32 Releases 56 Tags

• 22.07 f8cb5d9496

  Compare

  Release 22.07 Stable

  jlecour released this 2022-07-06 18:04:01 +02:00 | 697 commits to stable since this release

  Added

  • evolinux-base: session timeout is configurable (default: 36000 seconds = 10 hours)
  • haproxy: add haproxy_allow_ip_nonlocal_bind to set sysctl value (optional)
  • kvm-host: fix depreciation of "drbd-overview" by "drbdadm status" in add-vm.sh
  • openvpn: configure logrotate

  Changed

  • openvpn: minimal rights on /etc/shellpki/ and crl.pem

  Fixed

  • evolinux-base: Update PermitRootLogin task to work on Debian 11
  • evolinux-user: Update PermitRootLogin task to work on Debian 11
  • minifirewall: docker mode is configurable

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• 22.06.3 5581801cc9

  Compare

  Release 22.06.3 Stable

  jlecour released this 2022-06-17 11:02:38 +02:00 | 712 commits to stable since this release

  Changed

  • evolinux-base: blacklist and do not install megaclisas-status package on incompatible servers

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• 22.06.2 e3715ca2d6

  Compare

  Release 22.06.2 Stable

  jlecour released this 2022-06-10 11:14:38 +02:00 | 719 commits to stable since this release

  Added

  • postgresql: add variable to configure binding addresses (default: 127.0.0.1)

  Changed

  • evocheck: upstream release 22.06.2
  • fail2ban: Give the possibility to override jail.local (with fail2ban_override_jaillocal)
  • fail2ban: If jail.local was overriden, add a warning
  • fail2ban: Allow to tune some jail settings (maxretry, bantime, findtime) with ansible
  • fail2ban: Allow to tune the default action with ansible
  • fail2ban: Change default action to ban only (instead of ban + mail with whois report)
  • fail2ban: Configure recidive jail (off by default) + extend dbpurgeage
  • redis: binding is possible on multiple interfaces (breaking change)

  Fixed

  • Enforce String notation for mode
  • postgresql: fix nested loop for Munin plugins
  • postgresql: Fix task order when using pgdg repo
  • postgresql: Install the right pg version

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• 22.06.1 78ef69bb6e

  Compare

  Release 22.06.1 Stable

  jlecour released this 2022-06-06 15:08:44 +02:00 | 730 commits to stable since this release

  Changed

  • evocheck: upstream release 22.06.1
  • minifirewall: upstream release 22.06
  • mysql: evomariabackup release 22.06.1
  • mysql: reorganize evomariabackup to use mtree instead of our own dir-check

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• 22.06 24f34b200c

  Compare

  Release 22.06 Stable

  jlecour released this 2022-06-03 09:27:57 +02:00 | 745 commits to stable since this release

  Added

  • certbot: add hapee (HAProxy Enterprise Edition) deploy hook
  • evolinux-base: add dir-check script
  • evolinux-base: add update-evobackup-canary script
  • mysql: add post-backup-hook to evomariabackup
  • mysql: use dir-check inside evomariabackup

  Changed

  • docker: Allow "live-restore" to be toggled with docker_conf_live_restore
  • evocheck: upstream release 22.06
  • mysql: add "set crypt_use_gpgme=no" Mutt option, for mysqltuner

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• 22.05.1 40546d077a

  Compare

  Release 22.05.1 Stable

  jlecour released this 2022-05-12 15:50:34 +02:00 | 770 commits to stable since this release

  Added

  • docker : Introduce new default settings + allow to change the docker data directory
  • docker : Introduce new variables to tweak daemon settings

  Changed

  • evocheck: upstream release 22.05

  Removed

  • docker : Removed Debian Jessie support

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• 22.05 c273117c5f

  Compare

  Release 22.05 Stable

  jlecour released this 2022-05-10 17:01:55 +02:00 | 778 commits to stable since this release

  Added

  • etc-git: use "ansible-commit" to efficiently commit all available repositories (including /etc inside LXC) from Ansible
  • minifirewall: compatibility with "legacy" version of minifirewall
  • minifirewall: configure proxy/backup/sysctl values
  • munin: Add possibility to install local plugins, and install dhcp_pool plugin
  • nagios-nrpe: Add a check dhcp_pool
  • redis: Activate overcommit sysctl
  • redis: Add log2mail user to redis group

  Changed

  • dump-server-state: upstream release 22.04.3
  • evocheck: upstream release 22.04.1
  • evolinux-base: Add non-free repos & install non-free firmware on dedicated hardware
  • evolinux-base: rename backup-server-state to dump-server-state
  • generate-ldif: Add services check for bkctld
  • minifirewall: restore "force-restart" and fix "restart-if-needed"
  • minifirewall: tail template follows symlinks
  • minifirewall: upstream release 22.05
  • opendkim : add generate opendkim-genkey in sha256 and key 4096
  • openvpn: use a local copy of files instead of cloning an external git repository
  • openvpn: use a subnet topology instead of the net30 default topology
  • tomcat: Tomcat 9 by default with Debian 11
  • vrrpd: Store sysctl values in specific file

  Fixed

  • etc-git : Remount /usr in rw for git gc in in /usr/share/scripts/
  • etc-git: Make evocommit fully compatible with OpenBSD
  • generate-ldif: Correct generated entries for php-fpm in containers
  • keepalived: repair broken role
  • minifirewall: fix failed_when condition on restart
  • postfix: Do not send mails through milters a second time after amavis (in packmail)
  • redis: Remount /usr with RW before adding nagios plugin

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• 22.03 d7d58bf158

  Compare

  Release 22.03 Stable

  jlecour released this 2022-03-02 09:50:24 +01:00 | 862 commits to stable since this release

  Added

  • apt: apt_hold_packages: broadcast message with wall, if present
  • evolinux-base: option to bypass raid-related tasks
  • Explicit permissions for systemd overrides
  • generate-ldif: Add support for php-fpm in containers
  • kvm-host: add missing default value
  • lxc-php: preliminary support for PHP 8.1 container
  • openvpn: now check that openvpn has been restarted since last certificates renewal
  • redis: always install check_redis_instances
  • redis: check_redis_instances tolerates absence of instances

  Changed

  • elasticsearch: Use /etc/elasticsearch/jvm.options.d/evolinux instead of default /etc/elasticsearch/jvm.options
  • evolinux-users: check permissions for /etc/sudoers.d
  • evolinux-users: optimize sudo configuration
  • lxc: Fail if /var is nosuid
  • openvpn: make it compatible with OpenBSD and add some improvements

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• 22.01.3 25563ee0f0

  Compare

  Release 22.01.3 Stable

  jlecour released this 2022-01-31 11:58:46 +01:00 | 886 commits to stable since this release

  Changed

  • rbenv: install Ruby 3.1.0 by default
  • evolinux-base: backup-server-state: add "force" mode

  Fixed

  • evolinux-base: backup-server-state: fix systemctl invocation

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• 22.01.2 359719d0d0

  Compare

  Release 22.01.2 Stable

  jlecour released this 2022-01-27 14:15:00 +01:00 | 893 commits to stable since this release

  Changed

  • evolinux-base: many improvements for backup-server-state script
  • remount-usr: use findmnt to find if usr is a readonly partition

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)