crans
/
ansible
mirror of http://gitlab.adm.crans.org/nounous/ansible.git
19
0
Fork 0
Code Issues Projects Releases Wiki Activity
850 Commits
12 Branches
0 Tags
7.9 MiB
Commit Graph

484 Commits (eccb6172e2c64bf3bf257c7719ac21a001a2dc4f)

Author SHA1 Message Date
_shirenn 3dc27fa1da [framadate] Creation de la base de données mysql 2020-06-02 20:52:04 +02:00
_shirenn 3c05a6439e [framadate] phpv2 … 2020-06-02 20:42:14 +02:00
_shirenn ac40717cea [framadate] php … 2020-06-02 20:40:54 +02:00
_shirenn 9c8c5c1c05 [framadate] Ansible comment … 2020-06-02 20:39:06 +02:00
_pollion b6d15e85ea [freeradius] LE certificate with DNS challenge 2020-06-02 18:06:05 +02:00
Alexandre Iooss 0d36ac644c
[monitoring] Use ip filter for adm 2020-06-01 19:42:47 +02:00
_shirenn 481b7e8a9f Removes unnecessary become 2020-05-29 21:09:38 +02:00
_shirenn 34035fd687 pouet 2020-05-29 20:29:12 +02:00
_shirenn e776bee6eb [Framadate] corrects a missing 0 in .htpasswd permission 2020-05-27 12:11:00 +02:00
_shirenn 17abd936c1 Changes framadate to version 1.1.10 2020-05-27 00:23:49 +02:00
_pollion 5cb249c5cc [Alerts] Please stop yelling, it's not so hot (yet) ... But we keep watching you. 2020-05-26 13:09:33 +02:00
Alexandre Iooss 67ffa3c893
[prometheus] use dig lookup for adm ip 2020-05-25 12:43:12 +02:00
Alexandre Iooss ec3da3b8e5
[mtail] Add radiusd 2020-05-24 11:23:25 +02:00
Alexandre Iooss 55ad4a87a4
Copy dhparam only if does not already exist 2020-05-19 19:00:06 +02:00
_benjamin 7c049d2c17 [postfix] Add header to sender_login_maps 2020-05-19 12:49:11 +02:00
Michaël Paulon f3a3eda192 on envoie des alertes quand le load de zbee est à 7 et pas 5 pour arrêter le spam 2020-05-19 11:02:45 +02:00
_pollion 1080857f26 [Policyd] Fix policyd deployment. 2020-05-17 21:10:54 +02:00
_pollion 9e4e71dbbd Configuration for policyd 2020-05-17 20:31:00 +02:00
_benjamin aed4b4fadf [sqlgrey] Deploy sqlgrey on redisdead 2020-05-17 19:51:39 +02:00
_benjamin 20effc46e7 [opendkim] Install and configure opendkim 2020-05-17 17:29:51 +02:00
_pollion bb134fd1ff Add debsums to common packages 2020-05-17 15:36:00 +02:00
_pollion d34bb5b68b [Postfix] Creates letsencrypt renewal hook directory. 2020-05-17 14:15:05 +02:00
_benjamin eac1d0b7e0 [postfix] Better with the script 2020-05-17 14:06:58 +02:00
_benjamin 1333bda7ed [postfix] fix hook path 2020-05-17 13:58:33 +02:00
_benjamin 6692386c7a [postfix] Reload postfix after certificate renewal 2020-05-17 13:52:44 +02:00
_pollion a1828b52aa [Postfix] Fanciness. 2020-05-17 13:29:14 +02:00
_pollion bb9ce4fb57 [Postfix] Allows to filter connection to smtp based on client IP. 2020-05-17 13:28:32 +02:00
_pollion 9f15e2115c [Postfix] Configuration for master smtp. 2020-05-17 13:26:50 +02:00
_pollion a81cf43364 [Postfix] Get rid of canonical address mapping. 2020-05-17 12:09:01 +02:00
_benjamin a04fa9f2cf Merge branch 'master' of https://gitlab.crans.org/nounous/ansible 2020-05-17 11:23:58 +02:00
_benjamin 0227e5c823 [postfix] Use direct certificate path 2020-05-17 11:23:51 +02:00
_pollion 4ebcfa287a Huge clean up in mailman configuration 2020-05-17 11:09:23 +02:00
_pollion e585efb9af Add apt-file to common tools 2020-05-17 09:06:20 +02:00
Alexandre Iooss 41e941034e
[reverseproxy] Do not install nginx certbot 2020-05-17 08:32:29 +02:00
Alexandre Iooss 6862b26d17
Use adm ipv4 for monitoring 2020-05-17 08:15:46 +02:00
Michaël Paulon 801811ffa8
on backup la partition var/lib/mailman sur redisdead 2020-05-17 03:59:09 +02:00
Michaël Paulon 4b627c6e75
on met des templates corrects pour chsh (et chsh.ldap sert à rien) 2020-05-17 03:58:20 +02:00
_benjamin 22cdae2d0d [re2o-mail-server] Au revoir LXir 2020-05-15 15:45:13 +02:00
_pollion a761100b28 Why the hell would you use non ascii characters ? 2020-05-10 13:43:19 +02:00
Alexandre Iooss 90d25818e1
DU EtherCalc 2020-05-10 09:35:38 +02:00
Alexandre Iooss c5617f4c77
[ethercalc] NPM install 2020-05-09 10:45:36 +02:00
Alexandre Iooss 21fd284cc5
EtherCalc role 2020-05-09 10:40:50 +02:00
Alexandre Iooss 4ad342843f
Simplify monitoring playbook 2020-05-09 10:11:38 +02:00
Alexandre Iooss 38ff5c192f
Fix nginx max body size 2020-05-06 12:59:08 +02:00
_benjamin cb6e858804 [nginx-reverseproxy] Trailing spaces… 2020-05-04 12:19:32 +02:00
_shirenn 6c06f51e24
[framadate] includes the framadate php configuration file 2020-05-03 20:53:42 +02:00
Alexandre Iooss 6eaf509ff3
[nginx] Reverse WebSocket 2020-05-03 15:19:29 +02:00
Alexandre Iooss e8b0d14a55
Grafana on :3000 2020-05-03 14:19:00 +02:00
Alexandre Iooss 7d1ecd19a4
SSL snippet and drop TLS 1.0 and 1.1 2020-05-03 12:51:16 +02:00
Alexandre Iooss b3619d05f4
Some changes in keepalived template 2020-05-03 10:03:12 +02:00
Alexandre Iooss c8504973a8
Working FramaDate 2020-05-02 18:00:09 +02:00
Alexandre Iooss 86d17dedfa
[framadate] NGINX config 2020-05-02 16:54:42 +02:00
pa bc932b0617 [Framdate] nginx configuration 2020-05-02 16:47:28 +02:00
pa a96a0cfce4 [Framadate] log file creation 2020-05-02 15:43:26 +02:00
_benjamin 22c22a3cb0 [keepalived] Don't hardcode proxies adm interface 2020-05-02 13:19:16 +02:00
Alexandre Iooss 0a50480ad7
Minor fixes on reverse proxy 2020-05-02 13:03:29 +02:00
Alexandre Iooss 3d80f71646
Fix yaml syntax 2020-05-02 10:39:45 +02:00
Alexandre Iooss 37406ff774
[nginx-reverseproxy] Initial role 2020-05-02 10:18:10 +02:00
Alexandre Iooss bcba080057
Clean up Framadate for shireen 2020-05-01 18:37:51 +02:00
Alexandre Iooss 4e6571a179
New DNS key 2020-05-01 17:35:27 +02:00
Alexandre Iooss 80040dd35c
Certbot role for gitzly 2020-05-01 17:17:18 +02:00
_benjamin e54244e0c7 [bind-authoritative] Add zone _acme-challenge.adm.crans.org 2020-05-01 16:59:47 +02:00
Alexandre Iooss a10fda1b19
[backuppc] Initial role 2020-04-29 12:15:12 +02:00
erdnaxe 48c33326c5 Merge branch 'interfaces' into 'master' 
Interfaces

See merge request nounous/ansible!16
 2020-04-29 12:00:34 +02:00
_pollion b9a7e19bc0 [rsync-client] Add wireguard interface. Enable backups on sputnik. 2020-04-29 10:53:58 +02:00
Alexandre Iooss a3e3532644
[interface] Factorize 2020-04-28 20:27:58 +02:00
Alexandre Iooss 459d9cc55e
[interfaces] Add metrics 2020-04-28 18:59:35 +02:00
Alexandre Iooss cfe9140a0b
[interfaces] Do not force autoconf 2020-04-28 18:46:38 +02:00
Alexandre Iooss b1120e7637
[interfaces] use is defined 2020-04-28 18:26:59 +02:00
Alexandre Iooss 28ffd68a14
[interfaces] Install vlan 2020-04-27 21:34:41 +02:00
Alexandre Iooss 51f49eb461
[interfaces] allow-hotplug to auto 2020-04-27 21:28:43 +02:00
Alexandre Iooss 2d417ba516
Rename certbot conf 2020-04-27 15:51:08 +02:00
Alexandre Iooss cc51282a63
[bind] Add wildcart to .eu and .fr 2020-04-27 15:17:31 +02:00
Alexandre Iooss d3759ff960
[certbot] Wildcard crans.eu and crans.fr 2020-04-27 15:06:09 +02:00
Alexandre Iooss ac79e09f57
[bind] factorize allow-transfer and notify 2020-04-27 14:32:32 +02:00
_pollion 450be99ada Add reverse zones 2020-04-27 11:37:26 +02:00
_benjamin bd9a7ef4e9 [bind] Use absolute domain name 2020-04-27 11:07:18 +02:00
Alexandre Iooss 1bf27f8487
[certbot] Wildcard DNS 2020-04-27 09:40:48 +02:00
Alexandre Iooss 6d8d3be61b
[bind] Fix apparmor 2020-04-27 09:22:35 +02:00
Alexandre Iooss 04588f0c18
[bind] Configure transfert and hide version 2020-04-27 00:42:22 +02:00
Alexandre Iooss c66f2b36af
[bind] Cache and fix master detection 2020-04-26 22:51:48 +02:00
_pollion 652dc2456d Fix CI 2020-04-26 22:23:01 +02:00
_pollion c44ea290b3 Don't touch usr/script in check_mode (It may not have been created yet) 2020-04-26 22:16:19 +02:00
Alexandre Iooss f0c2e0f097
[bind] Evaluate facts in tasks 2020-04-26 22:13:59 +02:00
Alexandre Iooss 4e8eec6f22
[bind] Sort zones 2020-04-26 21:45:41 +02:00
Alexandre Iooss 6555d1bb75
[bind] separate cache and server 2020-04-26 21:40:50 +02:00
Alexandre Iooss 1e7e51aac1
[bind] Can't update slave with key 2020-04-26 19:47:44 +02:00
Alexandre Iooss 78d82029f0
Fix master/slave certbot in bind 2020-04-26 19:39:52 +02:00
Alexandre Iooss de3e0e5b74
Fix missing zone in bind config 2020-04-26 19:36:14 +02:00
Alexandre Iooss 7e59fd079d
[bind] Use zone for ACME 2020-04-26 19:32:12 +02:00
Alexandre Iooss 44b14958a7
[Wireguard] Motd 2020-04-26 18:41:13 +02:00
Alexandre Iooss 642072c503
[bind-author] Motd 2020-04-26 18:37:12 +02:00
Alexandre Iooss fe3df776db
Use Re2o API to config Bind9 2020-04-26 18:18:18 +02:00
Alexandre Iooss 9b6f408aa4
Fix indentation 2020-04-26 15:53:57 +02:00
Alexandre Iooss 8a7a399b08
Initial certbot conf 2020-04-25 20:57:32 +02:00
Alexandre Iooss d1911ff6ad
[bind] Add master configuration 2020-04-25 20:22:26 +02:00
Alexandre Iooss bdd6eb0345
[bind authoritative] Revert to debian conf 2020-04-25 18:44:25 +02:00
_benjamin 05d2349f62 [interfaces] Configure switch interface 2020-04-21 16:50:16 +02:00
_benjamin a0a5d0964d [interfaces] Fix task description 2020-04-21 14:55:37 +02:00
_benjamin d38b3a48b7 [interfaces] Deploy interfaces on charybde 2020-04-21 14:40:53 +02:00
_benjamin fdaa69a312 [interfaces] Configure adh interface 2020-04-21 13:24:34 +02:00
_benjamin 7b99fb22bd [interfaces] Alias ansible facts 2020-04-21 12:06:26 +02:00
_benjamin 11b90f8b51 [interfaces] Change interfaces.fact format 2020-04-21 09:57:02 +02:00
_benjamin 81de24e5bd [interfaces] Configure fil interface 2020-04-21 08:50:46 +02:00
_benjamin 2667c3d696 [interfaces] Add supplementary lines from local facts to all interfaces 2020-04-20 22:27:17 +02:00
_benjamin a6392502b9 [interfaces] Add supplementary lines from local facts 2020-04-20 20:45:00 +02:00
_benjamin 4b5c16e683 [interfaces] Deploy /etc/network/interfaces for srv and ens 2020-04-20 19:46:47 +02:00
_benjamin e9fdfde417 [interfaces] Deploy /etc/network/interfaces for adm 2020-04-20 18:56:42 +02:00
_benjamin 1a3872c8a0 [re2o-mail-server] Update mail-aliases submodule 2020-04-20 08:42:55 +02:00
_benjamin abc7e9e2fb [quagga] Fix comments in bgpd and zebra config 2020-04-20 08:32:47 +02:00
_benjamin c9f6007c43 Merge branch 'ifalias' into 'master' 
Use interface alias to get adm ip

See merge request nounous/ansible!14
 2020-04-19 18:48:18 +02:00
_benjamin 6d5e253d18 Use interface alias to get adm ip 2020-04-19 18:29:44 +02:00
_pollion 996fe339de Ces fichiers étaient passés à côté du sed 2020-04-19 16:05:09 +02:00
_benjamin 3e2807918a [wireguard] Set adm alias for sputnik interface 2020-04-19 09:25:44 +02:00
_pollion f46c4f9f24 tail me more, tail me more 2020-04-18 18:27:32 +02:00
_pollion e0bb7d6ece Bind configuration 2020-04-18 17:15:20 +02:00
_pollion 467a5b2748 Make use of handlers in postfix role 2020-04-18 16:50:23 +02:00
_pollion 90dc7c1c59 Fix CI : Change nothing if nothing needs to be done. 2020-04-16 18:53:01 +02:00
_pollion f589c18e36 Discard useless local-fact role 2020-04-16 18:35:48 +02:00
_pollion 4afecdeb89 In bind/named.conf comments start with // 2020-04-16 18:18:20 +02:00
_pollion 4af63a2be5 New ansible_header, more specific. See group_vars/all/vars.yaml 2020-04-16 17:56:54 +02:00
Alexandre Iooss e0d9b301ac
[prometheus] Also precise job 2020-04-15 10:07:00 +02:00
Alexandre Iooss e7888a6b9c
Add mtail role for thot 2020-04-15 10:03:46 +02:00
Alexandre Iooss 08f840d0bc
Monitor thot mtail 2020-04-15 00:04:03 +02:00
Alexandre Iooss fd65a64aab
[common-tools] Add lsb-release 2020-04-13 10:48:26 +02:00
_benjamin 39da3666bb [zbee-mount] Fix mount file name again 2020-04-12 16:49:54 +02:00
Alexandre Iooss 21d4aace4f
[owncloud-autofs] Configure automount 2020-04-11 18:49:23 +02:00
Alexandre Iooss b90aea891b
[home-permanent] Fix service name 2020-04-11 18:37:29 +02:00
Alexandre Iooss 7e736b0e19
Owncloud AutoFS role 2020-04-11 14:44:35 +02:00
_benjamin 416d0c3c45 [zbee-mount] Fix mount file name 2020-04-11 14:33:46 +02:00
_benjamin 122d75d947 [home-permanent] Fix mount file name 2020-04-11 14:31:38 +02:00
_benjamin fcbcfa0dfb [home-permanent] Where setting must match mount point 2020-04-11 14:28:59 +02:00
Alexandre Iooss 017374d20d
Add Owncloud cron 2020-04-11 14:26:31 +02:00
_benjamin 04a7dcfedd [home-permanent] Start mount after network 2020-04-11 14:19:59 +02:00
Alexandre Iooss ccd4636b62
[owncloud] Fix repo url 2020-04-11 13:49:19 +02:00
_pollion c23437874d [rsyncd][nullmailer] Add newline at end of file 2020-04-11 13:42:42 +02:00
_pollion 2ff2dad5f9 Doesn't install recommended packages for common-tools 2020-04-11 13:29:04 +02:00
Alexandre Iooss 898ceebce9
Fix owncloud role 2020-04-11 13:11:22 +02:00
Alexandre Iooss d50c25cdcc
Add OwnCloud role 2020-04-11 13:04:49 +02:00
Alexandre Iooss e2dabd91ed
Add nginx conf for pubftp 2020-04-07 22:48:08 +02:00
Alexandre Iooss 24018996c0
motd for rsync mirror 2020-04-07 22:46:09 +02:00
Alexandre Iooss c5146c8039
Indicate ftpsync in motd 2020-04-06 09:35:40 +02:00
Alexandre Iooss 253531f623
[rsync-mirror] Do not send mail on success 2020-04-01 09:46:02 +02:00
Alexandre Iooss 0f880a1f2e
[rsync-server] Add custom FTP endpoints 2020-04-01 09:45:39 +02:00
Alexandre Iooss 975220d174
Use syncproxy for mirror sources 2020-03-30 23:14:04 +02:00
Alexandre Iooss b7d33d4e09
rsync mirror cdimages 2020-03-30 20:53:08 +02:00
Alexandre Iooss 5bf423027e
ftpsync role 2020-03-30 20:17:27 +02:00
Alexandre Iooss 425444b4e1
Don't touch before template 2020-03-20 10:21:30 +01:00
Alexandre Iooss 4901b6e4d6
Shorten lines and remove trailing blank line 2020-03-20 10:12:37 +01:00
Alexandre Iooss 41f78499d9
Ignore SSL when cloning gitlab.adm.crans.org 2020-03-20 09:56:23 +01:00
Alexandre Iooss 23d29500e7
Split ldap role and reorder base.yml 2020-03-20 09:40:39 +01:00
Alexandre Iooss 9115cbd23c
Add needrestart everywhere 2020-03-19 08:57:46 +01:00
Alexandre Iooss 3eddc43474
[prometheus] Repeat alerts every 24h 2020-03-04 19:06:03 +01:00
Alexandre Iooss a20f645fce
mumudvb role for cochon 2020-02-07 09:12:19 +01:00
Alexandre Iooss 3e90875e83
Add CAS crons 2020-02-01 18:48:36 +01:00
Alexandre Iooss 16e9f86c2d
[nullmailer] Do not guess mail host 2020-02-01 17:40:11 +01:00
_benjamin 0519f8dc1c [rsyslog-client] Do not send thot's logs to thot 2020-01-31 16:31:51 +01:00
Alexandre Iooss a465aec803
Alert on load from 3 to 5 2020-01-31 13:12:06 +01:00
Alexandre Iooss 5cfc5cc14f
[prometheus] Add rule to warn on big mailq 2020-01-31 12:53:57 +01:00
Alexandre Iooss 0c8aa9c103
[prometheus-node-exporter] Monitor mailq 2020-01-31 12:40:00 +01:00
_benjamin b59a0d0b0a [zamok-tools] Add ranger on zamok 2020-01-31 11:17:31 +01:00
Alexandre Iooss 2bfe4fae25
Mesure load rather than CPU time usage 2020-01-26 21:31:48 +01:00
Alexandre Iooss e884f11045
Add mdadm monitoring 2020-01-26 21:24:29 +01:00
_benjamin 7e5f0ad73e [wireguard] Deploy configuration and activate service 2020-01-26 11:09:39 +01:00
_benjamin 55e73e2a63 [re2o-services] Install python3-requests 2020-01-25 13:35:41 +01:00
_benjamin 0494fe72b0 Fix CI 2020-01-25 13:34:47 +01:00
_benjamin 25f9e2d7af Fix CI 2020-01-25 13:30:52 +01:00
_benjamin 0eb1b75a13 [postfix] Generate postfix lookup tables with postmap 2020-01-25 13:00:51 +01:00
_benjamin d7d32e7b90 [bind-authoritative] Deploy zone file on slaves 2020-01-25 11:36:08 +01:00
_benjamin 30cd13c791 [re2o-services] Create generated directory 2020-01-25 09:21:04 +01:00
_benjamin 0e8aaa976b [re2o-services] Install depandencies and create directory 2020-01-25 09:19:09 +01:00
_benjamin d6d09a3832 [re2o-mail-server] Added role to deploy re2o mail-server 2020-01-24 15:27:25 +01:00
_benjamin fd316366f8 [postfix] Deploy canonical configuration file 2020-01-24 10:42:47 +01:00
_benjamin 709b968d98 [postfix] Added role to install postfix 2020-01-24 09:13:15 +01:00
Alexandre Iooss c61d38e823
Add docker role for gateau 2020-01-21 08:15:27 +01:00
_benjamin c30b3c1624 [rsylog-client] Added role to send logs to thot using rsyslog 2020-01-21 07:15:58 +01:00
_benjamin 051788fcbe [keepalived] Added role to install keepalived 2020-01-20 16:59:40 +01:00
_benjamin 15cd5ce7ec [logall] Added role to handle firewall logs 2020-01-20 14:10:03 +01:00
_benjamin 50f105bcfe [quagga] Added role to install quagga 2020-01-20 13:39:47 +01:00
Alexandre Iooss a63cea10e1
Do not warn on orphans 2020-01-19 19:33:04 +01:00
Alexandre Iooss f34db0c556
Warn on orphans only if >1 2020-01-19 19:21:09 +01:00
Alexandre Iooss c26294b0a5
Warn when orphans packages are present 2020-01-19 18:57:38 +01:00
Alexandre Iooss e55bef009a
Add orphans apt packages metric 2020-01-19 18:56:23 +01:00
Alexandre Iooss 3c2f218a2f
Warn when autoremove is possible 2020-01-19 18:39:29 +01:00
Alexandre Iooss feadda6fac
Patch prometheus APT collector 2020-01-19 18:23:40 +01:00
_benjamin cbd83f3732 Fix CI 2020-01-19 15:22:46 +01:00
_benjamin 5ae5e275fe [re2o-firewall] Deploy firewall_config.py 2020-01-19 10:54:57 +01:00
_benjamin a5614ab30c [re2o-firewall] Added role to install re2o firewall service 2020-01-19 10:39:46 +01:00
_benjamin fb49bc2394 [re2o-dhcp] Added role to install re2o dhcp service 2020-01-18 17:55:36 +01:00
_benjamin 71bb8f86da [re2o-home] Deploy cron to create home directories 2020-01-18 13:53:04 +01:00
_benjamin 9158cdb20f [re2o-dns] Deploy cron to refresh dns 2020-01-18 13:52:31 +01:00
_benjamin 9955f69ec7 [re2o-notif-users] Added role to install re2o notif-users service 2020-01-18 13:51:55 +01:00
_benjamin b44eef4089 [re2o-home] Added role to install re2o home service 2020-01-18 13:07:57 +01:00
_benjamin d48c72ef76 [re2o-dns] Added role to install re2o dns service 2020-01-18 09:52:44 +01:00
_benjamin e0cf2286c0 [re2o-services] Install re2o-services config file 2020-01-18 09:37:02 +01:00
_benjamin 71d6863758 [common-tools] Setup screen for multiuser 2020-01-17 18:06:23 +01:00
_benjamin 887a3f2e95 [scripts] Added role to clone scripts 2020-01-17 12:56:44 +01:00
Alexandre Iooss 4f7d3a6a82
Also use na or ng as label in metrics 2020-01-14 22:15:20 +01:00
Alexandre Iooss 9bb2834905
Do not care about irqbalance 2020-01-14 13:12:11 +01:00
Alexandre Iooss e7edf6ed2e
Clean up useless index metric 2020-01-13 11:13:10 +01:00