3f9de759aa
mariadb: Initial version of role
2021-03-31 22:15:29 +00:00
61d4754bf1
rsyslog: Use advanced configuration format for UDP listen
2021-03-31 06:15:56 +00:00
c58b73e3c7
Add zm.foo.sh virtual host to proxies
2021-03-30 19:59:50 +00:00
83bb469927
Add zm01 host and related group
2021-03-30 19:59:19 +00:00
f2ea5bbae0
Connect to print servers CUPS directly
2021-03-30 16:15:34 +00:00
e345e29b19
cups/server: Remove nginx frontend proxy
2021-03-30 16:14:52 +00:00
a7f22619f9
collab: Force install commands to use python2
2021-03-30 14:46:51 +00:00
e21753a7c8
ldap/server: Tighten LDAP TLS settings
2021-03-30 14:20:46 +00:00
6a5d6b4459
Don't hardcode hostnames into playbooks
2021-03-30 14:16:20 +00:00
caa8a23d13
Add ifstated to home gw hosts
2021-03-26 17:20:55 +00:00
e31769a606
ifstated: Use templating for ifstated configurations
2021-03-26 16:45:26 +00:00
baa768fe53
Don't get DNS servers and domain name from DHCP on gw hosts
2021-03-26 16:36:44 +00:00
8d234782df
Add unbound to gw hosts
2021-03-25 21:50:09 +00:00
12ec078011
unbound: Add OpenBSD support
2021-03-25 21:49:20 +00:00
16955006d1
Open munin-node from print and jenkins hosts
2021-03-25 20:06:28 +00:00
e816bf368f
Document packages for adm hosts and add nsd for dns zone validation
2021-03-25 19:19:48 +00:00
df7fb3eef4
Add missing groups to master playbook
2021-03-25 18:29:07 +00:00
2eee00bea9
Fix typo from nms hosts
2021-03-25 18:17:59 +00:00
2c5ffd666b
Fix ordering for print hosts
...
Cannot create keytab for cups before cups is installed due to missing
/etc/cups directory.
2021-03-25 18:17:16 +00:00
786b7f8549
Add unbound to nms hosts
2021-03-25 17:41:25 +00:00
37bfd27551
Add unbound for print hosts
2021-03-25 17:40:49 +00:00
32bcba70cb
Add VIP address to print hosts
2021-03-25 17:39:31 +00:00
c41495066b
unbound: Initial version of role
2021-03-25 17:38:21 +00:00
1efe20a55c
Style fixes and cleanup for nms hosts
2021-03-25 17:21:03 +00:00
b776431baf
network: Add support to force DNS servers for interface
...
Previously DNS servers could be set for interface but they were used only
when interface address was set to static. This change allow to set (or
remove) DNS servers for interfaces regardles of IP address method.
2021-03-25 15:38:00 +00:00
25c4b3182a
Add convmv to shell hosts for converting charsets of filenames
2021-03-24 23:28:04 +00:00
4dcb2df22b
nfs-server: ShellCheck fixes
2021-03-24 05:55:14 +00:00
befa371fdc
nfs-server: Allow role/home autocreation run more often
...
1. Implemented locking for scripts so only one instance is running
simultaneously. This will also remove stale lock file if found.
2. Use LDAP contextCSN value to determine if we need to run script
at all. Previous contextCSN is stored in state file which will
be cleaned during reboots. If state file is not found direcotries
are scanned in normal way.
2021-03-24 05:48:04 +00:00
169750eb0e
base: Add S.M.A.R.T disk monitoring to physical hosts
2021-03-23 22:36:52 +00:00
226c624328
base: Add lm_sensors to physical hosts
2021-03-23 22:29:11 +00:00
f7025a7a06
lm_sensors: Initial version of role
2021-03-23 22:28:50 +00:00
8c03eb0a25
Add jenkins.foo.sh
2021-03-23 21:45:25 +00:00
1361dcd01c
Add jenkins01.home.foo.sh
2021-03-23 21:45:02 +00:00
7258cb04fd
jenkins: Initial version of role
2021-03-23 21:44:35 +00:00
7461384816
Remove db01.home.foo.sh
2021-03-23 19:46:52 +00:00
5c0d6fe84f
munin-node: Fix dependencies for Fedora
2021-03-23 18:15:44 +00:00
e048e97abc
Fix Fedora installs and upgrade to version 33
2021-03-23 17:54:12 +00:00
1e69b21b08
Add db01.home.foo.sh
2021-03-23 17:15:02 +00:00
5282a19463
nfs-server: Add autocreate support for home/role directories
2021-03-23 17:01:39 +00:00
cc3f8748a0
Disable IPv6 on lan network for shell hosts
2021-03-23 16:32:10 +00:00
786b8699ff
network: Fix disabling IPv6 address on RHEL
...
When setting IPv6 addr to none interfaces were still autoconfigured
using router advertisements. This is now fixed.
2021-03-23 16:30:57 +00:00
89eec4e1c5
nginx/site: Disable certificate check when we have multiple backends
...
Nginx requires that all backend certificates need to match name defined
in ProxyPass directive:
https://trac.nginx.org/nginx/ticket/1307
2021-03-23 15:55:01 +00:00
90ccb41fd3
Allow CARP advertisemens from firewall on ns hosts
2021-03-23 06:55:44 +00:00
00088239fa
thinlinc-server: Use Let's Encrypt certs if available
2021-03-22 21:04:37 +00:00
ca3270d89b
nginx/server: Use SNI when connecting to backend servers
2021-03-22 20:59:03 +00:00
dd6fca4270
Add certificate validation support for shell hosts
2021-03-22 20:36:37 +00:00
147c8d4db5
nginx/server: Add plaintext HTTP server support for cert validation
2021-03-22 20:35:38 +00:00
65e34954f0
thinlinc-server: Tighten up TLS settings
2021-03-22 19:51:52 +00:00
67560714d8
Open HTTP and HTTPS ports from shell hosts.
2021-03-22 19:05:07 +00:00
480db886ca
thinlinc-server: Add web access configuration
...
Still lacks support for real certificates.
2021-03-22 19:03:09 +00:00
