ansible

Author	SHA1	Message	Date
Timo Makinen	911332ec6f	add daily ldap database dumps to ldap master	2019-05-31 19:11:32 +03:00
Timo Makinen	80b017b5d1	write ldap datadirectory handling more cleanly	2019-05-31 18:56:24 +03:00
Timo Makinen	a3ea2437a3	only mount /export on ldap master	2019-05-31 18:35:40 +03:00
Timo Makinen	0163a5f932	don't use /export for ldap data directory on slaves	2019-05-31 18:34:39 +03:00
Timo Makinen	7238a595f2	don't set mac address if we use static address on interface	2019-05-31 18:32:16 +03:00
Timo Makinen	05f2b28c4f	use random mac address if it's not provided	2019-05-31 18:30:36 +03:00
Timo Makinen	7f33b7792a	add robots.txt to git server webroot	2019-05-31 16:57:15 +03:00
Timo Makinen	5fcf58a3d6	only add datadisk on master ldap	2019-05-31 02:34:46 +03:00
Timo Makinen	2374804bfd	change kadmin to use different user than kdc when connecting to ldap	2019-05-31 02:32:57 +03:00
Timo Makinen	6c917dc696	add acl's for kadmin user	2019-05-31 02:31:58 +03:00
Timo Makinen	fbffa25346	install and configure ldapvi on ldap servers	2019-05-31 02:30:53 +03:00
Timo Makinen	666ada404e	add carp interfaces to gw hosts	2019-05-30 20:38:19 +03:00
Timo Makinen	4ba69d7632	add ldap indexes for kerberos kdc	2019-05-29 19:38:25 +03:00
Timo Makinen	4cac7b8bc7	finish up kdcproxy	2019-05-29 19:37:55 +03:00
Timo Makinen	2ab21a87f5	allow all users to runtime directory	2019-05-29 19:35:51 +03:00
Timo Makinen	e1311e7ccc	change kdc tcp port to listen only localhost	2019-05-29 03:19:45 +03:00
Timo Makinen	f2934aef91	add kdcproxy to kdc role	2019-05-29 03:15:49 +03:00
Timo Makinen	f1d32f86b7	added gunicorn role	2019-05-29 03:14:46 +03:00
Timo Makinen	40abdfca64	change ldap base dn entries to use variables	2019-05-29 01:59:00 +03:00
Timo Makinen	53cacdcb2e	log ldap queries to syslog	2019-05-29 01:57:41 +03:00
Timo Makinen	bb7b20c65e	add support for creating stash files	2019-05-29 01:56:26 +03:00
Timo Makinen	45d23c90af	fix puppetism typo	2019-05-29 01:55:53 +03:00
Timo Makinen	8db1ce69fd	add kerberos role to ldap group still work in progress	2019-05-29 00:41:57 +03:00
Timo Makinen	c1db2dc402	create syslogd role and enable it on openbsd	2019-05-29 00:34:44 +03:00
Timo Makinen	13f0332fa1	create rsyslog role which logs everything to /var/log/all.log	2019-05-29 00:07:39 +03:00
Timo Makinen	e0b519cf21	use global variable for default certificate bundle location	2019-05-28 21:22:14 +03:00
Timo Makinen	1a4aec1b66	use variables for server settings and move from self signed cert to real ones	2019-05-28 21:16:47 +03:00
Timo Makinen	fd9e792aec	lint fixes	2019-05-28 20:37:54 +03:00
Timo Makinen	58b3ca5d62	add ldap/server role to ldap servers	2019-05-28 20:34:53 +03:00
Timo Makinen	89aa8eb0ef	first version of ldap server role	2019-05-28 20:34:07 +03:00
Timo Makinen	2804d730c9	add ldap and kerberos settings to global vars	2019-05-28 20:33:01 +03:00
Timo Makinen	7f284a8e24	add first ldap host	2019-05-28 20:32:16 +03:00
Timo Makinen	faaddffce4	more fiddling with ssh security now relying on mozilla recommendations	2019-05-28 20:30:03 +03:00
Timo Makinen	180dae44a4	create relayd role and enable it for proxy group	2019-05-28 02:33:03 +03:00
Timo Makinen	0a8c59335a	add ifstated role and enable it on proxy group	2019-05-28 02:09:35 +03:00
Timo Makinen	397a686495	ugly hack to get ldap certificates	2019-05-28 02:08:23 +03:00
Timo Makinen	ddb7ddc71b	use fullchain certificates for nginx	2019-05-28 01:10:42 +03:00
Timo Makinen	d036b43244	add proxy group to global playbook	2019-05-28 01:00:25 +03:00
Timo Makinen	4dedb4f2d0	create fullchain of host certificate	2019-05-28 00:59:15 +03:00
Timo Makinen	5dc54dd8eb	add proxy hosts	2019-05-28 00:28:29 +03:00
Timo Makinen	dd19c94511	create network role and include it into base (only openbsd does something)	2019-05-28 00:25:06 +03:00
Timo Makinen	ba0c70532f	first version of proxy site for nginx	2019-05-27 23:49:38 +03:00
Timo Makinen	d448eb6522	no default vars just os family specific	2019-05-27 23:15:35 +03:00
Timo Makinen	e95bd87ab5	fix nginx/server role for openbsd	2019-05-27 22:36:35 +03:00
Timo Makinen	a69e66bbac	initial version of ldap client	2019-05-27 21:10:50 +03:00
Timo Makinen	81a3becc55	initial version of saslauthd role	2019-05-27 21:04:07 +03:00
Timo Makinen	33a70eacfd	add handler for sshd restarts	2019-05-27 21:03:31 +03:00
Timo Makinen	d12261fe1c	add variables for ansible directories	2019-05-27 21:01:48 +03:00
Timo Makinen	b12f219ded	add mozilla intermediate compatibility ciphersuites	2019-05-27 21:00:55 +03:00
Timo Makinen	f06707ce6b	tighten sshd settings (ciphers, kex, macs)	2019-05-27 20:59:36 +03:00

1 2 3

138 commits