Mirrors/ansible-collection-famedly-base
2
0
Fork 0
mirror of https://github.com/famedly/ansible-collection-base synced 2024-11-10 06:24:17 +00:00
Code Issues Projects Releases Packages Wiki Activity
176 commits 21 branches 1 tag 671 KiB
Commit graph

176 commits

This branch
This branch
All branches
Author SHA1 Message Date
Evelyn Alicke
740799de21
feat(rclone_serve): initial implementation 
Co-Authored-By: Lars Kaiser <lars@kaiser.yt>
 2023-10-25 16:17:52 +02:00
Johanna Dorothea Reichmann
57966a1b68
update(restic): bump version to 0.16.1 
See https://github.com/restic/restic/releases/tag/v0.16.1
 2023-10-25 15:03:53 +02:00
Johanna Dorothea Reichmann
a77bd479ec
feat(restic): add ansible role to run restic in systemd jobs 2023-10-24 15:09:39 +02:00
Sammy
a93da4ab5d
chore(dropbear_luks_unlock): fix lints 2023-10-06 13:33:27 +02:00
Jan Christian Grünhage
42f0d14ca5
chore: add __pycache__ to .gitignore 2023-10-04 15:10:23 +02:00
Jan Christian Grünhage
a431011ae7
docs(gpg_secretstore): fix fqcn in lookup module examples 2023-10-04 15:08:30 +02:00
Jan Christian Grünhage
c4d77fd27a
chore: ignore test output directory 2023-09-27 17:54:06 +02:00
Jan Christian Grünhage
b75113582e
feat(gpg_secretstore): support setting secret store path in lookup plugin 2023-09-27 17:05:26 +02:00
Jan Christian Grünhage
568fe24788
docs(gpg_secretstore): update lookup plugin documentation 2023-09-27 17:05:26 +02:00
Jan Christian Grünhage
6c5e6f8f9b
chore(gpg_secretstore): set correct shebang and python encoding 2023-09-27 17:05:26 +02:00
Jan Christian Grünhage
a87df0120b
refactor(gpg_secretstore): fallible python imports for modules and plugins 2023-09-27 17:05:26 +02:00
Jadyn Emma Jaeger
761e12344f
feat(gpg_secretstore): add secretstore lookup plugin and documentation 2023-09-27 17:03:00 +02:00
Jan Christian Grünhage
f4740fe77f
chore(ssh): update algorithm presets 2023-09-27 13:09:51 +02:00
Jan Christian Grünhage
b426afcced
chore(ssh): configure intersection of set and supported algorithms 
This is done in preparation of updating the algorithm presets. Adding
new algorithms that aren't supported by older versions of openssh would
break templating, and we don't want to limit ourselves to algorithms
supported by all ssh versions we've got deployed anywhere.
 2023-09-27 12:58:30 +02:00
Jan Christian Grünhage
7dc00eb18d
chore(ssh): switch default preset from bsi recommendations to our own 2023-09-27 12:57:19 +02:00
Jan Christian Grünhage
265036be47
chore(gpg_secretstore): assert existence of user supplied secret 2023-09-26 14:51:06 +02:00
Jan Christian Grünhage
1bd01fc376
fix(gpg_secretstore): properly merge Jadyn's and my own variants 2023-09-26 14:51:06 +02:00
Jadyn Emma Jaeger
6b7f101aff
feat(gpg_secretstore): Add unit tests for modules 2023-09-26 14:51:06 +02:00
Jan Christian Grünhage
09f0027446
fix(gpg_secretstore): merge dicts with | instead of + 2023-09-26 14:51:06 +02:00
Jan Christian Grünhage
c70755662b
docs(gpg_secretstore): update module documentation 2023-09-26 14:51:05 +02:00
Jan Christian Grünhage
c76e6af259
fix(gpg_secretstore): set no_log=False for non-critical variables that have secret in the name 2023-09-26 14:51:05 +02:00
Jan Christian Grünhage
531e0fec22
chore(gpg_secretstore): avoid automatic field numbering 2023-09-26 14:51:05 +02:00
Jan Christian Grünhage
7df7155978
chore(gpg_secretstore): set correct shebang and python encoding 2023-09-26 14:51:05 +02:00
Jan Christian Grünhage
bc83e63fb6
refactor(gpg_secretstore): fallible python imports for modules and plugins 2023-09-26 14:51:05 +02:00
Lars Kaiser
034370e626
fix(gpg_secretstore): prevent secret caching 
Setting the fact inside the module itself lead to secrets being cached
in plain text on the ansible controller. Apparently, there is no way to
non-persistently cache facts without using the builtin set_fact action.
See https://github.com/ansible/ansible/blob/devel/lib/ansible/plugins/strategy/__init__.py#L708

Added a warning about using the feature and reverted to the set_fact
action plugin.
 2023-09-26 14:51:05 +02:00
Jadyn Emma Jaeger
c54ac98e2d
fix(gpg_secretstore): Use correct encodings for non-plain secrets 2023-09-26 14:51:05 +02:00
Jadyn Emma Jaeger
0c364b06d3
fix(gpg_secretstore): acquire lock for git operations 2023-09-26 14:51:05 +02:00
Jadyn Emma Jaeger
ecdf80d52a
fix(gpg_secretstore): remove unused / broken Display() call 2023-09-26 14:51:04 +02:00
Lars Kaiser
ca5df3223b
feat(gpg_secretstore): commit changes to repo 
If changes are happening inside the module, the changes are
automatically committed to the repo

Co-authored-by(gpg_secretstore): Jan Christian Grünhage <jan.christian@gruenhage.xyz>
 2023-09-26 14:51:04 +02:00
Jan Christian Grünhage
1cac8fbf48
feat(gpg_secretstore): support setting secret fact directly 2023-09-26 14:51:04 +02:00
Jadyn Emma Jaeger
82bf735dda
feat(gpg_secretstore): support check mode 2023-09-26 14:51:04 +02:00
Jadyn Emma Jaeger
871e31b1f2
feat(gpg_secretstore): add ability to remove secrets 2023-09-26 14:51:04 +02:00
Jadyn Emma Jaeger
858c8305a2
feat(gpg_secretstore): asserting recipients 
Instead of manually setting the reencrypt parameter, we're automatically
reencrypting secrets now if the list of recipients does not match. This
way, we can make sure that recipients are kept up to date here. We're
also logging differences in recipients, as well as adding more useful
messages to the return value in general.

In addition to that, the module has seen quite some refactoring, making
it a lot more maintainable.
 2023-09-26 14:50:56 +02:00
Jadyn Emma Jaeger
d22db019f4
feat(gpg_secretstore): add file locking 2023-09-26 14:39:12 +02:00
Jadyn Emma Jaeger
06b6402b00
feat(gpg_secretstore): add python 3.7 compatible typing 2023-09-26 14:39:12 +02:00
Lars Kaiser
2a9003d198
fix(gpg_secretstore): remove strong typing for python 3.7 
Needs to be reverted as soon as the autodeployment hosts are on py 3.9
Manually reviewed in person due to gitlab outage
 2023-09-26 14:39:12 +02:00
Jadyn Emma Jaeger
2b998d030d
fix(gpg_secretstore): allow recrypt of all datatypes 2023-09-26 14:39:12 +02:00
Jadyn Emma Jaeger
8d12e83a45
feat(gpg_secretstore): add secretstore plugin and documentation 2023-09-26 14:39:10 +02:00
Johanna Dorothea Reichmann
515a07e81f
fix(lego): install acl package to allow becoming an unprivileged user 
Without the ACL package installed, becoming an unprivileged ansible
user with an unprivileged connection user is not possible, as
it results in an 'invalid mode' error in chmod.
 2023-09-23 19:36:37 +02:00
Sammy
53fb5ced5c
chore(ci): adjust for workflow changes 2023-09-18 09:11:36 +02:00
Sammy
c9c9a3a545
fix(redis): Don't use FQCN for role in playbook 
This is neccessary because linting breaks on the GitHub CI environment
when the FQCN is used for a role in the same collection.
 2023-09-18 09:11:33 +02:00
Jadyn Emma Jäger
0eb3432020
fix(dropbear_luks_unlock): Add config paths for latest version with support for Debian <=11 2023-09-16 13:31:13 +02:00
Sammy
9fe9f5c524
update(openldap): bump to 2.6.5 and switch to nexus 2023-09-05 10:11:02 +02:00
Sammy
4457b56528
docs: replace gitlab links with github 2023-09-05 10:10:57 +02:00
Johanna Dorothea Reichmann
64ee704401
chore(postgresql): allow to set maximum memory including swap and controlling the OOM killer 2023-08-28 09:27:57 +02:00
Sammy
491f853285
feat(user): remove home directory of removed users 2023-08-25 12:30:51 +02:00
Sammy
860006f9a3
chore: update CODEOWNERS 2023-08-16 14:18:45 +02:00
Sammy
9797d8fc25
fix(ci): inherit secrets when calling workflow 2023-07-17 14:11:40 +02:00
Sammy
c6ef342b82
fix(ci): fix workflow path 2023-07-17 13:56:17 +02:00
Sammy
5088def7f5
chore(ci): add workflow to add issues to infra project 2023-07-14 10:49:06 +02:00