• 23.03 8e4e77cb8b

    Release 23.03 Stable

    jlecour released this 2023-03-16 15:00:03 +01:00 | 479 commits to stable since this release

    Added

    • apache: add task to enable mailgraph on default vhost and index.html
    • apt: add move-apt-keyrings script/tasks
    • apt: add tools to migrate sources to deb822 format
    • fail2ban: add "Internal login failure" to Dovecot filter
    • lxc: copy /etc/profile.d/evolinux.sh from host into container
    • nagios-nrpe: add tasks/files for a wrapper
    • nagios-nrpe: Print pool config path in check_phpfpm_multi output
    • php: add php_version variable when sury is activated for each Debian version
    • php: add a way to choose which version to install using sury repository
    • postfix: Add task to enable mailgraph on packmail
    • postgresql: configure max_connections
    • userlogrotate: create dedicated role, separated from packweb-apache
    • varnish: add varnish_update_config variable to disable configuration update

    Changed

    • Use systemd module instead of command
    • Removed all warn: False args in command, shell and other modules as it's been deprecated and will give a hard fail in ansible-core 2.14.0.
    • apt: Use pub.evolix.org instead of pub.evolix.net
    • bind: refactor role
    • elasticsearch: Disable garabge collector logging (JDK >= 9)
    • evolinux-users: Update sudoers template to remove commands allowed without password
    • listupgrade: upstream release 23.03.3
    • kvmstats: use virsh domstats | awk to get guests informations
    • nagios-nrpe : Rewrite check_vrrpd for a better check (check rp_filter, vrrpd and uvrrpd compatible, use arguments, …)
    • openvpn: Change check_openvpn destination file to comply with recent EvoBSD change
    • postfix: come back to default value of notify_classes for pack mails.
    • userlogrotate: set rotate date format in right order (YYYY-MM-DD)!
    • webapps/nextcloud : Change default data directory to be outside web root
    • webapps/nextcloud : Small enhancement on the vhost template to lock out data dir
    • yarn: update apt key

    Fixed

    • Proper jinja spacing
    • clamav: set MaxConnectionQueueLength to its default value (200), custom (15) was way too small and caused recurring failures in Postfix.
    • docker-host: fix type in daemon.json and remove host configuration that is already in the systemd service by default
    • evolinux-base: ensure dbus is started and enabled (not by default in the case of an offline netinst)
    • haproxy: fix missing admin ACL in stats module access permissions
    • openvpn: fix the client cipher configuration to match the server cipher configuration
    • php: fix error introduced in #33503e4538 (False evaluated as a String instead of Boolean)
    • php: install using Sury repositories on Bullseye
    • postfix (packmail only): disable concurrency_failed_cohort_limit for destination smtp-amavis to prevent the suspension of this destination when Amavis fails to answer. Indeed, we configure the suspension delay quite long in minimal_backoff_time (2h) and maximal_backoff_time (6h) to reduce the risk of ban from external SMTPs.
    • postfix: avoid Amavis transport to be considered dead when restarted.
    • postfix: remove unused aliases_scope=sub from virtual_aliases.cf (it generated warnings)
    • userlogrotate: fix bug introduced in commit 2e54944a24 (rotated files were not zipped)
    • userlogrotate: skip zipping if .gz log already exists (prevents interactive question)

    Removed

    • evolinux-base: subversion is not installed anymore
    Downloads