Ansible roles by Evolix
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 
Jérémy Lecour c53403570a Merge branch 'unstable' into stable 4 years ago
amavis postfix: always include amavis and opendkim config when packmail 4 years ago
amazon-ec2 whitespaces 4 years ago
apache Apache: Don't turn on modsec if it's available on default vhost 4 years ago
apt add name for some fail modules 4 years ago
bind bind: keep 52 weeks of logs 4 years ago
clamav whitespaces 4 years ago
dhcpd Rename dhcp to dhcpd 4 years ago
docker-host Clean override of docker systemd unit 4 years ago
dovecot dovecot: login_max_processes_count is obsolete 4 years ago
drbd Move /usr rw remount into remount-usr role 4 years ago
elasticsearch add "become" when missing 4 years ago
etc-git etc-git: add tags for Ansible 4 years ago
evoacme Merge branch 'unstable' into stable 4 years ago
evocheck evocheck: add tags 4 years ago
evolinux-base Use "command" instead of "shell" where possible 4 years ago
evolinux-users evolinux-users: add check_minifirewall in sudoers commands 4 years ago
evomaintenance evomaintenance: explicit quotes 4 years ago
fail2ban fail2ban: fix horrible typo, Python is not Ruby 4 years ago
filebeat elastic: option for stack main version 4 years ago
generate-ldif generate-ldif: add clamd service instead of clamav_db 4 years ago
haproxy haproxy: fix Munin plugin dependencies 4 years ago
java8 java8: we only need the headless variant 4 years ago
jenkins jenkins: remember squid whitelist 4 years ago
kibana whitespaces 4 years ago
kvm-host Move /usr rw remount into remount-usr role 4 years ago
ldap ldap|nagios-nrpe: use external file for NRPE credentials 4 years ago
listupgrade listupgrade: Add service restart notification for squid 4 years ago
logstash logstash: fix permissions on pipeline configuration 4 years ago
lxc Fix multiple bugs in lxc role after testing 4 years ago
memcached memcached: add Nagios check for memcached (evoqa #3498) 4 years ago
meta Add meta/main.yml file for ansible galaxy cloning 4 years ago
minifirewall minifirewall: nrpe/sudo config only if possible 4 years ago
mongodb mongodb: rename logrotate script 4 years ago
monit minor fix: true -> True 4 years ago
munin Ensure munin plugins for Postfix are enabled 4 years ago
mysql mysql/mysql-oracle: mysqltuner cron task is executable 4 years ago
mysql-oracle mysql/mysql-oracle: mysqltuner cron task is executable 4 years ago
nagios-nrpe nagios-nrpe: add check_minifirewall by default 4 years ago
nameserver Add nameserver role 4 years ago
newrelic Remove dynamic add of whitelist Squid proxy 4 years ago
nginx nginx: don't debug variables in verbosity 0 4 years ago
nodejs nodejs: extract yarn tasks in a file 4 years ago
ntpd Fix #2345 : apply fix for v4 *and* v6 for syntax bug in conf file 4 years ago
opendkim whitespaces 4 years ago
packweb-apache packweb-apache can use MySQL from Oracle. 4 years ago
php php: fix condition statement position 4 years ago
postfix Patch dovecot deliver to handle + sign in address. 4 years ago
postgresql postgresql: use ".j2" extension for jinja templates 4 years ago
proftpd whitespaces 4 years ago
rabbitmq rabbitmq: add a munin plugin 4 years ago
rbenv rbenv: Correct the changes done in 24aeff2e about become user issues 4 years ago
redis Redis: fix typo in shell command 4 years ago
redmine remine: add tags 4 years ago
remount-usr remount-usr: Add README 4 years ago
spamassasin packmail (postfix + spamassassin): fix cron.d spam and sa-update 4 years ago
squid Squid: Add repo.mysql.com to default whitelist 4 years ago
supervisord Supervisor: handlers name + tags 4 years ago
tomcat tomcat: compatible with Tomcat7 and Tomcat8 4 years ago
tomcat-instance whitespaces 4 years ago
unbound unbound: retrieve list of root DNS servers 4 years ago
varnish varnish: add a restart handler 4 years ago
vrrpd Rename role "apt-repositories" to "apt" 4 years ago
webapps whitespaces 4 years ago
.gitignore gitignore cleanup 4 years ago
CHANGELOG.md Release 9.1.7 4 years ago
LICENSE Add the GPLv2 licence 5 years ago
README.md ansible-roles is now only-Linux compatible, and add precision for compatibility (Debian 9 and accidentally Debian 8) 4 years ago
evolix Add an evolix symlink for prefixed roles 4 years ago

README.md

Ansible-roles

A repository for Ansible roles used by Evolix on Debian GNU/Linux 9 (stretch) servers. Few roles are also be compatible with Debian GNU/Linux 8 (jessie) servers.

It contains only roles, everything else is available at https://forge.evolix.org/projects/ansible-public

Branches

The stable branch contains roles that we consider ready for production.

The unstable branch contains not sufficiently tested roles (or evolutions on existing roles) that we don't consider ready for production yet.

Many feature branches may exist in the repository. They represent "work in progress". They may be used, for testing purposes.

Install and usage

First, check-out the repository :

$ cd ~/GIT/
$ git clone https://forge.evolix.org/projects/ansible-roles

Then, add its path to your ansible load path :

$ vim ~/.ansible.cfg
[defaults]
roles_path = $HOME/GIT/ansible-roles

Then, include roles in your playbooks :

- hosts: all
  gather_facts: yes
  become: yes
  roles:
    - etc-git
    - evolinux-base

Contributing

Contributions are welcome, especially bug fixes and "ansible good practices". They will be merged in if they are consistent with our conventions and use cases. They might be rejected if they introduce complexity, cover features we don't need or don't fit "style".

Before starting anything of importance, we suggest contacting us to discuss what you'd like to add or change.

Our conventions are available in the "ansible-public":https://forge.evolix.org/projects/ansible-public repository, in the CONVENTIONS.md file.

Workflow

The ideal and most typical workflow is to create a branch, based on the "unstable" branch. The branch should have a descriptive name (a ticket/issue number is great). The branch can be treated as a pull-request or merge-request. It should be propery tested and reviewed before merging into "unstable".

Changes that don't introduce significant changes — or that must go faster that the typical workflow — can be commited directly into "unstable".

Hotfixes, can be prepared on a new branch, based on "stable" or "unstable" (to be decided by the author). When ready, it can be merged back to "stable" for immediate deployment and to "unstable" for proper backporting.

Other workflow are not forbidden, but should be discussed in advance.