Felix Stupp
|
d8421b49bb
|
server/gitea: Renamed var gitea_user_directory to user_directory
|
5 years ago |
Felix Stupp
|
fe0a677b13
|
git_auto_update: Used long parameters
|
5 years ago |
Felix Stupp
|
e30121cae2
|
git_auto_update: Improved comparism with GPG fingerprint
Configured grep to compare againg fixed strings, not regexp
|
5 years ago |
Felix Stupp
|
f2b6e41645
|
git_auto_update: Fixed default reload_command to "true"
An empty default value would result in an error thrown.
|
5 years ago |
Felix Stupp
|
818515cc05
|
server/gitea: Reworked logging configuration to contain (only) required information
|
5 years ago |
Felix Stupp
|
49dd6e4da1
|
server/gitea/app.ini: Removed not required log settings
|
5 years ago |
Felix Stupp
|
072ace6438
|
server/gitea: Configured fail2ban protection
|
5 years ago |
Felix Stupp
|
d81f883e50
|
server/gitea: Disable colorizing logs for fail2ban
|
5 years ago |
Felix Stupp
|
d630988291
|
Added role fail2ban/rule
|
5 years ago |
Felix Stupp
|
2eaf8034f7
|
server/gitea: Reconfigured log to be minimal and adapted to systemd
|
5 years ago |
Felix Stupp
|
85028e1dcb
|
fail2ban/application: Moved service_name to global var
|
5 years ago |
Felix Stupp
|
239ef3124e
|
fail2ban/application: Moved vars to global part
Because paths are not user-configured but given by package/system
|
5 years ago |
Felix Stupp
|
66e38ebcde
|
server/nextcloud: Enabled APCu cache for cron job
|
5 years ago |
Felix Stupp
|
cf4a4863f4
|
server/nextcloud: Reformatted cron job line to meet format requirements
|
5 years ago |
Felix Stupp
|
c6a9c15e14
|
server/nextcloud: Enabled redis cache
|
5 years ago |
Felix Stupp
|
f3d7f2f8a2
|
Added roles for redis (application, instance)
|
5 years ago |
Felix Stupp
|
b5ca1ce80f
|
server/nextcloud: Renamed var nextcloud_user_directory to user_directory
|
5 years ago |
Felix Stupp
|
8e22085ba7
|
server/nextcloud: Moved "config APCu cache" to "add add. entries" with blockinfile task
|
5 years ago |
Felix Stupp
|
d40a8cee92
|
server/nextcloud: Fixed changing configuration of nextcloud instance
- Fixes configuring APCu cache
|
5 years ago |
Felix Stupp
|
5c374bc977
|
nginx/application: Added security relevant HTTP headers to global config
Duplicates removed from server/nextcloud
|
5 years ago |
Felix Stupp
|
fc2a098ff2
|
server/nextcloud: Fixed disallowing well-known as dot file
|
5 years ago |
Felix Stupp
|
7889e10385
|
nginx/php-pool: Fixed default disabling of status_page_path
|
5 years ago |
Felix Stupp
|
b7d34b28ee
|
nginx/php: Made name of task more descriptive
|
5 years ago |
Felix Stupp
|
9d8d041241
|
nginx/application: Fixed typo of "unnecessary"
|
5 years ago |
Felix Stupp
|
28d49be899
|
server/nextcloud: Added support for php-fpm status page
|
5 years ago |
Felix Stupp
|
458babf82c
|
nginx/php: Added support for php-fpm status page
|
5 years ago |
Felix Stupp
|
2a672cb597
|
nginx/default_server: Extracted status_page_acl var
|
5 years ago |
Felix Stupp
|
ce55e33fda
|
nginx/php-pool: Added support for enabling status page
|
5 years ago |
Felix Stupp
|
e91f9d1a81
|
nginx/default_server: Hide status page by answering 403 always
|
5 years ago |
Felix Stupp
|
74a62e861f
|
Added role nginx/default_server
To prevent circular dependencies, role must be included manually on
required servers
|
5 years ago |
Felix Stupp
|
7a33ceffb8
|
nginx/application: Removed configuring trusted certificate for OCSP
Can be derived by given certificate for host
|
5 years ago |
Felix Stupp
|
48588ee0dd
|
server/spotme: Removed not required dependencies
|
5 years ago |
Felix Stupp
|
647f112c2b
|
nginx/server: Extracted special pre directives into configurable vars
|
5 years ago |
Felix Stupp
|
11814fe236
|
nginx/server: Added explicit dependency to nginx/application
|
5 years ago |
Felix Stupp
|
61c7f72422
|
nginx/server: Removed ssl on directive
Should no longer be used, listen + ssl marker is working as expected
|
5 years ago |
Felix Stupp
|
fbca70f81f
|
dns/master: Create keys directory writeable for bind
To apply KASP later
|
5 years ago |
Felix Stupp
|
d73e250b36
|
dns/master: Changed owner and adapted permissions of zone directory
|
5 years ago |
Felix Stupp
|
22fde40ac5
|
dns/application: Changed bind9 source to official source
|
5 years ago |
Felix Stupp
|
a51225ccc8
|
dns/application: Allowed bind using AppArmor to write temporary journal files
|
5 years ago |
Felix Stupp
|
646e6d5c75
|
dns: Configured service name using global variable
|
5 years ago |
Felix Stupp
|
77d1e84117
|
dns: Fixed variable structure of var domain_environment_directory
|
5 years ago |
Felix Stupp
|
be8418d546
|
misc/backup_files: Added variable backup_name as alternative of name by domain
|
5 years ago |
Felix Stupp
|
12e47c19c9
|
all/vars: Added var global_log_directory
Added usage in role nginx/application
|
5 years ago |
Felix Stupp
|
51404e3a3d
|
misc/system_user: Added output var system_user_info
|
5 years ago |
Felix Stupp
|
08a37c6dab
|
nginx/application: Configure dhparams for SSL
|
5 years ago |
Felix Stupp
|
586163c9d0
|
Added role misc/dhparams
|
5 years ago |
Felix Stupp
|
6fbf62cddd
|
dns/application: Added zone.db.jnl files to allowed files for bind to write
|
5 years ago |
Felix Stupp
|
f2e669734b
|
common: Readd package acl
Required for ansible temporary files if becoming an unprivileged user, see
https://docs.ansible.com/ansible/latest/user_guide/become.html#risks-of-becoming-an-unprivileged-user
This reverts commit 3c7fb65ac9 .
|
5 years ago |
Felix Stupp
|
c258a5d1bb
|
server/minecraft: Add SRV dns entry
|
5 years ago |
Felix Stupp
|
55b27c041b
|
dns: Extracted role entries from server_entries
|
5 years ago |