Felix Stupp
d7991e0bbb
dns/master: Added configuring configuration environment
5 years ago
Felix Stupp
5627a36949
dns/master: Extracted database_signed_file_name of database_signed_file
5 years ago
Felix Stupp
a206642f77
dns/master: Extracted database_file_name of database_file
5 years ago
Felix Stupp
36bf7f9d18
dns/master: Declared var domain to be required
5 years ago
Felix Stupp
141d343d6d
Extracted dns/handlers out of dns/applications
5 years ago
Felix Stupp
8e95846002
dns/master: Added create zone environment directory
5 years ago
Felix Stupp
de2bfe430c
dns/master: Rewrite create zone directories using loop
5 years ago
Felix Stupp
065050d5c2
dns/application: Added zone configuration environment directory
5 years ago
Felix Stupp
479430a9e9
dns/application: Reconfigured creating zone directories using loop
5 years ago
Felix Stupp
19b5fb3f9e
dns/application: Configured directory permissions for zones directory
5 years ago
Felix Stupp
8aacd27f31
dns/application: Configured group owner for bind main configuration
5 years ago
Felix Stupp
c8dc602f09
account: Configure sudo insults
5 years ago
Felix Stupp
ff3d6cba8e
Added group os_raspbian
5 years ago
Felix Stupp
78032d343f
common: Made sources.list dependent of distribution
5 years ago
Felix Stupp
5555c86357
server/gitea: Reworked configuration with defaults
5 years ago
Felix Stupp
a9798fedc8
server/gitea: Fixed output of wget in update script
5 years ago
Felix Stupp
e9db3d7d56
misc/backup: Secured shell commands for file backups
5 years ago
Felix Stupp
a150266548
server/minecraft: Enabled auto backup
5 years ago
Felix Stupp
6dd5c75e67
misc/backup_files: Added support for commands executed before / after backup
5 years ago
Felix Stupp
3fb273aaae
server/minecraft: Fixed downloading Minecraft Server version
5 years ago
Felix Stupp
e0342a6bba
server/linx: Added helper script for uploading files to the service
5 years ago
Felix Stupp
3737a2ad10
server/nextcloud: Added apps against ransomware to default
5 years ago
Felix Stupp
e24613d02c
acme/application: Added installing helper scripts for managing
5 years ago
Felix Stupp
e2b7778c8b
nginx/application: Changed Referrer-Policy to strict-origin
...
For better enforcing of secure handling of referrer information
5 years ago
Felix Stupp
54a8ad0d86
server/nextcloud: Removed doubled referrer-policy
...
Referrer-Policy already configured by global configuration
5 years ago
Felix Stupp
1855deb351
nginx/server: Documentated required variables
5 years ago
Felix Stupp
bc8233990f
common: Scheduled removal of old backups at 0:30
...
So for the most time two states are stored on the server.
The storage which will stay free can be better used to calculate the
storage which can still be used by dividing the free storage by 3.
5 years ago
Felix Stupp
ff054f4a04
Added role server/linx
5 years ago
Felix Stupp
8b75c49917
nginx/proxy: Made dependent on nginx/server and allowed additional directives
5 years ago
Felix Stupp
92b98dd3fe
server/gitea: Allow duplicate execution of role for multiple servers
5 years ago
Felix Stupp
79cf87663e
server/minecraft: Removed comment "for naming" of minecraft_version
...
As the minecraft_version now indicates the to get installed version
5 years ago
Felix Stupp
d0907975ad
server/minecraft: Allow query requests in minecraft server
5 years ago
Felix Stupp
a65ba1ec64
server/minecraft: Allow query requests through firewall
5 years ago
Felix Stupp
7fad2a89be
server/minecraft: Allow configure of query port
5 years ago
Felix Stupp
adbfd8dff0
server/minecraft: Added comment to firewall rule for server
5 years ago
Felix Stupp
ffd1ff826e
server/minecraft: Fix query port to default minecraft port
5 years ago
Felix Stupp
dd86bec08b
server/minecraft: Allow configure motd
5 years ago
Felix Stupp
d37c1c58bb
misc/backup_files: Allow multiple file backups (bugfix)
5 years ago
Felix Stupp
ecd0eb1eaa
mysql/backup_database: Allow multiple databases backups (bugfix)
5 years ago
Felix Stupp
3f64b70b04
server/minecraft: Optimized JVM execution
5 years ago
Felix Stupp
f3db11cdfe
server/minecraft: Increased priority of service (nice decreased to 2)
5 years ago
Felix Stupp
295554e947
server/minecraft: Allow configuring view distance
5 years ago
Felix Stupp
fea798b83c
server/minecraft: Decreased view distance to 10
5 years ago
Felix Stupp
46889a6e04
server/minecraft/launch: Configured JVM to server mode
5 years ago
Felix Stupp
fc39db2a48
server/minecraft: Added loop_control to complex loops
5 years ago
Felix Stupp
3912baef87
server/minecraft: Added handler for restart if service controlling scripts where changed
5 years ago
Felix Stupp
9d177c783d
server/minecraft: Split service controlling scripts and server controlling scripts
5 years ago
Felix Stupp
9dbd811fdb
server/minecraft/apparmor: Allowed access for checking player logins
5 years ago
Felix Stupp
a4db0c47a2
server/minecraft/launch: Split scipt line into line per argument
5 years ago
Felix Stupp
f8a8f62911
server/minecraft/service: Added sending warning to players about restart
5 years ago
Felix Stupp
895989ec4b
server/minecraft/service: Allowed installation of service
5 years ago
Felix Stupp
08dd7ccc26
server/minecraft: Combined default start_ram and max_ram to ram
5 years ago
Felix Stupp
75d45b724a
server/minecraft: Moved apparmor profile to AA's default location
5 years ago
Felix Stupp
79833e52ca
server/minecraft/apparmor: Used variables for java path replacing version and architecture
5 years ago
Felix Stupp
16fc6bd1f0
server/minecraft/apparmor: Used variables instead of fixed paths
5 years ago
Felix Stupp
5e1e4e6b0a
server/minecraft/apparmor: Fixed access to data directory
5 years ago
Felix Stupp
443de0c28b
server/minecraft/apparmor: Replaced wildcard with pid of protected process
5 years ago
Felix Stupp
f67d2e7414
server/minecraft/apparmor: Reorded /proc directives
5 years ago
Felix Stupp
a4535893a2
mysql/backup_database: Fixed creating correct directory
5 years ago
Felix Stupp
e62a3c7232
common: backup_autoremove: force rm
...
so no error occurs because no parameter was given
5 years ago
Felix Stupp
00fa7852e1
common: backup_autoremove: Fix call find
5 years ago
Felix Stupp
102de98479
common: Configured auto remove of backups
5 years ago
Felix Stupp
8623d84b01
common: Ordered backup_files before backup_mysql_database
5 years ago
Felix Stupp
fce052c32b
common: backup_rename: Fixed getting multiple extensions
5 years ago
Felix Stupp
10ef319008
Moved mysql database backups into certain directory
5 years ago
Felix Stupp
4be0e9377f
Moved file backups into certain directories
5 years ago
Felix Stupp
c959db1d3f
common: backup_mysql_database: Adapted script to structure of backup_files
5 years ago
Felix Stupp
63e0a85dc0
common: backup_files: Rename backups to just date.ext
5 years ago
Felix Stupp
07706a1119
common: backup_rename: Surrounded variable contents with quotation marks
5 years ago
Felix Stupp
a4b47021c3
Replaced shebangs using /usr/bin/env
5 years ago
Felix Stupp
d66a4b5b24
mysql/backup_database: Removed TODO for special user
...
Is not good adaptable in current structure
5 years ago
Felix Stupp
cbb4b5eb79
mysql/backup_database: Create separate script containing backup command
5 years ago
Felix Stupp
fa16579311
misc/backup_files: Create separate script containing backup command
5 years ago
Felix Stupp
e6cbc59571
common: Added create backup scripts directories
5 years ago
Felix Stupp
5b253fd6b6
common: Generalized creating directories for scripts
5 years ago
Felix Stupp
8303d0126e
Extracted role misc/backup_files from server/{gitea,nextcloud}
5 years ago
Felix Stupp
83e249e73c
server/gitea: Removed already done TODO
5 years ago
Felix Stupp
5443259453
mysql/backup_database: Renamed cron job
5 years ago
Felix Stupp
94ee600180
common: backup_files: Fixed packing tar
5 years ago
Felix Stupp
99c4c21cad
Reordered backups_files_directory above backups_mysql_database_directory
5 years ago
Felix Stupp
4874bc2bbd
Renamed global variable backups_databases_directory to backups_mysql_database_directory
...
In order to specify and separate backups of different database services
5 years ago
Felix Stupp
fdb08f1eaf
Extracted role mysql/backup_database from mysql/database
5 years ago
Felix Stupp
73f1db7961
Specified backup_database to backup_mysql_database
5 years ago
Felix Stupp
e8503c41a4
common: Replaced buffer with pv as buffer
...
Also increased buffer size to 256M
5 years ago
Felix Stupp
4c9a2a8eb7
common: Reformated commands
5 years ago
Felix Stupp
9b80b89f27
server/minecraft: Configured rcon port automatically using server port
5 years ago
Felix Stupp
8f35931033
server/minecraft: Configured apparmor profile
5 years ago
Felix Stupp
b3648c9362
server/minecraft: systemd uses launch script for starting service
5 years ago
Felix Stupp
8643456bd9
server/minecraft: Added launch script
5 years ago
Felix Stupp
f5bd293d83
server/minecraft: generalized configuring scripts
5 years ago
Felix Stupp
ad24eed923
server/minecraft: systemd waits until server exited
5 years ago
Felix Stupp
898a30789a
server/minecraft: Allowed global defining of java version
5 years ago
Felix Stupp
37f93d9471
server/minecraft: Allowed auto detecting link for downloading server version
5 years ago
Felix Stupp
82db6cb8fd
Added role server/minecraft
5 years ago
Felix Stupp
ae7361f4c6
server/gitea: update_gitea: Fixed getting newest version
5 years ago
Felix Stupp
cf15eff4f4
server/gitea: update_gitea expanded arguments for readability
5 years ago
Felix Stupp
fb0c1f0901
Changed "ansible_fqdn" to "inventory_hostname"
...
Due to some hosts misconfigure fqdn themselves
5 years ago
Felix Stupp
574b07f2f4
misc/deb_unstable: Allow configuring priority for unstable repository
5 years ago
Felix Stupp
429833c457
account: ignore_errors on configuring authorized_keys
...
Depends on server itself, so this should be optional
5 years ago
Felix Stupp
3547927d5a
acme/certificate: Added support for custom reload cmd
5 years ago
Felix Stupp
46bb166475
server/gitea: Use scp-style uri for ssh cloning
5 years ago
Felix Stupp
431f15b91f
server/gitea: Allow interacting via HTTP
5 years ago
Felix Stupp
67deed23a0
server/nextcloud: Remove become_user at include_tasks
...
Raised error
5 years ago
Felix Stupp
665b6710aa
git_auto_update: Fixed check if reload was successful
5 years ago
Felix Stupp
4445a53b28
git_auto_update: Allowed omiting of sign check
5 years ago
Felix Stupp
c31f3c2f50
git_auto_update: update.sh: Fixed quoting of used variables
5 years ago
Felix Stupp
768cb0cfb4
Reworked wireguard configurations
5 years ago
Felix Stupp
70e92b8c94
Merge branch 'master' of git.banananet.work:banananetwork/ansible
5 years ago
Felix Stupp
a667132cb4
server/nextcloud: Applied security patch
...
CVE-2019-11043
see https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/
5 years ago
Felix Stupp
9c63c8516b
nginx/application: Disabled SSL Session Tickets
5 years ago
Felix Stupp
409ea327f0
nginx/application: Increased ssl_cache timeout
5 years ago
Felix Stupp
94f1463a87
mysql/application: Fixed configuring query cache
...
- Added notify
- Changed path of config file
5 years ago
Felix Stupp
e76d90a4f5
server/nextcloud: Added support for APCu cache
5 years ago
Felix Stupp
4c463055b4
server/nextcloud: Restricted regexp modifing nextcloud config
5 years ago
Felix Stupp
b9f060a0ce
nginx/php-fpm: Added installation of apcu cache
5 years ago
Felix Stupp
7df2668208
nginx/php-fpm: Increased size of opcache memory consumption to 256
5 years ago
Felix Stupp
41a41c91fb
mysql/application: Added config for query cache
5 years ago
Felix Stupp
002128686d
server/tt-rss: Configured database to use UTF8MB4
5 years ago
Felix Stupp
206c940d16
nginx/php-pool: Tuned up childs at php
5 years ago
Felix Stupp
a592e7f9c2
misc/debian_unstable: Added flush of handlers for refreshing apt cache
5 years ago
Felix Stupp
670833242a
misc/deb_unstable: Make mirror adaptive to server selection
5 years ago
Felix Stupp
68a0680cb6
misc/ip_discover: Fixed name for credentials directory
5 years ago
Felix Stupp
1f26debcf2
server/node: Added support for specific environment variables
5 years ago
Felix Stupp
34da73722c
Added role ip_discover
5 years ago
Felix Stupp
8b1d9ea65d
misc/docker: Disallowed duplicate execution of role
5 years ago
Felix Stupp
d165074600
wireguard/application: Removed updating apt cache
5 years ago
Felix Stupp
c73872df3a
misc/deb_unstable: Added updating of apt cache using handler
5 years ago
Felix Stupp
283e450c16
misc/handlers: Added handler "update apt cache"
5 years ago
Felix Stupp
caf70f632e
server/node: Added missing handlers dependency
5 years ago
Felix Stupp
fc897ea3b9
nginx/application: Fixed configuring resolver for OCSP Stapling
5 years ago
Felix Stupp
71945523fa
Added role misc/docker
5 years ago
Felix Stupp
71e1b4a17c
common: Added custom fact for dpkg architecture
5 years ago
Felix Stupp
3b86e1f5a6
server/nextcloud: Removed app tasks from nextcloud
5 years ago
Felix Stupp
d0186923b2
server/spotme: Changed default system user to domain
5 years ago
Felix Stupp
e4066f764a
server/nextcloud: Fixed location of admin credential
5 years ago
Felix Stupp
d736b5714d
server/nextcloud: Changed default system user to domain
5 years ago
Felix Stupp
76fd5471e3
server/gitea: Fixed default tokens location
5 years ago
Felix Stupp
3804c7d138
server/gitea: Changed default system user to domain name
5 years ago
Felix Stupp
03884cbf3e
nginx/server: Allowed duplicates of role
5 years ago
Felix Stupp
edf455bf66
nginx/application: Allowed dot files uploads by Nextcloud
5 years ago
Felix Stupp
9a129a7f2f
bootstrap: Added disconnect before removing privileged user
5 years ago
Felix Stupp
3324461e65
account: Added config for authorized_keys
5 years ago
Felix Stupp
afc80db48a
common: backup_files.sh: Disable compression of gpg
5 years ago
Felix Stupp
2bd16aa377
Added role server/tt-rss
5 years ago
Felix Stupp
c21ee11c66
nginx/application: Blocked all hidden directories except well-known
5 years ago
Felix Stupp
502606b1e3
nginx/application: Set type to text for test file
5 years ago
Felix Stupp
57e422b478
nginx/application: Disabled access_log on acme requests
5 years ago
Felix Stupp
efc6431640
Added role server/php
5 years ago
Felix Stupp
8e28bcb0ec
Added role nginx/php
5 years ago
Felix Stupp
72e7857570
nginx/php-pool: Locked reading of php-pool configurations
5 years ago
Felix Stupp
3414e3fd85
nginx/php-pool: Changed group of src directory to nginx user
5 years ago
Felix Stupp
4f1fdf72c7
nginx/php-pool: Added support for env variables
5 years ago
Felix Stupp
452efc2717
common: Reconfigured bash in backup scripts
...
Added options for better error handling
5 years ago
Felix Stupp
7e5ec719d3
server/spotme: Replaced configuration of system user with role usage
5 years ago
Felix Stupp
8e7fd3db9d
git_auto_update: Set default gpg fingerprint to backup fingerprint
5 years ago
Felix Stupp
b2b9466a28
common: Added global variable for backup gpg fingerprint
5 years ago
Felix Stupp
a87b5d84e9
server/spotme: Made use of role node/application
5 years ago
Felix Stupp
5c1a6b6a89
common: Improved helper script gpg_import_url_key
...
- Disabled output from called commands
- Improved shell options when failing
- Alternative return code if key is already stored in keyring
5 years ago
Felix Stupp
151f2ca896
server/nextcloud: Removed disabled task "Upgrade Nextcloud"
5 years ago
Felix Stupp
25b140f90e
server/nextcloud: Enabled app viewer
5 years ago
Felix Stupp
c129d94b73
server/nextcloud: Enabled app privacy
5 years ago
Felix Stupp
9537faa83d
server/nextcloud: Enabled app phonetrack
5 years ago
Felix Stupp
d576736e03
server/nextcloud: Enabled app ocdownloader
5 years ago
Felix Stupp
0eacb52089
server/nextcloud: Enabled app files_markdown
5 years ago
Felix Stupp
f5ee66de70
server/nextcloud: Enabled app files_ebookreader
5 years ago
Felix Stupp
0150c6191d
server/nextcloud: Enabled app cospend
5 years ago
Felix Stupp
3ffd6c06ac
server/nextcloud: Enabled app cookbook
5 years ago
Felix Stupp
cae1f92b60
server/nextcloud: Disabled survey_client app
5 years ago
Felix Stupp
4d735edfe7
server/nextcloud: Added task for disabling not required apps
5 years ago
Felix Stupp
7ac7806dc7
Fixed some lint errors
...
- Added missing default parameters
- Added names to tasks
- Configured changed|failed_when options
- Used command instead of shell module
- Changed local_action to delegate_to
- Added line to file ending
5 years ago
Felix Stupp
02e63f5d2a
server/nextcloud: Moved enabled apps list from tasks to defaults
5 years ago
Felix Stupp
7d4f2a89aa
server/nextcloud: Removed previewgenerator app
5 years ago
Felix Stupp
1819787da4
server/spotme: Used external handler for daemon_reload
5 years ago
Felix Stupp
49f119c6e8
server/node: Used external handler for daemon_reload
5 years ago
Felix Stupp
fd08d83275
Restricted permissions for service files
5 years ago
Felix Stupp
98386df525
Added role server/firefox-sync
5 years ago
Felix Stupp
8abcc88a13
server/nextcloud: Allow access for nginx for seeing php files
5 years ago
Felix Stupp
ec6202bd61
server/gitea: Added doc for var domain on nginx/proxy
5 years ago
Felix Stupp
133d82e0bb
nginx/proxy: Added doc for var upstream_name
5 years ago
Felix Stupp
b6e70b881a
acme: Fixed using correct home and config-home directories
5 years ago
Felix Stupp
5ea380e812
common: Fix auto backup database script
...
Encryption failed
5 years ago
Felix Stupp
2f8ef5dc34
Extracted global var for systemd configuration directory
5 years ago
Felix Stupp
bcfd4cb010
Fixed missing mode setting for others
...
To disallow access from others than user and group
5 years ago
Felix Stupp
5afcd6b738
misc/system_user: Allowed configuring user directory parameters
5 years ago
Felix Stupp
0ea1dac688
account: Documentated input variables
...
- username
- password
5 years ago
Felix Stupp
d9b4510200
account: Added variable for user directory
5 years ago
Felix Stupp
c56ed16851
account: Added configuration for home directory
...
For disabling other read rights on home directory
5 years ago
Felix Stupp
ad87ad2e7d
server/gitea: Removed dumping before update
...
Global backup service should be enough
5 years ago
Felix Stupp
bef682140b
acme/certificate: Removed invalid command argument
5 years ago
Felix Stupp
a3fde6aa3c
acme: Moved certificate handling to custom system user
...
Avoided using root for acme.sh
Modified also role nginx/application
5 years ago
Felix Stupp
9e20b807f1
acme/application: Removed getting if acme is installed
...
As it should be installed or otherwise the playbook failed
5 years ago
Felix Stupp
002ecc28b0
nginx/php-pool: Removed not needed system user configuration
5 years ago
Felix Stupp
5486d06226
nginx/php-fpm: Fixed removing default php-fpm pool
5 years ago
Felix Stupp
964099cfdb
nginx/php-fpm: Added configuration for php opcache
5 years ago
Felix Stupp
c25df42253
common: Reworked ssh configuration generation
5 years ago
Felix Stupp
1a5a7b0611
server/nextcloud: Added app previewgenerator
...
With its own cron job at 3
5 years ago
Felix Stupp
380a5dbf2e
server/nextcloud: Added apps Deck, Dicomviewer and suspicious_login
5 years ago
Felix Stupp
1e5dd61270
wireguard/application: Extracted role misc/deb_unstable
5 years ago
Felix Stupp
0dab3bdad2
Added role node/server
5 years ago
Felix Stupp
a74f532394
Added role node/application
5 years ago
Felix Stupp
852dbdb143
php-pool: Added domain to required variables (doc-only)
5 years ago
Felix Stupp
9595db481f
Added role misc/system_user
5 years ago
Felix Stupp
b229a5c3bf
git_auto_update: Added reset command before checkout
5 years ago
Felix Stupp
d570f3cdb3
git_auto_update: Allow reload_command failing during playbook execution
5 years ago
Felix Stupp
67f1e0919e
git_auto_update: Allowed asume group equals owner
5 years ago
Felix Stupp
0944fd798f
common: Added configuration of apt sources
5 years ago
Felix Stupp
b6c860548e
server/nextcloud: Changed dependencies back to real one
...
Undo of 9216931b33
5 years ago
Felix Stupp
edb298ebaa
server/nextcloud: Combined vars nextcloud_system_user and system_user
5 years ago
Felix Stupp
16d91d83bd
common: Added aptitude to list of common packages
5 years ago
Felix Stupp
b4897778b6
server/spotme: Added source of credentials for git repo
5 years ago
Felix Stupp
243b804fa4
dns/master: Added CAA Entry for letsencrypt.org
5 years ago
Felix Stupp
02ff70e699
common: Added downloading and processing ssh host keys
5 years ago
Felix Stupp
6b36435d8d
server/nextcloud: Added libmagickcore to dependencies
5 years ago
Felix Stupp
6742f9789d
mysql/database: Allowed duplications
5 years ago
Felix Stupp
4a09419de4
mysql/application: Removed duplicated locking of user root
5 years ago
Felix Stupp
ef666274ba
mysql/application: Combined removing test user for all hosts
5 years ago
Felix Stupp
6381fe6d83
server/nextcloud: Increased memory for php up to 1G
5 years ago
Felix Stupp
029fba1983
nginx/php-pool: Added support for custom memory_limit
5 years ago
Felix Stupp
a0000e3c7f
nginx/php*: Fixed handler names for controlling php-fpm service
5 years ago
Felix Stupp
3a5881a721
common: Fixed handler "restart ssh"
5 years ago
Felix Stupp
ce90f3dadf
nginx/php-fpm: Fixed getting php-fpm for newer versions of Debian
5 years ago
Felix Stupp
6509b01d71
acme: Added ToDo for "Create custom user ..."
5 years ago
Felix Stupp
bae56869f6
acme/certificate: Enabled OCSP must-stable for certificates
5 years ago
Felix Stupp
9ba13c5d73
nginx/application: Enabled OCSP Stapling
5 years ago
Felix Stupp
22f14189c2
nginx/application: Enabled TLSv1.3 and reworked ciphers
5 years ago
Felix Stupp
ce1f2fb132
nginx/application: Increased time for HSTS
5 years ago
Felix Stupp
5bed7d067a
nginx/application: Added localhost as resolver for nginx
5 years ago
Felix Stupp
d9eb74649f
nginx/application: Fixed missing notify for templates
5 years ago
Felix Stupp
13736ece66
server/nextcloud: Fixed cron job running as the correct user
5 years ago
Felix Stupp
69ec4ef59c
server/nextcloud: Fixed name for cron job
...
For allowing different nextcloud instances work simultaneously
5 years ago
Felix Stupp
52c8e89ff4
server/nextcloud: Change version to newest release
5 years ago
Felix Stupp
1f9f70bc1c
server/nextcloud: Enabled nextcloud app social
5 years ago
Felix Stupp
b381bdbd9e
server/nextcloud: Disabled php module mcrypt
...
Already preinstalled in base packages
5 years ago
Felix Stupp
4b7bb44141
server/nextcloud: Allow duplicates for role
5 years ago
Felix Stupp
4bb347344c
server/nextcloud: Moved user directory for nextcloud
5 years ago
Felix Stupp
9216931b33
server/nextcloud: Moved roles into tasks for creating user before
5 years ago
Felix Stupp
826cc1d0b7
common: Added creating of backup files directory
5 years ago
Felix Stupp
1602022134
mysql: Added auto backuping databases
5 years ago
Felix Stupp
53643f6c99
server/nextcloud: Added support for auto backuping data directory
5 years ago
Felix Stupp
f77d57eba8
server/gitea: Added auto backup support for repositories
5 years ago
Felix Stupp
39e7f60aba
common: Fixed syntax in backup_databases.sh script
5 years ago
Felix Stupp
c02b88bf2e
common: Added support for files backups
5 years ago
Felix Stupp
f61da86598
server/nextcloud: Reordered background job and update task
5 years ago
Felix Stupp
c2b060df9e
common: Added support for backup databases
5 years ago
Felix Stupp
fcba624ac5
common: Fixed typo in task name for packages
5 years ago
Felix Stupp
d3f2e8d4b5
Added role wireguard/special_client
5 years ago
Felix Stupp
96ae42477f
Added role wireguard/application
5 years ago
Felix Stupp
93f1207bf9
Added role server/spotme
5 years ago
Felix Stupp
93f30e6919
Added role server/nextcloud
5 years ago
Felix Stupp
0bec0a9630
Added role nginx/server
5 years ago
Felix Stupp
3f19422c0c
Added role nginx/php-pool
5 years ago
Felix Stupp
692b9bf74b
Added role nginx/php-fpm
...
For php-fpm setup
5 years ago
Felix Stupp
30f2210481
git_auto_update: Renamed variable name to repo_name
5 years ago
Felix Stupp
e04596e4ab
common: Added dirmngr to packages
5 years ago
Felix Stupp
0df56b9ddc
common: Added helper scripts support and gpg_import_url_key
5 years ago
Felix Stupp
0e8234fa08
common: Fixed ufw setting default deny for incoming traffic
5 years ago
Felix Stupp
9cdc7ccd91
common: Generate locale for german
5 years ago
Felix Stupp
83c2dde55c
server/gitea: Added usage of handlers
5 years ago
Felix Stupp
c10bb0160d
Added role misc/handlers
...
As handlers collection for general, preinstalled applications
5 years ago
Felix Stupp
262cba5952
server/gitea: Removed note about change required
5 years ago
Felix Stupp
3327a9e4b4
server/gitea: Used derivation of pass/name by database role
5 years ago
Felix Stupp
c9206ff499
mysql/database: Added derivation of password and database name
5 years ago
Felix Stupp
df88e582a7
dns/master: Added dnssec support
...
- Generation of keys
- Signing zone after each change
5 years ago
Felix Stupp
69026d8d27
dns/master: Moved zone files into directory per zone
5 years ago
Felix Stupp
93891c25a5
dns/application: Added config for bind9
...
- Enabled dnssec by default
5 years ago
Felix Stupp
befbff3c7e
dns/master: Added prefix for paths to vars in default
5 years ago
Felix Stupp
f85d1a4477
roles/nginx/forward: nginx configuration "redirect" -> "return"
6 years ago
Felix Stupp
d938fdfb39
roles/nginx/forward: Fixed name of configuration template
6 years ago
Felix Stupp
3fbead1377
Added roles/server/static
6 years ago
Felix Stupp
f20776e1bd
Added roles/git_auto_update
6 years ago
Felix Stupp
2b63f1a248
Added roles/dns/{application,master,slave}
6 years ago
Felix Stupp
b804ae005e
roles/server/gitea: Fixed creating dump on first download
6 years ago
Felix Stupp
1965972379
roles/server/gitea: Changed gpg keyserver pool to europe only
...
Because latency is lower
6 years ago
Felix Stupp
e0464d5ddb
roles/server/gitea: Reworked gitea / service configuration
6 years ago
Felix Stupp
a3d6116caa
roles/server/gitea: Fixed cron configuration
6 years ago
Felix Stupp
e7bdb5f26b
roles/server/gitea: Run update script as root
6 years ago
Felix Stupp
f0f8a4a5c3
roles/server/gitea: Reordered configuration
6 years ago
Felix Stupp
542bf0809c
roles/server/gitea: Defined default variable backend_socket
6 years ago
Felix Stupp
65d8840abb
roles/server/gitea: Reworked owner, group and mode settings for directories
6 years ago
Felix Stupp
2bce35c643
roles/server/gitea: Defined shell for user git
6 years ago
Felix Stupp
286aac3470
roles/server/gitea: Reworked usage of nginx/proxy
6 years ago
Felix Stupp
7d8be15582
roles/nginx/proxy: Reworked proxy to adapt to upstreams
6 years ago
Felix Stupp
bdf96b6eeb
roles/nginx/static added
6 years ago
Felix Stupp
309d23ba8a
roles/nginx: Reworked upstreams
6 years ago
Felix Stupp
6c310a8f3d
roles/nginx/application: Set allow_duplicates to false
6 years ago
Felix Stupp
6b376cacfa
roles/nginx/application: Added snippets acme and root
6 years ago
Felix Stupp
da676ebc32
roles/nginx/application: Included upstreams directory
6 years ago
Felix Stupp
7e56f8ada5
roles/nginx/application: Fixed global forwarding to https
6 years ago
Felix Stupp
097ff3d743
roles/nginx/application: Fixed nginx variable configuration
6 years ago
Felix Stupp
5676165f1c
roles/nginx/application: Fixed configuration for global logs
6 years ago
Felix Stupp
d80261fe53
roles/nginx/application: Added validation for nginx.conf
6 years ago
Felix Stupp
007c7ed2a4
roles/nginx/application: Fixed task names containing item keyword
6 years ago
Felix Stupp
fad2b9bc7c
Removed forwarding of domain variable causing loop of resolving
6 years ago
Felix Stupp
8c55df251a
mysql/database: Renamed database parameters
6 years ago
Felix Stupp
4225f14774
roles/mysql/application: Removed unnecessary quotes
6 years ago
Felix Stupp
021cd2cb57
roles/mysql: Fixed handling of handlers
6 years ago
Felix Stupp
3894d27b25
roles/mysql/application: Fixed generating credentials
6 years ago
Felix Stupp
401d9bbb16
roles/hostname: Fixed setting hostname in /etc/hostname: Added newline
6 years ago
Felix Stupp
f2c6d0d249
roles/common: Create directory for all auto update scripts
6 years ago
Felix Stupp
60b6d4778e
roles/common: Store ssh public key of root locally
6 years ago
Felix Stupp
c49e9cc9b9
roles/common: Create ssh key for root user by default
6 years ago
Felix Stupp
014c5d7c92
roles/common: Removed credentials feature
6 years ago
Felix Stupp
ae8482c883
roles/server/gitea: Removed old file update_gitea.sh
...
Replaced by template update_gitea.sh
6 years ago
Felix Stupp
b0c25e6cb3
roles/server/gitea: Moved update script path to global location
6 years ago
Felix Stupp
a408ba3e86
roles/server/gitea: Fixed creating credentials
6 years ago
Felix Stupp
ec446f4986
roles/server/gitea: Adapted location of user directory
6 years ago
Felix Stupp
9321e75b4b
roles/server/gitea: Fixed default name of service
6 years ago
Felix Stupp
d3a6337a24
Removed role close_credentials
6 years ago
Felix Stupp
1dd31a451f
acme_certificate: Defined changed_when for calling acme.sh
6 years ago
Felix Stupp
226bc9c873
Reconfigured nginx / acme validation handling
6 years ago
Felix Stupp
308c6a95d4
Configured allow_duplicates for several roles
6 years ago
Felix Stupp
f502ba4574
Added role nginx/proxy
...
Also added needed dependencies
6 years ago
Felix Stupp
7122bcf9e3
nginx/application: Enabled acme verification for all over http
6 years ago
Felix Stupp
facee1a61d
nginx/application: Extracted acme snippets from global
6 years ago
Felix Stupp
d08159eb24
nginx/application: Removed duplicated ssl configuration
6 years ago
Felix Stupp
b49a832759
nginx/application: Added rules for firewall
6 years ago
Felix Stupp
2186137327
nginx/application: Used vars in nginx.conf
6 years ago
Felix Stupp
7a84ae4fdc
nginx/application: Fixed uploading and including snippets
6 years ago
Felix Stupp
ec59a31dea
roles/nginx/forward: Changed var name "destination" to "dest"
6 years ago
Felix Stupp
c5a170bf2e
roles/bootstrap: Added sudo to required packages
6 years ago
Felix Stupp
63ca530071
roles/common: Added dnsutils to common packages
6 years ago
Felix Stupp
6a6e2f6602
Moved dependency of certificate validation directory to nginx role
6 years ago
Felix Stupp
01fafa5ca1
nginx: Reworked global ssl and https configuration
6 years ago
Felix Stupp
c2bd392675
Added role nginx/forward
6 years ago
Felix Stupp
08ebc2f5cb
Added role nginx/application
6 years ago
Felix Stupp
b380249c0c
Added role nginx/all_mail_proxy
6 years ago
Felix Stupp
88afbf7106
Added role nginx/mail_proxy
6 years ago
Felix Stupp
fad1abc638
Added role server/gitea
6 years ago
Felix Stupp
80dc14fd96
Added roles for mysql
6 years ago
Felix Stupp
3910b1bac6
Added role hostname
6 years ago
Felix Stupp
596c03fe22
Added role bootstrap
6 years ago
Felix Stupp
04b571f59c
Added role account
6 years ago
Felix Stupp
d3494ed1b9
Added role common
6 years ago
Felix Stupp
4862b9dd69
Added roles for automatic certificate issue with acme.sh
6 years ago