481 Commits (d8421b49bbb98ddf6cecfd7f1ce346f05e38c221)

Author SHA1 Message Date
Felix Stupp d8421b49bb
server/gitea: Renamed var gitea_user_directory to user_directory 5 years ago
Felix Stupp fe0a677b13
git_auto_update: Used long parameters 5 years ago
Felix Stupp e30121cae2
git_auto_update: Improved comparism with GPG fingerprint
Configured grep to compare againg fixed strings, not regexp
5 years ago
Felix Stupp f2b6e41645
git_auto_update: Fixed default reload_command to "true"
An empty default value would result in an error thrown.
5 years ago
Felix Stupp 818515cc05
server/gitea: Reworked logging configuration to contain (only) required information 5 years ago
Felix Stupp 49dd6e4da1
server/gitea/app.ini: Removed not required log settings 5 years ago
Felix Stupp 072ace6438
server/gitea: Configured fail2ban protection 5 years ago
Felix Stupp d81f883e50
server/gitea: Disable colorizing logs for fail2ban 5 years ago
Felix Stupp d630988291
Added role fail2ban/rule 5 years ago
Felix Stupp 2eaf8034f7
server/gitea: Reconfigured log to be minimal and adapted to systemd 5 years ago
Felix Stupp 85028e1dcb
fail2ban/application: Moved service_name to global var 5 years ago
Felix Stupp 239ef3124e
fail2ban/application: Moved vars to global part
Because paths are not user-configured but given by package/system
5 years ago
Felix Stupp 66e38ebcde
server/nextcloud: Enabled APCu cache for cron job 5 years ago
Felix Stupp cf4a4863f4
server/nextcloud: Reformatted cron job line to meet format requirements 5 years ago
Felix Stupp c6a9c15e14
server/nextcloud: Enabled redis cache 5 years ago
Felix Stupp f3d7f2f8a2
Added roles for redis (application, instance) 5 years ago
Felix Stupp b5ca1ce80f
server/nextcloud: Renamed var nextcloud_user_directory to user_directory 5 years ago
Felix Stupp 8e22085ba7
server/nextcloud: Moved "config APCu cache" to "add add. entries" with blockinfile task 5 years ago
Felix Stupp d40a8cee92
server/nextcloud: Fixed changing configuration of nextcloud instance
- Fixes configuring APCu cache
5 years ago
Felix Stupp 5c374bc977
nginx/application: Added security relevant HTTP headers to global config
Duplicates removed from server/nextcloud
5 years ago
Felix Stupp fc2a098ff2
server/nextcloud: Fixed disallowing well-known as dot file 5 years ago
Felix Stupp 7889e10385
nginx/php-pool: Fixed default disabling of status_page_path 5 years ago
Felix Stupp b7d34b28ee
nginx/php: Made name of task more descriptive 5 years ago
Felix Stupp 9d8d041241
nginx/application: Fixed typo of "unnecessary" 5 years ago
Felix Stupp 28d49be899
server/nextcloud: Added support for php-fpm status page 5 years ago
Felix Stupp 458babf82c
nginx/php: Added support for php-fpm status page 5 years ago
Felix Stupp 2a672cb597
nginx/default_server: Extracted status_page_acl var 5 years ago
Felix Stupp ce55e33fda
nginx/php-pool: Added support for enabling status page 5 years ago
Felix Stupp e91f9d1a81
nginx/default_server: Hide status page by answering 403 always 5 years ago
Felix Stupp 74a62e861f
Added role nginx/default_server
To prevent circular dependencies, role must be included manually on
required servers
5 years ago
Felix Stupp 7a33ceffb8
nginx/application: Removed configuring trusted certificate for OCSP
Can be derived by given certificate for host
5 years ago
Felix Stupp 48588ee0dd
server/spotme: Removed not required dependencies 5 years ago
Felix Stupp 647f112c2b
nginx/server: Extracted special pre directives into configurable vars 5 years ago
Felix Stupp 11814fe236
nginx/server: Added explicit dependency to nginx/application 5 years ago
Felix Stupp 61c7f72422
nginx/server: Removed ssl on directive
Should no longer be used, listen + ssl marker is working as expected
5 years ago
Felix Stupp fbca70f81f
dns/master: Create keys directory writeable for bind
To apply KASP later
5 years ago
Felix Stupp d73e250b36
dns/master: Changed owner and adapted permissions of zone directory 5 years ago
Felix Stupp 22fde40ac5
dns/application: Changed bind9 source to official source 5 years ago
Felix Stupp a51225ccc8
dns/application: Allowed bind using AppArmor to write temporary journal files 5 years ago
Felix Stupp 646e6d5c75
dns: Configured service name using global variable 5 years ago
Felix Stupp 77d1e84117
dns: Fixed variable structure of var domain_environment_directory 5 years ago
Felix Stupp be8418d546
misc/backup_files: Added variable backup_name as alternative of name by domain 5 years ago
Felix Stupp 12e47c19c9
all/vars: Added var global_log_directory
Added usage in role nginx/application
5 years ago
Felix Stupp 51404e3a3d
misc/system_user: Added output var system_user_info 5 years ago
Felix Stupp 08a37c6dab
nginx/application: Configure dhparams for SSL 5 years ago
Felix Stupp 586163c9d0
Added role misc/dhparams 5 years ago
Felix Stupp 6fbf62cddd
dns/application: Added zone.db.jnl files to allowed files for bind to write 5 years ago
Felix Stupp f2e669734b
common: Readd package acl
Required for ansible temporary files if becoming an unprivileged user, see
https://docs.ansible.com/ansible/latest/user_guide/become.html#risks-of-becoming-an-unprivileged-user

This reverts commit 3c7fb65ac9.
5 years ago
Felix Stupp c258a5d1bb
server/minecraft: Add SRV dns entry 5 years ago
Felix Stupp 55b27c041b
dns: Extracted role entries from server_entries 5 years ago