792 Commits (99cee859bbda996c120a5eed42294e00e8caa218)
 

Author SHA1 Message Date
Felix Stupp 61c7f72422
nginx/server: Removed ssl on directive
Should no longer be used, listen + ssl marker is working as expected
5 years ago
Felix Stupp fbca70f81f
dns/master: Create keys directory writeable for bind
To apply KASP later
5 years ago
Felix Stupp d73e250b36
dns/master: Changed owner and adapted permissions of zone directory 5 years ago
Felix Stupp 22fde40ac5
dns/application: Changed bind9 source to official source 5 years ago
Felix Stupp 415b107bbc
vscode configuration: Fixed path to python3 executable for syntax check 5 years ago
Felix Stupp a51225ccc8
dns/application: Allowed bind using AppArmor to write temporary journal files 5 years ago
Felix Stupp 3932501d54
playbooks/dns: Fixed mx records for secondary domains 5 years ago
Felix Stupp 646e6d5c75
dns: Configured service name using global variable 5 years ago
Felix Stupp 77d1e84117
dns: Fixed variable structure of var domain_environment_directory 5 years ago
Felix Stupp be8418d546
misc/backup_files: Added variable backup_name as alternative of name by domain 5 years ago
Felix Stupp 12e47c19c9
all/vars: Added var global_log_directory
Added usage in role nginx/application
5 years ago
Felix Stupp 95db4cad65
nvak: Configured turnips.banananet.work 5 years ago
Felix Stupp 51404e3a3d
misc/system_user: Added output var system_user_info 5 years ago
Felix Stupp 08a37c6dab
nginx/application: Configure dhparams for SSL 5 years ago
Felix Stupp 586163c9d0
Added role misc/dhparams 5 years ago
Felix Stupp 69a0b5fd69
nvak: Added forwarding of www.banananet.work to main site 5 years ago
Felix Stupp ab13a1272f
playbooks/group_bwcloud: Configure preserve hostname for cloud-kernel 5 years ago
Felix Stupp 6fbf62cddd
dns/application: Added zone.db.jnl files to allowed files for bind to write 5 years ago
Felix Stupp f2e669734b
common: Readd package acl
Required for ansible temporary files if becoming an unprivileged user, see
https://docs.ansible.com/ansible/latest/user_guide/become.html#risks-of-becoming-an-unprivileged-user

This reverts commit 3c7fb65ac9.
5 years ago
Felix Stupp c258a5d1bb
server/minecraft: Add SRV dns entry 5 years ago
Felix Stupp c3f85bc8e0
playbooks/dns: Removed test mail dns records
can be added by specific mail roles
5 years ago
Felix Stupp 8c0e34729a
playbooks/dns: Add main server addresses now using dns/server_entries 5 years ago
Felix Stupp 55b27c041b
dns: Extracted role entries from server_entries 5 years ago
Felix Stupp 39771c907f
dns/server_entries: Renamed var all_entries to entries 5 years ago
Felix Stupp f2b4540f1f
playbooks/dns: Removed manual configured dns entries for servers
Not required due to automatic configuration by role dns/server_entries
5 years ago
Felix Stupp 9d23e12a16
dns/master: Now considered vars for nameserver and mail to be absolute
Meaning the var itself must not have a dot at the end of the name,
but an usage of the variable may need to append a dot.
5 years ago
Felix Stupp 40c6a3ab0f
dns/server_entries: Allow duplicate execution of role 5 years ago
Felix Stupp 1958c4df54
dns: Renamed role entries to server_entries
To distinguish between simple entries role (coming in the future) and
entries role bundled with server-related entries (A, AAAA, SSHFP)
5 years ago
Felix Stupp 08fafbf98f
dns/entries: Fixed SYNC comment to role dns/master 5 years ago
Felix Stupp a4ec44c9e4
playbooks/dns: Removed non-existent ns2 from nameserver list 5 years ago
Felix Stupp cf2529bf05
playbooks/dns: Fixed typo "resposible" to "responsible" 5 years ago
Felix Stupp 891ec640c7
playbooks: Changed repo urls to https if project is public 5 years ago
Felix Stupp 9121fd2c37
server/tt-rss: Moved repo clone method to standardized release tags 5 years ago
Felix Stupp debbcb1a1b
nginx: Moved dot-file-exclution from global snippet to root snippet
Only file based servers may require this directive,
other servers are not expected to leak hidden files other than on purpose
5 years ago
Felix Stupp cca87f6425
nginx/php: Changed global include to root include
root snippet is there for file based servers, including php
5 years ago
Felix Stupp f2c92e94e2
nginx: Moved index directive from root snippet to specific static role 5 years ago
Felix Stupp dd48448828
nginx/php: Removed debian-specific index file from config 5 years ago
Felix Stupp 58955871ad
nginx/application: Removed specfic exclusion of htaccess files
Because dot files are already blocked in general
5 years ago
Felix Stupp 9394b66f47
wireguard/application: Added sorting of peer files before combining 5 years ago
Felix Stupp e09fb25104
Added role misc/dnsmasq as dnssec resolver 5 years ago
Felix Stupp fbf20622b0
Added group contabo_vserver 5 years ago
Felix Stupp 2158b2717d
dns/master: Added support for dname to root zone 5 years ago
Felix Stupp 0b388a7e9a
git_auto_update: Added brackets for less ambiguity 5 years ago
Felix Stupp 9a8996d69e
git_auto_update: Increased check options for update script 5 years ago
Felix Stupp 2515ab82db
roles/nfs: Improved var usages
- Extracted global_nfs_directory from default root_directory
- Added usage of export_path
5 years ago
Felix Stupp 666f463b46
Added global_vars already used 5 years ago
Felix Stupp 04c71a8611
common: ssh makefile: Sort part files before combining 5 years ago
Felix Stupp d09b7ea8c3
mysql: Configure mysql_user and mysql_password 5 years ago
Felix Stupp 164cdbbc79
common: Tagged ip blocklist for easier skipping 5 years ago
Felix Stupp b3fac3587f
Removed ecdsa as accepted ssh host key 5 years ago