Andrea Dell'Amico
|
94ffed10c9
|
acme-sh-request-cert: do not fail if there's a valid, and not expiring, certificate already.
|
2020-02-07 14:54:39 +01:00 |
Andrea Dell'Amico
|
d019c0d8cd
|
Fix the behaviour when we request the certificate via http.
|
2020-02-04 19:17:03 +01:00 |
Andrea Dell'Amico
|
2da5d26ef6
|
The roundcube session lifetime is now a variable.
|
2020-01-30 12:29:51 +01:00 |
Andrea Dell'Amico
|
af32ce30bc
|
Change the way we enable the local recipient maps.
|
2020-01-25 13:58:26 +01:00 |
Andrea Dell'Amico
|
c90043d44a
|
Move the max_message_size option out of the 'if' case.
|
2020-01-24 13:58:05 +01:00 |
Andrea Dell'Amico
|
d53b569189
|
Manage the transport and virtual_domains maps.
|
2020-01-24 13:03:07 +01:00 |
Andrea Dell'Amico
|
c036b0bf8b
|
Fix the management of the size of the attachments.
|
2020-01-23 11:39:29 +01:00 |
Andrea Dell'Amico
|
5c6253e917
|
Only one nginx role.
|
2020-01-22 14:37:31 +01:00 |
Andrea Dell'Amico
|
4c06ae5b2d
|
One variable to manage the max attachment size.
|
2020-01-20 12:27:21 +01:00 |
Andrea Dell'Amico
|
e2bd95f2c2
|
Role that setups remote logging in rsyslog.
|
2020-01-17 17:30:44 +01:00 |
Andrea Dell'Amico
|
0085eaac94
|
Force a restart after a clamd reconfiguration. clamupdate must be added to the clamscan group.
|
2020-01-14 18:49:26 +02:00 |
Andrea Dell'Amico
|
a411c8d68b
|
The AlertExceedsMax value is now managed by a variable, default 'no'.
|
2020-01-14 16:48:37 +02:00 |
Andrea Dell'Amico
|
a054e94915
|
Change the permissions of /var/lib/clamav so that freshclam can write into it.
|
2020-01-11 16:32:46 +01:00 |
Andrea Dell'Amico
|
75dd8ca0cb
|
Fix the boolean that manages the network interfaces settings.
|
2020-01-08 18:49:32 +01:00 |
Andrea Dell'Amico
|
ad4ed35212
|
Manage the smtp and submission configurations with different variables.
|
2020-01-08 00:23:34 +01:00 |
Andrea Dell'Amico
|
ba319f76a5
|
php fpm pool: Log the remote client IP address correctly.
|
2020-01-06 17:00:19 +01:00 |
Andrea Dell'Amico
|
214cd1d03c
|
Fix the nginx includes filenames of the new onlyoffice package
|
2020-01-05 19:27:39 +01:00 |
Andrea Dell'Amico
|
9170706a03
|
roundcube: the available skins is now a variable. Configure enigma to support multihost as an option.
|
2019-12-31 15:31:19 +01:00 |
Andrea Dell'Amico
|
72810580ee
|
Refresh the CentOS php-fpm role.
|
2019-12-26 17:11:20 +01:00 |
Andrea Dell'Amico
|
e27747426b
|
Set the compatibility level on Ubuntu 18.04.
|
2019-12-19 11:21:16 +01:00 |
Andrea Dell'Amico
|
5ca80e638a
|
Force a postfix restart after a configuration change without waiting for the handlers to kick in. Add 'compatibility_level=2' on Ubuntu 18.04.
|
2019-12-19 11:15:41 +01:00 |
Andrea Dell'Amico
|
9d6370b776
|
Role that installs clamav end/or clamav-milter.
|
2019-12-18 15:47:03 +01:00 |
Andrea Dell'Amico
|
f6dcee2182
|
The TLS level is now a paremeter everywhere.
|
2019-12-18 15:46:23 +01:00 |
Andrea Dell'Amico
|
05e4cb9478
|
postfix: changes to the configuration that runs the smtpd server. Support milter and haproxy.
|
2019-12-17 19:55:06 +01:00 |
Andrea Dell'Amico
|
8dd7cba5e6
|
springboot: install systemd units on systemd based OSs.
|
2019-12-16 14:10:56 +01:00 |
Andrea Dell'Amico
|
5bad5d43fa
|
Add support for a customized logo and for enigma (pgp).
|
2019-12-13 13:43:03 +01:00 |
Andrea Dell'Amico
|
f2c7de88c9
|
postgresql role: some cleanup.
|
2019-12-12 21:01:51 +01:00 |
Andrea Dell'Amico
|
e6abbf1791
|
postfix relay: choose to not stop the outgoing smtp traffic.
|
2019-12-12 21:01:02 +01:00 |
Andrea Dell'Amico
|
a4106d3dce
|
add, commented, more tls options.
|
2019-12-12 21:00:07 +01:00 |
Andrea Dell'Amico
|
b2c25c0f32
|
iptables rules: add a new conditional.
|
2019-12-12 20:59:33 +01:00 |
Andrea Dell'Amico
|
730885f840
|
roundcube: configure the service, manage the plugins list and the configuration of some of them.
|
2019-12-12 20:58:36 +01:00 |
Andrea Dell'Amico
|
7c25a0c20c
|
nextcloud: fix the nginx virtualhost. The local postgresql server is now optional.
|
2019-12-12 20:57:02 +01:00 |
Andrea Dell'Amico
|
790a95482b
|
Redis: do not fail stopping the service before removing the packages.
|
2019-12-12 13:54:17 +01:00 |
Andrea Dell'Amico
|
b585baee9b
|
postgresql and postgresql db: fix the letsencrypt configuration, new default version.
|
2019-12-12 13:53:24 +01:00 |
Andrea Dell'Amico
|
a2ac312217
|
iptables: we can now set a global postresql set of rules.
|
2019-12-12 13:52:24 +01:00 |
Andrea Dell'Amico
|
63ca3a71a8
|
Install and configure tmpreaper if required, on Debian/Ubuntu.
|
2019-12-11 11:57:55 +01:00 |
Andrea Dell'Amico
|
a6bbd67e1c
|
keepalived: fix the default service check and the destination of the status file.
|
2019-12-09 14:04:10 +01:00 |
Andrea Dell'Amico
|
33d420eded
|
Merge branch 'master' of adellam/ansible-roles into master
|
2019-12-09 13:36:56 +01:00 |
Andrea Dell'Amico
|
2549e8d641
|
Add the role that manages additional disks to the bootstrap role.
|
2019-12-09 13:36:36 +01:00 |
Franca Debole
|
20fa6c97ae
|
Merge branch 'master' of debfranca/ansible-roles into master
RoundCube added ...working on progress
|
2019-12-07 16:06:42 +01:00 |
Franca Debole
|
1920b3c149
|
Added comment on install roundcube
|
2019-12-06 17:33:08 +01:00 |
Tommaso Piccioli
|
c6228c8255
|
crontab hourly step postgres backup
|
2019-12-06 17:33:06 +01:00 |
Franca Debole
|
cd435616c9
|
Added rouncube
|
2019-12-06 16:34:15 +01:00 |
Andrea Dell'Amico
|
3a64850c80
|
Postfix role that aims to be general purpose.
|
2019-12-05 18:35:55 +01:00 |
Andrea Dell'Amico
|
ac16f86970
|
Apache: Fix some conditionals.
|
2019-12-05 18:32:22 +01:00 |
Andrea Dell'Amico
|
32695a0a33
|
Debian/Ubuntu: autoclean and autoremove packages when dist-upgrading.
|
2019-11-21 18:13:06 +01:00 |
Andrea Dell'Amico
|
58e596ed5d
|
Force a cert request when something changed.
|
2019-11-21 14:49:03 +01:00 |
Andrea Dell'Amico
|
747c551c00
|
Role that installs an unconfigured dovecot service, managing firewall rules and letenscrypt hook accondingly.
|
2019-11-20 18:51:56 +01:00 |
Andrea Dell'Amico
|
9b4f3d3d46
|
Remove duplicates from the acme.sh env. Add tags that permit to install the scripts without executing them.
|
2019-11-20 13:24:45 +01:00 |
Andrea Dell'Amico
|
1bcd77e306
|
Give the option of managing some SELinux properties in the bootstrap tasks.
|
2019-11-19 18:56:17 +01:00 |
Andrea Dell'Amico
|
27a82ad239
|
Manage the postgresql firewalld rule directly in the postgresql role.
|
2019-11-19 13:48:53 +01:00 |
Andrea Dell'Amico
|
659e50755e
|
Add a specific tag to the task that installs the acme.sh account file.
|
2019-11-15 16:19:37 +01:00 |
Andrea Dell'Amico
|
88610faf0c
|
Give the ability to change the negative cache ttl.
|
2019-11-12 13:47:13 +01:00 |
Andrea Dell'Amico
|
faf5b50aef
|
acme.sh: request a certificate when the configuration did not change but no certificate is present.
|
2019-11-08 16:42:28 +01:00 |
Andrea Dell'Amico
|
9b5acb19b3
|
unbound: manage the use of stub zones.
|
2019-11-08 11:37:49 +01:00 |
Andrea Dell'Amico
|
9687e342c8
|
powerdns: Fix the also_notify template variable.
|
2019-11-07 17:45:28 +01:00 |
Andrea Dell'Amico
|
8cd9dc556f
|
Fix a wrong option in the LDAP template.
|
2019-11-04 18:54:21 +01:00 |
Andrea Dell'Amico
|
3108ff7ee9
|
Manage a generic CA cert file, provided via a URL.
|
2019-11-04 18:53:08 +01:00 |
Andrea Dell'Amico
|
d1b27304f3
|
Fix some boolean conditionals.
|
2019-11-02 17:25:46 +01:00 |
Andrea Dell'Amico
|
23921aa74a
|
Fix some boolean checks.
|
2019-11-02 17:06:32 +01:00 |
Andrea Dell'Amico
|
68de4756c5
|
Fix the dependencies, for real.
|
2019-10-31 12:32:32 +01:00 |
Andrea Dell'Amico
|
1289862b9a
|
Request the certificates as root to bind port 80. Install the certificates after having obtained them, by default.
|
2019-10-31 12:30:27 +01:00 |
Andrea Dell'Amico
|
29e44b27a8
|
Add a postgresql dependency, if the want a local db server.
|
2019-10-31 12:29:10 +01:00 |
Andrea Dell'Amico
|
440a783369
|
Configure the firewall before trying to get the X509 certificates.
|
2019-10-31 12:21:17 +01:00 |
Andrea Dell'Amico
|
07e7139b79
|
simplesaml virtualhost: set the real client ip address when behind a load balancer.
|
2019-10-31 11:18:21 +01:00 |
Andrea Dell'Amico
|
e62d8b3ae6
|
Set the requested timezone on Ubuntu 18.04+ using the timedatectl client.
|
2019-10-30 13:54:01 +01:00 |
Andrea Dell'Amico
|
f4904153b4
|
freeradius: create the DH file even when the certificate is not managed by letsencrypt.
|
2019-10-30 13:43:47 +01:00 |
Andrea Dell'Amico
|
dc0cb3b15e
|
simplesaml: do not create and install the certificates when they are externally provided.
|
2019-10-30 12:08:43 +01:00 |
Andrea Dell'Amico
|
02c75a7bde
|
Give the option to specify an env file from the command line.
|
2019-10-30 10:38:01 +01:00 |
Andrea Dell'Amico
|
787cf219d6
|
Some env variables were wrong.
|
2019-10-30 10:32:41 +01:00 |
Andrea Dell'Amico
|
b1fc6439e0
|
Install aptitude, fix some booleans, remove support for Debian 6.
|
2019-10-29 18:11:15 +01:00 |
Andrea Dell'Amico
|
a7cffb1ffb
|
Fixes to the powerdns configuration template needed by version 4.2.
|
2019-10-29 13:07:01 +01:00 |
Andrea Dell'Amico
|
1c0a42cdd8
|
Try to fix a problem with acme.sh when we ask for a certificate for the first time.
|
2019-10-29 13:01:36 +01:00 |
Andrea Dell'Amico
|
6bd05fe9cc
|
Add defaults to the task that associates zones and interfaces.
|
2019-10-28 17:36:44 +01:00 |
Andrea Dell'Amico
|
4b5809f4b1
|
Set the hostname as defined in the inventory.
|
2019-10-28 17:36:06 +01:00 |
Andrea Dell'Amico
|
9913b65d09
|
Install git and socat on CentOS too.
|
2019-10-28 12:59:35 +01:00 |
Andrea Dell'Amico
|
53516b83cc
|
acme.sh role: make it work on CentOS.
|
2019-10-28 12:51:13 +01:00 |
Andrea Dell'Amico
|
bcc0e96c5c
|
CentOS: use the acme.sh role.
|
2019-10-28 12:49:15 +01:00 |
Andrea Dell'Amico
|
7adc22f1b1
|
Dismiss the unsupported letsencrypt-acmetool-client. Use acme-sh-client everywhere. Fix the acme.sh configuration when we do not use the dns provider.
|
2019-10-27 20:14:15 +01:00 |
Andrea Dell'Amico
|
af2319c1df
|
Fix the exit code of the keepalive notifiy script.
|
2019-10-26 11:49:12 +02:00 |
Andrea Dell'Amico
|
361f51e152
|
keepalived: differentiate the unicast ip address between configurations.
|
2019-10-25 19:50:17 +02:00 |
Andrea Dell'Amico
|
d53f160afb
|
Set the hostname identical to the inventory hostname if no 'hostname' variable has been defined.
|
2019-10-25 19:49:32 +02:00 |
Andrea Dell'Amico
|
76aa23c024
|
Fix the templates, a 'server' directive was missing.
|
2019-10-25 19:48:41 +02:00 |
Andrea Dell'Amico
|
974f7d893a
|
Role that manages the ntp service.
|
2019-10-25 12:32:10 +02:00 |
Andrea Dell'Amico
|
d812967a1e
|
RH/CentOS: use its own role for ntp.
|
2019-10-25 11:55:14 +02:00 |
Andrea Dell'Amico
|
69c00c4af7
|
Remove the ntp handler.
|
2019-10-25 11:39:43 +02:00 |
Andrea Dell'Amico
|
b967322335
|
The ntp service is managed by its own role now.
|
2019-10-25 11:36:03 +02:00 |
Andrea Dell'Amico
|
e97bb066e8
|
KVM host: install cloud-utils. Download the cloud images of CentOS 7 and Ubuntu Bionic.
|
2019-10-24 19:31:41 +02:00 |
Andrea Dell'Amico
|
6301321e16
|
Add support for imap email support to the redmine role.
|
2019-10-15 15:47:52 +02:00 |
Andrea Dell'Amico
|
be108d20c6
|
elasticsearch: Fix the configuration when version is >= 7.
|
2019-10-14 12:02:40 +02:00 |
Andrea Dell'Amico
|
c760fae448
|
Mediawiki: add tasks that initialize the wiki. Add support for a local memcached server.
|
2019-10-13 15:36:04 +02:00 |
Andrea Dell'Amico
|
a262390283
|
mediawiki: Fix a couple of defaults.
|
2019-10-09 16:38:22 +02:00 |
Andrea Dell'Amico
|
ede935b45d
|
php-fpm: fix the path of the session files.
|
2019-10-09 16:25:05 +02:00 |
Andrea Dell'Amico
|
1ee45a1c54
|
Some changes to the mediawiki role, now with explicit dependencies.
|
2019-10-09 16:11:17 +02:00 |
Andrea Dell'Amico
|
bd54d98a64
|
shinyproxy: increase the default wait time.
|
2019-10-08 14:32:40 +02:00 |
Andrea Dell'Amico
|
4785f2de9f
|
nginx: support TLSv1.3 in the ssl template.
|
2019-10-07 13:17:38 +02:00 |
Andrea Dell'Amico
|
1b75b0bf94
|
Fix the KVM tasks.
|
2019-10-04 18:54:27 +02:00 |
Andrea Dell'Amico
|
b6a3d69d55
|
freeradius: fix the letsencrypt hook name.
|
2019-10-02 14:21:05 +02:00 |
Andrea Dell'Amico
|
a628b04fb3
|
Remove the tasks that mess up with the docker certificates.
|
2019-09-25 03:24:16 +02:00 |
Andrea Dell'Amico
|
c96a81a33c
|
Generate rules for the docker swarm ports.
|
2019-09-25 03:17:42 +02:00 |
Andrea Dell'Amico
|
cdb49768b0
|
Docker: override the systemd unit to enable the http socket needed by the external clients.
|
2019-09-25 03:16:29 +02:00 |
Andrea Dell'Amico
|
4920fb8473
|
shinyproxy: Fix the configuration to correctly set the container backend.
|
2019-09-25 03:14:47 +02:00 |
Andrea Dell'Amico
|
179b0014c2
|
Shinyproxy: support version 2.x. Support docker-swam. Depend on openjdk.
|
2019-09-24 18:29:02 +02:00 |
Andrea Dell'Amico
|
3d55f3d4ac
|
Manage the main interface explicitly while dealing with the ipv6 settings.
|
2019-09-24 18:17:15 +02:00 |
Andrea Dell'Amico
|
751d24740c
|
Docker: Manage a swarm.
|
2019-09-24 18:16:04 +02:00 |
Andrea Dell'Amico
|
ba0a801b25
|
Various fixes to the CKAN role.
|
2019-09-14 16:08:07 +02:00 |
Andrea Dell'Amico
|
36149bc631
|
Make the python3-env role compatible with Ubuntu 18.04.
|
2019-09-06 18:02:22 +02:00 |
Andrea Dell'Amico
|
af6fac7a36
|
Fix the javamelody installation on tomcat.
|
2019-09-04 18:25:31 +02:00 |
Andrea Dell'Amico
|
b33cd02b66
|
Add support for javamelody. On tomcat 8, add commons-daemon.jar. Crash on out of memory when running with JDK 8+.
|
2019-08-14 18:46:03 +02:00 |
Andrea Dell'Amico
|
3a9875e458
|
Adapt the network interfaces check to the modern ifconfig output.
|
2019-08-10 17:34:49 +02:00 |
Andrea Dell'Amico
|
a9f4b58f35
|
nagios nrpe: add additional network interface names that must be checked.
|
2019-08-10 17:34:10 +02:00 |
Andrea Dell'Amico
|
52211d86ce
|
acmetool: pass the correct hooks directory from the command line. Fixes https://redmine-s2i2s.isti.cnr.it/issues/16
|
2019-08-07 19:08:51 +02:00 |
Andrea Dell'Amico
|
a089bc612a
|
openvpn: better management of the native ldap authentication plugin.
|
2019-08-07 18:43:35 +02:00 |
Andrea Dell'Amico
|
b2b1270b85
|
keepalived: Add support for VRRP over unicast. Run the check script using an unprivileged user.
|
2019-08-07 18:40:48 +02:00 |
Andrea Dell'Amico
|
60128ad596
|
powerdns-admin: it now depends on nodejs, and the initialization procedure changed sightly.
|
2019-08-06 15:31:40 +02:00 |
Andrea Dell'Amico
|
e6900dc4ae
|
Replace bind-caching-server with the more generic bind-nameserver.
|
2019-08-05 18:14:21 +02:00 |
Andrea Dell'Amico
|
2834abc140
|
grafana: Change the repository URL. Fix the apt: tasks.
|
2019-08-05 12:06:32 +02:00 |
Andrea Dell'Amico
|
bb1191d585
|
iptables: more flexible NAT rules.
|
2019-08-01 19:17:30 +02:00 |
Andrea Dell'Amico
|
c087d0f412
|
Fix a nagios task, where a loop was not correctly declared.
|
2019-07-30 13:13:47 +02:00 |
Andrea Dell'Amico
|
45fe30699b
|
Add some needed defaults to the python3 role.
|
2019-07-25 16:18:13 +02:00 |
Andrea Dell'Amico
|
460945caf4
|
freeradius: manage the letsencrypt certificates and some basic configuration option.
|
2019-07-17 17:55:47 +02:00 |
Andrea Dell'Amico
|
4f08e78d87
|
Unbound: add more cusomisable fields to the server template.
|
2019-07-17 12:37:43 +02:00 |
Andrea Dell'Amico
|
fd8c325d8e
|
Simple role that installs freeradius and a list of freeradius modules. The configuration must be part of another role or playbook.
|
2019-07-15 18:41:03 +02:00 |
Andrea Dell'Amico
|
c934734053
|
Fix the sftp chroot configuration.
|
2019-07-15 18:14:24 +02:00 |
Tommaso Piccioli
|
9d9f380ebf
|
variable name fix
|
2019-07-10 13:05:44 +02:00 |
Tommaso Piccioli
|
f3651be98d
|
minor fix
|
2019-07-10 12:53:15 +02:00 |
Tommaso Piccioli
|
0ef75e20f1
|
allow remote control from localhost
|
2019-07-10 12:11:10 +02:00 |
Andrea Dell'Amico
|
56c7fd5b17
|
openvpn: restart the service after a certificate renewal.
|
2019-07-03 11:29:51 +02:00 |
Andrea Dell'Amico
|
0d0e4ca39f
|
mysql: disable reverse name resolution by default.
|
2019-07-02 10:41:41 +02:00 |
Andrea Dell'Amico
|
a4c4a1c386
|
Fix the ssl ldif.
|
2019-06-30 15:50:35 +02:00 |
Andrea Dell'Amico
|
4ee9627f56
|
Immediately restart the nrpe service after a configuration change.
|
2019-06-27 18:36:36 +02:00 |
Andrea Dell'Amico
|
63d95a54b3
|
A 'block' directive was missing.
|
2019-06-24 18:33:09 +02:00 |
Andrea Dell'Amico
|
9fd5c932d5
|
Role that installs and configures a simplesaml instance.
|
2019-06-24 18:14:16 +02:00 |
Andrea Dell'Amico
|
a623f414ba
|
Additional cleanup of the php-related variables.
|
2019-06-24 12:23:52 +02:00 |
Andrea Dell'Amico
|
57998a207a
|
Change the default version.
|
2019-06-22 17:05:31 +02:00 |
Andrea Dell'Amico
|
869e783b01
|
Fix the nagios apt usage.
|
2019-06-13 13:33:49 +02:00 |
Andrea Dell'Amico
|
27ae09856c
|
Install the python3 ppa also on Ubuntu 16.04. Use the role to install packages on 18.04 too.
|
2019-06-11 19:15:27 +02:00 |
Andrea Dell'Amico
|
f44b5011c9
|
Set the 'jdk_default' variable in the openjdk role defaults.
|
2019-06-10 14:21:26 +02:00 |
Andrea Dell'Amico
|
f206ba68ef
|
Fix the prometheus systemd unit of the node and haproxy exporters. Again.
|
2019-06-10 14:03:10 +02:00 |
Andrea Dell'Amico
|
be33a29601
|
cleanup the python-env role.
|
2019-06-06 19:13:13 +02:00 |
Andrea Dell'Amico
|
d42f5c5b3c
|
Give the option to force a run of the pip fixer script, on Ubuntu Trusty.
|
2019-06-06 19:10:55 +02:00 |
Andrea Dell'Amico
|
de72fca3f7
|
prometheus node and haproxy exporter: fix the systemd unit.
|
2019-06-05 19:03:35 +02:00 |
Andrea Dell'Amico
|
0277b6a2be
|
update_r_packages: upgrade the dependencies of packaages installed from github without asking for confirmation.
|
2019-06-03 18:27:51 +02:00 |
Andrea Dell'Amico
|
0ac65ddd89
|
Fix the command line options of the haproxy exporter systemd unit.
|
2019-05-31 19:00:55 +02:00 |
Andrea Dell'Amico
|
a45761e931
|
Fix the prometheus user in the systemd service of the haproxy exporter.
|
2019-05-31 18:43:57 +02:00 |
Andrea Dell'Amico
|
2f3b0add6d
|
nagios_isti_plugdir renamed into nagios_local_plugdir.
|
2019-05-31 17:45:44 +02:00 |
Andrea Dell'Amico
|
6fab3bb2ef
|
Unbound: Make it work on Ubuntu bionic and systemd
|
2019-05-30 19:04:52 +02:00 |
Andrea Dell'Amico
|
ff7f2b6188
|
keepalived: do not install the PPA on Ubuntu bionic.
|
2019-05-30 18:18:26 +02:00 |
Andrea Dell'Amico
|
22051c8a21
|
Add the bootstrap roles and some tasks collections.
|
2019-05-15 01:23:45 +02:00 |
Andrea Dell'Amico
|
4cb34462d9
|
Add the CentOS roles. Losing history.
|
2019-05-15 01:22:27 +02:00 |