ansible

Author	SHA1	Message	Date
Timo Makinen	befa371fdc	nfs-server: Allow role/home autocreation run more often 1. Implemented locking for scripts so only one instance is running simultaneously. This will also remove stale lock file if found. 2. Use LDAP contextCSN value to determine if we need to run script at all. Previous contextCSN is stored in state file which will be cleaned during reboots. If state file is not found direcotries are scanned in normal way.	2021-03-24 05:48:04 +00:00
Timo Makinen	169750eb0e	base: Add S.M.A.R.T disk monitoring to physical hosts	2021-03-23 22:36:52 +00:00
Timo Makinen	226c624328	base: Add lm_sensors to physical hosts	2021-03-23 22:29:11 +00:00
Timo Makinen	f7025a7a06	lm_sensors: Initial version of role	2021-03-23 22:28:50 +00:00
Timo Makinen	7258cb04fd	jenkins: Initial version of role	2021-03-23 21:44:35 +00:00
Timo Makinen	5c0d6fe84f	munin-node: Fix dependencies for Fedora	2021-03-23 18:15:44 +00:00
Timo Makinen	5282a19463	nfs-server: Add autocreate support for home/role directories	2021-03-23 17:01:39 +00:00
Timo Makinen	786b8699ff	network: Fix disabling IPv6 address on RHEL When setting IPv6 addr to none interfaces were still autoconfigured using router advertisements. This is now fixed.	2021-03-23 16:30:57 +00:00
Timo Makinen	89eec4e1c5	nginx/site: Disable certificate check when we have multiple backends Nginx requires that all backend certificates need to match name defined in ProxyPass directive: https://trac.nginx.org/nginx/ticket/1307	2021-03-23 15:55:01 +00:00
Timo Makinen	00088239fa	thinlinc-server: Use Let's Encrypt certs if available	2021-03-22 21:04:37 +00:00
Timo Makinen	ca3270d89b	nginx/server: Use SNI when connecting to backend servers	2021-03-22 20:59:03 +00:00
Timo Makinen	147c8d4db5	nginx/server: Add plaintext HTTP server support for cert validation	2021-03-22 20:35:38 +00:00
Timo Makinen	65e34954f0	thinlinc-server: Tighten up TLS settings	2021-03-22 19:51:52 +00:00
Timo Makinen	480db886ca	thinlinc-server: Add web access configuration Still lacks support for real certificates.	2021-03-22 19:03:09 +00:00
Timo Makinen	aed88b417b	nginx/server: Verify backend cert when proxying web sites	2021-03-22 19:02:10 +00:00
Timo Makinen	fbb64c4fb0	nginx/server: Drop xslt module as it's not used anymore	2021-03-22 17:09:27 +00:00
Timo Makinen	c6a98151ba	cups-client: Initial version of role	2021-03-20 15:26:43 +00:00
Timo Makinen	730cf1ab09	nginx: Set hsts headers in proxy level and not in backend	2021-03-20 14:29:28 +00:00
Timo Makinen	d55c77c30f	postfix: Add relay support to specific domains	2021-03-20 14:17:14 +00:00
Timo Makinen	6f156a91fd	cups: Don't set keytab in role	2021-03-20 14:15:52 +00:00
Timo Makinen	5c1ff863c7	rsyslog: Add missing udp listener file	2021-03-19 23:52:15 +00:00
Timo Makinen	aa0f0d61dd	tftp: Initial version of tftp server role Currently this is role allows writing to data directory.	2021-03-19 23:49:34 +00:00
Timo Makinen	c91db784e1	network: Use insecure password for keepalived Using AH based authentication generates duplicate announces from master: IPSEC-AH : sequence number 34831 already processed. Packet dropped. Use insecure (unencrypted) authentication for announcement pakets until this is sorted out.	2021-03-19 21:21:27 +00:00
Timo Makinen	31bb8d1158	rsyslog: Add optional UDP listener support	2021-03-19 20:02:24 +00:00
Timo Makinen	a17cb88c1e	iptables: Don't set empty defaults, check if var is defined	2021-03-19 18:36:48 +00:00
Timo Makinen	6acefc9178	pf: Don't set empty defaults, check if var is defined	2021-03-19 18:35:58 +00:00
Timo Makinen	87001613ed	network: Document network_vip_interfaces usage	2021-03-19 18:23:32 +00:00
Timo Makinen	43c4602ed4	iptables: Don't use ipv4 raw rules on ipv6 firewall	2021-03-19 18:22:19 +00:00
Timo Makinen	d63f828e8b	network: Move OpenBSD CARP to use network_vip_interfaces This will also change advskew option to priority and inverse functionality so greatest value wins instead of lowest.	2021-03-19 18:17:02 +00:00
Timo Makinen	f8fe21c4a1	network: Don't explicitly set network_carp_interfaces	2021-03-19 17:17:57 +00:00
Timo Makinen	d187472f27	network: Add keepalived support	2021-03-19 17:09:17 +00:00
Timo Makinen	675d7af7a4	base: Store date and time for bash history on RedHat hosts	2021-03-19 16:49:37 +00:00
Timo Makinen	d43e4bfbe3	munin-server: Move data directory to /export/munin	2021-03-19 08:28:20 +00:00
Timo Makinen	6c4d42341c	munin-server: Add all hosts to munin from inventory	2021-03-19 07:01:23 +00:00
Timo Makinen	58c1add726	Rename munin-master to munin-server	2021-03-19 06:35:24 +00:00
Timo Makinen	63f19f7d27	Open munin from all hosts firewll	2021-03-19 06:32:08 +00:00
Timo Makinen	f96f3f6789	base: Add munin-node and update policy munin-node adds depency to external repos so also update package policy.	2021-03-19 00:17:46 +00:00
Timo Makinen	d381e4f3b7	ldap_netdb: Fix warnings from cron job	2021-03-19 00:05:02 +00:00
Timo Makinen	ce17dfbe70	munin-node: Fix dependencies for CentOS 8	2021-03-18 23:55:26 +00:00
Timo Makinen	b4e1edbf5d	munin-node: Run munin-node-configure when needed	2021-03-18 23:45:35 +00:00
Timo Makinen	7e6d2e241a	munin-node: Add EPEL repo as depency for EL systems	2021-03-18 23:37:11 +00:00
Timo Makinen	2f72664231	munin-node: Add OpenBSD support	2021-03-18 23:20:50 +00:00
Timo Makinen	b287591b32	munin-node: Initial version of munin-node role	2021-03-18 22:35:11 +00:00
Timo Makinen	6ef17adfa2	munin-master: Fix graph generation from cgi script	2021-03-18 22:31:28 +00:00
Timo Makinen	f5782ad361	apache: Change admin contact address	2021-03-18 22:27:05 +00:00
Timo Makinen	5d83306491	munin-master: Force TLS when connecting to nodes	2021-03-18 16:55:34 +00:00
Timo Makinen	15fec6b391	munin-master: Start munin cron job not just enable	2021-03-18 11:29:56 +00:00
Timo Makinen	5752bed415	munin-master: Remove localhost node	2021-03-18 11:07:47 +00:00
Timo Makinen	9f3ff39286	mod_auth_gssapi: SELinux fixes for CentOS 8	2021-03-18 11:02:01 +00:00
Timo Makinen	5eda17494d	mod_auth_gssapi: Set keytab path in environment variables	2021-03-18 11:01:19 +00:00

1 2 3 4 5 ...

394 commits