Andrea Cimbalo
91c91f2360
Remove ssh root login with password
8 years ago
Edoardo Putti
e1118750ad
[lxc_guest] fix typo in resolv conf setter
8 years ago
Edoardo Putti
109362d663
get reverse proxy ip from hostname with filter
8 years ago
Edoardo Putti
55e758fd0c
[sympa] get 'mail' ip from hostname
8 years ago
Edoardo Putti
9e2fe99c6e
[nginx] set max_body_size as variable with default
8 years ago
Andrea Cimbalo
f426c9cd3a
more generic certbot
8 years ago
Andrea Cimbalo
4de58737b6
certbot static test for login3
8 years ago
Edoardo Putti
6331cbb943
use new filter everywhere
8 years ago
Edoardo Putti
ad9a5d2c92
get ip from inventory with filter
8 years ago
Edoardo Putti
c731f86294
use `vm_gateway` group vars in lxc_guest
8 years ago
Edoardo Putti
98f25f858e
get gateway address from group variables
8 years ago
Andrea Cimbalo
a273bcf6c6
add icinga2
8 years ago
Andrea Cimbalo
34c79f3a0d
add login web interface
8 years ago
Andrea Cimbalo
d23509d4ed
add opendkim to exim4 and postfix
8 years ago
Andrea Cimbalo
0edab01bda
move to php7-fpm
8 years ago
Edoardo Putti
0f66a650b1
[lxc] set container debian mirror during creation
8 years ago
Edoardo Putti
97a2918fcf
[dovecot] use openssl ansible modules
8 years ago
Andrea Cimbalo
7cc211e053
reverse_proxy: ensure nginx will read additional configuration, add handler to reload nginx configuration
8 years ago
Andrea Cimbalo
b63bda9ba9
reverse_proxy: ensure nginx will read additional configuration, add handler to reload nginx configuration
8 years ago
Andrea Cimbalo
2860c36b69
add nscd package to ldap task
8 years ago
Andrea Cimbalo
46779deaf7
use sighup to force dnsmasqd to reload /etc/hosts
8 years ago
Edoardo Putti
be3bf0f5cc
format dovecot role nicely
8 years ago
Andrea Cimbalo
efef2f7f1a
fix lvm wipe_signatures_when_zeroing_new_lvs
8 years ago
Andrea Cimbalo
0c584d011c
fix dovecot ca request
8 years ago
Andrea Cimbalo
a9843f63f5
add sftp server to ssh_server (fix openwrt)
8 years ago
Andrea Cimbalo
cdd797ddfa
add memberof to ldap
8 years ago
Andrea Cimbalo
8827b1dd1c
move ca request to a separate task
8 years ago
Andrea Cimbalo
b14299e2f1
move service task and handler to a separate role (see ansible issue 23389, 20603, 15902)
8 years ago
Andrea Cimbalo
16db54b0e2
move service task and handler to a separate role (see ansible issue 23389, 20603, 15902)
Resolves #13
8 years ago
Andrea Cimbalo
352a22f500
pass connection as vars as requested since ansible 2.2
8 years ago
Andrea Cimbalo
dc93d96f48
add dns_record role
8 years ago
Andrea Cimbalo
d2d0db41c7
fix hostname in ssh_server
8 years ago
Andrea Cimbalo
0606140dbb
ssh_server can now run on openwrt
8 years ago
Andrea Cimbalo
fc07f62256
fix nginx proxy config deploy
8 years ago
Andrea Cimbalo
9886f4ce4d
fix service handler name in ldap role
8 years ago
Andrea Cimbalo
49ac0a9b6e
fix ssh cert hostname
8 years ago
Andrea Cimbalo
41a144f0fb
update apt cache in lxc_guest
8 years ago
Andrea Cimbalo
1d0e62b2f3
move vm ssh-server to a separate role and use lxc_ssh connection plugin to execute it on the lxc_guest
8 years ago
Edoardo Putti
e8e25e89c9
change host from gandalf2 to reverse_proxy
8 years ago
Edoardo Putti
9c1f858f50
add default variable to reverse_proxy role
8 years ago
Edoardo Putti
939c23183a
add domain to group_vars and use it in reverse proxy templates
8 years ago
Edoardo Putti
29aba60483
set ip to bind in reverse proxy http configuration
Because we are using openwrt and we would like to mantain LUCI running
on it's interface we can't bind on 0.0.0.0. or 127.0.0.1 hence we must
listen on a specific ip. This will set the public ip from the group
vars to be the one where we listen
8 years ago
Edoardo Putti
cf365e645d
draft for the reverse proxy role
This role split the reverse proxy configuration in three files per
host. Every file belong to a different directory that is created on
the reverse proxy we use (nginx).
8 years ago
Edoardo Putti
fba9e26298
split reverse proxy nginx configuration
The server, map and upstream directives can be splitted into
different files to be included into the nginx.conf configuration.
8 years ago
Edoardo Putti
cca78108b8
rename template file from reverse_proxy to map
We decided to split the reverse proxy configuration from one file to
three different files. One is the http configuration and the remaining
are the https configuration.
8 years ago
Edoardo Putti
eba153f8b1
draft for a role to provide reverse proxy with SNI
8 years ago
Andrea Cimbalo
2bd959ebe2
add vpn
8 years ago
Edoardo Putti
5d2f697cc8
move dokuwiki configuration file from template to file
The dokuwiki configuration file was misplaced and the playbook
couldn't find it when creating a new istance of the wiki.
8 years ago
Edoardo Putti
a9b4fcf0af
change from a /16 subnet to a /24 subnet
With the transition to the new ninux-compatible network we choose to
have a ip pool for vm that resides on the 10.150.42 network.
As 254 unique addresses are sufficient for our need we reduce the subnet
to a /24
8 years ago
Andrea Cimbalo
83ecbda2b1
nginx: update package name from php-fpm to php5-fpm
8 years ago