|
|
f96f3f6789
|
base: Add munin-node and update policy
munin-node adds depency to external repos so also update package
policy.
|
2021-03-19 00:17:46 +00:00 |
|
|
|
6858706c0b
|
base: Remove ssh handler as it's now in own role
|
2021-03-17 05:16:11 +00:00 |
|
|
|
0172750ca1
|
sshd: Move ssh deamon configuration to own role
|
2021-03-17 05:15:05 +00:00 |
|
|
|
c99efeab61
|
Lint fixes
|
2021-03-16 23:07:26 +00:00 |
|
|
|
61dbae4228
|
base: Fix typo
|
2021-03-11 21:16:08 +00:00 |
|
|
|
5322b2268b
|
base: Use argv when running commands
|
2021-03-11 10:59:04 +00:00 |
|
|
|
d1921c3dc4
|
base: Fix selinux contexts from /export
|
2021-03-11 10:07:51 +00:00 |
|
|
|
aaae860b22
|
base: Imediately mount /tmp using tmpfs
|
2021-03-09 21:35:48 +00:00 |
|
|
|
353e7facf7
|
base: Mount /tmp using tmpfs on CentOS hosts
|
2021-02-12 06:48:21 +00:00 |
|
|
|
6915b013a1
|
base: Fix ansible warning from postfix install
|
2020-09-24 18:46:53 +00:00 |
|
|
|
2db1a47b1a
|
base: Don't install postfix on mail servers
|
2020-09-24 16:28:38 +00:00 |
|
|
|
5bc970fdd1
|
Add fedora support for deploying kvm guests
|
2020-09-17 20:17:53 +00:00 |
|
|
|
e10d84305a
|
base: Install curl to all hosts
|
2020-09-03 20:24:25 +00:00 |
|
|
|
bec7f3a84d
|
base: Use copy instead of file
|
2020-09-01 20:18:14 +00:00 |
|
|
|
f1468b0f1f
|
base: Use explicit package names for OpenBSD
|
2020-09-01 20:16:33 +00:00 |
|
|
|
c9b21a3286
|
Add ansible_certificate custom fact
|
2020-08-29 15:55:51 +00:00 |
|
|
|
18919643d9
|
base: Really disable rsa key and not just say so
|
2020-08-28 07:29:59 +00:00 |
|
|
|
964b70f978
|
base: Add more base packages
|
2020-08-26 23:04:16 +03:00 |
|
|
|
74edead676
|
base: Remove all depencies to other than base packages
|
2020-08-26 22:54:47 +03:00 |
|
|
|
f490804106
|
Disable rsa key from ssh host keys
|
2020-08-26 22:03:18 +03:00 |
|
|
|
b7e0ef18c5
|
Reorder installs to get selinux support earlier
Ansible cannot set file contexts unless selinux python bindings are installed.
|
2020-08-26 21:53:48 +03:00 |
|
|
|
3dbb65302e
|
base: fix warning of cron job hour value (should be string)
|
2020-02-27 14:12:09 +02:00 |
|
|
|
08466f3143
|
base: remove rcs from default installs
|
2020-02-27 14:08:12 +02:00 |
|
|
|
998dc0b643
|
install htop on all hosts
|
2019-06-10 19:24:15 +03:00 |
|
|
|
c1db2dc402
|
create syslogd role and enable it on openbsd
|
2019-05-29 00:34:44 +03:00 |
|
|
|
13f0332fa1
|
create rsyslog role which logs everything to /var/log/all.log
|
2019-05-29 00:07:39 +03:00 |
|
|
|
faaddffce4
|
more fiddling with ssh security now relying on mozilla recommendations
|
2019-05-28 20:30:03 +03:00 |
|
|
|
dd19c94511
|
create network role and include it into base (only openbsd does something)
|
2019-05-28 00:25:06 +03:00 |
|
|
|
33a70eacfd
|
add handler for sshd restarts
|
2019-05-27 21:03:31 +03:00 |
|
|
|
f06707ce6b
|
tighten sshd settings (ciphers, kex, macs)
|
2019-05-27 20:59:36 +03:00 |
|
|
|
3162d50738
|
no need to run quota check on boot for openbsd
|
2019-05-23 17:38:23 +03:00 |
|
|
|
011aafca1c
|
add bash and emacs by default on openbsd
|
2019-05-23 17:38:03 +03:00 |
|
|
|
12b270c57b
|
openbsd is missing /srv hierarcy by default so create it
|
2019-05-23 17:37:24 +03:00 |
|
|
|
fd64da10cf
|
hardode datacenter to home for now and use local mirror for openbsd packages
|
2019-05-23 17:36:14 +03:00 |
|
|
|
1d0636dfa4
|
enable psacct on all hosts
|
2019-05-23 02:27:39 +03:00 |
|
|
|
81df3e7c10
|
always add pf role to openbsd hosts
|
2019-05-22 23:51:12 +03:00 |
|
|
|
078e00f054
|
force correct hostname
|
2019-05-22 23:46:25 +03:00 |
|
|
|
745b4a5a77
|
initial support for openbsd
|
2019-05-22 22:35:43 +03:00 |
|
|
|
60406a69f9
|
always install tcpdump
|
2019-05-20 23:06:31 +03:00 |
|
|
|
b18bcedb59
|
install local ca signed host certificates for all hosts
|
2019-05-14 22:18:37 +03:00 |
|
|
|
683cef178e
|
add rcs to all hosts
|
2019-05-13 15:34:22 +03:00 |
|
|
|
76f0f6b741
|
initial version of opensmtpd which is applied to all hosts
|
2019-05-11 00:14:03 +03:00 |
|
|
|
a3cc1b3b18
|
install telnet to rhel hosts
|
2019-05-10 20:30:20 +03:00 |
|
|
|
6e81d76409
|
add mailx so we can send messages from command line
|
2019-05-10 20:07:00 +03:00 |
|
|
|
088a3298c0
|
add basic selinux tools for all rhel based hosts
|
2019-05-10 19:44:28 +03:00 |
|
|
|
7e9f86b089
|
disable at use from all users on all hosts
|
2019-05-10 16:57:54 +03:00 |
|
|
|
bfa5e5807c
|
add iptables role and define firewall rules for mirror group
|
2019-05-10 16:51:18 +03:00 |
|
|
|
0bb81e37f6
|
always install sysstat package
|
2019-05-10 15:38:28 +03:00 |
|
|
|
2ceee43d40
|
first version of base role
|
2019-05-10 15:25:38 +03:00 |
|
