crans
/
ansible
mirror of http://gitlab.adm.crans.org/nounous/ansible.git
19
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,424 Commits
13 Branches
0 Tags
8 MiB
Commit Graph

210 Commits (78121f65bb8e750e89ef7605080ff9747f230283)

Author SHA1 Message Date
Yohann D'ANELLO bd43cff36d [mailman3] Use lists.crans.org as web entrypoint 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO 1785d7f095 [mailman] Setup DKIM configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO c3cd94f6e6 [opendkim] Pepcransification 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO 84cb6585d2 [mailman] Mailman has a public IP 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO 77d292713f [mailman] Use multiple domains for mailman-web 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO e242818ae9 [mailman/certbot] Certbot is already generating a wildcard certificate 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO d8f6d333f3 [mailman3] Update 401 error for mailman 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO 81ded3ea46 [mailman3] Mailman is reverse-proxyfied 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO 8a0bb4401d [mailman3] Missing nginx parameter 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO 90a6c623ed [mailman3] Use nginx role 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO b74d5e0bf1 [mailman3] Drop mailman2 configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO 23a02adf11 [mailman3] Pepcransification 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-04-12 14:38:03 +00:00
Yohann D'ANELLO a8b4842689
[moinmoin] Fix wiki URL prefix 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-30 21:49:01 +02:00
Yohann D'ANELLO 9fd8496767 [logos] Deploy logos on the wiki 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-24 15:26:28 +00:00
Yohann D'ANELLO 84b8f88278 [logos] Add logos for Belenios and Jitsi 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-24 15:26:28 +00:00
Yohann D'ANELLO 3d44998c5a [etherpad] PEPCRANSIFICATION 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-23 10:19:24 +00:00
Yohann D'ANELLO 38ee51b2b7 [Etherpad] Add reverse-proxy configuration for tmpad 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-23 10:19:24 +00:00
Yohann D'ANELLO f9cc32b71b
[Jitsi] Put configuration in group vars 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-04 18:08:27 +01:00
Yohann D'ANELLO 3deae233b1
[Jitsi] Add Jitsi role 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-04 16:12:43 +01:00
Yohann D'ANELLO 91d777ffba
[certbot] Generate wildcard certificates by default 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-04 11:45:17 +01:00
Yohann D'ANELLO 9f97936635
[reverseproxy] stream.crans.org is not reverse-proxyfied 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-04 10:53:48 +01:00
Yohann D'ANELLO 5aeefd730e [root] Sputnik is using deb.debian.org 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-01 16:20:04 +00:00
Yohann D'ANELLO 08f359cc9c [crans_scripts] Gitlab is talking HTTPS 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-01 16:20:04 +00:00
_shirenn f5e7405188 [root] split root play and deploy root password 2021-03-01 16:20:04 +00:00
Yohann D'ANELLO 5324bd240d [network_interfaces] Query IPs and gateways in LDAP 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-03-01 16:20:04 +00:00
Yohann D'ANELLO cb8f5b1537 Load vault passwords from local password store, then cache them 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-28 16:08:27 +00:00
_shirenn 5661bb4bf6 [dhcp] Restart isc-dhcp-server only if it is already running 2021-02-23 23:28:20 +01:00
Yohann D'ANELLO c2eb610edf
[gitlab] vault_ => vault. 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 23:34:30 +01:00
Yohann D'ANELLO 23371f7cb1
[gitlab] Rename git to gitlab 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 23:30:29 +01:00
Yohann D'ANELLO 98eaeaa53b
[gitlab] Install irker from Debian Sid to add IRC webhooks 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 23:29:58 +01:00
Yohann D'ANELLO e6c4b70efd
(gitlab] Configure nginx reverse-proxy to manage multiple certificates 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 23:29:57 +01:00
_shirenn b152c48ed3
[gitlab] smtp server and https push 2021-02-22 23:29:56 +01:00
Yohann D'ANELLO d383ca4b8b
[gitlab/nginx] Add nginx configuration for Gitlab 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 23:29:56 +01:00
Yohann D'ANELLO 6fb4783152
[gitlab] Gitlab is talking to re2o-ldap, not thot 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 23:29:56 +01:00
ynerant 63d4164ba0
Cransible Gitlab configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 23:29:55 +01:00
Yohann D'ANELLO 6d35dcd7e8 [nginx/mailman] Fix configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 28a6fd4be6 [thelounge] Rename thelounge ldap password 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 661682c550 [nginx/moinmoin] Fix moinmoin configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 6b8fb0916f [nginx/moinmoin] Extract nginx configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO d6f15d4210 [nginx/cas] Factorize nginx configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 82119c746e [nginx] Define proper set_realip_from 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 3b79c0177c [nginx] Don't deploy SSL configuration if we don't need one 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 8d8c212f49 [nginx/roundcube] Factorize configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 2c9b89a74d [thelounge] Rename irc to thelounge 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 1ec1aeca90 [thelounge] vault_ldap_thelounge_password -> vault.ldap_thelounge_password 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 44cf074a39 [nginx] Add feature to add additional params to a nginx server 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO de58138a22 [nginx] Multiple certficates are compatible with reverse-proxy 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 72238d79ed [nginx] Add feature to manage multiple certificates, for example for crans.org and for adm.crans.org 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 9d5a080fc5 [thelounge] Support zamok configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 3f4a66eb7c [thelounge] Copy ldap configuration for zamok 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO f039121e21 [thelounge] Download the Debian package and install it, and deploy 
configuration

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO c3d58d9ca9 [nginx] Fix default configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 2b8e0dbbff [nginx] Fix nginx template, this is now usable 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
ynerant a9897ec3c0 [nginx] Load global and local nginx configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO dafa3685ce [nginx] Copy 401 error page if we use credentials 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 0eaee6c78f [nginx] Copy robots.txt 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 3fceaeb836 [nginx] allow setting credentials to a nginx server 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 6c8be2638c Add default global nginx configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
ynerant 244e1c284b Cransible mailman nginx configuration 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 22:26:31 +00:00
Yohann D'ANELLO 408c857f81
[zamok_apache] Pepcransification 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 14:07:35 +01:00
Yohann D'ANELLO ae163d6bc9
[nullmailer] Define allmailfrom to always send mails as root 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-02-22 12:31:30 +01:00
ynerant 359b6a4553
[belenios] Deploy belenios 
Signed-off-by: ynerant <ynerant@crans.org>
 2021-02-22 12:31:30 +01:00
_shirenn 6e6dd56e4d [borg] lets filter-out shit and backup cameron 2021-02-22 12:13:23 +01:00
_shirenn 59bc91dc9d [vault] Changing cranspasswords to pass crans 2021-02-22 12:01:03 +01:00
_shirenn 262696970f [network-interfaces] PEPCRANSED 2021-02-22 11:51:44 +01:00
_shirenn a82d770043 [slapd] Filter ipv4s responsibly 2021-02-22 09:45:13 +01:00
_shirenn 02df5674b1 [slapd] soyouz, query and regex 2021-02-22 01:30:02 +01:00
ynerant 009e7b42cb
[certbot] Generate multiple certificates (useful for adm) 
Signed-off-by: ynerant <ynerant@crans.org>
 2021-02-16 15:35:07 +01:00
_shirenn d03eed8abe [re2o-services] PEPCRANSIFIED 2021-02-11 09:57:10 +01:00
_shirenn f5cf25c9b7 [dhcp] dont clone git from /tmp 2021-02-11 09:57:10 +01:00
_benjamin ff864b50a1 Better header 
Updates according to file rather than repository
 2021-02-10 19:18:04 +01:00
_shirenn acd8e3da2a [nullmailer] PEPCRANSED BRO 2021-02-10 11:30:07 +01:00
_shirenn 7cd62269a3 pepcrans :) 2021-02-08 15:02:14 +01:00
_benjamin bc486b5570 Merge branch 'linx' into 'newinfra' 
[linx] Add linx server, role and playbook

See merge request nounous/ansible!206
 2021-02-08 13:37:42 +00:00
_benjamin 1d5310127e [linx] Add linx server, role and playbook 2021-02-08 14:37:05 +01:00
pa d7660e8333 [cas] CRANSIBLEISED bro 2021-02-07 18:16:43 +01:00
_shirenn 33e43c8815 [framadate] Moving to version 1.1.11 2021-02-06 11:30:00 +01:00
_shirenn dfb995e958 [ldap] Petit nettoyage 2021-02-03 16:17:38 +01:00
_shirenn 29222acf56 [crans_scripts] PEPCRANSIFICATION 2021-01-17 21:39:18 +01:00
_shirenn 1eba54f3ec [ntp-client] On continue à PEPCRANSIFIER 2021-01-17 20:59:45 +01:00
pa 28fa6e0a94 [keepalived] Rafraichissement de la conf 2021-01-17 20:13:30 +01:00
Alexandre Iooss a23e82e0f1 Add grafana to reverse proxy 2021-01-05 15:07:23 +01:00
_benjamin b2077f1337 [dhcp.yml] fix group_vars 2021-01-04 20:38:47 +01:00
Yohann D'ANELLO 4e1d440a52
[reverseproxy] Wrong IP for Re2o 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-01-02 20:01:35 +01:00
Yohann D'ANELLO fc815ca5c3
Re2o joined newinfra 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2021-01-02 19:25:11 +01:00
Alexandre Iooss 585d947b6f
Migrate CAS to new infra 2021-01-02 09:34:22 +01:00
Alexandre Iooss cde1c46127
Rename codimd to hedgedoc 2021-01-01 11:59:26 +01:00
_benjamin b4582c09b3 [server] Add contrib to debian components 2021-01-01 11:31:29 +01:00
Alexandre Iooss f2fc976bcc
Reverse zamok and owncloud 2020-12-28 21:59:23 +01:00
Alexandre Iooss f8994e5b59
Reverse theloundge 2020-12-28 19:16:25 +01:00
Alexandre Iooss f3c31c072a
Fix certbot 2020-12-28 19:15:23 +01:00
_pollion 559935d983 Merge branch 'owl' into 'newinfra' 
Owl

See merge request nounous/ansible!127
 2020-12-28 17:22:46 +01:00
_pollion 0c8247d4a2 [dovecot] Fix ldap queries. 2020-12-27 19:59:52 +01:00
Michaël Paulon 4251074bc0 dovecot is now in ansible 2020-12-27 13:04:57 -05:00
Alexandre Iooss cb7952bd2d Add srv_nat on codimd and reverse proxy 2020-12-23 12:18:22 +01:00
_pollion d2a6501b9e Merge branch 'newinfra' into 'borgbackup' 
# Conflicts:
#   group_vars/crans_server/vars.yml
#   plays/backup.yml
 2020-12-06 02:25:53 +01:00
_pollion c269d0c280 [borg] New options 2020-12-06 00:04:04 +01:00
_pollion acafd5b7c8 [Borgbackup] Pull borg from bullseye and deploy configuration. 2020-12-02 19:42:21 +01:00
Alexandre Iooss 1e567358eb
Add ubuntu support 2020-11-30 18:26:15 +01:00
Alexandre Iooss 2a60dd846d
Redirect via hodaur 2020-11-29 22:11:43 +01:00