Commit Graph

1542 Commits

Author SHA1 Message Date
Andrea Dell'Amico 52fc34bd95 library/roles/openvpn: Installs and configure a openvpn service. 2016-06-11 16:57:29 +02:00
Andrea Dell'Amico b465587c3c library/roles/iptables/templates/iptables-rules.v4.j2: fix the template so that it manages NAT correctly. 2016-06-11 16:56:12 +02:00
Andrea Dell'Amico 1dbe0c9209 library/roles/iptables: Manage NAT and different defaults for INPUT and FORWARD chains. 2016-06-11 15:24:48 +02:00
Andrea Dell'Amico e2a75c2e8e library/roles/postgresql: Some cleanup of the recovery scripts. 2016-06-09 18:47:35 +02:00
Andrea Dell'Amico 98689422b6 library/roles/postgresql: complete the WAL setup needed by pgpool. Fix the pgpool recovery scripts. Fix the pgpool and postgres recovery configuration, users and pgpool functions.
d4science-ghn-cluster/group_vars/postgres_pgpool_test: Add a password for the postgresql postgres user.
2016-06-09 16:49:41 +02:00
Andrea Dell'Amico 79e8312f16 library/roles/R/defaults/main.yml: Link to an untested Ubuntu R packages PPA 2016-06-09 16:49:41 +02:00
Andrea Dell'Amico cae4d2a7f7 library/roles/postgresql/tasks/pgpool-ii.yml: Fix the pcp.conf installation. 2016-06-08 15:27:54 +02:00
Andrea Dell'Amico 17c3d09e4e library/roles/postgresql/templates/pgpool.conf.j2: Fix the recovery password settings 2016-06-08 15:23:07 +02:00
Andrea Dell'Amico 64f27c2b98 library/roles/python-virtualenv/defaults/main.yml: More generic example. 2016-06-08 13:35:07 +02:00
Andrea Dell'Amico 1533c860c3 library/roles/postgresql: Lots of changes to implement the pgpool installation better.
d4science-ghn-cluster/group_vars/postgres_pgpool_test: Changed some variables.
2016-06-07 18:27:33 +02:00
Tommaso Piccioli 6b711b6535 munin IP entry fixed 2016-06-06 17:04:01 +02:00
Andrea Dell'Amico 67d18d6078 library/roles/postgresql/handlers/main.yml: the pgpool reload exits with a weird state even when it's succesfull. 2016-06-01 15:29:40 +02:00
Andrea Dell'Amico 657a975732 d4science-ghn-cluster: new pgpool hosts.
library/roles/grafana: move the role out of the tick directory.
infrastructure-services: fix the virtualhosts for letsencrypt.
2016-05-31 19:29:31 +02:00
Andrea Dell'Amico ae7ec8a9b7 library/roles/piwik/tasks/main.yml: The archive cron job is installed conditionally.
infrastructure-services/roles/analytics: Run the log import job as piwik user.
2016-05-31 17:23:58 +02:00
Andrea Dell'Amico a21d62af25 library/roles/letsencrypt-acmetool-client/tasks/main.yml: workaround for the distributions that do not have binaries capabilities support.
d4science-ghn-cluster: install letsencrypt certificates on the iMarine portal.
2016-05-28 16:31:52 +02:00
Andrea Dell'Amico b861552351 library/roles/letsencrypt-acmetool-client: New variable, default, true. If set to false the repository package installation is skipped. Useful to manage unsupported distributions. 2016-05-28 15:04:01 +02:00
Andrea Dell'Amico 1309a27c2e library/roles/tomcat-multiple-instances/defaults/main.yml: Defaults for autodeploy and autounpack. 2016-05-26 18:59:13 +02:00
Andrea Dell'Amico 93de42a333 d4science-ghn-cluster: new infra dev VM. liferay cluster.
library/roles/iptables: snippet for the multicast part of tomcat clustering.
2016-05-25 15:56:05 +02:00
Tommaso Piccioli eff0a9746c couchbase dev hosts 2016-05-20 16:56:27 +02:00
Andrea Dell'Amico d6fabdc929 d4science-ghn-cluster/roles/smartgears/defaults/main.yml: Unpack war files by default. 2016-05-19 19:22:52 +02:00
Andrea Dell'Amico e51eda1197 dnet-efg: java 8 and solr 5.5. 2016-05-19 18:54:48 +02:00
Sandro La Bruzzo 51b5737984 added playbook for the installation of the new instance of solr 2016-05-19 16:13:56 +02:00
Tommaso Piccioli 74e1171063 new Grafana host 2016-05-10 16:31:42 +02:00
Andrea Dell'Amico efc1bf6e0f library/roles/gerrit: Role to install gerrit.
infrastructure-services/group_vars/code_repo/code_repo.yml: Install gerrit on the code-repo server.
2016-05-06 19:51:33 +02:00
Andrea Dell'Amico 5e6406b1df d4science-ghn-cluster/group_vars/tagme: Install as smartgears node.
d4science-ghn-cluster/elasticsearch-cluster.yml: New elasticsearch node for the production environment.
d4science-ghn-cluster/smartgears-node*.yml: separate the standard and "upgrade" playbooks.
2016-05-06 16:27:32 +02:00
Andrea Dell'Amico 34963cc94d library/roles/letsencrypt-acmetool-client: Fix the initialization procedure.
library/roles/ubuntu-deb-general/tasks/pki-basics.yml: A link to the fullchain was missing.
2016-05-06 13:22:34 +02:00
Andrea Dell'Amico 19508aee71 library/roles/ubuntu-deb-general: Fix the certificates' link paths. 2016-05-06 11:42:06 +02:00
Andrea Dell'Amico 6fd104026f library/roles/opencpu: Role that installs opencpu.
d4science-ghn-cluster: Install opencpu on opencpu-d4s.d4science.org. Create a reverse proxy rule on access.d4science.org.
2016-05-05 19:34:43 +02:00
Andrea Dell'Amico 41a279eff2 library/roles/ckan/defaults/main.yml: the ldap plugin wants python-ldap installed by pip. 2016-05-05 13:04:05 +02:00
Andrea Dell'Amico 39f1bbcef7 infrastructure-services/code-repo.yml: Add letsencrypt to manage the ssl certificates.
library/roles/nginx/templates/letsencrypt-proxy.conf.j2: Fix the nginx config, again.
2016-04-27 18:37:24 +02:00
Andrea Dell'Amico 37541e3126 d4science-ghn-cluster/roles/ckan: Handle ssl (letsencrypt).
library/roles/ckan: Fix the indexer cron job. Add support for running the gather and fetcher processes as daemons. Tasks to install the ldap plugin.
2016-04-27 16:45:09 +02:00
Andrea Dell'Amico f74f453a09 library/roles/nginx/templates/letsencrypt-proxy.conf.j2: Fix the letsencrypt configuration. 2016-04-27 16:45:09 +02:00
Andrea Dell'Amico 0bff1d735f library/roles/letsencrypt-acmetool-client/tasks/main.yml: Fix a typo. The fakecert key was not removed. 2016-04-27 16:45:09 +02:00
Andrea Dell'Amico 083d71b4d4 library/roles/nginx: letsencrypt hook and configuration for letsencrypt. See https://support.d4science.org/issues/3260. 2016-04-22 18:55:20 +02:00
Andrea Dell'Amico c17622a734 library/roles/apache/defaults/main.yml: set apache_letsencrypt_managed to true by default. 2016-04-22 18:27:51 +02:00
Andrea Dell'Amico 22e69a2c8e library/roles/apache: Use a variable to decide if apache will use the letsencrypt certificates or not. 2016-04-22 18:16:45 +02:00
Andrea Dell'Amico 46b2d2cae8 library/roles/haproxy: Fixes to the letsencrypt scripts.
d4science-infrastructure/roles/redmine: support letsencrypt certificates on the dev redmine virtualhost.
library/roles/apache/tasks/apache-letsencrypt.yml: Support for letsencrypt (acme tool).
library/roles/ubuntu-deb-general/tasks/pki-basics.yml: Do not create the fake certificates if valid ones exist.
2016-04-22 18:03:57 +02:00
Andrea Dell'Amico b382db3b25 d4science-infrastructure/group_vars/ldap_liferay/all.yml: Enable ssl with the use of letsencrypt certificates.
library/roles/haproxy/files: Fix to the acme scripts, the certificate path has become /etc/pki/haproxy/haproxy.pem.
library/roles/openldap-server/tasks/openldap_initializazion.yml: Fix the certificates initialization.
library/roles/ubuntu-deb-general/tasks/pki-basics.yml: Create a self signed certificate while waiting the letsencrypt one.
2016-04-20 15:21:19 +02:00
Andrea Dell'Amico 7581a03035 library/roles/mongodb-org/defaults/main.yml: Document the use of --setParameter newCollectionsUsePowerOf2Sizes=false 2016-04-19 19:08:41 +02:00
Andrea Dell'Amico 908e7adce4 library/roles/letsencrypt-acmetool-client/tasks/main.yml: More fixes to the tasks and the scripts. It now works correctly against haproxy. 2016-04-18 17:01:05 +02:00
Andrea Dell'Amico bbe5258949 library/roles/letsencrypt-acmetool-client/templates/responses.j2: added the staging site to the responses template. 2016-04-17 14:20:44 +02:00
Andrea Dell'Amico 8fde6bb113 library/roles/haproxy/tasks: Fix to the letsencrypt hooks handling.
library/roles/letsencrypt-acmetool-client/tasks: Do not fail if the quickstart does not succeed. The web service could be not configured yet.
2016-04-16 18:48:54 +02:00
Andrea Dell'Amico bb862c8405 library/roles/openldap-server: Support for ssl when letsencrypt is enabled using the letsencrypt-acme-tool role. 2016-04-15 20:33:23 +02:00
Andrea Dell'Amico 37ff28468e library/roles/letsencrypt-acmetool-client/templates/cert-requirements.j2: rsa key dimension.
d4science-infrastructure/group_vars/ldap_liferay_dev/all.yml: openldap on ubuntu/debian is linked to gnuTLS and does not support ecdsa keys.
2016-04-15 20:03:05 +02:00
Andrea Dell'Amico 3085c6b817 library/roles/letsencrypt-acmetool-client/defaults/main.yml: Fix the hooks path
library/roles/haproxy: Scripts and tasks to add support for the acme letsencrypt tool.
2016-04-14 19:31:02 +02:00
Andrea Dell'Amico 8b31ee9e9a library/roles/letsencrypt-acmetool-client/templates/acme-sudoers.j2: Fix the directory path. 2016-04-14 19:10:13 +02:00
Andrea Dell'Amico 3fb8d41878 library/roles/letsencrypt-acmetool-client: Letsencrypt acmetool client. Better than the original one, can run as an unprivileged user. See https://support.d4science.org/issues/3164 2016-04-14 19:08:33 +02:00
Andrea Dell'Amico 7ba50614ff library/roles/ubuntu-deb-general/tasks/packages.yml: Install software-properties-common on Ubuntu. 2016-04-14 14:57:29 +02:00
Andrea Dell'Amico 5fc3c9964d library/roles/letsencrypt-client: Various fixes to the scripts.
library/roles/haproxy: callback that manages the certificates renewal from letsencrypt. Fixes https://support.d4science.org/issues/3258
2016-04-13 19:53:35 +02:00
Andrea Dell'Amico fd5a10b0e8 d4science-ghn-cluster/group_vars/infra_gateway_dev/infra-gateway-dev.yml: List the hostnames that will be added to the certificate request.
library/roles/letsencrypt-client: Some fixes.
2016-04-13 17:02:44 +02:00