evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 18 Releases 32 Wiki Activity

32 Releases 56 Tags

RSS Feed
  • 23.10 198f3fab0a

    Release 23.10 Stable

    jlecour released this 2023-10-14 07:55:17 +02:00 | 177 commits to stable since this release

    Added

    • apt: disable NonFreeFirmware warning for VM on Debian 12+
    • apt: explicit signed-by directives for official sources
    • bind: add reload-zone helper
    • certbot: deploy-hook for proftpd
    • docker-host: added var for user namespace setting
    • dovecot: add Munin plugins dovecot1 and dovecot_stats (patched)
    • dovecot: fix old_stats plugin for Dovecot 2.3
    • evocheck: add support for Debian >= 12 split SSH configuration
    • evolinux-base: add split SSH configuration for Debian >= 12
    • evolinux-base: configure .bashrc for all users
    • evolinux-base: New variable evolinux_system_include_ntpd to chose wether or not to include ntpd role
    • evolinux-base: reboot the server if the Cloud kernel has been installed
    • evolinux-users: add split SSH configuration for Debian >= 12
    • evolinux: install HPE Agentless Management Service (amsd)
    • fail2ban: add default variable fail2ban_dbpurgeage_default
    • fail2ban: add fail2ban_sshd_port variable to configure sshd port
    • kvm-host: release 23.10 for migrate-vm.sh
    • metricbeat/logstash: fix Ansible syntax
    • mysql: new munin graph to follow binlog_days over time
    • nagios-nrpe: add a NRPE check-local command with completion.
    • nagios-nrpe: add a proper monitoring plugin for GlusterFS (on servers, not for clients)
    • php: add new variable to disable overriding settings of php-fpm default pool (www)
    • policy_pam: New role to manage password policy with pam_pwquality & pam_pwhistory
    • userlogrotate: add a userlogpurge script disabled by default
    • userlogrotate: new version, with separate conf file
    • userlogrotate: rotate also php.log
    • java: allow version 17
    • timesyncd: new role, used instead of ntpd by default starting with Debian 12

    Changed

    • all: change syntax "become: [yes,no]" → "become: [true,false]"
    • all: change syntax "force: [yes,no]" → "force: [true,false]"
    • elasticsearch: improve networking configuration
    • evolinux-base: include files under sshd_config.d
    • evolinux-users: remove Stretch references in tasks that also apply to next Debian versions
    • evomaintenance: upstream release 23.10.1
    • lxc-php: change LXC container in bookworm for php82
    • minifirewall: update nrpe script to check active configuration
    • minifirewall: upstream release 23.07
    • mysql: improve shell syntax for mysql_skip script
    • nagios-nrpe: set default check_load --per-cpu for BSD
    • pgbouncer: minor fixes
    • postfix (packmail or when postfix_slow_transport_include is True): change miniprofmal_backoff_time from 2h to 15m (see HowtoPostfix)
    • postfix (packmail) : optimize Amavis integration
    • postfix: disable sending mails via IPv6
    • postfix: new spam.sh update script that avoids reloading if files did not change.
    • postgresql: fix file postgresql.pref.j2 for exclude package
    • postgresql: fix task update apt cache for PGDG repo
    • redis: standardize plugins path from /usr/local/share/munin/ to /usr/local/lib/munin/plugins/
    • varnish: allow the systemd template to be overridden with a template outside of the role
    • lxc: purge openssh-server from container on install

    Fixed

    • elasticsearch: comment the Xlog:gc line instead of changing it completely
    • evocheck: fix IS_SSHALLOWUSERS condition
    • evolinux-base, evolinux-users: Fix files mode under /etc/ssh/sshd_config.d
    • evolinux-base: fix file extension
    • fail2ban: fix cron fail2ban_dbpurge (should be bash instead of sh)
    • lxc-php: fix APT keyring path inside containers
    • nagios-nrpe: check_ssl_local now has an output that nrpe can understand when it isn't OK
    • nagios-nrpe: remount /usr after installing the packages
    • nagios-nrpe: sync Redis check from redis roles
    • nginx: set default server directive in default vhost
    • opendkim: update apt cache before install
    • packweb-apache,nagios-nrpe: add missing task and config for PHP 8.2 container
    • postfix: add missing localhost.$mydomain to mydestination
    • redis: replace erroneous ini_file module for Munin config, fix dedicated Munin config filename (z-XXX).
    • evolinux-base: use lineinfile instead of replace under root task
    • evolinux-base: Corriger autorisation pour evolinux_user
    • docker-host: Retirer directive state en trop
    • rbenv: Installer libyaml-dev

    Removed

    • dovecot: remove Munin plugin dovecot (not working)
    Downloads