Mirrors/ansible-collection-famedly-base

mirror of https://github.com/famedly/ansible-collection-base synced 2024-11-10 06:24:17 +00:00

Author	SHA1	Message	Date
Lars Kaiser	450dc3f859	fix(redis): assert version correctly	2024-06-25 16:19:38 +02:00
Lars Kaiser	5a011dff61	chore(restic): make vars mandatory for better error messages	2024-06-25 13:47:47 +02:00
Sebastian Fleer	a821a2f405	feat(lego): make HTTP challenge port configurable	2024-06-24 11:59:46 +02:00
transcaffeine	7c42199b1e	chore(lego): allow for lego_post_renewal_script to be array of commands/hooks	2024-06-23 12:08:32 +02:00
Evelyn Alicke	519f9b99c1	chore(redis): add assertion for version with license change closes: https://github.com/famedly/infra-meta/issues/1528 related-to: https://github.com/famedly/infra-meta/issues/1364	2024-06-12 11:21:02 +02:00
Evelyn Alicke	44a79890d5	chore(restic): add optional unlock step before check fixes: https://github.com/famedly/infra-meta/issues/1525	2024-06-11 10:58:35 +02:00
Lars Kaiser	b757f65f0f	update(postgresql): new deployments will start with 16.3	2024-05-15 21:11:10 +02:00
transcaffeine	7906330a75	feat(postgresql_client_access): allow setting postgresql users and databases to be removed	2024-05-02 13:25:10 +02:00
Evelyn Alicke	26451225ec	fix(lego): get correct image for platforms other than x86_64	2024-03-28 21:02:40 +01:00
Jadyn Emma Jäger	82bca3f758	feat(lego): Add ExecStartPre Script option	2024-03-16 17:30:52 +01:00
Sebastian Fleer	a412e7161b	feat(postgresql): replace oom_killer with oom_score_adj Docker ignores OomKillDisable with cgroup v2	2024-03-13 12:06:13 +01:00
Lars Kaiser	b4c259dd1d	feat(ssh): allow configuring MaxStartups	2024-02-29 15:22:53 +01:00
Lars Kaiser	f204f3036b	feat(ssh): allow configuring MaxSessions	2024-02-29 13:53:18 +01:00
Sebastian Fleer	b8af3d57f1	feat(postgresql): prevent major version updates By default the role will now update PostgreSQL to the latest available minor version, when only a major version is given, or the version of the deployed container if postgresql_container_version does not match the major version of that container.	2024-02-28 11:52:34 +01:00
Lars Kaiser	c668936178	fix(restic): use RandomizedDelaySec The previously used AccuracySec is the wrong option to distribute timer activations. See https://www.freedesktop.org/software/systemd/man/latest/systemd.timer.html#RandomizedDelaySec=	2024-02-22 14:02:30 +01:00
Jan Christian Grünhage	a892e43f4a	update(docker): bump submodule for debian bookworm support	2024-02-22 10:29:15 +01:00
Jan Christian Grünhage	1dbc371d6b	update(ldap): bump openldap version to 2.6.6-r1	2024-02-22 10:23:47 +01:00
Jan Christian Grünhage	e78876d8cf	update(lego): bump version to 4.15.0	2024-02-14 20:35:38 +01:00
transcaffeine	944298ad54	update(redis): bump version to 7.2.4	2024-02-06 11:16:32 +01:00
Sammy	8e8f496df6	fix(lego): don't unpack source files in check mode	2024-02-02 10:45:58 +01:00
Sammy	4d1fae6b77	fix(user): ignore ssh key errors in check mode In check mode, the task fails if it's supposed to be adding ssh keys to a user who doesn't exist. Ignoring errors in check mode makes it possible to run the task in check mode even if there are new users to be added.	2024-02-02 10:34:16 +01:00
Sammy	8bcc12dfd1	chore(ssh): disallow terrapin-vulnerable ciphers.. ..and MACs See https://terrapin-attack.com/	2023-12-19 14:22:25 +01:00
Sammy	74d09b4416	fix(ssh): fix typo that prevented allowed ciphers.. from being set in the sshd config	2023-12-19 12:15:37 +01:00
Lars Kaiser	24ae029f01	fix(user): use `deploy` instead of `configure` in tags	2023-12-18 13:04:49 +01:00
transcaffeine	7bbae943d2	feat(user): support partial execution with `prepare` and `configure` tags	2023-12-15 15:58:32 +01:00
Johanna Dorothea Reichmann	f84376026b	feat(redis): allow not requiring any password to use redis	2023-12-15 13:35:48 +01:00
transcaffeine	c06f6a65be	chore(lego): ensure lego_certificate_store is owned by lego_certificate_store_user	2023-11-29 15:39:52 +01:00
Jan Christian Grünhage	ed8f0158ba	update(lego): bump version to 4.14.2	2023-11-08 23:58:40 +01:00
Jan Christian Grünhage	0a529d92dd	chore(rclone_serve): fix lints	2023-11-08 23:34:39 +01:00
Jan Christian Grünhage	10c34f5a73	fix(lego): systemd unit files should not have the executable bit set We're also making them non world readable, just in case people are putting secrets in there.	2023-11-08 23:28:43 +01:00
Johanna Dorothea Reichmann	e0c111ba08	chore(rclone_serve): allow adding arguments directly into rclone_serve, update README	2023-11-06 10:34:24 +01:00
Johanna Dorothea Reichmann	777e4f216d	fix(rclone_serve): allow inject remote-path into rclone_serve command	2023-11-06 10:34:23 +01:00
Johanna Dorothea Reichmann	7d7b3462c5	fix(rclone_serve): double-dashed arguments sometimes only get recognised with an equals sign between key and value	2023-11-06 10:34:15 +01:00
Johanna Dorothea Reichmann	457918ad59	update(restic): bump version to 0.16.2	2023-10-31 15:20:21 +01:00
Johanna Dorothea Reichmann	b6a87fc9c9	chore(restic): allow adding commandline parameters to `restic backup` command	2023-10-31 15:20:20 +01:00
Evelyn Alicke	740799de21	feat(rclone_serve): initial implementation Co-Authored-By: Lars Kaiser <lars@kaiser.yt>	2023-10-25 16:17:52 +02:00
Johanna Dorothea Reichmann	57966a1b68	update(restic): bump version to 0.16.1 See https://github.com/restic/restic/releases/tag/v0.16.1	2023-10-25 15:03:53 +02:00
Johanna Dorothea Reichmann	a77bd479ec	feat(restic): add ansible role to run restic in systemd jobs	2023-10-24 15:09:39 +02:00
Sammy	a93da4ab5d	chore(dropbear_luks_unlock): fix lints	2023-10-06 13:33:27 +02:00
Jan Christian Grünhage	f4740fe77f	chore(ssh): update algorithm presets	2023-09-27 13:09:51 +02:00
Jan Christian Grünhage	b426afcced	chore(ssh): configure intersection of set and supported algorithms This is done in preparation of updating the algorithm presets. Adding new algorithms that aren't supported by older versions of openssh would break templating, and we don't want to limit ourselves to algorithms supported by all ssh versions we've got deployed anywhere.	2023-09-27 12:58:30 +02:00
Jan Christian Grünhage	7dc00eb18d	chore(ssh): switch default preset from bsi recommendations to our own	2023-09-27 12:57:19 +02:00
Johanna Dorothea Reichmann	515a07e81f	fix(lego): install acl package to allow becoming an unprivileged user Without the ACL package installed, becoming an unprivileged ansible user with an unprivileged connection user is not possible, as it results in an 'invalid mode' error in chmod.	2023-09-23 19:36:37 +02:00
Jadyn Emma Jäger	0eb3432020	fix(dropbear_luks_unlock): Add config paths for latest version with support for Debian <=11	2023-09-16 13:31:13 +02:00
Sammy	9fe9f5c524	update(openldap): bump to 2.6.5 and switch to nexus	2023-09-05 10:11:02 +02:00
Sammy	4457b56528	docs: replace gitlab links with github	2023-09-05 10:10:57 +02:00
Johanna Dorothea Reichmann	64ee704401	chore(postgresql): allow to set maximum memory including swap and controlling the OOM killer	2023-08-28 09:27:57 +02:00
Sammy	491f853285	feat(user): remove home directory of removed users	2023-08-25 12:30:51 +02:00
Sammy	5d7acc5e49	chore(securitytxt): add restart-policy	2023-07-06 16:05:20 +02:00
Jan Christian Grünhage	66b1b5b0aa	fix(lego): remove async execution, as it caused more problems than it ever helped	2023-07-05 13:31:34 +02:00

1 2 3 4

158 commits