Commit graph

215 commits

Author SHA1 Message Date
Jan Christian Grünhage
c8e0aaf46a
fix(lego): SAN comparison was faulty 2022-06-20 21:47:28 +02:00
Lars Kaiser
0c0326d292
fix(lego): Provide post renewal script 2022-06-20 20:48:30 +02:00
Lukas Lihotzki
ad8e17e45e
feat(ssh): configurable address family 2022-04-01 14:42:54 +02:00
Jan Christian Grünhage
29a473d0ff fix: make linter happier 2022-02-21 20:09:32 +01:00
Jadyn Emma Jaeger
69ab727648
refactor(pip): rewrite pip-role 2022-01-20 11:33:00 +01:00
Johanna Dorothea Reichmann
a2fca9941c
chore: add dropbear-luks-unlock role to README 2022-01-18 13:26:24 +01:00
Johanna Dorothea Reichmann
ec4fcc1e51
feat(dropbear-luks-unlock): add ansible role for unlocking luks volumes via dropbear ssh initramfs module 2022-01-18 13:26:20 +01:00
Lars Kaiser
37670dfa56
fix(lego): issue new certs only when necessary
Make issuance more robust against failed ansible runs.
A new certificate will now be issued if there are no changes
to configuration, but the cert is missing.
2021-11-25 19:47:16 +01:00
Johanna Dorothea Reichmann
2f4cf0ae12
refactor(lego): correct mode checking, test binary existance before calling it, naming 2021-11-09 11:40:14 +01:00
Johanna Dorothea Reichmann
e43a3ffbe6
chore(lego): move systemd unit directives to the correct section, route lego output to journal 2021-11-09 11:40:13 +01:00
Johanna Dorothea Reichmann
b980e37177
feat(lego): allow configuring permissions of lego's certificate store folder 2021-11-09 11:38:44 +01:00
Lars Kaiser
84c8e7ca0d
feat: new role postgresql_client_access 2021-11-08 14:53:04 +01:00
Lars Kaiser
34ff7cefd7
feat: new postgresql role 2021-11-08 11:07:36 +01:00
Lars Kaiser
01d9d8532f
refactor: remove geerlingguy postgres role 2021-11-04 12:08:26 +01:00
Johanna Dorothea Reichmann
022cbbca6f
feat(redis): allow mounting extra container volumes 2021-11-01 09:07:58 +01:00
Johanna Dorothea Reichmann
834bc9a9d7
update(redis): bump version to 6.2.6 2021-10-22 08:14:52 +02:00
Jadyn Emma Jaeger
b8562448be
feat(lego): Add support for using existing acme accounts 2021-10-21 09:24:13 +02:00
Jadyn Emma Jaeger
7d6c1840e1
feat(lego): Cleanup jinja2 2021-10-21 09:24:13 +02:00
Jadyn Emma Jaeger
ab24825928
docs(lego): Update documentation 2021-10-21 09:24:13 +02:00
Jadyn Emma Jaeger
8868c4e44d
feat(lego): Initial commit 2021-10-21 09:24:13 +02:00
Jan Christian Grünhage
ad29c16ab0 docs: add matrix badge to README 2021-10-19 14:16:50 +02:00
Johanna Dorothea Reichmann
dd5d9a4ee4
feat(redis): allow configuring max allowed memory 2021-10-19 12:14:58 +02:00
Johanna Dorothea Reichmann
6f639e34dc
feat(redis): allow configuring bind ip and unix socket 2021-10-19 12:14:28 +02:00
Johanna Dorothea Reichmann
ab33387933
feat(redis): allow configuring docker network for container 2021-10-11 13:50:37 +02:00
Johanna Dorothea Reichmann
4d56f25ab2
chore: remove unused, unmaintained playbook 2021-09-07 13:26:38 +02:00
Johanna Dorothea Reichmann
d1c5e83619
chore: update READMEs 2021-09-07 08:59:51 +02:00
Johanna Dorothea Reichmann
f352e309da
chore: add LICENSE 2021-09-07 08:59:50 +02:00
Johanna Dorothea Reichmann
5083171e9c
chore: update galaxy.yml ansible collection metadata 2021-09-07 08:59:46 +02:00
Johanna Dorothea Reichmann
28eeedaa38
chore: update CODEOWNERS 2021-09-06 08:31:47 +02:00
Johanna Dorothea Reichmann
0fbb3bc6d0
chore(ldap): remove deprecated docker link usage 2021-09-06 06:51:07 +02:00
Jadyn Emma Jaeger
c02cbb5ef6
feat(user): add gecos support 2021-09-01 13:38:02 +02:00
Lars Kaiser
94e9338358
chore: disable check mode for hostname task 2021-07-19 14:19:59 +02:00
Johanna Dorothea Reichmann
e44e0ee329
chore(dns): allow pointing CNAMES to FQDNs 2021-06-15 15:08:00 +02:00
transcaffeine
e8db39ad82
chore(ldap): update container image location 2021-06-02 17:27:39 +02:00
transcaffeine
5fcd760f9f
update(ldap): bump version to 2.4.57-r1
Migitations for:
- CVE-2021-27212
- CVE-2020-36221
- CVE-2020-36222
- CVE-2020-36223
- CVE-2020-36224
- CVE-2020-36225
- CVE-2020-36226
- CVE-2020-36227
- CVE-2020-36228
- CVE-2020-36229
- CVE-2020-36230
- CVE-2020-25709
- CVE-2020-25710
2021-06-02 07:37:30 +02:00
transcaffeine
3b2c2b5b88
chore(ldap): move to ldap_attrs as ldap_attr is deprecated 2021-05-31 09:03:23 +02:00
transcaffeine
fef4a7ffe8
feat(ldap): support partial execution with prepare and deploy tags 2021-05-26 14:34:31 +02:00
transcaffeine
9fd7f2ec98
feat(redis): support partial execution with prepare and deploy tags 2021-05-26 14:31:49 +02:00
transcaffeine
d7ab89a455
feat(ssh): support partial execution with prepare and deploy tags 2021-05-26 14:31:24 +02:00
transcaffeine
7ae06507c1
feat(hostname): support partial execution with prepare and deploy tags 2021-05-26 14:30:51 +02:00
transcaffeine
3803a5931d
fix(ldap): indices declarations were syntactically wrong 2021-05-09 13:23:09 +02:00
transcaffeine
9e0508d006
fix(ldap): allow importing schemes which are included in the container already 2021-05-09 13:22:29 +02:00
transcaffeine
0de5fd8cda
feat(ldap): add role for managing openLDAP in a container 2021-05-03 12:03:38 +02:00
transcaffeine
ff4a212d1e
feat(ssh): allow specifying LogLevel 2021-04-28 14:12:10 +02:00
transcaffeine
2f8e53a6fb
fix(hostname): ensure hostname is the FQDN
Previously, the value was compared against `ansible_hostname`,
which only is the FQDN after the first reboot. This lead to the
monitoring not seeing the FQDN as the instance name.

This commit scrapes the hostname using the hostname command,
which is garantueed to return the current running hostname, and
then determines if it needs to be set at runtime.
2021-04-19 09:03:45 +02:00
transcaffeine
42744e0f25
docs: add READMEs to roles and add index of all roles 2021-03-31 10:04:34 +02:00
transcaffeine
1aa29f98d1
fix(redis): ensure idempotency is guaranteed 2021-03-23 10:52:20 +01:00
transcaffeine
3a218f4ac3
update(redis): bump version to 6.2.1 2021-03-11 10:52:58 +01:00
transcaffeine
3069df2a1d feat(redis): define healthchecks for container 2021-03-05 14:29:36 +01:00
transcaffeine
e11ea98d79
chore(hostname): hostname's changed status was reported wrongly 2021-02-26 09:24:41 +01:00