Ansible roles by Evolix

You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Go to file

Jérémy Lecour 21ab9b1e68 gitea/ansible-roles/pipeline/head This commit looks good Details Revert `ce5e4b12c6`		3 months ago
amavis	replace "with_items" in apt modules	3 years ago
amazon-ec2	Use 'loop' syntax instead of 'with_items'	2 years ago
apache	Revert `ce5e4b12c6`	3 months ago
apt	Use bullseye suite even for bookworm	4 months ago
bind	Update Galaxy metadata (company, platforms and galaxy_tags)	2 years ago
bookworm-detect/tasks	bookworm-detect: transitional role to help dealing with unreleased bookworm version	5 months ago
bullseye-detect/tasks	Revert "bullseye-detect: this role is obsolete, Debian 11 has been fully released"	2 years ago
certbot	certbot: auto-detect HAPEE version in renewal hook	4 months ago
clamav	loop syntax and whitespaces	2 years ago
dhcpd	Update Galaxy metadata (company, platforms and galaxy_tags)	2 years ago
docker-host	Drop unsigned repository when adding a signed one	4 months ago
dovecot	Add Out of memory log2mail alert to dovecot role	1 year ago
drbd	Update Galaxy metadata (company, platforms and galaxy_tags)	2 years ago
elasticsearch	Drop unsigned repository when adding a signed one	4 months ago
etc-git	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
evoacme	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
evobackup-client	Enforce String notation for mode	10 months ago
evocheck	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
evolinux-base	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
evolinux-todo	evolinux-todo: execute tasks only for Debian distribution (because this task is a dependency for others roles used on different distributions)	5 months ago
evolinux-users	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
evomaintenance	evomaintenance: allow missing API endpoint if APi is disabled	4 months ago
fail2ban	on enlève bc	3 months ago
filebeat	Drop unsigned repository when adding a signed one	4 months ago
fluentd	Drop unsigned repository when adding a signed one	4 months ago
generate-ldif	[generate-ldif] Make MariaDB version detection more generic.	7 months ago
haproxy	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
java	java: use default JRE when version is not specified	6 months ago
jenkins	Drop unsigned repository when adding a signed one	4 months ago
keepalived	keepalived: change exit code (warning if runnin but not on expected state ; critical if not running)	4 months ago
kibana	Drop unsigned repository when adding a signed one	4 months ago
kvm-host	Fix depreciation of drbd-overview by drbdadm status	9 months ago
ldap	We want LDAP listen on ldapi:/// by default	2 years ago
listupgrade	listupgrade: sort/uniq of packages/services lists in email template	3 months ago
logstash	Drop unsigned repository when adding a signed one	4 months ago
lxc	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
lxc-php	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
lxc-solr	lxc-solr: use default JRE package	6 months ago
memcached	memcached: multi instance check requires bash instead of sh	7 months ago
meta	Add meta/main.yml file for ansible galaxy cloning	5 years ago
metricbeat	Drop unsigned repository when adding a signed one	4 months ago
minifirewall	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
mongodb	Drop unsigned repository when adding a signed one	4 months ago
monit	Update Galaxy metadata (company, platforms and galaxy_tags)	2 years ago
munin	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
mysql	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
mysql-oracle	add set crypt_use_gpgme=no Mutt option	10 months ago
nagios-nrpe	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
nameserver	Use 'loop' syntax instead of 'with_items'	2 years ago
networkd-to-ifconfig	Update Galaxy metadata (company, platforms and galaxy_tags)	2 years ago
newrelic	Drop unsigned repository when adding a signed one	4 months ago
nginx	nginx: Start server once.	9 months ago
nodejs	Drop unsigned repository when adding a signed one	4 months ago
ntpd	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
opendkim	Ajout opendkim-genkey en sha256 et taille clé 4096	11 months ago
openvpn	openvpn: Fix mode of shellpki script	3 months ago
packweb-apache	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
percona	Use proper keyrings directory for APT version	5 months ago
php	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
postfix	Homogénéisation du port OpenDKIM par défaut du rôle postfix avec celui du rôle OpenDKIM	8 months ago
postgresql	Drop unsigned repository when adding a signed one	4 months ago
proftpd	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
rabbitmq	rabbitmq: add link in default page	3 months ago
rbenv	rbenv: install Ruby 3.1.0 by default	1 year ago
redis	redis: variable to disable transparent hugepage (default: do nothing)	5 months ago
redmine	Install python 2 or 3 libraries according to running python version	1 year ago
remount-usr	remount-usr: use findmnt to find if usr is a readonly partition	1 year ago
spamassasin	remove whitespace for stream redirection	2 years ago
squid	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
ssl	remove whitespace for stream redirection	2 years ago
supervisord	Improve Ansible syntax	2 years ago
tomcat	Tomcat 9 by default with Debian 11	12 months ago
tomcat-instance	Update Galaxy metadata (company, platforms and galaxy_tags)	2 years ago
unbound	whitespaces	4 years ago
varnish	varnish: fix missing state, that blocked the task	4 months ago
vrrpd	vrrpd: Small fix to work in check mode	3 months ago
webapps	Revert "Add “when: not ansible_check_mode” to allow more --check"	3 months ago
.Jenkinsfile	Revert "CI: Handle [ci skip] keyword"	8 months ago
.gitignore	git ignore .swp files	3 years ago
CHANGELOG.md	typos	3 months ago
Dockerfile	Change Dockerfile Workdir to /data	4 years ago
LICENSE	Add the GPLv2 licence	6 years ago
README.md	Mention the CHANGELOG in the README	2 years ago
evolix	Revert "Suppression lien symbolique boucle récursive (créé par Victor en mars 2018)"	10 months ago
java8	java: support for Oracle JRE	5 years ago

README.md

Ansible-roles

A repository for Ansible roles used by Evolix on Debian GNU/Linux 9 (stretch) servers. Few roles are also be compatible with Debian GNU/Linux 8 (jessie) servers.

It contains only roles, everything else is available at https://gitea.evolix.org/evolix/ansible-public

Branches

The stable branch contains roles that we consider ready for production.

The unstable branch contains not sufficiently tested roles (or evolutions on existing roles) that we don't consider ready for production yet.

Many feature branches may exist in the repository. They represent "work in progress". They may be used, for testing purposes.

Install and usage

First, check-out the repository :

$ cd ~/GIT/
$ git clone https://gitea.evolix.org/evolix/ansible-roles

Then, add its path to your ansible load path :

$ vim ~/.ansible.cfg
[defaults]
roles_path = $HOME/GIT/ansible-roles

Then, include roles in your playbooks :

- hosts: all
  gather_facts: yes
  become: yes
  roles:
    - etc-git
    - evolinux-base

Contributing

Contributions are welcome, especially bug fixes and "ansible good practices". They will be merged in if they are consistent with our conventions and use cases. They might be rejected if they introduce complexity, cover features we don't need or don't fit "style".

Before starting anything of importance, we suggest contacting us to discuss what you'd like to add or change.

Our conventions are available in the "ansible-public":https://gitea.evolix.org/evolix/ansible-public repository, in the CONVENTIONS.md file.

All modifications should be documented in the CHANGELOG file, to help review releases. We encourage atomic commits, on a single role, and with the CHANGELOG in the same commit.

Workflow

The ideal and most typical workflow is to create a branch, based on the "unstable" branch. The branch should have a descriptive name (a ticket/issue number is great). The branch can be treated as a pull-request or merge-request. It should be propery tested and reviewed before merging into "unstable".

Changes that don't introduce significant changes — or that must go faster that the typical workflow — can be commited directly into "unstable".

Hotfixes, can be prepared on a new branch, based on "stable" or "unstable" (to be decided by the author). When ready, it can be merged back to "stable" for immediate deployment and to "unstable" for proper backporting.

Other workflow are not forbidden, but should be discussed in advance.