Andrea Dell'Amico
f11655bb1b
letsencrypt: now that the user has no valid shell, use the command module to run the certificate request.
2017-11-07 15:34:27 +01:00
Andrea Dell'Amico
805062b3c0
users: do not add users to the sudo group if they are not meant to be administrators.
2017-11-07 12:37:46 +01:00
Andrea Dell'Amico
5556c1318d
nginx: fix the creation of the webroot directory.
2017-11-07 12:37:14 +01:00
Andrea Dell'Amico
1704877c29
users: optionally create additional groups.
2017-11-07 00:10:25 +01:00
Andrea Dell'Amico
efaf63c8d6
sshd config: variables and template to optionally add a chrooted sftp environment.
2017-11-07 00:09:47 +01:00
Andrea Dell'Amico
14f4fc2c08
nginx: create the document root if different from the default. Deny access to the filenames that start with a .
2017-11-07 00:09:01 +01:00
Andrea Dell'Amico
fe75249c69
Give more heap to the parthenos aggregator. See https://support.d4science.org/issues/10227
2017-11-06 21:48:20 +01:00
Andrea Dell'Amico
c848feb9b7
postgresql letsencrypt tasks: Fix some tasks names.
2017-11-06 18:20:24 +01:00
Andrea Dell'Amico
fd700fe28c
Add a random seep before restarting the postgresql and pgpool services after a certificate renewal. See https://support.d4science.org/issues/10229
2017-11-06 18:01:48 +01:00
Andrea Dell'Amico
38554c6692
solr: add a specific tag to the task that installs the default settings.
2017-11-06 17:48:29 +01:00
Roberto Cirillo
eeaf9aaf6e
group_vars/sharelatex_app/sharelatex_app.yml add new scopes
...
group_vars/twittermon_dev/twittermon_dev.yml set to true variable twittermon_upgrade
smartgears-node-upgrade.yml, smartgears-node.yml add sharelatex connector role
../library/roles/smartgears/smart_executor/defaults/main.yml set version to latest
../library/roles/smartgears/twittermon_se_plugins/tasks/main.yml add teitter_se tag to remove plugin task
2017-11-03 09:56:44 +01:00
Andrea Dell'Amico
94ac818f78
solr: set the default version to 7.1.0.
2017-11-02 12:17:58 +01:00
Andrea Dell'Amico
9ea478d684
home library: fix a typo.
2017-10-31 17:31:19 +01:00
Andrea Dell'Amico
ec0e450d83
varnish: New repository configuration.
2017-10-30 15:41:33 +01:00
Andrea Dell'Amico
907ef0dc0e
haproxy-letsencrypt-acme.sh: Fix the logging commands.
2017-10-30 15:41:33 +01:00
Andrea Dell'Amico
70b1b52976
haproxy: Run the OCSP stapling script after a certificate has been renewed. See https://support.d4science.org/issues/10008
2017-10-30 15:41:33 +01:00
Andrea Dell'Amico
3aa7de0d40
geoserver: basic mapproxy role.
2017-10-30 15:41:32 +01:00
Andrea Dell'Amico
ffce67bb7b
python-virtualenv: Fixes.
2017-10-30 15:41:32 +01:00
Andrea Dell'Amico
d93cb21b89
nagios check_memory: report the data in MB instead of GB.
2017-10-30 15:41:31 +01:00
Andrea Dell'Amico
47581ba9ef
nginx cors: accept more headers.
2017-10-30 15:41:31 +01:00
Andrea Dell'Amico
1648cc50e7
letsencrypt: Run the script that requires the certificates only when the desired file changed.
2017-10-30 15:41:31 +01:00
Roberto Cirillo
30169b5998
../library/roles/smartgears/smartgears/templates/logback.xml.j2 added AnalysisLogger appender for dataminer instances
2017-10-30 15:34:03 +01:00
Roberto Cirillo
37698dff6d
group_vars/twittermon_dev/twittermon_dev.yml add smartgears_appender_list configuration
...
group_vars/twittermon_plugins/twittermon_plugins.yml add smartgears_appender_list configuration ans set smartgears_nginx_expose_tomcat_logs to True
../library/roles/smartgears/smartgears/templates/logback.xml.j2 add custom appenders configuration
../library/roles/smartgears/smartgears/tasks/smartgears-app.yml fix tag smartgears_conf
2017-10-25 17:49:42 +02:00
Andrea Dell'Amico
aa4bc93e36
geoserver: options to move the log directory in another place.
2017-10-24 13:47:18 +02:00
Andrea Dell'Amico
29c3b9357a
d4s_user_services_perms: More scenarios that involve nfs (so no ACLs) and common main group between users.
2017-10-24 13:46:32 +02:00
Andrea Dell'Amico
1f93b6f542
acls for users and files: We can use the X mode for the executable bit so that directories and files are managed differently.
2017-10-23 19:09:44 +02:00
Andrea Dell'Amico
d74caa1d87
pki-basics: shorten the certificate CN because when we use long hostnames it could overflow.
2017-10-23 19:09:04 +02:00
Andrea Dell'Amico
a9d1585066
data_disk: handle the NFS case.
2017-10-23 19:08:38 +02:00
Andrea Dell'Amico
2c70d94945
Fix the orientdb nagios handler: the startup script does not support the restart action.
2017-10-21 16:23:42 +02:00
Andrea Dell'Amico
56fc118e9d
iptables: in the tcp or udp rules, the allowed_hosts variables can be a list.
2017-10-20 17:46:21 +02:00
Andrea Dell'Amico
220af7bf9d
letsencrypt-acme-tool: ocsp must staple option True by default.
2017-10-20 15:55:17 +02:00
Andrea Dell'Amico
71b54c7e05
is-sweeper-se-plugin: better use of the maven_artifact module.
2017-10-19 19:38:33 +02:00
Andrea Dell'Amico
4019916c68
IC proxy: better use of the maven_artifact plugin.
2017-10-19 19:30:58 +02:00
Andrea Dell'Amico
f1280af818
sharelatex connector: better use of the maven_artifact plugin.
2017-10-19 19:20:17 +02:00
Andrea Dell'Amico
8ea1f47df8
r-connector: better use of the maven_artifact plugin.
2017-10-19 19:13:06 +02:00
Andrea Dell'Amico
2858824409
spd service: better use of maven artifact.
2017-10-19 19:03:00 +02:00
Andrea Dell'Amico
b4e9b0b349
tabulardata: better use of maven_artifact.
2017-10-19 19:02:44 +02:00
Andrea Dell'Amico
9b0d125d8b
Fix the download directory.
2017-10-19 18:51:42 +02:00
Andrea Dell'Amico
ff5b507203
Add a playbook to install the resource registry handlers jar. See https://support.d4science.org/issues/9941
2017-10-19 18:36:39 +02:00
Andrea Dell'Amico
bc9068ef1c
resource_registry: Remove a 'when' condition from a task.
2017-10-19 18:23:09 +02:00
Andrea Dell'Amico
882d486451
resource_registry: refactor to make a better use of resource_registry.
2017-10-19 18:06:33 +02:00
Andrea Dell'Amico
54b61f7f28
The tomcat debug options do not like spaces.
2017-10-17 20:14:09 +02:00
Andrea Dell'Amico
8218c24ab4
The new JDK debug syntax requires a hostname and a port.
2017-10-17 20:08:44 +02:00
Andrea Dell'Amico
c5d7868257
tomcat, tomcat-multiple-instances: New JDK options to activate the debug.
2017-10-17 19:39:24 +02:00
Andrea Dell'Amico
e46967c586
sdi_service: cleanup the tasks so they make a better use of the maven_artifact plugin.
2017-10-17 19:23:25 +02:00
Andrea Dell'Amico
cf7af19fd2
solr: add the '-Ddisable.configEdit=true' option by default to workaround a 0-day exploit.
2017-10-16 16:06:13 +02:00
Andrea Dell'Amico
4d76722d7f
solr: workaround to the just discovered 0-day vulnerability, see https://lucene.apache.org/solr/news.html
2017-10-16 14:54:07 +02:00
Andrea Dell'Amico
3477ccc615
dataminer: Install the web.xml file in the correct place.
...
dataminer: Remove the old wps_algorithms directory when moving from the old to the new algorithms setup.
2017-10-13 15:15:30 +02:00
Andrea Dell'Amico
ef48aaf3f2
library/roles/apache/tasks/apache-basic-auth.yml: More restrictive permissions for the htpasswd file.
2017-10-13 13:59:40 +02:00
Andrea Dell'Amico
7b9b7549a7
library/roles/apache/tasks/apache-basic-auth.yml: Fix the task that creates the htpasswd file.
2017-10-13 13:46:17 +02:00