ansible

Author	SHA1	Message	Date
Timo Makinen	72dabd40d1	Fix warnings from ldap01 mount	2021-03-17 05:37:10 +00:00
Timo Makinen	a745cdb3ee	sshd: Remove some unused and potentially dangerous features	2021-03-17 05:20:41 +00:00
Timo Makinen	282fbcb932	sshd: Disable CentOS 8+ crypto policies for sshd	2021-03-17 05:17:53 +00:00
Timo Makinen	6858706c0b	base: Remove ssh handler as it's now in own role	2021-03-17 05:16:11 +00:00
Timo Makinen	0172750ca1	sshd: Move ssh deamon configuration to own role	2021-03-17 05:15:05 +00:00
Timo Makinen	c99efeab61	Lint fixes	2021-03-16 23:07:26 +00:00
Timo Makinen	b1c135974e	Add production ready playbooks to master playbook	2021-03-16 23:01:49 +00:00
Timo Makinen	6a712f7737	sendmail: Add newalises handler support	2021-03-16 22:46:42 +00:00
Timo Makinen	7febf3bda5	nginx/server: Use mozilla recommended ssl settings	2021-03-16 22:45:21 +00:00
Timo Makinen	55855d7c15	Start working on replicated fsol gw * Add fsol01 host * Move everything to fsol01 for now * Add pfsync interface * Try to fix firewall rules with correct no-sync options	2021-03-16 22:41:58 +00:00
Timo Makinen	d41d59a0d4	Move loghost to vmhost01 and increase data disk size	2021-03-16 21:02:33 +00:00
Timo Makinen	1ad8a4e3f8	ldap_netdb: Fix dependencies	2021-03-16 20:17:56 +00:00
Timo Makinen	cad340750b	ldap_gravatar: Fix dependencies	2021-03-16 20:17:28 +00:00
Timo Makinen	c7bc132d11	Add ldap_gravatar role to primary ldap server	2021-03-16 19:19:23 +00:00
Timo Makinen	015de5a8df	ldap_gravatar: Initial version of role	2021-03-16 19:18:55 +00:00
Timo Makinen	b841119e1a	Don't hardcode ip addressses. Use netgroups instead.	2021-03-16 17:54:52 +00:00
Timo Makinen	5783675589	sendmail: Restart sendmail after config changes	2021-03-16 17:22:54 +00:00
Timo Makinen	bfc59bfb2d	sendmail: Fix hostname part from kerberos principal	2021-03-16 17:21:51 +00:00
Timo Makinen	35b919910f	sendmail: Remove duplicate config option	2021-03-16 17:21:30 +00:00
Timo Makinen	c1ee7e81d0	saslauthd: Convert ldap to use fastbind Seems that cert auth always returns success even for invalid passwords. :)	2021-03-16 11:51:10 +00:00
Timo Makinen	0f6d33072e	sendmail: Better ordering for auth mechanisms	2021-03-16 09:26:47 +00:00
Timo Makinen	e5a47f1511	Add ns01.home.foo.sh	2021-03-16 08:45:50 +00:00
Timo Makinen	ded4730735	sendmail: Add dhparams	2021-03-16 08:31:15 +00:00
Timo Makinen	ac3ac750c1	sendmail: Don't hardcode tls key and cert paths	2021-03-16 08:27:23 +00:00
Timo Makinen	183208afff	dovecot: Use Mozilla intermediate ssl settings	2021-03-16 07:30:29 +00:00
Timo Makinen	2f2db828b2	dhparams: Helper role to copy dhparams file to hosts	2021-03-16 07:30:02 +00:00
Timo Makinen	9acebe47c6	Add irssi to shell hosts	2021-03-16 03:05:50 +00:00
Timo Makinen	a7795193e7	dovecot: Fix permissons from kerberos keytab	2021-03-16 02:57:20 +00:00
Timo Makinen	b87092ccca	Add static01.home.foo.sh	2021-03-16 02:30:16 +00:00
Timo Makinen	9ffe1dc3c0	Add shell01.home.foo.sh	2021-03-16 02:15:24 +00:00
Timo Makinen	2f39d6ebf9	kvm-host: Add virt-top	2021-03-16 01:19:23 +00:00
Timo Makinen	7fbd201242	kvm-host: Add base libvirt packages not just daemon	2021-03-16 01:09:23 +00:00
Timo Makinen	190d09e783	Use sssd instead of nslcd on nas hosts	2021-03-16 01:00:55 +00:00
Timo Makinen	5495eb0827	Preallocate data disks when during privisioning	2021-03-16 01:00:11 +00:00
Timo Makinen	46e8a2444d	Move mailhost to correct ip address	2021-03-16 00:57:27 +00:00
Timo Makinen	3ad51924eb	Add fsol02.home.foo.sh	2021-03-16 00:56:59 +00:00
Timo Makinen	f73ca08805	bird: Initial version of role	2021-03-16 00:56:00 +00:00
Timo Makinen	644299f49a	openvpn: Initial version of role	2021-03-16 00:55:43 +00:00
Timo Makinen	e0c70ad530	Add vmhost01.home.foo.sh	2021-03-16 00:54:22 +00:00
Timo Makinen	5e60aa56aa	Remove jumphosts from adm ssh config	2021-03-16 00:24:03 +00:00
Timo Makinen	a5f846720f	Add roles-lists to mail hosts	2021-03-12 17:10:19 +00:00
Timo Makinen	32e4f82ff2	roles-lists: Initial version of role Add support for archiving mailing lists from roles.	2021-03-12 17:09:46 +00:00
Timo Makinen	cb4292f5d0	clamav: Fix enabling and starting service Correct way to enable instantiated services is to just run "systemctl enable name@arg.service". This will automatically create required service files based on "name@.service". Disabling service again removes required files.	2021-03-12 16:17:50 +00:00
Timo Makinen	2f01f32259	selinux: Create drop-in directory for custom selinx modules	2021-03-12 15:57:26 +00:00
Timo Makinen	05ba87ae88	Add opencollab to shell hosts	2021-03-12 15:46:05 +00:00
Timo Makinen	3eff758f5c	opencollab: Initial version of role This will download opencollab from github and install it with pip2. Unfortunately ansible pip only checks if module is installed so new versions are not updated automatically. Running "pip2 uninstall opencollab" should trigger update on next ansible run.	2021-03-12 15:41:44 +00:00
Timo Makinen	8a5d3cde28	nginx/server: Wait for network before starting service	2021-03-12 09:11:52 +00:00
Timo Makinen	61dbae4228	base: Fix typo	2021-03-11 21:16:08 +00:00
Timo Makinen	eb81b512b2	autofs: Try to improve NFS performance	2021-03-11 21:08:23 +00:00
Timo Makinen	9240dda9bd	Convert thunderbird to role in shell hosts	2021-03-11 21:08:08 +00:00

1 2 3 4 5 ...

507 commits