befa371fdc
nfs-server: Allow role/home autocreation run more often
...
1. Implemented locking for scripts so only one instance is running
simultaneously. This will also remove stale lock file if found.
2. Use LDAP contextCSN value to determine if we need to run script
at all. Previous contextCSN is stored in state file which will
be cleaned during reboots. If state file is not found direcotries
are scanned in normal way.
2021-03-24 05:48:04 +00:00
169750eb0e
base: Add S.M.A.R.T disk monitoring to physical hosts
2021-03-23 22:36:52 +00:00
226c624328
base: Add lm_sensors to physical hosts
2021-03-23 22:29:11 +00:00
f7025a7a06
lm_sensors: Initial version of role
2021-03-23 22:28:50 +00:00
8c03eb0a25
Add jenkins.foo.sh
2021-03-23 21:45:25 +00:00
1361dcd01c
Add jenkins01.home.foo.sh
2021-03-23 21:45:02 +00:00
7258cb04fd
jenkins: Initial version of role
2021-03-23 21:44:35 +00:00
7461384816
Remove db01.home.foo.sh
2021-03-23 19:46:52 +00:00
5c0d6fe84f
munin-node: Fix dependencies for Fedora
2021-03-23 18:15:44 +00:00
e048e97abc
Fix Fedora installs and upgrade to version 33
2021-03-23 17:54:12 +00:00
1e69b21b08
Add db01.home.foo.sh
2021-03-23 17:15:02 +00:00
5282a19463
nfs-server: Add autocreate support for home/role directories
2021-03-23 17:01:39 +00:00
cc3f8748a0
Disable IPv6 on lan network for shell hosts
2021-03-23 16:32:10 +00:00
786b8699ff
network: Fix disabling IPv6 address on RHEL
...
When setting IPv6 addr to none interfaces were still autoconfigured
using router advertisements. This is now fixed.
2021-03-23 16:30:57 +00:00
89eec4e1c5
nginx/site: Disable certificate check when we have multiple backends
...
Nginx requires that all backend certificates need to match name defined
in ProxyPass directive:
https://trac.nginx.org/nginx/ticket/1307
2021-03-23 15:55:01 +00:00
90ccb41fd3
Allow CARP advertisemens from firewall on ns hosts
2021-03-23 06:55:44 +00:00
00088239fa
thinlinc-server: Use Let's Encrypt certs if available
2021-03-22 21:04:37 +00:00
ca3270d89b
nginx/server: Use SNI when connecting to backend servers
2021-03-22 20:59:03 +00:00
dd6fca4270
Add certificate validation support for shell hosts
2021-03-22 20:36:37 +00:00
147c8d4db5
nginx/server: Add plaintext HTTP server support for cert validation
2021-03-22 20:35:38 +00:00
65e34954f0
thinlinc-server: Tighten up TLS settings
2021-03-22 19:51:52 +00:00
67560714d8
Open HTTP and HTTPS ports from shell hosts.
2021-03-22 19:05:07 +00:00
480db886ca
thinlinc-server: Add web access configuration
...
Still lacks support for real certificates.
2021-03-22 19:03:09 +00:00
aed88b417b
nginx/server: Verify backend cert when proxying web sites
2021-03-22 19:02:10 +00:00
fbb64c4fb0
nginx/server: Drop xslt module as it's not used anymore
2021-03-22 17:09:27 +00:00
1f304aec10
Add CUPS client to shell hosts
2021-03-20 15:27:07 +00:00
c6a98151ba
cups-client: Initial version of role
2021-03-20 15:26:43 +00:00
40d5107898
Fix priority variable from carp interfaces on proxies
2021-03-20 15:25:54 +00:00
730cf1ab09
nginx: Set hsts headers in proxy level and not in backend
2021-03-20 14:29:28 +00:00
ad49c7f6b9
Add cups server to print hosts
2021-03-20 14:18:46 +00:00
a7035e9c38
Add mail relaying to foo.sh addresses for nms hosts
2021-03-20 14:18:05 +00:00
d55c77c30f
postfix: Add relay support to specific domains
2021-03-20 14:17:14 +00:00
bf39708fac
Fix warnings about integer value
2021-03-20 14:16:21 +00:00
6f156a91fd
cups: Don't set keytab in role
2021-03-20 14:15:52 +00:00
e62cad951c
Add print to master playbook
2021-03-20 13:59:51 +00:00
027dfc2a48
Add print01 host
2021-03-20 02:01:57 +00:00
c3c37d1b14
Add snmp tools to nms hosts
2021-03-20 01:23:00 +00:00
d0f89f2afc
Open tftp and ntp ports from firewall on nms hosts
2021-03-19 23:52:53 +00:00
5c1ff863c7
rsyslog: Add missing udp listener file
2021-03-19 23:52:15 +00:00
db8040d762
Add tftp server to nms hosts
2021-03-19 23:50:53 +00:00
aa0f0d61dd
tftp: Initial version of tftp server role
...
Currently this is role allows writing to data directory.
2021-03-19 23:49:34 +00:00
ec1121107a
Add RCS to nms hosts
2021-03-19 22:52:02 +00:00
e7a32718f4
Fix sssd/mkhomedir order from nms hosts
2021-03-19 22:23:02 +00:00
02d23a723c
Add unzip for nms hosts (to extract firmware packages)
2021-03-19 21:48:58 +00:00
07c8054e8b
Add RCS to shell hosts
2021-03-19 21:47:16 +00:00
11daf618fa
Add wget to nms hosts
2021-03-19 21:45:58 +00:00
c91db784e1
network: Use insecure password for keepalived
...
Using AH based authentication generates duplicate announces from master:
IPSEC-AH : sequence number 34831 already processed. Packet dropped.
Use insecure (unencrypted) authentication for announcement pakets until
this is sorted out.
2021-03-19 21:21:27 +00:00
ba97c88303
Add initial NTP server support to nms hosts
2021-03-19 20:54:04 +00:00
8f30553fd8
Add ssh config to shell hosts for connecting servers
2021-03-19 20:46:47 +00:00
b726e2e029
Add UDP logging support from oob network
2021-03-19 20:02:55 +00:00
