release 22.07.1 #160
50
.Jenkinsfile
Normal file
50
.Jenkinsfile
Normal file
|
@ -0,0 +1,50 @@
|
||||||
|
pipeline {
|
||||||
|
agent { label 'docker' }
|
||||||
|
|
||||||
|
environment {
|
||||||
|
ROLES_VERSION = "${env.GIT_COMMIT}"
|
||||||
|
}
|
||||||
|
|
||||||
|
stages {
|
||||||
|
stage('Build tagged docker image') {
|
||||||
|
when {
|
||||||
|
buildingTag()
|
||||||
|
}
|
||||||
|
steps {
|
||||||
|
script {
|
||||||
|
def im = docker.build("evolix/ansible-roles:build${env.BUILD_ID}")
|
||||||
|
im.inside {
|
||||||
|
sh 'echo Test needed'
|
||||||
|
}
|
||||||
|
def version = TAG_NAME
|
||||||
|
def versions = version.split('\\.')
|
||||||
|
def major = versions[0]
|
||||||
|
def minor = versions[0] + '.' + versions[1]
|
||||||
|
def patch = version.trim()
|
||||||
|
/* No crendentials yet
|
||||||
|
im.push(major)
|
||||||
|
im.push(minor)
|
||||||
|
im.push(patch)
|
||||||
|
*/
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
stage('Build latest docker image') {
|
||||||
|
when {
|
||||||
|
branch 'unstable'
|
||||||
|
}
|
||||||
|
steps {
|
||||||
|
script {
|
||||||
|
def im = docker.build("evolix/ansible-roles:build${env.BUILD_ID}")
|
||||||
|
im.inside {
|
||||||
|
sh 'echo Test needed'
|
||||||
|
}
|
||||||
|
/* No crendentials yet
|
||||||
|
im.push('latest')
|
||||||
|
*/
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
16
CHANGELOG.md
16
CHANGELOG.md
|
@ -20,6 +20,22 @@ The **patch** part changes is incremented if multiple releases happen the same m
|
||||||
|
|
||||||
### Security
|
### Security
|
||||||
|
|
||||||
|
## [22.07.1] 2022-07-28
|
||||||
|
|
||||||
|
### Changed
|
||||||
|
|
||||||
|
* evocheck: upstream release 22.07
|
||||||
|
* evomaintenance: upstream release 22.07
|
||||||
|
* mongodb: replace version_compare() with version()
|
||||||
|
* nagios-nrpe: check_disk1 returns only alerts
|
||||||
|
* nagios-nrpe: use regexp to exclude paths/devices in check_disk1
|
||||||
|
|
||||||
|
## [22.07] 2022-07-08
|
||||||
|
|
||||||
|
### Added
|
||||||
|
|
||||||
|
* fail2ban: Ensure apply dbpurgeage from stretch and buster
|
||||||
|
|
||||||
## [22.07] 2022-07-06
|
## [22.07] 2022-07-06
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
# Script to verify compliance of a Debian/OpenBSD server
|
# Script to verify compliance of a Debian/OpenBSD server
|
||||||
# powered by Evolix
|
# powered by Evolix
|
||||||
|
|
||||||
VERSION="22.06.2"
|
VERSION="22.07"
|
||||||
readonly VERSION
|
readonly VERSION
|
||||||
|
|
||||||
# base functions
|
# base functions
|
||||||
|
@ -610,6 +610,14 @@ check_evobackup() {
|
||||||
evobackup_found=$(find /etc/cron* -name '*evobackup*' | wc -l)
|
evobackup_found=$(find /etc/cron* -name '*evobackup*' | wc -l)
|
||||||
test "$evobackup_found" -gt 0 || failed "IS_EVOBACKUP" "missing evobackup cron"
|
test "$evobackup_found" -gt 0 || failed "IS_EVOBACKUP" "missing evobackup cron"
|
||||||
}
|
}
|
||||||
|
# Vérification de la mise en place de la purge pour fail2ban
|
||||||
|
check_purge_fail2ban() {
|
||||||
|
if is_debian_stretch || is_debian_buster; then
|
||||||
|
if is_installed fail2ban; then
|
||||||
|
test -f /etc/cron.daily/fail2ban_dbpurge || failed "IS_FAIL2BAN_PURGE" "missing script fail2ban_dbpurge cron"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
# Vérification de l'exclusion des montages (NFS) dans les sauvegardes
|
# Vérification de l'exclusion des montages (NFS) dans les sauvegardes
|
||||||
check_evobackup_exclude_mount() {
|
check_evobackup_exclude_mount() {
|
||||||
excludes_file=$(mktemp --tmpdir="${TMPDIR:-/tmp}" "evocheck.evobackup_exclude_mount.XXXXX")
|
excludes_file=$(mktemp --tmpdir="${TMPDIR:-/tmp}" "evocheck.evobackup_exclude_mount.XXXXX")
|
||||||
|
@ -742,7 +750,7 @@ check_backupuptodate() {
|
||||||
backup_dir="/home/backup"
|
backup_dir="/home/backup"
|
||||||
if [ -d "${backup_dir}" ]; then
|
if [ -d "${backup_dir}" ]; then
|
||||||
if [ -n "$(ls -A ${backup_dir})" ]; then
|
if [ -n "$(ls -A ${backup_dir})" ]; then
|
||||||
find "${backup_dir}" -type f -maxdepth 1 | while read -r file; do
|
find "${backup_dir}" -maxdepth 1 -type f | while read -r file; do
|
||||||
limit=$(date +"%s" -d "now - 2 day")
|
limit=$(date +"%s" -d "now - 2 day")
|
||||||
updated_at=$(stat -c "%Y" "$file")
|
updated_at=$(stat -c "%Y" "$file")
|
||||||
|
|
||||||
|
@ -970,7 +978,7 @@ check_mongo_backup() {
|
||||||
# You could change the default path in /etc/evocheck.cf
|
# You could change the default path in /etc/evocheck.cf
|
||||||
MONGO_BACKUP_PATH=${MONGO_BACKUP_PATH:-"/home/backup/mongodump"}
|
MONGO_BACKUP_PATH=${MONGO_BACKUP_PATH:-"/home/backup/mongodump"}
|
||||||
if [ -d "$MONGO_BACKUP_PATH" ]; then
|
if [ -d "$MONGO_BACKUP_PATH" ]; then
|
||||||
for file in "${MONGO_BACKUP_PATH}"/*/*.{json,bson}.*; do
|
for file in "${MONGO_BACKUP_PATH}"/*/*.{json,bson}*; do
|
||||||
# Skip indexes file.
|
# Skip indexes file.
|
||||||
if ! [[ "$file" =~ indexes ]]; then
|
if ! [[ "$file" =~ indexes ]]; then
|
||||||
limit=$(date +"%s" -d "now - 2 day")
|
limit=$(date +"%s" -d "now - 2 day")
|
||||||
|
@ -1227,8 +1235,8 @@ check_sshpermitrootno() {
|
||||||
# -T doesn't require the additional -C.
|
# -T doesn't require the additional -C.
|
||||||
sshd_args=
|
sshd_args=
|
||||||
fi
|
fi
|
||||||
# XXX: We want parameter expension here
|
# shellcheck disable=SC2086
|
||||||
if ! (sshd -T $sshd_args | grep -q 'permitrootlogin no'); then
|
if ! (sshd -T ${sshd_args} | grep -q 'permitrootlogin no'); then
|
||||||
failed "IS_SSHPERMITROOTNO" "PermitRoot should be set to no"
|
failed "IS_SSHPERMITROOTNO" "PermitRoot should be set to no"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
@ -1810,6 +1818,7 @@ while :; do
|
||||||
IS_UPTIME=0
|
IS_UPTIME=0
|
||||||
IS_MELTDOWN_SPECTRE=0
|
IS_MELTDOWN_SPECTRE=0
|
||||||
IS_CHECK_VERSIONS=0
|
IS_CHECK_VERSIONS=0
|
||||||
|
IS_NETWORKING_SERVICE=0
|
||||||
;;
|
;;
|
||||||
-v|--verbose)
|
-v|--verbose)
|
||||||
VERBOSE=1
|
VERBOSE=1
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
# Copyright 2007-2022 Evolix <info@evolix.fr>, Gregory Colpart <reg@evolix.fr>,
|
# Copyright 2007-2022 Evolix <info@evolix.fr>, Gregory Colpart <reg@evolix.fr>,
|
||||||
# Jérémy Lecour <jlecour@evolix.fr> and others.
|
# Jérémy Lecour <jlecour@evolix.fr> and others.
|
||||||
|
|
||||||
VERSION="22.01"
|
VERSION="22.07"
|
||||||
|
|
||||||
show_version() {
|
show_version() {
|
||||||
cat <<END
|
cat <<END
|
||||||
|
@ -47,6 +47,7 @@ Options
|
||||||
--no-evocheck disable evocheck execution
|
--no-evocheck disable evocheck execution
|
||||||
--auto use "auto" mode
|
--auto use "auto" mode
|
||||||
--no-auto use "manual" mode (default)
|
--no-auto use "manual" mode (default)
|
||||||
|
--autosysadmin author change as autosysadmin
|
||||||
-v, --verbose increase verbosity
|
-v, --verbose increase verbosity
|
||||||
-n, --dry-run actions are not executed
|
-n, --dry-run actions are not executed
|
||||||
--help print this message and exit
|
--help print this message and exit
|
||||||
|
@ -97,13 +98,22 @@ get_who() {
|
||||||
}
|
}
|
||||||
|
|
||||||
get_begin_date() {
|
get_begin_date() {
|
||||||
|
# XXX A begin date isn't applicable when used in autosysadmin, so we
|
||||||
|
# use the same date as the end date.
|
||||||
|
if is_autosysadmin; then
|
||||||
|
get_end_date
|
||||||
|
else
|
||||||
printf "%s %s" "$(date "+%Y")" "$(get_who | cut -d" " -f3,4,5)"
|
printf "%s %s" "$(date "+%Y")" "$(get_who | cut -d" " -f3,4,5)"
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
get_ip() {
|
get_ip() {
|
||||||
ip=$(get_who | cut -d" " -f6 | sed -e "s/^(// ; s/)$//")
|
ip=$(get_who | cut -d" " -f6 | sed -e "s/^(// ; s/)$//")
|
||||||
[ -z "${ip}" ] && ip="unknown (no tty)"
|
if is_autosysadmin || [ "${ip}" = ":0" ]; then
|
||||||
[ "${ip}" = ":0" ] && ip="localhost"
|
ip="localhost"
|
||||||
|
elif [ -z "${ip}" ]; then
|
||||||
|
ip="unknown (no tty)"
|
||||||
|
fi
|
||||||
|
|
||||||
echo "${ip}"
|
echo "${ip}"
|
||||||
}
|
}
|
||||||
|
@ -116,6 +126,14 @@ get_now() {
|
||||||
date +"%Y-%m-%dT%H:%M:%S%z"
|
date +"%Y-%m-%dT%H:%M:%S%z"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
get_user() {
|
||||||
|
if is_autosysadmin; then
|
||||||
|
echo autosysadmin
|
||||||
|
else
|
||||||
|
logname
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
get_complete_hostname() {
|
get_complete_hostname() {
|
||||||
REAL_HOSTNAME=$(get_fqdn)
|
REAL_HOSTNAME=$(get_fqdn)
|
||||||
if [ "${HOSTNAME}" = "${REAL_HOSTNAME}" ]; then
|
if [ "${HOSTNAME}" = "${REAL_HOSTNAME}" ]; then
|
||||||
|
@ -174,6 +192,10 @@ print_session_data() {
|
||||||
printf "Message : %s\n" "${MESSAGE}"
|
printf "Message : %s\n" "${MESSAGE}"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
is_autosysadmin() {
|
||||||
|
test "${AUTOSYSADMIN}" -eq 1
|
||||||
|
}
|
||||||
|
|
||||||
is_repository_readonly() {
|
is_repository_readonly() {
|
||||||
if [ "$(get_system)" = "OpenBSD" ]; then
|
if [ "$(get_system)" = "OpenBSD" ]; then
|
||||||
partition=$(stat -f '%Sd' $1)
|
partition=$(stat -f '%Sd' $1)
|
||||||
|
@ -382,6 +404,7 @@ AUTO=${AUTO:-"0"}
|
||||||
EVOCHECK=${EVOCHECK:-"0"}
|
EVOCHECK=${EVOCHECK:-"0"}
|
||||||
GIT_STATUS_MAX_LINES=${GIT_STATUS_MAX_LINES:-20}
|
GIT_STATUS_MAX_LINES=${GIT_STATUS_MAX_LINES:-20}
|
||||||
API_ENDPOINT=${API_ENDPOINT:-""}
|
API_ENDPOINT=${API_ENDPOINT:-""}
|
||||||
|
AUTOSYSADMIN=${AUTOSYSADMIN:-0}
|
||||||
|
|
||||||
# initialize variables
|
# initialize variables
|
||||||
MESSAGE=""
|
MESSAGE=""
|
||||||
|
@ -497,7 +520,7 @@ HOSTNAME_TEXT=$(get_complete_hostname)
|
||||||
IP=$(get_ip)
|
IP=$(get_ip)
|
||||||
BEGIN_DATE=$(get_begin_date)
|
BEGIN_DATE=$(get_begin_date)
|
||||||
END_DATE=$(get_end_date)
|
END_DATE=$(get_end_date)
|
||||||
USER=$(logname)
|
USER=$(get_user)
|
||||||
|
|
||||||
PATH=${PATH}:/usr/sbin
|
PATH=${PATH}:/usr/sbin
|
||||||
|
|
||||||
|
@ -536,6 +559,11 @@ EVOCHECK_BIN="/usr/share/scripts/evocheck.sh"
|
||||||
|
|
||||||
GIT_REPOSITORIES="/etc /etc/bind /usr/share/scripts"
|
GIT_REPOSITORIES="/etc /etc/bind /usr/share/scripts"
|
||||||
|
|
||||||
|
# Add /etc directories from lxc containers if they are git directories
|
||||||
|
if [ -d /var/lib/lxc ]; then
|
||||||
|
GIT_REPOSITORIES="${GIT_REPOSITORIES} $(find /var/lib/lxc/ -maxdepth 3 -name 'etc' | tr '\n' ' ' | sed 's/[[:space:]]\+$//')"
|
||||||
|
fi
|
||||||
|
|
||||||
# initialize variable
|
# initialize variable
|
||||||
GIT_STATUSES=""
|
GIT_STATUSES=""
|
||||||
# git statuses
|
# git statuses
|
||||||
|
|
19
fail2ban/tasks/fix-dbpurgeage.yml
Normal file
19
fail2ban/tasks/fix-dbpurgeage.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
- name: Sqlite needed
|
||||||
|
ansible.builtin.apt:
|
||||||
|
name:
|
||||||
|
- sqlite3
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Register bantime from default config from package
|
||||||
|
shell: "grep -R -E 'dbpurgeage[[:blank:]]*=[[:blank:]]*[0-9]+' /etc/fail2ban/fail2ban.conf |awk '{print $3}'|head -n1"
|
||||||
|
register: default_dbpurgeage
|
||||||
|
changed_when: false
|
||||||
|
check_mode: false
|
||||||
|
|
||||||
|
- name: Add crontab
|
||||||
|
template:
|
||||||
|
src: fail2ban_dbpurge.j2
|
||||||
|
dest: /etc/cron.daily/fail2ban_dbpurge
|
||||||
|
mode: 0700
|
||||||
|
owner: root
|
||||||
|
group: root
|
|
@ -104,3 +104,10 @@
|
||||||
notify: restart fail2ban
|
notify: restart fail2ban
|
||||||
when:
|
when:
|
||||||
- fail2ban_recidive
|
- fail2ban_recidive
|
||||||
|
|
||||||
|
- name: Fix dbpurgeage for stretch and buster
|
||||||
|
include: fix-dbpurgeage.yml
|
||||||
|
when:
|
||||||
|
- ansible_distribution_release == "stretch" or ansible_distribution_release == "buster"
|
||||||
|
tags:
|
||||||
|
- fail2ban
|
||||||
|
|
3
fail2ban/templates/fail2ban_dbpurge.j2
Normal file
3
fail2ban/templates/fail2ban_dbpurge.j2
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
#!/bin/sh
|
||||||
|
# Juin 2022 : #64088
|
||||||
|
/usr/bin/sqlite3 /var/lib/fail2ban/fail2ban.sqlite3 "DELETE FROM bans WHERE date('now', '-{{ fail2ban_recidive_bantime | default(default_dbpurgeage.stdout) }}') > datetime(timeofban, 'unixepoch'); VACUUM;"
|
|
@ -1,4 +1,6 @@
|
||||||
---
|
---
|
||||||
- hosts: test-kitchen
|
- hosts: all
|
||||||
|
become: yes
|
||||||
|
# gather_facts: no
|
||||||
roles:
|
roles:
|
||||||
- role: fail2ban
|
- role: fail2ban
|
||||||
|
|
|
@ -488,8 +488,8 @@ EOT
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Dovecot
|
# Dovecot
|
||||||
if is_pkg_installed dovecot-common; then
|
if is_pkg_installed dovecot-core; then
|
||||||
dovecot_version=$(get_pkg_version dovecot-common)
|
dovecot_version=$(get_pkg_version dovecot-core)
|
||||||
fi
|
fi
|
||||||
if [ -n "${dovecot_version}" ]; then
|
if [ -n "${dovecot_version}" ]; then
|
||||||
cat <<EOT >> "${ldif_file}"
|
cat <<EOT >> "${ldif_file}"
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
msg: Not compatible with Debian 11 (Bullseye)
|
msg: Not compatible with Debian 11 (Bullseye)
|
||||||
when:
|
when:
|
||||||
- ansible_distribution_release == "bullseye"
|
- ansible_distribution_release == "bullseye"
|
||||||
- mongodb_version is version_compare('5.0', '<=')
|
- mongodb_version is version('5.0', '<=')
|
||||||
|
|
||||||
|
|
||||||
- name: MongoDB embedded GPG key is absent
|
- name: MongoDB embedded GPG key is absent
|
||||||
|
|
|
@ -9,7 +9,7 @@ allowed_hosts={{ nagios_nrpe_allowed_hosts | join(',') }}
|
||||||
# System checks
|
# System checks
|
||||||
command[check_load]=/usr/lib/nagios/plugins/check_load --percpu --warning=0.7,0.6,0.5 --critical=0.9,0.8,0.7
|
command[check_load]=/usr/lib/nagios/plugins/check_load --percpu --warning=0.7,0.6,0.5 --critical=0.9,0.8,0.7
|
||||||
command[check_swap]=/usr/lib/nagios/plugins/check_swap -a -w 30% -c 20%
|
command[check_swap]=/usr/lib/nagios/plugins/check_swap -a -w 30% -c 20%
|
||||||
command[check_disk1]=/usr/lib/nagios/plugins/check_disk -x /lib/init/rw -x /dev -x /dev/shm -x /sys/kernel/debug/tracing -w 10% -c 3% -W 10% -K 3% -C -w 5% -c 2% -W 5% -K 2% -p /home
|
command[check_disk1]=/usr/lib/nagios/plugins/check_disk -e -w 10% -c 3% -W 10% -K 3% -C -w 5% -c 2% -W 5% -K 2% -p /home -x /lib/init/rw -x /dev -x /dev/shm -x /run -I '^/run/' -I '^/sys/'
|
||||||
command[check_zombie_procs]=sudo /usr/lib/nagios/plugins/check_procs -w 5 -c 10 -s Z
|
command[check_zombie_procs]=sudo /usr/lib/nagios/plugins/check_procs -w 5 -c 10 -s Z
|
||||||
command[check_total_procs]=sudo /usr/lib/nagios/plugins/check_procs -w 400 -c 600
|
command[check_total_procs]=sudo /usr/lib/nagios/plugins/check_procs -w 400 -c 600
|
||||||
command[check_users]=/usr/lib/nagios/plugins/check_users -w 5 -c 10
|
command[check_users]=/usr/lib/nagios/plugins/check_users -w 5 -c 10
|
||||||
|
|
|
@ -5,7 +5,6 @@ HOMEPREFIX="/home"
|
||||||
|
|
||||||
rotate () {
|
rotate () {
|
||||||
mv $1 $1.$DATE
|
mv $1 $1.$DATE
|
||||||
gzip $1.$DATE
|
|
||||||
touch $1
|
touch $1
|
||||||
chown $2 $1
|
chown $2 $1
|
||||||
chmod g+r $1
|
chmod g+r $1
|
||||||
|
@ -36,5 +35,21 @@ fi;
|
||||||
|
|
||||||
test -x /usr/sbin/nginx && invoke-rc.d nginx rotate >/dev/null 2>&1
|
test -x /usr/sbin/nginx && invoke-rc.d nginx rotate >/dev/null 2>&1
|
||||||
|
|
||||||
|
# Zipping is done after web server reload, so that the file descriptor is released.
|
||||||
|
# Else, an error is raised (gzip file size changed while zipping)
|
||||||
|
# and logs written during the zipping process might be lost.
|
||||||
|
|
||||||
|
for log in access.log access-*.log error.log; do
|
||||||
|
for i in `ls -1 -d $HOMEPREFIX/*/log/$log 2>/dev/null | grep -v \.bak\.`; do
|
||||||
|
gzip $i
|
||||||
|
done
|
||||||
|
done
|
||||||
|
|
||||||
|
for log in production.log delayed_job.log development.log test.log; do
|
||||||
|
for i in `ls -1 -d $HOMEPREFIX/*/www/{,current/}log/$log 2>/dev/null | grep -v \.bak\.`; do
|
||||||
|
gzip $i
|
||||||
|
done
|
||||||
|
done
|
||||||
|
|
||||||
# we want exit 0
|
# we want exit 0
|
||||||
true
|
true
|
||||||
|
|
16
packweb-apache/tasks/update_userlogrotate.yml
Normal file
16
packweb-apache/tasks/update_userlogrotate.yml
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: "Cherche l'emplacement de userlogrotate"
|
||||||
|
ansible.builtin.find:
|
||||||
|
path: /etc
|
||||||
|
patterns: userlogrotate
|
||||||
|
register: find_logrotate
|
||||||
|
|
||||||
|
- name: "Met-à-jour userlogrotate"
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: userlogrotate
|
||||||
|
dest: "{{ item }}"
|
||||||
|
mode: "0755"
|
||||||
|
loop: "{{ find_logrotate.files }}"
|
||||||
|
when: find_logrotate.files | length>0
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
Package: php* libapache2-mod-php* libpcre2* libzip4*
|
Package: php* libapache2-mod-php* libpcre2* libzip4* libgd*
|
||||||
Pin: origin packages.sury.org
|
Pin: origin packages.sury.org
|
||||||
Pin-Priority: 999
|
Pin-Priority: 999
|
||||||
|
|
||||||
|
|
|
@ -40,3 +40,4 @@
|
||||||
- php-ssh2
|
- php-ssh2
|
||||||
- composer
|
- composer
|
||||||
- libphp-phpmailer
|
- libphp-phpmailer
|
||||||
|
when: ansible_distribution_release != "bullseye"
|
||||||
|
|
|
@ -412,8 +412,8 @@ smtpd_sasl_path = private/auth-client
|
||||||
|
|
||||||
# Amavis and OpenDKIM
|
# Amavis and OpenDKIM
|
||||||
content_filter = smtp-amavis:[127.0.0.1]:10024
|
content_filter = smtp-amavis:[127.0.0.1]:10024
|
||||||
smtpd_milters = inet:[127.0.0.1]:54321
|
smtpd_milters = inet:[127.0.0.1]:8891
|
||||||
non_smtpd_milters = inet:[127.0.0.1]:54321
|
non_smtpd_milters = inet:[127.0.0.1]:8891
|
||||||
|
|
||||||
{% if postfix_slow_transport_include == True %}
|
{% if postfix_slow_transport_include == True %}
|
||||||
# Slow transports configuration
|
# Slow transports configuration
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
|
- name: Remount /usr RW
|
||||||
|
include_role:
|
||||||
|
name: evolix/remount-usr
|
||||||
|
|
||||||
- name: Install evoadmin-mail package
|
- name: Install evoadmin-mail package
|
||||||
apt:
|
apt:
|
||||||
deb: /tmp/evoadmin-mail.deb
|
deb: /tmp/evoadmin-mail.deb
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
ServerName {{ roundcube_host }}
|
ServerName {{ roundcube_host }}
|
||||||
|
|
||||||
# Repertoire principal
|
# Repertoire principal
|
||||||
DocumentRoot /var/lib/roundcube/
|
DocumentRoot /var/lib/roundcube/public_html
|
||||||
|
|
||||||
# Return 503 if imapproxy doesn't run
|
# Return 503 if imapproxy doesn't run
|
||||||
<If "! -f '/run/imapproxy.pid'">
|
<If "! -f '/run/imapproxy.pid'">
|
||||||
|
|
|
@ -10,7 +10,7 @@ server {
|
||||||
access_log /var/log/nginx/.{{ roundcube_host }}.access.log;
|
access_log /var/log/nginx/.{{ roundcube_host }}.access.log;
|
||||||
error_log /var/log/nginx/.{{ roundcube_host }}.error.log;
|
error_log /var/log/nginx/.{{ roundcube_host }}.error.log;
|
||||||
|
|
||||||
root /var/lib/roundcube/;
|
root /var/lib/roundcube/public_html;
|
||||||
index index.php;
|
index index.php;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
|
|
Loading…
Reference in a new issue