Commit Graph

27 Commits

Author SHA1 Message Date
Andrea Dell'Amico e9392f9586 haproxy: the default and running version is now 1.8. No http/2 support though, the ubuntu 14.04 openssl version is too old. 2017-12-28 19:04:11 +01:00
Andrea Dell'Amico 4a9636fe3f haproxy: add a task that increases the dimension of the conntrack table. 2017-12-19 18:01:51 +01:00
Andrea Dell'Amico 907ef0dc0e haproxy-letsencrypt-acme.sh: Fix the logging commands. 2017-10-30 15:41:33 +01:00
Andrea Dell'Amico 70b1b52976 haproxy: Run the OCSP stapling script after a certificate has been renewed. See https://support.d4science.org/issues/10008 2017-10-30 15:41:33 +01:00
Andrea Dell'Amico 30690a1180 library/roles/haproxy/defaults/main.yml: New haproxy default version, 1.7 2017-07-11 18:37:15 +02:00
Andrea Dell'Amico fd14293f39 library/roles/haproxy: Support OCSP stapling. 2017-07-11 18:33:27 +02:00
Andrea Dell'Amico 6b8a448c00 library/roles/haproxy/tasks/haproxy-service.yml: Add the update_cache and cache_valid_time parameters to the apt modules. 2017-07-11 18:33:27 +02:00
Andrea Dell'Amico a0e170b79d library/roles/haproxy/defaults/main.yml: Define some defaults. 2016-10-20 17:08:48 +02:00
Andrea Dell'Amico da44ef0eaa library/roles/haproxy/defaults/main.yml, d4science-ghn-cluster: Cleanup the haproxy_cert_dir mess. Now we have a default. 2016-10-03 18:57:30 +02:00
Andrea Dell'Amico 597db93a0c library/roles/haproxy: nagios NRPE check that extracts data from the haproxy socket. 2016-08-11 13:02:22 +02:00
Andrea Dell'Amico 4c6df5199e library/roles/haproxy: Support floating IPs via net.ipv4.ip_nonlocal_bind. Enabled by default. 2016-07-05 12:57:17 +02:00
Andrea Dell'Amico 293b71f036 library/roles: Fix all the letsencrypt hook script. We need to use the FQDN hostname. 2016-06-23 14:05:11 +02:00
Andrea Dell'Amico 46b2d2cae8 library/roles/haproxy: Fixes to the letsencrypt scripts.
d4science-infrastructure/roles/redmine: support letsencrypt certificates on the dev redmine virtualhost.
library/roles/apache/tasks/apache-letsencrypt.yml: Support for letsencrypt (acme tool).
library/roles/ubuntu-deb-general/tasks/pki-basics.yml: Do not create the fake certificates if valid ones exist.
2016-04-22 18:03:57 +02:00
Andrea Dell'Amico b382db3b25 d4science-infrastructure/group_vars/ldap_liferay/all.yml: Enable ssl with the use of letsencrypt certificates.
library/roles/haproxy/files: Fix to the acme scripts, the certificate path has become /etc/pki/haproxy/haproxy.pem.
library/roles/openldap-server/tasks/openldap_initializazion.yml: Fix the certificates initialization.
library/roles/ubuntu-deb-general/tasks/pki-basics.yml: Create a self signed certificate while waiting the letsencrypt one.
2016-04-20 15:21:19 +02:00
Andrea Dell'Amico 908e7adce4 library/roles/letsencrypt-acmetool-client/tasks/main.yml: More fixes to the tasks and the scripts. It now works correctly against haproxy. 2016-04-18 17:01:05 +02:00
Andrea Dell'Amico 8fde6bb113 library/roles/haproxy/tasks: Fix to the letsencrypt hooks handling.
library/roles/letsencrypt-acmetool-client/tasks: Do not fail if the quickstart does not succeed. The web service could be not configured yet.
2016-04-16 18:48:54 +02:00
Andrea Dell'Amico 3085c6b817 library/roles/letsencrypt-acmetool-client/defaults/main.yml: Fix the hooks path
library/roles/haproxy: Scripts and tasks to add support for the acme letsencrypt tool.
2016-04-14 19:31:02 +02:00
Andrea Dell'Amico 5fc3c9964d library/roles/letsencrypt-client: Various fixes to the scripts.
library/roles/haproxy: callback that manages the certificates renewal from letsencrypt. Fixes https://support.d4science.org/issues/3258
2016-04-13 19:53:35 +02:00
Andrea Dell'Amico 2cd71c9e10 library/roles/haproxy: Change the default version to 1.6 2016-04-07 18:34:43 +02:00
Andrea Dell'Amico 572cbf3fc5 d4science-ghn-cluster/group_vars/*/r-packages.yml: Fix the dataminer r-packages order installation.
d4science-ghn-cluster/inventory/hosts.production: Production dataminer hostnames.
2015-12-16 13:50:18 +01:00
Andrea Dell'Amico 7793d60938 library/roles/haproxy: reload rsyslog after having installed haproxy. A new rsyslog directive is installed and a reload is needed to activate it. 2015-12-11 16:43:53 +01:00
Andrea Dell'Amico 62193883ee library/roles/haproxy: list of web resources to configuration hints. 2015-10-23 16:03:11 +02:00
Andrea Dell'Amico 6991b1abc4 d4science-ghn-cluster: setup an haproxy frontend for the couchdb cluster. 2015-10-22 19:09:18 +02:00
Andrea Dell'Amico d222d0cfdc dnet-mincyt: new VM to host the portal. Fixes to the apache virtualhosts generation tasks.
library/roles/dnet_user_services_perms: New roles to configure the VM permissions in a way that allows playing with tomcat without been root.
infrastructure-services: First bits of nagios configuration for the infrastructure services.
2015-07-13 17:54:21 +02:00
Andrea Dell'Amico d37840100e Various fixes to the library roles. 2015-07-13 14:17:42 +02:00
Andrea Dell'Amico 93be7129fe library/roles: roles added for memcache and revive-adserver. Various fixes to the haproxy, php-fpm, varnish and yii roles. 2015-05-31 19:35:38 +02:00
Andrea Dell'Amico 73d37f81a6 Major refactoring. Moved all the library roles under 'library/roles' and changed all the occurrances inside all the playbooks. 2015-05-28 11:32:57 +02:00