|
|
5b03f74903
|
sendmail: Use cert and cert chain file seperately
For some reason sendmail didn't like fullchain file so seperate them.
|
2021-03-11 17:28:21 +00:00 |
|
|
|
4804a50b37
|
dovecot: Try to fix cache dir permissions again
|
2021-03-11 17:17:06 +00:00 |
|
|
|
ff97290463
|
dovecot: Use fullchain extension for certificate
|
2021-03-11 17:05:40 +00:00 |
|
|
|
a293945d04
|
saslauthd: Fix LDAP mech
* Fix server address
* Force server certificate check
* Use client certificates for authenticating to LDAP
|
2021-03-11 17:01:24 +00:00 |
|
|
|
61633eb07b
|
autofs: Allow to use home directories over NFS
|
2021-03-11 16:56:05 +00:00 |
|
|
|
36b2f9f9c5
|
mutt: Initial version of module
|
2021-03-11 16:54:01 +00:00 |
|
|
|
5322b2268b
|
base: Use argv when running commands
|
2021-03-11 10:59:04 +00:00 |
|
|
|
d1921c3dc4
|
base: Fix selinux contexts from /export
|
2021-03-11 10:07:51 +00:00 |
|
|
|
0a14190c3f
|
spamassassin-razor: Fix selinux context from data directory
|
2021-03-11 07:17:10 +00:00 |
|
|
|
856fb13822
|
Install keytab from dovecot role and not from playbook
|
2021-03-11 06:18:47 +00:00 |
|
|
|
1120dfde5f
|
dovecot: Fix typo
|
2021-03-11 06:17:56 +00:00 |
|
|
|
532e47b36c
|
dovecot: Finish up dovecot install
|
2021-03-11 05:27:42 +00:00 |
|
|
|
25417ed9eb
|
kerberos/keytab: No need to check if spn exists
Running ktadd will fail anyway if no principal is found from server.
|
2021-03-11 05:12:47 +00:00 |
|
|
|
dc51edb84a
|
ldap/server: Initial version of ldapspn helper script
ldapspn supports listing, creating and deleting Kerberos service
principals.
|
2021-03-10 21:34:59 +00:00 |
|
|
|
aaae860b22
|
base: Imediately mount /tmp using tmpfs
|
2021-03-09 21:35:48 +00:00 |
|
|
|
6c9d69345d
|
grossd: Remove swap file
|
2021-03-09 20:57:18 +00:00 |
|
|
|
68810aa8c2
|
grossd: Initial version of module
|
2021-03-09 20:49:51 +00:00 |
|
|
|
2cbe0b93af
|
foor.sh-repo: Initial version
|
2021-03-09 19:18:16 +00:00 |
|
|
|
32b8bfd48b
|
thinlinc: Don't disable initial setup here
|
2021-03-02 22:18:23 +00:00 |
|
|
|
7518666053
|
thinlinc: Fix typo
|
2021-03-02 18:58:40 +00:00 |
|
|
|
6a1f0a7870
|
thinlinc: Disable running gnome-initial-setup
|
2021-03-02 18:39:39 +00:00 |
|
|
|
df76b8f7e7
|
thinlinc: Disable intro and desktop selection
This will disable introduction message during login and force
desktop to GNOME.
|
2021-03-02 18:31:53 +00:00 |
|
|
|
8e95f29f61
|
mkhomedir: Initial version of role
|
2021-03-01 21:42:43 +00:00 |
|
|
|
fabcc2fe88
|
mirror/thinlinc: Link data directory to web root
|
2021-02-24 04:49:50 +00:00 |
|
|
|
9afdda987e
|
mirror/base: Convert everything to run on Apache
|
2021-02-24 04:49:08 +00:00 |
|
|
|
b2de68ebac
|
Use weak ciphers for boot.foo.sh
iPXE doesn't support modern ciphers so use older ones.
|
2021-02-12 07:12:13 +00:00 |
|
|
|
353e7facf7
|
base: Mount /tmp using tmpfs on CentOS hosts
|
2021-02-12 06:48:21 +00:00 |
|
|
|
c9040a4529
|
sendmail: Initial version of module
|
2021-02-12 06:31:09 +00:00 |
|
|
|
af061d0083
|
nginx/server: Validate certificate before installing
|
2021-02-12 06:26:25 +00:00 |
|
|
|
d017446a0e
|
ldap/server: Index username (uid) attributes
|
2021-02-12 05:21:40 +00:00 |
|
|
|
612875ca44
|
syslogd: Restart server when new certs are deployed
|
2021-02-10 07:02:42 +00:00 |
|
|
|
0d693da604
|
mirror: Disable progress bar when downloading thinlinc packages
|
2021-02-08 06:40:22 +00:00 |
|
|
|
eaa0e25b41
|
zfs: Remove unused role
|
2020-12-13 16:08:39 +00:00 |
|
|
|
c1198880bb
|
ldap/server: Include chain files to certificates tag
|
2020-12-08 08:02:32 +00:00 |
|
|
|
36cbc1dd48
|
syslogd: Fix log rotation command
|
2020-11-27 08:58:22 +00:00 |
|
|
|
5d10282cdb
|
autofs: Use mkdir instead of install command
|
2020-11-24 07:24:07 +00:00 |
|
|
|
aca3b191e6
|
nfs-client: Disable using raw uid/gid mapping
Fixes error:
kernel: NFS: v4 server nas02.home.foo.sh does not accept raw uid/gids. Reenabling the idmapper.
Hopefully also makes logins faster.
|
2020-11-19 18:16:34 +00:00 |
|
|
|
0ba135be52
|
sssd: Disable unused services and enumeration
We are not using autofs or sudo via LDAP so disable them. Enumeration
doesn't seem to help getting all users via getent so disable it.
|
2020-11-17 18:15:23 +00:00 |
|
|
|
74b58f9313
|
sssd: Enable sssd as authentication backend
|
2020-11-17 16:50:49 +00:00 |
|
|
|
0d40ff3e92
|
nfs-client: Allow gssproxy to connect krb5 over https
|
2020-11-17 16:49:21 +00:00 |
|
|
|
b3329efbeb
|
mirror: Add git as depency to report mirror
|
2020-11-15 16:53:24 +00:00 |
|
|
|
9e3b204b3a
|
sssd: More specific config options to sssd.conf
|
2020-11-15 16:52:09 +00:00 |
|
|
|
4f98c287ab
|
mirror: Print postcmd output only when running verbose
|
2020-11-15 16:50:39 +00:00 |
|
|
|
f89672dd59
|
autofs: Fix cache path when xdg runtime is not set
|
2020-11-14 17:13:56 +00:00 |
|
|
|
277630dcf9
|
thinlinc-server: Add missing policy file
|
2020-11-14 13:48:05 +00:00 |
|
|
|
019dd4978e
|
sssd: Initial version of module
|
2020-11-14 13:46:54 +00:00 |
|
|
|
b317e5b12e
|
autofs: Move users .cache directory out from home direcotry
No need to store users local .cache directory on NFS home directories.
Use tmpfs which is much faster.
|
2020-11-13 18:35:28 +00:00 |
|
|
|
93c1ae2e89
|
network: Configure DNS servers
EL systems use DNS servers from interface configs so support it.
|
2020-11-13 18:31:24 +00:00 |
|
|
|
d2befe152b
|
google-chrome: Lint fixes
|
2020-11-13 18:10:16 +00:00 |
|
|
|
326caa417d
|
autofs: Disable ssh authorized keys from users
When home directories are mounted using NFS and Kerberos the system
doesn't have access to authorized_keys file before user logs in.
|
2020-11-13 17:19:25 +00:00 |
|
