b1c135974e
Add production ready playbooks to master playbook
2021-03-16 23:01:49 +00:00
6a712f7737
sendmail: Add newalises handler support
2021-03-16 22:46:42 +00:00
7febf3bda5
nginx/server: Use mozilla recommended ssl settings
2021-03-16 22:45:21 +00:00
55855d7c15
Start working on replicated fsol gw
...
* Add fsol01 host
* Move everything to fsol01 for now
* Add pfsync interface
* Try to fix firewall rules with correct no-sync options
2021-03-16 22:41:58 +00:00
d41d59a0d4
Move loghost to vmhost01 and increase data disk size
2021-03-16 21:02:33 +00:00
1ad8a4e3f8
ldap_netdb: Fix dependencies
2021-03-16 20:17:56 +00:00
cad340750b
ldap_gravatar: Fix dependencies
2021-03-16 20:17:28 +00:00
c7bc132d11
Add ldap_gravatar role to primary ldap server
2021-03-16 19:19:23 +00:00
015de5a8df
ldap_gravatar: Initial version of role
2021-03-16 19:18:55 +00:00
b841119e1a
Don't hardcode ip addressses. Use netgroups instead.
2021-03-16 17:54:52 +00:00
5783675589
sendmail: Restart sendmail after config changes
2021-03-16 17:22:54 +00:00
bfc59bfb2d
sendmail: Fix hostname part from kerberos principal
2021-03-16 17:21:51 +00:00
35b919910f
sendmail: Remove duplicate config option
2021-03-16 17:21:30 +00:00
c1ee7e81d0
saslauthd: Convert ldap to use fastbind
...
Seems that cert auth always returns success even for invalid passwords. :)
2021-03-16 11:51:10 +00:00
0f6d33072e
sendmail: Better ordering for auth mechanisms
2021-03-16 09:26:47 +00:00
e5a47f1511
Add ns01.home.foo.sh
2021-03-16 08:45:50 +00:00
ded4730735
sendmail: Add dhparams
2021-03-16 08:31:15 +00:00
ac3ac750c1
sendmail: Don't hardcode tls key and cert paths
2021-03-16 08:27:23 +00:00
183208afff
dovecot: Use Mozilla intermediate ssl settings
2021-03-16 07:30:29 +00:00
2f2db828b2
dhparams: Helper role to copy dhparams file to hosts
2021-03-16 07:30:02 +00:00
9acebe47c6
Add irssi to shell hosts
2021-03-16 03:05:50 +00:00
a7795193e7
dovecot: Fix permissons from kerberos keytab
2021-03-16 02:57:20 +00:00
b87092ccca
Add static01.home.foo.sh
2021-03-16 02:30:16 +00:00
9ffe1dc3c0
Add shell01.home.foo.sh
2021-03-16 02:15:24 +00:00
2f39d6ebf9
kvm-host: Add virt-top
2021-03-16 01:19:23 +00:00
7fbd201242
kvm-host: Add base libvirt packages not just daemon
2021-03-16 01:09:23 +00:00
190d09e783
Use sssd instead of nslcd on nas hosts
2021-03-16 01:00:55 +00:00
5495eb0827
Preallocate data disks when during privisioning
2021-03-16 01:00:11 +00:00
46e8a2444d
Move mailhost to correct ip address
2021-03-16 00:57:27 +00:00
3ad51924eb
Add fsol02.home.foo.sh
2021-03-16 00:56:59 +00:00
f73ca08805
bird: Initial version of role
2021-03-16 00:56:00 +00:00
644299f49a
openvpn: Initial version of role
2021-03-16 00:55:43 +00:00
e0c70ad530
Add vmhost01.home.foo.sh
2021-03-16 00:54:22 +00:00
5e60aa56aa
Remove jumphosts from adm ssh config
2021-03-16 00:24:03 +00:00
a5f846720f
Add roles-lists to mail hosts
2021-03-12 17:10:19 +00:00
32e4f82ff2
roles-lists: Initial version of role
...
Add support for archiving mailing lists from roles.
2021-03-12 17:09:46 +00:00
cb4292f5d0
clamav: Fix enabling and starting service
...
Correct way to enable instantiated services is to just run
"systemctl enable name@arg.service". This will automatically create
required service files based on "name@.service". Disabling service
again removes required files.
2021-03-12 16:17:50 +00:00
2f01f32259
selinux: Create drop-in directory for custom selinx modules
2021-03-12 15:57:26 +00:00
05ba87ae88
Add opencollab to shell hosts
2021-03-12 15:46:05 +00:00
3eff758f5c
opencollab: Initial version of role
...
This will download opencollab from github and install it with pip2.
Unfortunately ansible pip only checks if module is installed so
new versions are not updated automatically.
Running "pip2 uninstall opencollab" should trigger update on next
ansible run.
2021-03-12 15:41:44 +00:00
8a5d3cde28
nginx/server: Wait for network before starting service
2021-03-12 09:11:52 +00:00
61dbae4228
base: Fix typo
2021-03-11 21:16:08 +00:00
eb81b512b2
autofs: Try to improve NFS performance
2021-03-11 21:08:23 +00:00
9240dda9bd
Convert thunderbird to role in shell hosts
2021-03-11 21:08:08 +00:00
72e24d725d
thunderbird: Initial version of role
...
Only disables saving passwords for now.
2021-03-11 21:07:29 +00:00
9f4d15e041
Add firefox to shell hsots
2021-03-11 20:26:52 +00:00
7c3d24d2c8
firefox: Initial version of role
...
* Install firefox
* Set homepage to https://www.foo.sh
* Disable password manager
2021-03-11 20:25:59 +00:00
da2440a2af
Move shell hosts back to NFS mounte home directories
...
Use static ip for lan network for now to get NFS access to home
directories. Still require kerberos for role directories.
2021-03-11 19:27:21 +00:00
6cd2a5bbe5
sendmail: Move mail spool under /export hierarcy
2021-03-11 17:39:27 +00:00
5b03f74903
sendmail: Use cert and cert chain file seperately
...
For some reason sendmail didn't like fullchain file so seperate them.
2021-03-11 17:28:21 +00:00
