Ludovic Poujol
f630d93587
evolinux-base: On debian 10 and later, add noexec on /dev/shm
2019-07-23 18:18:29 +02:00
Jérémy Lecour
a8ef97fcde
Revert "evolinux-base: install "spectre-meltdown-checker" (Debian 9 and later)"
...
This reverts commit 65414d8ae7
.
2019-06-20 17:29:48 +02:00
Jérémy Lecour
65414d8ae7
evolinux-base: install "spectre-meltdown-checker" (Debian 9 and later)
2019-06-17 14:22:00 +02:00
Ludovic Poujol
75a8c90258
evolinux-base: Ensure rename is present
2019-06-17 09:58:10 +02:00
Ludovic Poujol
334b8a3f0d
evolinux-base: Validate sshd config with "sshd -t"
...
See #52 - It seems the behaviour changed with the recent releases, -T
that does an extended test now fails on "Match" blocks when no context
is given through -C
2019-06-17 09:47:22 +02:00
Jérémy Lecour
aa28e9c1b8
change repositories URL
2019-03-21 15:31:58 +01:00
Jérémy Lecour
3e37800994
evolinux-base: remove apt-listchanges on Stretch and later
2019-03-05 11:10:12 +01:00
Jérémy Lecour
a94c94018c
normalize some arguments positions
2019-01-01 20:02:50 +01:00
Benoît S.
776839fe61
Typo: rcpbind and not rcpbin
2018-12-19 15:58:47 +01:00
Victor LABORIE
74f25e8183
evolinux-base: deploy custom motd if template are present
2018-11-30 15:14:39 +01:00
Patrick Marchand
9198c1e2c0
ansible-lint does not like trailing whitespace
2018-11-13 16:56:31 -05:00
Victor LABORIE
83e9f12669
evolinux-base: install man package
2018-10-23 11:38:52 +02:00
Jérémy Lecour
81e9b3d33c
don't reload history on each prompt
2018-09-13 16:54:07 +02:00
Jérémy Lecour
2a89b8ff22
evolinux-base: better shell history
...
* remove duplicates from history
* reload/save history at prompt time
2018-09-11 14:13:29 +02:00
Jérémy Lecour
fe064c16d1
update CHANGELOG for evolinux-todo
2018-08-24 14:43:14 +02:00
Jérémy Lecour
b6fa349394
evolinux-base: compact multiple systctl tasks into one
2018-08-21 13:34:03 +02:00
Gregory Colpart
51f41ff14a
Workaround by Evolix security team for old kernels and vulnerabiliy CVE-2018-5391 (FragmentSmack)
2018-08-17 21:28:14 +02:00
Jérémy Lecour
4461281945
evolinux-base: add internal FQDN/hostname in /etc/hosts if needed
2018-08-17 10:07:36 +02:00
Jérémy Lecour
bc8858fc0a
evolinux-base: improve hostname configuration
...
We can have a "real" hostname and domain, but also an "internal" hostnae
and domain, used mostly for internal tools.
2018-08-16 16:17:34 +02:00
Tristan PILAT
99747e72b5
500px is too narrow, let's switch to 768px
2018-07-24 12:17:07 +02:00
Victor LABORIE
f56f8f7615
evolinux-base: add mail related aliases
2018-06-25 11:20:37 +02:00
Jérémy Lecour
ec535b036c
apt module: Use "state: present" instead of "state: installed"
...
"state: installed" is deprecated in Ansible 2.5
2018-05-18 09:33:25 +02:00
Gregory Colpart
20f6371980
typo
2018-05-01 19:38:55 +02:00
Jérémy Lecour
8384e8ba43
evolinux: groups for SSH configuration are used with Debian 10 and later
2018-04-20 14:38:55 +02:00
Jérémy Lecour
e79640d770
evolinux: Name and improve compatibility checks
2018-04-20 14:38:55 +02:00
Jérémy Lecour
b01d9178d0
evolinux-users: split AllowGroups/AllowUsers modes
...
If an AllowGroups directive is found or when using Debian 9+,
we use the AllowGroups directive and comment AllowUsers that may be
already present.
When adding a user, we make sure that the allowed group exists
and the use is in that group, to be sure that at least this user
is allowed to connect.
In other situations, we use the AllowUsers directive.
2018-04-18 12:16:04 +02:00
Jérémy Lecour
b866b6fa0a
evolinux-base: fail2ban is not enabled by default
2018-04-18 12:15:43 +02:00
Jérémy Lecour
8abed3e258
Use "command" instead of "shell" where possible
2018-04-04 23:36:00 +02:00
Jérémy Lecour
ad3383a510
Install ncurses-term for additional terminal types
...
When connecting to a server from urxvt, the session behaves like one
with xterm.
2018-03-29 16:42:33 +02:00
Ludovic Poujol
3c2443181b
evolinux-base: Exec the firewall tasks sooner to avoid dependency issues
2018-03-15 12:04:35 +01:00
Jérémy Lecour
b634840b42
apache/nginx: server status suffix
2018-01-03 10:05:20 +01:00
Jérémy Lecour
08d544668b
evolinux-base: create /etc/evolinux
2018-01-03 10:05:20 +01:00
Victor LABORIE
f09d93aadb
evolinux-base: purge locate/mlocate by default
2018-01-02 15:11:27 +01:00
Jérémy Lecour
aeba94bcba
default/additional variables
...
List of hosts/ip are a combination of 2 lists allowing overrides
2017-12-20 18:04:54 +01:00
Ludovic Poujol
a2acd250a6
evolinux-base: have default_www files chmoded as 644
2017-12-13 15:44:16 +01:00
Jérémy Lecour
1faf0faa6b
Remove openntpd before installing serveur-base
2017-12-06 00:09:08 +01:00
Jérémy Lecour
5e1268ad65
Install traceroute
2017-12-05 14:42:07 +01:00
Jérémy Lecour
b3f4e4683e
hostname customization needs the dbus package
2017-11-22 14:08:54 +01:00
Jérémy Lecour
b15b06d458
add name for some fail modules
2017-11-21 10:17:46 +01:00
Jérémy Lecour
8ef9554746
Combine evolix and additional trusted IP addresses
2017-11-15 23:57:58 +01:00
Jérémy Lecour
46d70b3cd5
evolnux-base: cache pgp key locally
2017-11-15 11:40:42 +01:00
Victor LABORIE
1c48df025c
Move /usr rw remount into remount-usr role
2017-11-07 13:34:05 +01:00
Ludovic Poujol
3532cb3f2d
evolinux-base: harware tasks. Add http://hwraid.le-vert.net/debian repo
...
on stretch for megacli packages
2017-10-26 15:07:28 +02:00
Jérémy Lecour
b4e4b14fc6
Invert SSH Match User directives
2017-10-17 10:28:48 +02:00
Jérémy Lecour
c77bc14e95
Evolinux: don't remove root from AllowUsers list
2017-10-11 17:58:59 +02:00
Ludovic Poujol
745c45f88d
Fix remount_usr_rw/yml
2017-10-11 17:58:18 +02:00
Jérémy Lecour
4bc7635502
Include generate-ldif in evolinux-base
2017-10-11 13:10:15 +02:00
Jérémy Lecour
20e8a852fa
Handle "PermitRootLogin prohibit-password"
2017-10-10 23:50:14 +02:00
Jérémy Lecour
707aabb404
evolinux-base : remove root from AllowUsers directive
...
when disabling root login, also remove it from AllowUsers if present
2017-10-10 22:00:28 +02:00
Jérémy Lecour
79e57b7787
evolinux-base: don't disable root ssh by default
2017-10-10 21:58:03 +02:00