d43e4bfbe3
munin-server: Move data directory to /export/munin
2021-03-19 08:28:20 +00:00
6c4d42341c
munin-server: Add all hosts to munin from inventory
2021-03-19 07:01:23 +00:00
58c1add726
Rename munin-master to munin-server
2021-03-19 06:35:24 +00:00
63f19f7d27
Open munin from all hosts firewll
2021-03-19 06:32:08 +00:00
f96f3f6789
base: Add munin-node and update policy
...
munin-node adds depency to external repos so also update package
policy.
2021-03-19 00:17:46 +00:00
d381e4f3b7
ldap_netdb: Fix warnings from cron job
2021-03-19 00:05:02 +00:00
ce17dfbe70
munin-node: Fix dependencies for CentOS 8
2021-03-18 23:55:26 +00:00
b4e1edbf5d
munin-node: Run munin-node-configure when needed
2021-03-18 23:45:35 +00:00
7e6d2e241a
munin-node: Add EPEL repo as depency for EL systems
2021-03-18 23:37:11 +00:00
2f72664231
munin-node: Add OpenBSD support
2021-03-18 23:20:50 +00:00
b287591b32
munin-node: Initial version of munin-node role
2021-03-18 22:35:11 +00:00
6ef17adfa2
munin-master: Fix graph generation from cgi script
2021-03-18 22:31:28 +00:00
f5782ad361
apache: Change admin contact address
2021-03-18 22:27:05 +00:00
5d83306491
munin-master: Force TLS when connecting to nodes
2021-03-18 16:55:34 +00:00
15fec6b391
munin-master: Start munin cron job not just enable
2021-03-18 11:29:56 +00:00
5752bed415
munin-master: Remove localhost node
2021-03-18 11:07:47 +00:00
9f3ff39286
mod_auth_gssapi: SELinux fixes for CentOS 8
2021-03-18 11:02:01 +00:00
5eda17494d
mod_auth_gssapi: Set keytab path in environment variables
2021-03-18 11:01:19 +00:00
5d9bc1608f
mod_auth_gssapi: Fix keytab path config for CentOS 8
...
CentOS 8 doesn't apache doesn't read /etc/sysconfig/httpd anymore so
try to set keytab path location in apache config files.
2021-03-18 00:28:33 +00:00
cab7f424d5
munin-master: Initial version of role, WIP
2021-03-18 00:00:01 +00:00
71d392a556
powertools: Initial version of module
2021-03-17 22:45:13 +00:00
9675485eda
git/server: Fix typo from task name
2021-03-17 21:32:34 +00:00
58de72e85a
git: Convert to CentOS 8 and Apache
...
* Update git hosts to CentOS 8
* Drop nslscd and use sssd instead
* Change nginx to apache for future GSSAPI support
* Fix SELinux contexts from git data directory
2021-03-17 21:29:47 +00:00
3d885de573
ifstated: Fix fireall problems when fsol-gw is booted
...
For some reason firewall rules are not correctly loaded during boot
so reload them when ifstated starts.
2021-03-17 20:31:41 +00:00
887d4872d9
ifstated: Cannot validate config during provisioning
...
Network is restarted at the end of play run so ifstated validation
fails due to missing interfaces.
2021-03-17 19:05:01 +00:00
37ef5eb504
ifstated: Validate config before restarting
2021-03-17 18:48:41 +00:00
18a4c592ce
bird: Restart bird after config changes
2021-03-17 18:44:11 +00:00
00c204912f
bird: Remove leftover vim swap file
2021-03-17 18:42:02 +00:00
7b9c0b1f4d
Add ifstated to fsol-gw hosts
2021-03-17 18:41:25 +00:00
7175dc85b8
pf: Allow carp traffic on fsol-gw hosts
2021-03-17 18:30:09 +00:00
01dc86e3e2
bird: Use dynamic router id
2021-03-17 18:13:23 +00:00
635a867068
syslog: Fix syntax warnings from log backup cron job
2021-03-17 05:41:12 +00:00
08c62bd21b
ldap/server: Fix syntax warnings about cron job
2021-03-17 05:40:20 +00:00
a745cdb3ee
sshd: Remove some unused and potentially dangerous features
2021-03-17 05:20:41 +00:00
282fbcb932
sshd: Disable CentOS 8+ crypto policies for sshd
2021-03-17 05:17:53 +00:00
6858706c0b
base: Remove ssh handler as it's now in own role
2021-03-17 05:16:11 +00:00
0172750ca1
sshd: Move ssh deamon configuration to own role
2021-03-17 05:15:05 +00:00
c99efeab61
Lint fixes
2021-03-16 23:07:26 +00:00
6a712f7737
sendmail: Add newalises handler support
2021-03-16 22:46:42 +00:00
7febf3bda5
nginx/server: Use mozilla recommended ssl settings
2021-03-16 22:45:21 +00:00
55855d7c15
Start working on replicated fsol gw
...
* Add fsol01 host
* Move everything to fsol01 for now
* Add pfsync interface
* Try to fix firewall rules with correct no-sync options
2021-03-16 22:41:58 +00:00
1ad8a4e3f8
ldap_netdb: Fix dependencies
2021-03-16 20:17:56 +00:00
cad340750b
ldap_gravatar: Fix dependencies
2021-03-16 20:17:28 +00:00
015de5a8df
ldap_gravatar: Initial version of role
2021-03-16 19:18:55 +00:00
5783675589
sendmail: Restart sendmail after config changes
2021-03-16 17:22:54 +00:00
bfc59bfb2d
sendmail: Fix hostname part from kerberos principal
2021-03-16 17:21:51 +00:00
35b919910f
sendmail: Remove duplicate config option
2021-03-16 17:21:30 +00:00
c1ee7e81d0
saslauthd: Convert ldap to use fastbind
...
Seems that cert auth always returns success even for invalid passwords. :)
2021-03-16 11:51:10 +00:00
0f6d33072e
sendmail: Better ordering for auth mechanisms
2021-03-16 09:26:47 +00:00
ded4730735
sendmail: Add dhparams
2021-03-16 08:31:15 +00:00
