35b919910f
sendmail: Remove duplicate config option
2021-03-16 17:21:30 +00:00
c1ee7e81d0
saslauthd: Convert ldap to use fastbind
...
Seems that cert auth always returns success even for invalid passwords. :)
2021-03-16 11:51:10 +00:00
0f6d33072e
sendmail: Better ordering for auth mechanisms
2021-03-16 09:26:47 +00:00
ded4730735
sendmail: Add dhparams
2021-03-16 08:31:15 +00:00
ac3ac750c1
sendmail: Don't hardcode tls key and cert paths
2021-03-16 08:27:23 +00:00
183208afff
dovecot: Use Mozilla intermediate ssl settings
2021-03-16 07:30:29 +00:00
2f2db828b2
dhparams: Helper role to copy dhparams file to hosts
2021-03-16 07:30:02 +00:00
a7795193e7
dovecot: Fix permissons from kerberos keytab
2021-03-16 02:57:20 +00:00
2f39d6ebf9
kvm-host: Add virt-top
2021-03-16 01:19:23 +00:00
7fbd201242
kvm-host: Add base libvirt packages not just daemon
2021-03-16 01:09:23 +00:00
3ad51924eb
Add fsol02.home.foo.sh
2021-03-16 00:56:59 +00:00
f73ca08805
bird: Initial version of role
2021-03-16 00:56:00 +00:00
644299f49a
openvpn: Initial version of role
2021-03-16 00:55:43 +00:00
32e4f82ff2
roles-lists: Initial version of role
...
Add support for archiving mailing lists from roles.
2021-03-12 17:09:46 +00:00
cb4292f5d0
clamav: Fix enabling and starting service
...
Correct way to enable instantiated services is to just run
"systemctl enable name@arg.service". This will automatically create
required service files based on "name@.service". Disabling service
again removes required files.
2021-03-12 16:17:50 +00:00
2f01f32259
selinux: Create drop-in directory for custom selinx modules
2021-03-12 15:57:26 +00:00
3eff758f5c
opencollab: Initial version of role
...
This will download opencollab from github and install it with pip2.
Unfortunately ansible pip only checks if module is installed so
new versions are not updated automatically.
Running "pip2 uninstall opencollab" should trigger update on next
ansible run.
2021-03-12 15:41:44 +00:00
8a5d3cde28
nginx/server: Wait for network before starting service
2021-03-12 09:11:52 +00:00
61dbae4228
base: Fix typo
2021-03-11 21:16:08 +00:00
eb81b512b2
autofs: Try to improve NFS performance
2021-03-11 21:08:23 +00:00
72e24d725d
thunderbird: Initial version of role
...
Only disables saving passwords for now.
2021-03-11 21:07:29 +00:00
7c3d24d2c8
firefox: Initial version of role
...
* Install firefox
* Set homepage to https://www.foo.sh
* Disable password manager
2021-03-11 20:25:59 +00:00
6cd2a5bbe5
sendmail: Move mail spool under /export hierarcy
2021-03-11 17:39:27 +00:00
5b03f74903
sendmail: Use cert and cert chain file seperately
...
For some reason sendmail didn't like fullchain file so seperate them.
2021-03-11 17:28:21 +00:00
4804a50b37
dovecot: Try to fix cache dir permissions again
2021-03-11 17:17:06 +00:00
ff97290463
dovecot: Use fullchain extension for certificate
2021-03-11 17:05:40 +00:00
a293945d04
saslauthd: Fix LDAP mech
...
* Fix server address
* Force server certificate check
* Use client certificates for authenticating to LDAP
2021-03-11 17:01:24 +00:00
61633eb07b
autofs: Allow to use home directories over NFS
2021-03-11 16:56:05 +00:00
36b2f9f9c5
mutt: Initial version of module
2021-03-11 16:54:01 +00:00
5322b2268b
base: Use argv when running commands
2021-03-11 10:59:04 +00:00
d1921c3dc4
base: Fix selinux contexts from /export
2021-03-11 10:07:51 +00:00
0a14190c3f
spamassassin-razor: Fix selinux context from data directory
2021-03-11 07:17:10 +00:00
856fb13822
Install keytab from dovecot role and not from playbook
2021-03-11 06:18:47 +00:00
1120dfde5f
dovecot: Fix typo
2021-03-11 06:17:56 +00:00
532e47b36c
dovecot: Finish up dovecot install
2021-03-11 05:27:42 +00:00
25417ed9eb
kerberos/keytab: No need to check if spn exists
...
Running ktadd will fail anyway if no principal is found from server.
2021-03-11 05:12:47 +00:00
dc51edb84a
ldap/server: Initial version of ldapspn helper script
...
ldapspn supports listing, creating and deleting Kerberos service
principals.
2021-03-10 21:34:59 +00:00
aaae860b22
base: Imediately mount /tmp using tmpfs
2021-03-09 21:35:48 +00:00
6c9d69345d
grossd: Remove swap file
2021-03-09 20:57:18 +00:00
68810aa8c2
grossd: Initial version of module
2021-03-09 20:49:51 +00:00
2cbe0b93af
foor.sh-repo: Initial version
2021-03-09 19:18:16 +00:00
32b8bfd48b
thinlinc: Don't disable initial setup here
2021-03-02 22:18:23 +00:00
7518666053
thinlinc: Fix typo
2021-03-02 18:58:40 +00:00
6a1f0a7870
thinlinc: Disable running gnome-initial-setup
2021-03-02 18:39:39 +00:00
df76b8f7e7
thinlinc: Disable intro and desktop selection
...
This will disable introduction message during login and force
desktop to GNOME.
2021-03-02 18:31:53 +00:00
8e95f29f61
mkhomedir: Initial version of role
2021-03-01 21:42:43 +00:00
fabcc2fe88
mirror/thinlinc: Link data directory to web root
2021-02-24 04:49:50 +00:00
9afdda987e
mirror/base: Convert everything to run on Apache
2021-02-24 04:49:08 +00:00
b2de68ebac
Use weak ciphers for boot.foo.sh
...
iPXE doesn't support modern ciphers so use older ones.
2021-02-12 07:12:13 +00:00
353e7facf7
base: Mount /tmp using tmpfs on CentOS hosts
2021-02-12 06:48:21 +00:00
