banananetwork
/
ansible
1
0
Fork 0
Code Issues Pull Requests Releases Activity
943 Commits
3 Branches
0 Tags
1.7 MiB
master
dehydrated
wip
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Commit Graph

684 Commits (master)

Author SHA1 Message Date
Felix Stupp f2e669734b
common: Readd package acl 
Required for ansible temporary files if becoming an unprivileged user, see
https://docs.ansible.com/ansible/latest/user_guide/become.html#risks-of-becoming-an-unprivileged-user

This reverts commit 3c7fb65ac9.
 4 years ago
Felix Stupp c258a5d1bb
server/minecraft: Add SRV dns entry 4 years ago
Felix Stupp 55b27c041b
dns: Extracted role entries from server_entries 4 years ago
Felix Stupp 39771c907f
dns/server_entries: Renamed var all_entries to entries 4 years ago
Felix Stupp 9d23e12a16
dns/master: Now considered vars for nameserver and mail to be absolute 
Meaning the var itself must not have a dot at the end of the name,
but an usage of the variable may need to append a dot.
 4 years ago
Felix Stupp 40c6a3ab0f
dns/server_entries: Allow duplicate execution of role 4 years ago
Felix Stupp 1958c4df54
dns: Renamed role entries to server_entries 
To distinguish between simple entries role (coming in the future) and
entries role bundled with server-related entries (A, AAAA, SSHFP)
 4 years ago
Felix Stupp 08fafbf98f
dns/entries: Fixed SYNC comment to role dns/master 4 years ago
Felix Stupp 9121fd2c37
server/tt-rss: Moved repo clone method to standardized release tags 4 years ago
Felix Stupp debbcb1a1b
nginx: Moved dot-file-exclution from global snippet to root snippet 
Only file based servers may require this directive,
other servers are not expected to leak hidden files other than on purpose
 4 years ago
Felix Stupp cca87f6425
nginx/php: Changed global include to root include 
root snippet is there for file based servers, including php
 4 years ago
Felix Stupp f2c92e94e2
nginx: Moved index directive from root snippet to specific static role 4 years ago
Felix Stupp dd48448828
nginx/php: Removed debian-specific index file from config 4 years ago
Felix Stupp 58955871ad
nginx/application: Removed specfic exclusion of htaccess files 
Because dot files are already blocked in general
 4 years ago
Felix Stupp 9394b66f47
wireguard/application: Added sorting of peer files before combining 4 years ago
Felix Stupp e09fb25104
Added role misc/dnsmasq as dnssec resolver 4 years ago
Felix Stupp 2158b2717d
dns/master: Added support for dname to root zone 4 years ago
Felix Stupp 0b388a7e9a
git_auto_update: Added brackets for less ambiguity 4 years ago
Felix Stupp 9a8996d69e
git_auto_update: Increased check options for update script 4 years ago
Felix Stupp 2515ab82db
roles/nfs: Improved var usages 
- Extracted global_nfs_directory from default root_directory
- Added usage of export_path
 4 years ago
Felix Stupp 04c71a8611
common: ssh makefile: Sort part files before combining 4 years ago
Felix Stupp d09b7ea8c3
mysql: Configure mysql_user and mysql_password 4 years ago
Felix Stupp 164cdbbc79
common: Tagged ip blocklist for easier skipping 4 years ago
Felix Stupp 187f573d4f
common: Added pv to required common packages 4 years ago
Felix Stupp 424b85eec8
mysql/database: Added database_template function 4 years ago
Felix Stupp c6309b92ad
mysql/database: Documented database_user as required var 4 years ago
Felix Stupp a3eb7778a8
server/nextcloud: Add packages for SMB access 4 years ago
Felix Stupp 2a161ca509
acme/certificate: Ensure dns entry is given by depending on role dns/entries 4 years ago
Felix Stupp 5a41a9afc9
acme/certificate: Document var domain as required 4 years ago
Felix Stupp b3620fa3c8
dns/application: makefile combine: Sort files before combining 
Ensures 0_main.db is before other files
 4 years ago
Felix Stupp 979abba1aa
Added role dns/entries for configuring dns entries 4 years ago
Felix Stupp eff48f1773
Changed approach for generating sshfp RR to lookup on python script 4 years ago
Felix Stupp 748999d36d
dns: Moved var zones_environment_directory to global vars 4 years ago
Felix Stupp f8c01d46f6
dns/master: Fix permissions for dns env dir 4 years ago
Felix Stupp bf00dcb6dd
dns/application: Moved var configuration_directory to global vars 4 years ago
Felix Stupp eb632a8f2c
dns/master: Store mapping of domain to host in public_keys 4 years ago
Felix Stupp 592bb483cf
common: Used variable global_ssh_key_directory for public_keys path 4 years ago
Felix Stupp c58223c21b
server/gitea: Disable logging of SQL requests 4 years ago
Felix Stupp 3b33ff4c0c
fail2ban/application: Set file permissions for sshd.local config 4 years ago
Felix Stupp 2526033405
fail2ban/application: Send log messages to journald 4 years ago
Felix Stupp 0043d6255a
nginx/application global.conf: Added comment to excluding hidden files 4 years ago
Felix Stupp 025f77736a
dns: Changed approach for DNSSEC signing to inline-signing 
- Moved keys into own directory
- Replaced makefile per zone by makefile for all zones
  - Only combining of zone files and setting serial number
  - signing now made by bind
- Added AppArmor profile extension for creating dynamic zone files
 4 years ago
Felix Stupp 274f658016
nginx/php-pool: Fixed permissions for other 4 years ago
Felix Stupp e85ad8fed3
dns: Fixed applying permissions to directories 4 years ago
Felix Stupp c89ec27f6d
dns/master: Changed TODO for "Copy public key" to "Copy ZSK" 
Only required and beneficial for ZSK
 4 years ago
Felix Stupp 905a887b80
dns: Renamed zones_configuration_environment_ to zones_environment 4 years ago
Felix Stupp 7e2813928e
dns: Renamed variables, removed prefix dns_ on not essential variable names 4 years ago
Felix Stupp 4e6df015f5
Added roles nfs/server and nfs/export 4 years ago
Felix Stupp 24ab62d6a0
acme/application: Fixed usage of YAML multiline for "Upgrade acme.sh" 4 years ago
Felix Stupp a03a335430
account: Added bmon to tools list 4 years ago
Felix Stupp a576893776
misc/docker: Install docker-compose bindings for python3 4 years ago
Felix Stupp b600f678ca
misc/docker: Install python3 docker bindings using package manager 4 years ago
Felix Stupp 8758553a02
common: Install explicit python3 interpreter 4 years ago
Felix Stupp 2dcfd1b09e
nginx: Added full paths to includes of snippets / fastcgi_params 
To allow Ansible to validate the main config if placed on different
locations
 4 years ago
Felix Stupp ff7275cb60
server/{linx,spotme}: Removed default bind_port 4 years ago
Felix Stupp 4a186854cf
server/node: Renamed variable app_port to bind_port 4 years ago
Felix Stupp f6c1aff55a
server/spotme: Renamed variable spotme_port to bind_port 4 years ago
Felix Stupp 7e0df4abc5
Added variable local_user for user running playbook 
Useful if tasks store data on the local machine
 4 years ago
Felix Stupp 9d50f84321
server/firefox-sync: Changed remote repo url back to official repo 4 years ago
Felix Stupp f91f2bc325
Added role fail2ban/application 4 years ago
Felix Stupp c110a24e9f
common: sshd: Disable weak key algorithms 4 years ago
Felix Stupp 505c85eb11
common: Disable root login over ssh 4 years ago
Felix Stupp 651794a136
common: sshd: Disable X11 Forwarding globally 4 years ago
Felix Stupp baace3ce16
misc/handlers: Changed "restart ssh" to "reload ssh" 4 years ago
Felix Stupp 025d8a3256
Added role misc/ssh_tg_notify 
- Added role to common site
- Added variables required to global vars and vault
 4 years ago
Felix Stupp 69b884ad3f
bootstrap: Configure ssh key used to connect on new user 4 years ago
Felix Stupp f610812fc7
bootstrap: Ensure user has .ssh/authorized_keys before trying to copy 4 years ago
Felix Stupp 096554f37b
mqtt/user: Fixed usage of var user (before username) 4 years ago
Felix Stupp fe393bd246
mqtt/application: Enforce sort part files before combining for acl and auth 4 years ago
Felix Stupp 1a608ce172
mqtt/application: Remove config use_username_as_clientid 
Seems to block users with different username and clientid
 4 years ago
Felix Stupp e18f7f32e0
mqtt/application: Add paths for acl and auth files to config 4 years ago
Felix Stupp 46e932049e
mqtt/application: Allow root to read SYS topics 4 years ago
Felix Stupp b6de0c1a4d
mqtt/application: Fix usage of variable configuration_directory 4 years ago
Felix Stupp cf632d1a56
mqtt: Ensure create auth files before writing using mosquitto_passwd 
Fixes error on calling tool if file does not exist
 4 years ago
Felix Stupp 4b6cef5c10
mqtt/application: Notify handlers on change to makefile 4 years ago
Felix Stupp 82c7666ae8
mqtt/application: Fix port for mosquitto server 4 years ago
Felix Stupp 81dab362a6
misc/docker: Do not install recommended packages to fix issue on raspberry 4 years ago
Felix Stupp fcae6e8429
Added blocklist of known malicious ip addresses applied by role common 4 years ago
Felix Stupp f2c9b17194
Moved packages only required for admin account from role common to role account 4 years ago
Felix Stupp 25df92ee7b
common: Removed package buffer 
Replaced by pv integrated buffering
which supports greater limits.
 4 years ago
Felix Stupp e68c6ffe50
common: Added todo / comment to (transition) package apt-transport-https 4 years ago
Felix Stupp 3c7fb65ac9
common: Removed package acl 
Not installable on Raspbian and also not used on any Debian system
 4 years ago
Felix Stupp 9e8d1b5220
common: Fix applying sources.list for different distributions 4 years ago
Felix Stupp b3f05edb6f
account: Added exa to packages 4 years ago
Felix Stupp 8ebe8aecfb
nginx/application: Hide server tokens per default 4 years ago
Felix Stupp 69dfba9911
mqtt/application: Added linking of configuration directory to environment 4 years ago
Felix Stupp 18832f4eb0
mqtt/application: Fixed names of variables admin_{user,pass} 4 years ago
Felix Stupp 9dc203621e
mqtt: Fixed wording 'notifiy' to 'notify' 4 years ago
Felix Stupp 0b69a41ebc
Added roles mqtt/application and mqtt/user 4 years ago
Felix Stupp ab1a067cff
dns/master: Added flush_handlers before role ends 4 years ago
Felix Stupp 371b1d5751
dns/application: Fixed permissions for zone databases directories 4 years ago
Felix Stupp 64576c8ff5
dns/master: zone.makefile: Added cd to key signing 4 years ago
Felix Stupp ab61090340
dns/master: zone.makefile: Added check for directories not equal 4 years ago
Felix Stupp bb8a2759ec
dns/master: zone.makefile: Changed usage of var dest 4 years ago
Felix Stupp d052a08f0d
dns/master: zone.makefile: Fixed format 4 years ago
Felix Stupp ebbacdce0c
dns/master: Added dependency to role dns/master_handlers 4 years ago
Felix Stupp 73c9a72590
dns: Fixed usages of var dns_zones_configuration_environment_directory 4 years ago
Felix Stupp 0662df1ca5
dns/master: Let serial number configured by dnssec-signzone 4 years ago
Felix Stupp d8f1b36ee1
dns/master: Moved building of zone files to makefile 4 years ago
Felix Stupp 208e277e79
Added role dns/master_handlers for makefile handler 4 years ago
Felix Stupp d7991e0bbb
dns/master: Added configuring configuration environment 4 years ago
Felix Stupp 5627a36949
dns/master: Extracted database_signed_file_name of database_signed_file 4 years ago
Felix Stupp a206642f77
dns/master: Extracted database_file_name of database_file 4 years ago
Felix Stupp 36bf7f9d18
dns/master: Declared var domain to be required 4 years ago
Felix Stupp 141d343d6d
Extracted dns/handlers out of dns/applications 4 years ago
Felix Stupp 8e95846002
dns/master: Added create zone environment directory 4 years ago
Felix Stupp de2bfe430c
dns/master: Rewrite create zone directories using loop 4 years ago
Felix Stupp 065050d5c2
dns/application: Added zone configuration environment directory 4 years ago
Felix Stupp 479430a9e9
dns/application: Reconfigured creating zone directories using loop 4 years ago
Felix Stupp 19b5fb3f9e
dns/application: Configured directory permissions for zones directory 4 years ago
Felix Stupp 8aacd27f31
dns/application: Configured group owner for bind main configuration 4 years ago
Felix Stupp c8dc602f09
account: Configure sudo insults 4 years ago
Felix Stupp ff3d6cba8e
Added group os_raspbian 4 years ago
Felix Stupp 78032d343f
common: Made sources.list dependent of distribution 4 years ago
Felix Stupp 5555c86357
server/gitea: Reworked configuration with defaults 4 years ago
Felix Stupp a9798fedc8
server/gitea: Fixed output of wget in update script 4 years ago
Felix Stupp e9db3d7d56
misc/backup: Secured shell commands for file backups 4 years ago
Felix Stupp a150266548
server/minecraft: Enabled auto backup 4 years ago
Felix Stupp 6dd5c75e67
misc/backup_files: Added support for commands executed before / after backup 4 years ago
Felix Stupp 3fb273aaae
server/minecraft: Fixed downloading Minecraft Server version 4 years ago
Felix Stupp e0342a6bba
server/linx: Added helper script for uploading files to the service 4 years ago
Felix Stupp 3737a2ad10
server/nextcloud: Added apps against ransomware to default 4 years ago
Felix Stupp e24613d02c
acme/application: Added installing helper scripts for managing 4 years ago
Felix Stupp e2b7778c8b
nginx/application: Changed Referrer-Policy to strict-origin 
For better enforcing of secure handling of referrer information
 4 years ago
Felix Stupp 54a8ad0d86
server/nextcloud: Removed doubled referrer-policy 
Referrer-Policy already configured by global configuration
 4 years ago
Felix Stupp 1855deb351
nginx/server: Documentated required variables 4 years ago
Felix Stupp bc8233990f
common: Scheduled removal of old backups at 0:30 
So for the most time two states are stored on the server.
The storage which will stay free can be better used to calculate the
storage which can still be used by dividing the free storage by 3.
 4 years ago
Felix Stupp ff054f4a04
Added role server/linx 4 years ago
Felix Stupp 8b75c49917
nginx/proxy: Made dependent on nginx/server and allowed additional directives 4 years ago
Felix Stupp 92b98dd3fe
server/gitea: Allow duplicate execution of role for multiple servers 5 years ago
Felix Stupp 79cf87663e
server/minecraft: Removed comment "for naming" of minecraft_version 
As the minecraft_version now indicates the to get installed version
 5 years ago
Felix Stupp d0907975ad
server/minecraft: Allow query requests in minecraft server 5 years ago
Felix Stupp a65ba1ec64
server/minecraft: Allow query requests through firewall 5 years ago
Felix Stupp 7fad2a89be
server/minecraft: Allow configure of query port 5 years ago
Felix Stupp adbfd8dff0
server/minecraft: Added comment to firewall rule for server 5 years ago
Felix Stupp ffd1ff826e
server/minecraft: Fix query port to default minecraft port 5 years ago
Felix Stupp dd86bec08b
server/minecraft: Allow configure motd 5 years ago
Felix Stupp d37c1c58bb
misc/backup_files: Allow multiple file backups (bugfix) 5 years ago
Felix Stupp ecd0eb1eaa
mysql/backup_database: Allow multiple databases backups (bugfix) 5 years ago
Felix Stupp 3f64b70b04
server/minecraft: Optimized JVM execution 5 years ago
Felix Stupp f3db11cdfe
server/minecraft: Increased priority of service (nice decreased to 2) 5 years ago
Felix Stupp 295554e947
server/minecraft: Allow configuring view distance 5 years ago
Felix Stupp fea798b83c
server/minecraft: Decreased view distance to 10 5 years ago
Felix Stupp 46889a6e04
server/minecraft/launch: Configured JVM to server mode 5 years ago
Felix Stupp fc39db2a48
server/minecraft: Added loop_control to complex loops 5 years ago
Felix Stupp 3912baef87
server/minecraft: Added handler for restart if service controlling scripts where changed 5 years ago
Felix Stupp 9d177c783d
server/minecraft: Split service controlling scripts and server controlling scripts 5 years ago
Felix Stupp 9dbd811fdb
server/minecraft/apparmor: Allowed access for checking player logins 5 years ago
Felix Stupp a4db0c47a2
server/minecraft/launch: Split scipt line into line per argument 5 years ago
Felix Stupp f8a8f62911
server/minecraft/service: Added sending warning to players about restart 5 years ago
Felix Stupp 895989ec4b
server/minecraft/service: Allowed installation of service 5 years ago
Felix Stupp 08dd7ccc26
server/minecraft: Combined default start_ram and max_ram to ram 5 years ago
Felix Stupp 75d45b724a
server/minecraft: Moved apparmor profile to AA's default location 5 years ago
Felix Stupp 79833e52ca
server/minecraft/apparmor: Used variables for java path replacing version and architecture 5 years ago
Felix Stupp 16fc6bd1f0
server/minecraft/apparmor: Used variables instead of fixed paths 5 years ago
Felix Stupp 5e1e4e6b0a
server/minecraft/apparmor: Fixed access to data directory 5 years ago
Felix Stupp 443de0c28b
server/minecraft/apparmor: Replaced wildcard with pid of protected process 5 years ago
Felix Stupp f67d2e7414
server/minecraft/apparmor: Reorded /proc directives 5 years ago
Felix Stupp a4535893a2
mysql/backup_database: Fixed creating correct directory 5 years ago
Felix Stupp e62a3c7232
common: backup_autoremove: force rm 
so no error occurs because no parameter was given
 5 years ago
Felix Stupp 00fa7852e1
common: backup_autoremove: Fix call find 5 years ago
Felix Stupp 102de98479
common: Configured auto remove of backups 5 years ago
Felix Stupp 8623d84b01
common: Ordered backup_files before backup_mysql_database 5 years ago
Felix Stupp fce052c32b
common: backup_rename: Fixed getting multiple extensions 5 years ago
Felix Stupp 10ef319008
Moved mysql database backups into certain directory 5 years ago
Felix Stupp 4be0e9377f
Moved file backups into certain directories 5 years ago
Felix Stupp c959db1d3f
common: backup_mysql_database: Adapted script to structure of backup_files 5 years ago
Felix Stupp 63e0a85dc0
common: backup_files: Rename backups to just date.ext 5 years ago
Felix Stupp 07706a1119
common: backup_rename: Surrounded variable contents with quotation marks 5 years ago
Felix Stupp a4b47021c3
Replaced shebangs using /usr/bin/env 5 years ago
Felix Stupp d66a4b5b24
mysql/backup_database: Removed TODO for special user 
Is not good adaptable in current structure
 5 years ago
Felix Stupp cbb4b5eb79
mysql/backup_database: Create separate script containing backup command 5 years ago
Felix Stupp fa16579311
misc/backup_files: Create separate script containing backup command 5 years ago
Felix Stupp e6cbc59571
common: Added create backup scripts directories 5 years ago
Felix Stupp 5b253fd6b6
common: Generalized creating directories for scripts 5 years ago
Felix Stupp 8303d0126e
Extracted role misc/backup_files from server/{gitea,nextcloud} 5 years ago
Felix Stupp 83e249e73c
server/gitea: Removed already done TODO 5 years ago
Felix Stupp 5443259453
mysql/backup_database: Renamed cron job 5 years ago
Felix Stupp 94ee600180
common: backup_files: Fixed packing tar 5 years ago
Felix Stupp 99c4c21cad
Reordered backups_files_directory above backups_mysql_database_directory 5 years ago
Felix Stupp 4874bc2bbd
Renamed global variable backups_databases_directory to backups_mysql_database_directory 
In order to specify and separate backups of different database services
 5 years ago
Felix Stupp fdb08f1eaf
Extracted role mysql/backup_database from mysql/database 5 years ago
Felix Stupp 73f1db7961
Specified backup_database to backup_mysql_database 5 years ago
Felix Stupp e8503c41a4
common: Replaced buffer with pv as buffer 
Also increased buffer size to 256M
 5 years ago
Felix Stupp 4c9a2a8eb7
common: Reformated commands 5 years ago
Felix Stupp 9b80b89f27
server/minecraft: Configured rcon port automatically using server port 5 years ago
Felix Stupp 8f35931033
server/minecraft: Configured apparmor profile 5 years ago
Felix Stupp b3648c9362
server/minecraft: systemd uses launch script for starting service 5 years ago
Felix Stupp 8643456bd9
server/minecraft: Added launch script 5 years ago
Felix Stupp f5bd293d83
server/minecraft: generalized configuring scripts 5 years ago
Felix Stupp ad24eed923
server/minecraft: systemd waits until server exited 5 years ago
Felix Stupp 898a30789a
server/minecraft: Allowed global defining of java version 5 years ago
Felix Stupp 37f93d9471
server/minecraft: Allowed auto detecting link for downloading server version 5 years ago
Felix Stupp 82db6cb8fd
Added role server/minecraft 5 years ago
Felix Stupp ae7361f4c6
server/gitea: update_gitea: Fixed getting newest version 5 years ago
Felix Stupp cf15eff4f4
server/gitea: update_gitea expanded arguments for readability 5 years ago
Felix Stupp fb0c1f0901
Changed "ansible_fqdn" to "inventory_hostname" 
Due to some hosts misconfigure fqdn themselves
 5 years ago
Felix Stupp 574b07f2f4
misc/deb_unstable: Allow configuring priority for unstable repository 5 years ago
Felix Stupp 429833c457
account: ignore_errors on configuring authorized_keys 
Depends on server itself, so this should be optional
 5 years ago
Felix Stupp 3547927d5a
acme/certificate: Added support for custom reload cmd 5 years ago
Felix Stupp 46bb166475
server/gitea: Use scp-style uri for ssh cloning 5 years ago
Felix Stupp 431f15b91f
server/gitea: Allow interacting via HTTP 5 years ago
Felix Stupp 67deed23a0
server/nextcloud: Remove become_user at include_tasks 
Raised error
 5 years ago
Felix Stupp 665b6710aa
git_auto_update: Fixed check if reload was successful 5 years ago
Felix Stupp 4445a53b28
git_auto_update: Allowed omiting of sign check 5 years ago
Felix Stupp c31f3c2f50
git_auto_update: update.sh: Fixed quoting of used variables 5 years ago
Felix Stupp 768cb0cfb4
Reworked wireguard configurations 5 years ago
Felix Stupp 70e92b8c94
Merge branch 'master' of git.banananet.work:banananetwork/ansible 5 years ago
Felix Stupp a667132cb4
server/nextcloud: Applied security patch 
CVE-2019-11043
see https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/
 5 years ago
Felix Stupp 9c63c8516b
nginx/application: Disabled SSL Session Tickets 5 years ago
Felix Stupp 409ea327f0
nginx/application: Increased ssl_cache timeout 5 years ago
Felix Stupp 94f1463a87
mysql/application: Fixed configuring query cache 
- Added notify
- Changed path of config file
 5 years ago
Felix Stupp e76d90a4f5
server/nextcloud: Added support for APCu cache 5 years ago
Felix Stupp 4c463055b4
server/nextcloud: Restricted regexp modifing nextcloud config 5 years ago
Felix Stupp b9f060a0ce
nginx/php-fpm: Added installation of apcu cache 5 years ago
Felix Stupp 7df2668208
nginx/php-fpm: Increased size of opcache memory consumption to 256 5 years ago
Felix Stupp 41a41c91fb
mysql/application: Added config for query cache 5 years ago
Felix Stupp 002128686d
server/tt-rss: Configured database to use UTF8MB4 5 years ago
Felix Stupp 206c940d16
nginx/php-pool: Tuned up childs at php 5 years ago
Felix Stupp a592e7f9c2
misc/debian_unstable: Added flush of handlers for refreshing apt cache 5 years ago
Felix Stupp 670833242a
misc/deb_unstable: Make mirror adaptive to server selection 5 years ago
Felix Stupp 68a0680cb6
misc/ip_discover: Fixed name for credentials directory 5 years ago
Felix Stupp 1f26debcf2
server/node: Added support for specific environment variables 5 years ago
Felix Stupp 34da73722c
Added role ip_discover 5 years ago
Felix Stupp 8b1d9ea65d
misc/docker: Disallowed duplicate execution of role 5 years ago
Felix Stupp d165074600
wireguard/application: Removed updating apt cache 5 years ago
Felix Stupp c73872df3a
misc/deb_unstable: Added updating of apt cache using handler 5 years ago
Felix Stupp 283e450c16
misc/handlers: Added handler "update apt cache" 5 years ago
Felix Stupp caf70f632e
server/node: Added missing handlers dependency 5 years ago
Felix Stupp fc897ea3b9
nginx/application: Fixed configuring resolver for OCSP Stapling 5 years ago
Felix Stupp 71945523fa
Added role misc/docker 5 years ago
Felix Stupp 71e1b4a17c
common: Added custom fact for dpkg architecture 5 years ago
Felix Stupp 3b86e1f5a6
server/nextcloud: Removed app tasks from nextcloud 5 years ago
Felix Stupp d0186923b2
server/spotme: Changed default system user to domain 5 years ago
Felix Stupp e4066f764a
server/nextcloud: Fixed location of admin credential 5 years ago
Felix Stupp d736b5714d
server/nextcloud: Changed default system user to domain 5 years ago
Felix Stupp 76fd5471e3
server/gitea: Fixed default tokens location 5 years ago
Felix Stupp 3804c7d138
server/gitea: Changed default system user to domain name 5 years ago
Felix Stupp 03884cbf3e
nginx/server: Allowed duplicates of role 5 years ago
Felix Stupp edf455bf66
nginx/application: Allowed dot files uploads by Nextcloud 5 years ago
Felix Stupp 9a129a7f2f
bootstrap: Added disconnect before removing privileged user 5 years ago
Felix Stupp 3324461e65
account: Added config for authorized_keys 5 years ago
Felix Stupp afc80db48a
common: backup_files.sh: Disable compression of gpg 5 years ago
Felix Stupp 2bd16aa377
Added role server/tt-rss 5 years ago
Felix Stupp c21ee11c66
nginx/application: Blocked all hidden directories except well-known 5 years ago
Felix Stupp 502606b1e3
nginx/application: Set type to text for test file 5 years ago
Felix Stupp 57e422b478
nginx/application: Disabled access_log on acme requests 5 years ago
Felix Stupp efc6431640
Added role server/php 5 years ago
Felix Stupp 8e28bcb0ec
Added role nginx/php 5 years ago
Felix Stupp 72e7857570
nginx/php-pool: Locked reading of php-pool configurations 5 years ago
Felix Stupp 3414e3fd85
nginx/php-pool: Changed group of src directory to nginx user 5 years ago
Felix Stupp 4f1fdf72c7
nginx/php-pool: Added support for env variables 5 years ago
Felix Stupp 452efc2717
common: Reconfigured bash in backup scripts 
Added options for better error handling
 5 years ago
Felix Stupp 7e5ec719d3
server/spotme: Replaced configuration of system user with role usage 5 years ago
Felix Stupp 8e7fd3db9d
git_auto_update: Set default gpg fingerprint to backup fingerprint 5 years ago
Felix Stupp b2b9466a28
common: Added global variable for backup gpg fingerprint 5 years ago
Felix Stupp a87b5d84e9
server/spotme: Made use of role node/application 5 years ago
Felix Stupp 5c1a6b6a89
common: Improved helper script gpg_import_url_key 
- Disabled output from called commands
- Improved shell options when failing
- Alternative return code if key is already stored in keyring
 5 years ago
Felix Stupp 151f2ca896
server/nextcloud: Removed disabled task "Upgrade Nextcloud" 5 years ago
Felix Stupp 25b140f90e
server/nextcloud: Enabled app viewer 5 years ago
Felix Stupp c129d94b73
server/nextcloud: Enabled app privacy 5 years ago
Felix Stupp 9537faa83d
server/nextcloud: Enabled app phonetrack 5 years ago
Felix Stupp d576736e03
server/nextcloud: Enabled app ocdownloader 5 years ago
Felix Stupp 0eacb52089
server/nextcloud: Enabled app files_markdown 5 years ago
Felix Stupp f5ee66de70
server/nextcloud: Enabled app files_ebookreader 5 years ago
Felix Stupp 0150c6191d
server/nextcloud: Enabled app cospend 5 years ago
Felix Stupp 3ffd6c06ac
server/nextcloud: Enabled app cookbook 5 years ago
Felix Stupp cae1f92b60
server/nextcloud: Disabled survey_client app 5 years ago
Felix Stupp 4d735edfe7
server/nextcloud: Added task for disabling not required apps 5 years ago
Felix Stupp 7ac7806dc7
Fixed some lint errors 
- Added missing default parameters
- Added names to tasks
- Configured changed|failed_when options
- Used command instead of shell module
- Changed local_action to delegate_to
- Added line to file ending
 5 years ago
Felix Stupp 02e63f5d2a
server/nextcloud: Moved enabled apps list from tasks to defaults 5 years ago
Felix Stupp 7d4f2a89aa
server/nextcloud: Removed previewgenerator app 5 years ago
Felix Stupp 1819787da4
server/spotme: Used external handler for daemon_reload 5 years ago
Felix Stupp 49f119c6e8
server/node: Used external handler for daemon_reload 5 years ago
Felix Stupp fd08d83275
Restricted permissions for service files 5 years ago
Felix Stupp 98386df525
Added role server/firefox-sync 5 years ago
Felix Stupp 8abcc88a13
server/nextcloud: Allow access for nginx for seeing php files 5 years ago
Felix Stupp ec6202bd61
server/gitea: Added doc for var domain on nginx/proxy 5 years ago
Felix Stupp 133d82e0bb
nginx/proxy: Added doc for var upstream_name 5 years ago
Felix Stupp b6e70b881a
acme: Fixed using correct home and config-home directories 5 years ago
Felix Stupp 5ea380e812
common: Fix auto backup database script 
Encryption failed
 5 years ago
Felix Stupp 2f8ef5dc34
Extracted global var for systemd configuration directory 5 years ago
Felix Stupp bcfd4cb010
Fixed missing mode setting for others 
To disallow access from others than user and group
 5 years ago
Felix Stupp 5afcd6b738
misc/system_user: Allowed configuring user directory parameters 5 years ago
Felix Stupp 0ea1dac688
account: Documentated input variables 
- username
- password
 5 years ago
Felix Stupp d9b4510200
account: Added variable for user directory 5 years ago
Felix Stupp c56ed16851
account: Added configuration for home directory 
For disabling other read rights on home directory
 5 years ago
Felix Stupp ad87ad2e7d
server/gitea: Removed dumping before update 
Global backup service should be enough
 5 years ago
Felix Stupp bef682140b
acme/certificate: Removed invalid command argument 5 years ago
Felix Stupp a3fde6aa3c
acme: Moved certificate handling to custom system user 
Avoided using root for acme.sh
Modified also role nginx/application
 5 years ago
Felix Stupp 9e20b807f1
acme/application: Removed getting if acme is installed 
As it should be installed or otherwise the playbook failed
 5 years ago
Felix Stupp 002ecc28b0
nginx/php-pool: Removed not needed system user configuration 5 years ago
Felix Stupp 5486d06226
nginx/php-fpm: Fixed removing default php-fpm pool 5 years ago
Felix Stupp 964099cfdb
nginx/php-fpm: Added configuration for php opcache 5 years ago
Felix Stupp c25df42253
common: Reworked ssh configuration generation 5 years ago
Felix Stupp 1a5a7b0611
server/nextcloud: Added app previewgenerator 
With its own cron job at 3
 5 years ago
Felix Stupp 380a5dbf2e
server/nextcloud: Added apps Deck, Dicomviewer and suspicious_login 5 years ago
Felix Stupp 1e5dd61270
wireguard/application: Extracted role misc/deb_unstable 5 years ago
Felix Stupp 0dab3bdad2
Added role node/server 5 years ago
Felix Stupp a74f532394
Added role node/application 5 years ago