Mirrors/ansible-collection-famedly-base
2
0
Fork 0
mirror of https://github.com/famedly/ansible-collection-base synced 2024-09-20 06:11:58 +00:00
Code Issues Projects Releases Packages Wiki Activity
239 commits 20 branches 1 tag 658 KiB
Commit graph

239 commits

This branch
This branch
All branches
Author SHA1 Message Date
Lars Kaiser
fdab791c76
fix(restic): move unlock to ExecStartPre 2024-09-11 12:57:09 +02:00
Tobias Zenk
2ea49489da
fix(base): add reload task to postgres role 2024-09-05 16:23:45 +02:00
Jan Christian Grünhage
0ae280bb8c
feat(hostname): support on-demand hostname setting on Chimera Linux 2024-09-04 16:39:04 +02:00
Jan Christian Grünhage
e9e6fec5da
chore(hostname): use handler for on-demand hostname setting 2024-09-04 16:39:04 +02:00
Jan Christian Grünhage
d95eec5f19
feat(ssh): add support for restarting sshd on Chimera Linux 2024-09-04 16:39:04 +02:00
Jan Christian Grünhage
e241615690
feat(user): add support for opendoas on Chimera Linux 2024-09-04 16:39:04 +02:00
Jan Christian Grünhage
63480b4b87
chore(user): inline sudoers template 2024-09-04 16:39:03 +02:00
Jan Christian Grünhage
ab0e56e09a
chore(user): use FQCNs for module calls and other lint fixes 2024-09-04 16:39:03 +02:00
Jan Christian Grünhage
936065719b
update(lego): bump version to 4.18.0 2024-09-04 16:35:15 +02:00
Tobias Zenk
5ed5856a6d
chore(redis): set acl if username is specified 2024-09-03 10:55:17 +02:00
Sebastian Fleer
3dd727b7ed
update(postgresql): bump version to 16.4 
contains a fix for CVE-2024-7348
 2024-09-02 13:48:36 +02:00
Sebastian Fleer
9d16ac5320
update(docker): bump submodule to version 7.4.1 2024-09-02 13:46:22 +02:00
Lars Kaiser
77c11d4ab1
fix(ssh): make role more idempotent 2024-07-05 10:47:24 +02:00
Lars Kaiser
1987ae6993
chore: clean up CODEOWNERS 2024-07-05 10:20:04 +02:00
Lars Kaiser
cc238c7101
chore(postgresql): add check for empty directory in initialization 2024-07-05 10:20:04 +02:00
Lars Kaiser
9f55a4cce4
fix(postgresql): look at PG_VERSION file instead of the container 2024-07-05 10:20:04 +02:00
Lars Kaiser
450dc3f859
fix(redis): assert version correctly 2024-06-25 16:19:38 +02:00
Lars Kaiser
5a011dff61
chore(restic): make vars mandatory for better error messages 2024-06-25 13:47:47 +02:00
Sebastian Fleer
a821a2f405
feat(lego): make HTTP challenge port configurable 2024-06-24 11:59:46 +02:00
transcaffeine
7c42199b1e
chore(lego): allow for lego_post_renewal_script to be array of commands/hooks 2024-06-23 12:08:32 +02:00
Sammy
056b896083
chore: add ff-merge workflow 2024-06-13 11:45:48 +02:00
Evelyn Alicke
519f9b99c1
chore(redis): add assertion for version with license change 
closes: https://github.com/famedly/infra-meta/issues/1528

related-to: https://github.com/famedly/infra-meta/issues/1364
 2024-06-12 11:21:02 +02:00
Evelyn Alicke
44a79890d5
chore(restic): add optional unlock step before check 
fixes: https://github.com/famedly/infra-meta/issues/1525
 2024-06-11 10:58:35 +02:00
Lars Kaiser
b757f65f0f
update(postgresql): new deployments will start with 16.3 2024-05-15 21:11:10 +02:00
transcaffeine
7906330a75
feat(postgresql_client_access): allow setting postgresql users and databases to be removed 2024-05-02 13:25:10 +02:00
Evelyn Alicke
26451225ec
fix(lego): get correct image for platforms other than x86_64 2024-03-28 21:02:40 +01:00
Jadyn Emma Jäger
82bca3f758
feat(lego): Add ExecStartPre Script option 2024-03-16 17:30:52 +01:00
Sebastian Fleer
a412e7161b
feat(postgresql): replace oom_killer with oom_score_adj 
Docker ignores OomKillDisable with cgroup v2
 2024-03-13 12:06:13 +01:00
Lars Kaiser
77a823859f
chore(gpg_secretstore): fix lints 2024-03-11 17:11:13 +01:00
Lars Kaiser
b4c259dd1d
feat(ssh): allow configuring MaxStartups 2024-02-29 15:22:53 +01:00
Lars Kaiser
f204f3036b
feat(ssh): allow configuring MaxSessions 2024-02-29 13:53:18 +01:00
Sebastian Fleer
b8af3d57f1
feat(postgresql): prevent major version updates 
By default the role will now update PostgreSQL to the latest available minor
version, when only a major version is given, or the version of the deployed
container if postgresql_container_version does not match the major version
of that container.
 2024-02-28 11:52:34 +01:00
Lars Kaiser
c668936178
fix(restic): use RandomizedDelaySec 
The previously used AccuracySec is the wrong option to distribute timer
activations. See https://www.freedesktop.org/software/systemd/man/latest/systemd.timer.html#RandomizedDelaySec=
 2024-02-22 14:02:30 +01:00
Jan Christian Grünhage
1be86920bd
chore: add missing @famedly/infrastructure codeowner for ldap role 2024-02-22 13:14:38 +01:00
Jan Christian Grünhage
a892e43f4a
update(docker): bump submodule for debian bookworm support 2024-02-22 10:29:15 +01:00
Jan Christian Grünhage
1dbc371d6b
update(ldap): bump openldap version to 2.6.6-r1 2024-02-22 10:23:47 +01:00
Jan Christian Grünhage
e78876d8cf
update(lego): bump version to 4.15.0 2024-02-14 20:35:38 +01:00
transcaffeine
944298ad54
update(redis): bump version to 7.2.4 2024-02-06 11:16:32 +01:00
Sammy
8e8f496df6
fix(lego): don't unpack source files in check mode 2024-02-02 10:45:58 +01:00
Sammy
4d1fae6b77
fix(user): ignore ssh key errors in check mode 
In check mode, the task fails if it's supposed to be adding ssh keys to
a user who doesn't exist. Ignoring errors in check mode makes it
possible to run the task in check mode even if there are new users to be
added.
 2024-02-02 10:34:16 +01:00
transcaffeine
0e98261665
fix(gpg_secretstore): ensure import errors get properly passed to fail_json 2024-01-25 11:40:01 +01:00
transcaffeine
f54e12561b
feat(gpg_secretstore): add warning if running as root, change warnings 
to str[]
 2024-01-03 13:07:01 +01:00
transcaffeine
c3eea409ea
chore(gpg_secretstore): log when traversing up to find gpg-id file 2024-01-03 13:06:56 +01:00
transcaffeine
af7cd13af9
fix(gpg_secretstore): clear exception on unknown subkey 2024-01-02 12:41:08 +01:00
Sammy
8bcc12dfd1
chore(ssh): disallow terrapin-vulnerable ciphers.. 
..and MACs

See https://terrapin-attack.com/
 2023-12-19 14:22:25 +01:00
Sammy
74d09b4416
fix(ssh): fix typo that prevented allowed ciphers.. 
from being set in the sshd config
 2023-12-19 12:15:37 +01:00
Lars Kaiser
24ae029f01
fix(user): use deploy instead of configure in tags 2023-12-18 13:04:49 +01:00
transcaffeine
7bbae943d2
feat(user): support partial execution with prepare and configure tags 2023-12-15 15:58:32 +01:00
Johanna Dorothea Reichmann
f84376026b
feat(redis): allow not requiring any password to use redis 2023-12-15 13:35:48 +01:00
Jan Christian Grünhage
ee40fd92f7
feat(filter): add some set theory filters 2023-12-12 10:54:21 +01:00