Felix Stupp
2efb214edd
misc/ssh_tg_notify: Ignore messages from trusted VPN subnet
2 years ago
Felix Stupp
98b7b55a53
Whitelist multiple services of proc's hidepid feature
...
Not only required for systemd-logind, but also for user@.service
4 years ago
Felix Stupp
15ad953131
common: Validate sshd_config before applying
4 years ago
Felix Stupp
e1a612966c
Hide running processes from users other than root
4 years ago
Felix Stupp
d0e9962d04
common: Add tag journald to certain tasks
4 years ago
Felix Stupp
52c03dc9d2
Added python3-yaml to common packages
4 years ago
Felix Stupp
8e470e3aba
common: backup_autoremove: Fix find working with symlink of backups dir
4 years ago
Felix Stupp
df21870ebe
common: backup_mysql_database.sh: Remove --databases so dump does not use database name
...
Increases portability of backups
4 years ago
Felix Stupp
d1c14b9ee6
common: helper backup_files: Support for directories with symlinks added
4 years ago
Felix Stupp
b42d639996
common: Added tag backups for backup related tasks
4 years ago
Felix Stupp
483eea3833
common: Configure hdd dir for backups directory
4 years ago
Felix Stupp
59e6ce7b78
common: Add deployment of ssh_config for VerifyHostKeyDNS
4 years ago
Felix Stupp
c51d098426
Added role misc/hdd_dir to link data directories to HDDs
...
- Also added task to common to create parent directory
4 years ago
Felix Stupp
99cee859bb
common: Add unattended-upgrades as required package
4 years ago
Felix Stupp
95dcb5a8b5
common: Configure journald to keep logs persistent until storage max
4 years ago
Felix Stupp
235103fbd6
common: Allowed to disable source package support if required
4 years ago
Felix Stupp
dc6e4951d2
common: Added vim because used as default editor
4 years ago
Felix Stupp
02da3bdec6
common: Added package sed for scripting
4 years ago
Felix Stupp
aa16fe3269
common: Added package python3-apt for Ansible
4 years ago
Felix Stupp
e93c11f0d7
Added shellcheck for script validations
4 years ago
Felix Stupp
3bc9c9360d
common: backup_autoremove: Improved script quality
4 years ago
Felix Stupp
d1e14a9de9
misc/backup_files: Added & used variable for backup_target
...
Ensures usage of backup_name insted of domain
5 years ago
Felix Stupp
99e58d4224
common: Added helper nsupdate_keygen
5 years ago
Felix Stupp
1ceb1999ff
common: Changed include_tasks to import_tasks
...
To enable static instead of dynamic imports
5 years ago
Felix Stupp
f2e669734b
common: Readd package acl
...
Required for ansible temporary files if becoming an unprivileged user, see
https://docs.ansible.com/ansible/latest/user_guide/become.html#risks-of-becoming-an-unprivileged-user
This reverts commit 3c7fb65ac9
.
5 years ago
Felix Stupp
04c71a8611
common: ssh makefile: Sort part files before combining
5 years ago
Felix Stupp
164cdbbc79
common: Tagged ip blocklist for easier skipping
5 years ago
Felix Stupp
187f573d4f
common: Added pv to required common packages
5 years ago
Felix Stupp
eff48f1773
Changed approach for generating sshfp RR to lookup on python script
5 years ago
Felix Stupp
592bb483cf
common: Used variable global_ssh_key_directory for public_keys path
5 years ago
Felix Stupp
8758553a02
common: Install explicit python3 interpreter
5 years ago
Felix Stupp
c110a24e9f
common: sshd: Disable weak key algorithms
5 years ago
Felix Stupp
505c85eb11
common: Disable root login over ssh
5 years ago
Felix Stupp
651794a136
common: sshd: Disable X11 Forwarding globally
5 years ago
Felix Stupp
fcae6e8429
Added blocklist of known malicious ip addresses applied by role common
5 years ago
Felix Stupp
f2c9b17194
Moved packages only required for admin account from role common to role account
5 years ago
Felix Stupp
25df92ee7b
common: Removed package buffer
...
Replaced by pv integrated buffering
which supports greater limits.
5 years ago
Felix Stupp
e68c6ffe50
common: Added todo / comment to (transition) package apt-transport-https
5 years ago
Felix Stupp
3c7fb65ac9
common: Removed package acl
...
Not installable on Raspbian and also not used on any Debian system
5 years ago
Felix Stupp
9e8d1b5220
common: Fix applying sources.list for different distributions
5 years ago
Felix Stupp
ff3d6cba8e
Added group os_raspbian
5 years ago
Felix Stupp
78032d343f
common: Made sources.list dependent of distribution
5 years ago
Felix Stupp
bc8233990f
common: Scheduled removal of old backups at 0:30
...
So for the most time two states are stored on the server.
The storage which will stay free can be better used to calculate the
storage which can still be used by dividing the free storage by 3.
5 years ago
Felix Stupp
e62a3c7232
common: backup_autoremove: force rm
...
so no error occurs because no parameter was given
5 years ago
Felix Stupp
00fa7852e1
common: backup_autoremove: Fix call find
5 years ago
Felix Stupp
102de98479
common: Configured auto remove of backups
5 years ago
Felix Stupp
8623d84b01
common: Ordered backup_files before backup_mysql_database
5 years ago
Felix Stupp
fce052c32b
common: backup_rename: Fixed getting multiple extensions
5 years ago
Felix Stupp
10ef319008
Moved mysql database backups into certain directory
5 years ago
Felix Stupp
4be0e9377f
Moved file backups into certain directories
5 years ago