348 Commits (18832f4eb03112550f6dfc14702a98a57a77901c)

Author SHA1 Message Date
Felix Stupp 8f35931033
server/minecraft: Configured apparmor profile 5 years ago
Felix Stupp b3648c9362
server/minecraft: systemd uses launch script for starting service 5 years ago
Felix Stupp 8643456bd9
server/minecraft: Added launch script 5 years ago
Felix Stupp f5bd293d83
server/minecraft: generalized configuring scripts 5 years ago
Felix Stupp ad24eed923
server/minecraft: systemd waits until server exited 5 years ago
Felix Stupp 898a30789a
server/minecraft: Allowed global defining of java version 5 years ago
Felix Stupp 37f93d9471
server/minecraft: Allowed auto detecting link for downloading server version 5 years ago
Felix Stupp 82db6cb8fd
Added role server/minecraft 5 years ago
Felix Stupp ae7361f4c6
server/gitea: update_gitea: Fixed getting newest version 5 years ago
Felix Stupp cf15eff4f4
server/gitea: update_gitea expanded arguments for readability 5 years ago
Felix Stupp fb0c1f0901
Changed "ansible_fqdn" to "inventory_hostname"
Due to some hosts misconfigure fqdn themselves
5 years ago
Felix Stupp 574b07f2f4
misc/deb_unstable: Allow configuring priority for unstable repository 5 years ago
Felix Stupp 429833c457
account: ignore_errors on configuring authorized_keys
Depends on server itself, so this should be optional
5 years ago
Felix Stupp 3547927d5a
acme/certificate: Added support for custom reload cmd 5 years ago
Felix Stupp 46bb166475
server/gitea: Use scp-style uri for ssh cloning 5 years ago
Felix Stupp 431f15b91f
server/gitea: Allow interacting via HTTP 5 years ago
Felix Stupp 67deed23a0
server/nextcloud: Remove become_user at include_tasks
Raised error
5 years ago
Felix Stupp 665b6710aa
git_auto_update: Fixed check if reload was successful 5 years ago
Felix Stupp 4445a53b28
git_auto_update: Allowed omiting of sign check 5 years ago
Felix Stupp c31f3c2f50
git_auto_update: update.sh: Fixed quoting of used variables 5 years ago
Felix Stupp 768cb0cfb4
Reworked wireguard configurations 5 years ago
Felix Stupp 70e92b8c94
Merge branch 'master' of git.banananet.work:banananetwork/ansible 5 years ago
Felix Stupp a667132cb4
server/nextcloud: Applied security patch
CVE-2019-11043
see https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/
5 years ago
Felix Stupp 9c63c8516b
nginx/application: Disabled SSL Session Tickets 5 years ago
Felix Stupp 409ea327f0
nginx/application: Increased ssl_cache timeout 5 years ago
Felix Stupp 94f1463a87
mysql/application: Fixed configuring query cache
- Added notify
- Changed path of config file
5 years ago
Felix Stupp e76d90a4f5
server/nextcloud: Added support for APCu cache 5 years ago
Felix Stupp 4c463055b4
server/nextcloud: Restricted regexp modifing nextcloud config 5 years ago
Felix Stupp b9f060a0ce
nginx/php-fpm: Added installation of apcu cache 5 years ago
Felix Stupp 7df2668208
nginx/php-fpm: Increased size of opcache memory consumption to 256 5 years ago
Felix Stupp 41a41c91fb
mysql/application: Added config for query cache 5 years ago
Felix Stupp 002128686d
server/tt-rss: Configured database to use UTF8MB4 5 years ago
Felix Stupp 206c940d16
nginx/php-pool: Tuned up childs at php 5 years ago
Felix Stupp a592e7f9c2
misc/debian_unstable: Added flush of handlers for refreshing apt cache 5 years ago
Felix Stupp 670833242a
misc/deb_unstable: Make mirror adaptive to server selection 5 years ago
Felix Stupp 68a0680cb6
misc/ip_discover: Fixed name for credentials directory 5 years ago
Felix Stupp 1f26debcf2
server/node: Added support for specific environment variables 5 years ago
Felix Stupp 34da73722c
Added role ip_discover 5 years ago
Felix Stupp 8b1d9ea65d
misc/docker: Disallowed duplicate execution of role 5 years ago
Felix Stupp d165074600
wireguard/application: Removed updating apt cache 5 years ago
Felix Stupp c73872df3a
misc/deb_unstable: Added updating of apt cache using handler 5 years ago
Felix Stupp 283e450c16
misc/handlers: Added handler "update apt cache" 5 years ago
Felix Stupp caf70f632e
server/node: Added missing handlers dependency 5 years ago
Felix Stupp fc897ea3b9
nginx/application: Fixed configuring resolver for OCSP Stapling 5 years ago
Felix Stupp 71945523fa
Added role misc/docker 5 years ago
Felix Stupp 71e1b4a17c
common: Added custom fact for dpkg architecture 5 years ago
Felix Stupp 3b86e1f5a6
server/nextcloud: Removed app tasks from nextcloud 5 years ago
Felix Stupp d0186923b2
server/spotme: Changed default system user to domain 5 years ago
Felix Stupp e4066f764a
server/nextcloud: Fixed location of admin credential 5 years ago
Felix Stupp d736b5714d
server/nextcloud: Changed default system user to domain 5 years ago
Felix Stupp 76fd5471e3
server/gitea: Fixed default tokens location 5 years ago
Felix Stupp 3804c7d138
server/gitea: Changed default system user to domain name 5 years ago
Felix Stupp 03884cbf3e
nginx/server: Allowed duplicates of role 5 years ago
Felix Stupp edf455bf66
nginx/application: Allowed dot files uploads by Nextcloud 5 years ago
Felix Stupp 9a129a7f2f
bootstrap: Added disconnect before removing privileged user 5 years ago
Felix Stupp 3324461e65
account: Added config for authorized_keys 5 years ago
Felix Stupp afc80db48a
common: backup_files.sh: Disable compression of gpg 5 years ago
Felix Stupp 2bd16aa377
Added role server/tt-rss 5 years ago
Felix Stupp c21ee11c66
nginx/application: Blocked all hidden directories except well-known 5 years ago
Felix Stupp 502606b1e3
nginx/application: Set type to text for test file 5 years ago
Felix Stupp 57e422b478
nginx/application: Disabled access_log on acme requests 5 years ago
Felix Stupp efc6431640
Added role server/php 5 years ago
Felix Stupp 8e28bcb0ec
Added role nginx/php 5 years ago
Felix Stupp 72e7857570
nginx/php-pool: Locked reading of php-pool configurations 5 years ago
Felix Stupp 3414e3fd85
nginx/php-pool: Changed group of src directory to nginx user 5 years ago
Felix Stupp 4f1fdf72c7
nginx/php-pool: Added support for env variables 5 years ago
Felix Stupp 452efc2717
common: Reconfigured bash in backup scripts
Added options for better error handling
5 years ago
Felix Stupp 7e5ec719d3
server/spotme: Replaced configuration of system user with role usage 5 years ago
Felix Stupp 8e7fd3db9d
git_auto_update: Set default gpg fingerprint to backup fingerprint 5 years ago
Felix Stupp b2b9466a28
common: Added global variable for backup gpg fingerprint 5 years ago
Felix Stupp a87b5d84e9
server/spotme: Made use of role node/application 5 years ago
Felix Stupp 5c1a6b6a89
common: Improved helper script gpg_import_url_key
- Disabled output from called commands
- Improved shell options when failing
- Alternative return code if key is already stored in keyring
5 years ago
Felix Stupp 151f2ca896
server/nextcloud: Removed disabled task "Upgrade Nextcloud" 5 years ago
Felix Stupp 25b140f90e
server/nextcloud: Enabled app viewer 5 years ago
Felix Stupp c129d94b73
server/nextcloud: Enabled app privacy 5 years ago
Felix Stupp 9537faa83d
server/nextcloud: Enabled app phonetrack 5 years ago
Felix Stupp d576736e03
server/nextcloud: Enabled app ocdownloader 5 years ago
Felix Stupp 0eacb52089
server/nextcloud: Enabled app files_markdown 5 years ago
Felix Stupp f5ee66de70
server/nextcloud: Enabled app files_ebookreader 5 years ago
Felix Stupp 0150c6191d
server/nextcloud: Enabled app cospend 5 years ago
Felix Stupp 3ffd6c06ac
server/nextcloud: Enabled app cookbook 5 years ago
Felix Stupp cae1f92b60
server/nextcloud: Disabled survey_client app 5 years ago
Felix Stupp 4d735edfe7
server/nextcloud: Added task for disabling not required apps 5 years ago
Felix Stupp 7ac7806dc7
Fixed some lint errors
- Added missing default parameters
- Added names to tasks
- Configured changed|failed_when options
- Used command instead of shell module
- Changed local_action to delegate_to
- Added line to file ending
5 years ago
Felix Stupp 02e63f5d2a
server/nextcloud: Moved enabled apps list from tasks to defaults 5 years ago
Felix Stupp 7d4f2a89aa
server/nextcloud: Removed previewgenerator app 5 years ago
Felix Stupp 1819787da4
server/spotme: Used external handler for daemon_reload 5 years ago
Felix Stupp 49f119c6e8
server/node: Used external handler for daemon_reload 5 years ago
Felix Stupp fd08d83275
Restricted permissions for service files 5 years ago
Felix Stupp 98386df525
Added role server/firefox-sync 5 years ago
Felix Stupp 8abcc88a13
server/nextcloud: Allow access for nginx for seeing php files 5 years ago
Felix Stupp ec6202bd61
server/gitea: Added doc for var domain on nginx/proxy 5 years ago
Felix Stupp 133d82e0bb
nginx/proxy: Added doc for var upstream_name 5 years ago
Felix Stupp b6e70b881a
acme: Fixed using correct home and config-home directories 5 years ago
Felix Stupp 5ea380e812
common: Fix auto backup database script
Encryption failed
5 years ago
Felix Stupp 2f8ef5dc34
Extracted global var for systemd configuration directory 5 years ago
Felix Stupp bcfd4cb010
Fixed missing mode setting for others
To disallow access from others than user and group
5 years ago
Felix Stupp 5afcd6b738
misc/system_user: Allowed configuring user directory parameters 5 years ago
Felix Stupp 0ea1dac688
account: Documentated input variables
- username
- password
5 years ago
Felix Stupp d9b4510200
account: Added variable for user directory 5 years ago
Felix Stupp c56ed16851
account: Added configuration for home directory
For disabling other read rights on home directory
5 years ago
Felix Stupp ad87ad2e7d
server/gitea: Removed dumping before update
Global backup service should be enough
5 years ago
Felix Stupp bef682140b
acme/certificate: Removed invalid command argument 5 years ago
Felix Stupp a3fde6aa3c
acme: Moved certificate handling to custom system user
Avoided using root for acme.sh
Modified also role nginx/application
5 years ago
Felix Stupp 9e20b807f1
acme/application: Removed getting if acme is installed
As it should be installed or otherwise the playbook failed
5 years ago
Felix Stupp 002ecc28b0
nginx/php-pool: Removed not needed system user configuration 5 years ago
Felix Stupp 5486d06226
nginx/php-fpm: Fixed removing default php-fpm pool 5 years ago
Felix Stupp 964099cfdb
nginx/php-fpm: Added configuration for php opcache 5 years ago
Felix Stupp c25df42253
common: Reworked ssh configuration generation 5 years ago
Felix Stupp 1a5a7b0611
server/nextcloud: Added app previewgenerator
With its own cron job at 3
5 years ago
Felix Stupp 380a5dbf2e
server/nextcloud: Added apps Deck, Dicomviewer and suspicious_login 5 years ago
Felix Stupp 1e5dd61270
wireguard/application: Extracted role misc/deb_unstable 5 years ago
Felix Stupp 0dab3bdad2
Added role node/server 5 years ago
Felix Stupp a74f532394
Added role node/application 5 years ago
Felix Stupp 852dbdb143
php-pool: Added domain to required variables (doc-only) 5 years ago
Felix Stupp 9595db481f
Added role misc/system_user 5 years ago
Felix Stupp b229a5c3bf
git_auto_update: Added reset command before checkout 5 years ago
Felix Stupp d570f3cdb3
git_auto_update: Allow reload_command failing during playbook execution 5 years ago
Felix Stupp 67f1e0919e
git_auto_update: Allowed asume group equals owner 5 years ago
Felix Stupp 0944fd798f
common: Added configuration of apt sources 5 years ago
Felix Stupp b6c860548e
server/nextcloud: Changed dependencies back to real one
Undo of 9216931b33
5 years ago
Felix Stupp edb298ebaa
server/nextcloud: Combined vars nextcloud_system_user and system_user 5 years ago
Felix Stupp 16d91d83bd
common: Added aptitude to list of common packages 5 years ago
Felix Stupp b4897778b6
server/spotme: Added source of credentials for git repo 5 years ago
Felix Stupp 243b804fa4
dns/master: Added CAA Entry for letsencrypt.org 5 years ago
Felix Stupp 02ff70e699
common: Added downloading and processing ssh host keys 5 years ago
Felix Stupp 6b36435d8d
server/nextcloud: Added libmagickcore to dependencies 5 years ago
Felix Stupp 6742f9789d
mysql/database: Allowed duplications 5 years ago
Felix Stupp 4a09419de4
mysql/application: Removed duplicated locking of user root 5 years ago
Felix Stupp ef666274ba
mysql/application: Combined removing test user for all hosts 5 years ago
Felix Stupp 6381fe6d83
server/nextcloud: Increased memory for php up to 1G 5 years ago
Felix Stupp 029fba1983
nginx/php-pool: Added support for custom memory_limit 5 years ago
Felix Stupp a0000e3c7f
nginx/php*: Fixed handler names for controlling php-fpm service 5 years ago
Felix Stupp 3a5881a721
common: Fixed handler "restart ssh" 5 years ago
Felix Stupp ce90f3dadf
nginx/php-fpm: Fixed getting php-fpm for newer versions of Debian 5 years ago
Felix Stupp 6509b01d71
acme: Added ToDo for "Create custom user ..." 5 years ago
Felix Stupp bae56869f6
acme/certificate: Enabled OCSP must-stable for certificates 5 years ago
Felix Stupp 9ba13c5d73
nginx/application: Enabled OCSP Stapling 5 years ago
Felix Stupp 22f14189c2
nginx/application: Enabled TLSv1.3 and reworked ciphers 5 years ago
Felix Stupp ce1f2fb132
nginx/application: Increased time for HSTS 5 years ago
Felix Stupp 5bed7d067a
nginx/application: Added localhost as resolver for nginx 5 years ago
Felix Stupp d9eb74649f
nginx/application: Fixed missing notify for templates 5 years ago
Felix Stupp 13736ece66
server/nextcloud: Fixed cron job running as the correct user 5 years ago
Felix Stupp 69ec4ef59c
server/nextcloud: Fixed name for cron job
For allowing different nextcloud instances work simultaneously
5 years ago
Felix Stupp 52c8e89ff4
server/nextcloud: Change version to newest release 5 years ago
Felix Stupp 1f9f70bc1c
server/nextcloud: Enabled nextcloud app social 5 years ago
Felix Stupp b381bdbd9e
server/nextcloud: Disabled php module mcrypt
Already preinstalled in base packages
5 years ago
Felix Stupp 4b7bb44141
server/nextcloud: Allow duplicates for role 5 years ago
Felix Stupp 4bb347344c
server/nextcloud: Moved user directory for nextcloud 5 years ago
Felix Stupp 9216931b33
server/nextcloud: Moved roles into tasks for creating user before 5 years ago