Andrea Dell'Amico
e9392f9586
haproxy: the default and running version is now 1.8. No http/2 support though, the ubuntu 14.04 openssl version is too old.
2017-12-28 19:04:11 +01:00
Andrea Dell'Amico
4a9636fe3f
haproxy: add a task that increases the dimension of the conntrack table.
2017-12-19 18:01:51 +01:00
Andrea Dell'Amico
907ef0dc0e
haproxy-letsencrypt-acme.sh: Fix the logging commands.
2017-10-30 15:41:33 +01:00
Andrea Dell'Amico
70b1b52976
haproxy: Run the OCSP stapling script after a certificate has been renewed. See https://support.d4science.org/issues/10008
2017-10-30 15:41:33 +01:00
Andrea Dell'Amico
30690a1180
library/roles/haproxy/defaults/main.yml: New haproxy default version, 1.7
2017-07-11 18:37:15 +02:00
Andrea Dell'Amico
fd14293f39
library/roles/haproxy: Support OCSP stapling.
2017-07-11 18:33:27 +02:00
Andrea Dell'Amico
6b8a448c00
library/roles/haproxy/tasks/haproxy-service.yml: Add the update_cache and cache_valid_time parameters to the apt modules.
2017-07-11 18:33:27 +02:00
Andrea Dell'Amico
a0e170b79d
library/roles/haproxy/defaults/main.yml: Define some defaults.
2016-10-20 17:08:48 +02:00
Andrea Dell'Amico
da44ef0eaa
library/roles/haproxy/defaults/main.yml, d4science-ghn-cluster: Cleanup the haproxy_cert_dir mess. Now we have a default.
2016-10-03 18:57:30 +02:00
Andrea Dell'Amico
597db93a0c
library/roles/haproxy: nagios NRPE check that extracts data from the haproxy socket.
2016-08-11 13:02:22 +02:00
Andrea Dell'Amico
4c6df5199e
library/roles/haproxy: Support floating IPs via net.ipv4.ip_nonlocal_bind. Enabled by default.
2016-07-05 12:57:17 +02:00
Andrea Dell'Amico
293b71f036
library/roles: Fix all the letsencrypt hook script. We need to use the FQDN hostname.
2016-06-23 14:05:11 +02:00
Andrea Dell'Amico
46b2d2cae8
library/roles/haproxy: Fixes to the letsencrypt scripts.
...
d4science-infrastructure/roles/redmine: support letsencrypt certificates on the dev redmine virtualhost.
library/roles/apache/tasks/apache-letsencrypt.yml: Support for letsencrypt (acme tool).
library/roles/ubuntu-deb-general/tasks/pki-basics.yml: Do not create the fake certificates if valid ones exist.
2016-04-22 18:03:57 +02:00
Andrea Dell'Amico
b382db3b25
d4science-infrastructure/group_vars/ldap_liferay/all.yml: Enable ssl with the use of letsencrypt certificates.
...
library/roles/haproxy/files: Fix to the acme scripts, the certificate path has become /etc/pki/haproxy/haproxy.pem.
library/roles/openldap-server/tasks/openldap_initializazion.yml: Fix the certificates initialization.
library/roles/ubuntu-deb-general/tasks/pki-basics.yml: Create a self signed certificate while waiting the letsencrypt one.
2016-04-20 15:21:19 +02:00
Andrea Dell'Amico
908e7adce4
library/roles/letsencrypt-acmetool-client/tasks/main.yml: More fixes to the tasks and the scripts. It now works correctly against haproxy.
2016-04-18 17:01:05 +02:00
Andrea Dell'Amico
8fde6bb113
library/roles/haproxy/tasks: Fix to the letsencrypt hooks handling.
...
library/roles/letsencrypt-acmetool-client/tasks: Do not fail if the quickstart does not succeed. The web service could be not configured yet.
2016-04-16 18:48:54 +02:00
Andrea Dell'Amico
3085c6b817
library/roles/letsencrypt-acmetool-client/defaults/main.yml: Fix the hooks path
...
library/roles/haproxy: Scripts and tasks to add support for the acme letsencrypt tool.
2016-04-14 19:31:02 +02:00
Andrea Dell'Amico
5fc3c9964d
library/roles/letsencrypt-client: Various fixes to the scripts.
...
library/roles/haproxy: callback that manages the certificates renewal from letsencrypt. Fixes https://support.d4science.org/issues/3258
2016-04-13 19:53:35 +02:00
Andrea Dell'Amico
2cd71c9e10
library/roles/haproxy: Change the default version to 1.6
2016-04-07 18:34:43 +02:00
Andrea Dell'Amico
572cbf3fc5
d4science-ghn-cluster/group_vars/*/r-packages.yml: Fix the dataminer r-packages order installation.
...
d4science-ghn-cluster/inventory/hosts.production: Production dataminer hostnames.
2015-12-16 13:50:18 +01:00
Andrea Dell'Amico
7793d60938
library/roles/haproxy: reload rsyslog after having installed haproxy. A new rsyslog directive is installed and a reload is needed to activate it.
2015-12-11 16:43:53 +01:00
Andrea Dell'Amico
62193883ee
library/roles/haproxy: list of web resources to configuration hints.
2015-10-23 16:03:11 +02:00
Andrea Dell'Amico
6991b1abc4
d4science-ghn-cluster: setup an haproxy frontend for the couchdb cluster.
2015-10-22 19:09:18 +02:00
Andrea Dell'Amico
d222d0cfdc
dnet-mincyt: new VM to host the portal. Fixes to the apache virtualhosts generation tasks.
...
library/roles/dnet_user_services_perms: New roles to configure the VM permissions in a way that allows playing with tomcat without been root.
infrastructure-services: First bits of nagios configuration for the infrastructure services.
2015-07-13 17:54:21 +02:00
Andrea Dell'Amico
d37840100e
Various fixes to the library roles.
2015-07-13 14:17:42 +02:00
Andrea Dell'Amico
93be7129fe
library/roles: roles added for memcache and revive-adserver. Various fixes to the haproxy, php-fpm, varnish and yii roles.
2015-05-31 19:35:38 +02:00
Andrea Dell'Amico
73d37f81a6
Major refactoring. Moved all the library roles under 'library/roles' and changed all the occurrances inside all the playbooks.
2015-05-28 11:32:57 +02:00