
|
||||||
readonly VERSION="24.05"
|
|
||||||
|
|
||||||
# set all programs to C language (english)
|
|
||||||
export LC_ALL=C
|
|
||||||
|
|
||||||
# If expansion is attempted on an unset variable or parameter, the shell prints an
|
|
||||||
# error message, and, if not interactive, exits with a non-zero status.
|
|
||||||
set -o nounset
|
|
||||||
# The pipeline's return status is the value of the last (rightmost) command
|
|
||||||
# to exit with a non-zero status, or zero if all commands exit successfully.
|
|
||||||
set -o pipefail
|
|
||||||
# Enable trace mode if called with environment variable TRACE=1
|
|
||||||
if [[ "${TRACE-0}" == "1" ]]; then
|
|
||||||
set -o xtrace
|
|
||||||
fi
|
|
||||||
|
|
||||||
# shellcheck disable=SC2155
|
|
||||||
readonly PROGPATH=$(readlink -m "${0}")
|
|
||||||
# readonly PROGNAME=$(basename "${PROGPATH}")
|
|
||||||
# # shellcheck disable=SC2124
|
|
||||||
# readonly ARGS=$@
|
|
||||||
|
|
||||||
# Fetch values from evomaintenance configuration
|
|
||||||
get_evomaintenance_mail() {
|
|
||||||
grep "EVOMAINTMAIL=" /etc/evomaintenance.cf | cut -d '=' -f2
|
|
||||||
}
|
|
||||||
get_fqdn() {
|
|
||||||
hostname --fqdn
|
|
||||||
}
|
|
||||||
get_complete_hostname() {
|
|
||||||
REAL_HOSTNAME="$(get_fqdn)"
|
|
||||||
if [ "${HOSTNAME}" = "${REAL_HOSTNAME}" ]; then
|
|
||||||
echo "${HOSTNAME}"
|
|
||||||
else
|
|
||||||
echo "${HOSTNAME} (${REAL_HOSTNAME})"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
format_mail() {
|
|
||||||
cat <<EOTEMPLATE
|
|
||||||
From: Evolix <${EMAIL_FROM}>
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
X-Script: ${PROGPATH}
|
|
||||||
X-Script-Version: ${VERSION}
|
|
||||||
To: ${EMAIL_CLIENT:-alert5@evolix.fr}
|
|
||||||
Subject: Mise a jour manuelle disponible
|
|
||||||
|
|
||||||
Bonjour,
|
|
||||||
|
|
||||||
Un ou plusieurs paquets dont la mise à jour automatique a été
|
|
||||||
explicitement bloquée ont une nouvelle version disponible.
|
|
||||||
|
|
||||||
Nom du serveur :
|
|
||||||
${HOSTNAME_TEXT}
|
|
||||||
|
|
||||||
Liste des paquets :
|
|
||||||
${upgradable_held_packages}
|
|
||||||
|
|
||||||
Pour que nous appliquions ces mises Ă jour vous devez
|
|
||||||
nous contacter explicitement, de préférence par ticket,
|
|
||||||
en mentionnant le serveur et les paquets concernés,
|
|
||||||
ainsi que les modalités de mise à jour (créneau horaire,
|
|
||||||
procédure technique…).
|
|
||||||
|
|
||||||
Cordialement
|
|
||||||
|
|
||||||
--
|
|
||||||
Evolix
|
|
||||||
EOTEMPLATE
|
|
||||||
}
|
|
||||||
|
|
||||||
main() {
|
|
||||||
held_packages=$(apt-mark showhold)
|
|
||||||
upgradable_packages=$(apt list --upgradable 2> /dev/null)
|
|
||||||
|
|
||||||
if [ -z "${held_packages}" ]; then
|
|
||||||
# No packages are on hold
|
|
||||||
exit 0
|
|
||||||
elif [ -z "${upgradable_packages}" ]; then
|
|
||||||
# No packages are upgradable
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
kept_back_output=$(LC_ALL=C apt-get upgrade --dry-run | grep -A 1 'The following packages have been kept back:')
|
|
||||||
if [ -z "${kept_back_output}" ]; then
|
|
||||||
# No packages are kept back
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
upgradable_held_packages=$(apt list --upgradable 2> /dev/null | grep -f <(echo "${kept_back_output}" | tail -1 | tr ' ' '\n' | sed -e '/^$/d'))
|
|
||||||
|
|
||||||
if [ -z "${upgradable_held_packages}" ]; then
|
|
||||||
# No held packages are upgradable
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
HOSTNAME="$(get_fqdn)"
|
|
||||||
HOSTNAME_TEXT="$(get_complete_hostname)"
|
|
||||||
EMAIL_CLIENT="$(get_evomaintenance_mail)"
|
|
||||||
EMAIL_FROM="equipe@evolix.fr"
|
|
||||||
MAIL_CONTENT="$(format_mail)"
|
|
||||||
|
|
||||||
SENDMAIL_BIN="$(command -v sendmail)"
|
|
||||||
|
|
||||||
if [ -z "${SENDMAIL_BIN}" ]; then
|
|
||||||
>&2 echo "ERROR: No \`sendmail' command has been found, can't send mail."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
if [ ! -x "${SENDMAIL_BIN}" ]; then
|
|
||||||
>&2 echo "ERROR: \`${SENDMAIL_BIN}' is not executable, can't send mail."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "${MAIL_CONTENT}" | "${SENDMAIL_BIN}" -oi -t -f "equipe@evolix.fr"
|
|
||||||
exit 0
|
|
||||||
}
|
|
||||||
|
|
||||||
main
|
|
|
@ -1,32 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
|
|
||||||
# Move apt repository key from /etc/apt/trusted.gpg.d/ to /etc/apt/keyrings/ and add "signed-by" tag in source list
|
|
||||||
#
|
|
||||||
# Example: move-apt-keyrings.sh http://repo.mongodb.org/apt/debian mongodb-server-[0-9\\.]+.asc
|
|
||||||
|
|
||||||
repository_pattern=$1
|
|
||||||
key=$2
|
|
||||||
|
|
||||||
found_files=$(grep --files-with-matches --recursive --extended-regexp "${repository_pattern}" "/etc/apt/sources.list.d/*.list")
|
|
||||||
|
|
||||||
old_key_file="/etc/apt/trusted.gpg.d/${key}"
|
|
||||||
new_key_file="/etc/apt/keyrings/${key}"
|
|
||||||
|
|
||||||
for file in ${found_files}; do
|
|
||||||
if ! grep --quiet "signed-by" "${file}"; then
|
|
||||||
signed_by="signed-by=${new_key_file}"
|
|
||||||
if grep --quiet "deb(-src)? \[" "${file}"; then
|
|
||||||
sed -i "s@deb\(-src\)\? \[\([^]]\+\)\]@deb\1 [\2 ${signed_by}]@" "${file}"
|
|
||||||
else
|
|
||||||
sed -i "s@deb\(-src\)\? @deb\1 [${signed_by}] @" "${file}"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
if [ -f "${old_key_file}" ] && [ ! -f "${new_key_file}" ]; then
|
|
||||||
mv "${old_key_file}" "${new_key_file}"
|
|
||||||
fi
|
|
||||||
if [ -f "${new_key_file}" ]; then
|
|
||||||
chmod 644 "${new_key_file}"
|
|
||||||
chown root: "${new_key_file}"
|
|
||||||
fi
|
|
|
@ -1,87 +0,0 @@
|
||||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
|
||||||
|
|
||||||
mQINBGOsRdcBEADDPJ8Tsqr5Z4crmQlNQM32hfufe7gTUrXo0cAL8clt92y1QX3N
|
|
||||||
YyMv0Re4+Ugo7JZd4jsF2Q1twJMxsX5rA12xDnHHcZRSc/E0DIYvPnfLzEHkwseN
|
|
||||||
OK4f9lI+xo06k+B3KQQKMeI/RjVaN6AiSply9ZGaZVeGGqd4es4PsU1VQMTWdclV
|
|
||||||
Bn54HBWUnL5dPStPMnNkt0bMQYIqc5733Yby3qMiUKcql2bl9TYBw8SaJXvClsLw
|
|
||||||
ERqit6FjljUOEeWtB4WZFpjhc/aqcxGcUTPHRrNTlNF0HCvk8JicEu4/lr99pwy7
|
|
||||||
7z6SRql++WGMSG06E4MBtUt+wWAmDDHNj3fdZPnoCaDFp7vxy/FEARB2aygTtu11
|
|
||||||
mLk4XOKheqU/WibWxoXRzyUCuclJ247Fh+YPxkYVG1dnDwpWGbYuRmzUapGLv4ma
|
|
||||||
dnKsQN0KhXzUqkSoybBgV208dGOP7BqdY6TVnyU0v/7XDeUqFEwnllRKMSYLilV3
|
|
||||||
huTifiCFTK45HACM/x2yckx8dyAuYg6cJaAR1yn1iaTexoyYPG9ZFifvMB6ranEm
|
|
||||||
vkmQq1e8/7xiNSQsh5F3Ybl5hh4GVLwsR6esfZsHG0Ve+CitsmcZgWnr0JJ2PZOk
|
|
||||||
+XHxMwo7Gb0/KVH9XGeoXk+eiNNW/kdcgBMkGkU3nWooVHDm7Dy54I5CzQARAQAB
|
|
||||||
tC9Fdm9saXggUHVibGljIFJlcG9zaXRvcnkgPGVxdWlwZStwdWJAZXZvbGl4LmZy
|
|
||||||
PokCVAQTAQoAPhYhBP+vfRvzUK1F+rMpCUaPWta4YwY9BQJjrEXXAhsDBQkHhM4A
|
|
||||||
BQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEEaPWta4YwY9V6oP/iYfZceiA1Sy
|
|
||||||
x9t/7CL3EReuvpdZtZYf2KklBfxEFtzkERV/KKMMpf8mKoGD6BA+ryUc7b4a8npq
|
|
||||||
yvKbSKDHGZW6gAbq8hneW71vRuNfPNqtfO98JbJO694nqX9sIYU2xQn0UIh0G6N7
|
|
||||||
D2bOcaicn8AgV/8cQZfgN9yRM4VhCoWZwhLqgROUqMYfDn3szamfkPcFiw10ToVt
|
|
||||||
c2PIFdqj2soKO9OrF5Ct/pztSGy1f+orDFiJ0AtRlqqRk9z18VB893qspfyd6y9N
|
|
||||||
q7IrQbYsiP+D8DcXYWZA1KURsI4LVQwsudNXokvGkYdnZitVgXI2lIaY7odDou5F
|
|
||||||
btZsCIEa45m7Vmvu0Wvtu/90EFbu9iwbOVrNpC7lLnfJpDObVXMiY1r0rQVuweEZ
|
|
||||||
ZbBcv1NUa3R0SPsPLPKf7L6dCx8gCpZjDVJLsgBeeSEV7XFQiYDbl8THasNTKCOa
|
|
||||||
C6v4h00mg0H6GhZvGMx+lcx8TzW6l3XXRoptHl4vkdE5usLFjy8/JWG3yJ7e2W3D
|
|
||||||
jVbPQ0UKJAnkGn1t+UJB1GP9O4annks0nPfcomjZzaDweIL8zSLPy5R9DGNgYLjp
|
|
||||||
5h/baLoNAOkaKssZrusq/P+BM2tdr3i/N6TK+dbrffz3hNgzSFFYVg51DspV7XWo
|
|
||||||
JKGqhqCgQpkms+NPJiKr4NDs6DdXn0IKuQINBGOsRdcBEAC9i5qcrYLTfeGrWPo3
|
|
||||||
Zok3jikNk181HC3HR7Wu8a5whCe/88GgJDY00sU2zZEF9hN/4Vtqq9FICVXUcs+F
|
|
||||||
5j+Gcb/sqAgwXuwk8LKuhbtR2cnz6I0GCsqNPuj+5uM7MXQlVWeIN5Z6zA/Jw++o
|
|
||||||
aENZHO6cnuep2KDNPUZzjmTHAa4+qXRL5cRXEOmMB1vtA8mm/43c7wicJ7MrZpba
|
|
||||||
mqzmiQPsQ2qfmCABfx8BwBgXCVON4sgtzCa+rYOPScsDtv0pv6uG+h/GJp4MdKBp
|
|
||||||
g3BfShQEAmOwwy3Pt2vo9Rw2s0uJJ9AM2O6tJ3x93YkUP5qj3Etr/eTcgVUiVvSs
|
|
||||||
h2Rrz2FLen3GMAcqUUDPViCy9nEWRAo7iWQgAKgr8WjeGerOmtsYPyjIQE47eX5M
|
|
||||||
Gomx0LVCGigYfkSAFIYzm5I+depmn1qTUyizfklvPr0bA/8Cs4zbqx6Pf6Rk5wvb
|
|
||||||
sJ4envk3dzQRNTH1Vt7Yoktyx1+VX0HFVEaPTQ3JlFORaHYwQQ97LaOZ0VmztE0A
|
|
||||||
5+CIFFdqp/0H7zGPol+LsPgqnzZZEQ2XFYPOy7/gB17zI2eWNWPAQmOdrUM/v12A
|
|
||||||
etnLEthZyALcjjBpJEVIHFnuaabYp+mdotycjDkBNSh+P+8H/UsMSrNVhheKQLB8
|
|
||||||
smzwFcSrAcnQbtiCjFWANTWyKQARAQABiQI8BBgBCgAmFiEE/699G/NQrUX6sykJ
|
|
||||||
Ro9a1rhjBj0FAmOsRdcCGwwFCQeEzgAACgkQRo9a1rhjBj0FZw//fNhJdx55ACvX
|
|
||||||
mpa8wz6eZOvzhr5GWSW5/Qie9nRjInPPI3bJ/jU0S/4ENqFBD9RSvY5F+0xCU67F
|
|
||||||
V2R3a3FFcB81HLIcUrkN0GH6fLcex0Js+grq/U117e2umdfGMKQG0UFJ+XonhtlT
|
|
||||||
foBcBjXPFr2NUaJB2SPo/RPQ3U+N3wMSm0ZbB/Xvxi5qMEb971dfObvsXTkQZvn7
|
|
||||||
b0TvccfHhyzs2IM8pZO3PamTwA5e16/2QqisRX4CeL0a/q3Yxfw4R8RPCrz/l0k5
|
|
||||||
FPdbdXaQuk5s+CiV+Nse7yFGoEoSlLpJM2BpueBsIg92joyOstZRm+tuCb5QefWI
|
|
||||||
7yFPfJU6xG1CMDqIGjXNU1tzSIoReGUBCNrE9UgzBQPPVD0jNM1WdW6HWSVR7jBb
|
|
||||||
+dvAeJNzQjJYlvKLQ383mAiVcwmCWBUp+R/kBPlLMGEpLlspti5fkmEc8xvtCaHc
|
|
||||||
fCLVWd0r2lUFUz+W53r8IXaRcxLtFinz7SHZPrlhaVwErdtlo+5X3kq39Mc4KCmF
|
|
||||||
bevT+qxlgzHXof+WGTYoc9IHkhDrvZ/TWeAUnBPvVn88dsBRtOC9f5wSCK4r9SfR
|
|
||||||
Dnf0lAsLWMpNtt812W8sA82RGXRUBwonZKa7YoGNKSa2vPJcUgmpIiHNtoLWpNa+
|
|
||||||
7pYGN7bV51zyQ1ERaLU5TBC9sPE70p25Ag0EY6xJaQEQAKsxFCb4Vxe8VuUEAKp/
|
|
||||||
RSRNGX/v9KqXVwbnf3kTYq9FMoplZBeqj4LQ22BqRzZ74ywoyfvHHtvkAtCbmrlc
|
|
||||||
8iLQEmicLug3Ibk97qm1lvvHnK9fqFOWh+Tx/omlaiSzEfAFbLEjNcplmq1ooqmX
|
|
||||||
fkI9zcefLZHtUFx6Clw3rwp79d/V5XJDM+2jwB47HfIhrW6jEubUuaXIHNR/GSSd
|
|
||||||
gTYuw55g9K97LhONX6ZvSBhjp4pOeUUbtFuG1fRkjPiObsB54fJ2R32yfm4jV53/
|
|
||||||
YgG/Ih/o97tKV+ishQIrr85SB3XiLFlGhQuu/0a/+/vfGVTbJOzrQrE+OCWt9Xm1
|
|
||||||
4b91MiVSSzXy6TGzPvpNXYR2PQZzVwvz7UctCikaE4gGB0lSH0LemDD0LZIZUwBL
|
|
||||||
1G9mlwFTkMYK0+iMyHFOKeAlUnSSpO6hFYr4GHOxAMGTjHqqEJZ3lBi9SBPc7AEK
|
|
||||||
3NcEp4etuiLOeaSBtqmUs+y7g8yMTrnyWPVxa0l5q4OUitbb2qvWYbaD3O22xYyj
|
|
||||||
9BlqzpG9uO6/d8HefDK8XMNCHlmwFoJj3HJlHJg7oN029vYsXEwBIhFyolAPzIvB
|
|
||||||
jpLKcebq9DJSObs1nHjAyVUpL4ZzRmujFcJYDYSixiqaWc/1aGTgUZQ/JDXcODiC
|
|
||||||
LgFu1vLTRf6hwKSb/vnZP5OtABEBAAGJBHIEGAEKACYWIQT/r30b81CtRfqzKQlG
|
|
||||||
j1rWuGMGPQUCY6xJaQIbAgUJA8JnAAJACRBGj1rWuGMGPcF0IAQZAQoAHRYhBA7H
|
|
||||||
BbTwXPF0hLMgRYefxhvnjx3ABQJjrElpAAoJEIefxhvnjx3ANpUQAIFLkLcx2z3M
|
|
||||||
jV0SgoAYertib9T/OOy/rsfeQjE6DFk6IArrHolZPA9g/PpTPuRwK165n5xw483q
|
|
||||||
BMyssUT9IK7SZxt0gbKpvZ0HFSCwSp5wdSJZymwB4AOcgRBU5rwC/9fFxYihgIym
|
|
||||||
Ig7TH9aWW4hDbEuGJDrKbhK+DpIL7lK3A5WUZk9ltGOpCcFctV3YnVgbMIwX5gO6
|
|
||||||
lZ5Zi6NHJEB3HauVZJ59NIPJ/f0xe5GMte/LXckyijs9ei4WOFOjstiW64EWkOBH
|
|
||||||
El0tj+LUxLznCP2szdXjkDN1P6/NDrY1Nid6/ECOfkh4xO/VHhkdSRAlhdP9FHiV
|
|
||||||
sy3KUUoPH5B805z1MyOI7UYUD/8CK0juIXcbw7isbVUmLf/VV8jEDmq3WWDj8YZp
|
|
||||||
IStn2AvQeo3VWGWUfkf3v7UthKandIUTIGc5isD+i6KvzzbggyyZWNtvb3/1wMrz
|
|
||||||
DUKGlFi/IjMhhElJ0oF3YGsBwz2V2UKP7pPIYo+f5zthc7SbmO9yxAQebEOc3prM
|
|
||||||
G/Br8JOZ90w1dy6CeIYxkM4YEhhG1K8CzD3ZTTI7vh8mwRc92A6HI2NFyxeYJCr0
|
|
||||||
IsUcFQpCyXMtcLRN75DGLIjIKdYrYJuwSiUgcH5FtgkuxMYfJEX9UX8rV7HAxUvs
|
|
||||||
UdIyHLl7k+khGlZa0/W6uCioFNiygnBEp7oP/iSj4Q2Xh5yKI6Jjw/IsfRcsiaac
|
|
||||||
lHc7uF0caYGMkqRNHiX17d5EtaidTbiqQii1W9slSPXmUuUcKfD1xUfLng7TbZVm
|
|
||||||
AdEbpHCT+q037cGCYFpHPMvw3OYhhGzYeh3+1oN9t3ZvyGlvAhkrtssDQB+gxX8r
|
|
||||||
adCpihziFLjm+6IvCLYHEh3gILVFbbhdYDDUduFFjf/snlJW7j8OVc7Cxa7FbPdf
|
|
||||||
SHLT9VESzf7oiwkP5/ijGmHiEQoJd9EWYkGGz+LZAXemBwe5ZnPPWVZvDEQRMe8v
|
|
||||||
2V8pa37vyReaK//O8xxGg3NzGTn9otwVr/4Ti9OxrSzmDWpd967oZ42IZSeSY2bz
|
|
||||||
kOaV8z4C8AIgIA7vWOS83Hncbrgf2nMCXmRjf0KTMm1P7Z0BQDWpxK9lP0nRpVAg
|
|
||||||
2T3/OjJ9KcAsTz02NFC3/kOUz//NcfDP747HsQB0sltIty140B7CfcWk0a0eKSad
|
|
||||||
OxGUehskjyKhO6v3dYF+8oR9p98Q8/Rh8r7evYy2mfhgJd7a9Cchn7612Y6k1SLf
|
|
||||||
nmPGYu3s0lf/k6GoHLfXXQIJDgWeua4ZBr6cgpGONLSvWBeCVaqnk8nhbNIiSBHk
|
|
||||||
jnrcX8xAtoPLgqg0+yi7rZ3NAauZcQE6UaNB+xjJxDOIpgVLUWtFyAG4MDeIh6GH
|
|
||||||
oA9QflpnDubMnCve
|
|
||||||
=ZCml
|
|
||||||
-----END PGP PUBLIC KEY BLOCK-----
|
|
Binary file not shown.
|
@ -1,920 +0,0 @@
|
||||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
|
||||||
Version: SKS 1.1.6
|
|
||||||
Comment: Hostname: keyserver.ubuntu.com
|
|
||||||
|
|
||||||
mQINBEoHZ5kBEAC680PjynWTcP3ZtVfWWL6zQAcD8JoC+c5MbnpFScqtBc2MdlVZu6zED+B5
|
|
||||||
sw2SSLf1EZlfbTPc3GcWTwdiXj2GQKzjMra1MZKUnVOD/uMVkj0ZTszUQziW01O9sWPhxbMu
|
|
||||||
Qr7OD04jQ7TjtBBEJD+yf0HJsDVC7TCbpcNNtmhXByXqw7bgo0rzxeOB3hL88I7AcC7ve5iR
|
|
||||||
xwXoXJYs1hgJMPmZXJmhKb0a3pVk075yMsXnxlOqM7XBk++zodDR03Ym21GLFOu+3DLTX9aC
|
|
||||||
aU/AjXb/udtEBAHv+iVxZChzka/KkYMY+KX8A7niE/UN2PIfhWDTmLLcTyBAOuis6cUqDm2a
|
|
||||||
w0IbXh359dfBbgV4/QLoafcM841W47Menp9tb0Qz1uHYwV6jjDEmbpGgEJRGIqd143j/zGBP
|
|
||||||
xffmtPq1zn/QFVBQNltLiMyclAR1Yb4fksDkt8JGmvI+FwaHdx3dn1VU0hbdYR/5CHtsxN4V
|
|
||||||
P/juUOrjbagp5zBBXLlVIVceGoD0mNkNWPyZh8C3SHg2Y+Q7t+cz4xysQN5BUHL4DX6nEIJA
|
|
||||||
u0cZdBtr8dtkJToYlhSFaLFwZh/XmOgOndSNmeJz4ll29Xc3V2/hCQlllHXux5E79rRNRKK/
|
|
||||||
rSydUzYir755udPWw18+6mPUzT6NDaVDDAwSOLOn99OUJt6bBQARAQABtB9HcmVnb3J5IENv
|
|
||||||
bHBhcnQgPHJlZ0Bldm9saXguY2E+iQI3BBMBCAAhBQJWEagEAhsDBQsJCAcDBRUKCQgLBRYC
|
|
||||||
AwEAAh4BAheAAAoJEESXUni4YStdYDAQAKuwOHT+wDS6vL6Xqp/59eKLaB02lTQuTDFq55K4
|
|
||||||
dK9TNYOTmPoxvgeJigT3pHHfKQFS/wwigkOfv8VebBZAcjY03N+Joau1Vi+Er2VNR5Pt0jAf
|
|
||||||
ApwZqe+8NMAfefculZvO0g91g2lcqJoMUIaUemAqOD/CoAMMXGQSNlX4BLsI7dbvkLLjbPSa
|
|
||||||
wEODAMvuSLilI38dj7wBC30IAOQkOdkB34I/eL/sGruOxYSK7UFJfNU1aD2oQhTkYEQ5cgNK
|
|
||||||
vE325fOx7m/sZ5aAlNvtZ3jS4ym45feT9xrbG2qHTbJiVAhdtfHMXGOU6/0UHJ3+YHHdzZhu
|
|
||||||
0NCWinu18nDVeDWLmkqkZd77QtTpC/zw5s3+t8lpyqUAF+bN80ZHbB47bFphIupmWGDP2ihM
|
|
||||||
NBWBwwFZb7ry27mLyyXKVOFWrYZPrdlNheEjUP7x0GzEO0kuxYO4fyTic5lu594hxwt/LWV1
|
|
||||||
s48SV95dXqpQIRroV8ePZoJxlD4hXh1x23AgkWgG+SS3perIGypmouOdl9CQ3yAYSCfcTKw2
|
|
||||||
dOWOxGubseyBWw3EDlWKZLkrqbBGxfBz8XJ92iCJ27rRhtpd6XEbqhRfPR9TGTliIfaruTLp
|
|
||||||
MPrKZh74Hs7LAhHo0nkwcOoE/iYHhQpNXHMnj0hqMcwzzf6MlSrgJ/VPgQ721d5nTwrjtCBH
|
|
||||||
cmVnb3J5IENvbHBhcnQgPHJlZ0BkZWJpYW4ub3JnPohGBBARAgAGBQJMa+/FAAoJENXKmwTy
|
|
||||||
xCO8ggsAnAzhqo1IQ+3qwCWD9ifx4niyPiAFAKCo1ou0sB38EuQXnWCyp1ajblx37ohGBBAR
|
|
||||||
AgAGBQJQn+UPAAoJEHDzXiRtUx5z2B0An3U1rm/gCkoWtAcsC/IYQ2hMVaMDAJ9ddV8IywsM
|
|
||||||
vnKJ35rfg1PLT4KNFohGBBARCAAGBQJKB3HmAAoJEDIXXA3BAnoOiOgAn2tHyIuAGEY2ctJC
|
|
||||||
yM+C7hmyMNMKAJ9asA/uRkG4wiJwEP8DCnNB7Obfq4hGBBARCAAGBQJMXHEgAAoJEOFVF/Ir
|
|
||||||
CSDAnq0An2xcCMh6H6vIT9rmbxHgGbc8VfTEAKCopbM+QMAGQvOROMfqWJhiCB0fHIhGBBAR
|
|
||||||
CAAGBQJMXT8rAAoJENTl7azAFD0tTz4AmwaE8zBHaUWbUnsYwWXqxavmf8BCAKC1hL9GKk60
|
|
||||||
yXTEW1W1QUm8jIYILIhGBBARCAAGBQJMXzSgAAoJEPmF40AK/HR2eqoAni/Hvg2M4e4vrju5
|
|
||||||
wPT+dONsA9/vAKC1X1c4YL1XiJ0fXpT02U13r9e8AIhGBBARCAAGBQJMZ0yhAAoJEJ94+Dzo
|
|
||||||
xDRhLFYAnihJShfS/zRoG7iTNhgwqyLxGqczAJ0WIP7yfVZbP1N5oe6LwhQsZ1BdVohGBBAR
|
|
||||||
CgAGBQJMXlHCAAoJENoZYjcCOz9Pjd8AoMdNUjbpkScdndClI4EqT7tn6PI/AJ9Luiw8fIEs
|
|
||||||
iD5yM8NOkdykX1LPyYkBHAQTAQgABgUCSttnewAKCRAtDVq4fCU9UlJJCACTQKre8pA3ud/V
|
|
||||||
esa7/TmJI1S1cVWj8FlS/gatvLJndd90i50p9uGm1yA4g8iwMnGdcIWCuRfBlhjUnUJnTX4B
|
|
||||||
QdnUU6HCv9RQ/OlJ99k7vNhswtgoEGQWq1mH1opSviZ3xhMwFTiXISQ12i4TiGSiUfbXItzq
|
|
||||||
yxOf/gtjAMGrfnNB4MUYPrHL/lSMs24evYFR5DgOKDwVE3vVY2Wf2ytWKZJQNvKcm7sxIxKq
|
|
||||||
W3OlW4wzG2IMxMSTl6SHYOqIhRGS9xAj9hpIfD5XzZjl/iHmMZMcuRA1LPxQjqdZ5CeF391P
|
|
||||||
p6vEobkSyX0LyDvqcvy//VHn0l8cRuyEmgrTpdmTiQGcBBABCAAGBQJMdo7oAAoJECI64FW9
|
|
||||||
lOFUIpkMAJ/obi1HblArRgKmxiCIMD2/nTcj/ML3tL9HfZ8bpWZ6YJIUsFRcmHCVWaOaCBMJ
|
|
||||||
omiICZbcot3v7/1p0D/AE57i0IFPZpXXu4utC8B70JjWaMJT22kVi3hvhrChxlZYNZlkXr8G
|
|
||||||
mKhGJpzEfVlg3hp26jbj3jEEGmjJlii7uuSrV1VJjyZaDfTNbgXMbUL/3sISsKODINCLlgCG
|
|
||||||
iVqa6Xc8bIo54zQ1Rx30Ijn/6ElFvBMSdZPu4wQ9hKrJGhrqY9FZ/U0xfaawEzxbmdZKDxVO
|
|
||||||
Xdd/qD3lNAi8Jg6m6qQO9/A4c/Ln80ll8St6MrfLwJ58QRWawTQcl8wSTxouC/ag85VwW1lX
|
|
||||||
FfnulWVjqRAY41gVY2SaBb78A8pwuwy+ixBWGqAyGRVjahNj/uznD3kwQh1DUwjyDe9lV0TV
|
|
||||||
5IpQy4YfXjkukwt8kVvQUL/p9w3/gmPZ2lXBuEgMT/NKZWKszgp/JZ45qDUD8hgPlK9bICRm
|
|
||||||
iQ1KjcAV3mh6dYLwJ4kBnAQTAQIABgUCUipIgwAKCRDvc+baWDa4Gqa8C/9aWvMONUnoDGjS
|
|
||||||
H6gIsnJn0pGQ4zx/SU+Bt8MG0SPbtv8Zu1twofiX7xSV8p7/RmESaQyjbzOD9mMvXwl5mF2N
|
|
||||||
q8IbDhvJmEcCCgVolhM1g1YtF8uM/Az74tNLmI8gsIiX/Er8045jMANp+UozOLvrzx9NpVBj
|
|
||||||
InDRhXt5ZF4YeMdB44cZL2OH8juSbpZAPFAi3Lm39gSMj3eUiUavT6r0Ok7AC3qMiaTvvtb1
|
|
||||||
VU5vl/CcevaFE0DfZQ3+1iXsshnUu6ql2NvFPSn0tR1S8Ekk8NfItbAGComC4BF71MXxY9Af
|
|
||||||
RW21ROLzRR5Szm93E5DirjTC+vfxQYwEmemn9v8KWxMlmFTu08GbBhi54bBb0iuaRc9lf5E2
|
|
||||||
dixJqLU4JVUPxjOk6tFvQHtZQRj7e5fu/lusZ++WKXnZsH0AiRekbN/j1Qh65aDi17w0ebXX
|
|
||||||
lsKc1kqryHNTq4PBrhrKbNBa+tlFDcmn3yUReIxfcZ1Bm3N6PxNiQSxx9Wf6LL/1rPuJAhwE
|
|
||||||
EAECAAYFAkxccZ8ACgkQ8aab5CnA/+7HvQ//dhkVGegUq2TyePOTWBxK7EyLVEZEBr2HXa+y
|
|
||||||
Xqg2i8Fdou5smHNEd0q8dz9oMBEWcZtRYmGKzinGcmxzArdmVyXV4fEkUab9zfL8g6dGxo+N
|
|
||||||
wqoHt9DteuJEURwakSJ7oDW+DlfzxMJ924sg5cuUtqcnZwy73a58Y5fkPaZVf+/HrkadZT3f
|
|
||||||
7fM8pb7JgJSRhgmdi3MfbUQcDgbZ604MifdEVIbXX56ex/9OuthbQ3lp6jHsvHcXPG5qt9th
|
|
||||||
RXkztoyKcArSimHcOFrLqWAQsF8u8PIYNaTKyJO8uRDYjMGcJQv6B8HqV2eiLCZtIEdcoWev
|
|
||||||
Y/oeflGDh0PbGpswAiQzoSxjvVdPgPUTqNnsl/eWvup4govByKV4y8dxgyM5a68a2N2t4ki2
|
|
||||||
TwVu8LpCRzuiin0EvgkM4jKSFU/KPiZemdLq31D6o0dQorx+Im31XWv/H8XoI2jGbNeMVWHq
|
|
||||||
5WumzPhTfgFVajQEc94Te29vea9OV+mlgIDuTzqLD2Je5G6BDqu5EmTlO5sPDJAwM1c2ckJb
|
|
||||||
fHjtUih3Vw2B339NqF+aneOX9MH4blAlX2V5vuz0xtmEcd7Dy6wKjzmX1Tcec4VjDDgtCoH7
|
|
||||||
vWzCeQmlWLzf1tF9keUvRn7eUktyAqozvNdE4fs6+3igdFKoI1RHNkFO45AuFe1goN+uDFOJ
|
|
||||||
AhwEEAECAAYFAkxgK4sACgkQHnWacmqf3XRTUBAAtb4DXxkzn14Qo9JME9KfZ3QA1ZfoNffR
|
|
||||||
PgxHkLX3q/KzGvbQYQc86kh6b/19aV1ahcUBrpABOkV/0k6tASrs9N6V6KBcIQbJwRETyWU6
|
|
||||||
G/rG47h+4fWIMew5XwCzUzvqAD5GDp2XfivDQuVt1Ta2WcEAmKVYNlHYowpnEqxvLNSSbXuX
|
|
||||||
Afe+OK4XxaFr7i4zr8zS6S7NRigAdENCt2Mr4slo0ldnRn6uQ57ixfs23g8LO4/89zW+GxKG
|
|
||||||
PPUQbo9epE4hCewTAyWwrpVz9NxrodvDL6D1W7kY6caiOd5tArNKpwF/GCH/vsGPU3NsFISI
|
|
||||||
+P8GJUwtmM/47xgcteHthx2yC0HUArTV0w4+PnAaelpxzAyqd3KxLLUNJ3vjv3xpwV3eGWSG
|
|
||||||
zd3UZ4AYTJmSlbgzuJzQIwwyxHsA7ypUUsbdrsoQaTkACUOsHO1l/oT4P+z3/tWPuXqUmO+D
|
|
||||||
Ly/pBiCRrV7c4cHMzud/dKBXuAK/gS7VD4Is+K8/srdEJTrPB88zleiLOdffymHtCAmZPn93
|
|
||||||
bvPXUcJk1PiNQYRwQIuIjHJbbZL8rxqVo4NCmi2HwjqMaow4GLEPSEdqEu83LpSU0Ts0BJvF
|
|
||||||
/6UTUEs04zDjSXpAGrPhWoom2jxUllAJq5Aek+f662dZpxVLxzMHWrLly7Fb1WPLbCrWhqIl
|
|
||||||
k+SJAhwEEAECAAYFAkxgNzgACgkQ14hMRxjhj0QJqg/+LKFGM1orBnYv+DZeVGbcPrBJVkeK
|
|
||||||
nAVgX+HpIo9uY7F6rRMZU8BHmxqM66k/tPwwrVzrgrLScK6spQTUjxKbjGkktT+LPVdFdB9F
|
|
||||||
2QdEYCwX1AB+0InLVtrXF/yFFTqlxxgLCRamRziO6w/1QDFMsDdNbIgxErjMb7d0MqRFNlvR
|
|
||||||
fO/ElovAPWlf+4zA0xiCRVbV3tbNl1/ILh41C8gc1VoTYdmUP7W3F6xCpy4MirSkY8LLDcax
|
|
||||||
wF9blsfc+gj8mW5yegBZnEoZchasl1thZ7Jt05tMkcEFTVYMfeReo/5Ww/dEpSfhjhryq5MH
|
|
||||||
0sSBT/1YGwbdgBRVzmocrWtQJ9i22MY3RboKNeAFs/wx9L38z570rOdemtfuXzKmI8jlcfQI
|
|
||||||
BIrE0p1zHE0OzgdfAI/uiJMZ3dRZJXsr8iVWuER97QqYZZkgDMaSHxvuKcNKQol9AbnDWbpl
|
|
||||||
q0J7CBo5si41rXpUIb/18FydC3k2KzjkCAaZs7VUCguWU/YKVw68kfrksJB0gIGqh66wYda9
|
|
||||||
dpJVmjVNTR5bWbo8//ZHQXFfGccWoRImEZ7dD4xKTl1B1ihmgad0H7Bynd0IiORVs5zbdbIE
|
|
||||||
FCwnMjjB5nr4teU0wq20H8CaR36Rw38KgRrcJdSrJVDrmg+A4PPsW3aA1K3oCvREoR2+p322
|
|
||||||
8j2c0pyJAhwEEAECAAYFAkxljxgACgkQE8C1Zno4sLCijQ//VodIvktCD/rmvxmbby+tjTFp
|
|
||||||
yNPRgiIdLyXU0Wfoi0TqzLsATfOluWVpJqSqIQ36g0wYc9T8BemqcBepDhj5e9NpYe4oq5kF
|
|
||||||
IxIJHzH5jHSM32vPVxJU4PzYcZzAMEVWCEBx0CHgW2cYc/Sq+YNq8Y/c69R8WNjse0qOZP7g
|
|
||||||
zTInr4JqL181TVvGHt9Ak4KNakxEVLXGIXVSV9QDDGCpYMkfpEy7pwvtV68DFVj2nHHetzCp
|
|
||||||
3gYi90nsVvk3t8iowNUTlKkxnj4dZ2lFMJfZBBeNev31JLkhyqExUoBzZMDmW+c58nye8Ode
|
|
||||||
hXnvZ9nc0pe2Z6XWLuraYDqNDKGMWsOTG8gCPVrZL5BtHr4Qh5uuAwT44PzkdPCdw9NaHw1n
|
|
||||||
0s47Uuailgg+ZuZgFXxNcRD5A93Ovl6/skln7KyTr+kJ6BsDcdWzcXpgQ62/3ayxgaOEZlKE
|
|
||||||
VLJsngKhcjlINiIXc6t0AVZhAlgLrLAvi1G19ISqNPNBRGUWeCYjC++RCaC7i/vAFWIQOTLA
|
|
||||||
NfCtzwhF+kopF2tmmt0ubapaH2CycmWLr0EIvPUIJ7GAW6tkjjv8tfkn2VtT59+gE1WmwR4q
|
|
||||||
55XkJ8zbX9tJx62w84zkQA6nMnbBQ9nfWY1eThRk5IOXKElyk8cNIZlqIPPH8RVP/Ng9Pjj4
|
|
||||||
+vSOAjkT8LyJAhwEEAECAAYFAkxmx/gACgkQHAH0Q8nJPFo1uw/+Nu1AJqt6ifpA/EaWoDnU
|
|
||||||
9hSYcpVq3mGivwEE08U5/2trXl5fcAe8qvdPB8JIYRROTLSUIsTkERftzxMzsCIb+iMj7bKx
|
|
||||||
5Ip18GSmTOcJU32hin/l/DZlDxB9/bo8LqCurbpEDeZ84zV//F6AqMc0mUyxhdVA/y8gEp6x
|
|
||||||
YNnVHU+AmIxzHkE4n+Rrc6JdGUODOL4iZcewBl2IKcYzRzcELIFMzjnSNbA/uxKE9g1kTa0F
|
|
||||||
QUTTpy/y5f36ykfWWdrz9OZFR81/UlZ//gv+sr1UHs6uMs0QayF2QJW4iF0KX4IQWCcbSRyn
|
|
||||||
iHuOzpmJuTFu0KNmU2cfRFLgyer80glsqicj0MwI9shdtpp2+ulfi2itC/gGM00cynt2WP3d
|
|
||||||
arrohFDOwCuAVWjp5dtENk8LNCK2aYEXlHiW10kaGi9k67AVfrV55p8WVTWcpT9oQ76wafnp
|
|
||||||
jUb6XPou4DM0Z5ItJqvDQv8823b5BCnMeyG61x9qCTMhGMEzDLFFkXalViQtIjsS0tzF+S1I
|
|
||||||
B+dVVvCC0tMnPWoyyqYNqtC0rIS0I+89uQuDD/4jAf6hL7sKLUzdLs8NByjQoV9nIaXEHzp7
|
|
||||||
jBlgAZgx2SX+eK8wF/Lo4d0a0jddX8PRZEjkx0HOhaYcW59tui/ZXr2UDwlTTuyfsSpo35K0
|
|
||||||
+VdJ+mtz8gHZ2lCJAhwEEAECAAYFAkx25QoACgkQryKDqnbirHtS6w//Xt2HPPu9r9Lp4Z7C
|
|
||||||
U1EtWEDzBHZoiYrX8GBjfx7XJqX0kJWAXTHoN9HtGDwCil2bTb3WwopNrFUShR2yEs2Tbo8I
|
|
||||||
j1n4veQxx5japTb9b3gwh/8lRRPCfF++jn9q6927D+0jJde7hx3G/o0OoJP2H04kEM5wrzup
|
|
||||||
1nOkH/L5+bFerw4eYir+hl0oVfrnK40RKSnzy+6sD+FCFwLipOofDX+qVp1VguzwkfAwLTSD
|
|
||||||
PVxsjfvxKdRCj49RbI0Q1svMu8iS0Hu+i6e+pPVgvy2Bh9iPQiPNaGG9IeHy5mnq9T8yxKd3
|
|
||||||
KY0mj6ipuHm3c1HPJln5bFlt1K6mrysbZtxafo+O6XeIUoRNqKi9eyA9udgIdHPuMAypsYFq
|
|
||||||
M1Pn7TLdSnRCyuhG0UFlr/nx3VVH7PLOerxMCZf7ApfcWA/s/iBG2DLpeB698UKOSfogcbWO
|
|
||||||
JW7Dteg4ZCL9zLxRiTZHLsMHnW/aZAAwoh/zV2Kpd6qbrZSyqgn3Pys8kwiFnnf9aWdqXmls
|
|
||||||
oNswHZeh3JvMOgs2QyY9X/+Bz3k1vf4a2aU2gINvL55aRmtgd3VDvWVk41WcRAvOfBPCC9TL
|
|
||||||
0UKbIBT+/rxuse6UiS/lVRNngvOpuUBmd0Zo/PiXxsxq+aKX6FQzZs0HsqAR/Ov7bmbh7Z+c
|
|
||||||
WwE0ZEogPivsD97qv2aJAhwEEAECAAYFAlVxpVAACgkQ2oKDDjzMOjq1exAAo41+8W0VSibl
|
|
||||||
OmQWDesxI8T+Qlw1v3Luf1CexMx9UsEktH5yP+guCeVpADMupSeKis8q0ayOgqXim6gyRjHS
|
|
||||||
1HklDGwUnhUyfDu5VNqy7BOrbUKq32TOqudwtq5PEyohof89/hR0UwfC18hBkumW7NfCmEY+
|
|
||||||
kUkvlAVzVwbSAm1bjkFu3DLD3RKN4d4UG3kFc4tqY0BweC85UvJaFFnY362RLCBV4gTjXVgl
|
|
||||||
UIHXpDSt863NBTtbNJUTIf1tt5sFqknZh2N5UzgtkTz6t4N47+k0VZfxuk/f9MmuDEHAEBBp
|
|
||||||
lj4X+ofPXbxbr2iaAZjT/LjU76tYq7thkbU2NRB6RtDv+Tqfib5z5ecwNEKIgQ6BelCh7pRI
|
|
||||||
wnMYhx3wj2aeY28vJ9vE76NizPWiZpYzD3MHyWfN+kIuSDRZPBhSNLnfA5uUuBQNjS1Ad+QR
|
|
||||||
Xo6CtWZ1cE/7Xv6DCKmk0ThbGrvwkHKJGrpJeaaf8lP0fo0L9cIipqx3NSSKHGe+B7zhQZO0
|
|
||||||
QBlTfXRlErjuZ/j+V8MTZqsmlhdVi+hElTioj24MQJiXfB956RuOM+g4P9v2QT5RRD0C4XaS
|
|
||||||
+KSC3eejZGYEeJAmB0uRztsRntyryw2LF6WxcSyEg0pY+/SLFxMfRIPlcAxMM0SB7HSAFZ5V
|
|
||||||
nQJHc7bBkNpw179YqexsIKaJAhwEEAEIAAYFAkxccTMACgkQ8RQITAhhERF8zQ//R2Bls2xP
|
|
||||||
vxotETrAPF5MOjDqlK6aeOnSyI7shiWWXL+7ds52SWsmD7IL+7XW0t+fwvfEVOb+qNWIiVaS
|
|
||||||
Yg4nvZQnTkCqTnDxTzdxipEaiK0MC0bXmAikBQjZ0iiveOMYOeRx2PWuUOHrymcvJ+atlkq6
|
|
||||||
pk/mycZGpVitnO9crTb17SLsm71k5aV2u7EBCEUcbakmrx1mDvBoi/tSns5y9YEPTc6JcKtz
|
|
||||||
VqbyiSAY5dZSaLc8IW9Aqn533kPyIwYXnbxd8cPFDxDLhIeBmZnVTLURE3517RXZu1ngZEFh
|
|
||||||
pSoT3w0Xg0cgh7eJ4Vmo8MnW3p33+dSHbWRlgrNZcB0PBWZrByS/iS1b9REgFTyU4UeI7lH5
|
|
||||||
zLgPdxPKBvCNObRhKg/dAmqSDq5EHYgWxn50p3TCfhrDrkoD+3seeee+mNARjLP4EDyBF4/k
|
|
||||||
57SqT7ytj9TWQoQuGAodQqNXwMKNcldz4FRZ3rMFrUpJj3uD9x2tlT/3bCVKQ1QcPSzKcEcq
|
|
||||||
zq9AZzjH7cVEbgpKI5zBJlejWB6aGvHLIhYZb4EYuO03OgEDDj9AUvIBFBxKdRvCzeTZOCTM
|
|
||||||
/8oAgSSVmFewEI4E0yNxvZu7wjSV5LI0AiyhwnCWlfYM9Hgxbai3cv2osIK2p5GXbaRykhwc
|
|
||||||
jc4lPrIsEE3At2UzlzO4TTI202GJAhwEEAEIAAYFAkxdPzMACgkQhy9wLE1uJahHJA//a9iV
|
|
||||||
wDsx+OxFu8+vPEXmJCKt1o17+PyhskIvNSXlVPvpYIpqNKUJQXpqBkiNASrCOQSHrQtw6p28
|
|
||||||
9i011TMqmMZsUkjqk/Y3Yzx+SPT6KUfny7qQzGW2DpHL1qILDFMywzvt9djzWT6hmH5LCLSB
|
|
||||||
3aWMHIwPDvtvylzHPIN2XIABSBxnHgeEi+2ZZoLZE7HlQbwsAU7Xguj0K1DHe+urOBYvU0rq
|
|
||||||
ceqiJhnY8b71bwQRhFqVhoFkW/IPp7dujQxeJVvHZQLLNkB4RMqG+kR2Ku04U1Fxbh7oc0vr
|
|
||||||
e8EAYdMfutU3ZRWZ4D8Ltr+q/hxy6dm/bHrpFu6NIxox6KrR8zewcoGDQKI9BlQn8mrIof0W
|
|
||||||
YWNUusb//Vbz58iOh3POcjs7VkD7aPo9R/TaruBIWv77kbjszlQaKKHWV4aIVS9EXW0cPpeF
|
|
||||||
OQUaq91aAxB8Tw0Clx1TfVc/QZJB7/l6k8deXgo/+4JCU/BBmsplR6mG5mhY1Iq5PnuutU+W
|
|
||||||
+sHQRYSiq0EKdwmAaq3AIz7D+rWafv83Ea1cZaMph23ChqVX/e+YVI7rxxYCY1bubd7TtYWb
|
|
||||||
VG2W8ufTwemZBxWFq8HXc9d+Qm3LHV20Qxp5fAoYr6O67XYgQicIFW7f0lJ54igqH67wFjOf
|
|
||||||
zOTHfWK0izIeLVtp8xmj7hbFrXXd46+JAhwEEAEIAAYFAkxdRNoACgkQU5RHndNSTFGQ7Q//
|
|
||||||
YTQ8KFH7n9MYRpb83fTRfkyreyQyTdbcBsQw7R8Tksx/qbidiZZfI2cILweIqsumN2bF+ibQ
|
|
||||||
VYx/PpKEStaW1VQI5Crx/kSRmBaOlipbbfO+A3sbp98hpKMmaIxvV7IhN9qKhjcQR0YGXcam
|
|
||||||
5oVVwjIb2n89nqiS0qnGIUSTLzK5IR8Chob6tpnD3jQAnxE96wyhADedhCVMf799HSoQiiAH
|
|
||||||
TUarSv/HMIws34LRgZ2voFXADq+CE1Q2rBEapwrcDSkEQEZ79LImeuS/S1Be2ritRO+TFLzc
|
|
||||||
982LuHBxUa4MlcwWtWaQQ6PW/c5J7QJz0RiqaaL0DZxCw/Cr2e3MIfTCdK0zPg4A9BrNsQkR
|
|
||||||
/zYmePPTejvbsYpsWbpOknwZNqoYRc4cEaukAtdhZhFUDfL7jfh5HppCIM6EN3ovmTsRhauv
|
|
||||||
LeAI3J7JqrPp2yLDbL43U+1ejsD22+l2rmJQcQpRsdD8KlJX8bD3J0fCRhhIFNABjMmy3e4T
|
|
||||||
bij7ZM3ovNZLCgjHmNa5ASMyS3l/T2Rqu9rh/pZbPWS2hPTlmYTStpb2T+Ax/anpXSW3ZiAW
|
|
||||||
fHGOSjNrl9+LFqCdjyzvk/u2kbgd9VtjjFfpPS8xS1dGk7iIHHQQ1GZXc8s2WB9XkGGpD/j3
|
|
||||||
8bvLJG9EXtqVWwJLo6t/PMOgnHK9dneq4I+JAhwEEAEIAAYFAkxfI2cACgkQeo9J6LY0gL4z
|
|
||||||
KQ//YgbbsU+C4e9A4L+b9lOTh4ICrmYg0jD86oBtjTsomMO+UP3T+mVH/meHWTzr+6ib1vsu
|
|
||||||
Nz85E5OWHeHL1Mzj60gbZSn/PMcfL++kKVCMhJs/HN6z4t/hY+GkafkeZgglnqItkZGK85ME
|
|
||||||
SmpoecuYsExEj9fQaNjHuCOrp3c+B0PJ3PSQ3qTknsOnUwkOgAhgeni1RusUqckryre1pPrb
|
|
||||||
Oy9RrTroHGsbvzfbYEYS8IVoaMP1AJj6o1kb6vomTmWlh7r5UM5iZRcFrKK3qjQaTYr9f8vf
|
|
||||||
vpJZ0GlWT6T4szOmekTnYuZJGOumkLScn66qSihvxXXlurPP0XzVObz7YrZ+GEDNJxXwPJpw
|
|
||||||
fpYZHsuSXv9Pu8S1wjbvL1xq8WEjwd9q4kgch6r5SD4+syLydwLHiBXTc5dfVO5Xs6KzWtXE
|
|
||||||
MNsFBrDO3pgHtWvS2V6peL/yG7RJJztzZUc/IYZWuEJIU76rzU4YK/SC2Vse9lVA3I4s0knw
|
|
||||||
5TCFvZHTV9KIjqT95xOgdlZKmQc0uXSPNrVfoi28JOfcAGnSnRX52KFt6yBrhCBCWuVTZTgk
|
|
||||||
hKSIktI9PPC/C3xyLwxJjz1jPwEomhtnNx9B04W17G5c8nW1yCjxPxY4Q9LCYpMYXGB2Nena
|
|
||||||
YydDbgfA6ua1exRQ+ZkWpnHqsmCLL7B0C/7oTOeJAhwEEAEIAAYFAkxfNK8ACgkQ0V0xOIIA
|
|
||||||
QXMoXhAAs79q+JHo7ulKZvKDkh+OVOXrSh5eKGUmuqK4RJuxrHmthUFkNTsyNBEZc2+QWw4B
|
|
||||||
8q8ka0x2/1eIDqwsKwHOfcQdyMepGiKnGWm58vL5CeoV/pZW/Yzrs6Q13o6/mm02bcxiVlqs
|
|
||||||
ZGFiRaueY2QJ66viPY0TJPlK3CavKKgZQ4xQtfQ/MDg8sdEnu3G/1PWyyHfMVsq7fG6MXCdY
|
|
||||||
TisgHAEyQJXgpCnk1YIuwxZQPKbMhcjiGbkKBMeQi9uZDiDUtY6s6S5MZGsG5v0KTuoBt2Kw
|
|
||||||
XHbTgkFT9wKaQnK4rfMjGtZFuwiZw8MPsFgz2QAR+1s4mIkCbLPPl+jwL+F4UkEUJvpKWcPI
|
|
||||||
AHnDe2q82vOc5ToWfm/C1cSf7cuLi2hGuSKw8JHuJ4hBF5NaMhmsrBOxjS9BC1OrutNvjoa/
|
|
||||||
bBihJxX6pyz6Fhd3wnjtF8f+H2pxu9/9M6bv6lkHZDQxfnt2+muwsRncx/wU5JJcxzxUzcLl
|
|
||||||
wctSMFHmNU2egx6Kw+vPgPdkthrOZjkLQZZj9DZxHK2j2ENAm4jVF2Z6cUHHm5tVTsR7XF5t
|
|
||||||
CeFRNPUlhoEz4zdJiN2qflMY0pm9MjBpF44O8usWrEpUiPN53bIOpbPM08zYZ+BBGPOgxZbh
|
|
||||||
6Y68YUAq9XfVn9okE73HeyLLS/bpBj1QSe6QapV7sg+JAhwEEAEIAAYFAkxh7k8ACgkQcDc8
|
|
||||||
8SkNuc7NWg/+It0T/mHuye7+PG1kQbutyVw69/C7yyZkoICrcQQ+Oh81Ba+DENSKrPVkmt2o
|
|
||||||
U3HR1bL+QbFDjUa+hnLHXh4N9hlREDbsaYdYz3xLbXeGOPDt0QrLn3mdZ2cZrZwLjcqsu+bz
|
|
||||||
5sRZMbKKTXqKkMQaDcJa2CU60aEoH9d+QJkIhOHiqkNvVyrKbiMoGnJoKDppwG1e3+Ri/oXA
|
|
||||||
6Sx3cWwmdVrNlwNAKraTFlw5Xh0RUQ5NJstxX56PN7tMm+PEnY94bPTJHiyzG1obm2Ona7sg
|
|
||||||
+P3DIvqMFIkldhNz/DdeCjSN4qrB2u71tC7xwAneqqLpPuYhpMpFtD/JX2lOhoOvo43n+atM
|
|
||||||
jqIU7xhZ2W0L7n64Ym31+wqqz6NEx+aVp+OgYVJPH6MA6jel3/KFhHoWpdnLJIL3XLq3Op4U
|
|
||||||
tCio5JfouHfuHVdslmKlH/6rO8SFY4VZGF+RZURMze0I6b3HN3WQb9Qv78hg0ZrI4E7JIbhc
|
|
||||||
oQQDIXgASS575vjK63/WRuMDxEpLEUflESKBsG02GJWe6knx5lACdIyD/8kZ6MIV9mE31Nqd
|
|
||||||
zVKv+i7BBomu+ci/4B4LXn5LcPphmGPAvL1aabC7D/9lxLPA5Ur6LHDU08LA7S3j5Z7Iob4m
|
|
||||||
KbS7pKaBdYPLm+kfAlw88bDnPioZwkWSggD5/6iwEN2XseeJAhwEEAEIAAYFAkxh9TkACgkQ
|
|
||||||
dzH8zGPk4neH6A/+PTNKtYOQmFxM+1QJEqK8+4ZOyeIB74wHGI0VyFWRb6Bt6K7OIYAfp8Vr
|
|
||||||
F4kH3DYPqRYWZLyG8Krkff3HUwdgBdrsRRQKN5Q1YwpwpofCcdDY9l3fmlUNx4MQN4Cx9uBT
|
|
||||||
XY1OGTOMHHCog2eIOIkc3sT4xZ/zIcgFKM245lXl+fLvbJId8jZjYFwefNerUX1bucNoaloC
|
|
||||||
drmbUN2OItXISlczLhSZlXcOyxU2Q1DICK4EksZy0y6XRnYA4/7JK209AS5jIZb6UvV4kMGU
|
|
||||||
y0/CBTW9fJx1jZthN4bLxHMSVFHvG8oqRPmr7bO6KyvnxeGY/0bd30nA0hoVyDtKuIAuBYXL
|
|
||||||
nrnjHogjF5sl4LCXLNDmIqbYoXMCAuYrlGaGsLzqGqjPX22yb+5B3zYCB17nCP4/l84auAJL
|
|
||||||
6/EOrkOjTRPWIqsRO+dK8QENfp2zYfWmr0G7xBQPdeDvyFHbY6LO+PwzVfzESGranmiliTDq
|
|
||||||
fGUGT/F6F3eBhKb392zDllJgfeKLt8V00vqaY8jqXS4AB6ze7XkcEXKsshN2atVsstUmjLKZ
|
|
||||||
iSO73irt1X/Cg6SrKkjDgUhwTmOxywkHBYjsot2NSYcrdkYEfK3nPpesB19dgJYzPn0Mborc
|
|
||||||
vJ3ixf5c2mjT1GHIdrp6XEjqLs2zu8dKLDiTJPSV/Q1H1nEasMKJAhwEEAEIAAYFAkxi3k8A
|
|
||||||
CgkQd8b7Q+PTCCRE8A/+OY2000flzIxhqxc23BzEOXWxwZ+tH2r0UQTq8kwZiSsva+NIjN5G
|
|
||||||
bx3MMcT4IyGF3VaxKZRJDPGcK3ByJS8HnCv58OE2iF9sUT2BZJEIfgniHgDA6iLyyQDmM9N6
|
|
||||||
9UVoYYqIWff6Ve+4gPYebafy3UAgUJLHdrknfhE2fseE3jEtdsn9AizP7hc46xPkeuaAD474
|
|
||||||
4jtM8h0zVk36l3gdRwFZEWMsxATskct3hLjKv4R/EFdEgIo8x7hK0uxvc6JyyguOznrwAgP4
|
|
||||||
0LgXv+Ci2BWrf0awhOyuDJ+BiViKtEuzcqgwPR4GgOKkvzti8jkPNAvjCEIHTpWJwkIZ+SNW
|
|
||||||
aaIZVfbZdSTMf3tfVkUJ8tLImtfHwJ9b+BPxpiP1DENZtxmbOsKPKeH1SIGO2BUt/Y+i0KYM
|
|
||||||
rJmhQiL4k62PIRRhMKuYjQ5sasa9oyAACxg6nJMJoeJalJtcE0ZynCwdCFIkhYLXVPAgHCUo
|
|
||||||
/c5Wq20YMW0sqerdf/oLwTHe8Gyru8JfcRS1mLBuTPWQUGIt2h37WMysv4hCHT29N98w6zJL
|
|
||||||
jIGHH6Sd8PBw+WBxg6rpeGH8VVuLfHerB6XEMxoQM7FVAefDUCrHzWUrNHgSl5qG14HQ+46y
|
|
||||||
xxegb5XNGM+ku721W/t7YsA15ASgZi8ehaQ7iSl56TGu8vQCTaDqPmqJAhwEEAEIAAYFAkxn
|
|
||||||
Ti8ACgkQs0ZPiWqhWUgz+BAArOWNP1VqUSh1LpZ2mgjMLCW8cPChtEKI4/RHUElI9r6BVMGR
|
|
||||||
/35Ww1HMcayD+H7WZDXXiBqG/yPJJtmMfBW0xWH3dbo1pEn8IUZd6mWSlbhzxRkVr6AFhDKo
|
|
||||||
4T6QVQQ6nwJg9aBveBAXGnsr9/PieQNsp9IyACxZCvjoEh+2TV6xE4r0WaPKGLai5qPuvzSN
|
|
||||||
2efP1Fl6gtmoxgI0yiLDyMlQZPi+/jXC7qcae74qYFUqih1hAq3EaCfiUNCVCulAEYnzhu+Y
|
|
||||||
qJorF+Xl3vV/i/NT09k7GwvxLy1waPAi93yekg/QwkJMSrvehxXJlPdkUXUKCsgE9o+1CztW
|
|
||||||
iIK37utWFTnkApQaKUyHJA8T++ReyRXDCEq3Mu82ZMQDzsWRhJuWmX7/5MAw/1H6yG0HLxC8
|
|
||||||
sGH64oduKWZIlWwjkox0pUrA/ZkEDaznUxUK0ay0exYtcPJ9uUcmXsFvxCe0SOGwarNKbEjs
|
|
||||||
FkZ/lelB2LZprKk/10BqRg3AzPEix8IK9hRRM5jXK1ZDEYRGYw/c9VoQPf7eMpF52zAZ45h8
|
|
||||||
UjL/q6oAg3egW+ddbsEEXzsAgpcfNKhN/edoUKhQd5d2h0S8IpmPMrwvqrRaRSlOrqMhbqro
|
|
||||||
GQhFOV4+fO6zwkV0P6Y9QSIKibjZDS+QUZPXCLfpKRSYVQlkFwGVeVUcZzqJAhwEEAEIAAYF
|
|
||||||
Akxsv4oACgkQ5E+AFtNjD4l5ohAAtgotU7QYfbvY/6b2DKShrm0guTeROOi1imRMfMD5Nvy4
|
|
||||||
CazA7qm07G9Jxo/yFYHMaXXeG02vx0pSb6Gbx9Z/jtwrOALmtIUAajTFmcC1Koshn1KAlqtV
|
|
||||||
FriWzwAz/jYIK8BL8Db3LCgGP0SSyIaD86x3VXm4JE04AJeAtFUikQwBU6iNA8Mue0rmdIgz
|
|
||||||
vQ2Fg7qk11Nafx4xT7XU/K4BAy8U+6Ai4F8VPxdh94zc+Z5qVd5lRZ9fYsdzztYoc8xtOzjJ
|
|
||||||
YzDACo6j6covoSD56gQi9htJzraPtKaWu+gz4P0ijZ/naX/hsXlOnZ7IQzaByetVgXoU2Hg5
|
|
||||||
D6UN7YCrQ75TB+Q7Mh702dvihXCr2smUkBOBnEqKoxrLqLtrDYPLw7ELuM+bRzZb2nfBYzh7
|
|
||||||
/o5hEG3NO1rXIQ21cYvfPSggkI1fq8kOsWbd9uIXR4iHycohZ9DsSW4iQ7+IwVu1Giypf/R2
|
|
||||||
Fpz+cL6aGI5DKFRBuz5ucjyhJrl9wes8v1hsTDNAPSbOyd3I4PHa3N4gxWbFvV6TZfSwHKm2
|
|
||||||
fot2bglB+n9otZaPBVnHdsntQsRnS6K7Ptft/EZ1zJvWJcOnAjZEtj62mbrP2bQ48r+wkWy0
|
|
||||||
LbOoQZ20auH/YaqOO8ZdA3QGpvK2GCfYB6JzD3bQomsQWMlaAkx1wfFQUBQ5xtOJAhwEEAEI
|
|
||||||
AAYFAkxvKsUACgkQfFas/pR4l9iqyQ//el6hebIh5S7ekU/6R/msFAmuluGh03OAMYa+JwUm
|
|
||||||
YqXR6iGf0Ftw7XgYJt2NiY5ZtaOULtZe3zOslFio4KRAwjKgEOzSzEDc0wFtZnj0/LlSTk9c
|
|
||||||
zrrymcJQCAgKKV4WTffgiPpzDM1ajaHxY0WQfYJng/5pVxWb6QXjtB5mupf4T1Yv2blWAKpK
|
|
||||||
Fw67Fz/iN4DlWil21vx3FgpAHY+7JVB/129BnbdHtbzP2CiQxZ9PoQt40bhrinI4cHyPHcHk
|
|
||||||
EPKBD6GnyuyIoPGYRsILp76rH9vWQJWtY71DQwlB9+w/JTVP3TRinXJ0BSBvFGNcP4hqY5b+
|
|
||||||
8tKmSBPJM0umER6Q16HosZtI+8rY+4yvaHjtEIqau/AdBnCW/EBeG1YyjDOQAQzVdOR84PLf
|
|
||||||
Nyz+eqeZI17fZtokRjTg41J2b1+F0GbUOTQueqzlTK3spWYrPgDe54luHoYmgVqlsj71Zv7F
|
|
||||||
cWEf7L9RdcA7sqCQXpDggcOTRDVg+eR6eCLGJetBfq4fsX0ae10TRh/pGut8Vu6NTcFGw5c8
|
|
||||||
vt74h+WFIXPknpBeKl1HcKUXTLJxQP5CDrZF/HzUaLYI1SaKv1jVm36gV2YZvuZQyim4vBgg
|
|
||||||
V1/9K1EMgUW7GRnQoOpQP6zxFWnpPXPY3TDvdleaqeET3xET75mGgD0WIUreBaKjp+CJAhwE
|
|
||||||
EAEIAAYFAkxv+OAACgkQnQteWx7sjw4tUw/9FgAffwwit35JdS4S0LQqmkmGXlMvfZEkfezj
|
|
||||||
GH6ITG/YWri9QE0ktGJqyCbP9tnL3WCno8bs90tmrQyagjbp7EsADz8L36vbYrOU72mNHaeL
|
|
||||||
qbJcCoztUSWAe9aPJ4ESwTXbXCkl8xE0fm1zTF0MLq3T40Qqw67oMTBygYqhb8zeY43bKOzZ
|
|
||||||
f0fBLqFE8+LTZDEk00Ucc72M+W+J87rdiHUuJDFdAZbuAvBGT9p1YNkcqaRWSmgRddJ9nBTD
|
|
||||||
a/Qe9IBnAXBblouKiVvSTGpcyAyGKJ9cPtaviCLRXk17rGli43AymorBdGPpliZmMtrInMm4
|
|
||||||
FAhSoU3nwB6b8oI5gMh46Dze05PYkVVZylO4Vo2AILUkeo6tagy3t+BEFAmonnpluJKZkfcY
|
|
||||||
/FvvoaT8oej2U13tXStA0FXMOJd9fGLruJ+yZnAFPrVHZWA3ziyO/u9iprB7ZjqrT1OM1Nob
|
|
||||||
ZP7NwGxdqED3AYJAb3H97s4dMGAJO3WzGgHOfuZEMsH0/vIc3nWAkj9jsFcDxJ8uTVM6uy2R
|
|
||||||
oIfBM3/XspyZvm2MBTuEJvwhXW7JTnxsUEpZ7aJQVJLT9Z8PPj7rPLJCkDQsdwBw+e0heTl+
|
|
||||||
BspMqppnKw0mXmrRfnqGGxgLtlIRn8bNEp4K3AVuNP2iWp9rMSVPg0qLGSFgEH1DtoN2DsiJ
|
|
||||||
AhwEEAEIAAYFAlWS7hEACgkQ66DGxxwAJW8VIhAAtBkHOqKPOA4A5MKAzWSIYAfX6FiUfFaI
|
|
||||||
Edwqm5ZmxHItPQk+Ze8VN8jUEzzArrvGOZnctSZy7dMgT4WY+CNy3FUtg4WbmuvflcvCHlSr
|
|
||||||
ontSVeFjxL8qhkBgUzaxqohesB899mszzDyaM0GMD7FKt4UisOV4K9VqhXKHBhcKi0foQKgx
|
|
||||||
+VMD35N4+SqgSUF4+td913DNxdxvF5BKICwp9edYv6NpP/u9DMqG3lceVCy+rR3VEGTsFGNa
|
|
||||||
HpJI0Sny797FR3w4k18wKQGaGwUtdMz6GcmhnDxgiV2V1StLloK6wbAVA4YY3BfE4l7XmJZS
|
|
||||||
bStlL54h9tffDi0Dj1oJkSKXMdnI8FdpQEvGTGP9ARUz7MCxwiRzcJfOpfxATt3793o6fMLU
|
|
||||||
2dOzrCCl+09bgG5+wls8nda2RB2RE1EHksoaNyz4OGpq9seYGe0qhNLN+lvIJsv1BaZNdD0s
|
|
||||||
CaF+xbUGCoYQgvOh3DCiZbg+Ao138YEQw9eKE+Xifi8M36IeBTdq7S1OcRCwaDMmVchLFT5X
|
|
||||||
AHmFeO3L3zCO1C95WmNsFg04+4avHqgOp5MolLSrOEvKTnFW1Ebv2BJizs45d28VAI/JhgPx
|
|
||||||
T0w69M9Jpybd+Cbg93fHTXclLAPyQWXzhlfDPmKhukhSsG5JXIt0gyBUsq6lUygyWZcewBwa
|
|
||||||
uy2JAhwEEAEKAAYFAkxdthEACgkQXTKNCCqqsUB3ZA//S25k6cAkZpIddDahnJxDIon8VWhe
|
|
||||||
JzGmOMfb+hMbQ0y7xeCKRdNBa5yw3LKttLugofqcrGV3V6lmE9jWz5hK2we+ZAdCo/wXUWuL
|
|
||||||
FJQW8WKY7hmDBwxROJ4jgC0LTgeRZhYEvhKpCH/rtSQuymstcTJd+5jkEE2FU1AOsoAOsaPx
|
|
||||||
1DAb+uqSv2VefP/TG4sZ2vg0fdEuJd1+SiuTTLLEAnsG2yQT9brcXDvXPOckawFAM1KOwk7S
|
|
||||||
fkYekg0iSA4Ii9RlXOhpxNcW/zZf3WuS/wrCCVYoY6OgH/+rp8LkBG7hdeAfRsMjozqtBYUE
|
|
||||||
JwPSvLfRnG76neTa0DSi1bigpOMvHDIeATuS/hR7UdmTkSMwZ8AvQBOaSRHobjQwjfDY7WYM
|
|
||||||
kvErANQkevWiWA4WshsS/MpEKxiUe6SGlLVeJZfX1dy6Jmh1WzswqoQ9eXQXX8zBltPAfKFs
|
|
||||||
KRmf+OpHT94qYZsMhqAXOd51joUtCBmqeuzvdp9KM+R8cmuoPVqmZ8ZMdMbD2dQUap5yVxw5
|
|
||||||
yO3CfGMXGPGfvA/8fOav/3MwWXUL5Zqv/ZhdjpP/ZNEB4txLJk1rIg4kjKrZxz2PggbMcCGQ
|
|
||||||
0uf3SBZa6qXPVT0KbMjzvRKao473eNX2OPqk+K2hIYuZTVhAcKKuvN8qQu+o003Kzw1SWlLj
|
|
||||||
1zrwaX+JAhwEEAEKAAYFAkxeUcQACgkQORS1MvTfvpmBNg//eJFnqXakbedse6wPpmk56CxU
|
|
||||||
47abeG6ZCu/0FTwhwnagYfGXUKGTCepVjI/wLpevVeoXDbYmrUOT9zxqIL2Xssp/wz3Qb+HX
|
|
||||||
deft/drFmb4XMrdUGwi+N1nhvPCXjWOtyUrzuYXnpCz8e0vjSfn6RpJ6qdgTs3Psyca9kPPo
|
|
||||||
1Zgx29sumQMx7b0hcmRbSxNOmm/vGCpJKb43sHsYN2ESMCNzazQtpbt/HZ/xA/HqJCfEiKJm
|
|
||||||
GUQ5rboqvhpruhbUFnuLIpGRvLJqE3kRm2iq1XfnfjXqUVbX2aHxNXcNKa601Yla3HGisEAB
|
|
||||||
ILGvCRa12hrmh43EPpwLCnTOIB3Sejndl+8waKd0smV7Ox0oT1nSo5MHl/VtVLJzPnCX+EfB
|
|
||||||
bzOepXJ5HRRsX5sHOTPHjJTOUuQvzfKen5nAu6iKsQnawpwQvIN1C7/OtEhqDAjWFr+eqG49
|
|
||||||
bqN9a+EKu53bnXqM46N0/kRWXJAsHKfllki9e0bRKV5rIH0grsCN8P8qq5003cp/owAyySX+
|
|
||||||
Pu9jFs9Hw4nGmEkuZPYXkjg3wTYClaPjrmbKfWXgVl2BjW+N7xU1yJZaAJSpd8vqGtLK4qz4
|
|
||||||
wk0CrGr59EHPeAE9fAxNg+oonDQ7YcuDnHkVY7LNpIGXQkChrv1YgBzzAN6CFBI8GgG3C5Gv
|
|
||||||
bYCj+NsHFyaJAhwEEAEKAAYFAkxlr5QACgkQMiR/u0CtH6b0ZA//atTqqwPfQWupcXoA/doN
|
|
||||||
nXnBZDHUePFkCBan7YHitR0kPBVPP10dRfyd9ShKs25+DgAFTr2JKKk4ofc8ib+2SB4rTPIf
|
|
||||||
gvc1h3GgtI7CXzuwKdcHojmOYXQQsLaxcQDNqEJqS6oGh1oHd8DQJTn/OiARVUvxi6LkioOp
|
|
||||||
eE0KAkUOfZfnROz5E7ox2ImvMNvhy6VcD6q2q4E4nuWXaSVw13/MqZ8lGHRhytdrVLvVndSK
|
|
||||||
U9EP79Tm+nIRwgqeJ0CttcSESoKLngTAvHSwVpiMcO9rLfWqYZB6FmhEjCyPl7hV1e9jXf80
|
|
||||||
PLDihKscVEroxww4nflbIFOPsKP12vXuQs7cQr3BFE9yCowLz0X961WM2V4Cc6o6txY1MzU7
|
|
||||||
FY7mFrwIy9b/WNLBXJUB+dpnKzmY38ECLJQ+gTxahgumxaNe0wQclIrkrnGLszOrIgLyVAL6
|
|
||||||
/qD2qUywoNb3WWOHg6fOabKfTF3zBdzSYPNRXbhWNxt05EXARXRwYR/mkwpAdT3TUgbGlOcU
|
|
||||||
hNAqmtzEvT/Q/Cu0nPvwXnJ1Foix6S+zrFAM8gs6zeUc8Q3k0EQvi8m54jILnt5QqYFSGM40
|
|
||||||
FLgryKBF9hjwcPN1Hu1Qij8Z3H9MllV6Df36YSgKN1XpG3Jy9ktJcHvQPgHYVmXNsmQlmQxE
|
|
||||||
ei/ZYehdgLeU0Q+JAhwEEAEKAAYFAkxsD/QACgkQeFPaTUmIGtMxgw//TrRErKK8vl8VnvHO
|
|
||||||
8TK8KAMFi/GaRM0RKze4nJp72CGSrY5/bg2jAlS0hEKmSirlbLD8+U5/wWa5SrQT36AcyXYm
|
|
||||||
I3weWgzNSvbCS3N1WnefhlUhkaC1PRMX3AI7EqwyTUX7o8Q8A/HVTgbgHnIKxO1y1EhcfY1I
|
|
||||||
WEvA1wTR29928n63dmy03rKB2cJvQupGd/xRPXBx55h79NlLOJOadlYsUrk3B+RWBZHsn7xp
|
|
||||||
wWXn+38fwuIFs7DJye3Eh1ceDootTd6wlI7Km8Nh0+bCCVbeInxp3THavrz1ohGhQ8O6AmPx
|
|
||||||
wX7TN2EakX5mrwePFgHasLpgciOVRpDsaoQPF7taQg+d7knrrgbD9Xf6JkDl9/sxnlZ//t72
|
|
||||||
eQR3X+CGQFmfhl5rw+h28FkPxrFO+n6nk6opm1z1n8FFjQnTzFxp2taqVs3s58ondUiPWb2p
|
|
||||||
E8HOHQX9b4iYY5x6hrZehkSwoJOlwGssiJZSa9eCWs+yvJoJOG8yHunh48o91gY7kaqxGT9o
|
|
||||||
K+2MzW/uwh7ztZ/ElJj4Vg4XTOqHgSDmUKZjA6e8Z1xuXoVT7D7axP0NvgIj1jjeCD1ncQsf
|
|
||||||
Ay6tynZm/+Mz/PLwfe9uYGt5ZncwY9aKZRr8a9sUnaaIjeq7ywugKfQyxr1v4sjcQqELKfsM
|
|
||||||
NLrvOMjw2eLg+3UC9p6JAiIEEAEKAAwFAkxi3T4FgwlmAYAACgkQzNLtlNIXOemGQhAAo5Zp
|
|
||||||
Oa83tEIyfPOcj7HkQPTutAs8H+kgxzPMLYFhXSYKLPMsoH1TGMFC1JH6PjrzRdk6g7jmoUEK
|
|
||||||
2F6EL5QpFFKFNVWahRWY49F67jryslVdeZKvFMEY0qjqsJ9nEBIZW8wJ/7BNvYmZxBlWq7PU
|
|
||||||
0SKbbGNVexMagwctygY+mdnknS6vI3aom/yFByVcVXIdF52GJiAWA9nIx/poKS0ecCd4UuZr
|
|
||||||
eQd+d+x/z4Bww5E62k2mB9d+VDik1kjzL7bXfPV3+bWoyBmfl9zEYgNnQ3ICurKztkRmu1/k
|
|
||||||
1+68wHfU/0MR/1nJ9DkEfBi9Z7T3shtCiU+993wSHPeKgurkQwn+wzkthCNRNs3kOwee5Whs
|
|
||||||
/zD/dyZgH+lrJDHmW6C8zaa/K6Om9+AacXLId1xjQpmmkO83Tkf9qQvtC/UlocllGxHo3hAJ
|
|
||||||
dfxONF/jwY6Zs8NvRWPuswTEQOLCLeww5AhVfapOLBhcG7xZEye6VLArPNq4OsD2b8NyCd39
|
|
||||||
GxtBdxR6/8OQbGoEmrYf7aGS+ga6oygj/+ut1M6w4YkQCbLd+OjL2ZUG85tALP/1KdCp1pTg
|
|
||||||
YW/TmF0BeT7ICa/MmZeYyO0DUKqvsbH7Dyk0aiYgu+Gm3ob6JNC7MGadUkWIyjLUHkPNmnXV
|
|
||||||
rGT4KAkRtX+cQl/R+rR+ewB6RErUtCmJAjcEEwEIACECGwMCHgECF4AFAkoHaOQFCwkIBwMF
|
|
||||||
FQoJCAsFFgIDAQAACgkQRJdSeLhhK13PHBAAiyiTX8GMp3CgLyIiieHJnBIQS5fxBICbsSrO
|
|
||||||
j8OHWnNAVwkiRbtXZQ2g4D4NvyGBuPN2hskjuGOj7aCsqpE4Ln23RfBTAI3fF3JgMGwkqWh3
|
|
||||||
9a7Sjnw8DwxqaHB3zfs2AvPnolSUNyzc45VslNsE2j359UmvwZAGpqN0A1GfobFMWjmt3QoD
|
|
||||||
q58C8EyFOWx/Mzcl0qUrvGRbQjQ8najAYugpBjdRZ0MzGfro/pmoETJnTgrZimHNXvDtSTmZ
|
|
||||||
HTVYYbxj/99Iw5DeYschcK0yvbPFXGo12ndRrEs270LpOMmBpdBaW8bCj2uzATQLZbuaM/je
|
|
||||||
py3bzEFcCHUMkF+ekIf9zp6IUkSc2B3kkbQmVJKxOeiKWzCXvuu6pU1nRqrG/565CRkwWWol
|
|
||||||
p4TvlktQgHSZ6CoIxzDnYRE0eiGpsLxA10nE9VrUCjME5a+AYLQxj7ztDdDfb5r9Lq+1/bUN
|
|
||||||
gtiiQ0fbaNVXXe14+daezFw0sCGB14MWSPQz62rkG6piKB4ZMilRijiicWg/k/Rvlbi+QzH3
|
|
||||||
PGhqaVOV0JpCTfh3rolf54x3JN3bdlW8wcev0DLPJOAuhv8nXoBBdilH999RH0lGv1NzbAIy
|
|
||||||
7goaG+XOe/fmxiZwhUQhmTdfFnXEtR8UL9/7+dv9nfVY+kIZIdSN+Sa5+pGs7bik8dfi1xy0
|
|
||||||
IkdyZWdvcnkgQ29scGFydCA8cmVnQGdjb2xwYXJ0LmNvbT6IRgQQEQIABgUCTGvvxQAKCRDV
|
|
||||||
ypsE8sQjvNDlAKC18LdtboThQEnkx1lTvZZSZfApWgCfdj0UAdJxB9OLNqm3L8ukPYl8DW6I
|
|
||||||
RgQQEQIABgUCUJ/lDwAKCRBw814kbVMecylQAKCzW0oYdLbYjN2+VkMFlr9WWoeWugCfTyfX
|
|
||||||
Czqy8U9NJX0KMsEsVBmwB7yIRgQQEQgABgUCSgdx3wAKCRAyF1wNwQJ6DvPzAKCBblkNp8NA
|
|
||||||
k+lQwKAeqyjGAr+kawCfXlAQCvjXpRb6fYYu9X0S4r3gdfiIRgQQEQgABgUCTFxxIAAKCRDh
|
|
||||||
VRfyKwkgwGBWAKCXP+R5VvROrrh366WPoeX552dN6QCbB8aK562QKVhd4OGwbqhHAJzpE7KI
|
|
||||||
RgQQEQgABgUCTF0/KwAKCRDU5e2swBQ9LSl6AKCpl0Sd/zaVE+rXCmCg9lF4Z/DyJACfVE+x
|
|
||||||
FXdayyRPKh6cy6g1x+KeMQCIRgQQEQgABgUCTF80oAAKCRD5heNACvx0dlAxAJ9JA62AWyTp
|
|
||||||
1xpVLyxGchSp7G1I3ACeIJGHywtqpfbJfG6YiFjt2C5uVVeIRgQQEQgABgUCTGdMoQAKCRCf
|
|
||||||
ePg86MQ0YfqTAJ9hOim0VRfs5+pf6rsMNStUWZXksACeODXRe1BY90f2o28VOFpxoDQMhZmI
|
|
||||||
RgQQEQoABgUCTF5RwgAKCRDaGWI3Ajs/T8IZAKDCaii1ecrI+HP8NT7zero94/RE5QCdH9zl
|
|
||||||
k7ui4NR8EuEegYPvqFw7cI+JARwEEwEIAAYFAkrbZ3sACgkQLQ1auHwlPVLxQgf/Y5PQaqBd
|
|
||||||
FXEs9QkD2Ei7WaD1AZkGwpICpVmV1kA724sJ0uXgLavd1E9NtjhMVKWYwdjEl2556oZL2i/H
|
|
||||||
XfRz+VgRcysjLM/ICcGDxy6OygziguJRpwBWk0xMowNgWFGIDvTt+Hlc7f5UnBrSE4hGmWHQ
|
|
||||||
9Vxc4qFiADKL5IuiLssYgJY31xkwSyWcEnUe8WolOb4BOX7SLuuTIO6u/Ud+Zh+N3o2amWBn
|
|
||||||
3l/OBfi2lM/TTrjFEiJ0KOfyutiGV6a6/SkfGKBzhgdzWj4M8vIMthxFAapU++3WXF7qNQAX
|
|
||||||
f50EN2TKXKHgmidfpWFqmbPhIkEaoheUYYOCaiaXY/IKgIkBnAQQAQgABgUCTHaO6AAKCRAi
|
|
||||||
OuBVvZThVI98DACKydotmw0GE4sNu7CHhGMZJqvSu2MSMK7IyjoShr/JU9PO9yXEB6TQpfLw
|
|
||||||
E5b9bso87SouahOJV+bYvBaLx7JTT0awNSMRxlGnf4il8F0FOcl3RgXpgv14YxXxs8KJHLV4
|
|
||||||
GhHRwVxzJu8hdNltsTJ7JjJQS3kUYjBpIfJlyp4yNvZvUeRQJWTs1l31CkPwU6fXP6pxCP7s
|
|
||||||
loh/zL1zVGY2q0GrTkFlrCJIxceiPNll44Rl4PrIMTmBQHVipToRinsrFbyD5QTAjiorVol2
|
|
||||||
il078fK2IeavCxtRUR6jTiHx4/IWqt+kPycq11EK4bFMKQIAJeF0aBoAX4fWOoSPIFWI/Nz4
|
|
||||||
m+EecHCk5frctfxNV6VAB5Lf4XwjEho9HFZwqmSQ9snMi3zrEZnhnrCJ1/Gs/ALt9vu0Z6d2
|
|
||||||
ZoLFgxW2hdOyaXrE54rMKillYoTLZ5d8+uTQVoN8XFz5SliSNb1tu1//i8U9Y1tpSUUTD87G
|
|
||||||
SuNV6q49gYSeDqZ54EZEiHeJAZwEEwECAAYFAlIqSIMACgkQ73Pm2lg2uBpHzAv/dOSlPdQx
|
|
||||||
6o4MrM1lB6imRf4KPTmjkIwnO4N5iFrsZch+BNJ64PdGukhuAi1EXY7LBJlXRO9BPxdJI6IF
|
|
||||||
R91ELvM5VzNzZDdwZVPDV8wJwkpBTQTgNJXCjETePf6adpQ1ORMm6Kg40WIH67BLBN993Bfz
|
|
||||||
dQbskas89BxmEdqaz1eGDaBTHO2N39jOG4vTNouatsTsUlDxCxNW/razg0uLgMPpL8dJpZ0B
|
|
||||||
4cCi7z/+r+OYrV2DQlJo6Cc/vieROA2ElFa3p9unYRcuY4Mcn6Hl4gA3QnuQDsn00GPDTqBG
|
|
||||||
OEvhjcrHghhB0WzxAu+lc6te4vOTS0OCVTWMNU/ROaG7x8vQSFqaNWxEigkVlRDofxsyGQw7
|
|
||||||
CxNS1mwsYAc2kbA84N4OxMZ4sHkLnheoVjUYaXz3JmLMnlA0AerkZVQRfzm/+rlEwLW79G1G
|
|
||||||
tsVaRP0WmG9/nNZXAr2wfD8menJAIV1lB/pCSkNlHmEM4uGFAb1lA/EENQS8sz8NvvdvLNYs
|
|
||||||
iQIcBBABAgAGBQJMXHGfAAoJEPGmm+QpwP/ujggP/1V5FTQ8rwB8uw4u7Zg5EEta/aM4E8Pb
|
|
||||||
idUJ8KDr6p5Zad+hGWCPKT3nloPbN3iaYXblmxDuAYhHl1neH96tWYU6vygmiR2Xo53y06tY
|
|
||||||
EKQbdIF3+pfOCSFh9NnFlAqw72cMWsL0VqSoZL+SgY4IojwupFWPNIJbB0JaOSW21kFf6/U1
|
|
||||||
juAbtat4J8+l4j8mNgWCUeHBENN78lYD506VIuuJRlsWiUBhH0unzY33A1BoJwyXo0TmL3wd
|
|
||||||
0g2JIGT5sJmpeMkMlKminVjZCcY7AzoTS60QrCj2FCGBtfbUOH9OQvBojWOPz7ALmKj/aOl7
|
|
||||||
3UtGnvlscJPeilteNQFWEib1e85ufAG0Ry1AEDtR0GsdARJhqiG6jRn3v0lBxfG2dVWbHrFq
|
|
||||||
a5FkUm73c9r+xjDC5NquWhd4GHyG3IgVPMvkw8sciL33o9A/XhNdjQiZmpok77nswvbuNOEX
|
|
||||||
diQVnHcylh7bNaoXR6+3R8FVA/TThpW2EjxIg9TwAPfJFKWV0SWfyJSOZLFOiEYDEqBI190j
|
|
||||||
3WSJNV+p0+lN8CDu8jFHxehsTGOAALCSQq0mZTKJJh0GH7d2YD5BV9isUvsfne52GLx/xmoJ
|
|
||||||
+cKJfszaWq2FoMhIPD/tnVYA/LPodylTRC6/8C0WIMR0eAaF+ByCoU7aEMWJDEJfX2MoyQHa
|
|
||||||
fBV8iQIcBBABAgAGBQJMYCuLAAoJEB51mnJqn910WK8QAOJQVb/ihBQC0IsBpJwKyOH5B/XI
|
|
||||||
jwE6BeErvO0rnmcYTr57AXwKNYxOvtIV8uS8gFzfaZJM4YHsF5BNToT3l2UIrWGK+O5nUL7S
|
|
||||||
UM32plf7QPI/NSfyCtBxKWfXgbFQ8X/oNdwq7HMzCtRqZDoYv5btUajFsTP8gykqXqH9Ry4G
|
|
||||||
hCFmnP0UNUWwTq4D2/bImt+iOOw4C7MXyROQ8aZd69aUsAln340L7rXz/yGTGvabdLXKuVDE
|
|
||||||
QJtiZ1m/bewAw3A7zw3mKtMAA8Em8EJuTfmFvVQEpBBdacjwIn+ZpSzuY11arLIWNp78Yegp
|
|
||||||
mFsuCANZDr/V33Xxo2Bb+4cbuOzSlXw+mOx1WYo1Fkj5Ga2IGkTbijqByIPwnCB03T/3nG/u
|
|
||||||
hde1SS9YGGNL17Z2qDOlNtufKsbfPJf9xtiEN1vJ2cbOEDD+WbC2nvJQju4t4WaX06Kyok6b
|
|
||||||
HPqupuGSOaa9VMYk6TzPAOG9hzcD8SBjO6S59z/qtGNqKZOcTWpeXWI/4qdvWtAPmafB4fVt
|
|
||||||
2XS+vOwn1c4gNQFK+nCatlYywfuKxoQqGC+i/ld8wuniugtOjX4XbK2HzvuKMuCo0z6x/7Nx
|
|
||||||
pOJAOf1jgWuQWruIt5VEULh56mhglEV1vL93aCUxOE7kKAcas7Ojbve/EQruWlFbzxJW6VgE
|
|
||||||
1ncxHX5yiQIcBBABAgAGBQJMYDc4AAoJENeITEcY4Y9ExdYQANMHDBB1HSdVXEmkfVjMgW5O
|
|
||||||
BF0AphUt1r9ptI6NvzcuJ5lFTIXHDa263UBRpHb65EgaHYqKC5LKLSXmUoKXcTU9fBLWFRYG
|
|
||||||
N11qVpdoO1WSD7R7U7ZDbix76ujLCfOtPlqrh0TzHEzE3U22X3hxL+rHjDbvrLQuEhKbVYaB
|
|
||||||
WaY1THCJjB4SA4YcWOXUNNA1i+baXlDw2XKqZrEriv+zARTxlF1GzpXBoh9ymH9TsyPg1dg9
|
|
||||||
BbzzGy6r99LMMHmt/kB8BrOX6BfnzeLwSmg4VZ/aUWSAKK2cxbvmQFA5HkuFJ2sUc2VXmuPR
|
|
||||||
DRY+vurz9PHMF5WZI8ait4/2m+W4zvsYZdgOPPkGr63+DVKssczpZWSq4zX5Ykmd9e+bsCUn
|
|
||||||
E9jAI0iH4P4SKyFt1IkRWMAaUxQjN2v5/CIyydaavQGKM7AB0CjZL2835LwqiboOmptxzuWJ
|
|
||||||
5HJM5JSqr1HMHP8vokNKcbrU0taV9IuTuBjPl198TR1vxPhHYcACIt6TP4wr1ApAsax3yoDd
|
|
||||||
T/KrmCaczIeX6BmFFqXjDM/azhpQKIyFGgbDzrRAQ/CatG8Vy1baA5uJIsmiLxc7imwtUf5r
|
|
||||||
uJOlXSi72uQd9eBx55mlt+zNHbrxULPYBIL4zOe3g1SXb0leZsvPjVAWcj21AgH2QJx1IoV0
|
|
||||||
POwfFLEVCjTxiQIcBBABAgAGBQJMZY8YAAoJEBPAtWZ6OLCw8NEQALA9UfSTm/Zqc2pJn+nN
|
|
||||||
q4sfhPUhYlTUxE1D49FzF4GmUHDYzMlU8VVZub5LahrITDINOIidmf49wXc3BcjcEKCUjND2
|
|
||||||
aL/0JMtyMMORH+3g/Vz8HvktL3EnOiTw+Z9p1GNbEROI195VIWwNRjU/EYv78ErcrQ99MzJu
|
|
||||||
O5yz+Qibp6JUSIzMGVTAiGIPzdJvnbd9JQXfg+fhanWKIIzj0dqNmH7tqYuld0K1nD/5cf5j
|
|
||||||
o8Gc2L8GQgIStjUF5OwkElnO45iSYz4rgw2PfHVQBX8GsLBGRhKcxUK9psNBHIP0eWUk7sTG
|
|
||||||
4/cbLgkQow+u0ryitmu+IJ/Q79NUiRNrw6a0rf2FUY3Nh/AbVqLVdQChKrxGtDQuJtpwh+uV
|
|
||||||
RYTmc1rPmyPbsWj6xmgfvkLgX14E+5EPx8H1wyRsRpBPEW+Wb397I5eEt+gCEjfjrCprD/xX
|
|
||||||
eNSRMdOT9NVG1HJ3wmeTEddkpbDNhtY09ydMzS1O3auJReh0L7ZRn8gPmnXk4EPamDNzY8N2
|
|
||||||
OVByXKEPhb3bHD9RCHEaSe02BDcR1nbpbVAX3onquvK4ejZMuZIXXktbBcnqHz+zbRGRyoQO
|
|
||||||
Jsgh6bv3qun3fer12w22PJ8Q8ifhAmcS+Lhadvq4hskVprr5tRmvxHRKPgZF0ZqGOmqvikyV
|
|
||||||
YhFvZabdkKACAYCZiQIcBBABAgAGBQJMZsf4AAoJEBwB9EPJyTxaJbQP/1OgrWHtcJ39T7gf
|
|
||||||
wh+3lbFvmcQ4ggc45PfnM7jM+OZbkPZOMnTmXgDXIz+0SKbPUVH86XPbeZAXHXavtIFvqbPC
|
|
||||||
yC284oQeG0gzwS5yxygry5jj0fZmw2W0MfSQWEuUkj4HBkqEhgXGmbsYhCbbN6+O8XvBvIvY
|
|
||||||
EIYO5a7wSzi/21NPuG3hcGMFV2yzr6p2FtvXfO5biWGcf0yvkj0YeBzaCwdty4F+1qGAIHcH
|
|
||||||
oPhXCEggJKZtOYVZmsHz6/6RYghmRaSoGoG7Jj9+6udgZCycn6EKPVTE+p3tMiHxJzviEFRD
|
|
||||||
Ov6iNBC55cFhSbMplkW7fH/M6rkW/e6+1zhxP1K11gwNTtoMJelrePLRpf/w12lNJl9jhe6h
|
|
||||||
fw07mluEogjhXLVOQWSFjz3Y1Tfb0ez53ev/ooucvk9XT/svl2UM/K6RqyWYl1A8KCp5OgW5
|
|
||||||
nXzRZ6fc4Ht9OY0sxMNLTLZ3enwrVa857n2VrnOgRTe8bFqNSMcR39QMAD6h9qmJR7cNbFKn
|
|
||||||
IyQQiOtKCDFbZ7wyMroepw8wNLXPlvtMvS2zSBmMC/gJsdZVHK0u3O1Rpp1Jhq/qsve7D/fE
|
|
||||||
NhHih8FBKPH1YXUOILdR0zDkyBUdXHBUpZlcRovaznkigKX6LL7f2SbXZo/jO0L1FHDhYQs7
|
|
||||||
kl7OmWIXh8XW4m0ocB3IiQIcBBABAgAGBQJMduUKAAoJEK8ig6p24qx7z1gP/3wRRaEX7n5p
|
|
||||||
oZUnpEcNy3ZRQPAfVAAX07aBSnTuHzuphX0smAfJu5fqEuYP1XzBUV/WSxuQ6nGtFoVSLEpg
|
|
||||||
W3EX+KgLUGEv7Y4NI9LUNd47CNcZ3Fo26hQ1ur66c0asuLjseHbHl1aYwRgOarMy3X8JO1b8
|
|
||||||
x3z9edPan11kBIeLpjlBnnScZVB9EB2ezptxaXvyvyq/+SAfRMnGKKO6qx5vG9uK2g7GOPJk
|
|
||||||
dzS5LGeguixNjh7pN1ewiSHO/AqPyywVGYiYB9dnVWT0RwCZMXs3YmytZHfc58EpmKDoI19W
|
|
||||||
MFA4Hsdgwp9ucXJMfZZ1Xw0i02fJQKs911aw0dF/hVjHSOQfVAiNvBFn8u5l4hgFG3JkZ6Yl
|
|
||||||
rktrC6HThK3mo+KUNlynB70xSLXwxIHYkQUTxGr0HqZgRQJL03pPqk2Y+Lx4ndu4g0YwnInv
|
|
||||||
1arb5Yfg/y4IJ6GDY6W6gvPP4wUrxue1w6BwqRwO0rD0vRMJtJqzoIRNCE8aqtQP96OmH5iy
|
|
||||||
xAQo39Mvz5cntzaNMV9LOm7RgSaBvt/hLwxfhG2KX6Fca8hAXo0Q9dg5FbHSyLxF0mSZTRpO
|
|
||||||
NPFzMz5zc2yUpjW3Holt9+5n9pzi8EUVwfNnFzijagzbL9bwuyc37M9wnPp5x2wLx3MF2o/3
|
|
||||||
fNzpyo5Lh+IH7efZcG4XnUsYiQIcBBABAgAGBQJVcaVQAAoJENqCgw48zDo65e0P/2RDhlCL
|
|
||||||
zEUuut3KmGhBmPbiTX7CnpwFhatNFIb+C1EJ2giPmmrwn0O25ED8dJFC0GhZrwNatuRzSefI
|
|
||||||
yc75hGrTr/BFqRLAOD4xfMqOE5U4+z0frVTyuxB9Gdr31EmZ9miykKnfzcz1YY4MpQtzQOWj
|
|
||||||
SiYFgjofwcpI+b5MjnqG3T8q1PzONnvvx7BrXt0lRNqL5MyByaV51CPbENyhWeJMu5tX3hAR
|
|
||||||
rsuWoBP3kw6Df/ij5I71EfO4vD8C8F6AKWt8mBjyOfIpDmHkxNU0HYrmOnxzqXGqHTu+II83
|
|
||||||
vgJOurjZ7TnqEe9jB4XMNF7w6+SPL6u3bNfzH0KPpEjzBV7jQKFUhllkRbcf2PeLnmzex3+U
|
|
||||||
pEJjS5HLOkJt3B8wyANnZB358921snsv4LVJmgx1aVpeYWNo8vRgzKRMZT5Qk3ckXmuzHN3O
|
|
||||||
FGKwLJnHmnha6rXG0ShlYjNY2wJjfmwaed4wU9k7T73tFbzoWJ1NXP37iQuEnOINVbNCQdfK
|
|
||||||
cvL/82Q3LcpiapN1E/QYdfYjNju9NVpnSFICDEEYOfvodDlxbEQegZdd8zVHayYQJuc62sUd
|
|
||||||
zPvMYLvQTq+x5tk1vJD+VSJ1sAbVZ3gzAANyMyYQ4670RK9H8z4ygxa09lAunkcJ3cUHRFat
|
|
||||||
JyRM/u5NYxmCxxL5l0/UqOJg775tiQIcBBABCAAGBQJMXHEzAAoJEPEUCEwIYRERgesP/1xd
|
|
||||||
2SPeYmC5X4OpUDsbqQoe79ojCbmd+2CoFHm+GM0WbtJHFi3BEJcVW//QNQJRSE5dKXCHtIDb
|
|
||||||
jDhzlTKYT4q0f0p25mWMJFOXqb8sNiorXXdDz7k7GwrRZFsi/XlyiIrCwVHwLpyDGkY5IPBz
|
|
||||||
p5JMXuxViM/TYn9BIX58rP7eVwAcazSBIs+QpAvUi4pfxNdPhrHh3Pczllxg6DamsEPBZsjM
|
|
||||||
fz7pJxiddkJgAlDpIa8C3ZX4HdMnoPZhMh3JHxry4CIceMC8BOuX4c3GyXuFkKTMJSlRViKG
|
|
||||||
57WyN7eQe17UZni23QLifLYD7V1r4cY7cWj1s/qsGtLsvtuVL2brOvHeHVEE7s6dWpQea6lo
|
|
||||||
jLtlWjNXvb7WQ6XNFqpal5x7MG95QbBKWGHfifhVt7WrDSW6kbouXYYEgRhSZBkPPjSZXTEv
|
|
||||||
54YkBVwCsb9fykKLOTy+wyJ5Ttj1kxtrMWsaofhDYOo9OtywwKL4AnfBMhE3NcrZ5Yf5MHHx
|
|
||||||
NK/A95j9p8/HY1dKSHNDRub7PMM73Xp0fc/6cCyl9sTM9SFymKvvcMFChRcy1ZF9kVkXP3w4
|
|
||||||
ZzoJz2YSTK4zIRY/Qqc+Z+BhX/rRuhwiILuCH9hXhhvBx9rKBxxKcTw1Gl5hZ8nP2CGXNkAV
|
|
||||||
qSXL/0H8hschAtxw203KMvqbpSq7bYkniQIcBBABCAAGBQJMXT8zAAoJEIcvcCxNbiWo+oQP
|
|
||||||
/2mKGGHKVA63SdyOkyAaz+mV2y9jIw+0hf2D6eoQ/OJ2l6vQqc4atQ9NsMBH5SKo+kPLhfof
|
|
||||||
NcO6axy4ngb27YK1czUS0oyF+Vv618k+1WePw4Kh4afVZGrGsHBiv8DcKbeAoEn3gVORu5UY
|
|
||||||
ElINIsW9ZIuIypyFXhV/zf30zR8MOd1uuJjif4ac7V+n+O0GpBgzCkKZoCdO7NJ3QH7RmpJ/
|
|
||||||
TYAug0UMY9YvU1P2ffTvZuHxdY8adJGnieFnsLrO7yYHlva6Y2T47m0QwM6BXe673hj45H7s
|
|
||||||
rZpbvNIEyRiXpucEm7YBCboiA8vBTjXOo8D27Aa5MoZUHF+znB9gRKWKUnkCyCT409yo8qJI
|
|
||||||
5uSm5LWOa3Dsje3jlzfQh0BVLbq2f/g/kgm06Sb8jWzLYHUvA/+K774sOQu2gSG0FkV8BQJc
|
|
||||||
M9RMdImzIMpNpV9JYOWZCzVbTe2ZzzZuNXQJFG7reuZ8SoB8JyrLEqNbfzJ4G+pNbXZbrSA3
|
|
||||||
ybMgkaIvt5xDujQSwH/we/V3W296WHmVbU1U1W6lfW43KbOXriCrLl/j6qiy9ln/gkVc/Amx
|
|
||||||
Mh2RC5bKOCTRJ2TgPms2+a4tSpOrqapcpa0OnZJJTG/sifz9/3eDGPTKoVkN1fYZqTp+0s8m
|
|
||||||
NohYO6YMJsuqkYNr7UAHOTE1p8nhrq4RQlaIiQIcBBABCAAGBQJMXUTaAAoJEFOUR53TUkxR
|
|
||||||
rf4P/jp1G3yjSGwglzqEbvu4rzO6LrC8ZqnxOSWjKd8xN/CIje6naB5P3gRFLphJaDUgnlpx
|
|
||||||
nQYODkDZlMPsSmUY6+GrM+XDPIEnw2Yp2Vb6OVTSeDzgpjgNsdKptNGR2ENFpC5ReAKEKAUy
|
|
||||||
7bLcraD04IV35hnuHNevjq86VO+Dev/SQ2NJf0NrOuC3iW2YA5SEXcJYGp1vXAZjRUprOnxK
|
|
||||||
n/e04kTTA4b3cKzoEo/bQqk7C+7fLG1vHziDDPszsZ09G7eAhnhZmFVTk/jvBxJ9ra56Bo8l
|
|
||||||
ArknJ7A/LHvGe2SEd9MVcoKIHGpM3IPhJldZiXNeyz/HuUA+xKAY2Ox+p0vDlKUAF/koME7u
|
|
||||||
2wwx4ncMnRdbVOGNGDJTJhJGWk3VIUsicbQQ8M+wKnkJmLNI0ZGWdoNADdIR/xSIhL8bUaVu
|
|
||||||
PC8amQwK3VD7iNRcbNnIw0+Xbzev892lbBvav1Y/V6G9lBeS4KrLu1s5h+cmCq84RlW3xCzY
|
|
||||||
B3yZhWUeojvuplyNKPApJwkjWXGC1LK6VldZzYksXMb+9JxtoE6A/9F++NKqEmDilKl15YFV
|
|
||||||
Dy/beTjoSK1+6T6RrTKOPt6kFu2460PTa9KOqjpQ60hxOn/YpyAeEK/MtRuBjAT+wBCIX+NY
|
|
||||||
UIxHNX3mcl35l6Gb1nYtL4CxBG4h557CGM4s65IJiQIcBBABCAAGBQJMXyNnAAoJEHqPSei2
|
|
||||||
NIC+Za4P+gLihkZlHwFEM0pNSR9GoL6OsaEnsUebefwcLSrX10Ee+5mpODki11Sf1flIWJ7J
|
|
||||||
I+2Gj7U2NtFFXBvzNCUDN30Xb+QJBSU+pgJERtXThl8hKYuot79wg7FclsIo9P/NEQ60/tji
|
|
||||||
2iSQ/w12NIApczn6FmX/xVaKafJyf/QRnI0mxQvd5w7JEoeIKvaUVjt5Zz9fUhTiM/9kDCv7
|
|
||||||
E4a+PuVP7nyQdSCoduhFYQwLf+727mxtdLjK5OHXl1jYx5tcFdTyumZpB7bG/R6U2wb55kxd
|
|
||||||
iAltk4U+59p7NG7JSu5Lnexq+p5/281vVH33PrIINuZUhmpPovFNeDz6lFqEICQvaiS2STte
|
|
||||||
/BY6yBwIDx/1nUhiBF3yUU1TOQrtQUfRjox4QRj1g8YpGspsUXagBltN04l4tev6Hw8tCn7A
|
|
||||||
/f/RkdQ/7U6N24ZP3BdBx1R9nKvksE+C+v5QwlqpufU8Zaj1YpmPBn/yfSzSCvd9cE8pa4zO
|
|
||||||
KujACMEsPh0c/BDoiWsmxKLTzOoeKGwl15x6x1Y1yTKOLD0wXXvEM0TVF3x3RJgvpdnvonN6
|
|
||||||
c7URWq31zKcISwLOKCK1c0UK7hyD8zFISiPChiUUdGicZ1Jo0me+xp7R9b2QQnwVj4kO94gY
|
|
||||||
maw/3ouaDqOrU80N5pVC5vC8XSp/iGAY8wR0fc0qsPY6iQIcBBABCAAGBQJMXzSvAAoJENFd
|
|
||||||
MTiCAEFz+XAQAJo4XauT6qsxxS3i4ADlzeesoE5g+QPzg5mpVP8NA+kEXqLuvW7ZZjDzMClh
|
|
||||||
bpnhT9L6lgMdKOzODa8PzMMe8lMlQtGQsfby9Jy7c15wFwO3YLr0OesnS0gGMV0cxpu7XVmZ
|
|
||||||
ROPqOn1eVk25eaZHO3dHrc4ve2OMP3ZG+df3+kwQpiMgrl5x+9UHOWfqEtyT590yzofK3FCj
|
|
||||||
qHZwMUt2pYeCksErljI2hmrKDqp1zVcjE7OoQwc6M14i2HvhYwAtvEJTuqyIjFZL/XzGS4La
|
|
||||||
2q43fiLlAJalwlvIBEtRH7E5qWJEiS8gs47+Qcwigw16RhVp0FxhD7kT1vHrCoqwMFh5ULQB
|
|
||||||
fEYVQVbfVaXU9vL61LOvPfnE7QVCMnREwzCyYlD+FonI/LK1pqbzXgEJjh48rXEVuzic1G3Z
|
|
||||||
zipxiAbJNattO5aWuQjlEQv1ykWGIwh5Fa+LEQ6Idcxi32CsD7FFCYI4dg9GpZwM0NjJYrYN
|
|
||||||
sN+Nl8/o96LBGzCsminV+M+jXyGN7S08DoEyuuoAwmiY/48lAQJQChMH+M0M/UthALdcTooe
|
|
||||||
epFC3AiHiIaKUouRyqo60vNbAixbv1olxZpu12KlgCAg/ra9VcYjvt48msQTtmDQLz8/aY2L
|
|
||||||
eoFLm4L4NMqIQ5Dxywqen1MTKkk6GIx+7pAJH5Z3izmQJEYpiQIcBBABCAAGBQJMYe5MAAoJ
|
|
||||||
EHA3PPEpDbnOyQgQAJcCcEi6GZBjFHjNE3N2iLVUMItWSEdx93NabuJi7FpuhorwaJphZiYY
|
|
||||||
3ehgSa4t0/gNzkRkscCmbzjAr/auQsS+iSpINgCKUJ+dwOO7t03owH7ARXb4gmWY58poL+J5
|
|
||||||
ZgkqDok7ZtW09G+OenTaAccIpmb1IaGHDASwZ74EuH5M2P3iP42h7Q7Slhxer1GVloLD4SPs
|
|
||||||
8W/3Rslwh+/ccYfweNC3gLvU1q50bj6kvO6OWemcI1NAWtxEDTGjsS+BsXBPlYQRF3tqtoQF
|
|
||||||
Ht3xUKlGjHBO0DYymOMAlQzXfW7uqUYenrOXmOV048rqZxRtSdQwlXUHyaGIuyCRWqzzqYip
|
|
||||||
ArtquhHSSKedxe5wltdqeB9G/D/zwHR1fz4VFkECxRp0rWnnOnWJEp6+uxYPiIV/36qB7X9d
|
|
||||||
NFxlt0Vu3vZZiXgo9RMLjdQdYuBBJrshlwKkOlYPDzpYjHWmXJjKUIhDTqD5Kr2CTw3TrRyu
|
|
||||||
mHevt0nbqlnzoHd935ZssJdbYGDC+F9aUfcyzwJN+CH34zKz5gtteGP48DewptBF61Dyl0Pa
|
|
||||||
rHthrkwMqdZBA6cHE4lGpvrGh3GXASqf/rtAHwLM4brOhtH/LYYjvO81wThRmtjyjmSsokSl
|
|
||||||
0p496fHxPDuGr7kbBDMtdfVdty8zJ8IaWI11wTYExu/6VgY9dlhuiQIcBBABCAAGBQJMYfU5
|
|
||||||
AAoJEHcx/Mxj5OJ3X+MQAIdfUJP5Pmxv6T+yNRYSZ44Kx6cJJVvPtWkV+h5gx2sY/uTAS4/y
|
|
||||||
oiBrtnxilEr1D3MbWyElI6jZPlDXxl/Jx42kEEur5BkVOFmAmAJYRork7qCds2RAWGnhqlNH
|
|
||||||
vuMIz1/PfJlcB2hS5qo+JZLxTFk4ltOTUT6W8ENacKzcpzWGeQvqG/dY8H8FL2hnvNLiGITY
|
|
||||||
XZY6hWGvW5Ti5xzIBXj7QN1C3WZAmxTOt9C/t6PHHktfC+MNGN9zQEBAn9MLkE80oSwEX38q
|
|
||||||
/ukX1RpXCUTZmxIbXOaLc6deaTcxjJbBOX+YE1dSXrg3KxhXg1IUsMVBhQx96p+yhTUwznfE
|
|
||||||
F3pZQiWZhVP9/qGa56tR6pejRM8nfgZaLNcT7nVibIk/7Js+fXRYp5nWUKf3f0BoymQss9MU
|
|
||||||
cQLFs2Dm/l6iX1gFUgqoiOVIAX8DRc7MfJ+UTlHBOMGDKVok9nVsZegQYe6P/C88vfFlI1Qy
|
|
||||||
fV4KAdAb4YwD2HatpcjDcX5TRX49mD+pmK0bx4+L3toRG6W3OPvTcsaubE9peNfjwS5L6CF/
|
|
||||||
M0Fq6IhIUobcDRjmUNtiXk77WmI0ZM1RiaaknHHCHXGQgS+QPd82Htox2ndOwP0ScgbqlL4D
|
|
||||||
LT3ZJqRJVWgnWK/n2BrctT63KFAZa68Epm4v0GZtTjpJpL1DYnUd/J6OiQIcBBABCAAGBQJM
|
|
||||||
Yt5PAAoJEHfG+0Pj0wgkbVQP/1NGXS+oar0Y3GuQZ+HwYq4t7Sh8CbCIZlei01oDcC95Fl65
|
|
||||||
HtTZJcd8RTPCkTilZV4orC+gHppLVGi2GQdSJ6C4whlnliwDtgU6uJ9uuP6EKTsGh1jAoTlq
|
|
||||||
eSDx1n8/F4JG6A1xVOekZ8NzTIfpfdFlAYANe+z674ZrRPi6tL5euQ9/iJpi//bZJMVvmttM
|
|
||||||
2QJ+XxNn/CrGKGZbA1PjBYYol3s7DjZLhR3IhgK/rvmVCo+0waZzPqI0CD/axU2OXT8B4lIG
|
|
||||||
WvDcccX/8p1tzIjlXNNsDV804c+VtUVX3jZMISmVMWLfkShhnUEhfwi5CUNtctL1SPlqwvbK
|
|
||||||
q3bxZjol/OFu2KbW1IjhZ2dJ2e1hQ1V8jUjSYQ4xdDDwzS/Z6EWWn7cLycAR8xF4CQd92hCx
|
|
||||||
o5AIgkQGG1R6iraztY5H/fdhXjzySby6q9Zvfa+rw0GkXpJzffKwrjZu27+QCqvNGX/3b1f2
|
|
||||||
s0eZ3EkFam9cMD3df8PCPU7Wt/IN8Sxv7JQqkb6StQF3NjI/lnFLcb7qf4dhZItGZBbkWfwj
|
|
||||||
M2PMEIbCl66bi8XqviJUUskn2XWfhaodv13VyXGeGzVEw4+N4auDM1w3WZ5SnSXWrFazIXCw
|
|
||||||
IBWYFSyHlKawy+Rd3I9ueYyA7PqgwdczNxTwILXhB0+pBd0Z9FMxjL85C1N7iQIcBBABCAAG
|
|
||||||
BQJMZ04vAAoJELNGT4lqoVlI9tEP/0yGcqKoQuNUIsuMasD3zVuh5j77i4wo/FCqQvMQIlzd
|
|
||||||
PWl+gC9W0xDA7vILOcqZEErIi4PPGwqpQYGUgh9KynP4HQau+43qe2BrvdauFCIJPsmuwfER
|
|
||||||
OwrgdSkKyvdXA08WG77v0a1V+u6nsnmbXg5/xZZdwCAKt+kILPVemxeIy+f1AAHj2zLnDGfy
|
|
||||||
0JE1jN4w+JZrhdWtsYXWMnfRFQQqPbnVqi5BkFDeRalBn0R4mLTCCOZn/fGodA7EdmRL1dLN
|
|
||||||
X9FbnfD8AWMDEPMDZ/h8HdK7dD16XxW7i5o6ZbVvftyf/yaF+bhtOyTHabkdSlMJXHzl5mnW
|
|
||||||
mH8NVlTTQt05SJ86NhOjr98dhSvcQOxFT/fVajDcXAQbdKnylAWHEjnejGgt9QwpM99l/Mp4
|
|
||||||
8j2rLgqfexF54y53km5ssTub3QJ19FG0FPLvRB5fnXfzOvn8iDhcC5V7dA7q08afUjaLDTVG
|
|
||||||
6byCHe8TR9weCaCrV7vvGHzmEEPRNzu02C86SXGZw05eRMWFKJL0AG1avj6k24hsnatuoUke
|
|
||||||
6IA5zcx81GbkqPDiOiiYJOEZFY1Eokm6MhIQ30HwUO0TQ93TdNgD0pJdAiElPyhs6csf6/Jr
|
|
||||||
ijOSajEDcEOuKzqYnrmY2AmDgfyOrjoW44ADKOcRTnnhAF26ljBzwqa4xguz9HEUiQIcBBAB
|
|
||||||
CAAGBQJMbL+KAAoJEORPgBbTYw+Jb74QAIQ2ADLJSvn+c5MBWYwc2NcFrRHIc0JXwmn+wzG+
|
|
||||||
QLeFDGO9SV//LM9L0XIIbsFFn71Rv+/KqyFLn9SyeGdJakuL/AMC4qF1m6bCzwSMdoZeYBwK
|
|
||||||
2r3bgPU4xW94O8zKOfRF9kwxP+QK2adfR1y7j3X70rICZYAua2ugkZcIDkN549PBze+2LYnR
|
|
||||||
3CIhyOV6nYTArKhYuaDiNnS822l8VThOgk/Dmdof0+ExQfl7Nc2oAk7wljhmLX7nMonNZcDI
|
|
||||||
ct+fDsVS856UYg3aJR8EuDCAayZHZvo24/bKPwroxl26+tEEfsqks7epWZZRGY0lH+IY2qoP
|
|
||||||
oFhHPodpAw+faiafD5/06Vo3SzH2i/btYQEwwCCA21cRLwpv9432Ia4ekvjPQ2E3fjBWGyNs
|
|
||||||
UA49MYhtllX/8jk6LE+AIU43PFit6ZB2BzVBunsy/LH4ZLxdi5sLTA1f0dO9jNkqf3xGbRIp
|
|
||||||
PVXtQ6t/9PUXAy1evqWBQgRNHVScKL6pjuoLurSIenQCbcNQo1iNLB9DuenAHNUBP6Ny3cby
|
|
||||||
hqMpazBoCIb4HqtdeUBmzdDZ3okIdjXQaxsHZhDsLNQM1ggj9mu0vJWSkXfdXpew2Z/J3Cco
|
|
||||||
lOuTcTqfGi5kdoDHPLvFDEYyrGKiHTV6P7TxoIxml4A0rY6gHFYlF1b5SXmUiCt+cKMgiQIc
|
|
||||||
BBABCAAGBQJMbyrFAAoJEHxWrP6UeJfYj6EP/0SlRe8esTX01wSot7D9mZfjK/yvpA3g2YQi
|
|
||||||
3U86Nb2vvLvJAamLzV+Ka5GL34lPASAIgwfilQyVhmAsyTOQ1sIU+rPav4olOoUTBaORlzL6
|
|
||||||
1AmhtI5N0HpjgnIDLmtKF5F/kRxm7JmcgnHgiKoSZCzZH2tomVVIGA9/aSDznr4N/uJZ0yWT
|
|
||||||
6MxKbmS3udM8WAgKxNN8IB2Z/xVDJ2dXMt0a4IgHNAn7wgfaizOiOKaJ77c4c/LNRiyhomA3
|
|
||||||
VgHDBTP+WgDwEcJupo6RiXWyvd1yDTEsHCApieODSIlniWUePiuwjBPNNKwH0/yRo1fkK6cY
|
|
||||||
kqbCD8Dk10p7HUr1+BEGW2fns45mpwJH9PvbJ7e7VldPs7AKmEKC0HHKZ9BNa3AJiujwnaUj
|
|
||||||
EYt6hq+/DRUQp6iqTPDAKE1bNTA4JD55zd1gGthsGHKfTSAydT/kdvxWH8fK6F0vOssQy7iD
|
|
||||||
o+8VVoVpbl3qJ1MtvbJTxum4ElFhPYaG4Oh/JPK1vhWVXva9T1PX6sGskdC9DPgDLStCweq3
|
|
||||||
RqzAhjPvcqgpx39mZGU/SQzwVUFN7aqASNl0ZFUMmnZ/4aNNYXY9yEAvx8GetdZm8s+0gw4O
|
|
||||||
zecerDlVf6xykodTT9sK3qiiRF53P5A8HlgyXoewut6MyKGEwhItfUshFSp7MMMJcycl+I8Y
|
|
||||||
iQIcBBABCAAGBQJMb/jgAAoJEJ0LXlse7I8OrucP/jRV886elnIly0yuYX3ALXDPgGKFwbRZ
|
|
||||||
GWC1qjf3ESdrqjC+On7jMLnT3/A4l03F23bpHEAOnTl5Ounb1PrhDnvo7msJUH1ZdtqsoT16
|
|
||||||
sAPbq14Rsg4+n7f72KYKwcQaNVkgizg/W6a8VJDOxQQgkrZh3Lp90O8krIp6MDgd+XKEQRjV
|
|
||||||
HxyhzpHHyqAaY+/nhRY3VXATZ/5K4+pdyRt0aWlpvftYTvX/iZnGBrsfjgYkBZnix/+PfFtF
|
|
||||||
A2p0AXfiFfFuU3BlE/kG35gGDgbYf9SouHuYeR6TLgEMOekxeqPacbTTpM051Mq4tewfFQHM
|
|
||||||
raLLSMCucl+duu7kyDRXfwZ+zoQ7I74UT9gRkI/jSYecRKAoSYnoewDo2bNMEsnYjFwyf+Zt
|
|
||||||
MEV3glEDcE7FXgm20YYjFb7uMQIVbiuXnFho9RQFyu6z67cfIcJzEn1pttMdV0vmMfi872Cr
|
|
||||||
BKGHxYu4gP1a+yQWx6N4Xgm1eJVdAdzhmkX7mH5C2GKLPIWzwT+onyi3qCCUWp4NL+2QescH
|
|
||||||
IVkc8daU0AH4IGp0A83dpRDb91vYWFImVW2brurAsBwNtKRhpd6yG+ufE8+9PBzQ+hZD4+C0
|
|
||||||
jyR/T5HAsuMQNSfcDDEi70E6wRLEd/KYp0YePkoAKES5CB3n46XS+WESddBXfeK0OZpAbXye
|
|
||||||
45lyiQIcBBABCAAGBQJVku4RAAoJEOugxsccACVvHtQP/1218tsrXF0nLofFs9edddWw4NLo
|
|
||||||
ZYc3HvELTHfyq4/41ERGOQoevO5/3tMzSyAG5C2lmKOz8SDHjAwkLmbqiYI2EbwYxLg1lTzw
|
|
||||||
1jZGpjzBfKm+dll3SWroKiyesv/iPrExc6fJ1mxLWtP6G7R4m6ibmz46uywwreT6WvhKRKzs
|
|
||||||
IPQdf84W13y2ItpFe9n2U3/Sy50brOnqAiLj/zIP5PIaaHzrqUIevdINFgyIWee2s7tTDcNm
|
|
||||||
zV8TV6+cMs4jT8nqguNy0lBGjMsSm4BviQRZJON7h/v3/yf67TctHMWJxeD62STnXS6wjEIk
|
|
||||||
TTYSNSEZGvMw6Ti3lVB4nlx7WW8wLX9X5/1QdPc9jZyVpsh8QzqUtp+jDo6dfXPBYfUlwm1v
|
|
||||||
Q84BVfcknpMkVMDLX9EMS8M2HLWBGCOEa2/n88ocUnjX2ZL5C2MGlK1TTyxSWCA8D9beVpKa
|
|
||||||
PdYP8JfUiZpC5nLKKBvyEGJhUa2dOY6jdbPRZX+V2TWMIwGWq03kSv4VBHdErK+HUXXcFvue
|
|
||||||
OdQBEOcN4H78RPd20CNTEIE4bsxgT+riXcjUDDrfIH4EQsA4oh1Z5fXpE47y3ZMMJuWfRzrg
|
|
||||||
es5QTKNFKDfLsDwPvgyJV3iLbJeKp3G/Te+scm3UDYi9dCB0eu1MiKM6SIxrJIGzl068Xndh
|
|
||||||
QNLOTpCjiQIcBBABCgAGBQJMXbYRAAoJEF0yjQgqqrFAvAsQALNsAqgOJrnudiKERxnGU8dD
|
|
||||||
YlxWPADlESd/DfsoEFkyd87GXVzfOE3ZaGKW66PB/D8eEfiT3wWVNpmAfIoHePXkPsA7NSyD
|
|
||||||
CORROlpxXE9zFaiRYMzY3EdCsvSjSn2F3K7pymCC5yuYFXTW1J6x+CS8YCEautV5h6oIsGsD
|
|
||||||
4zqXyHLWM6Htm1J1Rk0vW9tJqtfO39CFD/McuOUC6QMNLeBlWri8VDFmdGixOmLNAtBoZkPv
|
|
||||||
i7AE3BFa4utWcLLjm5gMDsPW2xag21LAwX+xiZ/G0xkDfwKM6w01KcIp03wVzWBwtaUApsmu
|
|
||||||
6fsH6gFPFuqrAKadAJY/L/U0A5QI8Lw8joq152skYYwzwC0INYTw+gst4IJDWPtjd5sK80Q9
|
|
||||||
NJpnqLJv91KAn5+Ya/i+K3jjFQLwII8x1rX+B+hxsbofh95VdfPJW7W2ZMFAc5kpiN6Vmw6O
|
|
||||||
X5i0x407cMV2TslvGI5L0aQ1T9mnMipqMnQNX9sMjCUSRNVa1DTYPr4ANkPy4ssXxenRN6Y6
|
|
||||||
J1Y2KORYgm93FfUpQaUUHOPzBT8PlfuTn1rNZpIABEl7RB2qpsJIWytQjZ8U/9epUiiChMXk
|
|
||||||
1zmB8izRWAoX9NtLM7KttiFht1nRYgB+8Q9/Ta5mros/htAW4slcFzNwEqFFEYNpgdtfh+S5
|
|
||||||
50o9SeOpmQQqiQIcBBABCgAGBQJMXlHEAAoJEDkUtTL0376Zk/AP/2NHH69E18cRAOuET57I
|
|
||||||
oRZmJqa+a+cIdmXFIhWlxUtQfEBdXwSDDcCNVZCWWabiHieSEahXSbCQIpjsjfTLHVVmBBCY
|
|
||||||
a1XFHixF3tnR8auN/KONFQ5tl5IViAw0tYBX1zbx3FqZf/XMqzOr/twpKrbI2VaslvjPpu1E
|
|
||||||
sZ7KiXnqjWU1Dp9ydwK7sdb34V6w/N/uonaulFq6IZ4GzQzIaF7/SkOwm9am9TKON/OmE9HL
|
|
||||||
hz4kGimtnvztfaGQANF/YxBdjXEvtUp76y8QwXrxOD8f7EFQmascGPIJqgR9KLYp1Tsw6EFJ
|
|
||||||
eKpDGJjzevkBN8eeIDLOWfcG+qlhNHHtnbfXnv9Ojr8b1idvSsdqvwFBAjw2svZAK5f0wkrx
|
|
||||||
KU3U5/hTIz89EQuT0o/oJWBj67ONQYHyh4CYMZi3oTiqFWQH10utKi4kGnM8jaDA2No4q4xk
|
|
||||||
n6L99QIU+RClkamJVBQdmzoSYpjiFoAlXDIhwQGt+QmhbizZLp6NqxXJOOHJ8ictRpRlzHOq
|
|
||||||
ERlLNkmaaf4YTyBeEIH+GYad/xiqDQqm5NQHFBira2dZskxKC3SND1e5sTd0nYIur09wbJG+
|
|
||||||
z72oKoiPMCf4Lzawpi83Yz3Swks8hZ32fbObhuiAmfXqEfDlhbf6Hz9NqTxE57faXm8pWrRy
|
|
||||||
o1QgHe7WNpM8vth/iQIcBBABCgAGBQJMZa+UAAoJEDIkf7tArR+mQ54P/j192Qx1SS9xW+Ao
|
|
||||||
2V6IdWidRtV25Pkt4LckZAIJHfVEvjpM8z1uuY34YacjFeZWtfI3mpM9JUQ2Zx854oSX9z0S
|
|
||||||
iQ0u5XnPNBavYZ+DKgGygOyDQdNdjvdzR13IT3RIu+OAnAFkBfwS2r8i2rrWpeZxltPR1Uc8
|
|
||||||
J0ZtJ+DLgdbtWZxCGIl5eupdbf03oNQ0GHP/h4W9Ls2kvJOzILQx24+9tCZBIi6ZuHjlawhV
|
|
||||||
uZwTvhuc9HNhl5knHeyOZCFfBcNTWFnxuHIzYq0AU/12+WYuZ+SLll7+yA1yHpP7tQrz6oSY
|
|
||||||
rQGLzsBq0/kONM4WYmhMQVtgxuxjZV7DK8+1f1YlbKCGrk/R4lZ2JklJ2+qI2WMiiW4BdZ3o
|
|
||||||
CkEi8z5Z2vISsbTe9LujYnEbiTyCiEZlrz5bkavOgMP8T/0NlA0GSUt1Jo4hkLG9eWUfYgq/
|
|
||||||
7N9vMQd0ihpUVKciJyqaSixVZVX2OdUW0nCh2ftwOzfvjhBG3GydQDb6Q8tdiOeLL4kB/zpO
|
|
||||||
VfZu3UydE7CAtqzvNj9DRR6hfyuELHULoxkP7DHCJIx2k4ZZwgUmLHYIyni8ITsRUnapzqwO
|
|
||||||
Gy4wmQM9ZGvI1vFXINsV8FUKg55scO7baXwizGX6UQ4jwvCBkt7i/1lYhY5udn8vmQ0cRf9Z
|
|
||||||
HjKhTYfZ05hp1dAc9Z7piQIcBBABCgAGBQJMbA/0AAoJEHhT2k1JiBrTtIEP+wRhrJcz3w7K
|
|
||||||
y8F8xF7+ihU9k/lvDjqZLlYKuX6kJsTupTygmC7bNVw4uBfGzlujY5kroa375kGK0Q6Uh4PT
|
|
||||||
ffiySDUmKj4ap29rlLT3JzFuu5CIH2jskPEAYhqgaf1NZUKAcIncDtVGZWi5J/Gi8faVyRnn
|
|
||||||
tE86gVvHzlgsDoz4WLE/Wer/LUkotK66I9sn6t877lm948GIrJ0pknNHB1bCcR6YhNRS6fI5
|
|
||||||
n9W3bkHBBs+ilCd1GlWKl+a/NmBnr3yMKEYrM8hdh8RVJlHW1puyLruumoxolSToGvhAIPV5
|
|
||||||
E8D8dc92Pa5N0tELtw4a1Ao9zl4X980QQ9XPqp19LdgrN4ipqxgaxlVywzSq1fObqtSd5IYo
|
|
||||||
NuLz3PvoFeoDyP0degy+4PxXX+hERcpe224No/Oo6cPvyxblgftFpMlRVuxLJx79m2B0db/A
|
|
||||||
lIEN4RAa6mO77ZcJnAeInD6ZWnHw+bVPTbGnsz/9L8EJA/SjILpBcG9UO9pqUYu+aL80AgDF
|
|
||||||
FoWlq/Oy5YOjTIBBMcE9iN4V7RV0S7ygA7xXQ8JEon3lrgVNRQ3tyrqclXKw90ehPS8ntYJe
|
|
||||||
8rr7M7hw9SGC/UwLlZctG0BO/Le1aoRI7U6NTnfKgdhfn2UAPX7tgSAX/xgZDcuF3T8KeTwH
|
|
||||||
/GYjjUzgeoKuZMtfMjXtEOfxiQIiBBABCgAMBQJMYt0+BYMJZgGAAAoJEMzS7ZTSFznpEuUP
|
|
||||||
/ih8u8cHaYsnA0vQnfXUB3NDtKpwPA39yTh12Em2QWP9ezw9CizD9VRBmR3kksbxvFI7lNHF
|
|
||||||
bBR26jzHvz5wh0OFAoL0QpnwqO6YVDYAnDbwU+9Gyk9zFz5WAiTaj1AFMA2Y6tfq9M6eYOG8
|
|
||||||
7eNVVdRI6NOwmjO5cO1NNFO6fo4zxa93VLX8CS+4Xgt+qYnJc6bZDbwUPdmfSr0UgRVVbZAO
|
|
||||||
CGE4f2tSeLQwEOkO44XB1rgRilyGu9dRShgxLQoauAXzsQvqMzaNwjal2bz+yunhj14Q81xk
|
|
||||||
xJZ96I0w7IzMPmu5tjyPa/1Bhn+f8cHkqQQKcu4Bf2OEtANNU6M98reiS/K4cHEj0ChdFiHX
|
|
||||||
l2z4WxSsihbC3megEX96l9A2uVgJK0VsSPQQkGKzVsJkEAsld8tC4XK4OzukpXB184h68huy
|
|
||||||
TL1jdJkYcZoBQ/3Lo6Z7TJ5ZvnUhdpuvQdRfmBYK1AuRuNuhmPDYV2/qqmFOYBrpUY2/qv0k
|
|
||||||
xOYUduergCG6cI8zFK+KWn3S3sfxVt/032qe7oa9/VsloGBRwiaLl7MAwzHJfUgZCMIcfJgx
|
|
||||||
6sQRhrvZbwWg64UyG+xFuocSqTRkcCU2fezMZHhLA6B6CZgk0sY/VBQLBBOy4bmtb54AslmW
|
|
||||||
f39NNnD/VzkSqURypo3aDKn/f/v9+JNBfcCJiQI3BBMBCAAhAhsDAh4BAheABQJKB2jkBQsJ
|
|
||||||
CAcDBRUKCQgLBRYCAwEAAAoJEESXUni4YStd9mcP/AtRNozdY/n06hAVJCnI2W0U0/BknKBd
|
|
||||||
z8SXGItd3Mb++tWs8tMvZw40hB3C6oQJu9CdZ4tzZtf1jSUxoAJjGTGOiz0pooeINAuN0xRa
|
|
||||||
eLzUPyQNJpd1/CsZPFgtn4FeUa/T9WwHxZn/XzDBPd+N3uKzM63ZRpKU2lkSvSrh7fvqP13A
|
|
||||||
h8Zq/quMgOsCbQR6Dp1swJIm0s9gPfN4mEVXeknXnd2vRGrblJYL3u8V7cfjUjnCUlFmB7U5
|
|
||||||
TiROYZYeP3OIuDsAqv8+xweBswWxCxX0LYsuRHRxmLKWEYHAV6e0czRSJYKQdV90+URoOZin
|
|
||||||
Qdeo24cWK6caJEavAHFnDcKP5aMCrCtp9hM9EB1J5/w0zOEXLotwhD3cWVDv1k2s0w9wkNZp
|
|
||||||
PJKRdXL9f0en47MpqJqR9/8U9X9j8t8tTUbo9PcUcf3YB4hvmEBauBHrCBNslMx58uPYOFjV
|
|
||||||
YqbwHUzhTKHhUGVHbCkQrUOjD0z3sjKlzXFqO8Ba3sDAP+hs9+g3YUQX+A403rYJoI/b4Bvy
|
|
||||||
eZ4ryKanz4/zhskMDdSBZ/UvduPm+gHEyq8Xtj/jxRDX0EqLvkphDdUgZqnmanx3FkkH9EOx
|
|
||||||
fUxnqpdwJvAj6k3diWEuei7pSbTBlqi80fLRUm43135UP6AryHtUnraBSsaGskH4pznmwUfW
|
|
||||||
Kh5WtChHcmVnb3J5IENvbHBhcnQgKEV2b2xpeCkgPHJlZ0Bldm9saXguZnI+iEYEEBECAAYF
|
|
||||||
Akxr78UACgkQ1cqbBPLEI7xL7ACghnGFWacQR2ySOwHGcuP3y2NepV8AoLz9sWYoqYd0SL5T
|
|
||||||
192WWkJWAboKiEYEEBECAAYFAlCf5Q8ACgkQcPNeJG1THnOB7QCghdTeFj/8kaopb1WjUCof
|
|
||||||
BrrhzNQAnjYiGUchyKzDS++2vV4VPwxvMZZIiEYEEBEIAAYFAkoHceYACgkQMhdcDcECeg7B
|
|
||||||
0gCfXpPTRYvu8+YGBrnl3ryzbBrYCiIAnRMek3cGNpJrDT76nPCVkp9J7zqjiEYEEBEIAAYF
|
|
||||||
AkxccSAACgkQ4VUX8isJIMAYjQCfRZD7k69DKbhcMYOYWt5paHpg6SMAoIPdjQhnId+yPSTL
|
|
||||||
h05O6LtJU7XOiEYEEBEIAAYFAkxdPysACgkQ1OXtrMAUPS2JYACeP1vgz920Qbq9CMig1p7V
|
|
||||||
9Bve+7sAn0FIeNCiAGp7owWq6mZX4BOD0o/IiEYEEBEIAAYFAkxfNKAACgkQ+YXjQAr8dHYl
|
|
||||||
2QCfa1lGYuTcxswPc6nqR8P9G1KoS5gAoNsq+dtZCJmYMIflfGNOxlzLUsNziEYEEBEIAAYF
|
|
||||||
AkxnTKEACgkQn3j4POjENGFPMQCeNYzQIXlYtcurpdjQru//evWc084AnA4MQEEKUkVvRLOl
|
|
||||||
PvkCi847vss1iEYEEBEKAAYFAkxeUcIACgkQ2hliNwI7P0846ACgm2JlzfNk5w49MB4cGDwy
|
|
||||||
Aodz+MQAnjanm/JlttRZCU+zLaxHxEj4JovdiQEcBBMBCAAGBQJK22d7AAoJEC0NWrh8JT1S
|
|
||||||
LqwIAKQmrdBXWS2UmANTYLBfDuytJJm+mHj1YSJ8ro92xzst6WBmqxMwQ2EscOv7S0rI/LGr
|
|
||||||
8PfXBnpp7Mf3zhwEXeUts0ZUt/Vy6s8UAVPTGPSQlj/Ya8u0mFfXkdGsLMgMdds9Cz8fLbZr
|
|
||||||
SycslmVmLtK4S+rhjQhJ0vXt2sL5VJ3HRznCpmSP5+ZQOlH/PenHLmV0kC9KcOsrxgvV6Rls
|
|
||||||
HIZ7oiATogYm/kuwXwQ+0qQAMsTY3AGwE0yuMXvDuDUnGdUBzaZJJZ/wodDFYlDxTJb9NOh5
|
|
||||||
P7PDBQghiR0LrnU+Y4b4Oh6ne61EyGRhP5ULvZ8RZsvDCO27gjNxRH1nJkmJAZwEEAEIAAYF
|
|
||||||
Akx2jugACgkQIjrgVb2U4VSOeAwAsBhm8cj/o2YZPP0gFdUCUyr6ecydoD1d0ER8wwvOci64
|
|
||||||
bA6Xeu+i8LtcAHKowj0h1uVye9SXK7FpfyPlD3j6hbikG5CKXSwwEfEOUHmBIdY+UarL2Att
|
|
||||||
791yM3hADK/LjKObU/hEFs+b50xsug4pbYGbnDgitj4AG7mrqLLReCAV708jbizQyxizDl2w
|
|
||||||
/aXbgRvjjVczuxFeFYGlkIFv+da3NoeYCV1oH7Wcg2vrBb+TrxgIbAMW4V36v+fIPaTsderL
|
|
||||||
QQTv86Rq5Uv+FvZaoA1y7rXMpDbD8OJ1DdRv5BeDAGOAWUFYj+XDDdpfKt91zOlzfr74hikP
|
|
||||||
1NWx0NEyG09wxvkV/6P1zjbv8NVedwhDBs6QQsco/oYx25Pqsin+x0mnc1NiDpR+9Oe7c4ha
|
|
||||||
6JzzN3ufllxydLpK4D1RC/ITKhNhIrG26qSEtk9K6zM4QQbD/Ngh/hztcHMObLYv4MIz/Uus
|
|
||||||
K+CoJDI9kPAISK7zKTHfGTbM4O+gST0gqcFSiQGcBBMBAgAGBQJSKkiDAAoJEO9z5tpYNrga
|
|
||||||
fAoL/0E2pxy8oF9vH2d87G/tYfJB1sndWixltZtLYJMZ6HVAwYBsq6ju02893SllpZ6xp99x
|
|
||||||
xAss+xeJF8PlpH5nauQOn07IyUNTytxa6kJ/xHcIuVEVFEBU5SUaXStqfugM/EE/V8pbW5di
|
|
||||||
oIILQx52NKli/JhrBWlW4/1k8moyuCkZqYsdwwp2QgLrJhcTNB1nWx4DBgonAL7GOGy7s2DP
|
|
||||||
6zoQT2rDmlMY+Y0GrYkt6dwwed0y8mP/6c1ayLP/5E7ZlJK7Lj/3WFxYXeOOP3rU2xm+Brym
|
|
||||||
u1ND4gGC9P+p3rlEBJ/loSruk9bbviULqiO5s7dB4Xzr2joED4u0suutYtSPnuY1fNV0DGxG
|
|
||||||
qgYvhwxcuOHVD3zBMuAfYoGSRQNsMrpzBnfytP2pF2CcS9L7maaTBxyKF7UbpqdvDDh74i+A
|
|
||||||
/J2O0TmMuraSX6r/szqCS8B5UdetjxWHpaEViIy4TiFBMIzkhhJIn4nngn8lHniRT6ex+TWp
|
|
||||||
dM/vkeO5f9ea24kCHAQQAQIABgUCTFxxnwAKCRDxppvkKcD/7nyjD/wIQDebpZRkWpthmHaP
|
|
||||||
NtpU8vn2WWtxigo4D/crBIrhWCvJGqm9P9n33AXpGGc3T6VEJGyq4lxdwBP/K5FC8a3hgCXr
|
|
||||||
dXAA+V5knfURy8kya5FBGK34YtrGXBcNv77I9GdGdum+tooYNnNJERueRkBLA4aIImB/W3NL
|
|
||||||
eL1f8vWVi4vys8Utpj8+5pg5GLstbpmzewtc2LQFstMDeCjBsrDiuZZrsp3fO6zKnizg0SOS
|
|
||||||
jTkSdXwvCma9j4mlmU2Ry9QJf3EBqyDwhe5Rcrl8TopaP75wOKD3r5npo+e95Wjvxy06PjjK
|
|
||||||
1ntAYLMuEODWiKAhQ31YYYg8v0yMvBRFLfFmtgmSoFcIiGJw7azkxJefqIhQr6SWUF2G3keQ
|
|
||||||
iD3qNjrriIqxdJQqj1XZjbwwHMKlvtvokf0xCWltpqzgW9YBcKwqr80Sp5Z2M5wjeB9TWhSu
|
|
||||||
uoG44r8dtz7GEVllGwGd+hRYbyhdaEjdgFjZtJ/T2n5ESYQ5h3V3vjJbbxVZ3fOE4ksVNEkR
|
|
||||||
5cv/h1x631SuU/287bb/ObGieYIbaIxpaQPedcPuX1+hHbLCrtZ9FAx1COzhIJbXG/2mS+2b
|
|
||||||
hTUyax9RQ4n01fgsU/C6FPeGqfyrrfijS2XKQAGsigRGm7rIjENjXM2fGqNsWGEPt9v3YoAl
|
|
||||||
vVv216XE3sCRMz4Ua4kCHAQQAQIABgUCTGAriwAKCRAedZpyap/ddM2HEADRXZZx9vRiIKFC
|
|
||||||
taquk6DZB15B+CTJSe+rhtiiRiSH8GZcifbF2ARqZF00OctbKkbBNycNV8FuxRiaZZSZN1fu
|
|
||||||
ZckgOKwMK83Llj0tHd+BTrjmOiZqrZ20l9j4CMfvoTQZLOqxbf0XKpfkx+WEf8HaJ59+2GDy
|
|
||||||
CvqYrzYW4oQLdc1wwQ1mI/6XcP5YyTPaOai7WzrRhL0ClYj6/kKrcyzUm3G91SuC/AXPGs5n
|
|
||||||
8QVINq1hidCyEjuRO29Pi9YjOIRA0YSmWwmF1Jq0CAWDlSeWZf6oZZq232UM4OnDosjp58pj
|
|
||||||
ldIf8YS8TcNLjFZUSq3ilfIJgTLZIfMj0H+YZyBRvHL8071X6xmqcQXmZb2xGOJHu/Zn1qrq
|
|
||||||
BjN7HIOrohVvVqccR5rbmQp2m763vqGCPL8nxZszGvH7v5PFCTdrfa8tlqiugadUvYW+SCn7
|
|
||||||
RI1QMijJJjrlWolD6ZJLSiA21a9B/y8XmUluedCQ+RiJLzYBVSZhHI4j6EdavCKbTZfeUZEW
|
|
||||||
PiYbpjltZ5oOjoTzI/C7GKn/btPdY298tHPIRPJP2P4Ybi0Xzx1tsZIApFEn/uHxzxndigef
|
|
||||||
Q0EtTz/ikmVN3CAPo2i9dj1urBixB2QuoESumF2hjUHs9rZDtug6CuskojI0GAb2wPNf/U6x
|
|
||||||
ugU3APwb6c8O+66de8wHNYkCHAQQAQIABgUCTGA3OAAKCRDXiExHGOGPRLxnEADsBFKXFFK9
|
|
||||||
8wUfiWk8b5ov+XJRvYhrOQZz7fX0iIxUaZCLaSIViyOD8RYFXr9KKuhGc7pcEvU71ccRdmN3
|
|
||||||
SoHz+RQDrCJlRgBosEAY5hfIuqtuCEF/njo1cNSR7kjkYc5PKXpbHL2G+15X8aOBdsd/Wa0W
|
|
||||||
E6vLxMerhS5ILRbRs30W/VzcNnlb/3dhHSvJPVF9FGBeZuOahY1edZKU7xu8k+udND6lV1Xy
|
|
||||||
j25Ty0mb1WfQ6ORuqLhXPbfIycqLD2sNmpFBNVlRkRejEhJU9IiOrqkgECPjqKUMo9cnCCt1
|
|
||||||
rVO0EZYvJGD75wl1PySqbQus1MMLep6FJsqvnUpEh/HzS6+Q3/2AL3a9JLITDm2h0TkCeX6q
|
|
||||||
o7b27aoe+J4cjiApF5E643OduBA6Ox2iauEr1t5d1J8ewFWx929EQYHnLgHtBx0CzZGUAZqU
|
|
||||||
NJEqLwfgxZaN86Kdw1xP6qKCuCdkhrsLt7gsACvSpkIEEhVxoAHqJleWF4MqozwfpsEO9BSg
|
|
||||||
L071pyc0Czw0XJlNNq2sn/GomNRvXLbYeSpqzsLdOAYxsG2l7aNRHVb81ml/OEvIuxHZE4Ae
|
|
||||||
cjxfsvnONarc5jWIA7iFgk3sLaTVejP4Y8cbn4rXn+98QwseRPBMHRPx84W0Rx+YUXQSAvVG
|
|
||||||
2GboFMP1PvnEEv0Qqq6JsdMmZYkCHAQQAQIABgUCTGWPGAAKCRATwLVmejiwsLktD/9ALTT3
|
|
||||||
VOyGLPKCdTYn+kXo/R4x1+VpRdoLLkUnxKBzfTVqtHg6X9GAqMn4b8PIgIh+9ULPiK9OLV5k
|
|
||||||
bdko3T/cbP+Cl2iqSbVZoKuYpf/xd49oIdiJm/omruVotTDbz5vOHwxzmrSRcxXNzKrnmptr
|
|
||||||
f48dZjoDdrirUJNDlPE7yvM0IvBSwPv5R+t7gcti0/ZZFWDSEQ1fphx5q5fD47+t2Oqeyq9s
|
|
||||||
oIC1uO9xnzB7tTmQ4m1Up0mwRsf/r0JdTkcT2Q1PNOttWUY4aDncF+d8wCraPW7715C7iP/U
|
|
||||||
saAW2h+MwAVC3yMT6iu1dcufRJsgFg0iEd7G4Uxp4IcCfwSLWD1mh4NEXZ8Tis4hTnfpbICs
|
|
||||||
Go7qPAFDdPhWRw7ZGs/aLV0+E6hu0t5hE2CWaOCS7hfx8Z9W1heEuMBqDXZeSEfkiA6/sNHW
|
|
||||||
ocgNXiDXVMdyHm53xlswdbSDxDT6CPcdvzHsyNP9/pYd6+CFgTBAw60XqLrjYPr3tyTHBWgt
|
|
||||||
vFS0tmSq2h6zMht+yMu0WCoZgw4iTYKtwoE+8RE0aaqwxUcNw1w5h8TTFY0b0NyfD16pHX94
|
|
||||||
TruaZnlnpNWZtHgYEqtobMH6SKyOsy0G+BJ/XM3jLKczi1U5osqH0yBRCWxVk0uUAOT7Y8fi
|
|
||||||
wkUSNQl8wnUbDoRSOtwCn1AQ0LRgOokCHAQQAQIABgUCTGbH+AAKCRAcAfRDyck8Wux1D/4y
|
|
||||||
7uso609rTdbQTInHqA2XUshIOCgsk9aW9Vphgs4hY0VEhhfRyajEa6RrjdYs68BuWUWO8qs8
|
|
||||||
PKe3LhgTDv2ZmSBMdXEowYVY0CvvHhyHHZwdMl+6vRZX1uI3SHf3TKqT0eci7gNNvYnCbdMO
|
|
||||||
nXiBCM8nYUbbPOzSBKFEq3CE7EhNOvSMZwTu6pnOdH0qiVUvqNTx/hEo9qg+brPrPcLho7Yp
|
|
||||||
cGu/Kuqp30r2b/HVv4U5X5mOy/OebqzCAb8WEdWoY9V9sDo0bf4or5DZaY/JB6tozg7bQ4Zv
|
|
||||||
CTwyu4x9D1SqnySE9/wsu9xSlhni8e43o9ujv3jxABpbbOPqt00wA43wSoCbdfv4mWLsbGk4
|
|
||||||
byKR3eWEh1XcUwRfaPk08fh0ssskKBk8C4sUMIk5oTiT+VU7IZ50gh8+XgMxrwdMcWAQH/Qs
|
|
||||||
VtsYhDGA0UTw7C1Qp8mCmeqLVw9RA11d/S47UgYlXBQiv+3LXuYfmz/sALy/ktIpz/tp5CtY
|
|
||||||
PeP3CPuFMTlKpVScL7+DbeW4pwwR3pkm1QAVaG/lb3Dqc4QpYcucetSyfdof1E7ZQtCRTR+L
|
|
||||||
BXBHkfqQT4xnqYOU8ULraaLaUGOd3y17rlYUXlHijhNtytzSbn+GPDnbteQYqZPx16IS1H/6
|
|
||||||
buaSwB5ZRHBbfsF9O8JP9+ldLkbjaodxpIkCHAQQAQIABgUCTHblCgAKCRCvIoOqduKse+8L
|
|
||||||
EACKRmLci/pI12k8kF81SrF1TEZG4Mlqtij0vFQNTvaLJW9PSX5xE9ln/WcsLwUPf0ciV7bF
|
|
||||||
M92bdaPiiEDOzpC3MFEV8Kx/cBGPdGNx42SHbOrxzbriIt+OCFxylsqlElW+Wbo8chPtXWzi
|
|
||||||
/G39v1a/xHVxzBg4uUPFRL6zOOZ12M+l+TCijja4EKgctCb63t+x82GCW8UspmTTaEn8UT5F
|
|
||||||
STK+qp4+cQeIYBRBcHAGKyfzKJ6Chbv3MlNq+zhmg3b8NYLTKWOgpP4th1v44EeO/R8Oibnt
|
|
||||||
KJ9hqQF7a58hb2JLuoEmXXBJVk552hKD5UjKm1DrfZAapUTbWvVv9L5IdozaDph+GZzpXQ4C
|
|
||||||
Mxlwil3JVEe9sWPoT35iApFSgoWbDNYGW8M/CRiyLzYtCqcAzExJbU9KnKOV9kbebiZ8J7CZ
|
|
||||||
gxot5en0OaXrc/ALPHjYKrNmZEQ+B7dlUcN7KzFMEJHPC5Jb9xsV3Jje6T17lA+W4skejqPC
|
|
||||||
ZB1mi9D6SHTN0MYajeRLasFq7F1Vytd0H09MLkQ3i2lymE50Su7cOsMk1+KjA63C0JmMquMp
|
|
||||||
4rvuBt6Sh3qVaXDTPEUV5ZT5by7z6KCb4iYg7AB3IsCTsP9njUCZh19YE8IKxd4y1XXD+ymW
|
|
||||||
FwxcQs8Fak4HdGfmXLf7G55wI1E4GHFEwWMJ1YkCHAQQAQIABgUCVXGlUAAKCRDagoMOPMw6
|
|
||||||
OpY6D/9xPI7IEHZCcGdZV1C5JH93KmiqARv45K0p36nAxmGH16mpFYtTOuK9oJ3ZSAZtbGp2
|
|
||||||
oppbQX5AZHhRUvHcjwv33ME0RduosJqeMA8GT/xZKfXNGvQpn/ZG/pDyDLbL0LyEngRR1R+E
|
|
||||||
JCPNAna+op7ULQSQ/gf/HSwPI6ImnirMwXFAGOBSW0s29z0ilC/BYRlr4xt5uGwWugYnyhJK
|
|
||||||
/SSwrGBaDxB7hakk2LTeVOe18etFCno07VPoI8pUtNLBiLmySM2aK2Muy4NR+jZjU9x6oDoB
|
|
||||||
tTq40fkFln64nK82hqFoJP6kDPkzdQx5NaRiH4PAr1DOydHyXofs0MghS0UKlCZR6rkyAR2k
|
|
||||||
9r+b9+KUDEQYrHXXDqhpeCunQv9LGzTi9GmaCatNHJTwTmVk1+oydWiruYLQCQHETCzQrK2Y
|
|
||||||
FEonJnwJO8XremTXw+V3jyKZLee311I+ggQmtI5StRF7fFh7OGzdJXBVw5hI1VlISketFvAz
|
|
||||||
rllAI8Txt59l45NFNkZDZlJlJeadffen6GOXsWr5q5JfS9XlfLbGlzlrcZCG0uxGfKoYaUJM
|
|
||||||
0SNa5rvWO04pEK6AjBufkinWJBIJ1l9bz1uSkDY8g2tQWvdZrqGgih2DAXDhv+lu96U62fn6
|
|
||||||
k+UtKx1D2Y6JI+KEdeGffuVp+4SnydvYIAH4GgSaN4kCHAQQAQgABgUCTFxxMwAKCRDxFAhM
|
|
||||||
CGEREQw7EADTPt7E7JjfPg5B5r8xEQwvWnQ09/dE9xie4ohfzCOfGVpvTquyG3xKrbw9SKhh
|
|
||||||
akS8HPLGgBvvodqvZOqPGP6eZKfAAZmlER5fAEtw42deAGhL074S4XOeuPmRPnYlzPZW8cy8
|
|
||||||
HhcmjbuwXbhC7SJs1KtQ+sHZ6ihtTqXoqjsC1ArMOuA0Lsw9d4IOT5sXILtqnk92ynkX420i
|
|
||||||
yAiRU5RXlASnBNg5fAmMGZbW2/EGrHtfE+zzpqX0N38qKmBnE7kRgPM8OGYxYGpUl8x+M1zz
|
|
||||||
KY8BLhJx+gwCzI4L22uKwqv8dz3kzdWD1RBUUKJycCDzwrR+RI+xO9cQzaU/HOykH3HoRfIG
|
|
||||||
TmaewYDxl2vsVeHVDbGdZOmhVRzLqQIS259eRjQe6ZjdMiRJe15j+udFF/iVMgSgq93vWWNF
|
|
||||||
WB9Q7dKRZyPHjBuFuL9YP1VmxiNELX/BkQlDXcnlXHvK+KSFuEgV8RgQenmFtHy64YBC0MoS
|
|
||||||
ka4NtWkPl9EimPn3iAHNLBCfqqs83TaG9Fl8+V9se/B//AcsNoM0/3vBU/L/5F0PppPVO6fk
|
|
||||||
ELDY2V11zy7L5KcLJWm8f4YwOKCdyDYPYVTpl7xGM+30n5h3xto8Mz6f5NWVZbfxfErLU5iK
|
|
||||||
aeDdSebdqns+FUXmZYUlWJGCXEnY1aAzy/9MpRSz+mtXAokCHAQQAQgABgUCTF0/MwAKCRCH
|
|
||||||
L3AsTW4lqMf4D/9oxFxZbLh/kRIjys0wNgeiq0oBLh+KgN83Rf+vc74A2q2T9/XiopuEtk0T
|
|
||||||
ywbz3Xw9KlidyGr9Rrbl6O6aWpy0csxUOWvprE7jaTwjqZxqISNCcsPFbsWQieJ1bVv6upjE
|
|
||||||
j/wrTRh4IEC/P+K1OU0lWblbeDDEv2K8aj2uiO8g5Ckp9X8Y47Lh9VMPvSOPN6aFyX0s1DDV
|
|
||||||
fweQtoYGQOmteY/pFDP+K+FV8iBw/wjEVEWflqWUCIOAWBT4w2sJ49KDdi3RGmFk6PSp/JsU
|
|
||||||
SLGrwUU3YnRiVh2vsK0X5nukWk41jm/1XdvPzEEpMK/RYiSAzGXKvs+UUWFi8g7AHQNfJOl0
|
|
||||||
hmB8LYFV7mQOLdbNIVTRB/ImbexKtuLDxU35CIxrJFvg7Ry3ulIZgDgFZEM0D/xu+2tBd28X
|
|
||||||
GjppOjqp2W6Zwnn4uwqBXMrggtNRVSeGASTDs8WPdwR3PxYKxx237f8J/aC3o2k08q8KbjmR
|
|
||||||
QVRLlOo1huZxmXpn+SUUKUJ0dqrrQHIEyzGtS/VSRRI+Kj4wiThPOS6zmc/vFaLjl5T69sOA
|
|
||||||
LS5TJqoGZz7j+GDK2MINkWWNM61SNyzomtdQc2PIICR7TP9zJbOvad1QDfT7kyM1JuhpvV/6
|
|
||||||
7XIP/oxk6OfgMT7yHTF6rh+G8UUNt/ZBCYAipcFByCKDwNB5sIkCHAQQAQgABgUCTF1E2gAK
|
|
||||||
CRBTlEed01JMUcebD/9aEHlc3TtXSGHF/gxVl0zsi3mFM/wibd2n/2Zv2gRrL0Su7BunKEMc
|
|
||||||
l+7SECKbDzWC3LYucKhjgVuPHSgGakk3ANiXiDw4qFqiYil1Prf/MK8F6RWye00IIG7yZamG
|
|
||||||
+1kLA5ft7sjO/emappGvW7bicXqgoEsazImSi9ekfYhLFKHn64IR4UjynHibKjoXA+EatPnN
|
|
||||||
pT+IHnBRRHRq2uaU8ycQoxiwUT8WMPyjlIg7NT+IIYqQm7DRjSTsUoTwhdaMlH7YCbi/dX0y
|
|
||||||
SlfG0LF/5fdg+MV0h/hPqy6gq2oRouILZlfEGtvv0vBmqagmPP+m4KJ/6/Ikf5ysMtC/NlN7
|
|
||||||
exkyj4M8Nl1U07ijha5CQCvn6DyQmy7xT/rmbJ0i1zjZauFmPf1ZaqennMkz2ndC0glSAYIh
|
|
||||||
d76mDDWGjvszrYpbO7KdJJeiO0LkoSW7fKxgabNm6x5MaPVhcynmjlC8BFbn8xuZQst13Pit
|
|
||||||
VmFtIDX+SJVFQCK0Ypuw0NhkXx4sRqkBukASSwCRrDxPPWqlg9/Ji9uKjInS7M/y3RDZqwJK
|
|
||||||
UZqLw2pdlzdAStExWfA3YAX6lI7IrpHMuoPUt+aKNyO6XBLMOGmAGo6LUP8vOvwfkFI72nWL
|
|
||||||
IgHSbB7MzHLFcMxyb4CvGjpZQzu3VDt7sDIweT4ZqWMuMIxreik+M4kCHAQQAQgABgUCTF8j
|
|
||||||
ZwAKCRB6j0notjSAvpDND/4nzSbiS1pMCum5H8dhR6odBPIRanEa8fLaltUQCfwG+CXBfuH0
|
|
||||||
nguvR07j3oMWLZJ0YqZIfGWy+FRMAqFjkY9Wm35ddEO4fm5O7j662mJn32S7ouAWvMXeZa7i
|
|
||||||
uhz7pe5o5hxoN9dzr/jD0qNIUwWzCl8C1KC6Gm2Szhnzr4jMM6fxol3i1TIjzqcRACqIFM9k
|
|
||||||
rJdpHe18XEE0Ao/cNC4bPdPFEqFdDi+zoYXNrHqyCl0FqnWOkq9IVa6Sizy/8+ncgLt7mxpR
|
|
||||||
CeA6v/N4w55AGlxfS284QzDWUDzAoMzMibhnqoY/3p9xup1tMtOZe+2R6/AOfSa7nB3BSGDi
|
|
||||||
g3INNT37Xh3OiwYtiGoAPGnBvMdVQYeLd0ySC1cTls+HsXuhfediraNnzRRgioi+r7Ew29Dj
|
|
||||||
H4O0gWhunw0gqn5NO/0sqQyN5cW70iIjhJlXA2pJYXSLvONRzQ9GmvhYIq+UA89UmriycCBd
|
|
||||||
u12zi0NfEY85B8qqzFP1c0EJrHclHNm4SuSh/cXFlejRbIiSejp9uCHXQqELSRWzxRWOSy9T
|
|
||||||
4iARC/twBSE+rJYfCrTMLKZznBzz+FgY/NU91w+teGbKanrKLKjRJtlXanm5kMSVXpmeTnc4
|
|
||||||
x46OO8QjHGto4hyaILX+H0+jYcTFZXV1wXPqgevaGLL5fZ2EwfdURZOMI4kCHAQQAQgABgUC
|
|
||||||
TF80rwAKCRDRXTE4ggBBc1JWD/9xj+Vpx8DaFRrmDwND90I7bFDux0MrxxGZ1NJc0WhF03+t
|
|
||||||
1rqP5aoqgXTx6UxMHTTQXRk6dNKpqRdWCiacxd9LUpUIFj8QrSE6zwWweW+5e1lCa4cIC69y
|
|
||||||
AHRN7LwdWV/s8dTbBWxPuCspDXrb3wPNmNaouw76T2Ny5Qwt13PnkaHmoNGIDju8yOpVhcAM
|
|
||||||
mRIeAHgJn5X3WkMPi9dGfKr94Vv+K1dAKzl1VQ2DHUcS8dVUTqugYcaq1NXeZ8ipacQtTy6o
|
|
||||||
4+aiY1iBJDvKdH1MxJGsS2EvcXT14r5YzOz+KTwIExlrKK98+3XI/u1L3VkUHqY9rILN03Q+
|
|
||||||
cKxX/3dV3j9YDu3mUNL9at+cZ4FjZG/rJ0B/7frBxf9fy+7RnqKHsrr5H7jFK+mZlqyAWqLn
|
|
||||||
Lxi1kW9tliiEZ5RgqLsYQk/nvvA/hr01rAI/todTvFHV7RIByNQVrp8zBbpmSUhyGaycc3q0
|
|
||||||
aNStTXoy6dFS5WLAirq5o0W2zKRbWF6RAZLCwYAz8BAvKfbdDNAjTeXQ1X6kEYxEmsOJL3UQ
|
|
||||||
UYLUHm8Ko8pPeaFLjMfRNZYVdQhpyLQbKxEDWwmzuAxODTHPa+bWmD2QRP6g/be8ff43L+zW
|
|
||||||
Ti+1bglSk5xCncsGp5ydPfxYhAQiizIySbmVGV0u+hVPSB+vGJTelgw8p0PMeokCHAQQAQgA
|
|
||||||
BgUCTGHuTwAKCRBwNzzxKQ25zl+FD/0TkiEx7eq83NaPbkxw4fQGgIfV+ZQHHZPHZxQmWQe5
|
|
||||||
Nw+o6jBv4spK4iTQOgfcyZQ9vcNoxDyvFXTPxD1SA9VhJKY/pvZYgFk4chfIAwqsuLhL2B4x
|
|
||||||
fL7XRU044MIy12YG24mQ6wq4Yp4CLX0J7XTkqF4o5gZ53W2lZ8IBhGee13vY658Ie7OmSwXd
|
|
||||||
HZwLABOIck59PBOnDQmbIWHw2nO8esxPuCG7A1vJ9oX71PRYGe53310L/vqRWliGwgINI+Lc
|
|
||||||
ghnn/GIxdBNAQzvn1vrBtLvZB50Ck5WxRZdRyAh29i8IQKVt43X3CeXatFqPke30n1hudgXN
|
|
||||||
f5zu7aJAHA3TvIghig9L9uZtHUMIZzxSovTF75ACmxfqiCXxS2pxqzJacDpahog4rJ/AZbsG
|
|
||||||
3787vyhM2zjCiSZIrA2GE53M4M3TQpV8gKAZy54Gdjy2S8FcOiFARFGXVu/l6j3vf2dDrTdI
|
|
||||||
Hlr+Ta/f2eKfKhyCLT5ShZwem9O10mpDfP/Lznb4kPKygCjT24t/UdY21mvVKwAiXDtkeeSI
|
|
||||||
LhXVj+I4ddyx4xf5mrH7khCxwDiYKr/sPmzFUg6gHHPsxIMoV/8+DA/VU+x/r2thuSH2rdKp
|
|
||||||
IuPcN1fLI3R/Buy2Pv3KGHzzOHQyHv2UbfGK5ijKY/lF5Y3RWYynInUcjQLbx9g+V4kCHAQQ
|
|
||||||
AQgABgUCTGH1OQAKCRB3MfzMY+Tid/cSD/0XD2h3/YcPxSfN1Wc+CRkbtw/14V3lgDOa83Q1
|
|
||||||
Gr6GySQZMeZ9NeBIeC03fvlfmQl4EwFebqGR7jsuRRVZ03P9I9fKoPXJhlx/hpbavP8mkAAd
|
|
||||||
Ye/ziA5xjzIi6j7GIpID9ULMvAW9nwPtL6p0ritjvkfx7EOJ1D30ID5Gn0BzyhgPUKiqLsR9
|
|
||||||
zdP11Z4u85ja1cgkVXMl6IEMflMJ/qUonGX51sEGvAC9OfbshoASv9g1cohRJe0MAVG0arWj
|
|
||||||
KkxekFXTaChVOSuzfavExtlW2eCHy2IH4LVRT2VlOiPA+dyRZuhjBMaRr9raeYnNtB+7SLWu
|
|
||||||
XeRgMcAiwWdvKSJRIS1H1sVAlP02APy67wBeHEcMrURx0NzAZaw/7XeyPAt7+S00LJNp6qNQ
|
|
||||||
fnecBTF5LZkfKGIentqjKKN0Ns20lyMuo5TGb2mZSdhlYRixsY/z95STNhsGe3SNzgdSpbG1
|
|
||||||
2eB8j+uaoLj9Gjd4UF0uAhfS/xqDXF3MONZX+IjKbGnVx1MMwg/ECPjtfRu0nzm2o3jpYQgU
|
|
||||||
XlnM/kAjGDcHgWsWyWdKVeMB+bXOwGPl6wDmcAkaj2GoUJP2B2bDnd6QHmtBQSD0jiRmqoXb
|
|
||||||
ARisPDuTJ7VywYSND/zTkYfBpXh9YLikxYS+Vl+NtLuvILXsyOt9FV5pxNOoWKVbj3X03okC
|
|
||||||
HAQQAQgABgUCTGdOLwAKCRCzRk+JaqFZSNlnEADIAMz9GZZwdKchx9VqWzsHKetF7ASrZuv0
|
|
||||||
5DSzfPH9lxJQZskWDRnLLtTzpSkrMDqueu7bgKE5XIoRcPgIfKoBI/iJBZPQaoxN9aRyxrNa
|
|
||||||
HM/F3AF2H0hc3fqUyi5+s58C5/El8Bc8oq1ePKGrOWFAFoNTYIvQJ3CNbXfw3tm56TGVKKws
|
|
||||||
SMiH+9xk2fIBj1m8mSpAwZKo6CMjlVU3Mz3h7DNiEa0yCiESl3USCIBO1dmIRs08DNn+MZyE
|
|
||||||
oeXSXM+eJtw+GpWGwDflnwOlKDlDj42y4K6pH6BubyfXe9ylb5DI19TV1X3wtvsqyhE+nPuT
|
|
||||||
4V6j8Bli1YKm/KhwjkXw7KggkStS+6TMlT6EF9f7JiLbDjAqhCZ0eBvgCm/p0/TNL0lBwrf5
|
|
||||||
90vD8QpXfnxAprdGR8O9ZEyviUqpw4JRnlRiH7TMBHVDiNCJ0eX53oyFd/TuDSTcvfyp3i2J
|
|
||||||
GO38NQfoO0u880bpRbCiBsLcZfEAByaXp2hV/9oPEvBP+95GwbnMAR8PlmL8EDzygDElweDc
|
|
||||||
F11FvcD6pgKQdXPubxeM6vJgcrFEozzW0mLZxXLUlv0n64YUMy/7JVoETPIEFJqAKwsMvaJy
|
|
||||||
OHJH7ycbs2dTeWNT3KDigSM49VE8ERd7XzyncZUbRk3ZkhGgRAE0Fe1prHPDx86PClBV76hm
|
|
||||||
hIkCHAQQAQgABgUCTGy/igAKCRDkT4AW02MPibaTD/442P0Qwf27NHs5RV+n/M2CKeG4sZmB
|
|
||||||
epDU0XjnqjTZJYYcMtKvVJ3EPvB8qh3Y69d+pCy92pE9x+4TXj+59pSYxSaZFacW+3s1884K
|
|
||||||
BQYe4256NjbVnxQEIStYtS4wRL1xjYBoNnPu1hq+vj+zArQ1pCWjCcM9Wzpl2tUPu7Lat7Os
|
|
||||||
qB7HnDvgDB/HUbNgpni6EmfrWN3YlbGthnBXfGvAf3nyPwuM++GKs7a7R/6+it/dnPdke3Tb
|
|
||||||
/aJKAC8YXlUSo4mEqpuBzz4Sk+5wBv+xS0h2GF4z+mnwsMY7ChqlyX1eLqfx+WWdO7V5CuPM
|
|
||||||
sHMp0WxsCw4x8NPhzBzEPFlYSvYlS2z5M/RMie0g5JuXvs/ajDHZItZYJoVbeRAIVZ5q3ru4
|
|
||||||
jR2tuSLQNo8qoqll+u7qA01zeEh3heov+FZXqoe8I1z7XOS6i7ZP745+zdbyRhi2beqEQ6XB
|
|
||||||
7ub3jSSOUPM+x+LKxXC7bbhKLlAat5256wZnTTKRVNEUuoCFPtUR8FwzwRXl9AOl1Ekmqdfq
|
|
||||||
M1F9TKYq3dPATHCxw/vV1QrCaIbqdJBAtf7ZLHH9B0sAZ8kudVPQeB+Ghr4KYaSPyX8Vstx6
|
|
||||||
tl+qTyuVlkWd26OZo1mFUc9kPej7cjiXtf/XOp2mI73piU4bfTAOBHAopiNiKe25M/75bGso
|
|
||||||
bAWSh4kCHAQQAQgABgUCTG8qxQAKCRB8Vqz+lHiX2Nc0EACkkjvmLuJz2Wp9Lq0fvdjBhGCp
|
|
||||||
95dZFpvcBFJfX0rzifUEmbWRp9fiU9P2SJaCy392PL0gEhEi4P7Aos1rRfyXjGhxcy+TYSUA
|
|
||||||
HaP/jQF59XED6t2ElW8+NnZNQ3NE1NnZ2ivcig09GdxvfV/Ivi3dAjYXslsd0um4pVCEEBlc
|
|
||||||
lWw9lWRfm1V9/Zmz+/83CNuc6yVGmch9lckcq/1zxqcBE38WyP/cR6nvvuiC4NY9W6e3LobD
|
|
||||||
eLkagJqFtsThM06Hy2mI3pDsC33nu0Za1tOV1ihJCUTxArZBDqUYWBN7C7hfx6/+IO+as+2Z
|
|
||||||
hi8bav8mjY9j7chXREqnmJq5uTXGyI0LDuTABn+Sfr8861zPeev56GhS3/gBIsvhEik+Hym1
|
|
||||||
1qnvlFhICo6Gq8qtXiJ9KQE+XI/bWZgFuflJdDLWT7V+DUw5+Rdqo3Qay0vHvsto+EMQLCiL
|
|
||||||
8qLdw3eE5/lVOn9vHPccypGq5saMyS2hdS7yF8x+laj9xfIwMyp3CKTJ892K/NOh+dEhAo4J
|
|
||||||
ZNw5tHCviE2KVRxDWNjjBOcrpONkp8o/OPe5bxCXVnV5F9oZqHCfWtXc+MTlI4dkk2dPRB3P
|
|
||||||
JNUnKbSgX4x63th/m6oAB1JJ5DE1iT+fdDre4zBpSI3ILCxegWL4ve+hLHUWS/ubfkJtlO5z
|
|
||||||
4w4wiLmfPokCHAQQAQgABgUCTG/44AAKCRCdC15bHuyPDso6EADTyj6fKEvSzHFo4caqYOVX
|
|
||||||
d5kZir9ss0hzplt/csBDosMdW+wO+wxzt7jXXtfPlA0OGoFqCVEtxUGQG4qYHSbCKPd9PEHS
|
|
||||||
ruWlcqNFAqRBi6k0phM8GeKbE0+B1u0qiyEvuG8IuP+1DlXla3yG4yEUWqprBMjl46OnTd7u
|
|
||||||
ZKS24zOqnS4Hx9fId3s7bW1JwrVmodbx2rdHDyZKXqCpwXFJsVWe3cbh/h2lXYalDKzwbdcm
|
|
||||||
rgDZUJp75YxlxerMiTG9Xc/4e+XOs30DKGy2cHAMitswtjXm7ZKZ8yL5pmbmDeP99XASwByB
|
|
||||||
7Mm6KuvQSA+8ByLmkvu9XBrRq5WUG9Cx3m0Shxy7e74w5/u4LJkqrmr1wdw+gZIvWG3UuTWR
|
|
||||||
kqJw6rEoiv8WTjJSWE5rTFVaN6YH2OuOFsTWNaUH1bc01HpEKivhk3ZiOOg2Bhxbt7i7oYJc
|
|
||||||
Y+UHCbC3PwwktM3wEnANz9UMoIFxn/2OHdIWl09t50iaDErTmtgbfkENDdsXEcLA7qs+8vpr
|
|
||||||
8qY+M7ycCuRat7Vu2dqopwpkhRpKtddoMNYZ5/51vFcSuz9BdCk+y+q06Ri494UPVFJsHTvn
|
|
||||||
gjtEcxsJopZn4pddzk8g2z69BBWRv31c8xiV5X5QTf9zmRUFD06pux6dn1CUI4zoul5kW0ah
|
|
||||||
LwQysmqgG40apYkCHAQQAQgABgUCVZLuEQAKCRDroMbHHAAlb97dEAC8oQamwtIj/SWT2PJS
|
|
||||||
Kl3bdPdQaYI8+9ZL9xXLYyhOl8aduFVMlJ7rqkWSdwg/AGnp8nh/pQiaGsnRweqFoSte3poC
|
|
||||||
QkNmRR3pgsZ1qqWMxqVrE37R51MSGRBEZq50diQ0sG63tzX7GSnsHXyxDjVfR4J0/ohZzyXn
|
|
||||||
UubBB8X/C72E8CaxrFAzyrLY0zqJBMzub+b2zg5Ac0V+GK45Iz4duftmvnWf6d9aOvXsPqe9
|
|
||||||
/BPbix8l8lCWUjfAPh0sSskI48mIi+jK6rm7+JmsF+9zIoVxlnnlFcmDxMGtapUl73BzpCKI
|
|
||||||
tbplOogAKpA9/2pcSvf2JO26cjQm2gN7BHGfApB4qYFHb90fmSt7XUQEwxyCbsQyhS7Tb6bN
|
|
||||||
wI8mTqajGoRZydB8WZVjRgsnnCHa9ecY3Hs1IrTMKM3gl7Kmm1tzbtAK+NMSH0mxPG3dmTbv
|
|
||||||
NIkjOcgGTYo4r9Qt4Q6rV0zfm43dZs7AP6nECRYyMggEoHHBDh1PaPUjoUsJ4Q/b0R8yvNNC
|
|
||||||
8defastUYtUkepBJ90FzlIJeMLf/1t/1cYX0or5wfp7DPAGxTx3+5EtyKC2Vk3JltR5QkLaj
|
|
||||||
blZ2PIq8TTtdDprXJuOtucF33p3SwXRjA59DrxEofOf1B2cAcxvb42QgZ0ToJmfeTz9TfGDS
|
|
||||||
adTRh+oqbbjogv0A8okCHAQQAQoABgUCTF22EQAKCRBdMo0IKqqxQBAND/sHFnas21+PsxN5
|
|
||||||
Uo2Gr6ieI6NqP2347xT3ZAugQFDhobNJkdXexShpW/PAAxN8/JdndFtuF3nNCy6gSt9c+eLx
|
|
||||||
uZ1srzyE9nZeXne59TDI4+ubXhuu/oXIfj0n2j7m53st6+RI5JJ3SuI9kJTOhIYA+7AHBpZp
|
|
||||||
XUu+m8sS+Jhyy3h7tqJw4IrwwOfW9/WEwhp3Yb2zDoEBe2Na5whcjFRtCJkJub4YwL3L/D5G
|
|
||||||
w31dFnTFQV9C8BNmyPfoHiTWRQovejmORLdNOzaHKy9a0c4fF6C92j4s9wR3KM/eaVJxM5bD
|
|
||||||
NvP78usX8LQY5A6C/3+e7kRo1gzDoDhgYii3gDm5hItXXU0V6sTcFWWVSPGwrm+628G3VWmm
|
|
||||||
1b57mxWn6+7Yzw01R/CyqEzovFG+M1BZrJn2JqJ8Y4pM7T0oRpi0/Ee9Dqiw4+v5I8wKCTag
|
|
||||||
713ZLx2IdMQxIsMnmBq/819ZqjKkYpAbgteov/foku+Y8RvymE+afjxcE+aYQpYOyMPNRMRp
|
|
||||||
Dq6CKkVErPNpI758Eav7UqUi5KyfMQ6tMh09F+mKBZvAVE7AGIbrQWhHlTCOYdSRA7uFtgSX
|
|
||||||
TUQlMSsj/2xkorXaPoFqShOr1hiWIG78zduIGT5FxSG06j8h7j2h6W7nCj0rYaOzDNOBM9yt
|
|
||||||
3il8eu9SeAgl2cEosRL/4IkCHAQQAQoABgUCTF5RxAAKCRA5FLUy9N++mdKJD/9Lclk6nEQu
|
|
||||||
xlcgA/0ugEKmWn5JsNnq8ZUl78nZP6fKY0syx9v4bMA+ICQrokfwY4o6dMxcj2Us6JUp/FBV
|
|
||||||
Z5lo2T2iPE+ucxobFslNdpZtzOQGOsOJ0N7qirafFXJ7ACtydbnCUaPfzkPYwwplHFqT+yQH
|
|
||||||
k4RxBysHWw9a9YoBMl9KFjIwZ7Q8v0x4ywySwfRAKEzFp+ESP+hDwhlOqTBKFL1/P54lmbhG
|
|
||||||
JHDCNbwxGLIjiAeCjomyoxpg5YdSZVyWttmsy1rxMV+ndERK5vELfZYqdlhL0quVPzd1L+g0
|
|
||||||
m2iA4QdeGfqrCxex7olq1su60PFrMee2wFzH8YEYY70nCi6/JRTb/Vk0wNqgyNjKY434EzHn
|
|
||||||
liuyhFvsTkQy+ciegx1lQixRxJfVnyz1BkHNDd37qL9lbzPwVqLhhh7jkjW8koPbExQGjVcH
|
|
||||||
St2HCGDcAxyOJK9sG5a2GxPn1K/SzHXWwhVCSQN7sJSkpNmRNgjpJdOTnEtsfRC7keUEG853
|
|
||||||
cKtWtqJw38/ye6RbXXHM9y4oiLkSWLneGH3sQFtbmdtjubLQNXE7rfuUHarwCnVHV5FaeAn9
|
|
||||||
FNBoo9MCAZL1cuxe7CR/awAuH/JAkuZOanj2jFwvqeyfNgsB/LIlHIBTLPwVXDOZ3E7+KUMJ
|
|
||||||
lQ45DOfhGPOSzv3QTL4gP6lcvIkCHAQQAQoABgUCTGWvlAAKCRAyJH+7QK0fpgPsD/9gJRwY
|
|
||||||
37FXgq6tqiUO+q8H1m+VQ4y64cKNA/SMOGxV04h7o5tC3B9D/ZghAyfQ71Li88PIk8n7PAV0
|
|
||||||
Wnbv+V/9kawa7C7Bfq4OJOGzMU0Y0JPd6LnupBtq+jtE9H1TLneCiBu05bjeLSQde438Or9w
|
|
||||||
SV0sLwqKncwqRJY8iIjz9O44X+6+6p4CqdMYmsZV9nGM+cES6uytQ/sB/mh5PutZahslWurz
|
|
||||||
ouec1uqTY4uuGNwOz+MJvYUNPyajcgtpH8JNQ0phlUvV+nAOJuiNXBHw8MbxNzTdLfsdtdpy
|
|
||||||
zRH6NAMN3QHrtEGAQ8XgFnCtu6BEPpgOQIB1pMw9OiRMhkcu9uCNCY5p9NMhL1tEx92DkSyW
|
|
||||||
lmFIF/h1Ohd4yaxnn9jwTVxxhdAxqK0rIORy+sHUSuc5LrtItNe+AnTvQeY7MRgZwJuCCohQ
|
|
||||||
L3OLXULZajB98g6cZQJmNmtdUeqMY/QymIOH8IoY3SCOws4h4QZSSVxNczo2Ag5R5QKSpBA6
|
|
||||||
jjsFo/VHUX0wB/KbJTb1Hl2vtID20kR7MfzACFTI9AEbwvG6CX7oWsnciom7bHEiyHWR4Olp
|
|
||||||
tlpQk2RQ4T3RG8r9kDgJuX6KmDH6uI9CdYTuBxQgIfpEm+tfSki3LVfnOKgkRDqAJciBv+ua
|
|
||||||
qeW7KSjNDpBC4u8pn9tyX8RhpYUP7IkCHAQQAQoABgUCTGwP9AAKCRB4U9pNSYga09OUD/9X
|
|
||||||
xTiFFzcuev5k8MtYx7+T30Z549gFnOx6GdFgCK7GzW7ZjnofKt8e0NIQmzzCf0g1vxdulqeZ
|
|
||||||
7Oh8iFrxpPZyOKJoO2BDKS9VnYEANQf+quUJPTdyhGqdMSDQGbSEqjLF3oNp/+jdIIMjuo3Q
|
|
||||||
nShdK/BJPcluN7AoOFLQ3QH4Q5fEbtwc+bEJL9TfFqAhUhcY3TYnqWtsMRW3tkrgCvcp0Bo7
|
|
||||||
LMSJB6jH4Dx5q60Am4V1Zz7C9wxtZeZP+P0h0YYWCbOmQWhzT2aCRYDrp1o3SsuatHm/bPkv
|
|
||||||
rliBzslW8i5Hh3gv5Atn/P5bhMaXtJiGepkat/MGw1hP8BYaSb/mmy9XbdMlfDijcsAF2+w6
|
|
||||||
w1b782oCGXgz2ISqPLsFYWccS4GOAwSytep22iwsWpIx2JNNndg4GVfgBxx3QIhci7EVN5Pv
|
|
||||||
/586PwxTetIZmQ+FNNHcAzqBzi3oe6J8o7HlMEHjG6Dps/D2clTNHtD0vSk5ECfhSC3W8OAD
|
|
||||||
VSuB8NxZVfI2UfnyCsdjyDLUu06fMR4gNW+zlSHI1FJBSVuU8CCQOtMPJ5fHPq3hEc0DFyLx
|
|
||||||
8fPE02n8It0wm5RrdUkgOjiVK2n251SyAwSM6zATCFOIt6zdZWx6T/HrJw5wzI+wgsZHibVt
|
|
||||||
i0vOA0GsAXzobE5yyhhWTnhqJgW2vKNHjYkCIgQQAQoADAUCTGLdPgWDCWYBgAAKCRDM0u2U
|
|
||||||
0hc56aYKD/4gPLkcER4nlKdsMN5x4MuUjBbv/+Hab1+hSDxEiA0Ya2Lt3J64y03fz7J1RzIB
|
|
||||||
djH2QGhdvuZtEohiad44DUdLNGJ98q7PPll2KPeuuth+bDa3P4h8ynVbCJRSmIkSVCRG90eE
|
|
||||||
AibHWOgTNOmn48Rwq5zMEgwNvmgsX7ZRm7Mwggt24LIK93iBMqH7WqS1CujF+WqQygpk671e
|
|
||||||
GUIWSUc/iBmaHZ/yoElL5cSBSPHm+ePyQsPSN7ooaWfodXXTADpQN4d5Tl1WzwZT8G5cRVLP
|
|
||||||
4CZ4sqbzJ9EKWFMlohcf3ibT4r8H5ij8btgq0TvNcoMvCbO2P94KChQWxQSwJRftJ9/GPPo1
|
|
||||||
7zK7pXGK1QMZNMYhvbYSdcbxG/AsmC4qJb4NVdrrxBiEye41+M+nQiT7g2GbbJ9gBCv8k7lH
|
|
||||||
iw3B+KfNoAkQ2v2CaVMrguQuzxCs8Zpl7iKuFG+d3SGqnn8rRrRPE5AOlSk6bOr22jLyGsns
|
|
||||||
URt6Mvh5QyVrk0G/6YW/5IMIVNuS/i12m6ireKvpPBkUIkNlS938vNqZ4LnsZ/+gBlZqmY8H
|
|
||||||
sZEt6Wfq7efDBw8z1FLRW58xOqCY0vh4tteFJkcY1LgzK5GUddIHfYcO/Y6p/3/Vq1/ao4VJ
|
|
||||||
Jq+HSIsqrdW1nF3EDSbwyy96uAdxuhfZLxSgRugCKyyOk4kCNwQTAQgAIQIbAwIeAQIXgAUC
|
|
||||||
Sgdo4AULCQgHAwUVCgkICwUWAgMBAAAKCRBEl1J4uGErXaQAD/9wcX8JM24NI9mCjnHOGOuV
|
|
||||||
eo/1Z9sefzYvhlbbTWvJsEdt5eaL0FRl+kErHtwNyEqvOTAmt860GrpekjkFYQObCsmDOiEy
|
|
||||||
i+vJBScub9YK6TJSOQJ7f7zyIwzHgvilktujiS+/YDqd1IEyxD3QxQ9PTdjcQX/Z7enfBeei
|
|
||||||
sBFfgRwbH32p5EtdwovrmBYtgyXUqp+lSg9kG3vvdj0bt/Fkq7Es1eEW8Sp9QqaBpo2fuzNS
|
|
||||||
rojYfZu68coreRIV/nhuA7/ehjiVXlvzi3su+0ybJwGZXLXaM7kxXoYm5i8NDxp4p+7laXe2
|
|
||||||
J6HUuIQM5ea4NuPu9BKIpKGxqNXQE+n4tmX3lp6QwXuZShwOXjSFsKxXvipKI4sAkxPfrPFa
|
|
||||||
xzz/EDqUf9lzCBZ5nl6+OLv+GyTz6Meq1NGIX1N7u6XBPtdCujVbKzXd5PbEk0Y00skLFcQ4
|
|
||||||
9FwAwDFw1XIPljQ6WttsQlV6k0yoVJZc6HHovnV1zGDviSyUdegDX9uKBmgGG8ApliPLvZ6r
|
|
||||||
haU4yHykFHBMPfwBNBwrmthTShdPS7xh4bz5xYlay9wm2CzIVB6muK8PIyTrRfouuFivJuYA
|
|
||||||
zoEcPBbubalC3OCocLl2xv+Qb5G7cz2hTDx9JZXUD18IeG2A2mcLeGp1zTc1qz/7h9qa0TLe
|
|
||||||
fWpC75exhIgXVrkCDQRKB2tdARAAqsQbw2Qd1WfbJr9U1KRdwTKm2OsDODftgNv0zmfaiYCN
|
|
||||||
iOKEsrsJdtonmaisMi+Z+5/wrf3Q0bV54qmwOMTlCVvqnpxwbVik8VVGWgUcLJYYK5Lkn0dz
|
|
||||||
rtZs6AaT/sbFewir8q6m3ADbq9hTXxt9uUfe5Z/D4sdbhgbWtQa/DeJwWZr6VeyCHcY8BhR0
|
|
||||||
FXYmYDZ0c1rmbZZBt+vIF4UNTNU4x6me9va6QPW0nWTEjae9ExGSPwm1B4hQd63Nop6E2Vqu
|
|
||||||
ahdJqKVRYYmD/IqVXOxAhFRA/w9vqF95aV2BB/ZrF0FTA8iCEbFy3oNrZfq8KlJRCtcUH2qf
|
|
||||||
igMndOt8P65omM1DQhlvterVgm2PCb1GmwLEbMi+HtLntziFozYGLTlAMcUJt7Pyu/iinzx6
|
|
||||||
Sc4U108dmNTJLxqSZtvJFaRyHml9x7oP2gWjpuyVgo1KuEXKq2Z96S+sxE/YtPyB/cBpazZ+
|
|
||||||
+o/i7PLhxKa1RTIA8NgkDelWeNalvYzjNkB+tXeH0UnxtBTC+PW8dyUP8OmmM/2V1Dzcj9Tm
|
|
||||||
Ky/G04TFQyL1NjvFjzXyIUO5WpdEbSs04h5J3KM6YZJlicqB2aKAUslOi9wUIpKRK+UZBTSj
|
|
||||||
886jynsu+HA1Ob6tcTSlwtj95RV7nBTiTM6MpPuxTmZ2DR/vLE6c7yE+XgrOx9EAEQEAAYkC
|
|
||||||
HwQYAQgACQUCSgdrXQIbDAAKCRBEl1J4uGErXVFeD/9Q2vtN0FeOiveLwN4KAFbMLZP97bT/
|
|
||||||
sRJkQQUZoawfbINwzGDuFrZSsWipoBLam6BnMH6OfHkUOrCToZROHYagW/nv/WTjBTX8lJt8
|
|
||||||
SFhHh4ONPBaxF90z/YrpWlNcs/z/rqu+sm1KgCA9mkheENGOj3t97udZNfA1N4NZu67Lo6HZ
|
|
||||||
yUUCK+eJtX6BS2HgMGokHuGha/LokTor1lkl52Y3CVfds9YDrJmlSQVhxI/S6/IajLwKFyHd
|
|
||||||
pMiK/o8q3mYuZ7JKCBOooNnRpa4myUrBetf1p6xZqbhEAALMFJc7/8NXxesqvG7RQJ7VWyYO
|
|
||||||
5BhgzPutqTUOVZskc3r4cvaB7CT1CsKPdW+af/I8q/C7dhTWWthirPN4DCdcTIlK9ECpba+m
|
|
||||||
S7MQG/3ta7+/3lT3yyMKlhLkAaUlUNa/VbzUHOlVA1txJk6jcuEzWIzebEtoT/aYJZwNE+jL
|
|
||||||
CFOC75HTGlxp7/8ngHCXn1rcBS9TQJ7CGX31HhbmNak0LtzhAS4B+fWQLrFfShTREcYD+31z
|
|
||||||
yLns4jIKY8dehPner0Y8RX31/0eQOknRwRSl6uceu/6liJT23KHYzT3FPGHuK2QH6AHnORGS
|
|
||||||
g6FmBsbXSzosQOKWE3sO0dzjPIE6DRKwZIJmqQKvHqeAvPsC0U7JBWlKl0eMoIuDjp9qFDKz
|
|
||||||
BWcdiQ==
|
|
||||||
=iUyJ
|
|
||||||
-----END PGP PUBLIC KEY BLOCK-----
|
|
Binary file not shown.
3
apt/files/stretch_backports_preferences
Normal file
3
apt/files/stretch_backports_preferences
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
Package: *
|
||||||
|
Pin: release a=stretch-backports
|
||||||
|
Pin-Priority: 50
|
|
@ -1,23 +1,17 @@
|
||||||
galaxy_info:
|
galaxy_info:
|
||||||
company: Evolix
|
author: Evolix
|
||||||
description: Add repositories to APT sources list.
|
description: Add repositories to APT sources list.
|
||||||
|
|
||||||
issue_tracker_url: https://gitea.evolix.org/evolix/ansible-roles/issues
|
issue_tracker_url: https://gitea.evolix.org/evolix/ansible-roles/issues
|
||||||
|
|
||||||
license: GPLv2
|
license: GPLv2
|
||||||
|
|
||||||
min_ansible_version: "2.2"
|
min_ansible_version: 2.2
|
||||||
|
|
||||||
platforms:
|
platforms:
|
||||||
- name: Debian
|
- name: Debian
|
||||||
versions:
|
versions:
|
||||||
- jessie
|
- jessie
|
||||||
- stretch
|
|
||||||
- buster
|
|
||||||
|
|
||||||
galaxy_tags: []
|
|
||||||
# Be sure to remove the '[]' above if you add dependencies
|
|
||||||
# to this list.
|
|
||||||
|
|
||||||
dependencies: []
|
dependencies: []
|
||||||
# List your role dependencies here, one per line.
|
# List your role dependencies here, one per line.
|
||||||
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Backports deb822 sources list is installed
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: '{{ ansible_distribution_release }}_backports.sources.j2'
|
|
||||||
dest: /etc/apt/sources.list.d/backports.sources
|
|
||||||
force: true
|
|
||||||
mode: "0640"
|
|
||||||
register: apt_backports_sources
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Apt update
|
|
||||||
ansible.builtin.apt:
|
|
||||||
update_cache: yes
|
|
||||||
when: apt_backports_sources is changed
|
|
||||||
tags:
|
|
||||||
- apt
|
|
|
@ -1,35 +0,0 @@
|
||||||
---
|
|
||||||
- name: No backports config in default sources.list
|
|
||||||
ansible.builtin.lineinfile:
|
|
||||||
dest: /etc/apt/sources.list
|
|
||||||
regexp: "backports"
|
|
||||||
state: absent
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Backports sources list is installed
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: '{{ ansible_distribution_release }}_backports.list.j2'
|
|
||||||
dest: /etc/apt/sources.list.d/backports.list
|
|
||||||
force: true
|
|
||||||
mode: "0640"
|
|
||||||
register: apt_backports_list
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Archived backport are accepted (jessie)
|
|
||||||
ansible.builtin.lineinfile:
|
|
||||||
dest: '/etc/apt/apt.conf.d/99no-check-valid-until'
|
|
||||||
line: 'Acquire::Check-Valid-Until no;'
|
|
||||||
create: yes
|
|
||||||
state: present
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when: ansible_distribution_release == "jessie"
|
|
||||||
|
|
||||||
- name: Apt update
|
|
||||||
ansible.builtin.apt:
|
|
||||||
update_cache: yes
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when: apt_backports_list is changed
|
|
|
@ -1,13 +1,45 @@
|
||||||
---
|
---
|
||||||
|
- name: No backports config in default sources.list
|
||||||
|
lineinfile:
|
||||||
|
dest: /etc/apt/sources.list
|
||||||
|
regexp: "backports"
|
||||||
|
state: absent
|
||||||
|
tags:
|
||||||
|
- apt
|
||||||
|
|
||||||
# Backward compatibility task file
|
- name: Backports sources list is installed
|
||||||
|
template:
|
||||||
|
src: '{{ ansible_distribution_release }}_backports.list.j2'
|
||||||
|
dest: /etc/apt/sources.list.d/backports.list
|
||||||
|
force: yes
|
||||||
|
mode: "0640"
|
||||||
|
register: apt_backports_list
|
||||||
|
tags:
|
||||||
|
- apt
|
||||||
|
|
||||||
- name: Install backports repositories (Debian <12)
|
- name: Backports configuration
|
||||||
ansible.builtin.import_tasks: backports.oneline.yml
|
copy:
|
||||||
when:
|
src: '{{ ansible_distribution_release }}_backports_preferences'
|
||||||
- ansible_distribution_major_version is version('12', '<')
|
dest: /etc/apt/preferences.d/0-backports-defaults
|
||||||
|
force: yes
|
||||||
|
mode: "0640"
|
||||||
|
register: apt_backports_config
|
||||||
|
tags:
|
||||||
|
- apt
|
||||||
|
|
||||||
- name: Install backports repositories (Debian >=12)
|
- name: Archived backport are accepted (jessie)
|
||||||
ansible.builtin.import_tasks: backports.deb822.yml
|
lineinfile:
|
||||||
when:
|
dest: '/etc/apt/apt.conf.d/99no-check-valid-until'
|
||||||
- ansible_distribution_major_version is version('12', '>=')
|
line: 'Acquire::Check-Valid-Until no;'
|
||||||
|
create: yes
|
||||||
|
state: present
|
||||||
|
when: ansible_distribution_release == "jessie"
|
||||||
|
tags:
|
||||||
|
- apt
|
||||||
|
|
||||||
|
- name: Apt update
|
||||||
|
apt:
|
||||||
|
update_cache: yes
|
||||||
|
when: apt_backports_list is changed or apt_backports_config is changed
|
||||||
|
tags:
|
||||||
|
- apt
|
||||||
|
|
|
@ -1,45 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Change basics repositories
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ ansible_distribution_release }}_basics.sources.j2"
|
|
||||||
dest: /etc/apt/sources.list.d/system.sources
|
|
||||||
mode: "0644"
|
|
||||||
force: true
|
|
||||||
register: apt_basic_sources
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Change security repositories
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ ansible_distribution_release }}_security.sources.j2"
|
|
||||||
dest: /etc/apt/sources.list.d/security.sources
|
|
||||||
mode: "0644"
|
|
||||||
force: true
|
|
||||||
register: apt_security_sources
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Find one-line APT sources
|
|
||||||
ansible.builtin.find:
|
|
||||||
paths: /etc/apt
|
|
||||||
patterns: '*.list'
|
|
||||||
register: list_files
|
|
||||||
|
|
||||||
- name: Disable one-line-formatted sources
|
|
||||||
ansible.builtin.command:
|
|
||||||
cmd: "mv --verbose {{ item.path }} {{ item.path }}.bak"
|
|
||||||
environment:
|
|
||||||
LC_ALL: C
|
|
||||||
loop: "{{ list_files.files }}"
|
|
||||||
register: rename_cmd
|
|
||||||
changed_when: "'renamed' in rename_cmd.stdout"
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Apt update
|
|
||||||
ansible.builtin.apt:
|
|
||||||
update_cache: yes
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when: apt_basic_list is changed or apt_security_sources is changed
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Change basics repositories
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ ansible_distribution_release }}_basics.list.j2"
|
|
||||||
dest: /etc/apt/sources.list
|
|
||||||
mode: "0644"
|
|
||||||
force: true
|
|
||||||
register: apt_basic_list
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Apt update
|
|
||||||
ansible.builtin.apt:
|
|
||||||
update_cache: yes
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when: apt_basic_list is changed
|
|
|
@ -1,13 +1,32 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
# Backward compatibility task file
|
- name: Change basics repositories
|
||||||
|
template:
|
||||||
|
src: "{{ ansible_distribution_release }}_basics.list.j2"
|
||||||
|
dest: /etc/apt/sources.list
|
||||||
|
mode: "0644"
|
||||||
|
force: yes
|
||||||
|
register: apt_basic_list
|
||||||
|
tags:
|
||||||
|
- apt
|
||||||
|
|
||||||
- name: Install basics repositories (Debian <12)
|
- name: Clean GANDI sources.list.d/debian-security.list
|
||||||
ansible.builtin.import_tasks: basics.oneline.yml
|
file:
|
||||||
when:
|
path: '{{ item }}'
|
||||||
- ansible_distribution_major_version is version('12', '<')
|
state: absent
|
||||||
|
with_items:
|
||||||
|
- /etc/apt/sources.list.d/debian-security.list
|
||||||
|
- /etc/apt/sources.list.d/debian-jessie.list
|
||||||
|
- /etc/apt/sources.list.d/debian-stretch.list
|
||||||
|
- /etc/apt/sources.list.d/debian-buster.list
|
||||||
|
- /etc/apt/sources.list.d/debian-update.list
|
||||||
|
when: apt_clean_gandi_sourceslist
|
||||||
|
tags:
|
||||||
|
- apt
|
||||||
|
|
||||||
- name: Install basics repositories (Debian >=12)
|
- name: Apt update
|
||||||
ansible.builtin.import_tasks: basics.deb822.yml
|
apt:
|
||||||
when:
|
update_cache: yes
|
||||||
- ansible_distribution_major_version is version('12', '>=')
|
when: apt_basic_list is changed
|
||||||
|
tags:
|
||||||
|
- apt
|
||||||
|
|
|
@ -1,41 +1,55 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Evolinux config for APT
|
- name: Evolinux config for APT
|
||||||
ansible.builtin.lineinfile:
|
lineinfile:
|
||||||
dest: /etc/apt/apt.conf.d/z-evolinux.conf
|
dest: /etc/apt/apt.conf.d/z-evolinux.conf
|
||||||
line: "{{ item.line }}"
|
line: "{{ item.line }}"
|
||||||
regexp: "{{ item.regexp }}"
|
regexp: "{{ item.regexp }}"
|
||||||
create: yes
|
create: yes
|
||||||
state: present
|
state: present
|
||||||
mode: "0640"
|
mode: "0640"
|
||||||
loop:
|
with_items:
|
||||||
- { line: "APT::Install-Recommends \"false\";", regexp: 'APT::Install-Recommends' }
|
- { line: "APT::Install-Recommends \"false\";", regexp: 'APT::Install-Recommends' }
|
||||||
- { line: "APT::Install-Suggests \"false\";", regexp: 'APT::Install-Suggests' }
|
- { line: "APT::Install-Suggests \"false\";", regexp: 'APT::Install-Suggests' }
|
||||||
- { line: "APT::Periodic::Enable \"0\";", regexp: 'APT::Periodic::Enable' }
|
- { line: "APT::Periodic::Enable \"0\";", regexp: 'APT::Periodic::Enable' }
|
||||||
|
when: apt_evolinux_config
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
when: apt_evolinux_config | bool
|
|
||||||
|
|
||||||
- name: DPkg invoke hooks
|
- name: DPkg invoke hooks
|
||||||
ansible.builtin.lineinfile:
|
lineinfile:
|
||||||
dest: /etc/apt/apt.conf.d/z-evolinux.conf
|
dest: /etc/apt/apt.conf.d/z-evolinux.conf
|
||||||
line: "{{ item }}"
|
line: "{{ item }}"
|
||||||
create: yes
|
create: yes
|
||||||
state: present
|
state: present
|
||||||
mode: "0640"
|
mode: "0640"
|
||||||
loop:
|
with_items:
|
||||||
- "DPkg::Pre-Invoke { \"df /tmp | grep -q /tmp && mount -oremount,exec /tmp || true\"; };"
|
- "DPkg::Pre-Invoke { \"df /tmp | grep -q /tmp && mount -oremount,exec /tmp || true\"; };"
|
||||||
- "DPkg::Pre-Invoke { \"df /usr | grep -q /usr && mount -oremount,rw /usr || true\"; };"
|
- "DPkg::Pre-Invoke { \"df /usr | grep -q /usr && mount -oremount,rw /usr || true\"; };"
|
||||||
- "DPkg::Post-Invoke { \"df /tmp | grep -q /tmp && mount -oremount /tmp || true\"; };"
|
- "DPkg::Post-Invoke { \"df /tmp | grep -q /tmp && mount -oremount /tmp || true\"; };"
|
||||||
- "DPkg::Post-Invoke { \"df /usr | grep -q /usr && mount -oremount /usr || true\"; };"
|
- "DPkg::Post-Invoke { \"df /usr | grep -q /usr && mount -oremount /usr || true\"; };"
|
||||||
|
when: apt_hooks
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
when: apt_hooks | bool
|
|
||||||
|
|
||||||
- name: Remove Aptitude
|
- name: Remove Aptitude
|
||||||
ansible.builtin.apt:
|
apt:
|
||||||
name: aptitude
|
name: aptitude
|
||||||
state: absent
|
state: absent
|
||||||
|
when: apt_remove_aptitude
|
||||||
|
tags:
|
||||||
|
- apt
|
||||||
|
|
||||||
|
- name: Updating APT cache
|
||||||
|
apt:
|
||||||
|
update_cache: yes
|
||||||
|
changed_when: False
|
||||||
|
tags:
|
||||||
|
- apt
|
||||||
|
|
||||||
|
- name: Upgrading system
|
||||||
|
apt:
|
||||||
|
upgrade: dist
|
||||||
|
when: apt_upgrade
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
when: apt_remove_aptitude | bool
|
|
||||||
|
|
|
@ -1,59 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Look for legacy apt keyring
|
|
||||||
ansible.builtin.stat:
|
|
||||||
path: /etc/apt/trusted.gpg
|
|
||||||
register: _trusted_gpg_keyring
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Evolix embedded GPG key is absent
|
|
||||||
ansible.builtin.apt_key:
|
|
||||||
id: "B8612B5D"
|
|
||||||
keyring: /etc/apt/trusted.gpg
|
|
||||||
state: absent
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when: _trusted_gpg_keyring.stat.exists
|
|
||||||
|
|
||||||
- name: "Ensure {{ apt_keyring_dir }} directory exists"
|
|
||||||
file:
|
|
||||||
path: "{{ apt_keyring_dir }}"
|
|
||||||
state: directory
|
|
||||||
mode: "755"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
|
|
||||||
- name: Set Evolix GPG key format to ASC
|
|
||||||
set_fact:
|
|
||||||
apt_evolix_public_key: "{{ apt_keyring_dir }}/pub_evolix.asc"
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Add Evolix GPG key
|
|
||||||
ansible.builtin.copy:
|
|
||||||
src: pub_evolix.asc
|
|
||||||
dest: "{{ apt_evolix_public_key }}"
|
|
||||||
force: true
|
|
||||||
mode: "0644"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Evolix public list is installed
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: evolix_public.sources.j2
|
|
||||||
dest: /etc/apt/sources.list.d/evolix_public.sources
|
|
||||||
force: true
|
|
||||||
mode: "0640"
|
|
||||||
register: apt_evolix_public
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Apt update
|
|
||||||
ansible.builtin.apt:
|
|
||||||
update_cache: yes
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when: apt_evolix_public is changed
|
|
|
@ -1,69 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Look for legacy apt keyring
|
|
||||||
ansible.builtin.stat:
|
|
||||||
path: /etc/apt/trusted.gpg
|
|
||||||
register: _trusted_gpg_keyring
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Evolix embedded GPG key is absent
|
|
||||||
ansible.builtin.apt_key:
|
|
||||||
id: "B8612B5D"
|
|
||||||
keyring: /etc/apt/trusted.gpg
|
|
||||||
state: absent
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when: _trusted_gpg_keyring.stat.exists
|
|
||||||
|
|
||||||
- name: "Ensure {{ apt_keyring_dir }} directory exists"
|
|
||||||
file:
|
|
||||||
path: "{{ apt_keyring_dir }}"
|
|
||||||
state: directory
|
|
||||||
mode: "755"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
|
|
||||||
- name: Set Evolix GPG key format to GPG (Debian < 9)
|
|
||||||
set_fact:
|
|
||||||
apt_evolix_public_key: "pub_evolix.gpg"
|
|
||||||
when:
|
|
||||||
- ansible_distribution_major_version is version('9', '<')
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Set Evolix GPG key format to ASC (Debian >= 9)
|
|
||||||
set_fact:
|
|
||||||
apt_evolix_public_key: "pub_evolix.asc"
|
|
||||||
when:
|
|
||||||
- ansible_distribution_major_version is version('9', '>=')
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Add Evolix GPG key
|
|
||||||
ansible.builtin.copy:
|
|
||||||
src: "{{ apt_evolix_public_key }}"
|
|
||||||
dest: "{{ apt_keyring_dir }}/{{ apt_evolix_public_key }}"
|
|
||||||
force: true
|
|
||||||
mode: "0644"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Evolix public list is installed
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: evolix_public.list.j2
|
|
||||||
dest: /etc/apt/sources.list.d/evolix_public.list
|
|
||||||
force: true
|
|
||||||
mode: "0640"
|
|
||||||
register: apt_evolix_public
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Apt update
|
|
||||||
ansible.builtin.apt:
|
|
||||||
update_cache: yes
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when: apt_evolix_public is changed
|
|
|
@ -1,13 +1,33 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
# Backward compatibility task file
|
# - name: Fail if distribution is not supported
|
||||||
|
# fail:
|
||||||
|
# msg: "Error: Evolix public repository is not compatble with 'Debian Stretch' yet."
|
||||||
|
# when: ansible_distribution_release == "stretch"
|
||||||
|
# tags:
|
||||||
|
# - apt
|
||||||
|
|
||||||
- name: Install Evolix Public repositories (Debian <12)
|
|
||||||
ansible.builtin.import_tasks: evolix_public.oneline.yml
|
|
||||||
when:
|
|
||||||
- ansible_distribution_major_version is version('12', '<')
|
|
||||||
|
|
||||||
- name: Install Evolix Public repositories (Debian >=12)
|
- name: Add Evolix GPG key
|
||||||
ansible.builtin.import_tasks: evolix_public.deb822.yml
|
apt_key:
|
||||||
when:
|
#url: http://keyserver.ubuntu.com/pks/lookup?op=get&search=0x44975278B8612B5D
|
||||||
- ansible_distribution_major_version is version('12', '>=')
|
data: "{{ lookup('file', 'reg.gpg') }}"
|
||||||
|
tags:
|
||||||
|
- apt
|
||||||
|
|
||||||
|
- name: Evolix public list is installed
|
||||||
|
template:
|
||||||
|
src: evolix_public.list.j2
|
||||||
|
dest: /etc/apt/sources.list.d/evolix_public.list
|
||||||
|
force: yes
|
||||||
|
mode: "0640"
|
||||||
|
register: apt_evolix_public
|
||||||
|
tags:
|
||||||
|
- apt
|
||||||
|
|
||||||
|
- name: Apt update
|
||||||
|
apt:
|
||||||
|
update_cache: yes
|
||||||
|
when: apt_evolix_public is changed
|
||||||
|
tags:
|
||||||
|
- apt
|
||||||
|
|
|
@ -1,37 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: "Ensure {{ apt_keyring_dir }} directory exists"
|
|
||||||
file:
|
|
||||||
path: "{{ apt_keyring_dir }}"
|
|
||||||
state: directory
|
|
||||||
mode: "755"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
|
|
||||||
- name: Add Evolix GPG key
|
|
||||||
ansible.builtin.copy:
|
|
||||||
src: "freexian-archive-extended-lts.gpg"
|
|
||||||
dest: "{{ apt_keyring_dir }}/freexian-archive-extended-lts.gpg"
|
|
||||||
force: true
|
|
||||||
mode: "0644"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: ELTS list is installed
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ ansible_distribution_release }}_extended-lts.list.j2"
|
|
||||||
dest: /etc/apt/sources.list.d/extended-lts.list
|
|
||||||
force: true
|
|
||||||
mode: "0640"
|
|
||||||
register: apt_extended_lts
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Apt update
|
|
||||||
ansible.builtin.apt:
|
|
||||||
update_cache: yes
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when: apt_extended_lts is changed
|
|
|
@ -1,24 +1,16 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- ansible.builtin.include_role:
|
|
||||||
name: evolix/remount-usr
|
|
||||||
|
|
||||||
- name: "hold packages (apt)"
|
- name: "hold packages (apt)"
|
||||||
ansible.builtin.shell:
|
shell: "(dpkg -l {{ item }} 2>/dev/null | grep -q -E '^(i|h)i') && ((apt-mark showhold | grep --quiet {{ item }}) || apt-mark hold {{ item }})"
|
||||||
cmd: "set -o pipefail && (dpkg -l {{ item }} 2>/dev/null | grep -q -E '^(i|h)i') && ((apt-mark showhold | grep --quiet {{ item }}) || apt-mark hold {{ item }})"
|
|
||||||
executable: /bin/bash
|
|
||||||
check_mode: no
|
|
||||||
register: apt_mark
|
register: apt_mark
|
||||||
changed_when: "item + ' set on hold.' in apt_mark.stdout"
|
changed_when: "item + ' set on hold.' in apt_mark.stdout"
|
||||||
failed_when:
|
failed_when: apt_mark.rc != 0 and apt_mark.stdout
|
||||||
- apt_mark.rc != 0
|
|
||||||
- apt_mark.stdout | length > 0
|
|
||||||
loop: "{{ apt_hold_packages }}"
|
loop: "{{ apt_hold_packages }}"
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
|
|
||||||
- name: "/etc/evolinux is present"
|
- name: "/etc/evolinux is present"
|
||||||
ansible.builtin.file:
|
file:
|
||||||
dest: /etc/evolinux
|
dest: /etc/evolinux
|
||||||
mode: "0700"
|
mode: "0700"
|
||||||
state: directory
|
state: directory
|
||||||
|
@ -26,7 +18,7 @@
|
||||||
- apt
|
- apt
|
||||||
|
|
||||||
- name: "hold packages (config)"
|
- name: "hold packages (config)"
|
||||||
ansible.builtin.lineinfile:
|
lineinfile:
|
||||||
dest: /etc/evolinux/apt_hold_packages.cf
|
dest: /etc/evolinux/apt_hold_packages.cf
|
||||||
line: "{{ item }}"
|
line: "{{ item }}"
|
||||||
create: True
|
create: True
|
||||||
|
@ -36,10 +28,7 @@
|
||||||
- apt
|
- apt
|
||||||
|
|
||||||
- name: "unhold packages (apt)"
|
- name: "unhold packages (apt)"
|
||||||
ansible.builtin.shell:
|
shell: "(dpkg -l {{ item }} 2>/dev/null | grep -q -E '^(i|h)i') && ((apt-mark showhold | grep --quiet {{ item }}) && apt-mark unhold {{ item }})"
|
||||||
cmd: "set -o pipefail && (dpkg -l {{ item }} 2>/dev/null | grep -q -E '^(i|h)i') && ((apt-mark showhold | grep --quiet {{ item }}) && apt-mark unhold {{ item }})"
|
|
||||||
executable: /bin/bash
|
|
||||||
check_mode: no
|
|
||||||
register: apt_mark
|
register: apt_mark
|
||||||
changed_when: "'Canceled hold on' + item in apt_mark.stdout"
|
changed_when: "'Canceled hold on' + item in apt_mark.stdout"
|
||||||
failed_when: apt_mark.rc != 0 and not apt_mark.stdout = ''
|
failed_when: apt_mark.rc != 0 and not apt_mark.stdout = ''
|
||||||
|
@ -48,7 +37,7 @@
|
||||||
- apt
|
- apt
|
||||||
|
|
||||||
- name: "unhold packages (config)"
|
- name: "unhold packages (config)"
|
||||||
ansible.builtin.lineinfile:
|
lineinfile:
|
||||||
dest: /etc/evolinux/apt_hold_packages.cf
|
dest: /etc/evolinux/apt_hold_packages.cf
|
||||||
line: "{{ item }}"
|
line: "{{ item }}"
|
||||||
create: True
|
create: True
|
||||||
|
@ -58,7 +47,7 @@
|
||||||
- apt
|
- apt
|
||||||
|
|
||||||
- name: /usr/share/scripts exists
|
- name: /usr/share/scripts exists
|
||||||
ansible.builtin.file:
|
file:
|
||||||
dest: /usr/share/scripts
|
dest: /usr/share/scripts
|
||||||
mode: "0700"
|
mode: "0700"
|
||||||
owner: root
|
owner: root
|
||||||
|
@ -68,35 +57,25 @@
|
||||||
- apt
|
- apt
|
||||||
|
|
||||||
- name: Check scripts is installed
|
- name: Check scripts is installed
|
||||||
ansible.builtin.copy:
|
copy:
|
||||||
src: check_held_packages.sh
|
src: check_held_packages.sh
|
||||||
dest: /usr/share/scripts/check_held_packages.sh
|
dest: /usr/share/scripts/check_held_packages.sh
|
||||||
force: true
|
force: yes
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
|
|
||||||
- name: List scripts is installed
|
- name: Check if Cron is installed
|
||||||
ansible.builtin.copy:
|
shell: "dpkg --list 'cron' 2>/dev/null | grep -q -E '^(i|h)i'"
|
||||||
src: list-upgradable-held-packages.sh
|
|
||||||
dest: /usr/share/scripts/list-upgradable-held-packages.sh
|
|
||||||
force: true
|
|
||||||
mode: "0755"
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Check if cron is installed
|
|
||||||
ansible.builtin.shell:
|
|
||||||
cmd: "dpkg --list 'cron' 2>/dev/null | grep -q -E '^(i|h)i'"
|
|
||||||
register: is_cron
|
register: is_cron
|
||||||
changed_when: False
|
changed_when: false
|
||||||
failed_when: False
|
failed_when: false
|
||||||
check_mode: no
|
check_mode: no
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
|
|
||||||
- name: Check for held packages (script)
|
- name: Check for held packages (script)
|
||||||
ansible.builtin.cron:
|
cron:
|
||||||
cron_file: apt-hold-packages
|
cron_file: apt-hold-packages
|
||||||
name: check_held_packages
|
name: check_held_packages
|
||||||
job: "/usr/share/scripts/check_held_packages.sh"
|
job: "/usr/share/scripts/check_held_packages.sh"
|
||||||
|
@ -107,18 +86,6 @@
|
||||||
day: "{{ apt_check_hold_cron_day }}"
|
day: "{{ apt_check_hold_cron_day }}"
|
||||||
month: "{{ apt_check_hold_cron_month }}"
|
month: "{{ apt_check_hold_cron_month }}"
|
||||||
state: "present"
|
state: "present"
|
||||||
|
when: is_cron.rc == 0
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
when: is_cron.rc == 0
|
|
||||||
|
|
||||||
- name: List upgradable held packages (script)
|
|
||||||
ansible.builtin.cron:
|
|
||||||
cron_file: apt-hold-packages
|
|
||||||
name: list-upgradable-held-packages
|
|
||||||
job: "/usr/share/scripts/list-upgradable-held-packages.sh"
|
|
||||||
user: root
|
|
||||||
special_time: "{{ apt_list_upgradable_held_special_time | mandatory }}"
|
|
||||||
state: "{{ apt_list_upgradable_held_enabled | bool | ternary('present', 'absent') }}"
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when: is_cron.rc == 0
|
|
||||||
|
|
|
@ -1,137 +1,39 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: "Compatibility check"
|
- name: "Compatibility check"
|
||||||
ansible.builtin.assert:
|
fail:
|
||||||
that:
|
msg: only compatible with Debian >= 8
|
||||||
- ansible_distribution == "Debian"
|
when:
|
||||||
- ansible_distribution_major_version is version('8', '>=')
|
- ansible_distribution != "Debian" or ansible_distribution_major_version is version('8', '<')
|
||||||
msg: Only compatible with Debian >= 8
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: "apt-transport-https is installed for https repositories (before Buster)"
|
|
||||||
ansible.builtin.apt:
|
|
||||||
name:
|
|
||||||
- apt-transport-https
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when: ansible_distribution_major_version is version('10', '<')
|
|
||||||
|
|
||||||
- name: "certificates are installed for https repositories"
|
|
||||||
ansible.builtin.apt:
|
|
||||||
name:
|
|
||||||
- ca-certificates
|
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
|
|
||||||
- name: Custom configuration
|
- name: Custom configuration
|
||||||
ansible.builtin.import_tasks: config.yml
|
include: config.yml
|
||||||
when: apt_config | bool
|
when: apt_config
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
|
|
||||||
- name: Install basics repositories (Debian <12)
|
- name: Install basics repositories
|
||||||
ansible.builtin.import_tasks: basics.oneline.yml
|
include: basics.yml
|
||||||
|
when: apt_install_basics
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
when:
|
|
||||||
- apt_install_basics | bool
|
|
||||||
- ansible_distribution_major_version is version('12', '<')
|
|
||||||
|
|
||||||
- name: Install basics repositories (Debian >=12)
|
- name: Install APT Backports repository
|
||||||
ansible.builtin.import_tasks: basics.deb822.yml
|
include: backports.yml
|
||||||
|
when: apt_install_backports
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
when:
|
|
||||||
- apt_install_basics | bool
|
|
||||||
- ansible_distribution_major_version is version('12', '>=')
|
|
||||||
|
|
||||||
- name: Install backports repositories (Debian <12)
|
- name: Install Evolix Public APT repository
|
||||||
ansible.builtin.import_tasks: backports.oneline.yml
|
include: evolix_public.yml
|
||||||
|
when: apt_install_evolix_public
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
when:
|
|
||||||
- apt_install_backports | bool
|
|
||||||
- ansible_distribution_major_version is version('12', '<')
|
|
||||||
|
|
||||||
# With Debian 12+ and the deb822 format of source files
|
|
||||||
# backports are always installed but enabled according to `apt_install_backports`
|
|
||||||
- name: Install backports repositories (Debian >=12)
|
|
||||||
ansible.builtin.import_tasks: backports.deb822.yml
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when:
|
|
||||||
- ansible_distribution_major_version is version('12', '>=')
|
|
||||||
|
|
||||||
|
|
||||||
- name: Install Evolix Public repositories (Debian <12)
|
|
||||||
ansible.builtin.import_tasks: evolix_public.oneline.yml
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when:
|
|
||||||
- apt_install_evolix_public | bool
|
|
||||||
- ansible_distribution_major_version is version('12', '<')
|
|
||||||
|
|
||||||
- name: Install Evolix Public repositories (Debian >=12)
|
|
||||||
ansible.builtin.import_tasks: evolix_public.deb822.yml
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when:
|
|
||||||
- apt_install_evolix_public | bool
|
|
||||||
- ansible_distribution_major_version is version('12', '>=')
|
|
||||||
|
|
||||||
- name: Install Extended-LTS repositories (Debian < 10)
|
|
||||||
ansible.builtin.import_tasks: extended-lts.oneline.yml
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when:
|
|
||||||
- apt_install_extended_lts | bool
|
|
||||||
- ansible_distribution_major_version is version('10', '<')
|
|
||||||
|
|
||||||
- name: Clean GANDI sources
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: '{{ item }}'
|
|
||||||
state: absent
|
|
||||||
loop:
|
|
||||||
- /etc/apt/sources.list.d/debian-security.list
|
|
||||||
- /etc/apt/sources.list.d/debian-jessie.list
|
|
||||||
- /etc/apt/sources.list.d/debian-stretch.list
|
|
||||||
- /etc/apt/sources.list.d/debian-buster.list
|
|
||||||
- /etc/apt/sources.list.d/debian-bullseye.list
|
|
||||||
- /etc/apt/sources.list.d/debian-update.list
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when: apt_clean_gandi_sourceslist | bool
|
|
||||||
|
|
||||||
|
|
||||||
- name: "Disable NonFreeFirmware warning for VM on Debian 12+"
|
|
||||||
ansible.builtin.lineinfile:
|
|
||||||
path: /etc/apt/apt.conf.d/no-bookworm-firmware.conf
|
|
||||||
create: yes
|
|
||||||
line: "APT::Get::Update::SourceListWarnings::NonFreeFirmware \"false\";"
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when:
|
|
||||||
- ansible_distribution_major_version is version('12', '>=')
|
|
||||||
- ansible_virtualization_role == "guest"
|
|
||||||
|
|
||||||
|
|
||||||
- name: Install check for packages marked hold
|
- name: Install check for packages marked hold
|
||||||
ansible.builtin.import_tasks: hold_packages.yml
|
include: hold_packages.yml
|
||||||
when: apt_install_hold_packages | bool
|
when: apt_install_hold_packages
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Updating APT cache
|
|
||||||
ansible.builtin.apt:
|
|
||||||
update_cache: yes
|
|
||||||
changed_when: False
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Upgrading system
|
|
||||||
ansible.builtin.apt:
|
|
||||||
upgrade: dist
|
|
||||||
when: apt_upgrade | bool
|
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
|
|
|
@ -1,62 +0,0 @@
|
||||||
---
|
|
||||||
- ansible.builtin.include_role:
|
|
||||||
name: evolix/remount-usr
|
|
||||||
|
|
||||||
- name: /usr/share/scripts exists
|
|
||||||
ansible.builtin.file:
|
|
||||||
dest: /usr/share/scripts
|
|
||||||
mode: "0700"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
state: directory
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Migration scripts are installed
|
|
||||||
ansible.builtin.copy:
|
|
||||||
src: "{{ item }}"
|
|
||||||
dest: "/usr/share/scripts/{{ item }}"
|
|
||||||
force: true
|
|
||||||
mode: "0755"
|
|
||||||
loop:
|
|
||||||
- deb822-migration.py
|
|
||||||
- deb822-migration.sh
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Exec migration script
|
|
||||||
ansible.builtin.command:
|
|
||||||
cmd: /usr/share/scripts/deb822-migration.sh
|
|
||||||
ignore_errors: yes
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: Is system.sources present?
|
|
||||||
ansible.builtin.stat:
|
|
||||||
path: /etc/apt/sources.list.d/system.sources
|
|
||||||
register: _system_sources
|
|
||||||
|
|
||||||
- name: Add signed-by when relevant for bookworm
|
|
||||||
ansible.builtin.lineinfile:
|
|
||||||
dest: /etc/apt/sources.list.d/system.sources
|
|
||||||
line: "Signed-by: /usr/share/keyrings/debian-archive-keyring.gpg"
|
|
||||||
insertafter: "Suites: bookworm bookworm-updates"
|
|
||||||
state: present
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when: _system_sources.stat.exists or not ansible_check_mode
|
|
||||||
|
|
||||||
- name: Is security.sources present?
|
|
||||||
ansible.builtin.stat:
|
|
||||||
path: /etc/apt/sources.list.d/security.sources
|
|
||||||
register: _security_sources
|
|
||||||
|
|
||||||
- name: Add signed-by when relevant for bookworm-security
|
|
||||||
ansible.builtin.lineinfile:
|
|
||||||
dest: /etc/apt/sources.list.d/security.sources
|
|
||||||
line: "Signed-by: /usr/share/keyrings/debian-archive-keyring.gpg"
|
|
||||||
insertafter: "Suites: bookworm-security"
|
|
||||||
state: present
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
when: _security_sources.stat.exists or not ansible_check_mode
|
|
|
@ -1,53 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: New APT keyrings directory is present
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: /etc/apt/keyrings
|
|
||||||
state: directory
|
|
||||||
mode: "0755"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
|
|
||||||
- ansible.builtin.include_role:
|
|
||||||
name: evolix/remount-usr
|
|
||||||
|
|
||||||
- name: /usr/share/scripts exists
|
|
||||||
ansible.builtin.file:
|
|
||||||
dest: /usr/share/scripts
|
|
||||||
mode: "0700"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
state: directory
|
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
|
|
||||||
- name: migration script is present
|
|
||||||
ansible.builtin.copy:
|
|
||||||
src: move-apt-keyrings.sh
|
|
||||||
dest: /usr/share/scripts/move-apt-keyrings.sh
|
|
||||||
mode: "0755"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
|
|
||||||
- name: Move repository signing key
|
|
||||||
ansible.builtin.command:
|
|
||||||
cmd: "/usr/share/scripts/move-apt-keyrings.sh \"{{ item.repository_pattern }}\" \"{{ item.key }}\""
|
|
||||||
loop:
|
|
||||||
- { repository_pattern: "http://pub.evolix.net/", key: "reg.asc" }
|
|
||||||
- { repository_pattern: "http://pub.evolix.org/evolix", key: "pub_evolix.asc" }
|
|
||||||
- { repository_pattern: "https://pub.evolix.org/evolix", key: "pub_evolix.asc" }
|
|
||||||
- { repository_pattern: "https://artifacts.elastic.co/packages/[^/]+/apt", key: "elastics.asc" }
|
|
||||||
- { repository_pattern: "https://download.docker.com/linux/debian", key: "docker-debian.asc" }
|
|
||||||
- { repository_pattern: "https://downloads.linux.hpe.com/SDR/repo/mcp", key: "hpePublicKey2048_key1.asc" }
|
|
||||||
- { repository_pattern: "http://pkg.jenkins-ci.org/debian-stable", key: "jenkins.asc" }
|
|
||||||
- { repository_pattern: "https://packages.sury.org/php/", key: "sury.gpg" }
|
|
||||||
- { repository_pattern: "http://repo.mongodb.org/apt/debian", key: "mongodb-server-[0-9\\.]+.asc" }
|
|
||||||
- { repository_pattern: "http://apt.newrelic.com/debian/", key: "newrelic.asc" }
|
|
||||||
- { repository_pattern: "https://deb.nodesource.com/", key: "nodesource.asc" }
|
|
||||||
- { repository_pattern: "https://dl.yarnpkg.com/debian/", key: "yarn.asc" }
|
|
||||||
- { repository_pattern: "http://apt.postgresql.org/pub/repos/apt/", key: "postgresql.asc" }
|
|
||||||
register: _cmd
|
|
||||||
|
|
||||||
- name: Debug command
|
|
||||||
ansible.builtin.debug:
|
|
||||||
var: _cmd
|
|
|
@ -1,7 +0,0 @@
|
||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
Types: deb
|
|
||||||
URIs: http://mirror.evolix.org/debian
|
|
||||||
Suites: bullseye-backports
|
|
||||||
Components: {{ apt_backports_components | mandatory }}
|
|
||||||
Enabled: {{ apt_install_backports | bool | ternary('yes', 'no') }}
|
|
|
@ -1,8 +0,0 @@
|
||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
Types: deb
|
|
||||||
URIs: http://mirror.evolix.org/debian
|
|
||||||
Suites: bookworm bookworm-updates
|
|
||||||
Components: {{ apt_basics_components | mandatory }}
|
|
||||||
Enabled: yes
|
|
||||||
Signed-By: /usr/share/keyrings/debian-archive-bookworm-automatic.gpg
|
|
|
@ -1,8 +0,0 @@
|
||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
Types: deb
|
|
||||||
URIs: https://security.debian.org/debian-security
|
|
||||||
Suites: bookworm-security
|
|
||||||
Components: {{ apt_basics_components | mandatory }}
|
|
||||||
Enabled: yes
|
|
||||||
Signed-By: /usr/share/keyrings/debian-archive-bookworm-security-automatic.gpg
|
|
|
@ -1,3 +0,0 @@
|
||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
deb http://mirror.evolix.org/debian bullseye-backports {{ apt_backports_components | mandatory }}
|
|
|
@ -1,5 +0,0 @@
|
||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
deb http://mirror.evolix.org/debian bullseye {{ apt_basics_components | mandatory }}
|
|
||||||
deb http://mirror.evolix.org/debian bullseye-updates {{ apt_basics_components | mandatory }}
|
|
||||||
deb http://security.debian.org/debian-security bullseye-security {{ apt_basics_components | mandatory }}
|
|
|
@ -1,3 +1,3 @@
|
||||||
# {{ ansible_managed }}
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
deb http://archive.debian.org/debian buster-backports {{ apt_backports_components | mandatory }}
|
deb http://mirror.evolix.org/debian buster-backports {{ apt_backports_components | mandatory }}
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
# {{ ansible_managed }}
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
deb http://archive.debian.org/debian buster {{ apt_basics_components | mandatory }}
|
deb http://mirror.evolix.org/debian buster {{ apt_basics_components | mandatory }}
|
||||||
|
deb http://mirror.evolix.org/debian/ buster-updates {{ apt_basics_components | mandatory }}
|
||||||
deb http://security.debian.org/debian-security buster/updates {{ apt_basics_components | mandatory }}
|
deb http://security.debian.org/debian-security buster/updates {{ apt_basics_components | mandatory }}
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
# {{ ansible_managed }}
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
deb [signed-by={{ apt_keyring_dir }}/{{ apt_evolix_public_key }}] http://pub.evolix.org/evolix {{ ansible_distribution_release }} main
|
deb http://pub.evolix.net/ {{ ansible_distribution_release }}/
|
||||||
|
|
|
@ -1,8 +0,0 @@
|
||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
Types: deb
|
|
||||||
URIs: http://pub.evolix.org/evolix
|
|
||||||
Suites: {{ ansible_distribution_release }}
|
|
||||||
Components: main
|
|
||||||
Signed-by: {{ apt_keyring_dir }}/pub_evolix.asc
|
|
||||||
Enabled: yes
|
|
|
@ -1,5 +1,4 @@
|
||||||
# {{ ansible_managed }}
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
### Those repositories are unusable. Move to ELTS (manually).
|
deb http://mirror.evolix.org/debian/ jessie {{ apt_basics_components | mandatory }}
|
||||||
# deb http://archive.debian.org/debian jessie {{ apt_basics_components | mandatory }}
|
deb http://security.debian.org/ jessie/updates {{ apt_basics_components | mandatory }}
|
||||||
# deb http://archive.debian.org/debian-security jessie/updates {{ apt_basics_components | mandatory }}
|
|
||||||
|
|
|
@ -1,4 +0,0 @@
|
||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
deb [signed-by="{{ apt_keyring_dir }}/freexian-archive-extended-lts.gpg"] http://elts.evolix.org/extended-lts jessie main
|
|
||||||
deb [signed-by="{{ apt_keyring_dir }}/freexian-archive-extended-lts.gpg"] http://elts.evolix.org/extended-lts jessie-lts main
|
|
|
@ -1,3 +1,3 @@
|
||||||
# {{ ansible_managed }}
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
deb http://archive.debian.org/debian stretch-backports {{ apt_backports_components | mandatory }}
|
deb http://mirror.evolix.org/debian stretch-backports {{ apt_backports_components | mandatory }}
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
# {{ ansible_managed }}
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
deb http://archive.debian.org/debian stretch {{ apt_basics_components | mandatory }}
|
deb http://mirror.evolix.org/debian stretch {{ apt_basics_components | mandatory }}
|
||||||
deb http://archive.debian.org/debian-security stretch/updates {{ apt_basics_components | mandatory }}
|
deb http://mirror.evolix.org/debian/ stretch-updates {{ apt_basics_components | mandatory }}
|
||||||
|
deb http://security.debian.org/debian-security stretch/updates {{ apt_basics_components | mandatory }}
|
||||||
|
|
|
@ -1,4 +0,0 @@
|
||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
deb [signed-by="{{ apt_keyring_dir }}/freexian-archive-extended-lts.gpg"] http://elts.evolix.org/extended-lts stretch main
|
|
||||||
deb [signed-by="{{ apt_keyring_dir }}/freexian-archive-extended-lts.gpg"] http://elts.evolix.org/extended-lts stretch-lts main
|
|
|
@ -1,17 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
general_scripts_dir: "/usr/share/scripts"
|
|
||||||
|
|
||||||
autosysadmin_agent_bin_dir: "/usr/local/bin/autosysadmin"
|
|
||||||
autosysadmin_agent_lib_dir: "/usr/local/lib/autosysadmin"
|
|
||||||
autosysadmin_agent_auto_dir: "{{ general_scripts_dir }}/autosysadmin/restart"
|
|
||||||
|
|
||||||
autosysadmin_agent_crontab_enabled: true
|
|
||||||
autosysadmin_agent_log_retention_days: 365
|
|
||||||
|
|
||||||
autosysadmin_config: []
|
|
||||||
### All repair are disabled if set to 'off'
|
|
||||||
### even if a specific repair value is 'on'
|
|
||||||
# repair_all: 'on'
|
|
||||||
### Default values for checks
|
|
||||||
# repair_foo: 'off'
|
|
|
@ -1,13 +0,0 @@
|
||||||
/var/log/autosysadmin.log {
|
|
||||||
daily
|
|
||||||
missingok
|
|
||||||
rotate 365
|
|
||||||
compress
|
|
||||||
nodelaycompress
|
|
||||||
notifempty
|
|
||||||
dateext
|
|
||||||
dateformat .%Y-%m-%d
|
|
||||||
dateyesterday
|
|
||||||
copytruncate
|
|
||||||
create 0640 root adm
|
|
||||||
}
|
|
|
@ -1,3 +0,0 @@
|
||||||
$template autosysadmin, "/var/log/autosysadmin.log"
|
|
||||||
if $programname contains 'autosysadmin' then ?autosysadmin
|
|
||||||
& stop
|
|
|
@ -1,25 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
days=${1:-365}
|
|
||||||
log_dir="/var/log/autosysadmin/"
|
|
||||||
|
|
||||||
if [ -d "${log_dir}" ]; then
|
|
||||||
find_run_dirs() {
|
|
||||||
find "${log_dir}" \
|
|
||||||
-mindepth 1 \
|
|
||||||
-maxdepth 1 \
|
|
||||||
-type d \
|
|
||||||
-ctime "+${days}" \
|
|
||||||
-print0
|
|
||||||
}
|
|
||||||
log() {
|
|
||||||
/usr/bin/logger -p local0.notice -t autosysadmin "${1}"
|
|
||||||
}
|
|
||||||
|
|
||||||
while IFS= read -r -d '' run_dir; do
|
|
||||||
rm --recursive --force "${run_dir}"
|
|
||||||
log "Delete ${run_dir} (older than ${days} days)"
|
|
||||||
done < <(find_run_dirs)
|
|
||||||
fi
|
|
||||||
|
|
||||||
exit 0
|
|
|
@ -1,907 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
VERSION="24.03.2"
|
|
||||||
|
|
||||||
# Common functions for "repair" and "restart" scripts
|
|
||||||
|
|
||||||
set -u
|
|
||||||
|
|
||||||
# Initializes the program, context, configuration…
|
|
||||||
initialize() {
|
|
||||||
PATH="${PATH}":/usr/sbin:/sbin
|
|
||||||
|
|
||||||
# Used in many places to refer to the program name.
|
|
||||||
# Examples: repair_mysql, restart_nrpe…
|
|
||||||
PROGNAME=$(basename "${0}")
|
|
||||||
|
|
||||||
# find out if running in interactive mode, or not
|
|
||||||
if [ -t 0 ]; then
|
|
||||||
INTERACTIVE=1
|
|
||||||
else
|
|
||||||
INTERACTIVE=0
|
|
||||||
fi
|
|
||||||
readonly INTERACTIVE
|
|
||||||
|
|
||||||
# Default empty value for Debug mode
|
|
||||||
DEBUG="${DEBUG:-""}"
|
|
||||||
|
|
||||||
# Repair scripts obey to the value of a variable named after the script
|
|
||||||
# You can set the value ("on" or "off") in /etc/evolinux/autosysadmin
|
|
||||||
# Here we set the default value to "on".
|
|
||||||
declare -g "${PROGNAME}"=on # dynamic variable assignment ($PROGNAME == repair_*)
|
|
||||||
|
|
||||||
PID=$$
|
|
||||||
readonly PID
|
|
||||||
|
|
||||||
# Each execution (run) gets a unique ID
|
|
||||||
RUN_ID="$(date +"%Y-%m-%d_%H-%M")_${PROGNAME}_${PID}"
|
|
||||||
readonly RUN_ID
|
|
||||||
|
|
||||||
# Main log directory
|
|
||||||
MAIN_LOG_DIR="/var/log/autosysadmin"
|
|
||||||
readonly MAIN_LOG_DIR
|
|
||||||
# shellcheck disable=SC2174
|
|
||||||
mkdir --mode=750 --parents "${MAIN_LOG_DIR}"
|
|
||||||
chgrp adm "${MAIN_LOG_DIR}"
|
|
||||||
|
|
||||||
# Each execution store some information
|
|
||||||
# in a unique directory based on the RUN_ID
|
|
||||||
RUN_LOG_DIR="${MAIN_LOG_DIR}/${RUN_ID}"
|
|
||||||
readonly RUN_LOG_DIR
|
|
||||||
# shellcheck disable=SC2174
|
|
||||||
mkdir --mode=750 --parents "${RUN_LOG_DIR}"
|
|
||||||
chgrp adm "${RUN_LOG_DIR}"
|
|
||||||
|
|
||||||
# This log file contains all events
|
|
||||||
RUN_LOG_FILE="${RUN_LOG_DIR}/autosysadmin.log"
|
|
||||||
readonly RUN_LOG_FILE
|
|
||||||
|
|
||||||
# This log file contains notable actions
|
|
||||||
ACTIONS_FILE="${RUN_LOG_DIR}/actions.log"
|
|
||||||
readonly ACTIONS_FILE
|
|
||||||
touch "${ACTIONS_FILE}"
|
|
||||||
# This log file contains abort reasons (if any)
|
|
||||||
ABORT_FILE="${RUN_LOG_DIR}/abort.log"
|
|
||||||
readonly ABORT_FILE
|
|
||||||
# touch "${ABORT_FILE}"
|
|
||||||
|
|
||||||
# Date format for log messages
|
|
||||||
DATE_FORMAT="%Y-%m-%d %H:%M:%S"
|
|
||||||
|
|
||||||
# This will contain lock, last-run markers…
|
|
||||||
# It's ok to lose the content after a reboot
|
|
||||||
RUN_DIR="/run/autosysadmin"
|
|
||||||
readonly RUN_DIR
|
|
||||||
mkdir -p "${RUN_DIR}"
|
|
||||||
|
|
||||||
# Only a singe instace of each script can run simultaneously
|
|
||||||
# We use a customizable lock name for this.
|
|
||||||
# By default it's the script's name
|
|
||||||
LOCK_NAME=${LOCK_NAME:-${PROGNAME}}
|
|
||||||
# If a lock is found, we can wait for it to disappear.
|
|
||||||
# The value must be understood by sleep(1)
|
|
||||||
LOCK_WAIT="0"
|
|
||||||
|
|
||||||
# Default values for email headers
|
|
||||||
EMAIL_FROM="equipe+autosysadmin@evolix.net"
|
|
||||||
EMAIL_INTERNAL="autosysadmin@evolix.fr"
|
|
||||||
|
|
||||||
LOCK_FILE="${RUN_DIR}/${LOCK_NAME}.lock"
|
|
||||||
readonly LOCK_FILE
|
|
||||||
# Remove lock file at exit
|
|
||||||
cleanup() {
|
|
||||||
# shellcheck disable=SC2317
|
|
||||||
rm -f "${LOCK_FILE}"
|
|
||||||
}
|
|
||||||
trap 'cleanup' 0
|
|
||||||
|
|
||||||
# Load configuration
|
|
||||||
# shellcheck disable=SC1091
|
|
||||||
test -f /etc/evolinux/autosysadmin && source /etc/evolinux/autosysadmin
|
|
||||||
|
|
||||||
log_all "Begin ${PROGNAME} RUN_ID: ${RUN_ID}"
|
|
||||||
log_all "Log directory is ${RUN_LOG_DIR}"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Executes a list of tasks before exiting:
|
|
||||||
# * prepare a summary of actions and possible abort reasons
|
|
||||||
# * send emails
|
|
||||||
# * do some cleanup
|
|
||||||
quit() {
|
|
||||||
log_all "End ${PROGNAME} RUN_ID: ${RUN_ID}"
|
|
||||||
|
|
||||||
summary="RUN_ID: ${RUN_ID}"
|
|
||||||
if [ -s "${ABORT_FILE}" ]; then
|
|
||||||
# Add abort reasons to summary
|
|
||||||
summary="${summary}\n$(print_abort_reasons)"
|
|
||||||
hook_mail "abort"
|
|
||||||
|
|
||||||
return_code=1
|
|
||||||
else
|
|
||||||
if [ -s "${ACTIONS_FILE}" ]; then
|
|
||||||
# Add notable actions to summary
|
|
||||||
summary="${summary}\n$(print_actions "Aucune action")"
|
|
||||||
hook_mail "success"
|
|
||||||
fi
|
|
||||||
|
|
||||||
return_code=0
|
|
||||||
fi
|
|
||||||
|
|
||||||
hook_mail "internal"
|
|
||||||
|
|
||||||
if is_interactive; then
|
|
||||||
# shellcheck disable=SC2001
|
|
||||||
echo "${summary}" | sed -e 's/\\n/\n/g'
|
|
||||||
else
|
|
||||||
/usr/share/scripts/evomaintenance.sh --auto --user autosysadmin --message "${summary}" --no-commit --no-mail
|
|
||||||
fi
|
|
||||||
|
|
||||||
teardown
|
|
||||||
|
|
||||||
# shellcheck disable=SC2086
|
|
||||||
exit ${return_code}
|
|
||||||
}
|
|
||||||
|
|
||||||
teardown() {
|
|
||||||
:
|
|
||||||
}
|
|
||||||
|
|
||||||
# Return true/false
|
|
||||||
is_interactive() {
|
|
||||||
test "${INTERACTIVE}" -eq "1"
|
|
||||||
}
|
|
||||||
|
|
||||||
save_server_state() {
|
|
||||||
DUMP_SERVER_STATE_BIN="$(command -v dump-server-state || command -v backup-server-state)"
|
|
||||||
|
|
||||||
if [ -z "${DUMP_SERVER_STATE_BIN}" ]; then
|
|
||||||
log_all "Warning: dump-server-state is not present. No server state recorded."
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -x "${DUMP_SERVER_STATE_BIN}" ]; then
|
|
||||||
DUMP_DIR=$(file_path_in_log_dir "server-state")
|
|
||||||
# We don't want the logging to take too much time,
|
|
||||||
# so we kill it if it takes more than 20 seconds.
|
|
||||||
timeout --signal 9 20 \
|
|
||||||
"${DUMP_SERVER_STATE_BIN}" \
|
|
||||||
--dump-dir="${DUMP_DIR}" \
|
|
||||||
--df \
|
|
||||||
--dmesg \
|
|
||||||
--iptables \
|
|
||||||
--lxc \
|
|
||||||
--netcfg \
|
|
||||||
--netstat \
|
|
||||||
--uname \
|
|
||||||
--processes \
|
|
||||||
--systemctl \
|
|
||||||
--uptime \
|
|
||||||
--virsh \
|
|
||||||
--disks \
|
|
||||||
--mysql-processes \
|
|
||||||
--no-apt-states \
|
|
||||||
--no-apt-config \
|
|
||||||
--no-dpkg-full \
|
|
||||||
--no-dpkg-status \
|
|
||||||
--no-mount \
|
|
||||||
--no-packages \
|
|
||||||
--no-sysctl \
|
|
||||||
--no-etc
|
|
||||||
|
|
||||||
log_run "Server state saved in \`server-state' directory."
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
is_debug() {
|
|
||||||
# first time: do the check…
|
|
||||||
# other times: pass
|
|
||||||
if [ -z "${DEBUG:-""}" ]; then
|
|
||||||
debug_file="/etc/evolinux/autosysadmin.debug"
|
|
||||||
|
|
||||||
if [ -e "${debug_file}" ]; then
|
|
||||||
last_change=$(stat -c %Z "${debug_file}")
|
|
||||||
limit_date=$(date --date "14400 seconds ago" +"%s")
|
|
||||||
|
|
||||||
if [ $(( last_change - limit_date )) -le "0" ]; then
|
|
||||||
log_run "Debug mode disabled; file is too old (%{last_change} seconds)."
|
|
||||||
rm "${debug_file}"
|
|
||||||
# Debug mode disabled
|
|
||||||
DEBUG="0"
|
|
||||||
else
|
|
||||||
log_run "Debug mode enabled."
|
|
||||||
# Debug mode enabled
|
|
||||||
DEBUG="1"
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
# log_run "Debug mode disabled; file is absent."
|
|
||||||
# Debug mode disabled
|
|
||||||
DEBUG="0"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
# return the value
|
|
||||||
test "${DEBUG}" -eq "1"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Uses the who(1) definition of "active"
|
|
||||||
currently_active_users() {
|
|
||||||
LC_ALL=C who --users | grep --extended-regexp "\s+\.\s+" | awk '{print $1}' | sort --human-numeric-sort | uniq
|
|
||||||
}
|
|
||||||
# Users active in the last 29 minutes
|
|
||||||
recently_active_users() {
|
|
||||||
LC_ALL=C who --users | grep --extended-regexp "\s+00:(0|1|2)[0-9]\s+" | awk --field-separator ' ' '{print $1,$6}'
|
|
||||||
}
|
|
||||||
# Save the list of users to a file in the log directory
|
|
||||||
save_active_users() {
|
|
||||||
LC_ALL=C who --users | save_in_log_dir "who-users"
|
|
||||||
}
|
|
||||||
|
|
||||||
# An autosysadmin must not perform actions if a user is active or was active recently.
|
|
||||||
#
|
|
||||||
# This can by bypassed in interactive mode.
|
|
||||||
# It's OK to lose this data after a reboot.
|
|
||||||
ensure_no_active_users_or_exit() {
|
|
||||||
# Save all active users
|
|
||||||
save_active_users
|
|
||||||
|
|
||||||
if is_debug; then
|
|
||||||
log_run "Debug mode enabled: continue without checking active users."
|
|
||||||
return 0;
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Is there any currently active user?
|
|
||||||
currently_active_users=$(currently_active_users)
|
|
||||||
if [ -n "${currently_active_users}" ]; then
|
|
||||||
# shellcheck disable=SC2001
|
|
||||||
users_oneliner=$(echo "${currently_active_users}" | sed -e 's/\n/ /')
|
|
||||||
log_run "Currently active users: ${users_oneliner}"
|
|
||||||
if is_interactive; then
|
|
||||||
echo "Some users are currently active:"
|
|
||||||
# shellcheck disable=SC2001
|
|
||||||
echo "${currently_active_users}" | sed -e 's/\(.\+\)/* \1/'
|
|
||||||
answer=""
|
|
||||||
while :; do
|
|
||||||
printf "> Continue? [Y,n,?] "
|
|
||||||
read -r answer
|
|
||||||
case ${answer} in
|
|
||||||
[Yy]|"" )
|
|
||||||
log_run "Active users check bypassed manually in interactive mode."
|
|
||||||
return
|
|
||||||
;;
|
|
||||||
[Nn] )
|
|
||||||
log_run "Active users check confirmed manually in interactive mode."
|
|
||||||
log_abort_and_quit "Active users detected: ${users_oneliner}"
|
|
||||||
;;
|
|
||||||
* )
|
|
||||||
printf "y - yes, continue\n"
|
|
||||||
printf "n - no, exit\n"
|
|
||||||
printf "? - print this help\n"
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
else
|
|
||||||
log_abort_and_quit "Currently active users detected: ${users_oneliner}."
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
# or recently (the last 30 minutes) active user?
|
|
||||||
recently_active_users=$(recently_active_users)
|
|
||||||
if [ -n "${recently_active_users}" ]; then
|
|
||||||
# shellcheck disable=SC2001
|
|
||||||
users_oneliner=$(echo "${recently_active_users}" | sed -e 's/\n/ /')
|
|
||||||
log_run "Recently active users: ${users_oneliner}"
|
|
||||||
if is_interactive; then
|
|
||||||
echo "Some users were recently active:"
|
|
||||||
# shellcheck disable=SC2001
|
|
||||||
echo "${recently_active_users}" | sed -e 's/\(.\+\)/* \1/'
|
|
||||||
answer=""
|
|
||||||
while :; do
|
|
||||||
printf "> Continue? [Y,n,?] "
|
|
||||||
read -r answer
|
|
||||||
case ${answer} in
|
|
||||||
[Yy]|"" )
|
|
||||||
log_run "Active users check bypassed manually in interactive mode."
|
|
||||||
return
|
|
||||||
;;
|
|
||||||
[Nn] )
|
|
||||||
log_run "Active users check confirmed manually in interactive mode."
|
|
||||||
log_abort_and_quit "Recently active users detected: ${users_oneliner}."
|
|
||||||
;;
|
|
||||||
* )
|
|
||||||
printf "y - yes, continue\n"
|
|
||||||
printf "n - no, exit\n"
|
|
||||||
printf "? - print this help\n"
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
else
|
|
||||||
log_abort_and_quit "Recently active users detected: ${users_oneliner}."
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
# Takes an NRPE command name as 1st parameter,
|
|
||||||
# and executes the full command if found in the configuration.
|
|
||||||
# Return the result and the return code of the command.
|
|
||||||
check_nrpe() {
|
|
||||||
check="$1"
|
|
||||||
|
|
||||||
nrpe_files=""
|
|
||||||
|
|
||||||
# Check if NRPE config is found
|
|
||||||
if [ -f "/etc/nagios/nrpe.cfg" ]; then
|
|
||||||
nrpe_files="${nrpe_files} /etc/nagios/nrpe.cfg"
|
|
||||||
else
|
|
||||||
msg="NRPE configuration not found: /etc/nagios/nrpe.cfg"
|
|
||||||
log_run "${msg}"
|
|
||||||
echo "${msg}"
|
|
||||||
return 3
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Search for included files
|
|
||||||
# shellcheck disable=SC2086
|
|
||||||
while IFS= read -r include_file; do
|
|
||||||
nrpe_files="${nrpe_files} ${include_file}"
|
|
||||||
done < <(grep --extended-regexp '^\s*include=.+' ${nrpe_files} | cut -d = -f 2)
|
|
||||||
|
|
||||||
# Search for files in included directories
|
|
||||||
# shellcheck disable=SC2086
|
|
||||||
while IFS= read -r include_dir; do
|
|
||||||
nrpe_files="${nrpe_files} ${include_dir}/*.cfg"
|
|
||||||
done < <(grep --extended-regexp '^\s*include_dir=.+' ${nrpe_files} | cut -d = -f 2)
|
|
||||||
|
|
||||||
# Fetch uncommented commands in (sorted) config files
|
|
||||||
# shellcheck disable=SC2086
|
|
||||||
nrpe_commands=$(grep --no-filename --exclude=*~ --fixed-strings "[${check}]" ${nrpe_files} | grep --invert-match --extended-regexp '^\s*#\s*command' | cut -d = -f 2)
|
|
||||||
nrpe_commands_count=$(echo "${nrpe_commands}" | wc -l)
|
|
||||||
|
|
||||||
if is_debian_version "9" "<=" && [ "${nrpe_commands_count}" -gt "1" ]; then
|
|
||||||
# On Debian <= 9, NRPE loading was not sorted
|
|
||||||
# we need to raise an error if we have multiple defined commands
|
|
||||||
msg="Unable to determine which NRPE command to run"
|
|
||||||
log_run "${msg}"
|
|
||||||
echo "${msg}"
|
|
||||||
return 3
|
|
||||||
else
|
|
||||||
# On Debian > 9, use the last command
|
|
||||||
nrpe_command=$(echo "${nrpe_commands}" | tail -n 1)
|
|
||||||
|
|
||||||
nrpe_result=$(${nrpe_command})
|
|
||||||
nrpe_rc=$?
|
|
||||||
|
|
||||||
log_run "NRPE command (exited with ${nrpe_rc}): ${nrpe_command}"
|
|
||||||
log_run "${nrpe_result}"
|
|
||||||
|
|
||||||
echo "${nrpe_result}"
|
|
||||||
return "${nrpe_rc}"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
# An autosysadmin script must not run twice (or more) simultaneously.
|
|
||||||
# We use a customizable (with LOCK_NAME) lock file to keep track of this.
|
|
||||||
# A wait time can be configured.
|
|
||||||
#
|
|
||||||
# This can by bypassed in interactive mode.
|
|
||||||
# It's OK to lose this data after a reboot.
|
|
||||||
acquire_lock_or_exit() {
|
|
||||||
lock_file="${1:-${LOCK_FILE}}"
|
|
||||||
lock_wait="${2:-${LOCK_WAIT}}"
|
|
||||||
|
|
||||||
# lock_wait must be compatible with sleep(1), otherwise fallback to 0
|
|
||||||
if ! echo "${lock_wait}" | grep -Eq '^[0-9]+[smhd]?$'; then
|
|
||||||
log_run "Lock wait: incorrect value '${lock_wait}', fallback to 0."
|
|
||||||
lock_wait=0
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ "${lock_wait}" != "0" ] && [ -f "${lock_file}" ]; then
|
|
||||||
log_run "Lock file present. Let's wait ${lock_wait} and check again."
|
|
||||||
sleep "${lock_wait}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -f "${lock_file}" ]; then
|
|
||||||
log_abort_and_quit "Lock file still present."
|
|
||||||
else
|
|
||||||
log_run "Lock file absent. Let's put one."
|
|
||||||
touch "${lock_file}"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
# If a script has been run in the ast 30 minutes, running it again won't fix the issue.
|
|
||||||
# We use a /run/ausosysadmin/${PROGNAME}_lastrun file to keep track of this.
|
|
||||||
#
|
|
||||||
# This can by bypassed in interactive mode.
|
|
||||||
# This is bypassed in debug mode.
|
|
||||||
# It's OK to lose this data after a reboot.
|
|
||||||
ensure_not_too_soon_or_exit() {
|
|
||||||
if is_debug; then
|
|
||||||
log_run "Debug mode enabled: continue without checking when was the last run."
|
|
||||||
return 0;
|
|
||||||
fi
|
|
||||||
|
|
||||||
lastrun_file="${RUN_DIR}/${PROGNAME}_lastrun"
|
|
||||||
if [ -f "${lastrun_file}" ]; then
|
|
||||||
lastrun_age="$(($(date +%s)-$(stat -c "%Y" "${lastrun_file}")))"
|
|
||||||
log_run "Last run was ${lastrun_age} seconds ago."
|
|
||||||
if [ "${lastrun_age}" -lt 1800 ]; then
|
|
||||||
if is_interactive; then
|
|
||||||
echo "${PROGNAME} was run ${lastrun_age} seconds ago."
|
|
||||||
answer=""
|
|
||||||
while :; do
|
|
||||||
printf "> Continue? [Y,n,?] "
|
|
||||||
read -r answer
|
|
||||||
case ${answer} in
|
|
||||||
[Yy]|"" )
|
|
||||||
log_run "Last run check bypassed manually in interactive mode."
|
|
||||||
break
|
|
||||||
;;
|
|
||||||
[Nn] )
|
|
||||||
log_run "Last run check confirmed manually in interactive mode."
|
|
||||||
log_abort_and_quit 'Last run too recent.'
|
|
||||||
;;
|
|
||||||
* )
|
|
||||||
printf "y - yes, continue\n"
|
|
||||||
printf "n - no, exit\n"
|
|
||||||
printf "? - print this help\n"
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
else
|
|
||||||
log_abort_and_quit "Last run too recent."
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
touch "${lastrun_file}"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Populate DEBIAN_VERSION and DEBIAN_RELEASE variables
|
|
||||||
# based on gathered information about the operating system
|
|
||||||
detect_os() {
|
|
||||||
DEBIAN_RELEASE="unknown"
|
|
||||||
DEBIAN_VERSION="unknown"
|
|
||||||
LSB_RELEASE_BIN="$(command -v lsb_release)"
|
|
||||||
|
|
||||||
if [ -e /etc/debian_version ]; then
|
|
||||||
DEBIAN_VERSION="$(cut -d "." -f 1 < /etc/debian_version)"
|
|
||||||
if [ -x "${LSB_RELEASE_BIN}" ]; then
|
|
||||||
DEBIAN_RELEASE="$("${LSB_RELEASE_BIN}" --codename --short)"
|
|
||||||
else
|
|
||||||
case "${DEBIAN_VERSION}" in
|
|
||||||
7) DEBIAN_RELEASE="wheezy" ;;
|
|
||||||
8) DEBIAN_RELEASE="jessie" ;;
|
|
||||||
9) DEBIAN_RELEASE="stretch" ;;
|
|
||||||
10) DEBIAN_RELEASE="buster" ;;
|
|
||||||
11) DEBIAN_RELEASE="bullseye" ;;
|
|
||||||
12) DEBIAN_RELEASE="bookworm" ;;
|
|
||||||
13) DEBIAN_RELEASE="trixie" ;;
|
|
||||||
esac
|
|
||||||
fi
|
|
||||||
# log_run "Detected OS: Debian version=${DEBIAN_VERSION} release=${DEBIAN_RELEASE}"
|
|
||||||
# else
|
|
||||||
# log_run "Detected OS: unknown (missing /etc/debian_version)"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
is_debian_wheezy() {
|
|
||||||
test "${DEBIAN_RELEASE}" = "wheezy"
|
|
||||||
}
|
|
||||||
is_debian_jessie() {
|
|
||||||
test "${DEBIAN_RELEASE}" = "jessie"
|
|
||||||
}
|
|
||||||
is_debian_stretch() {
|
|
||||||
test "${DEBIAN_RELEASE}" = "stretch"
|
|
||||||
}
|
|
||||||
is_debian_buster() {
|
|
||||||
test "${DEBIAN_RELEASE}" = "buster"
|
|
||||||
}
|
|
||||||
is_debian_bullseye() {
|
|
||||||
test "${DEBIAN_RELEASE}" = "bullseye"
|
|
||||||
}
|
|
||||||
is_debian_bookworm() {
|
|
||||||
test "${DEBIAN_RELEASE}" = "bookworm"
|
|
||||||
}
|
|
||||||
is_debian_trixie() {
|
|
||||||
test "${DEBIAN_RELEASE}" = "trixie"
|
|
||||||
}
|
|
||||||
is_debian_version() {
|
|
||||||
local version=$1
|
|
||||||
local relation=${2:-"eq"}
|
|
||||||
|
|
||||||
if [ -z "${DEBIAN_VERSION:-""}" ]; then
|
|
||||||
detect_os
|
|
||||||
fi
|
|
||||||
|
|
||||||
dpkg --compare-versions "${DEBIAN_VERSION}" "${relation}" "${version}"
|
|
||||||
}
|
|
||||||
|
|
||||||
# List systemd services (only names), even if stopped
|
|
||||||
systemd_list_services() {
|
|
||||||
pattern=$1
|
|
||||||
|
|
||||||
systemctl list-units --all --no-legend --type=service "${pattern}" | grep --only-matching --extended-regexp '\S+\.service'
|
|
||||||
}
|
|
||||||
|
|
||||||
is_systemd_enabled() {
|
|
||||||
systemctl --quiet is-enabled "$1" 2> /dev/null
|
|
||||||
}
|
|
||||||
|
|
||||||
is_systemd_active() {
|
|
||||||
systemctl --quiet is-active "$1" 2> /dev/null
|
|
||||||
}
|
|
||||||
|
|
||||||
is_sysvinit_enabled() {
|
|
||||||
find /etc/rc2.d/ -name "$1" > /dev/null
|
|
||||||
}
|
|
||||||
|
|
||||||
get_fqdn() {
|
|
||||||
# shellcheck disable=SC2155
|
|
||||||
local system=$(uname -s)
|
|
||||||
|
|
||||||
if [ "${system}" = "Linux" ]; then
|
|
||||||
hostname --fqdn
|
|
||||||
elif [ "${system}" = "OpenBSD" ]; then
|
|
||||||
hostname
|
|
||||||
else
|
|
||||||
log_abort_and_quit "System '${system}' not recognized."
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
get_complete_hostname() {
|
|
||||||
REAL_HOSTNAME="$(get_fqdn)"
|
|
||||||
if [ "${HOSTNAME}" = "${REAL_HOSTNAME}" ]; then
|
|
||||||
echo "${HOSTNAME}"
|
|
||||||
else
|
|
||||||
echo "${HOSTNAME} (${REAL_HOSTNAME})"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
# Fetch values from evomaintenance configuration
|
|
||||||
get_evomaintenance_mail() {
|
|
||||||
grep "EVOMAINTMAIL=" /etc/evomaintenance.cf | cut -d '=' -f2
|
|
||||||
}
|
|
||||||
get_evomaintenance_emergency_mail() {
|
|
||||||
grep "URGENCYFROM=" /etc/evomaintenance.cf | cut -d '=' -f2
|
|
||||||
}
|
|
||||||
get_evomaintenance_emergency_tel() {
|
|
||||||
grep "URGENCYTEL=" /etc/evomaintenance.cf | cut -d '=' -f2
|
|
||||||
}
|
|
||||||
|
|
||||||
# Log a message to the log file in the log directory
|
|
||||||
log_run() {
|
|
||||||
local msg="${1:-$(cat /dev/stdin)}"
|
|
||||||
# shellcheck disable=SC2155
|
|
||||||
local date=$(/bin/date +"${DATE_FORMAT}")
|
|
||||||
|
|
||||||
printf "[%s] %s[%s]: %s\\n" \
|
|
||||||
"${date}" "${PROGNAME}" "${PID}" "${msg}" \
|
|
||||||
>> "${RUN_LOG_FILE}"
|
|
||||||
}
|
|
||||||
# Log a message in the system log file (syslog or journald)
|
|
||||||
log_global() {
|
|
||||||
local msg="${1:-$(cat /dev/stdin)}"
|
|
||||||
|
|
||||||
echo "${msg}" \
|
|
||||||
| /usr/bin/logger -p local0.notice -t autosysadmin
|
|
||||||
}
|
|
||||||
# Log a message in both places
|
|
||||||
log_all() {
|
|
||||||
local msg="${1:-$(cat /dev/stdin)}"
|
|
||||||
|
|
||||||
log_global "${msg}"
|
|
||||||
log_run "${msg}"
|
|
||||||
}
|
|
||||||
# Log a notable action in regular places
|
|
||||||
# and append it to the dedicated list
|
|
||||||
log_action() {
|
|
||||||
log_all "$*"
|
|
||||||
append_action "$*"
|
|
||||||
}
|
|
||||||
# Append a line in the actions.log file in the log directory
|
|
||||||
append_action() {
|
|
||||||
echo "$*" >> "${ACTIONS_FILE}"
|
|
||||||
}
|
|
||||||
# Print the content of the actions.log file
|
|
||||||
# or a fallback content (1st parameter) if empty
|
|
||||||
# shellcheck disable=SC2120
|
|
||||||
print_actions() {
|
|
||||||
local fallback=${1:-""}
|
|
||||||
if [ -s "${ACTIONS_FILE}" ]; then
|
|
||||||
cat "${ACTIONS_FILE}"
|
|
||||||
elif [ -n "${fallback}" ]; then
|
|
||||||
echo "${fallback}"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
# Log a an abort reason in regular places
|
|
||||||
# and append it to the dedicated list
|
|
||||||
log_abort() {
|
|
||||||
log_all "$*"
|
|
||||||
append_abort_reason "$*"
|
|
||||||
}
|
|
||||||
# Append a line in the abort.log file in the log directory
|
|
||||||
append_abort_reason() {
|
|
||||||
echo "$*" >> "${ABORT_FILE}"
|
|
||||||
}
|
|
||||||
# Print the content of the abort.log file
|
|
||||||
# or a fallback content (1st parameter) if empty
|
|
||||||
# shellcheck disable=SC2120
|
|
||||||
print_abort_reasons() {
|
|
||||||
local fallback=${1:-""}
|
|
||||||
if [ -s "${ABORT_FILE}" ]; then
|
|
||||||
cat "${ABORT_FILE}"
|
|
||||||
elif [ -n "${fallback}" ]; then
|
|
||||||
echo "${fallback}"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
# Print the content of the main log from the log directory
|
|
||||||
print_main_log() {
|
|
||||||
cat "${RUN_LOG_FILE}"
|
|
||||||
}
|
|
||||||
# Log an abort reason and quit the script
|
|
||||||
log_abort_and_quit() {
|
|
||||||
log_abort "$*"
|
|
||||||
quit
|
|
||||||
}
|
|
||||||
|
|
||||||
# Store the content from standard inpu
|
|
||||||
# into a file in the log directory named after the 1st parameter
|
|
||||||
save_in_log_dir() {
|
|
||||||
local file_name=$1
|
|
||||||
local file_path="${RUN_LOG_DIR}/${file_name}"
|
|
||||||
|
|
||||||
cat /dev/stdin > "${file_path}"
|
|
||||||
|
|
||||||
log_run "Saved \`${file_name}' file."
|
|
||||||
}
|
|
||||||
# Return the full path of the file in log directory
|
|
||||||
# based on the name in the 1st parameter
|
|
||||||
file_path_in_log_dir() {
|
|
||||||
echo "${RUN_LOG_DIR}/${1}"
|
|
||||||
}
|
|
||||||
|
|
||||||
format_mail_success() {
|
|
||||||
cat <<EOTEMPLATE
|
|
||||||
From: AutoSysadmin Evolix <${EMAIL_FROM}>
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
X-Script: ${PROGNAME}
|
|
||||||
X-RunId: ${RUN_ID}
|
|
||||||
To: ${EMAIL_CLIENT:-alert5@evolix.fr}
|
|
||||||
Cc: ${EMAIL_INTERNAL}
|
|
||||||
Subject: [autosysadmin] Intervention automatisée sur ${HOSTNAME_TEXT}
|
|
||||||
|
|
||||||
Bonjour,
|
|
||||||
|
|
||||||
Une intervention automatisée vient de se terminer.
|
|
||||||
|
|
||||||
Nom du serveur : ${HOSTNAME_TEXT}
|
|
||||||
Heure d'intervention : $(LC_ALL=fr_FR.utf8 date)
|
|
||||||
Script déclenché : ${PROGNAME}
|
|
||||||
|
|
||||||
### Actions réalisées
|
|
||||||
|
|
||||||
$(print_actions "Aucune")
|
|
||||||
|
|
||||||
### RĂ©agir Ă cette intervention
|
|
||||||
|
|
||||||
Vous pouvez répondre à ce message (${EMAIL_FROM}).
|
|
||||||
|
|
||||||
En cas d'urgence, utilisez l'adresse ${EMERGENCY_MAIL}
|
|
||||||
ou notre ligne d'astreinte (${EMERGENCY_TEL})
|
|
||||||
|
|
||||||
--
|
|
||||||
Votre AutoSysadmin
|
|
||||||
EOTEMPLATE
|
|
||||||
}
|
|
||||||
|
|
||||||
format_mail_abort() {
|
|
||||||
cat <<EOTEMPLATE
|
|
||||||
From: AutoSysadmin Evolix <${EMAIL_FROM}>
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
X-Script: ${PROGNAME}
|
|
||||||
X-RunId: ${RUN_ID}
|
|
||||||
To: ${EMAIL_CLIENT:-alert5@evolix.fr}
|
|
||||||
Cc: ${EMAIL_INTERNAL}
|
|
||||||
Subject: [autosysadmin] Intervention automatisée interrompue sur ${HOSTNAME_TEXT}
|
|
||||||
|
|
||||||
Bonjour,
|
|
||||||
|
|
||||||
Une intervention automatisée a été déclenchée mais s'est interrompue.
|
|
||||||
|
|
||||||
Nom du serveur : ${HOSTNAME_TEXT}
|
|
||||||
Heure d'intervention : $(LC_ALL=fr_FR.utf8 date)
|
|
||||||
Script déclenché : ${PROGNAME}
|
|
||||||
|
|
||||||
### Actions réalisées
|
|
||||||
|
|
||||||
$(print_actions "Aucune")
|
|
||||||
|
|
||||||
### Raison(s) de l'interruption
|
|
||||||
|
|
||||||
$(print_abort_reasons "Inconnue")
|
|
||||||
|
|
||||||
### RĂ©agir Ă cette intervention
|
|
||||||
|
|
||||||
Vous pouvez répondre à ce message (${EMAIL_FROM}).
|
|
||||||
|
|
||||||
En cas d'urgence, utilisez l'adresse ${EMERGENCY_MAIL}
|
|
||||||
ou notre ligne d'astreinte (${EMERGENCY_TEL})
|
|
||||||
|
|
||||||
--
|
|
||||||
Votre AutoSysadmin
|
|
||||||
EOTEMPLATE
|
|
||||||
}
|
|
||||||
|
|
||||||
# shellcheck disable=SC2028
|
|
||||||
print_report_information() {
|
|
||||||
echo "**Uptime**"
|
|
||||||
echo ""
|
|
||||||
uptime
|
|
||||||
|
|
||||||
echo ""
|
|
||||||
echo "**Utilisateurs récents**"
|
|
||||||
echo ""
|
|
||||||
who_file=$(file_path_in_log_dir "who-users")
|
|
||||||
if [ -s "${who_file}" ]; then
|
|
||||||
cat "${who_file}"
|
|
||||||
else
|
|
||||||
who --users
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo ""
|
|
||||||
echo "**Espace disque**"
|
|
||||||
echo ""
|
|
||||||
df_file=$(file_path_in_log_dir "server-state/df.txt")
|
|
||||||
if [ -s "${df_file}" ]; then
|
|
||||||
cat "${df_file}"
|
|
||||||
else
|
|
||||||
df -h
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo ""
|
|
||||||
echo "**Dmesg**"
|
|
||||||
echo ""
|
|
||||||
dmesg_file=$(file_path_in_log_dir "server-state/dmesg.txt")
|
|
||||||
if [ -s "${dmesg_file}" ]; then
|
|
||||||
tail -n 5 "${dmesg_file}"
|
|
||||||
else
|
|
||||||
dmesg | tail -n 5
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo ""
|
|
||||||
echo "**systemd failed services**"
|
|
||||||
echo ""
|
|
||||||
failed_services_file=$(file_path_in_log_dir "server-state/systemctl-failed-services.txt")
|
|
||||||
if [ -s "${failed_services_file}" ]; then
|
|
||||||
cat "${failed_services_file}"
|
|
||||||
else
|
|
||||||
systemctl --no-legend --state=failed --type=service
|
|
||||||
fi
|
|
||||||
|
|
||||||
if command -v lxc-ls > /dev/null 2>&1; then
|
|
||||||
echo ""
|
|
||||||
echo "**LXC containers**"
|
|
||||||
echo ""
|
|
||||||
lxc_ls_file=$(file_path_in_log_dir "server-state/lxc-list.txt")
|
|
||||||
if [ -s "${lxc_ls_file}" ]; then
|
|
||||||
cat "${lxc_ls_file}"
|
|
||||||
else
|
|
||||||
lxc-ls --fancy
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
apache_errors_file=$(file_path_in_log_dir "apache-errors.log")
|
|
||||||
if [ -f "${apache_errors_file}" ]; then
|
|
||||||
echo ""
|
|
||||||
echo "**Apache errors**"
|
|
||||||
echo ""
|
|
||||||
cat "${apache_errors_file}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
nginx_errors_file=$(file_path_in_log_dir "nginx-errors.log")
|
|
||||||
if [ -f "${nginx_errors_file}" ]; then
|
|
||||||
echo ""
|
|
||||||
echo "**Nginx errors**"
|
|
||||||
echo ""
|
|
||||||
cat "${nginx_errors_file}"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
format_mail_internal() {
|
|
||||||
cat <<EOTEMPLATE
|
|
||||||
From: AutoSysadmin Evolix <${EMAIL_FROM}>
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
X-Script: ${PROGNAME}
|
|
||||||
X-RunId: ${RUN_ID}
|
|
||||||
To: ${EMAIL_INTERNAL}
|
|
||||||
Subject: [autosysadmin] Rapport interne d'intervention sur ${HOSTNAME_TEXT}
|
|
||||||
|
|
||||||
Bonjour,
|
|
||||||
|
|
||||||
Une intervention automatique vient de se terminer.
|
|
||||||
|
|
||||||
Nom du serveur : ${HOSTNAME_TEXT}
|
|
||||||
Heure d'intervention : $(LC_ALL=fr_FR.utf8 date)
|
|
||||||
Script déclenché : ${PROGNAME}
|
|
||||||
|
|
||||||
### Actions réalisées
|
|
||||||
|
|
||||||
$(print_actions "Aucune")
|
|
||||||
|
|
||||||
### Raison(s) de l'interruption
|
|
||||||
|
|
||||||
$(print_abort_reasons "Aucune")
|
|
||||||
|
|
||||||
### Log autosysadmin
|
|
||||||
|
|
||||||
$(print_main_log)
|
|
||||||
|
|
||||||
### Informations additionnelles
|
|
||||||
|
|
||||||
$(print_report_information)
|
|
||||||
|
|
||||||
--
|
|
||||||
Votre AutoSysadmin
|
|
||||||
EOTEMPLATE
|
|
||||||
}
|
|
||||||
|
|
||||||
# Generic function to send emails at the end of the script.
|
|
||||||
# Takes a template as 1st parameter
|
|
||||||
hook_mail() {
|
|
||||||
if is_debug; then
|
|
||||||
log_run "Debug mode enabled: continue without sending mail."
|
|
||||||
return 0;
|
|
||||||
fi
|
|
||||||
|
|
||||||
HOSTNAME="${HOSTNAME:-"$(get_fqdn)"}"
|
|
||||||
HOSTNAME_TEXT="$(get_complete_hostname)"
|
|
||||||
EMAIL_CLIENT="$(get_evomaintenance_mail)"
|
|
||||||
EMERGENCY_MAIL="$(get_evomaintenance_emergency_mail)"
|
|
||||||
EMERGENCY_TEL="$(get_evomaintenance_emergency_tel)"
|
|
||||||
|
|
||||||
MAIL_CONTENT="$(format_mail_"$1")"
|
|
||||||
|
|
||||||
SENDMAIL_BIN="$(command -v sendmail)"
|
|
||||||
|
|
||||||
if [ -z "${SENDMAIL_BIN}" ]; then
|
|
||||||
log_global "ERROR: No \`sendmail' command has been found, can't send mail."
|
|
||||||
fi
|
|
||||||
if [ -x "${SENDMAIL_BIN}" ]; then
|
|
||||||
echo "${MAIL_CONTENT}" | "${SENDMAIL_BIN}" -oi -t -f "equipe@evolix.fr"
|
|
||||||
log_global "Sent '$1' mail for RUN_ID: ${RUN_ID}"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
is_holiday() {
|
|
||||||
# gcal mark today as a holiday by surrounding with < and > the day
|
|
||||||
# of the month of that holiday line. For example if today is 2022-05-01 we'll
|
|
||||||
# get among other lines:
|
|
||||||
# FĂŞte du Travail (FR) + Di, < 1>Mai 2022
|
|
||||||
# Jour de la Victoire (FR) + Di, : 8:Mai 2022 = +7 jours
|
|
||||||
LANGUAGE=fr_FR.UTF-8 TZ=Europe/Paris gcal --cc-holidays=fr --holiday-list=short | grep -E '<[0-9 ]{2}>' --quiet
|
|
||||||
}
|
|
||||||
|
|
||||||
is_weekend() {
|
|
||||||
day_of_week=$(date +%u)
|
|
||||||
if [ "${day_of_week}" != 6 ] && [ "${day_of_week}" != 7 ]; then
|
|
||||||
return 1
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
is_workday() {
|
|
||||||
if is_holiday || is_weekend; then
|
|
||||||
return 1
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
is_worktime() {
|
|
||||||
if ! is_workday; then
|
|
||||||
return 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
hour=$(date +%H)
|
|
||||||
if [ "${hour}" -lt 9 ] || { [ "${hour}" -ge 12 ] && [ "${hour}" -lt 14 ] ; } || [ "${hour}" -ge 18 ]; then
|
|
||||||
return 1
|
|
||||||
fi
|
|
||||||
}
|
|
|
@ -1,112 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
# Specific functions for "repair" scripts
|
|
||||||
|
|
||||||
is_all_repair_disabled() {
|
|
||||||
# Fetch values from the config
|
|
||||||
# and if it is not defined or has no value, then assign "on"
|
|
||||||
|
|
||||||
local status=${repair_all:=on}
|
|
||||||
|
|
||||||
|
|
||||||
test "${status}" = "off" || test "${status}" = "0"
|
|
||||||
}
|
|
||||||
|
|
||||||
is_current_repair_disabled() {
|
|
||||||
# Fetch values from the config
|
|
||||||
# and if it is not defined or has no value, then assign "on"
|
|
||||||
|
|
||||||
local status=${!PROGNAME:=on}
|
|
||||||
|
|
||||||
test "${status}" = "off" || test "${status}" = "0"
|
|
||||||
}
|
|
||||||
|
|
||||||
ensure_not_disabled_or_exit() {
|
|
||||||
if is_all_repair_disabled; then
|
|
||||||
log_global 'All repair scripts are disabled.'
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
if is_current_repair_disabled; then
|
|
||||||
log_global "Current repair script (${PROGNAME}) is disabled."
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
# Set of actions to do at the begining of a "repair" script
|
|
||||||
pre_repair() {
|
|
||||||
initialize
|
|
||||||
|
|
||||||
# Are we supposed to run?
|
|
||||||
ensure_not_disabled_or_exit
|
|
||||||
|
|
||||||
# Has it recently been run?
|
|
||||||
ensure_not_too_soon_or_exit
|
|
||||||
|
|
||||||
# Can we acquire a lock?
|
|
||||||
acquire_lock_or_exit
|
|
||||||
|
|
||||||
# Is there any active user?
|
|
||||||
ensure_no_active_users_or_exit
|
|
||||||
|
|
||||||
# Save important information
|
|
||||||
save_server_state
|
|
||||||
}
|
|
||||||
|
|
||||||
# Set of actions to do at the end of a "repair" script
|
|
||||||
post_repair() {
|
|
||||||
quit
|
|
||||||
}
|
|
||||||
|
|
||||||
repair_lxc_php() {
|
|
||||||
container_name=$1
|
|
||||||
|
|
||||||
if is_systemd_enabled 'lxc.service'; then
|
|
||||||
lxc_path=$(lxc-config lxc.lxcpath)
|
|
||||||
if lxc-info --name "${container_name}" > /dev/null; then
|
|
||||||
rootfs="${lxc_path}/${container_name}/rootfs"
|
|
||||||
case "${container_name}" in
|
|
||||||
php56) fpm_log_file="${rootfs}/var/log/php5-fpm.log" ;;
|
|
||||||
php70) fpm_log_file="${rootfs}/var/log/php7.0-fpm.log" ;;
|
|
||||||
php73) fpm_log_file="${rootfs}/var/log/php7.3-fpm.log" ;;
|
|
||||||
php74) fpm_log_file="${rootfs}/var/log/php7.4-fpm.log" ;;
|
|
||||||
php80) fpm_log_file="${rootfs}/var/log/php8.0-fpm.log" ;;
|
|
||||||
php81) fpm_log_file="${rootfs}/var/log/php8.1-fpm.log" ;;
|
|
||||||
php82) fpm_log_file="${rootfs}/var/log/php8.2-fpm.log" ;;
|
|
||||||
php83) fpm_log_file="${rootfs}/var/log/php8.3-fpm.log" ;;
|
|
||||||
*)
|
|
||||||
log_abort_and_quit "Unknown container '${container_name}'"
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
# Determine FPM Pool path
|
|
||||||
php_path_pool=$(find "${lxc_path}/${container_name}/" -type d -name "pool.d")
|
|
||||||
|
|
||||||
# Save LXC info (before restart)
|
|
||||||
lxc-info --name "${container_name}" | save_in_log_dir "lxc-${container_name}.before.status"
|
|
||||||
# Save last lines of FPM log (before restart)
|
|
||||||
tail "${fpm_log_file}" | save_in_log_dir "$(basename "${fpm_log_file}" | sed -e 's/.log/.before.log/')"
|
|
||||||
# Save NRPE check (before restart)
|
|
||||||
/usr/local/lib/nagios/plugins/check_phpfpm_multi "${php_path_pool}" | save_in_log_dir "check_fpm_${container_name}.before.out"
|
|
||||||
|
|
||||||
lxc-stop --timeout 20 --name "${container_name}"
|
|
||||||
lxc-start --daemon --name "${container_name}"
|
|
||||||
rc=$?
|
|
||||||
if [ "${rc}" -eq "0" ]; then
|
|
||||||
log_action "Restart LXC container '${container_name}: OK"
|
|
||||||
else
|
|
||||||
log_action "Restart LXC container '${container_name}: failed"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Save LXC info (after restart)
|
|
||||||
lxc-info --name "${container_name}" | save_in_log_dir "lxc-${container_name}.after.status"
|
|
||||||
# Save last lines of FPM log (after restart)
|
|
||||||
tail "${fpm_log_file}" | save_in_log_dir "$(basename "${fpm_log_file}" | sed -e 's/.log/.after.log/')"
|
|
||||||
# Save NRPE check (after restart)
|
|
||||||
/usr/local/lib/nagios/plugins/check_phpfpm_multi "${php_path_pool}" | save_in_log_dir "check_fpm_${container_name}.after.out"
|
|
||||||
else
|
|
||||||
log_abort_and_quit "LXC container '${container_name}' doesn't exist."
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
log_abort_and_quit 'LXC not found.'
|
|
||||||
fi
|
|
||||||
}
|
|
|
@ -1,76 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
# Specific functions for "restart" scripts
|
|
||||||
|
|
||||||
running_custom() {
|
|
||||||
# Placeholder that returns 1, to prevent running if not redefined
|
|
||||||
log_global "running_custom() function has not been redefined! Let's quit."
|
|
||||||
return 1
|
|
||||||
}
|
|
||||||
|
|
||||||
# Examine RUNNING variable and decide if the script should run or not
|
|
||||||
is_supposed_to_run() {
|
|
||||||
if is_debug; then return 0; fi
|
|
||||||
|
|
||||||
case ${RUNNING} in
|
|
||||||
never)
|
|
||||||
# log_global "is_supposed_to_run: no (never)"
|
|
||||||
return 1
|
|
||||||
;;
|
|
||||||
always)
|
|
||||||
# log_global "is_supposed_to_run: yes (always)"
|
|
||||||
return 0
|
|
||||||
;;
|
|
||||||
nwh-fr)
|
|
||||||
! is_worktime
|
|
||||||
rc=$?
|
|
||||||
# if [ ${rc} -eq 0 ]; then
|
|
||||||
# log_global "is_supposed_to_run: yes (nwh-fr returned ${rc})"
|
|
||||||
# else
|
|
||||||
# log_global "is_supposed_to_run: no (nwh-fr returned ${rc})"
|
|
||||||
# fi
|
|
||||||
return ${rc}
|
|
||||||
;;
|
|
||||||
nwh-ca)
|
|
||||||
# Not implemented yet
|
|
||||||
return 0
|
|
||||||
;;
|
|
||||||
custom)
|
|
||||||
running_custom
|
|
||||||
rc=$?
|
|
||||||
# if [ ${rc} -eq 0 ]; then
|
|
||||||
# log_global "is_supposed_to_run: yes (custom returned ${rc})"
|
|
||||||
# else
|
|
||||||
# log_global "is_supposed_to_run: no (custom returned ${rc})"
|
|
||||||
# fi
|
|
||||||
return ${rc}
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
}
|
|
||||||
|
|
||||||
ensure_supposed_to_run_or_exit() {
|
|
||||||
if ! is_supposed_to_run; then
|
|
||||||
# simply quit (no logging, no notifications…)
|
|
||||||
# log_global "${PROGNAME} is not supposed to run (RUNNING=${RUNNING})."
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
# Set of actions to do at the begining of a "restart" script
|
|
||||||
pre_restart() {
|
|
||||||
initialize
|
|
||||||
|
|
||||||
# Has it recently been run?
|
|
||||||
ensure_not_too_soon_or_exit
|
|
||||||
|
|
||||||
# Can we acquire a lock?
|
|
||||||
acquire_lock_or_exit
|
|
||||||
|
|
||||||
# Save important information
|
|
||||||
save_server_state
|
|
||||||
}
|
|
||||||
|
|
||||||
# Set of actions to do at the end of a "restart" script
|
|
||||||
post_restart() {
|
|
||||||
quit
|
|
||||||
}
|
|
|
@ -1,157 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
: "${AUTOSYSADMIN_LIB:=/usr/local/lib/autosysadmin}"
|
|
||||||
source "${AUTOSYSADMIN_LIB}/common.sh" || exit 1
|
|
||||||
source "${AUTOSYSADMIN_LIB}/repair.sh" || exit 1
|
|
||||||
|
|
||||||
pre_repair
|
|
||||||
|
|
||||||
|
|
||||||
# We always keep some reserved blocks to avoid missing some logs
|
|
||||||
# https://gitea.evolix.org/evolix/autosysadmin/issues/22
|
|
||||||
RESERVED_BLOCKS_MIN=1
|
|
||||||
|
|
||||||
get_mountpoints() {
|
|
||||||
# the $(...) get the check_disk1 command
|
|
||||||
# the cut command selects the critical part of the check_disk1 output
|
|
||||||
# the grep command extracts the mountpoints and available disk space
|
|
||||||
# the last cut command selects the mountpoints
|
|
||||||
check_disk1_command=$(grep check_disk1 /etc/nagios/nrpe.d/evolix.cfg | cut -d'=' -f2-)
|
|
||||||
|
|
||||||
${check_disk1_command} -e | cut -d'|' -f1 | grep --extended-regexp --only-matching '/[[:graph:]]* [0-9]+ [A-Z][A-Z]' | cut -d' ' -f1
|
|
||||||
}
|
|
||||||
|
|
||||||
is_reserved_blocks_nominal() {
|
|
||||||
partition=${1}
|
|
||||||
|
|
||||||
fs_type="$(findmnt -n --output=fstype "${partition}")"
|
|
||||||
if [ "${fs_type}" = "ext4" ]; then
|
|
||||||
device="$(findmnt -n --output=source "${partition}")"
|
|
||||||
reserved_block_count="$(tune2fs -l "${device}" | grep 'Reserved block count' | awk -F':' '{ gsub (" ", "", $0); print $2}')"
|
|
||||||
block_count="$(tune2fs -l "${device}" | grep 'Block count' | awk -F':' '{ gsub (" ", "", $0); print $2}')"
|
|
||||||
percentage=$(awk "BEGIN { pc=100*${reserved_block_count}/${block_count}; i=int(pc); print (pc-i<0.5)?i:i+1 }")
|
|
||||||
|
|
||||||
log_run "Reserved blocks for ${partition} is currently at ${percentage}%"
|
|
||||||
if [ "${percentage}" -gt "${RESERVED_BLOCKS_MIN}" ]; then
|
|
||||||
log_run "Allowing tune2fs action to reduce the number of reserved blocks"
|
|
||||||
return 0
|
|
||||||
else
|
|
||||||
log_run "Reserved blocks already at or bellow ${RESERVED_BLOCKS_MIN}%, no automatic action possible"
|
|
||||||
return 1
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
log_run "Filesystem for ${partition} (${fs_type}) is incompatible with reserved block reduction."
|
|
||||||
return 1
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
reduce_reserved_blocks() {
|
|
||||||
partition=${1}
|
|
||||||
|
|
||||||
device=$(findmnt -n --output=source "${partition}")
|
|
||||||
tune2fs -m "${RESERVED_BLOCKS_MIN}" "${device}"
|
|
||||||
log_action "Reserved blocks for ${partition} changed to ${RESERVED_BLOCKS_MIN} percent"
|
|
||||||
}
|
|
||||||
|
|
||||||
is_tmp_to_delete() {
|
|
||||||
size="$(find /var/log/ -type f -ctime +1 -exec du {} \+ | awk '{s+=$1}END{print s / 1024}')"
|
|
||||||
if [ -n "${size}" ]; then
|
|
||||||
return 0
|
|
||||||
else
|
|
||||||
return 1
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
is_log_to_delete() {
|
|
||||||
size="$(find /var/log/ -type f -mtime +365 -exec du {} \+ | awk '{s+=$1}END{print s / 1024}')"
|
|
||||||
if [ -n "${size}" ]; then
|
|
||||||
return 0
|
|
||||||
else
|
|
||||||
return 1
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
clean_apt_cache() {
|
|
||||||
for container in $(lxc-ls -1); do
|
|
||||||
if [ -e "$(lxc-config lxc.lxcpath)/${container}/rootfs/var/cache" ]; then
|
|
||||||
lxc-attach --name "${container}" -- apt-get clean
|
|
||||||
log_action "Clean apt cache in LXC container ${container}";
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
# NOTE: "head -n 1" might be superfluous, but let's be sure to have only the first returned value
|
|
||||||
biggest_subdir=$(du --summarize --one-file-system "/var/*" | sort --numeric-sort --reverse | sed 's/^[0-9]\+[[:space:]]\+//;q' | head -n 1)
|
|
||||||
case "${biggest_subdir}" in
|
|
||||||
'/var/cache')
|
|
||||||
apt-get clean
|
|
||||||
log_action 'Clean apt cache'
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
}
|
|
||||||
|
|
||||||
clean_amavis_virusmails() {
|
|
||||||
if du --inodes /var/lib/* | sort --numeric-sort | tail -n 3 | grep --quiet 'virusmails$'; then
|
|
||||||
find /var/lib/amavis/virusmails/ -type f -atime +30 -delete
|
|
||||||
log_action 'Clean amavis infected mails'
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
critical_mountpoints=$(get_mountpoints)
|
|
||||||
|
|
||||||
if [ -z "${critical_mountpoints}" ]; then
|
|
||||||
log_abort_and_quit "No partition is in critical state, nothing left to do."
|
|
||||||
else
|
|
||||||
for mountpoint in ${critical_mountpoints}; do
|
|
||||||
case "${mountpoint}" in
|
|
||||||
/var)
|
|
||||||
#if is_log_to_delete
|
|
||||||
#then
|
|
||||||
# find /var/log/ -type f -mtime +365 -delete
|
|
||||||
# log_action "$size Mo of disk space freed in /var"
|
|
||||||
#fi
|
|
||||||
if is_reserved_blocks_nominal /var; then
|
|
||||||
reduce_reserved_blocks /var
|
|
||||||
clean_apt_cache
|
|
||||||
clean_amavis_virusmails
|
|
||||||
fi
|
|
||||||
;;
|
|
||||||
/tmp)
|
|
||||||
#if is_tmp_to_delete
|
|
||||||
#then
|
|
||||||
# find /tmp/ -type f -ctime +1 -delete
|
|
||||||
# log_action "$size Mo of disk space freed in /tmp"
|
|
||||||
#fi
|
|
||||||
if is_reserved_blocks_nominal /tmp; then
|
|
||||||
reduce_reserved_blocks /tmp
|
|
||||||
fi
|
|
||||||
;;
|
|
||||||
/home)
|
|
||||||
if is_reserved_blocks_nominal /home; then
|
|
||||||
reduce_reserved_blocks /home
|
|
||||||
fi
|
|
||||||
;;
|
|
||||||
/srv)
|
|
||||||
if is_reserved_blocks_nominal /srv; then
|
|
||||||
reduce_reserved_blocks /srv
|
|
||||||
fi
|
|
||||||
;;
|
|
||||||
/filer)
|
|
||||||
if is_reserved_blocks_nominal /filer; then
|
|
||||||
reduce_reserved_blocks /filer
|
|
||||||
fi
|
|
||||||
;;
|
|
||||||
/)
|
|
||||||
if is_reserved_blocks_nominal /; then
|
|
||||||
reduce_reserved_blocks /
|
|
||||||
# Suggest remove old kernel ?
|
|
||||||
fi
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
# unknown
|
|
||||||
log_run 'Unknown partition (or weird case) or nothing to do'
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
fi
|
|
||||||
|
|
||||||
post_repair
|
|
|
@ -1,35 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
: "${AUTOSYSADMIN_LIB:=/usr/local/lib/autosysadmin}"
|
|
||||||
source "${AUTOSYSADMIN_LIB}/common.sh" || exit 1
|
|
||||||
source "${AUTOSYSADMIN_LIB}/repair.sh" || exit 1
|
|
||||||
|
|
||||||
pre_repair
|
|
||||||
|
|
||||||
service="elasticsearch.service"
|
|
||||||
service_name="elasticsearch"
|
|
||||||
|
|
||||||
if is_systemd_enabled "${service}"; then
|
|
||||||
if is_systemd_active "${service}"; then
|
|
||||||
log_abort_and_quit "${service} is active, nothing left to do."
|
|
||||||
else
|
|
||||||
# Save service status before restart
|
|
||||||
systemctl status "${service}" | save_in_log_dir "${service_name}.before.status"
|
|
||||||
|
|
||||||
# Try to restart
|
|
||||||
timeout 20 systemctl restart "${service}" > /dev/null
|
|
||||||
rc=$?
|
|
||||||
if [ "${rc}" -eq "0" ]; then
|
|
||||||
log_action "Restart ${service_name}: OK"
|
|
||||||
else
|
|
||||||
log_action "Restart ${service_name}: failed"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Save service status after restart
|
|
||||||
systemctl status "${service}" | save_in_log_dir "${service_name}.after.status"
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
log_abort_and_quit "${service} is disabled (or missing), nothing left to do."
|
|
||||||
fi
|
|
||||||
|
|
||||||
post_repair
|
|
|
@ -1,131 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
: "${AUTOSYSADMIN_LIB:=/usr/local/lib/autosysadmin}"
|
|
||||||
source "${AUTOSYSADMIN_LIB}/common.sh" || exit 1
|
|
||||||
source "${AUTOSYSADMIN_LIB}/repair.sh" || exit 1
|
|
||||||
|
|
||||||
pre_repair
|
|
||||||
|
|
||||||
## Apache
|
|
||||||
|
|
||||||
service="apache2.service"
|
|
||||||
service_name="apache2"
|
|
||||||
|
|
||||||
if is_systemd_enabled "${service}"; then
|
|
||||||
if is_systemd_active "${service}"; then
|
|
||||||
log_all "${service} is active. Skip."
|
|
||||||
else
|
|
||||||
# Save service status before restart
|
|
||||||
systemctl status "${service}" | save_in_log_dir "${service_name}.before.status"
|
|
||||||
|
|
||||||
# check syntax
|
|
||||||
if apache2ctl -t > /dev/null 2>&1; then
|
|
||||||
# Try to restart
|
|
||||||
timeout 20 systemctl restart "${service}" > /dev/null
|
|
||||||
rc=$?
|
|
||||||
if [ "${rc}" -eq "0" ]; then
|
|
||||||
log_action "Restart ${service_name}: OK"
|
|
||||||
else
|
|
||||||
log_action "Restart ${service_name}: failed"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Save service status after restart
|
|
||||||
systemctl status "${service}" | save_in_log_dir "${service_name}.after.status"
|
|
||||||
|
|
||||||
# Save error logs
|
|
||||||
date=$(LANG=en_US.UTF-8 date '+%b %d')
|
|
||||||
grep "${date}" /home/*/log/error.log /var/log/apache2/*error.log \
|
|
||||||
| grep -v \
|
|
||||||
-e "Got error 'PHP message:" \
|
|
||||||
-e "No matching DirectoryIndex" \
|
|
||||||
-e "client denied by server configuration" \
|
|
||||||
-e "server certificate does NOT include an ID which matches the server name" \
|
|
||||||
| save_in_log_dir "apache-errors.log"
|
|
||||||
else
|
|
||||||
log_action "Restart ${service_name}: skip (invalid configuration)"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
log_all "${service} is disabled (or missing). Skip."
|
|
||||||
fi
|
|
||||||
|
|
||||||
## Nginx
|
|
||||||
|
|
||||||
service="nginx.service"
|
|
||||||
service_name="nginx"
|
|
||||||
|
|
||||||
if is_systemd_enabled "${service}"; then
|
|
||||||
if is_systemd_active "${service}"; then
|
|
||||||
log_all "${service} is active. Skip."
|
|
||||||
else
|
|
||||||
# Save service status before restart
|
|
||||||
systemctl status "${service}" | save_in_log_dir "${service_name}.before.status"
|
|
||||||
|
|
||||||
# check syntax
|
|
||||||
if nginx -t > /dev/null 2>&1; then
|
|
||||||
# Try to restart
|
|
||||||
timeout 20 systemctl restart "${service}" > /dev/null
|
|
||||||
rc=$?
|
|
||||||
if [ "${rc}" -eq "0" ]; then
|
|
||||||
log_action "Restart ${service_name}: OK"
|
|
||||||
else
|
|
||||||
log_action "Restart ${service_name}: failed"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Save service status after restart
|
|
||||||
systemctl status "${service}" | save_in_log_dir "${service_name}.after.status"
|
|
||||||
|
|
||||||
# Save error logs
|
|
||||||
### Consider doing for Nginx the same as Apache
|
|
||||||
else
|
|
||||||
log_action "Restart ${service_name}: skip (invalid configuration)"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
log_all "${service} is disabled (or missing). Skip."
|
|
||||||
fi
|
|
||||||
|
|
||||||
## LXC
|
|
||||||
|
|
||||||
if is_systemd_enabled 'lxc.service'; then
|
|
||||||
for container in $(lxc-ls -1 | grep --fixed-strings 'php' | grep --extended-regexp --invert-match --regexp '\bold\b' --regexp '\bdisabled\b'); do
|
|
||||||
repair_lxc_php "${container}"
|
|
||||||
done
|
|
||||||
else
|
|
||||||
log_all "LXC is disabled (or missing). Skip."
|
|
||||||
fi
|
|
||||||
|
|
||||||
## FPM
|
|
||||||
|
|
||||||
fpm_services=$(systemd_list_services 'php*-fpm*')
|
|
||||||
if [ -n "${fpm_services}" ]; then
|
|
||||||
for service in ${fpm_services}; do
|
|
||||||
service_name="${service//.service/}"
|
|
||||||
if is_systemd_enabled "${service}"; then
|
|
||||||
if is_systemd_active "${service}"; then
|
|
||||||
log_all "${service} is active. Skip."
|
|
||||||
else
|
|
||||||
# Save service status before restart
|
|
||||||
systemctl status "${service}" | save_in_log_dir "${service_name}.before.status"
|
|
||||||
|
|
||||||
# Try to restart
|
|
||||||
timeout 20 systemctl restart "${service}" > /dev/null
|
|
||||||
rc=$?
|
|
||||||
if [ "${rc}" -eq "0" ]; then
|
|
||||||
log_action "Restart ${service_name}: OK"
|
|
||||||
else
|
|
||||||
log_action "Restart ${service_name}: failed"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Save service status after restart
|
|
||||||
systemctl status "${service}" | save_in_log_dir "${service_name}.after.status"
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
log_all "${service} is disabled (or missing). Skip."
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
else
|
|
||||||
log_all "PHP FPM not found. Skip."
|
|
||||||
fi
|
|
||||||
|
|
||||||
post_repair
|
|
|
@ -1,69 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
: "${AUTOSYSADMIN_LIB:=/usr/local/lib/autosysadmin}"
|
|
||||||
source "${AUTOSYSADMIN_LIB}/common.sh" || exit 1
|
|
||||||
source "${AUTOSYSADMIN_LIB}/repair.sh" || exit 1
|
|
||||||
|
|
||||||
pre_repair
|
|
||||||
|
|
||||||
if is_debian_version "8" "<="; then
|
|
||||||
|
|
||||||
if is_sysvinit_enabled '*mysql*'; then
|
|
||||||
if ! pgrep -u mysql mysqld > /dev/null; then
|
|
||||||
|
|
||||||
# Save service status before restart
|
|
||||||
timeout 2 mysqladmin status 2>&1 | save_in_log_dir "mysql.before.status"
|
|
||||||
|
|
||||||
timeout 20 /etc/init.d/mysql restart > /dev/null
|
|
||||||
rc=$?
|
|
||||||
if [ "${rc}" -eq "0" ]; then
|
|
||||||
log_action "Restart mysql: OK"
|
|
||||||
else
|
|
||||||
log_action "Restart mysql: failed"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Save service status after restart
|
|
||||||
timeout 2 mysqladmin status 2>&1 | save_in_log_dir "mysql.after.status"
|
|
||||||
else
|
|
||||||
log_abort_and_quit "mysqld process alive. Aborting"
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
log_abort_and_quit "MySQL not enabled. Aborting"
|
|
||||||
fi
|
|
||||||
|
|
||||||
else
|
|
||||||
|
|
||||||
if is_debian_version "12" ">="; then
|
|
||||||
service="mariadb.service"
|
|
||||||
service_name="mariadb"
|
|
||||||
else
|
|
||||||
service="mysql.service"
|
|
||||||
service_name="mysql"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if is_systemd_enabled "${service}"; then
|
|
||||||
if is_systemd_active "${service}"; then
|
|
||||||
log_abort_and_quit "${service} is active, nothing left to do."
|
|
||||||
else
|
|
||||||
# Save service status before restart
|
|
||||||
systemctl status "${service}" | save_in_log_dir "${service_name}.before.status"
|
|
||||||
|
|
||||||
# Try to restart
|
|
||||||
timeout 20 systemctl restart "${service}" > /dev/null
|
|
||||||
rc=$?
|
|
||||||
if [ "${rc}" -eq "0" ]; then
|
|
||||||
log_action "Restart ${service_name}: OK"
|
|
||||||
else
|
|
||||||
log_action "Restart ${service_name}: failed"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Save service status after restart
|
|
||||||
systemctl status "${service}" | save_in_log_dir "${service_name}.after.status"
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
log_abort_and_quit "${service} is disabled (or missing), nothing left to do."
|
|
||||||
fi
|
|
||||||
|
|
||||||
fi
|
|
||||||
|
|
||||||
post_repair
|
|
|
@ -1,35 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
: "${AUTOSYSADMIN_LIB:=/usr/local/lib/autosysadmin}"
|
|
||||||
source "${AUTOSYSADMIN_LIB}/common.sh" || exit 1
|
|
||||||
source "${AUTOSYSADMIN_LIB}/repair.sh" || exit 1
|
|
||||||
|
|
||||||
pre_repair
|
|
||||||
|
|
||||||
service="opendkim.service"
|
|
||||||
service_name="opendkim"
|
|
||||||
|
|
||||||
if is_systemd_enabled "${service}"; then
|
|
||||||
if is_systemd_active "${service}"; then
|
|
||||||
log_abort_and_quit "${service} is active, nothing left to do."
|
|
||||||
else
|
|
||||||
# Save service status before restart
|
|
||||||
systemctl status "${service}" | save_in_log_dir "${service_name}.before.status"
|
|
||||||
|
|
||||||
# Try to restart
|
|
||||||
timeout 20 systemctl restart "${service}" > /dev/null
|
|
||||||
rc=$?
|
|
||||||
if [ "${rc}" -eq "0" ]; then
|
|
||||||
log_action "Restart ${service_name}: OK"
|
|
||||||
else
|
|
||||||
log_action "Restart ${service_name}: failed"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Save service status after restart
|
|
||||||
systemctl status "${service}" | save_in_log_dir "${service_name}.after.status"
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
log_abort_and_quit "${service} is disabled (or missing). Abort."
|
|
||||||
fi
|
|
||||||
|
|
||||||
post_repair
|
|
|
@ -1,14 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
: "${AUTOSYSADMIN_LIB:=/usr/local/lib/autosysadmin}"
|
|
||||||
source "${AUTOSYSADMIN_LIB}/common.sh" || exit 1
|
|
||||||
source "${AUTOSYSADMIN_LIB}/repair.sh" || exit 1
|
|
||||||
|
|
||||||
LOCK_WAIT="15s"
|
|
||||||
LOCK_NAME="repair_http"
|
|
||||||
|
|
||||||
pre_repair
|
|
||||||
|
|
||||||
repair_lxc_php php56
|
|
||||||
|
|
||||||
post_repair
|
|
|
@ -1,14 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
: "${AUTOSYSADMIN_LIB:=/usr/local/lib/autosysadmin}"
|
|
||||||
source "${AUTOSYSADMIN_LIB}/common.sh" || exit 1
|
|
||||||
source "${AUTOSYSADMIN_LIB}/repair.sh" || exit 1
|
|
||||||
|
|
||||||
LOCK_WAIT="15s"
|
|
||||||
LOCK_NAME="repair_http"
|
|
||||||
|
|
||||||
pre_repair
|
|
||||||
|
|
||||||
repair_lxc_php php70
|
|
||||||
|
|
||||||
post_repair
|
|
|
@ -1,14 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
: "${AUTOSYSADMIN_LIB:=/usr/local/lib/autosysadmin}"
|
|
||||||
source "${AUTOSYSADMIN_LIB}/common.sh" || exit 1
|
|
||||||
source "${AUTOSYSADMIN_LIB}/repair.sh" || exit 1
|
|
||||||
|
|
||||||
LOCK_WAIT="15s"
|
|
||||||
LOCK_NAME="repair_http"
|
|
||||||
|
|
||||||
pre_repair
|
|
||||||
|
|
||||||
repair_lxc_php php73
|
|
||||||
|
|
||||||
post_repair
|
|
|
@ -1,14 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
: "${AUTOSYSADMIN_LIB:=/usr/local/lib/autosysadmin}"
|
|
||||||
source "${AUTOSYSADMIN_LIB}/common.sh" || exit 1
|
|
||||||
source "${AUTOSYSADMIN_LIB}/repair.sh" || exit 1
|
|
||||||
|
|
||||||
LOCK_WAIT="15s"
|
|
||||||
LOCK_NAME="repair_http"
|
|
||||||
|
|
||||||
pre_repair
|
|
||||||
|
|
||||||
repair_lxc_php php74
|
|
||||||
|
|
||||||
post_repair
|
|
|
@ -1,14 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
: "${AUTOSYSADMIN_LIB:=/usr/local/lib/autosysadmin}"
|
|
||||||
source "${AUTOSYSADMIN_LIB}/common.sh" || exit 1
|
|
||||||
source "${AUTOSYSADMIN_LIB}/repair.sh" || exit 1
|
|
||||||
|
|
||||||
LOCK_WAIT="15s"
|
|
||||||
LOCK_NAME="repair_http"
|
|
||||||
|
|
||||||
pre_repair
|
|
||||||
|
|
||||||
repair_lxc_php php80
|
|
||||||
|
|
||||||
post_repair
|
|
|
@ -1,14 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
: "${AUTOSYSADMIN_LIB:=/usr/local/lib/autosysadmin}"
|
|
||||||
source "${AUTOSYSADMIN_LIB}/common.sh" || exit 1
|
|
||||||
source "${AUTOSYSADMIN_LIB}/repair.sh" || exit 1
|
|
||||||
|
|
||||||
LOCK_WAIT="15s"
|
|
||||||
LOCK_NAME="repair_http"
|
|
||||||
|
|
||||||
pre_repair
|
|
||||||
|
|
||||||
repair_lxc_php php81
|
|
||||||
|
|
||||||
post_repair
|
|
|
@ -1,14 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
: "${AUTOSYSADMIN_LIB:=/usr/local/lib/autosysadmin}"
|
|
||||||
source "${AUTOSYSADMIN_LIB}/common.sh" || exit 1
|
|
||||||
source "${AUTOSYSADMIN_LIB}/repair.sh" || exit 1
|
|
||||||
|
|
||||||
LOCK_WAIT="15s"
|
|
||||||
LOCK_NAME="repair_http"
|
|
||||||
|
|
||||||
pre_repair
|
|
||||||
|
|
||||||
repair_lxc_php php82
|
|
||||||
|
|
||||||
post_repair
|
|
|
@ -1,14 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
: "${AUTOSYSADMIN_LIB:=/usr/local/lib/autosysadmin}"
|
|
||||||
source "${AUTOSYSADMIN_LIB}/common.sh" || exit 1
|
|
||||||
source "${AUTOSYSADMIN_LIB}/repair.sh" || exit 1
|
|
||||||
|
|
||||||
LOCK_WAIT="15s"
|
|
||||||
LOCK_NAME="repair_http"
|
|
||||||
|
|
||||||
pre_repair
|
|
||||||
|
|
||||||
repair_lxc_php php83
|
|
||||||
|
|
||||||
post_repair
|
|
|
@ -1,32 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
: "${AUTOSYSADMIN_LIB:=/usr/local/lib/autosysadmin}"
|
|
||||||
source "${AUTOSYSADMIN_LIB}/common.sh" || exit 1
|
|
||||||
source "${AUTOSYSADMIN_LIB}/repair.sh" || exit 1
|
|
||||||
|
|
||||||
pre_repair
|
|
||||||
|
|
||||||
for service in $(systemd_list_services 'redis-server*'); do
|
|
||||||
service_name="${service//.service/}"
|
|
||||||
|
|
||||||
if is_systemd_active "${service}"; then
|
|
||||||
log_all "${service} is active. Skip."
|
|
||||||
else
|
|
||||||
# Save service status before restart
|
|
||||||
systemctl status "${service}" | save_in_log_dir "${service_name}.before.status"
|
|
||||||
|
|
||||||
# Try to restart
|
|
||||||
timeout 20 systemctl restart "${service}" > /dev/null
|
|
||||||
rc=$?
|
|
||||||
if [ "${rc}" -eq "0" ]; then
|
|
||||||
log_action "Restart ${service_name}: OK."
|
|
||||||
else
|
|
||||||
log_action "Restart ${service_name}: failed."
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Save service status after restart
|
|
||||||
systemctl status "${service}" | save_in_log_dir "${service_name}.after.status"
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
post_repair
|
|
|
@ -1,34 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
: "${AUTOSYSADMIN_LIB:=/usr/local/lib/autosysadmin}"
|
|
||||||
source "${AUTOSYSADMIN_LIB}/common.sh" || exit 1
|
|
||||||
source "${AUTOSYSADMIN_LIB}/repair.sh" || exit 1
|
|
||||||
|
|
||||||
pre_repair
|
|
||||||
|
|
||||||
repair_tomcat_instance_handle_tomcat() {
|
|
||||||
|
|
||||||
if /bin/su - "${1}" -c "/bin/systemctl --quiet --user is-active tomcat.service" ; then
|
|
||||||
if ! /bin/su - "${1}" -c "/usr/bin/timeout 20 /bin/systemctl --quiet --user restart tomcat.service"
|
|
||||||
then
|
|
||||||
log_abort_and_quit "Echec de redémarrage instance tomcat utilisateur ${1}"
|
|
||||||
else
|
|
||||||
log_action "Redémarrage instance tomcat utilisateur ${1}"
|
|
||||||
fi
|
|
||||||
elif /bin/systemctl --quiet is-active "${1}".service ; then
|
|
||||||
if ! /usr/bin/timeout 20 systemctl --quiet restart "${1}".service
|
|
||||||
then
|
|
||||||
log_abort_and_quit "Echec de redémarrage instance tomcat ${1}"
|
|
||||||
else
|
|
||||||
log_action "Redémarrage instance tomcat ${1}"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
for instance in $( /usr/local/lib/nagios/plugins/check_tomcat_instance.sh |grep CRITICAL |awk '{print $3}' |sed '1d') ;
|
|
||||||
do
|
|
||||||
repair_tomcat_instance_handle_tomcat "${instance}"
|
|
||||||
done
|
|
||||||
|
|
||||||
post_repair
|
|
|
@ -1,41 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
: "${AUTOSYSADMIN_LIB:=/usr/local/lib/autosysadmin}"
|
|
||||||
source "${AUTOSYSADMIN_LIB}/common.sh" || exit 1
|
|
||||||
source "${AUTOSYSADMIN_LIB}/repair.sh" || exit 1
|
|
||||||
|
|
||||||
## Custom lock wait and/or lock name
|
|
||||||
# LOCK_WAIT="15s"
|
|
||||||
# LOCK_NAME="repair_http"
|
|
||||||
|
|
||||||
pre_repair
|
|
||||||
|
|
||||||
## The name of the service, mainly for logging
|
|
||||||
service_name="example"
|
|
||||||
## The systemd service name
|
|
||||||
systemd_service="${service_name}.service"
|
|
||||||
|
|
||||||
if is_systemd_enabled "${systemd_service}"; then
|
|
||||||
if is_systemd_active "${systemd_service}"; then
|
|
||||||
log_abort_and_quit "${systemd_service} is active, nothing left to do."
|
|
||||||
else
|
|
||||||
# Save service status before restart
|
|
||||||
systemctl status "${systemd_service}" | save_in_log_dir "${service_name}.before.status"
|
|
||||||
|
|
||||||
# Try to restart
|
|
||||||
timeout 20 systemctl restart "${systemd_service}" > /dev/null
|
|
||||||
rc=$?
|
|
||||||
if [ "${rc}" -eq "0" ]; then
|
|
||||||
log_action "Restart ${service_name}: OK"
|
|
||||||
else
|
|
||||||
log_action "Restart ${service_name}: failed"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Save service status after restart
|
|
||||||
systemctl status "${systemd_service}" | save_in_log_dir "${service_name}.after.status"
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
log_abort_and_quit "${service_name} is disabled (or missing), nothing left to do."
|
|
||||||
fi
|
|
||||||
|
|
||||||
post_repair
|
|
|
@ -1,19 +0,0 @@
|
||||||
Autosysadmin "restart auto" scripts
|
|
||||||
===================================
|
|
||||||
|
|
||||||
In this directory you can place scripts that will be executed automatically by a cron job (stored in `/etc/cron.d/autosysadmin`).
|
|
||||||
|
|
||||||
They must satisfy the default `run-parts(8)` constraints :
|
|
||||||
|
|
||||||
* be "executable"
|
|
||||||
* belong to the Debian cron script namespace (`^[a-zA-Z0-9_-]+$`), example: `restart_amavis`
|
|
||||||
|
|
||||||
Warning: scripts that do not satisfy those criteria will NOT be run (silently)!
|
|
||||||
|
|
||||||
You can print the names of the scripts which would be run, without actually running them, with this command :
|
|
||||||
|
|
||||||
```
|
|
||||||
$ run-parts --test /usr/share/scripts/autosysadmin/restart
|
|
||||||
```
|
|
||||||
|
|
||||||
You can use `zzz-restart_example.template` as boilerplate code to make your own "restart" script.
|
|
|
@ -1,120 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
: "${AUTOSYSADMIN_LIB:=/usr/local/lib/autosysadmin}"
|
|
||||||
source "${AUTOSYSADMIN_LIB}/common.sh" || exit 1
|
|
||||||
source "${AUTOSYSADMIN_LIB}/restart.sh" || exit 1
|
|
||||||
|
|
||||||
# shellcheck disable=SC2034
|
|
||||||
RUNNING="nwh-fr"
|
|
||||||
|
|
||||||
## Possible values for RUNNING :
|
|
||||||
## never => disabled
|
|
||||||
## always => enabled
|
|
||||||
## nwh-fr => enabled during non-working-hours in France
|
|
||||||
## nwh-ca => enabled during non-working-hours in Canada (not supported yet)
|
|
||||||
## custom => enabled if `running_custom()` function returns 0, otherwise disabled.
|
|
||||||
|
|
||||||
## Uncomment and customize this method if you want to have a special logic :
|
|
||||||
##
|
|
||||||
## return 1 if we should not run
|
|
||||||
## return 0 if we should run
|
|
||||||
##
|
|
||||||
## Some available functions :
|
|
||||||
## is_weekend() : Saturday or Sunday
|
|
||||||
## is_holiday() : holiday in France (based on `gcal(1)`)
|
|
||||||
## is_workday() : not weekend and not holiday
|
|
||||||
## is_worktime() : work day between 9-12h and 14-18h
|
|
||||||
#
|
|
||||||
# running_custom() {
|
|
||||||
# # implement your own custom method to decide if we should run or not
|
|
||||||
# }
|
|
||||||
|
|
||||||
## The name of the service, mainly for logging
|
|
||||||
service_name="example"
|
|
||||||
## The SysVinit script name
|
|
||||||
sysvinit_script="${service_name}"
|
|
||||||
## The systemd service name
|
|
||||||
systemd_service="${service_name}.service"
|
|
||||||
|
|
||||||
is_service_alive() {
|
|
||||||
## this must return 0 if the service is alive, otherwise return 1
|
|
||||||
## Example:
|
|
||||||
pgrep -u USER PROCESS_NAME > /dev/null
|
|
||||||
}
|
|
||||||
|
|
||||||
## Action for SysVinit system
|
|
||||||
sysvinit_action() {
|
|
||||||
# Save service status before restart
|
|
||||||
timeout 2 "/etc/init.d/${sysvinit_script}" status | save_in_log_dir "${service_name}.before.status"
|
|
||||||
|
|
||||||
# Try to restart
|
|
||||||
timeout 20 "/etc/init.d/${sysvinit_script}" restart > /dev/null
|
|
||||||
rc=$?
|
|
||||||
if [ "${rc}" -eq "0" ]; then
|
|
||||||
log_action "Restart ${service_name}: OK"
|
|
||||||
else
|
|
||||||
log_action "Restart ${service_name}: failed"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Save service status after restart
|
|
||||||
timeout 2 "/etc/init.d/${sysvinit_script}" status | save_in_log_dir "${service_name}.after.status"
|
|
||||||
}
|
|
||||||
|
|
||||||
## Action for systemd system
|
|
||||||
systemd_action() {
|
|
||||||
# Save service status before restart
|
|
||||||
systemctl status "${systemd_service}" | save_in_log_dir "${service_name}.before.status"
|
|
||||||
|
|
||||||
# Try to restart
|
|
||||||
# systemctl (only for NRPE ?) sometimes returns 0 even if the service has failed to start
|
|
||||||
# so we check the status explicitly
|
|
||||||
timeout 20 systemctl restart "${systemd_service}" > /dev/null \
|
|
||||||
&& sleep 1 \
|
|
||||||
&& systemctl status "${systemd_service}" > /dev/null
|
|
||||||
rc=$?
|
|
||||||
if [ "${rc}" -eq "0" ]; then
|
|
||||||
log_action "Restart ${service_name}: OK"
|
|
||||||
else
|
|
||||||
log_action "Restart ${service_name}: failed"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Save service status after restart
|
|
||||||
systemctl status "${systemd_service}" | save_in_log_dir "${service_name}.after.status"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Should we run?
|
|
||||||
if ! is_supposed_to_run; then
|
|
||||||
# log_global "${PROGNAME} is not supposed to run (RUNNING=${RUNNING})."
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
if is_service_alive; then
|
|
||||||
# log_global "${service_name} process alive. Aborting"
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Yes we do, so check for sysvinit or systemd
|
|
||||||
if is_debian_version "8" "<="; then
|
|
||||||
if ! is_sysvinit_enabled "*${sysvinit_script}*"; then
|
|
||||||
# log_global "${service_name} not enabled. Aborting"
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Let's finally do the action
|
|
||||||
pre_restart
|
|
||||||
sysvinit_action
|
|
||||||
post_restart
|
|
||||||
else
|
|
||||||
if ! is_systemd_enabled "${systemd_service}"; then
|
|
||||||
# log_global "${service_name} is disabled (or missing), nothing left to do."
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
if is_systemd_active "${systemd_service}"; then
|
|
||||||
# log_global "${service_name} is active, nothing left to do."
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Let's finally do the action
|
|
||||||
pre_restart
|
|
||||||
systemd_action
|
|
||||||
post_restart
|
|
||||||
fi
|
|
|
@ -1,16 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: restart nagios-nrpe-server
|
|
||||||
service:
|
|
||||||
name: nagios-nrpe-server
|
|
||||||
state: restarted
|
|
||||||
|
|
||||||
- name: restart nrpe
|
|
||||||
service:
|
|
||||||
name: nrpe
|
|
||||||
state: restarted
|
|
||||||
|
|
||||||
- name: restart rsyslog
|
|
||||||
service:
|
|
||||||
name: rsyslog
|
|
||||||
state: restarted
|
|
|
@ -1,25 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: "Add begin marker if missing"
|
|
||||||
ansible.builtin.lineinfile:
|
|
||||||
path: "/etc/cron.d/autosysadmin"
|
|
||||||
line: "# BEGIN ANSIBLE MANAGED SECTION FOR AUTOSYSADMIN"
|
|
||||||
insertbefore: BOF
|
|
||||||
create: yes
|
|
||||||
|
|
||||||
- name: "Add end marker if missing"
|
|
||||||
ansible.builtin.lineinfile:
|
|
||||||
path: "/etc/cron.d/autosysadmin"
|
|
||||||
line: "# END ANSIBLE MANAGED SECTION FOR AUTOSYSADMIN"
|
|
||||||
insertbefore: "EOF"
|
|
||||||
create: yes
|
|
||||||
|
|
||||||
- name: "Create config if missing"
|
|
||||||
ansible.builtin.blockinfile:
|
|
||||||
path: "/etc/cron.d/autosysadmin"
|
|
||||||
marker: "# {mark} ANSIBLE MANAGED SECTION FOR AUTOSYSADMIN"
|
|
||||||
block: "{{ lookup('ansible.builtin.template', '../templates/autosysadmin.cron.j2') }}"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: "0750"
|
|
||||||
create: yes
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue