 _shirenn
|
f053558e07
|
[hosts] charybde reste à chanca
|
2021-06-21 10:53:57 +02:00 |
|
_shirenn
|
d0ff9cc204
|
[apt] MàJ
|
2021-06-21 10:53:55 +02:00 |
|
_shirenn
|
37ea941a8d
|
[keepalived] https://www.youtube.com/watch?v=fNFzfwLM72c please dont die
|
2021-06-21 10:53:12 +02:00 |
|
_shirenn
|
2299dbd8f4
|
[service] make cron optional
|
2021-06-21 10:53:12 +02:00 |
 Yohann D'ANELLO
|
305c61b2fe
|
Add ArchLinux mirror
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-06-21 10:53:12 +02:00 |
|
_shirenn
|
6fa8f17d0c
|
[nfs-mount] generic systemd nfs mount service
|
2021-06-21 10:53:11 +02:00 |
|
_shirenn
|
6491256620
|
[ptf] nginx installation
|
2021-06-21 10:53:11 +02:00 |
|
_shirenn
|
833f4a3afb
|
[postgres]
|
2021-06-21 10:53:10 +02:00 |
|
_shirenn
|
4a4526506d
|
[vsftpd]
|
2021-06-21 10:53:10 +02:00 |
|
_shirenn
|
0c3e15852d
|
[rsyncd]
|
2021-06-21 10:53:10 +02:00 |
|
_shirenn
|
3fa8c60c6d
|
[mirror_backend]
|
2021-06-21 10:53:10 +02:00 |
|
Yohann D'ANELLO
|
4b70700526
|
[mtail] More configuration to select what should be monitored
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-06-21 10:53:10 +02:00 |
|
Yohann D'ANELLO
|
610bcfbe23
|
[re2o-ldap] Deploy re2o-ldap-replica on re2o-dev, use terenez as main server
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-06-21 10:53:09 +02:00 |
|
Yohann D'ANELLO
|
741a13b402
|
[re2o-ldap-replica] Support LDAPS
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-06-21 10:53:09 +02:00 |
|
Yohann D'ANELLO
|
05c641fa7e
|
[re2o-ldap-replica] Deploy a re2o-ldap-replica
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-06-21 10:53:09 +02:00 |
|
_shirenn
|
b14fd01ce0
|
migration routage
|
2021-06-21 10:53:09 +02:00 |
|
_shirenn
|
9e5d931b06
|
[rsyslog-client] PEPCRANS + cachan
|
2021-06-21 10:53:09 +02:00 |
|
_shirenn
|
f7347e41d2
|
[monitoring] PEPCRANS + monitoring of cachan infra
|
2021-06-21 10:53:08 +02:00 |
|
_shirenn
|
3d528a1891
|
[borg] Migration of zephir and omnomnom
|
2021-06-21 10:53:08 +02:00 |
|
_shirenn
|
1837a8a90d
|
[crans-scripts] move the scripts to /usr/local/src/scripts
|
2021-06-21 10:53:08 +02:00 |
|
_shirenn
|
fccda8d486
|
[routeurs] playbook to deploy routing
|
2021-06-21 10:53:08 +02:00 |
|
_shirenn
|
0e396ce23b
|
[radius] update
|
2021-06-21 10:53:07 +02:00 |
|
_shirenn
|
03a0dbfdca
|
[bird] PEPED
|
2021-06-21 10:53:07 +02:00 |
|
_shirenn
|
b8e57e9627
|
[service] create a generic role for services and apply it to dhcp
|
2021-06-21 10:53:07 +02:00 |
|
_shirenn
|
821330bf99
|
[radvd] pep-crans
|
2021-06-21 10:53:07 +02:00 |
|
_shirenn
|
57b72e53cc
|
[re2o] updating variables
|
2021-06-21 10:53:07 +02:00 |
|
_shirenn
|
5096de1a6a
|
[psql] Refactoring
|
2021-06-21 10:53:06 +02:00 |
|
Yohann D'ANELLO
|
7ea444f02e
|
[re2o-front] Use generic nginx role
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-06-21 08:52:01 +00:00 |
|
Yohann D'ANELLO
|
76a4bbf0fc
|
[galene] Clean nginx configuration
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-06-21 08:49:52 +00:00 |
|
Yohann D'ANELLO
|
99107cd832
|
Update Ansible header since template_path changed its semantic
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-06-08 16:54:49 +02:00 |
|
_shirenn
|
2eb57a975d
|
moved nounou homes
|
2021-05-12 18:49:11 +02:00 |
|
Yohann D'ANELLO
|
ac691ed19e
|
[mailman3] drop lists2.crans.org
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-04-12 14:38:03 +00:00 |
|
Yohann D'ANELLO
|
bd43cff36d
|
[mailman3] Use lists.crans.org as web entrypoint
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-04-12 14:38:03 +00:00 |
|
Yohann D'ANELLO
|
1785d7f095
|
[mailman] Setup DKIM configuration
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-04-12 14:38:03 +00:00 |
|
Yohann D'ANELLO
|
c3cd94f6e6
|
[opendkim] Pepcransification
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-04-12 14:38:03 +00:00 |
|
Yohann D'ANELLO
|
84cb6585d2
|
[mailman] Mailman has a public IP
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-04-12 14:38:03 +00:00 |
|
Yohann D'ANELLO
|
77d292713f
|
[mailman] Use multiple domains for mailman-web
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-04-12 14:38:03 +00:00 |
|
Yohann D'ANELLO
|
e242818ae9
|
[mailman/certbot] Certbot is already generating a wildcard certificate
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-04-12 14:38:03 +00:00 |
|
Yohann D'ANELLO
|
d8f6d333f3
|
[mailman3] Update 401 error for mailman
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-04-12 14:38:03 +00:00 |
|
Yohann D'ANELLO
|
81ded3ea46
|
[mailman3] Mailman is reverse-proxyfied
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-04-12 14:38:03 +00:00 |
|
Yohann D'ANELLO
|
8a0bb4401d
|
[mailman3] Missing nginx parameter
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-04-12 14:38:03 +00:00 |
|
Yohann D'ANELLO
|
90a6c623ed
|
[mailman3] Use nginx role
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-04-12 14:38:03 +00:00 |
|
Yohann D'ANELLO
|
b74d5e0bf1
|
[mailman3] Drop mailman2 configuration
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-04-12 14:38:03 +00:00 |
|
Yohann D'ANELLO
|
23a02adf11
|
[mailman3] Pepcransification
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-04-12 14:38:03 +00:00 |
|
Yohann D'ANELLO
|
a8b4842689
|
[moinmoin] Fix wiki URL prefix
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-03-30 21:49:01 +02:00 |
|
Yohann D'ANELLO
|
9fd8496767
|
[logos] Deploy logos on the wiki
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-03-24 15:26:28 +00:00 |
|
Yohann D'ANELLO
|
84b8f88278
|
[logos] Add logos for Belenios and Jitsi
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-03-24 15:26:28 +00:00 |
|
Yohann D'ANELLO
|
3d44998c5a
|
[etherpad] PEPCRANSIFICATION
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-03-23 10:19:24 +00:00 |
|
Yohann D'ANELLO
|
38ee51b2b7
|
[Etherpad] Add reverse-proxy configuration for tmpad
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-03-23 10:19:24 +00:00 |
|
Yohann D'ANELLO
|
f9cc32b71b
|
[Jitsi] Put configuration in group vars
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-03-04 18:08:27 +01:00 |
|
Yohann D'ANELLO
|
3deae233b1
|
[Jitsi] Add Jitsi role
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-03-04 16:12:43 +01:00 |
|
Yohann D'ANELLO
|
91d777ffba
|
[certbot] Generate wildcard certificates by default
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-03-04 11:45:17 +01:00 |
|
Yohann D'ANELLO
|
9f97936635
|
[reverseproxy] stream.crans.org is not reverse-proxyfied
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-03-04 10:53:48 +01:00 |
|
Yohann D'ANELLO
|
5aeefd730e
|
[root] Sputnik is using deb.debian.org
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-03-01 16:20:04 +00:00 |
|
Yohann D'ANELLO
|
08f359cc9c
|
[crans_scripts] Gitlab is talking HTTPS
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-03-01 16:20:04 +00:00 |
|
_shirenn
|
f5e7405188
|
[root] split root play and deploy root password
|
2021-03-01 16:20:04 +00:00 |
|
Yohann D'ANELLO
|
5324bd240d
|
[network_interfaces] Query IPs and gateways in LDAP
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-03-01 16:20:04 +00:00 |
|
Yohann D'ANELLO
|
cb8f5b1537
|
Load vault passwords from local password store, then cache them
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-28 16:08:27 +00:00 |
|
_shirenn
|
5661bb4bf6
|
[dhcp] Restart isc-dhcp-server only if it is already running
|
2021-02-23 23:28:20 +01:00 |
|
Yohann D'ANELLO
|
c2eb610edf
|
[gitlab] vault_ => vault.
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 23:34:30 +01:00 |
|
Yohann D'ANELLO
|
23371f7cb1
|
[gitlab] Rename git to gitlab
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 23:30:29 +01:00 |
|
Yohann D'ANELLO
|
98eaeaa53b
|
[gitlab] Install irker from Debian Sid to add IRC webhooks
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 23:29:58 +01:00 |
|
Yohann D'ANELLO
|
e6c4b70efd
|
(gitlab] Configure nginx reverse-proxy to manage multiple certificates
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 23:29:57 +01:00 |
|
_shirenn
|
b152c48ed3
|
[gitlab] smtp server and https push
|
2021-02-22 23:29:56 +01:00 |
|
Yohann D'ANELLO
|
d383ca4b8b
|
[gitlab/nginx] Add nginx configuration for Gitlab
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 23:29:56 +01:00 |
|
Yohann D'ANELLO
|
6fb4783152
|
[gitlab] Gitlab is talking to re2o-ldap, not thot
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 23:29:56 +01:00 |
|
ynerant
|
63d4164ba0
|
Cransible Gitlab configuration
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 23:29:55 +01:00 |
|
Yohann D'ANELLO
|
6d35dcd7e8
|
[nginx/mailman] Fix configuration
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
28a6fd4be6
|
[thelounge] Rename thelounge ldap password
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
661682c550
|
[nginx/moinmoin] Fix moinmoin configuration
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
6b8fb0916f
|
[nginx/moinmoin] Extract nginx configuration
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
d6f15d4210
|
[nginx/cas] Factorize nginx configuration
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
82119c746e
|
[nginx] Define proper set_realip_from
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
3b79c0177c
|
[nginx] Don't deploy SSL configuration if we don't need one
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
8d8c212f49
|
[nginx/roundcube] Factorize configuration
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
2c9b89a74d
|
[thelounge] Rename irc to thelounge
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
1ec1aeca90
|
[thelounge] vault_ldap_thelounge_password -> vault.ldap_thelounge_password
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
44cf074a39
|
[nginx] Add feature to add additional params to a nginx server
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
de58138a22
|
[nginx] Multiple certficates are compatible with reverse-proxy
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
72238d79ed
|
[nginx] Add feature to manage multiple certificates, for example for crans.org and for adm.crans.org
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
9d5a080fc5
|
[thelounge] Support zamok configuration
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
3f4a66eb7c
|
[thelounge] Copy ldap configuration for zamok
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
f039121e21
|
[thelounge] Download the Debian package and install it, and deploy
configuration
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
c3d58d9ca9
|
[nginx] Fix default configuration
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
2b8e0dbbff
|
[nginx] Fix nginx template, this is now usable
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
ynerant
|
a9897ec3c0
|
[nginx] Load global and local nginx configuration
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
dafa3685ce
|
[nginx] Copy 401 error page if we use credentials
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
0eaee6c78f
|
[nginx] Copy robots.txt
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
3fceaeb836
|
[nginx] allow setting credentials to a nginx server
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
6c8be2638c
|
Add default global nginx configuration
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
ynerant
|
244e1c284b
|
Cransible mailman nginx configuration
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 22:26:31 +00:00 |
|
Yohann D'ANELLO
|
408c857f81
|
[zamok_apache] Pepcransification
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 14:07:35 +01:00 |
|
Yohann D'ANELLO
|
ae163d6bc9
|
[nullmailer] Define allmailfrom to always send mails as root
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-02-22 12:31:30 +01:00 |
|
ynerant
|
359b6a4553
|
[belenios] Deploy belenios
Signed-off-by: ynerant <ynerant@crans.org>
|
2021-02-22 12:31:30 +01:00 |
|
_shirenn
|
6e6dd56e4d
|
[borg] lets filter-out shit and backup cameron
|
2021-02-22 12:13:23 +01:00 |
|
_shirenn
|
59bc91dc9d
|
[vault] Changing cranspasswords to pass crans
|
2021-02-22 12:01:03 +01:00 |
|
_shirenn
|
262696970f
|
[network-interfaces] PEPCRANSED
|
2021-02-22 11:51:44 +01:00 |
|
_shirenn
|
a82d770043
|
[slapd] Filter ipv4s responsibly
|
2021-02-22 09:45:13 +01:00 |
|
_shirenn
|
02df5674b1
|
[slapd] soyouz, query and regex
|
2021-02-22 01:30:02 +01:00 |
|
ynerant
|
009e7b42cb
|
[certbot] Generate multiple certificates (useful for adm)
Signed-off-by: ynerant <ynerant@crans.org>
|
2021-02-16 15:35:07 +01:00 |