Jérémy Lecour
8b48552e36
Release 10.2.0
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
2020-09-17 14:06:46 +02:00
Jérémy Lecour
3e67d92fd3
certbot: an empty change shouldn't raise an exception
continuous-integration/drone/push Build is passing
2020-09-16 12:07:27 +02:00
Jérémy Lecour
48174ad618
evoacme: remount /usr if necessary
continuous-integration/drone/push Build is passing
2020-09-14 11:31:47 +02:00
Jérémy Lecour
4007b14c09
whitespaces
continuous-integration/drone/push Build is passing
2020-09-14 11:17:54 +02:00
Jérémy Lecour
b818c348c2
evoacme: remove Debian 9 support
continuous-integration/drone/push Build is passing
2020-09-11 11:09:45 +02:00
Ludovic Poujol
f9d6fe0ad4
evolinux-base: install wget
continuous-integration/drone/push Build is passing
2020-09-10 14:59:19 +02:00
Jérémy Lecour
c7151a8de8
certbot: fix "no-self-upgrade" option
continuous-integration/drone/push Build is passing
2020-09-08 10:02:15 +02:00
Jérémy Lecour
37ed5dd393
evolinux-base: swappiness is customizable
continuous-integration/drone/push Build is passing
2020-09-01 14:08:39 +02:00
Jérémy Lecour
afa0fd35c8
Change default public SSH/SFTP port from 2222 to 22222
continuous-integration/drone/push Build is passing
2020-08-28 18:32:47 +02:00
Jérémy Lecour
d0622c6b20
tomcat: root directory owner/group are configurable
continuous-integration/drone/push Build is passing
2020-08-27 17:12:34 +02:00
Jérémy Lecour
7413a242a8
Release 10.1.0
continuous-integration/drone/pr Build is passing
continuous-integration/drone/push Build is passing
2020-08-21 14:50:17 +02:00
Jérémy Lecour
44ddc8047d
evoacme: disable empty task for hooks
2020-08-21 14:21:28 +02:00
Jérémy Lecour
1e6d6cdd13
sort lines in CHANGELOG
2020-08-21 14:03:41 +02:00
Jérémy Lecour
f49bf5c72d
evoacme: use Let's Encrypt deploy hooks instead of evoacme hooks
continuous-integration/drone/push Build is passing
2020-08-21 14:02:07 +02:00
Jérémy Lecour
a60deb276b
evoacme: upstream release 20.08
2020-08-21 14:01:06 +02:00
Jérémy Lecour
8ea1bac000
evoacme: update for new certbot role
...
* certbot is installed by the certbot role
* Apache/Nginx configuration is delegated to the certbot role
* No more "acme" user, everything is done with "root".
2020-08-21 13:36:24 +02:00
Benoît S.
a8095b1c36
Updated CHANGELOG.md with recent merges
continuous-integration/drone/push Build is passing
2020-08-20 15:49:22 +09:00
Jérémy Lecour
5c4daf3691
Merge remote-tracking branch 'origin/generateldif-patch' into unstable
continuous-integration/drone/push Build is passing
2020-08-19 14:53:10 +02:00
Jérémy Lecour
d457b25c4b
Merge remote-tracking branch 'origin/nagios-nrpe-amavis-update' into unstable
2020-08-19 14:52:04 +02:00
Jérémy Lecour
7eed6d0255
Merge remote-tracking branch 'origin/squid-sa-update-domains' into unstable
2020-08-19 14:51:50 +02:00
Jérémy Lecour
221e9edc10
Merge branch 'nagios-nrpe-check-hpraid' into unstable
2020-08-19 14:49:22 +02:00
Jérémy Lecour
57ac4e467c
metricbeat: allow using a template
continuous-integration/drone/push Build is passing
2020-08-18 14:01:09 +02:00
Jérémy Lecour
ce35f7292f
filebeat: allow using a template
2020-08-18 14:00:46 +02:00
Ludovic Poujol
edbc596511
mongodb: Fix issue introduced by 8aa7f6cf33
continuous-integration/drone/push Build is passing
2020-07-30 11:31:19 +02:00
Jérémy Lecour
eeeb20771a
elasticsearch: keep native values
continuous-integration/drone/push Build is passing
2020-07-21 10:46:34 +02:00
Jérémy Lecour
d3e69eeeb5
certbot: fix haproxy hook (ssl cert directory detection)
...
continuous-integration/drone/push Build is passing
It was matching additional parameters.
Now it matches on the first argument after "crt"
2020-07-21 10:46:01 +02:00
Jérémy Lecour
21b8104654
elasticsearch: configure cluster with seed hosts and initial masters
continuous-integration/drone/push Build is passing
2020-07-19 11:40:59 +02:00
Jérémy Lecour
9270852349
elasticsearch: set tmpdir before datadir
continuous-integration/drone/push Build is passing
2020-07-19 11:30:00 +02:00
Jérémy Lecour
cea5620568
elasticsearch is compatible with buster
continuous-integration/drone/push Build is passing
2020-07-17 13:49:07 +02:00
Jérémy Lecour
8aa7f6cf33
mongodb: install custom munin plugins
continuous-integration/drone/push Build is passing
2020-07-17 13:48:18 +02:00
Benoît S.
1c050b481a
evolinux-base: check_hpraid.cron.sh: Fixed wrong <<<
usage
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
2020-07-01 10:18:30 +09:00
Benoît S.
0150e77041
generate-ldif: Patched computerOS detection
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
2020-06-30 05:11:05 +02:00
Benoît S.
0fd8128f94
generate-ldif: Skip some odd ethernet devices
2020-06-30 04:36:04 +02:00
Benoît S.
0cd889e4fb
generate-ldif: Add NVMe disk support
2020-06-30 04:10:03 +02:00
Benoît S.
9a8f1979bc
evolinux-base: check_hpraid.cron.sh: Fixed wrong else
...
continuous-integration/drone/push Build is passing
The logic was wrong, an else part was not necessary.
2020-06-26 17:57:50 +09:00
Benoît S.
a28b9558cb
evolinux-base: check_hpraid.cron.sh: Better logic and use mail
...
continuous-integration/drone/push Build is passing
First step is to detect errors
Second step is to detect different state
Added mail comand to replace cron output
2020-06-24 18:57:08 +09:00
Jérémy Lecour
9bdd5ad9e7
haproxy: rotate logs with date extension and immediate compression
continuous-integration/drone/push Build is passing
2020-06-22 19:02:29 +02:00
Benoît S.
de908ae5bd
nagios-nrpe: check_amavis: Update regex
...
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
I just installed a Debian Stretch with a pack mail and the check_amavis
was not checking the right regex.
Amavis is returning:
2.7.0 Ok, discarded, id=17556-09 - INFECTED: Eicar-Signature
So the regex should be:
-if ($result =~/2.7.0 Ok, discarded, id=[^,]+ - INFECTED: Eicar-Test-Signature/) {
+if ($result =~/2.7.0 Ok, discarded, id=\S+ - INFECTED: Eicar-Signature/) {
2020-06-17 12:20:33 +09:00
Benoît S.
1d7d2ce08d
squid: Update regex for sa-update domains.
...
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
List of domains is like:
http://sa-update.dnswl.org/ weight=3
http://www.sa-update.pccc.com/ weight=5
http://sa-update.secnap.net/ weight=5
http://sa-update.space-pro.be/ weight=1
http://sa-update.ena.com/ weight=5
http://sa-update.razx.cloud/ weight=5
http://sa-update.fossies.org/ weight=1
http://sa-update.verein-clean.net/ weight=10
http://sa-update.bitwell.fi/ weight=5
http://sa-update.spamassassin.org/ weight=10
They all start sa-update.*, except for http://www.sa-update.pccc.com/ .
In that case, we just match sa-update on the domain name.
2020-06-17 11:25:24 +09:00
Jérémy Lecour
977c28c720
varnish: fix start command when multiple addresses are present
continuous-integration/drone/push Build is passing
2020-06-16 13:51:07 +02:00
Benoît S.
766b4dfa82
evolinux-base: check_hpraid cron: Add -p
continuous-integration/drone/push Build is passing
2020-06-16 13:20:43 +09:00
Benoît S.
a74f4e1890
evolinux-base/tasks/hardware.yml: Removed trailing whitespace
continuous-integration/drone/push Build is passing
2020-06-16 12:42:33 +09:00
Benoît S.
4bec21a9f3
evolinux-base: harware: Support HP gen >=10 RAID controller
continuous-integration/drone/push Build is passing
2020-06-16 12:35:56 +09:00
Benoît S.
241f50d27e
nagios-nrpe: check_hpraid: Update known working RAID controllers
2020-06-16 12:34:48 +09:00
Benoît S.
74229809ff
nagios-nrpe: Add check_hpraid in template
2020-06-16 12:28:10 +09:00
Benoît S.
09e17ffe6c
nagios-nrpe: check_hpraid: Use printf for return lines
continuous-integration/drone/push Build is passing
2020-06-16 11:16:44 +09:00
Benoît S.
b47d2b872c
nagios-nrpe: check_hpraid: Fixed wrong grep in EXCLUDE_BATTERY
continuous-integration/drone/push Build is passing
2020-06-16 10:57:18 +09:00
Benoît S.
d49da6954a
nagios-nrpe: check_hpraid: Fix wrong command name in examples
continuous-integration/drone/push Build is passing
2020-06-16 10:53:00 +09:00
Benoît S.
6126be95e3
nagios-nrpe: check_hpraid: Be sure that variables are bound
continuous-integration/drone/push Build is passing
2020-06-16 10:36:24 +09:00
Jérémy Lecour
ce7468816f
haproxy: deport SSL tuning to Mozilla SSL generator
...
continuous-integration/drone/push Build is passing
There are too many combinations and they change every so often.
It's better to direct the user to the generator to have a good
configuration.
2020-06-15 22:47:08 +02:00
Jérémy Lecour
30cdbae981
haproxy: split stats variables
2020-06-15 22:45:22 +02:00
Jérémy Lecour
011761eb8f
haproxy: add deny_ips file to reject connections
continuous-integration/drone/push Build is passing
2020-06-14 23:28:29 +02:00
Jérémy Lecour
8465743973
haproxy: add some comments to default config
2020-06-14 23:27:50 +02:00
Jérémy Lecour
01a486b20a
haproxy: simplify syntax fos stats section
2020-06-14 23:19:40 +02:00
Jérémy Lecour
ac4ef5ff96
whitespaces
2020-06-14 19:47:16 +02:00
Jérémy Lecour
4bf5b1daa6
nginx: read server-status values before changing the config
continuous-integration/drone/push Build is passing
2020-06-14 12:49:10 +02:00
Jérémy Lecour
f47af9f54f
haproxy: preconfigure SSL with defaults
continuous-integration/drone/push Build is passing
2020-06-14 12:37:04 +02:00
Jérémy Lecour
7f54b8ab60
haproxy: adapt backports installed package list to distibution
2020-06-14 12:37:04 +02:00
Jérémy Lecour
e5d4ea3c18
nginx: make default vhost configurable
2020-06-14 12:37:04 +02:00
Jérémy Lecour
ce0d61bcbd
certbot: detect HAProxy cert directory
2020-06-14 12:37:04 +02:00
Patrick Marchand
0fee07f47e
Fix variable par défaut manquante dans mysql
...
continuous-integration/drone/push Build is passing
Le lower_case_table_names doit être mis à Null pour que le check marche.
2020-06-10 10:37:36 -04:00
Jérémy Lecour
a8887aaa8e
update changelog
continuous-integration/drone/push Build is passing
2020-06-09 11:45:19 +02:00
Jérémy Lecour
4c71ea2012
haproxy: enable stats frontend with access lists
continuous-integration/drone/push Build is passing
2020-06-09 11:41:33 +02:00
Patrick Marchand
c9daa8ba35
evobackup-client: Fix ssh connection test in zzz_evobackup.sh
...
continuous-integration/drone/push Build is passing
When I made the ssh key name a variable and defaulted it to id_ed25519,
I forgot to change the hardcoded value for the ssh test in
evobackup-client/templates/zzz_evobackup.default.sh.j2
2020-06-08 17:22:18 -04:00
Jérémy Lecour
d9f9d03140
evoacme: read values from environment before defaults file
continuous-integration/drone/push Build is passing
2020-06-05 11:31:42 +02:00
Jérémy Lecour
1ade990526
mongodb: fix logrotate patterm on Debian buster
continuous-integration/drone/push Build is passing
2020-06-05 11:02:54 +02:00
Eric Morino
2fbf1ff9f9
Force owner opendkim for /etc/opendkim/ folder
continuous-integration/drone/push Build is passing
2020-06-05 11:00:22 +02:00
Jérémy Lecour
7f0931510f
evoacme: upstream release 20.06.1
continuous-integration/drone/push Build is passing
2020-06-05 11:01:42 +02:00
Ludovic Poujol
ebffccae59
lxc-php: Do --no-install-recommends for ssmtp/opensmtpd
continuous-integration/drone/push Build is passing
2020-06-05 11:01:22 +02:00
Ludovic Poujol
186f3d90b9
lxc-php: Install opensmtpd as intended
2020-06-05 10:57:49 +02:00
Ludovic Poujol
0dfb92360f
php: Don't disable putenv() by default in PHP settings
continuous-integration/drone/push Build is passing
2020-06-04 11:52:04 +02:00
Ludovic Poujol
90704dc712
lxc-php: Don't disable putenv() by default in PHP settings
2020-06-04 11:51:25 +02:00
Ludovic Poujol
ead0b7fd88
lxc-php: Install php-sqlite by default
continuous-integration/drone/push Build is passing
2020-06-04 11:42:17 +02:00
Ludovic Poujol
8c883c44dd
php: Install php-sqlite by default
2020-06-04 11:39:51 +02:00
Ludovic Poujol
c7d456471b
packweb-apache: Install zip & unzip by default
2020-06-04 11:34:26 +02:00
Jérémy Lecour
2ca7872eef
haproxy: syntax and whitespaces
continuous-integration/drone/push Build is passing
2020-06-04 11:22:58 +02:00
Jérémy Lecour
3bd0a4ffb3
certbot: restore compatibility with old Nginx
2020-06-04 11:22:58 +02:00
Jérémy Lecour
9aed38b637
certbot: install certbot dependencies non-interactively for jessie
2020-06-04 11:22:58 +02:00
Jérémy Dubois
1a0872c507
nagios-nrpe / evolinux-base : new ntp server variable
...
continuous-integration/drone/push Build is passing
Online hosted servers must use ntp.online.net as
ntp server, because others one are rate limited.
Default ntp server is pool.ntp.org, and a custom
one can be set with the nagios_nrpe_ntp_server
variable.
2020-06-04 10:55:48 +02:00
Benoît S.
342810362d
evolinux-base: check_hpraid.sh: Fix missing copy of RAID state
continuous-integration/drone/push Build is passing
2020-06-04 17:32:49 +09:00
Benoît S.
91dda2e1a2
evolinux-base: check_hpraid.sh: Fix RAID state detection
2020-06-04 17:23:14 +09:00
Benoît S.
7b97702f15
evolinux-base: Add check_hpraid.sh
...
continuous-integration/drone/push Build is passing
This script is meant to be executed as a cron by executing Nagios
NRPE plugin check_hpraid and notify by mail any errors
2020-06-04 16:50:35 +09:00
Jérémy Lecour
1d5a30b144
evoacme: upstream release 20.06
continuous-integration/drone/push Build is passing
2020-06-03 12:09:58 +02:00
Patrick Marchand
c8cd119a18
Merge pull request 'Make it possible to setup mysql replication' ( #102 ) from mysql_replication into unstable
continuous-integration/drone/push Build is passing
2020-06-02 17:31:13 +02:00
Jérémy Lecour
4cf438c8ff
redis: raise an error is port 6379 is used in "instance" mode
continuous-integration/drone/push Build is passing
2020-06-02 11:22:56 +02:00
Jérémy Lecour
8a87fecbe4
redis: new syntax for match filter
continuous-integration/drone/push Build is passing
2020-06-02 11:00:06 +02:00
Jérémy Lecour
47d11308ba
redis: create sudoers file if missing
2020-06-02 10:59:51 +02:00
Jérémy Lecour
86cab2ab94
haproxy: chroot and socket path are configurable
2020-06-02 10:58:10 +02:00
Jérémy Lecour
3fe1138a98
whitespaces
2020-06-02 10:57:16 +02:00
Patrick Marchand
8c1e40c1a9
Add option to make a mysql install read only
...
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
Rebased on unstable
2020-06-01 12:03:23 -04:00
Patrick Marchand
5b9cc3af31
Added mysql_innodb_log_file_size option to the mysql role
...
Makes it possible to have larger binary entries when replicating.
2020-06-01 12:01:01 -04:00
Patrick Marchand
1a96616f42
Fix right problem in mysql replication
...
The configuration file was not set to 0644, which caused the file
to be ignored by mysql and it's configuration not to be set.
2020-06-01 12:01:01 -04:00
Patrick Marchand
b80f3993ae
Added some mysql variables and allowed forcing config update
...
The default behaviour is kept, but this way we can manage a mysql
installation from ansible.
2020-06-01 12:01:01 -04:00
Patrick Marchand
d15819fb04
Replication should set a binlog format
...
This could possible be better served in the base config file, but
for now I'll keep it here.
2020-06-01 12:01:01 -04:00
Patrick Marchand
6289c7fe1c
Removed redundant nagios checks
...
They are already installed by the base roles.
2020-06-01 12:01:01 -04:00
Patrick Marchand
45fba1f878
Removed useless dbadmin script from mysql replication tasks
...
It was used by a very specific client case and is not needed for a
general role.
2020-06-01 12:01:01 -04:00
Patrick Marchand
c319be2542
Make it possible for mysql role to copy evolix scripts
...
Based myself off of the webapps/evoadmin-web role, but I'm not sure
we still consider this a hack or not. We use a read only /usr fs,
so we need to remount it to add scripts in /usr/local/share.
2020-06-01 12:01:01 -04:00
Patrick Marchand
31f002f9d9
Added option to prepare mysql servers for replication
2020-06-01 12:01:01 -04:00
Benoît S.
314cd2c1de
nagios-nrpe: Added hpsa support to check_hpraid
...
continuous-integration/drone/push Build is passing
Also handle empty slots.
2020-05-29 09:43:15 +09:00
Benoît S.
f35cbdbe30
nagios-nrpe: shellchecked check_hp
...
continuous-integration/drone/push Build is passing
Also refactored the checking part and outputing.
2020-05-28 16:35:11 +09:00
Benoît S.
0307c0b066
nagios-nrpe: Adding licence GPLv2 to check_hpraid
...
Also describe what has been removed/changed from the original source.
2020-05-28 15:33:00 +09:00
Benoît S.
073f2b5b09
nqgios-nrpe: Add check_hpraid
continuous-integration/drone/push Build is passing
2020-05-28 13:01:50 +09:00
Ludovic Poujol
09371b095f
packweb-apache: Don't turn on mod-evasive emails by default
continuous-integration/drone/push Build is passing
2020-05-18 12:03:34 +02:00