Felix Stupp
2efb214edd
misc/ssh_tg_notify: Ignore messages from trusted VPN subnet
2 years ago
Felix Stupp
c842c40c89
misc/ssh_tg_notify: Lookup & inform user which logged in as well
2 years ago
Felix Stupp
10a3e8aa9f
misc/ssh_tg_notify: Lookup user id of root dynamically
2 years ago
Felix Stupp
10e2dea52a
misc/ssh_tg_notify: Add comments for sections
2 years ago
Felix Stupp
a98b250c31
misc/ssh_tg_notify: Check that PAM_RHOST is defined
2 years ago
Felix Stupp
b50f457d99
misc/ssh_tg_notify: Add Content-Type to bot requests
2 years ago
Felix Stupp
4da0a72682
misc/ssh_tg_notify: Extract sendMessage method
2 years ago
Felix Stupp
07eeba447e
misc/ssh_tg_notify: Replace link to ipinfo.io with link to stat.ripe.net
2 years ago
Felix Stupp
8b7d4f1688
misc/ssh_tg_notify: strip expected stat error message
2 years ago
Felix Stupp
27bd516581
misc/ssh_tg_notify: Include username into cache key
...
- So if multiple users log in from the same ip, the cache does not prevent a notification
2 years ago
Felix Stupp
734091b4fb
Add tag deploy-auto-update-script to some tasks
3 years ago
Felix Stupp
b5df9a1225
Extract GPG keyserver for backups into global var
3 years ago
Felix Stupp
08e91883b3
misc/ssh_tg_notify: Added cache to send fewer notifications
...
- per IP only once in the next 4 hours
3 years ago
Felix Stupp
2e71da368b
nginx/{php,static}: Remove legacy "ssl on" directive
3 years ago
Felix Stupp
0781b4c175
nginx/forward: Redeveloped using nginx/server template
4 years ago
Felix Stupp
cc8513ddf4
nginx/forward: correctly documented vars as required by removing default value
4 years ago
Felix Stupp
0c6d7161ed
nginx/server: Added tag nginx-server-config to deployment of site config
4 years ago
Felix Stupp
72e3fda3ff
added role misc/deb_backports_prio
4 years ago
Felix Stupp
e267e345da
server/nextcloud: Enable apc on using occ commands
...
Required since Nextcloud 21
4 years ago
Felix Stupp
1bf40022a9
server/nextcloud: Allow configuring files_chunk_size and setup linked limits
...
- linked settings are (configured to same value appending some overheads):
- nginx_max_size
- php_post_max_size
- php_upload_max_size
4 years ago
Felix Stupp
5ae646abdd
server/spotme: service_environment_file variable fixed to use correct service_name var
4 years ago
Felix Stupp
ae39585006
server/spotme: Increased java version to 11
4 years ago
Felix Stupp
79e1423947
server/tt-rss: increased lifetime of session cookies
4 years ago
Felix Stupp
25616aa118
nginx/php-pool: Added tag nginx-php-pool-config
4 years ago
Felix Stupp
416289a367
server/firefox-sync: added dependency libmariadb-dev
4 years ago
Felix Stupp
0126d2f8ae
server/nextcloud: Add support for configuring default phone region
4 years ago
Felix Stupp
6919a6f7dc
dns/application: Added dependency python3-dnspython
...
Required for Ansible to configure dns records
4 years ago
Felix Stupp
f2dac5ca1f
nginx/php-pool: Allow configuring arbitary php_admin_values
...
- removing support for explicit configuration key for memory_limit
- replaced usage of memory_limit key with usage of admin_values key
4 years ago
Felix Stupp
98b7b55a53
Whitelist multiple services of proc's hidepid feature
...
Not only required for systemd-logind, but also for user@.service
4 years ago
Felix Stupp
15ad953131
common: Validate sshd_config before applying
4 years ago
Felix Stupp
e1a612966c
Hide running processes from users other than root
4 years ago
Felix Stupp
d0e9962d04
common: Add tag journald to certain tasks
4 years ago
Felix Stupp
4c4c6529ad
server/spotme: Change default database user equal to system user
4 years ago
Felix Stupp
fe34e6111e
mysql/database: Added tag mysql_database to all tasks
4 years ago
Felix Stupp
9fd183bbac
mysql/database: rewrote usage of include_tasks to be better compatible with tags
4 years ago
Felix Stupp
288c4175d6
dns/entries: Add timeout of 8s after changing dns entries
...
so futher roles do not fail because external dns servers have not
received the change yet
4 years ago
Felix Stupp
0a5b3fc26f
Added new role misc/tg_monitor_cmd
4 years ago
Felix Stupp
6d061088a2
misc/ssh_tg_notify: Quoted TIMEOUT variable
4 years ago
Felix Stupp
6c547434b9
Renamed global_ssh_notify_telegram_bot_key to global_telegram_server_bot_key
4 years ago
Felix Stupp
8413cbd9cc
Added role ext_mail/mailjet
4 years ago
Felix Stupp
52c03dc9d2
Added python3-yaml to common packages
4 years ago
Felix Stupp
f2c5aedc52
server/nextcloud: Add extract_app_list helper script
4 years ago
Felix Stupp
0164e4810b
server/nextcloud: Remove not required comment on lost_password_link
...
Feature already explained in another comment above
4 years ago
Felix Stupp
a23e80abc1
server/nextcloud: Delete no longer required install_nextcloud.sh script
4 years ago
Felix Stupp
09cd9782a9
Added roles server/drone.io/{runner,server}
4 years ago
Felix Stupp
398ed9084c
Added role docker/compose-git
4 years ago
Felix Stupp
c8fdc4fae9
account: Configure authorized_keys using authorized_key module
...
- also restricts .ssh directory only to user
- restriction was automatically applied by authorized_keys module before
- more restriction is not harmful
- this restriction ensures indempotency while using the authorized_keys module
4 years ago
Felix Stupp
f825787dd6
docker/application: Configure dns and log-driver of daemon
4 years ago
Felix Stupp
e9651f3b09
role misc/docker renamed to docker/application
4 years ago
Felix Stupp
7d240539c8
misc/docker: Reworked role to use docker package from distro repo
4 years ago