5d83306491
munin-master: Force TLS when connecting to nodes
2021-03-18 16:55:34 +00:00
15fec6b391
munin-master: Start munin cron job not just enable
2021-03-18 11:29:56 +00:00
5752bed415
munin-master: Remove localhost node
2021-03-18 11:07:47 +00:00
3e6c523b2f
Require authentication on munin web interface
2021-03-18 11:02:29 +00:00
9f3ff39286
mod_auth_gssapi: SELinux fixes for CentOS 8
2021-03-18 11:02:01 +00:00
5eda17494d
mod_auth_gssapi: Set keytab path in environment variables
2021-03-18 11:01:19 +00:00
40e4157349
Add lynx and elinks text browsers to shell hosts
2021-03-18 06:47:52 +00:00
5edd1f2a48
Add powertools repo to shell hosts
2021-03-18 06:31:15 +00:00
3ae49d7277
Add support for GSSAPI auth to munin
2021-03-18 00:36:07 +00:00
5d9bc1608f
mod_auth_gssapi: Fix keytab path config for CentOS 8
...
CentOS 8 doesn't apache doesn't read /etc/sysconfig/httpd anymore so
try to set keytab path location in apache config files.
2021-03-18 00:28:33 +00:00
a591bd7e0e
Add munin.foo.sh site to proxies
2021-03-18 00:01:48 +00:00
ff87fa1151
Add munin host
2021-03-18 00:01:15 +00:00
cab7f424d5
munin-master: Initial version of role, WIP
2021-03-18 00:00:01 +00:00
71d392a556
powertools: Initial version of module
2021-03-17 22:45:13 +00:00
1a148b957f
Add gnupg1 to shell hosts
2021-03-17 22:22:14 +00:00
9675485eda
git/server: Fix typo from task name
2021-03-17 21:32:34 +00:00
58de72e85a
git: Convert to CentOS 8 and Apache
...
* Update git hosts to CentOS 8
* Drop nslscd and use sssd instead
* Change nginx to apache for future GSSAPI support
* Fix SELinux contexts from git data directory
2021-03-17 21:29:47 +00:00
51aede7c00
Rename fsol?? hosts to fsol-gw??
2021-03-17 21:28:49 +00:00
77ee001c54
Don't store shell host ip to known_hosts in adm
2021-03-17 21:03:14 +00:00
3d885de573
ifstated: Fix fireall problems when fsol-gw is booted
...
For some reason firewall rules are not correctly loaded during boot
so reload them when ifstated starts.
2021-03-17 20:31:41 +00:00
4072abf55e
Use random mac for fsol01 in dna interface
2021-03-17 20:18:00 +00:00
887d4872d9
ifstated: Cannot validate config during provisioning
...
Network is restarted at the end of play run so ifstated validation
fails due to missing interfaces.
2021-03-17 19:05:01 +00:00
37ef5eb504
ifstated: Validate config before restarting
2021-03-17 18:48:41 +00:00
18a4c592ce
bird: Restart bird after config changes
2021-03-17 18:44:11 +00:00
00c204912f
bird: Remove leftover vim swap file
2021-03-17 18:42:02 +00:00
7b9c0b1f4d
Add ifstated to fsol-gw hosts
2021-03-17 18:41:25 +00:00
9d03799d40
Add pfsync0 interface to fsol-gw hosts
2021-03-17 18:36:00 +00:00
7175dc85b8
pf: Allow carp traffic on fsol-gw hosts
2021-03-17 18:30:09 +00:00
e37fd4eb8f
Move future pfsync to different subnet/vlan
2021-03-17 18:13:52 +00:00
01dc86e3e2
bird: Use dynamic router id
2021-03-17 18:13:23 +00:00
46281c0ca7
Dont store vim swap files to git
2021-03-17 18:07:10 +00:00
8c5770c79a
Fix warnings from git data directory mount options
2021-03-17 05:58:00 +00:00
635a867068
syslog: Fix syntax warnings from log backup cron job
2021-03-17 05:41:12 +00:00
08c62bd21b
ldap/server: Fix syntax warnings about cron job
2021-03-17 05:40:20 +00:00
72dabd40d1
Fix warnings from ldap01 mount
2021-03-17 05:37:10 +00:00
a745cdb3ee
sshd: Remove some unused and potentially dangerous features
2021-03-17 05:20:41 +00:00
282fbcb932
sshd: Disable CentOS 8+ crypto policies for sshd
2021-03-17 05:17:53 +00:00
6858706c0b
base: Remove ssh handler as it's now in own role
2021-03-17 05:16:11 +00:00
0172750ca1
sshd: Move ssh deamon configuration to own role
2021-03-17 05:15:05 +00:00
c99efeab61
Lint fixes
2021-03-16 23:07:26 +00:00
b1c135974e
Add production ready playbooks to master playbook
2021-03-16 23:01:49 +00:00
6a712f7737
sendmail: Add newalises handler support
2021-03-16 22:46:42 +00:00
7febf3bda5
nginx/server: Use mozilla recommended ssl settings
2021-03-16 22:45:21 +00:00
55855d7c15
Start working on replicated fsol gw
...
* Add fsol01 host
* Move everything to fsol01 for now
* Add pfsync interface
* Try to fix firewall rules with correct no-sync options
2021-03-16 22:41:58 +00:00
d41d59a0d4
Move loghost to vmhost01 and increase data disk size
2021-03-16 21:02:33 +00:00
1ad8a4e3f8
ldap_netdb: Fix dependencies
2021-03-16 20:17:56 +00:00
cad340750b
ldap_gravatar: Fix dependencies
2021-03-16 20:17:28 +00:00
c7bc132d11
Add ldap_gravatar role to primary ldap server
2021-03-16 19:19:23 +00:00
015de5a8df
ldap_gravatar: Initial version of role
2021-03-16 19:18:55 +00:00
b841119e1a
Don't hardcode ip addressses. Use netgroups instead.
2021-03-16 17:54:52 +00:00
