Zolfa
5278d25567
roles/icinga2: improved web service syntax
http external web services are monitored as separeted host
5 years ago
Zolfa
db3c3009c3
roles/coturn: use only loopback topology
To avoid excessive consumption of UDP port that seems to be detected
and blocked by SIAF upstream firewall.
Only loopback relay is permitted, so the only TURN Topology allowed
is:
Forward:
Client 1 <--TURN--> (udp/88) Server <--RTP--> Server (udp/88) <--TURN--> Client 2
Topologies like:
Client 1 <--TURN--> (udp/88) Server (udp/>10000) <--RTP--> Client 2
Are not allowed.
5 years ago
Zolfa
3f8db5cc20
roles/ldap: improved log and repl fix
5 years ago
Zolfa
ca11d57162
roles/onlyoffice: new role !
5 years ago
Zolfa
35bc3004d3
roles/etherpad: new role !
5 years ago
Zolfa
cf34d9522c
roles/ldap: monitoring fact added
5 years ago
Zolfa
42212333a4
roles/icinga2: ssh control persist and ldap checks
5 years ago
Zolfa
78dfe4819f
roles/ldap: add syncrepl support
5 years ago
Zolfa
11fc50313e
roles/ldap: test_user instead of pippo
5 years ago
Zolfa
aac0856524
roles/nextcloud: fix folder permission
5 years ago
Zolfa
6a8ed9911d
prepare_host: typo
5 years ago
Zolfa
26097f8b44
roles/lxc and prepare host: apt autorefresh
5 years ago
Zolfa
4ce04659c4
roles/nextcloud: add alternate fqdns support
5 years ago
Zolfa
e8383499bd
roles/nginx: add tls 1.2 support
5 years ago
Zolfa
caa2cba6bf
roles/nginx: add alternate fqdn variable
5 years ago
Zolfa
8e84130b2f
roles/dns_record: add host default
5 years ago
Zolfa
041a842571
roles/ca_cert: role variable scope
Put some variable in ./vars/main.yaml scope to avoid change in one
role import overwriting all successive use.
5 years ago
Zolfa
80b5d67ad0
roles/certbot: zero downtime, reload only
Do not stop the webserver before performing HTTP challenge (challenge
is on port 80, webserver should be listening on port 443 only).
As post-renewal hook just reload the webserver, don't restart.
5 years ago
Zolfa
19f07539e0
roles/certbot: add alternate fqdns variable
5 years ago
Zolfa
3707cf056e
roles/ldap: prepare for bump to ansible 2.10
5 years ago
Zolfa
d8674388f8
roles/nextcloud: use ldap username instead of uuid
Don't use random uuid as internal user refs for LDAP users, otherwise
administration from the web interface become impossible.
5 years ago
Zolfa
423ea9a189
roles/gitlab: update cache after apt
5 years ago
Zolfa
d2ef029311
fixup! monitoring: new host template
5 years ago
Zolfa
b478954cb6
roles/dns_record: use full fqdn in hosts file
5 years ago
Zolfa
5488494efd
prepare_lxc_guest: added vm_size var
reword of task names
5 years ago
Zolfa
6ddf490a00
monitoring: increased max proc for lxc host
5 years ago
Zolfa
def1bfe428
roles/icinga2: fix for debian bullseye
nagios-plugins-contrib not available on bullseye
5 years ago
Zolfa
0d032a9e2b
fixup! roles/nextcloud: ldap groups memberof overlay fix
5 years ago
Zolfa
6db052e8a7
monitoring: new host template
5 years ago
Zolfa
80f8f61502
roles/icinga2: new templates configuration
Improved automatic settings for ssh agent.
Load and mem services against `physical` machine and not lxc guest.
5 years ago
Zolfa
599e0b8996
roles/lxc_guest: add unprivileged support
5 years ago
Zolfa
2c3d068809
roles/ldap: fix acl to add user to groups
5 years ago
Zolfa
2754e1b597
roles/ldap: fix logging
5 years ago
Zolfa
a3dd2cca7c
roles/ldap: add servers
5 years ago
Zolfa
267ff56235
roles/ca_cert: custom algorithm and broker chain
Allows custom (non-ed25519) algorithm and verification of broken trust
chain, to work with current stable ca_manager implementation.
5 years ago
Zolfa
6eb3fd6125
roles/nextcloud: ldap groups memberof overlay fix
5 years ago
Zolfa
265d70c949
roles/nextcloud: typos and deprecations
5 years ago
Zolfa
9ce361fa8c
roles/nextcloud: php-fpm settings optimization
5 years ago
Zolfa
e92c42c254
roles/nextcloud: fix reverse proxy for webdav
5 years ago
Zolfa
a848d61535
safer password handling in ldap and nextcloud
5 years ago
Zolfa
9cf3c87b0d
roles/reverse_proxy: better handling of multi names
5 years ago
Zolfa
b963521513
prepare_host: add monitoring agent
5 years ago
Zolfa
ab3d23fdd8
fixup! roles/service: fix opkg installation
5 years ago
Zolfa
4d48fd1671
roles/icinga2: issue client ssh key for icinga user
So that ssh-agent Host can be actively monitored by the Icinga controller.
5 years ago
Zolfa
c03b9af325
roles/ca_cert: new role!
New role to automate generation and issuing of certificate using a
`ca_manager` server.
Code is more sintentic and concise, and we avoid duplications.
5 years ago
Zolfa
623424028d
roles/nextcloud: use version-agnostic php packages
5 years ago
Zolfa
9d250a3e89
prepare_host: fix typo in xfs module
5 years ago
Zolfa
9492565eea
roles/service: fix opkg installation
5 years ago
Zolfa
3d25d8fbdb
roles/icinga2-monitoring: allows advanced http mon
5 years ago
Zolfa
2453c02fbb
roles/riot-web: advanced http monitoring
5 years ago