Release 10.0.0 #100
|
@ -26,6 +26,9 @@ The **patch** part changes incrementally at each release.
|
|||
* redis: rewrite of the role (separate instances, better systemd units…)
|
||||
* webapps/evoadmin-web Overload templates if needed
|
||||
* webapps/evoadmin-web Add an htpasswd to evoadmin if you cant use an apache IP whitelist
|
||||
* bind: enable query logging for recursive resolvers
|
||||
* bind: enable logrotate for recursive resolvers
|
||||
* bind: enable bind9 munin plugin for recursive resolvers
|
||||
|
||||
### Changed
|
||||
* elasticsearch: listen on local interface only by default
|
||||
|
@ -41,6 +44,8 @@ The **patch** part changes incrementally at each release.
|
|||
* lxc: remove useless loop in apt execution
|
||||
* lxc: update our default template to be compatible with Debian 10
|
||||
* lxc: rely on lxc_container module instead of command module
|
||||
* bind: the munin task was present, but not included
|
||||
* bind: change name of logrotate file to bind9
|
||||
|
||||
### Fixed
|
||||
* lxc-php: Don't remove the default pool
|
||||
|
@ -49,6 +54,7 @@ The **patch** part changes incrementally at each release.
|
|||
* tomcat: fix typo for default tomcat_version
|
||||
* evoadmin-web: Put the php config at the right place for Buster
|
||||
|
||||
|
||||
### Security
|
||||
|
||||
## [9.10.1] - 2019-06-21
|
||||
|
|
|
@ -65,7 +65,7 @@
|
|||
group: adm
|
||||
mode: "0640"
|
||||
state: touch
|
||||
when: bind_authoritative_server and bind_chroot_set == False
|
||||
when: bind_chroot_set == False
|
||||
|
||||
- name: send chroot-bind.sh in /root
|
||||
copy:
|
||||
|
@ -98,7 +98,7 @@
|
|||
- name: logrotate for non chroot bind
|
||||
template:
|
||||
src: logrotate_bind
|
||||
dest: /etc/logrotate.d/bind
|
||||
dest: /etc/logrotate.d/bind9
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
|
@ -109,10 +109,12 @@
|
|||
- name: logrotate for chroot bind
|
||||
template:
|
||||
src: logrotate_bind_chroot.j2
|
||||
dest: /etc/logrotate.d/bind
|
||||
dest: /etc/logrotate.d/bind9
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
force: yes
|
||||
notify: restart bind
|
||||
when: bind_chroot_set
|
||||
|
||||
- include: munin.yml
|
||||
|
|
|
@ -8,9 +8,8 @@
|
|||
tags:
|
||||
- bind
|
||||
- munin
|
||||
when: bind_authoritative_server
|
||||
|
||||
- name: Enable munin plugins
|
||||
- name: Enable munin plugins for authoritative server
|
||||
file:
|
||||
src: "/usr/share/munin/plugins/{{ item }}"
|
||||
dest: "/etc/munin/plugins/{{ item }}"
|
||||
|
@ -19,7 +18,25 @@
|
|||
- bind9
|
||||
- bind9_rndc
|
||||
notify: restart munin-node
|
||||
when: bind_authoritative_server and munin_node_plugins_config.stat.exists
|
||||
when:
|
||||
- bind_authoritative_server
|
||||
- munin_node_plugins_config.stat.exists
|
||||
tags:
|
||||
- bind
|
||||
- munin
|
||||
|
||||
- name: Enable munin plugins for recursive server
|
||||
file:
|
||||
src: "/usr/share/munin/plugins/{{ item }}"
|
||||
dest: "/etc/munin/plugins/{{ item }}"
|
||||
state: link
|
||||
with_items:
|
||||
- bind9
|
||||
- bind9_rndc
|
||||
notify: restart munin-node
|
||||
when:
|
||||
- bind_recursive_server
|
||||
- munin_node_plugins_config.stat.exists
|
||||
tags:
|
||||
- bind
|
||||
- munin
|
||||
|
@ -33,7 +50,7 @@
|
|||
mode: "0644"
|
||||
force: yes
|
||||
notify: restart munin-node
|
||||
when: bind_authoritative_server and munin_node_plugins_config.stat.exists
|
||||
when: munin_node_plugins_config.stat.exists
|
||||
tags:
|
||||
- bind
|
||||
- munin
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
[bind*]
|
||||
user root
|
||||
env.logfile {{ bind_query_file }}
|
||||
{% if bind_authoritative_server %}
|
||||
env.querystats {{ bind_chroot_path }}{{ bind_statistics_file }}
|
||||
{% endif %}
|
||||
env.MUNIN_PLUGSTATE /var/lib/munin
|
||||
timeout 120
|
||||
|
|
|
@ -8,9 +8,17 @@ options {
|
|||
};
|
||||
|
||||
logging {
|
||||
category default { default_file; };
|
||||
channel default_file {
|
||||
file "/var/log/bind.log";
|
||||
severity info;
|
||||
};
|
||||
category default { default_file; };
|
||||
category queries { query_logging; };
|
||||
|
||||
channel default_file {
|
||||
file "/var/log/bind.log";
|
||||
severity info;
|
||||
};
|
||||
channel query_logging {
|
||||
file "/var/log/bind_queries.log" versions 2 size 128M;
|
||||
print-category yes;
|
||||
print-severity yes;
|
||||
print-time yes;
|
||||
};
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue