Commit Graph

2165 Commits

Author SHA1 Message Date
Andrea Dell'Amico faf5b50aef acme.sh: request a certificate when the configuration did not change but no certificate is present. 2019-11-08 16:42:28 +01:00
Andrea Dell'Amico 9b5acb19b3 unbound: manage the use of stub zones. 2019-11-08 11:37:49 +01:00
Andrea Dell'Amico 9687e342c8 powerdns: Fix the also_notify template variable. 2019-11-07 17:45:28 +01:00
Andrea Dell'Amico 8cd9dc556f Fix a wrong option in the LDAP template. 2019-11-04 18:54:21 +01:00
Andrea Dell'Amico 3108ff7ee9 Manage a generic CA cert file, provided via a URL. 2019-11-04 18:53:08 +01:00
Andrea Dell'Amico d1b27304f3 Fix some boolean conditionals. 2019-11-02 17:25:46 +01:00
Andrea Dell'Amico 23921aa74a Fix some boolean checks. 2019-11-02 17:06:32 +01:00
Andrea Dell'Amico 68de4756c5 Fix the dependencies, for real. 2019-10-31 12:32:32 +01:00
Andrea Dell'Amico 1289862b9a Request the certificates as root to bind port 80. Install the certificates after having obtained them, by default. 2019-10-31 12:30:27 +01:00
Andrea Dell'Amico 29e44b27a8 Add a postgresql dependency, if the want a local db server. 2019-10-31 12:29:10 +01:00
Andrea Dell'Amico 440a783369 Configure the firewall before trying to get the X509 certificates. 2019-10-31 12:21:17 +01:00
Andrea Dell'Amico 07e7139b79 simplesaml virtualhost: set the real client ip address when behind a load balancer. 2019-10-31 11:18:21 +01:00
Andrea Dell'Amico e62d8b3ae6 Set the requested timezone on Ubuntu 18.04+ using the timedatectl client. 2019-10-30 13:54:01 +01:00
Andrea Dell'Amico f4904153b4 freeradius: create the DH file even when the certificate is not managed by letsencrypt. 2019-10-30 13:43:47 +01:00
Andrea Dell'Amico dc0cb3b15e simplesaml: do not create and install the certificates when they are externally provided. 2019-10-30 12:08:43 +01:00
Andrea Dell'Amico 02c75a7bde Give the option to specify an env file from the command line. 2019-10-30 10:38:01 +01:00
Andrea Dell'Amico 787cf219d6 Some env variables were wrong. 2019-10-30 10:32:41 +01:00
Andrea Dell'Amico b1fc6439e0 Install aptitude, fix some booleans, remove support for Debian 6. 2019-10-29 18:11:15 +01:00
Andrea Dell'Amico a7cffb1ffb Fixes to the powerdns configuration template needed by version 4.2. 2019-10-29 13:07:01 +01:00
Andrea Dell'Amico 1c0a42cdd8 Try to fix a problem with acme.sh when we ask for a certificate for the first time. 2019-10-29 13:01:36 +01:00
Andrea Dell'Amico 6bd05fe9cc Add defaults to the task that associates zones and interfaces. 2019-10-28 17:36:44 +01:00
Andrea Dell'Amico 4b5809f4b1 Set the hostname as defined in the inventory. 2019-10-28 17:36:06 +01:00
Andrea Dell'Amico 9913b65d09 Install git and socat on CentOS too. 2019-10-28 12:59:35 +01:00
Andrea Dell'Amico 53516b83cc acme.sh role: make it work on CentOS. 2019-10-28 12:51:13 +01:00
Andrea Dell'Amico bcc0e96c5c CentOS: use the acme.sh role. 2019-10-28 12:49:15 +01:00
Andrea Dell'Amico 7adc22f1b1 Dismiss the unsupported letsencrypt-acmetool-client. Use acme-sh-client everywhere. Fix the acme.sh configuration when we do not use the dns provider. 2019-10-27 20:14:15 +01:00
Andrea Dell'Amico af2319c1df Fix the exit code of the keepalive notifiy script. 2019-10-26 11:49:12 +02:00
Andrea Dell'Amico 361f51e152 keepalived: differentiate the unicast ip address between configurations. 2019-10-25 19:50:17 +02:00
Andrea Dell'Amico d53f160afb Set the hostname identical to the inventory hostname if no 'hostname' variable has been defined. 2019-10-25 19:49:32 +02:00
Andrea Dell'Amico 76aa23c024 Fix the templates, a 'server' directive was missing. 2019-10-25 19:48:41 +02:00
Andrea Dell'Amico 974f7d893a Role that manages the ntp service. 2019-10-25 12:32:10 +02:00
Andrea Dell'Amico d812967a1e RH/CentOS: use its own role for ntp. 2019-10-25 11:55:14 +02:00
Andrea Dell'Amico 69c00c4af7 Remove the ntp handler. 2019-10-25 11:39:43 +02:00
Andrea Dell'Amico b967322335 The ntp service is managed by its own role now. 2019-10-25 11:36:03 +02:00
Andrea Dell'Amico e97bb066e8 KVM host: install cloud-utils. Download the cloud images of CentOS 7 and Ubuntu Bionic. 2019-10-24 19:31:41 +02:00
Andrea Dell'Amico 6301321e16 Add support for imap email support to the redmine role. 2019-10-15 15:47:52 +02:00
Andrea Dell'Amico be108d20c6 elasticsearch: Fix the configuration when version is >= 7. 2019-10-14 12:02:40 +02:00
Andrea Dell'Amico c760fae448 Mediawiki: add tasks that initialize the wiki. Add support for a local memcached server. 2019-10-13 15:36:04 +02:00
Andrea Dell'Amico a262390283 mediawiki: Fix a couple of defaults. 2019-10-09 16:38:22 +02:00
Andrea Dell'Amico ede935b45d php-fpm: fix the path of the session files. 2019-10-09 16:25:05 +02:00
Andrea Dell'Amico 1ee45a1c54 Some changes to the mediawiki role, now with explicit dependencies. 2019-10-09 16:11:17 +02:00
Andrea Dell'Amico bd54d98a64 shinyproxy: increase the default wait time. 2019-10-08 14:32:40 +02:00
Andrea Dell'Amico 4785f2de9f nginx: support TLSv1.3 in the ssl template. 2019-10-07 13:17:38 +02:00
Andrea Dell'Amico 1b75b0bf94 Fix the KVM tasks. 2019-10-04 18:54:27 +02:00
Andrea Dell'Amico b6a3d69d55 freeradius: fix the letsencrypt hook name. 2019-10-02 14:21:05 +02:00
Andrea Dell'Amico a628b04fb3 Remove the tasks that mess up with the docker certificates. 2019-09-25 03:24:16 +02:00
Andrea Dell'Amico c96a81a33c Generate rules for the docker swarm ports. 2019-09-25 03:17:42 +02:00
Andrea Dell'Amico cdb49768b0 Docker: override the systemd unit to enable the http socket needed by the external clients. 2019-09-25 03:16:29 +02:00
Andrea Dell'Amico 4920fb8473 shinyproxy: Fix the configuration to correctly set the container backend. 2019-09-25 03:14:47 +02:00
Andrea Dell'Amico 179b0014c2 Shinyproxy: support version 2.x. Support docker-swam. Depend on openjdk. 2019-09-24 18:29:02 +02:00