Commit Graph

239 Commits

Author SHA1 Message Date
Andrea Dell'Amico 54155b9672 nginx: It's now possible to customise the https port. 2020-03-31 16:38:07 +02:00
Andrea Dell'Amico 1f7d7ac082 elasticsearch: fix the 'transport.tcp.port' arguments syntax. 2020-03-30 18:07:19 +02:00
Andrea Dell'Amico 75f8f92822 mysql: Install the server config file into the correct place. Support SSL and letsencrypt certificates. 2020-03-30 11:38:47 +02:00
Andrea Dell'Amico ac53754be0 powerdns: more options for the 'slave' configuration. 2020-03-24 12:28:14 +01:00
Andrea Dell'Amico 5657fc35fa gitea: move to version 1.12.3. 2020-03-22 17:37:40 +01:00
Andrea Dell'Amico c5f0ee75ef openvpn: better user ccd management, option that enables the management interface, option to force the presence of a ccd entry. 2020-03-22 15:14:33 +01:00
Andrea Dell'Amico 8331f98490 Drupal: Fix some obsoleted parts, ad php-fpm as dependency, fix the php packages list. 2020-03-21 16:56:57 +01:00
Andrea Dell'Amico 4a4f623b47 apache: Fix the task that adds additional modules when we have an empty list. 2020-03-19 17:48:21 +01:00
Andrea Dell'Amico 5de6afff94 apache: ignore errors when enabling the ssl modules. The check could fail because the configuration is not ready yet. 2020-03-19 13:32:06 +01:00
Andrea Dell'Amico 37d23844e3 vsftpd: Support TLS in the Ubuntu role. 2020-03-19 13:31:38 +01:00
Andrea Dell'Amico 59717eae9c orientdb: support hazelcast in unicast/tcp mode. 2020-03-19 12:01:23 +01:00
Andrea Dell'Amico dacad8da23 nginx: more modern TLS ciphers. 2020-03-19 11:58:55 +01:00
Andrea Dell'Amico bf2d334aa8 CKAN: some cleanups, fix the version of some python modules. 2020-03-18 14:42:38 +01:00
Andrea Dell'Amico d2bcb78d80 More generic custom rules. 2020-03-16 14:18:32 +01:00
Andrea Dell'Amico f64f5ca21c Add TLS support to the CentOS vsftpd role. 2020-03-14 16:08:22 +01:00
Andrea Dell'Amico 0d5bf23f5e ELK: add tasks and templates that manage kibana, and nginx in front of it. 2020-03-13 19:47:02 +01:00
Andrea Dell'Amico 3aa4504a79 roundcube: disable the help plugin by default, it's not useful. 2020-03-12 10:42:27 +01:00
Andrea Dell'Amico a30b91640e Default to the latest version. Fix a typo. 2020-03-10 19:13:04 +01:00
Tommaso Piccioli ae28502c50 DB dump retention changed 2020-03-06 11:48:35 +01:00
Andrea Dell'Amico 65a711d387 mysql: Fixes to make it work with the new python module and with mysql 5.7. 2020-03-03 18:41:27 +01:00
Andrea Dell'Amico cadbcc5cc7 Two tasks used the copy module instead of the template one. 2020-02-27 17:19:38 +01:00
Andrea Dell'Amico ba36889c0e clamav: install perl if the unofficial signatures are enabled. 2020-02-18 14:31:01 +01:00
Andrea Dell'Amico 973faadfe2 tomcat: add tags so that we set tomcat_version when we use tomcat_conf or tomcat_javamelody. 2020-02-17 12:40:46 +01:00
Andrea Dell'Amico a5c523bb4c keepalived: put the state file under /run/keepalived and instruct systemd to create the directory. 2020-02-14 18:39:00 +01:00
Andrea Dell'Amico 47ce8bf05c simplesaml: fix a problem in the main configuration. It's now possible to enable/disable debug and error output. 2020-02-13 14:14:04 +01:00
Andrea Dell'Amico 62539644e8 solr as tomcat webapp: try to figure out the tomcat version. 2020-02-12 18:19:18 +01:00
Andrea Dell'Amico bb88b7519a mongodb: manage the keyfile needed by a cluster configuration. 2020-02-12 18:17:42 +01:00
Andrea Dell'Amico f78a20bab8 New default version for rstudio. 2020-02-12 18:14:09 +01:00
Andrea Dell'Amico 5f46719ad8 Do not fail if a plugin do not install. 2020-02-12 18:04:39 +01:00
Andrea Dell'Amico 2a188a11f4 postgresql: use the fullchain file for pgpool too. 2020-02-12 18:01:59 +01:00
Andrea Dell'Amico 4878798502 Always install python-lxml. 2020-02-12 18:00:57 +01:00
Andrea Dell'Amico f0c5a54f9d elasticsearch: support versions >= 6 2020-02-12 17:25:58 +01:00
Andrea Dell'Amico 68ba0933f0 thredds: support the configuration of a google analytics id. 2020-02-12 16:01:58 +01:00
Andrea Dell'Amico 6cbaef0857 tomcat javamelody: maven wants https now. 2020-02-12 16:00:42 +01:00
Andrea Dell'Amico 98dc9c2960 Keepalived: restart the service if the floating IPs disappear on Ubuntu 18.04. 2020-02-12 11:42:05 +01:00
Andrea Dell'Amico 1060ef9300 Fix the path of the php-fpm pid, it is now used by the systemd unit. 2020-02-07 19:35:27 +01:00
Andrea Dell'Amico 172373fb5c Fix some conditionals so that we can skip nagios. 2020-02-07 18:34:48 +01:00
Andrea Dell'Amico e433a4eeb3 Fix the creation of the letsencrypt hook for postfix. 2020-02-07 16:30:21 +01:00
Andrea Dell'Amico 94ffed10c9 acme-sh-request-cert: do not fail if there's a valid, and not expiring, certificate already. 2020-02-07 14:54:39 +01:00
Andrea Dell'Amico d019c0d8cd Fix the behaviour when we request the certificate via http. 2020-02-04 19:17:03 +01:00
Andrea Dell'Amico 2da5d26ef6 The roundcube session lifetime is now a variable. 2020-01-30 12:29:51 +01:00
Andrea Dell'Amico af32ce30bc Change the way we enable the local recipient maps. 2020-01-25 13:58:26 +01:00
Andrea Dell'Amico c90043d44a Move the max_message_size option out of the 'if' case. 2020-01-24 13:58:05 +01:00
Andrea Dell'Amico d53b569189 Manage the transport and virtual_domains maps. 2020-01-24 13:03:07 +01:00
Andrea Dell'Amico c036b0bf8b Fix the management of the size of the attachments. 2020-01-23 11:39:29 +01:00
Andrea Dell'Amico 5c6253e917 Only one nginx role. 2020-01-22 14:37:31 +01:00
Andrea Dell'Amico 4c06ae5b2d One variable to manage the max attachment size. 2020-01-20 12:27:21 +01:00
Andrea Dell'Amico e2bd95f2c2 Role that setups remote logging in rsyslog. 2020-01-17 17:30:44 +01:00
Andrea Dell'Amico 0085eaac94 Force a restart after a clamd reconfiguration. clamupdate must be added to the clamscan group. 2020-01-14 18:49:26 +02:00
Andrea Dell'Amico a411c8d68b The AlertExceedsMax value is now managed by a variable, default 'no'. 2020-01-14 16:48:37 +02:00
Andrea Dell'Amico a054e94915 Change the permissions of /var/lib/clamav so that freshclam can write into it. 2020-01-11 16:32:46 +01:00
Andrea Dell'Amico 75dd8ca0cb Fix the boolean that manages the network interfaces settings. 2020-01-08 18:49:32 +01:00
Andrea Dell'Amico ad4ed35212 Manage the smtp and submission configurations with different variables. 2020-01-08 00:23:34 +01:00
Andrea Dell'Amico ba319f76a5 php fpm pool: Log the remote client IP address correctly. 2020-01-06 17:00:19 +01:00
Andrea Dell'Amico 214cd1d03c Fix the nginx includes filenames of the new onlyoffice package 2020-01-05 19:27:39 +01:00
Andrea Dell'Amico 9170706a03 roundcube: the available skins is now a variable. Configure enigma to support multihost as an option. 2019-12-31 15:31:19 +01:00
Andrea Dell'Amico 72810580ee Refresh the CentOS php-fpm role. 2019-12-26 17:11:20 +01:00
Andrea Dell'Amico e27747426b Set the compatibility level on Ubuntu 18.04. 2019-12-19 11:21:16 +01:00
Andrea Dell'Amico 5ca80e638a Force a postfix restart after a configuration change without waiting for the handlers to kick in. Add 'compatibility_level=2' on Ubuntu 18.04. 2019-12-19 11:15:41 +01:00
Andrea Dell'Amico 9d6370b776 Role that installs clamav end/or clamav-milter. 2019-12-18 15:47:03 +01:00
Andrea Dell'Amico f6dcee2182 The TLS level is now a paremeter everywhere. 2019-12-18 15:46:23 +01:00
Andrea Dell'Amico 05e4cb9478 postfix: changes to the configuration that runs the smtpd server. Support milter and haproxy. 2019-12-17 19:55:06 +01:00
Andrea Dell'Amico 8dd7cba5e6 springboot: install systemd units on systemd based OSs. 2019-12-16 14:10:56 +01:00
Andrea Dell'Amico 5bad5d43fa Add support for a customized logo and for enigma (pgp). 2019-12-13 13:43:03 +01:00
Andrea Dell'Amico f2c7de88c9 postgresql role: some cleanup. 2019-12-12 21:01:51 +01:00
Andrea Dell'Amico e6abbf1791 postfix relay: choose to not stop the outgoing smtp traffic. 2019-12-12 21:01:02 +01:00
Andrea Dell'Amico a4106d3dce add, commented, more tls options. 2019-12-12 21:00:07 +01:00
Andrea Dell'Amico b2c25c0f32 iptables rules: add a new conditional. 2019-12-12 20:59:33 +01:00
Andrea Dell'Amico 730885f840 roundcube: configure the service, manage the plugins list and the configuration of some of them. 2019-12-12 20:58:36 +01:00
Andrea Dell'Amico 7c25a0c20c nextcloud: fix the nginx virtualhost. The local postgresql server is now optional. 2019-12-12 20:57:02 +01:00
Andrea Dell'Amico 790a95482b Redis: do not fail stopping the service before removing the packages. 2019-12-12 13:54:17 +01:00
Andrea Dell'Amico b585baee9b postgresql and postgresql db: fix the letsencrypt configuration, new default version. 2019-12-12 13:53:24 +01:00
Andrea Dell'Amico a2ac312217 iptables: we can now set a global postresql set of rules. 2019-12-12 13:52:24 +01:00
Andrea Dell'Amico 63ca3a71a8 Install and configure tmpreaper if required, on Debian/Ubuntu. 2019-12-11 11:57:55 +01:00
Andrea Dell'Amico a6bbd67e1c keepalived: fix the default service check and the destination of the status file. 2019-12-09 14:04:10 +01:00
Andrea Dell'Amico 33d420eded Merge branch 'master' of adellam/ansible-roles into master 2019-12-09 13:36:56 +01:00
Andrea Dell'Amico 2549e8d641 Add the role that manages additional disks to the bootstrap role. 2019-12-09 13:36:36 +01:00
Franca Debole 20fa6c97ae Merge branch 'master' of debfranca/ansible-roles into master
RoundCube added ...working on progress
2019-12-07 16:06:42 +01:00
Franca Debole 1920b3c149 Added comment on install roundcube 2019-12-06 17:33:08 +01:00
Tommaso Piccioli c6228c8255 crontab hourly step postgres backup 2019-12-06 17:33:06 +01:00
Franca Debole cd435616c9 Added rouncube 2019-12-06 16:34:15 +01:00
Andrea Dell'Amico 3a64850c80 Postfix role that aims to be general purpose. 2019-12-05 18:35:55 +01:00
Andrea Dell'Amico ac16f86970 Apache: Fix some conditionals. 2019-12-05 18:32:22 +01:00
Andrea Dell'Amico 32695a0a33 Debian/Ubuntu: autoclean and autoremove packages when dist-upgrading. 2019-11-21 18:13:06 +01:00
Andrea Dell'Amico 58e596ed5d Force a cert request when something changed. 2019-11-21 14:49:03 +01:00
Andrea Dell'Amico 747c551c00 Role that installs an unconfigured dovecot service, managing firewall rules and letenscrypt hook accondingly. 2019-11-20 18:51:56 +01:00
Andrea Dell'Amico 9b4f3d3d46 Remove duplicates from the acme.sh env. Add tags that permit to install the scripts without executing them. 2019-11-20 13:24:45 +01:00
Andrea Dell'Amico 1bcd77e306 Give the option of managing some SELinux properties in the bootstrap tasks. 2019-11-19 18:56:17 +01:00
Andrea Dell'Amico 27a82ad239 Manage the postgresql firewalld rule directly in the postgresql role. 2019-11-19 13:48:53 +01:00
Andrea Dell'Amico 659e50755e Add a specific tag to the task that installs the acme.sh account file. 2019-11-15 16:19:37 +01:00
Andrea Dell'Amico 88610faf0c Give the ability to change the negative cache ttl. 2019-11-12 13:47:13 +01:00
Andrea Dell'Amico faf5b50aef acme.sh: request a certificate when the configuration did not change but no certificate is present. 2019-11-08 16:42:28 +01:00
Andrea Dell'Amico 9b5acb19b3 unbound: manage the use of stub zones. 2019-11-08 11:37:49 +01:00
Andrea Dell'Amico 9687e342c8 powerdns: Fix the also_notify template variable. 2019-11-07 17:45:28 +01:00
Andrea Dell'Amico 8cd9dc556f Fix a wrong option in the LDAP template. 2019-11-04 18:54:21 +01:00
Andrea Dell'Amico 3108ff7ee9 Manage a generic CA cert file, provided via a URL. 2019-11-04 18:53:08 +01:00
Andrea Dell'Amico d1b27304f3 Fix some boolean conditionals. 2019-11-02 17:25:46 +01:00
Andrea Dell'Amico 23921aa74a Fix some boolean checks. 2019-11-02 17:06:32 +01:00
Andrea Dell'Amico 68de4756c5 Fix the dependencies, for real. 2019-10-31 12:32:32 +01:00
Andrea Dell'Amico 1289862b9a Request the certificates as root to bind port 80. Install the certificates after having obtained them, by default. 2019-10-31 12:30:27 +01:00