banananetwork
/
ansible
1
0
Fork 0
Code Issues Pull Requests Releases Activity
943 Commits
3 Branches
0 Tags
1.7 MiB
master
dehydrated
wip
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Commit Graph

684 Commits (master)

Author SHA1 Message Date
Felix Stupp 46bb166475
server/gitea: Use scp-style uri for ssh cloning 5 years ago
Felix Stupp 431f15b91f
server/gitea: Allow interacting via HTTP 5 years ago
Felix Stupp 67deed23a0
server/nextcloud: Remove become_user at include_tasks 
Raised error
 5 years ago
Felix Stupp 665b6710aa
git_auto_update: Fixed check if reload was successful 5 years ago
Felix Stupp 4445a53b28
git_auto_update: Allowed omiting of sign check 5 years ago
Felix Stupp c31f3c2f50
git_auto_update: update.sh: Fixed quoting of used variables 5 years ago
Felix Stupp 768cb0cfb4
Reworked wireguard configurations 5 years ago
Felix Stupp 70e92b8c94
Merge branch 'master' of git.banananet.work:banananetwork/ansible 5 years ago
Felix Stupp a667132cb4
server/nextcloud: Applied security patch 
CVE-2019-11043
see https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/
 5 years ago
Felix Stupp 9c63c8516b
nginx/application: Disabled SSL Session Tickets 5 years ago
Felix Stupp 409ea327f0
nginx/application: Increased ssl_cache timeout 5 years ago
Felix Stupp 94f1463a87
mysql/application: Fixed configuring query cache 
- Added notify
- Changed path of config file
 5 years ago
Felix Stupp e76d90a4f5
server/nextcloud: Added support for APCu cache 5 years ago
Felix Stupp 4c463055b4
server/nextcloud: Restricted regexp modifing nextcloud config 5 years ago
Felix Stupp b9f060a0ce
nginx/php-fpm: Added installation of apcu cache 5 years ago
Felix Stupp 7df2668208
nginx/php-fpm: Increased size of opcache memory consumption to 256 5 years ago
Felix Stupp 41a41c91fb
mysql/application: Added config for query cache 5 years ago
Felix Stupp 002128686d
server/tt-rss: Configured database to use UTF8MB4 5 years ago
Felix Stupp 206c940d16
nginx/php-pool: Tuned up childs at php 5 years ago
Felix Stupp a592e7f9c2
misc/debian_unstable: Added flush of handlers for refreshing apt cache 5 years ago
Felix Stupp 670833242a
misc/deb_unstable: Make mirror adaptive to server selection 5 years ago
Felix Stupp 68a0680cb6
misc/ip_discover: Fixed name for credentials directory 5 years ago
Felix Stupp 1f26debcf2
server/node: Added support for specific environment variables 5 years ago
Felix Stupp 34da73722c
Added role ip_discover 5 years ago
Felix Stupp 8b1d9ea65d
misc/docker: Disallowed duplicate execution of role 5 years ago
Felix Stupp d165074600
wireguard/application: Removed updating apt cache 5 years ago
Felix Stupp c73872df3a
misc/deb_unstable: Added updating of apt cache using handler 5 years ago
Felix Stupp 283e450c16
misc/handlers: Added handler "update apt cache" 5 years ago
Felix Stupp caf70f632e
server/node: Added missing handlers dependency 5 years ago
Felix Stupp fc897ea3b9
nginx/application: Fixed configuring resolver for OCSP Stapling 5 years ago
Felix Stupp 71945523fa
Added role misc/docker 5 years ago
Felix Stupp 71e1b4a17c
common: Added custom fact for dpkg architecture 5 years ago
Felix Stupp 3b86e1f5a6
server/nextcloud: Removed app tasks from nextcloud 5 years ago
Felix Stupp d0186923b2
server/spotme: Changed default system user to domain 5 years ago
Felix Stupp e4066f764a
server/nextcloud: Fixed location of admin credential 5 years ago
Felix Stupp d736b5714d
server/nextcloud: Changed default system user to domain 5 years ago
Felix Stupp 76fd5471e3
server/gitea: Fixed default tokens location 5 years ago
Felix Stupp 3804c7d138
server/gitea: Changed default system user to domain name 5 years ago
Felix Stupp 03884cbf3e
nginx/server: Allowed duplicates of role 5 years ago
Felix Stupp edf455bf66
nginx/application: Allowed dot files uploads by Nextcloud 5 years ago
Felix Stupp 9a129a7f2f
bootstrap: Added disconnect before removing privileged user 5 years ago
Felix Stupp 3324461e65
account: Added config for authorized_keys 5 years ago
Felix Stupp afc80db48a
common: backup_files.sh: Disable compression of gpg 5 years ago
Felix Stupp 2bd16aa377
Added role server/tt-rss 5 years ago
Felix Stupp c21ee11c66
nginx/application: Blocked all hidden directories except well-known 5 years ago
Felix Stupp 502606b1e3
nginx/application: Set type to text for test file 5 years ago
Felix Stupp 57e422b478
nginx/application: Disabled access_log on acme requests 5 years ago
Felix Stupp efc6431640
Added role server/php 5 years ago
Felix Stupp 8e28bcb0ec
Added role nginx/php 5 years ago
Felix Stupp 72e7857570
nginx/php-pool: Locked reading of php-pool configurations 5 years ago
Felix Stupp 3414e3fd85
nginx/php-pool: Changed group of src directory to nginx user 5 years ago
Felix Stupp 4f1fdf72c7
nginx/php-pool: Added support for env variables 5 years ago
Felix Stupp 452efc2717
common: Reconfigured bash in backup scripts 
Added options for better error handling
 5 years ago
Felix Stupp 7e5ec719d3
server/spotme: Replaced configuration of system user with role usage 5 years ago
Felix Stupp 8e7fd3db9d
git_auto_update: Set default gpg fingerprint to backup fingerprint 5 years ago
Felix Stupp b2b9466a28
common: Added global variable for backup gpg fingerprint 5 years ago
Felix Stupp a87b5d84e9
server/spotme: Made use of role node/application 5 years ago
Felix Stupp 5c1a6b6a89
common: Improved helper script gpg_import_url_key 
- Disabled output from called commands
- Improved shell options when failing
- Alternative return code if key is already stored in keyring
 5 years ago
Felix Stupp 151f2ca896
server/nextcloud: Removed disabled task "Upgrade Nextcloud" 5 years ago
Felix Stupp 25b140f90e
server/nextcloud: Enabled app viewer 5 years ago
Felix Stupp c129d94b73
server/nextcloud: Enabled app privacy 5 years ago
Felix Stupp 9537faa83d
server/nextcloud: Enabled app phonetrack 5 years ago
Felix Stupp d576736e03
server/nextcloud: Enabled app ocdownloader 5 years ago
Felix Stupp 0eacb52089
server/nextcloud: Enabled app files_markdown 5 years ago
Felix Stupp f5ee66de70
server/nextcloud: Enabled app files_ebookreader 5 years ago
Felix Stupp 0150c6191d
server/nextcloud: Enabled app cospend 5 years ago
Felix Stupp 3ffd6c06ac
server/nextcloud: Enabled app cookbook 5 years ago
Felix Stupp cae1f92b60
server/nextcloud: Disabled survey_client app 5 years ago
Felix Stupp 4d735edfe7
server/nextcloud: Added task for disabling not required apps 5 years ago
Felix Stupp 7ac7806dc7
Fixed some lint errors 
- Added missing default parameters
- Added names to tasks
- Configured changed|failed_when options
- Used command instead of shell module
- Changed local_action to delegate_to
- Added line to file ending
 5 years ago
Felix Stupp 02e63f5d2a
server/nextcloud: Moved enabled apps list from tasks to defaults 5 years ago
Felix Stupp 7d4f2a89aa
server/nextcloud: Removed previewgenerator app 5 years ago
Felix Stupp 1819787da4
server/spotme: Used external handler for daemon_reload 5 years ago
Felix Stupp 49f119c6e8
server/node: Used external handler for daemon_reload 5 years ago
Felix Stupp fd08d83275
Restricted permissions for service files 5 years ago
Felix Stupp 98386df525
Added role server/firefox-sync 5 years ago
Felix Stupp 8abcc88a13
server/nextcloud: Allow access for nginx for seeing php files 5 years ago
Felix Stupp ec6202bd61
server/gitea: Added doc for var domain on nginx/proxy 5 years ago
Felix Stupp 133d82e0bb
nginx/proxy: Added doc for var upstream_name 5 years ago
Felix Stupp b6e70b881a
acme: Fixed using correct home and config-home directories 5 years ago
Felix Stupp 5ea380e812
common: Fix auto backup database script 
Encryption failed
 5 years ago
Felix Stupp 2f8ef5dc34
Extracted global var for systemd configuration directory 5 years ago
Felix Stupp bcfd4cb010
Fixed missing mode setting for others 
To disallow access from others than user and group
 5 years ago
Felix Stupp 5afcd6b738
misc/system_user: Allowed configuring user directory parameters 5 years ago
Felix Stupp 0ea1dac688
account: Documentated input variables 
- username
- password
 5 years ago
Felix Stupp d9b4510200
account: Added variable for user directory 5 years ago
Felix Stupp c56ed16851
account: Added configuration for home directory 
For disabling other read rights on home directory
 5 years ago
Felix Stupp ad87ad2e7d
server/gitea: Removed dumping before update 
Global backup service should be enough
 5 years ago
Felix Stupp bef682140b
acme/certificate: Removed invalid command argument 5 years ago
Felix Stupp a3fde6aa3c
acme: Moved certificate handling to custom system user 
Avoided using root for acme.sh
Modified also role nginx/application
 5 years ago
Felix Stupp 9e20b807f1
acme/application: Removed getting if acme is installed 
As it should be installed or otherwise the playbook failed
 5 years ago
Felix Stupp 002ecc28b0
nginx/php-pool: Removed not needed system user configuration 5 years ago
Felix Stupp 5486d06226
nginx/php-fpm: Fixed removing default php-fpm pool 5 years ago
Felix Stupp 964099cfdb
nginx/php-fpm: Added configuration for php opcache 5 years ago
Felix Stupp c25df42253
common: Reworked ssh configuration generation 5 years ago
Felix Stupp 1a5a7b0611
server/nextcloud: Added app previewgenerator 
With its own cron job at 3
 5 years ago
Felix Stupp 380a5dbf2e
server/nextcloud: Added apps Deck, Dicomviewer and suspicious_login 5 years ago
Felix Stupp 1e5dd61270
wireguard/application: Extracted role misc/deb_unstable 5 years ago
Felix Stupp 0dab3bdad2
Added role node/server 5 years ago
Felix Stupp a74f532394
Added role node/application 5 years ago
Felix Stupp 852dbdb143
php-pool: Added domain to required variables (doc-only) 5 years ago
Felix Stupp 9595db481f
Added role misc/system_user 5 years ago
Felix Stupp b229a5c3bf
git_auto_update: Added reset command before checkout 5 years ago
Felix Stupp d570f3cdb3
git_auto_update: Allow reload_command failing during playbook execution 5 years ago
Felix Stupp 67f1e0919e
git_auto_update: Allowed asume group equals owner 5 years ago
Felix Stupp 0944fd798f
common: Added configuration of apt sources 5 years ago
Felix Stupp b6c860548e
server/nextcloud: Changed dependencies back to real one 
Undo of 9216931b33
 5 years ago
Felix Stupp edb298ebaa
server/nextcloud: Combined vars nextcloud_system_user and system_user 5 years ago
Felix Stupp 16d91d83bd
common: Added aptitude to list of common packages 5 years ago
Felix Stupp b4897778b6
server/spotme: Added source of credentials for git repo 5 years ago
Felix Stupp 243b804fa4
dns/master: Added CAA Entry for letsencrypt.org 5 years ago
Felix Stupp 02ff70e699
common: Added downloading and processing ssh host keys 5 years ago
Felix Stupp 6b36435d8d
server/nextcloud: Added libmagickcore to dependencies 5 years ago
Felix Stupp 6742f9789d
mysql/database: Allowed duplications 5 years ago
Felix Stupp 4a09419de4
mysql/application: Removed duplicated locking of user root 5 years ago
Felix Stupp ef666274ba
mysql/application: Combined removing test user for all hosts 5 years ago
Felix Stupp 6381fe6d83
server/nextcloud: Increased memory for php up to 1G 5 years ago
Felix Stupp 029fba1983
nginx/php-pool: Added support for custom memory_limit 5 years ago
Felix Stupp a0000e3c7f
nginx/php*: Fixed handler names for controlling php-fpm service 5 years ago
Felix Stupp 3a5881a721
common: Fixed handler "restart ssh" 5 years ago
Felix Stupp ce90f3dadf
nginx/php-fpm: Fixed getting php-fpm for newer versions of Debian 5 years ago
Felix Stupp 6509b01d71
acme: Added ToDo for "Create custom user ..." 5 years ago
Felix Stupp bae56869f6
acme/certificate: Enabled OCSP must-stable for certificates 5 years ago
Felix Stupp 9ba13c5d73
nginx/application: Enabled OCSP Stapling 5 years ago
Felix Stupp 22f14189c2
nginx/application: Enabled TLSv1.3 and reworked ciphers 5 years ago
Felix Stupp ce1f2fb132
nginx/application: Increased time for HSTS 5 years ago
Felix Stupp 5bed7d067a
nginx/application: Added localhost as resolver for nginx 5 years ago
Felix Stupp d9eb74649f
nginx/application: Fixed missing notify for templates 5 years ago
Felix Stupp 13736ece66
server/nextcloud: Fixed cron job running as the correct user 5 years ago
Felix Stupp 69ec4ef59c
server/nextcloud: Fixed name for cron job 
For allowing different nextcloud instances work simultaneously
 5 years ago
Felix Stupp 52c8e89ff4
server/nextcloud: Change version to newest release 5 years ago
Felix Stupp 1f9f70bc1c
server/nextcloud: Enabled nextcloud app social 5 years ago
Felix Stupp b381bdbd9e
server/nextcloud: Disabled php module mcrypt 
Already preinstalled in base packages
 5 years ago
Felix Stupp 4b7bb44141
server/nextcloud: Allow duplicates for role 5 years ago
Felix Stupp 4bb347344c
server/nextcloud: Moved user directory for nextcloud 5 years ago
Felix Stupp 9216931b33
server/nextcloud: Moved roles into tasks for creating user before 5 years ago
Felix Stupp 826cc1d0b7
common: Added creating of backup files directory 5 years ago
Felix Stupp 1602022134
mysql: Added auto backuping databases 5 years ago
Felix Stupp 53643f6c99
server/nextcloud: Added support for auto backuping data directory 5 years ago
Felix Stupp f77d57eba8
server/gitea: Added auto backup support for repositories 5 years ago
Felix Stupp 39e7f60aba
common: Fixed syntax in backup_databases.sh script 5 years ago
Felix Stupp c02b88bf2e
common: Added support for files backups 5 years ago
Felix Stupp f61da86598
server/nextcloud: Reordered background job and update task 5 years ago
Felix Stupp c2b060df9e
common: Added support for backup databases 5 years ago
Felix Stupp fcba624ac5
common: Fixed typo in task name for packages 5 years ago
Felix Stupp d3f2e8d4b5
Added role wireguard/special_client 5 years ago
Felix Stupp 96ae42477f
Added role wireguard/application 5 years ago
Felix Stupp 93f1207bf9
Added role server/spotme 5 years ago
Felix Stupp 93f30e6919
Added role server/nextcloud 5 years ago
Felix Stupp 0bec0a9630
Added role nginx/server 5 years ago
Felix Stupp 3f19422c0c
Added role nginx/php-pool 5 years ago
Felix Stupp 692b9bf74b
Added role nginx/php-fpm 
For php-fpm setup
 5 years ago
Felix Stupp 30f2210481
git_auto_update: Renamed variable name to repo_name 5 years ago
Felix Stupp e04596e4ab
common: Added dirmngr to packages 5 years ago
Felix Stupp 0df56b9ddc
common: Added helper scripts support and gpg_import_url_key 5 years ago
Felix Stupp 0e8234fa08
common: Fixed ufw setting default deny for incoming traffic 5 years ago
Felix Stupp 9cdc7ccd91
common: Generate locale for german 5 years ago
Felix Stupp 83c2dde55c
server/gitea: Added usage of handlers 5 years ago
Felix Stupp c10bb0160d
Added role misc/handlers 
As handlers collection for general, preinstalled applications
 5 years ago
Felix Stupp 262cba5952
server/gitea: Removed note about change required 5 years ago
Felix Stupp 3327a9e4b4
server/gitea: Used derivation of pass/name by database role 5 years ago
Felix Stupp c9206ff499
mysql/database: Added derivation of password and database name 5 years ago
Felix Stupp df88e582a7
dns/master: Added dnssec support 
- Generation of keys
- Signing zone after each change
 5 years ago
Felix Stupp 69026d8d27
dns/master: Moved zone files into directory per zone 5 years ago
Felix Stupp 93891c25a5
dns/application: Added config for bind9 
- Enabled dnssec by default
 5 years ago
Felix Stupp befbff3c7e
dns/master: Added prefix for paths to vars in default 5 years ago
Felix Stupp f85d1a4477
roles/nginx/forward: nginx configuration "redirect" -> "return" 5 years ago
Felix Stupp d938fdfb39
roles/nginx/forward: Fixed name of configuration template 5 years ago
Felix Stupp 3fbead1377
Added roles/server/static 5 years ago
Felix Stupp f20776e1bd
Added roles/git_auto_update 5 years ago
Felix Stupp 2b63f1a248
Added roles/dns/{application,master,slave} 5 years ago
Felix Stupp b804ae005e
roles/server/gitea: Fixed creating dump on first download 5 years ago
Felix Stupp 1965972379
roles/server/gitea: Changed gpg keyserver pool to europe only 
Because latency is lower
 5 years ago
Felix Stupp e0464d5ddb
roles/server/gitea: Reworked gitea / service configuration 5 years ago
Felix Stupp a3d6116caa
roles/server/gitea: Fixed cron configuration 5 years ago
Felix Stupp e7bdb5f26b
roles/server/gitea: Run update script as root 5 years ago
Felix Stupp f0f8a4a5c3
roles/server/gitea: Reordered configuration 5 years ago
Felix Stupp 542bf0809c
roles/server/gitea: Defined default variable backend_socket 5 years ago
Felix Stupp 65d8840abb
roles/server/gitea: Reworked owner, group and mode settings for directories 5 years ago
Felix Stupp 2bce35c643
roles/server/gitea: Defined shell for user git 5 years ago
Felix Stupp 286aac3470
roles/server/gitea: Reworked usage of nginx/proxy 5 years ago
Felix Stupp 7d8be15582
roles/nginx/proxy: Reworked proxy to adapt to upstreams 5 years ago
Felix Stupp bdf96b6eeb
roles/nginx/static added 5 years ago
Felix Stupp 309d23ba8a
roles/nginx: Reworked upstreams 5 years ago
Felix Stupp 6c310a8f3d
roles/nginx/application: Set allow_duplicates to false 5 years ago
Felix Stupp 6b376cacfa
roles/nginx/application: Added snippets acme and root 5 years ago
Felix Stupp da676ebc32
roles/nginx/application: Included upstreams directory 5 years ago
Felix Stupp 7e56f8ada5
roles/nginx/application: Fixed global forwarding to https 5 years ago
Felix Stupp 097ff3d743
roles/nginx/application: Fixed nginx variable configuration 5 years ago
Felix Stupp 5676165f1c
roles/nginx/application: Fixed configuration for global logs 5 years ago
Felix Stupp d80261fe53
roles/nginx/application: Added validation for nginx.conf 5 years ago
Felix Stupp 007c7ed2a4
roles/nginx/application: Fixed task names containing item keyword 5 years ago
Felix Stupp fad2b9bc7c
Removed forwarding of domain variable causing loop of resolving 5 years ago
Felix Stupp 8c55df251a
mysql/database: Renamed database parameters 5 years ago
Felix Stupp 4225f14774
roles/mysql/application: Removed unnecessary quotes 5 years ago
Felix Stupp 021cd2cb57
roles/mysql: Fixed handling of handlers 5 years ago
Felix Stupp 3894d27b25
roles/mysql/application: Fixed generating credentials 5 years ago
Felix Stupp 401d9bbb16
roles/hostname: Fixed setting hostname in /etc/hostname: Added newline 5 years ago
Felix Stupp f2c6d0d249
roles/common: Create directory for all auto update scripts 5 years ago
Felix Stupp 60b6d4778e
roles/common: Store ssh public key of root locally 5 years ago
Felix Stupp c49e9cc9b9
roles/common: Create ssh key for root user by default 5 years ago
Felix Stupp 014c5d7c92
roles/common: Removed credentials feature 5 years ago
Felix Stupp ae8482c883
roles/server/gitea: Removed old file update_gitea.sh 
Replaced by template update_gitea.sh
 5 years ago
Felix Stupp b0c25e6cb3
roles/server/gitea: Moved update script path to global location 5 years ago
Felix Stupp a408ba3e86
roles/server/gitea: Fixed creating credentials 5 years ago
Felix Stupp ec446f4986
roles/server/gitea: Adapted location of user directory 5 years ago
Felix Stupp 9321e75b4b
roles/server/gitea: Fixed default name of service 5 years ago
Felix Stupp d3a6337a24
Removed role close_credentials 5 years ago
Felix Stupp 1dd31a451f
acme_certificate: Defined changed_when for calling acme.sh 5 years ago
Felix Stupp 226bc9c873
Reconfigured nginx / acme validation handling 5 years ago
Felix Stupp 308c6a95d4
Configured allow_duplicates for several roles 5 years ago
Felix Stupp f502ba4574
Added role nginx/proxy 
Also added needed dependencies
 5 years ago
Felix Stupp 7122bcf9e3
nginx/application: Enabled acme verification for all over http 5 years ago
Felix Stupp facee1a61d
nginx/application: Extracted acme snippets from global 5 years ago
Felix Stupp d08159eb24
nginx/application: Removed duplicated ssl configuration 5 years ago
Felix Stupp b49a832759
nginx/application: Added rules for firewall 5 years ago
Felix Stupp 2186137327
nginx/application: Used vars in nginx.conf 5 years ago
Felix Stupp 7a84ae4fdc
nginx/application: Fixed uploading and including snippets 5 years ago
Felix Stupp ec59a31dea
roles/nginx/forward: Changed var name "destination" to "dest" 5 years ago
Felix Stupp c5a170bf2e
roles/bootstrap: Added sudo to required packages 5 years ago
Felix Stupp 63ca530071
roles/common: Added dnsutils to common packages 5 years ago
Felix Stupp 6a6e2f6602
Moved dependency of certificate validation directory to nginx role 5 years ago
Felix Stupp 01fafa5ca1
nginx: Reworked global ssl and https configuration 5 years ago
Felix Stupp c2bd392675
Added role nginx/forward 5 years ago
Felix Stupp 08ebc2f5cb
Added role nginx/application 5 years ago
Felix Stupp b380249c0c
Added role nginx/all_mail_proxy 5 years ago
Felix Stupp 88afbf7106
Added role nginx/mail_proxy 5 years ago
Felix Stupp fad1abc638
Added role server/gitea 5 years ago
Felix Stupp 80dc14fd96
Added roles for mysql 5 years ago
Felix Stupp 3910b1bac6
Added role hostname 5 years ago
Felix Stupp 596c03fe22
Added role bootstrap 5 years ago
Felix Stupp 04b571f59c
Added role account 5 years ago
Felix Stupp d3494ed1b9
Added role common 5 years ago
Felix Stupp 4862b9dd69
Added roles for automatic certificate issue with acme.sh 5 years ago