Yohaï-Eliel BERREBY
b94c62d710
unbound-control: no certificates for local use
2020-05-02 16:37:21 +02:00
Yohaï-Eliel BERREBY
3695a3d771
unbound: attempt to fix spurious blacklisting
2020-04-28 23:14:43 +02:00
Yohaï-Eliel BERREBY
b4482b6d3b
unbound: configure unbound-control
2020-04-28 20:21:47 +02:00
Yohaï-Eliel BERREBY
bac131791b
unbound: bump verbosity up to 3
...
Some users are having issues resolving *.auro.re domains from our
network, and the bug does not show itself reliably. Increased verbosity
should help us pinpoint its source.
2020-04-28 20:13:56 +02:00
Yohaï-Eliel BERREBY
ded5f38aec
unbound: name set_fact tasks
2020-04-18 17:36:25 +02:00
Yohaï-Eliel BERREBY
662452065f
dhcp: remove Cloudflare from backup DNS
...
and rename variable, since these are not technically
upstream DNS servers
(unbound will ask the root servers, not these)
2020-04-18 17:06:38 +02:00
Yohaï-Eliel BERREBY
a0651d7703
unbound: bind to the right addresses on backup hosts
2020-04-18 16:56:34 +02:00
Yohaï-Eliel BERREBY
b57fa6e356
dhcp: use backup DNS servers too
2020-04-18 16:56:34 +02:00
Yohaï-Eliel BERREBY
22166bc69b
unbound: log to journalctl
2020-04-18 16:56:17 +02:00
Yohaï-Eliel BERREBY
1777d0e154
unbound: log to /var/log/unbound.log, errors only
2020-04-18 15:42:31 +02:00
Yohaï-Eliel BERREBY
7275ebda47
dhcp: ask clients to use our DNS servers
2020-04-18 15:39:32 +02:00
Yohaï-Eliel BERREBY
f05e92dc5e
unbound: remove unchecked configuration keys
2020-04-13 18:42:02 +02:00
Yohaï-Eliel BERREBY
b3712ed335
unbound: initial deployment
2020-04-13 18:41:12 +02:00
Yohaï-Eliel BERREBY
8fee0857c1
re2o-service: force clone git repository
2020-04-06 19:03:38 +02:00
Yohaï-Eliel BERREBY
8579b99b2e
dhcp: cron.d entry + let main.py restart the server
2020-04-06 19:03:10 +02:00
Yohaï-Eliel BERREBY
6cce62850d
dhcp: configure log rotation
2020-04-06 17:58:14 +02:00
Yohaï-Eliel BERREBY
7347829494
tackle logs
2020-04-06 17:48:56 +02:00
Yohaï-Eliel BERREBY
51fdb89940
extract dhcp-failover.conf into separate file
2020-04-06 17:28:04 +02:00
Yohaï-Eliel BERREBY
d323b78c16
fix bogus dhcpd config
...
- move failover peer declaration to beginning of file
- set split only on primary
- fix re2o-service hostname
- add /etc/default/isc-dhcp-server
2020-04-06 17:22:50 +02:00
Yohaï-Eliel BERREBY
34b448faec
dhcp: implement failover peer configuration
2020-04-06 14:41:34 +02:00
Yohaï-Eliel BERREBY
2a0a2e2ac6
dhcp: fix silly mix-ups
2020-04-06 13:20:52 +02:00
Yohaï-Eliel BERREBY
709e4614c2
suppression d'une déclaration DNS redondante
2020-04-05 19:04:03 +02:00
Yohaï-Eliel BERREBY
e6b2f80b49
templatisation de la config dhcpd
...
non encore testé
2020-04-05 18:44:37 +02:00
fpoutre
40e915a7e0
happy little mistakes
2020-03-22 19:06:38 +01:00
fpoutre
23f1b7a4a1
added support for edc and gs in ldap replica backup configuration
2020-03-22 18:42:00 +01:00
fpoutre
3a399bd04c
added ldap-replica support for ldap-clients of pacaterie and fleming
2020-02-20 18:42:34 +01:00
Alexandre Iooss
5061a029e0
Do not ask why, it was not there
2019-12-05 14:07:48 +01:00
Alexandre Iooss
ccbd7d3770
Failover VMs
2019-11-01 15:38:35 +01:00
Alexandre Iooss
6dec3ed0d1
Proxmox playbook and unifi ap
2019-11-01 15:17:59 +01:00
Alexandre Iooss
5b3ac2a21a
Merge crans version
2019-11-01 14:16:32 +01:00
Alexandre Iooss
e91d47ea8d
Update matrix conf
2019-08-29 07:04:37 +02:00
Alexandre Iooss
6cc0a6a6b7
Remove appservice Discord
2019-08-29 07:03:54 +02:00
Alexandre Iooss
743e902e85
Refractor ldap
2019-08-29 07:03:05 +02:00
Alexandre Iooss
e15ea7854a
Base config sync with crans
2019-08-29 07:02:15 +02:00
Alexandre Iooss
044e8af3aa
Move EtherPad to Docker
2019-07-26 08:50:07 +02:00
Alexandre Iooss
b488007578
[docker] Install docker-compose
2019-07-25 19:10:50 +02:00
Alexandre Iooss
24331ca25b
Fix CI
2019-07-22 21:04:58 +02:00
Alexandre Iooss
2e753db873
Indicate unifi role
2019-07-22 21:00:13 +02:00
Alexandre Iooss
694501dfa3
Merge crans monitoring
2019-07-22 20:56:43 +02:00
Alexandre Iooss
a45ca1a890
Move CodiMD to Docker
2019-07-22 19:14:43 +02:00
Alexandre Iooss
9a35650166
Move Riot web to docker
2019-07-22 10:32:34 +02:00
Alexandre Iooss
66d870ce36
Add docker role
2019-07-22 10:32:01 +02:00
Alexandre Iooss
9018c69da3
Fix matrix v1
2019-07-22 09:12:55 +02:00
Alexandre Iooss
1ed6228728
Simplify help message on server login
2019-05-26 13:03:09 +02:00
Alexandre Iooss
2e0679a973
[passbolt] Add some dep
2019-05-26 12:52:41 +02:00
Alexandre Iooss
a986ecd36a
Passbolt playbook
2019-05-23 07:28:44 +02:00
Alexandre Iooss
72a60a988b
Unifi playbook
2019-05-07 18:52:07 +02:00
Alexandre Iooss
b6573e68ae
Exclude Stretch from node config
2019-05-05 16:24:04 +02:00
Alexandre Iooss
c53d62712f
Make prometheus node exporter listen only on adm
2019-05-05 16:17:52 +02:00
Alexandre Iooss
c1c995e38d
Prometheus role
2019-05-05 14:07:04 +02:00
Alexandre Iooss
8dc40ecb1e
Specify git branch
2019-05-04 18:43:20 +02:00
Alexandre Iooss
8b7d4207b8
Autogenerate service config
2019-05-04 11:46:54 +02:00
Alexandre Iooss
5939d434fd
Beginning of isc-dhcp-server config
2019-05-04 10:54:51 +02:00
Alexandre Iooss
41eb131e69
Fix true values being yes
2019-05-03 22:50:48 +02:00
Alexandre Iooss
81ca7a177d
Initial DHCP re2o service
2019-05-03 22:42:55 +02:00
Alexandre Iooss
aab2daf5b7
Fix Riot depo key
2019-05-03 22:42:12 +02:00
Alexandre Iooss
5e738f40a7
Uniformize motd
2019-05-03 15:52:50 +02:00
Alexandre IOOSS
1cc6bc744b
Merge branch 'change_default_soft' into 'master'
...
Add screen and remove iPython2
See merge request aurore/ansible!20
2019-05-03 14:38:49 +02:00
Alexandre Iooss
0c8763c702
Create VM with Proxmox API
2019-05-03 13:06:26 +02:00
Alexandre Iooss
55cf8b801d
Remove useless systemd handler
2019-04-06 15:19:52 +02:00
Alexandre Iooss
1b3a6f7bf8
Configure IRC Matrix appservice
2019-04-01 18:53:37 +02:00
Alexandre Iooss
84694900e4
Annonce the right Webhook URL for Matrix
2019-04-01 17:57:43 +02:00
Alexandre Iooss
2158c5c6b9
Pass Matrix Webhook through reverse proxy
2019-04-01 17:57:20 +02:00
Alexandre Iooss
88b9356f7d
Make CodiMD role more generic
2019-03-30 13:34:25 +01:00
Alexandre Iooss
48d521fb00
Use generic service model for matrix appservices
2019-03-30 13:26:20 +01:00
Alexandre Iooss
5ccb94e621
Simplify Matrix appservices
2019-03-29 19:25:11 +01:00
Alexandre Iooss
d4d6baed1a
Fix so everything is working fine today
2019-03-26 09:17:46 +01:00
Alexandre IOOSS
00ccc4c377
Merge branch 'refactor' into 'master'
...
Refactor
See merge request aurore/ansible!30
2019-03-26 08:36:21 +01:00
Alexandre Iooss
ee4f144b4a
Default configuration for Riot
2019-03-26 08:30:02 +01:00
Alexandre Iooss
7950191a53
Fix PVE unable to mount vfat at boot
2019-03-25 10:55:51 +01:00
Alexandre Iooss
11e084a104
Switch discord appservice to develop
2019-03-24 17:05:24 +01:00
Alexandre IOOSS
40e63ba89e
Merge branch 'discord_matrix' into 'master'
...
Discord matrix
See merge request aurore/ansible!31
2019-03-24 12:44:23 +01:00
Alexandre Iooss
bbc04d971f
Working appservice Discord
2019-03-24 12:10:35 +01:00
Hadrien Patte
66f7b1061a
Feat: migrate from with_X to loop
...
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-23 20:11:27 +01:00
Hadrien Patte
c20d4fbf18
Feat: expand YAML syntax
...
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-23 20:05:45 +01:00
Hadrien Patte
8a48110c21
Feat: add validate for sudoers
...
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-23 20:05:45 +01:00
Hadrien Patte
737ca7b996
Feat: add state
...
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-23 20:05:42 +01:00
Hadrien Patte
e4a60341c5
Feat: simplify one item lists
...
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-23 20:04:35 +01:00
Hadrien Patte
5551fb5c16
Fix: remove unnecessary quotes
...
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-23 20:04:33 +01:00
Hadrien Patte
8463f1cf96
Feat: use ini_file module
...
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-23 19:21:59 +01:00
Alexandre Iooss
489bb5ddcf
sudo group by location
2019-03-23 13:49:53 +01:00
Alexandre Iooss
01ad50ef95
Whitelist proxy
2019-03-23 13:00:18 +01:00
Alexandre Iooss
bd229fb11e
Update matrix-appservice-discord config
2019-03-23 12:52:39 +01:00
Alexandre Iooss
3198a50c93
Changed URL to make the Webhooks appservice work
2019-03-17 10:42:43 +01:00
Alexandre IOOSS
2b79f9117e
Merge branch 'debsums_security' into 'master'
...
Configure SSH and add debsums
See merge request aurore/ansible!25
2019-03-16 22:09:40 +01:00
Alexandre Iooss
724db5f8c8
Configure SSH and add debsums
2019-03-16 22:06:50 +01:00
Alexandre Iooss
a3b7cf6270
Hotfix HTTP
2019-03-16 21:10:00 +01:00
Alexandre Iooss
221be36085
Fail2ban by default
2019-03-14 15:45:19 +01:00
Alexandre Iooss
fb11981e8a
Follow Mozilla guidelines
2019-03-14 12:25:27 +01:00
Alexandre Iooss
af07bb7c0a
Better SSL conf
2019-03-14 11:53:55 +01:00
Alexandre Iooss
a8fa5d69ff
Add proxy snippets and use nginx-light
2019-03-14 10:53:44 +01:00
Alexandre Iooss
0cc36a107c
Fix CI
2019-03-12 19:58:55 +01:00
Alexandre Iooss
c9761e53dd
Connect to Synapse
2019-03-12 18:33:32 +01:00
Alexandre Iooss
1a447b3807
Add matrix-appservice-webhooks and move nodejs tasks
2019-03-12 18:03:23 +01:00
Alexandre IOOSS
fa7aa8ea75
Merge branch 'master' into 'change_default_soft'
...
# Conflicts:
# roles/baseconfig/tasks/main.yml
2019-03-12 17:27:23 +01:00
Alexandre Iooss
bc1459bc51
Fix various yamllint warnings
2019-03-12 17:22:42 +01:00
Alexandre Iooss
5dfd8eacc5
Replace 'yes' by 'true'
2019-03-12 17:04:06 +01:00
Alexandre Iooss
431b063db7
Maybe last fix for the CI
2019-03-12 16:56:01 +01:00
Alexandre Iooss
cc48990798
Use NPM module in matrix-appservice-discord
2019-03-12 16:51:27 +01:00
Alexandre Iooss
4a6da11837
Clean up EtherPad dep install
2019-03-12 16:34:35 +01:00
Alexandre Iooss
a8656251ab
Tab is useless in sudoers
2019-03-12 07:48:09 +01:00
Alexandre Iooss
dd19efaecd
Do not download rest_auth_provider.py
2019-03-12 07:47:07 +01:00
Alexandre Iooss
16ca4956dc
Make EtherPad default text shorter
2019-03-11 18:15:17 +01:00
Alexandre Iooss
4b5631e60b
Retry 3 times npm and yarn
2019-03-11 18:12:55 +01:00
Alexandre Iooss
b9d5601e36
Remove useless PRODUCTION var for webpack CodiMD
2019-03-11 18:10:35 +01:00
Alexandre Iooss
84263d7712
Do not use depreciated loop with APT
2019-03-11 18:02:29 +01:00
Alexandre Iooss
53b67acb07
Fix a error due to previous merge
2019-03-11 17:53:12 +01:00
Alexandre Iooss
b56ae30335
Use YARN module from Ansible 2.7
2019-03-11 17:49:48 +01:00
Alexandre Iooss
af81b41e83
Use NPM module for matrix-appservice-irc
2019-03-11 17:44:42 +01:00
Alexandre Iooss
4ebaa4f36f
Add retries to APT modules in Matrix Appservices
2019-03-11 15:39:11 +01:00
Alexandre Iooss
1274ec4be4
Fix last line of CodiMD apt dep
2019-03-11 15:30:49 +01:00
Alexandre Iooss
f347daa408
Use systemd module rather than command
2019-03-11 15:12:58 +01:00
Alexandre Iooss
563d9658ed
Add newline at end of 0_apt_dependencies.yml in CodiMD role
2019-03-11 15:10:17 +01:00
Alexandre IOOSS
1a4e41d318
Merge branch 'master' into 'ansible-lint'
...
# Conflicts:
# roles/codimd/tasks/0_apt_dependencies.yml
2019-03-11 15:00:11 +01:00
Alexandre Iooss
ce40a5cb66
Add screen and remove iPython2
2019-03-11 14:55:21 +01:00
Alexandre Iooss
a08be12b41
Security policies based on ANSSI recommandations
2019-03-11 14:52:03 +01:00
Alexandre Iooss
0b887c2abb
Add matrix-appservice-irc
2019-03-10 11:50:07 +01:00
Alexandre Iooss
d6627f5cce
Add matrix-appservice-discord
2019-03-10 11:10:59 +01:00
Alexandre Iooss
c7f584cae9
Fix CodiMD build
2019-03-04 16:04:36 +01:00
Alexandre Iooss
68d246bb24
Update to CodiMD 1.3.0
2019-03-04 15:08:05 +01:00
Alexandre Iooss
bae6f4041d
Add synapse conf to reverse proxy
2019-03-04 09:34:47 +01:00
Alexandre Iooss
fb21af51e2
Revert LDAP schema
2019-03-04 09:09:04 +01:00
Hadrien Patte
b55a2ee047
Fix: add a retry statement to remote package tasks
...
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-03 19:55:51 +01:00
Hadrien Patte
5c5195cc2c
Fix: use systemd instead of command module
...
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-03 19:32:42 +01:00
Alexandre Iooss
cf7e16d8b7
Define default input locale
2019-03-03 09:43:14 +01:00
Alexandre Iooss
775179b410
Update logo
2019-03-03 09:22:28 +01:00
Alexandre Iooss
eeb2e5a2ae
Write become true rather than yes
2019-03-03 09:16:52 +01:00
Alexandre Iooss
ac3d2dee23
Write update_cache true rather than yes
2019-03-03 09:00:29 +01:00
Alexandre Iooss
b420d31b2f
Remove last empty line in chsh
2019-03-03 08:54:48 +01:00
Alexandre Iooss
3892e49971
Move synapse rest auth url
2019-03-03 08:18:50 +01:00
Hadrien Patte
d54421b013
Fix: line length
...
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-02 13:31:51 +01:00
Hadrien Patte
58cb43d0d0
Fix: indentations and spaces
...
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-02 12:16:43 +01:00
Hadrien Patte
5f08a7522e
Fix: blank lines and trailing spaces
...
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-02 12:07:48 +01:00
Alexandre Iooss
11bc3b8e22
Configure Synapse provider
2019-02-26 18:04:46 +01:00
Alexandre Iooss
9ba730392e
mxisd role
2019-02-26 16:49:18 +01:00
Alexandre Iooss
be6c9796e8
Change owner to matrix-synapse
2019-02-26 13:42:45 +01:00
Alexandre Iooss
21cfa2c404
Fix synapse templates
2019-02-26 13:34:30 +01:00
Alexandre Iooss
6237f3de46
Configure Matrix Synapse
2019-02-26 13:23:14 +01:00
Alexandre Iooss
c7dd68089a
Name correctly LDAP userland scripts
2019-02-19 11:41:08 +01:00
Alexandre Iooss
4274194b95
Use ansible_managed tag
2019-02-19 11:10:05 +01:00
Alexandre Iooss
98622807e1
Clean tasks files
2019-02-19 10:49:18 +01:00
Alexandre Iooss
d4a187e449
Remove README per role
2019-02-19 10:43:55 +01:00
Alexandre Iooss
5cc4e5bbc0
Make templates end in .j2
2019-02-19 10:42:57 +01:00
Alexandre Iooss
36434e3323
Add Matrix synapse
2019-02-16 12:50:18 +01:00
Alexandre Iooss
feed96e103
Rename matrix riot role
2019-02-16 12:26:09 +01:00
Alexandre Iooss
69f633a83d
Add LDAP on CodiMD
2019-02-09 11:47:09 +01:00
Alexandre Iooss
19c2eca917
Add systemd unit
2019-02-09 10:02:53 +01:00
Alexandre IOOSS
5f194f0e30
Merge branch 'vulcain_codimd' into 'master'
...
Role Ansible pour setup de CodiMD
See merge request erdnaxe/ansible-aurore!2
2019-02-09 09:32:33 +01:00
Alexandre Iooss
63804b56af
Todo list
2019-02-09 09:29:14 +01:00
Alexandre Iooss
d3070b1611
Do not clone temporally
2019-02-09 09:26:05 +01:00
Alexandre Iooss
dc776a0ba4
Fix uws compilation
2019-02-09 08:59:48 +01:00
Alexandre Iooss
7e4d247e14
We need a C++ compiler
2019-02-09 08:46:16 +01:00
Alexandre Iooss
ebb716d5f2
Only rebuild when code changes
2019-02-09 08:45:16 +01:00
Alexandre Iooss
9cee4b5ada
Remove useless comment
2019-02-09 08:39:16 +01:00
Alexandre Iooss
41c41d2f02
Add CodiMD database password
2019-02-09 08:29:50 +01:00
Alexandre Iooss
a316a5d461
Fix main.yml
2019-02-09 08:07:10 +01:00
Alexandre Iooss
d165343631
Add nodeJS pin file
2019-02-09 08:01:35 +01:00
Alexandre Iooss
fd7efc6775
Fix YML
2019-02-09 08:01:19 +01:00
Alexandre Iooss
fff8a1f2de
Remove useless quotes
2019-02-09 07:58:06 +01:00
Alexandre IOOSS
9a866f549a
Fix typo in nginx-riot.j2
2019-02-09 07:52:59 +01:00
Vulcain
c8229fee9b
Role ansible pour setup de CodiMD
2019-02-07 13:37:11 +01:00
Alexandre Iooss
79266d2476
Uniformize
2019-02-07 13:04:46 +01:00
Otthorn
d58a356e71
Ansible rule for Riot
2019-02-07 13:37:03 +01:00
Alexandre Iooss
74c0d481a8
Prepare TP for newcomers
2019-02-07 09:37:47 +01:00
Alexandre Iooss
02d4c5684a
Fix cert path
2019-02-07 09:33:20 +01:00
Alexandre Iooss
234c3556c6
Remove old ACME challenge
2019-02-06 21:32:14 +01:00
Alexandre Iooss
c8617e45cc
Add CodiMD container
2019-02-05 12:42:05 +01:00
Alexandre Iooss
4a3c11d719
Beggining of Matrix Riot server
2019-02-05 11:39:58 +01:00
Alexandre Iooss
bdb4dadaa7
Don't use anymore submodules as there are too many
2019-02-05 08:35:45 +01:00
Alexandre Iooss
ce5bc76853
Add Debian backports role
2019-02-05 08:31:25 +01:00
Alexandre Iooss
9cb3d49678
Update hosts
2019-01-19 15:58:05 +01:00
Alexandre Iooss
cc496ad785
Update submodules
2019-01-08 11:04:54 +01:00
Alexandre Iooss
52d2163752
EtherPad
2019-01-07 13:29:06 +01:00
Alexandre Iooss
3711c66476
Make logo selectionnable
2019-01-07 07:41:03 +01:00
Alexandre Iooss
a2dd147a37
Add reverse conf for auro.re
2019-01-07 07:40:14 +01:00
Alexandre Iooss
221dc968a3
Add NGINX reverse proxy role
2019-01-06 11:36:41 +01:00
Alexandre Iooss
431306538f
Fix molly-guard config
2019-01-05 10:31:04 +01:00
Alexandre Iooss
c06f12d321
Add EtherPad role
2019-01-04 13:54:52 +01:00
Alexandre Iooss
635b6ec410
Use local replica
2019-01-03 19:20:14 +01:00
Alexandre Iooss
c30a4eeff1
Dokuwiki role
2019-01-03 16:55:07 +01:00
Alexandre Iooss
27342aa406
LDAP replica working
2019-01-03 16:43:50 +01:00
Alexandre Iooss
ed10fc8241
Replication role
2019-01-03 14:52:52 +01:00
Alexandre Iooss
1ca4391c66
Rename some variables
2019-01-03 14:51:11 +01:00
Alexandre Iooss
e4da3088b4
Add LDAP replica role
2019-01-03 12:48:34 +01:00
Alexandre Iooss
3c4eafa0de
Send mail to monitor apt changelog
2019-01-02 18:23:11 +01:00
Alexandre Iooss
2dd483e4a6
Add security on all servers to verify shutdowns
2019-01-02 18:10:17 +01:00
Alexandre Iooss
cd189b397b
Fix perm on user dir
2018-12-27 17:51:30 +01:00
Alexandre Iooss
614b8d8142
Execute playbook with become activated
2018-12-27 10:27:20 +01:00
Alexandre Iooss
3f24f011c7
Do not use OVH mirrors
2018-12-26 09:58:56 +01:00
Alexandre Iooss
0eaee34ebb
Horus uses OVH mirrors
2018-12-25 17:54:34 +01:00
Alexandre Iooss
9a94b9daaa
Update submodules
2018-12-25 16:39:51 +01:00
Alexandre Iooss
599f0acb3d
Add a way to test
2018-12-24 10:50:22 +01:00
Alexandre Iooss
42fd4e7c2e
Inventory clean up
2018-12-23 16:09:12 +01:00
Alexandre Iooss
32aa3121ec
Add roles as submodules
2018-12-23 12:25:52 +01:00