ansible

Author	SHA1	Message	Date
Markus Hauschild	0622787e0c	new host: neon, rename dns to dns-intern	2018-06-27 19:35:30 +02:00
tomoto	8ae92ce745	Add alias for forseti, checkmk.bk	2018-06-13 17:29:37 +02:00
tomoto	69edc1d5bf	Downloaded file mode 0755 -> 0644	2018-06-13 16:56:19 +02:00
tomoto	a025bc0301	Merge branch 'master' of git.binary-kitchen.de:moepman/infra	2018-06-13 16:48:27 +02:00
tomoto	b5b06841d1	Add check_mk tasks and roles	2018-06-13 16:47:18 +02:00
Markus Hauschild	0cafa543aa	run unattented updates on non-critial hosts	2018-06-13 15:08:04 +02:00
Markus Hauschild	4ae4cb8b13	member-sw: install ansible	2018-06-13 14:53:59 +02:00
Markus Hauschild	b570b30ad2	common: prevent normal users from running su	2018-06-13 14:43:13 +02:00
Tomoto	2417bf1302	Add forseti check_mk VM	2018-06-11 21:08:37 +02:00
Markus Hauschild	850f813079	hackmd: fix service file (missing working dir)	2018-06-04 15:59:11 +02:00
Markus Hauschild	b68232cea4	hackmd: improve (csp, hsts, version bump) and start to use vault	2018-06-04 14:00:55 +02:00
Markus Hauschild	197af9ee3f	dns: update IPs	2018-05-14 20:02:18 +02:00
Markus Hauschild	ce8959a1d2	gogs: use debian stretch packages	2018-05-08 23:15:06 +02:00
Markus Hauschild	cc5611ca37	common: use ansible facts to detect KVM VMs	2018-05-02 12:11:31 +02:00
Markus Hauschild	d3a50a75d6	hackmd: SSL, temporary CSP'fix	2018-05-01 11:49:42 +02:00
Markus Hauschild	e24a9ede41	DNS and DHCP update: obazda, garlic	2018-05-01 11:48:55 +02:00
Markus Hauschild	2bebcc16a3	common: install qemu-agent on VMs	2018-05-01 11:47:57 +02:00
Markus Hauschild	2a15de42cf	gogs: style fix	2018-05-01 11:43:51 +02:00
Markus Hauschild	7806c6b9e9	DNS and DHCP updates	2018-05-01 11:43:51 +02:00
Markus Hauschild	95084d6cc6	mail: reduce dovecot logging	2018-04-18 15:07:58 +02:00
Markus Hauschild	b9086690dc	hackmd: LDAP and vhost	2018-04-12 18:30:30 +02:00
Markus Hauschild	344139e75c	hackmd: new role (not finished yet)	2018-04-09 21:28:36 +02:00
Markus Hauschild	67af76cbda	prosody: enable modules to improve user experience (XEP 0065, 0124, 0191, 0352, 0357, 0363)	2018-03-20 12:59:49 +01:00
Markus Hauschild	f13bf4d466	dns: remove host ups2	2018-02-03 22:52:13 +01:00
Markus Hauschild	718657fc15	New host: bowle (punsch replacement)	2018-02-03 22:40:48 +01:00
Markus Hauschild	d281b083bc	dns: remove non working update check	2018-01-23 18:29:16 +01:00
Markus Hauschild	42b741a139	common: install psmisc (for killall)	2018-01-14 19:06:25 +01:00
Markus Hauschild	7a004e4d8f	certmgr: update to current version	2018-01-14 18:40:19 +01:00
Markus Hauschild	f2dca81c28	Update dns & dhcp (remove sushi)	2018-01-11 19:37:57 +01:00
Markus Hauschild	d975523f4d	common: install net-tools (for netstat)	2018-01-10 12:28:20 +01:00
Markus Hauschild	5b5fa52e53	Modify dns for debian stretch.	2017-10-10 09:48:48 +02:00
Markus Hauschild	4db79176e5	Update zsh path for FreeBSD.	2017-10-10 09:46:57 +02:00
Markus Hauschild	bc653331f6	Fix gogs repository url.	2017-10-02 12:15:56 +02:00
Markus Hauschild	19f4984b1b	Make sure less is installed (needed by journalctl).	2017-10-02 12:15:17 +02:00
Markus Hauschild	983189fb46	Make snmpd less verbose on debian Stretch.	2017-10-02 12:14:50 +02:00
Markus Hauschild	683acac84e	Add DHCP options for VoIP phones.	2017-10-02 12:13:04 +02:00
Markus Hauschild	dba3a3fa71	DHCP for schweinshaxn.	2017-09-30 16:44:19 +02:00
Markus Hauschild	99b0279cac	Disable mouse in vim (debian).	2017-09-20 13:24:30 +02:00
Markus Hauschild	47ecaa9a74	New hosts/IPs in dns.	2017-09-18 20:52:22 +02:00
Markus Hauschild	261c053c93	IP, DNS and DHCP for spaghetti (octopi).	2017-09-12 19:41:36 +02:00
Markus Hauschild	b6132e8720	Fetch letsencrypt root cert for certmgr.	2017-09-09 11:25:16 +02:00
Markus Hauschild	008b0efd1b	Modify certmgr for Debian stretch.	2017-09-09 11:23:30 +02:00
Markus Hauschild	c43a927779	Modify nginx for Debian stretch.	2017-09-09 11:22:43 +02:00
Markus Hauschild	fef4ea1c13	Fix dovecot ssl config (no longer worked with Debian stretch).	2017-09-04 15:36:55 +02:00
Markus Hauschild	103512faae	Add php7.0-xml to web role.	2017-09-03 14:37:23 +02:00
Markus Hauschild	afc6b3f57f	Modify librenms and racktables for Debian stretch.	2017-09-03 14:35:56 +02:00
Markus Hauschild	021aa8df96	Add new devices and IPs.	2017-09-03 14:26:05 +02:00
Markus Hauschild	88c23c3693	Clean up, specify eth0 as dhcp interface.	2017-07-07 07:49:17 +02:00
Markus Hauschild	fd6abd2dd2	Modify web role for debian stretch.	2017-07-03 09:49:18 +02:00
Markus Hauschild	313a27e20d	Handle incorrectly enabled hibernation/resume.	2017-07-03 09:48:25 +02:00
Markus Hauschild	7e856c2923	Cleanup (mostly apt: state=present).	2017-07-02 22:17:32 +02:00
Markus Hauschild	c7e4dd4173	Forgot to add opcache.ini.	2017-07-01 16:36:41 +02:00
Markus Hauschild	37aef461cf	Modify owncloud role for debian stretch.	2017-07-01 16:33:15 +02:00
Markus Hauschild	becadd373f	New hosts: nbe-w13b, nbe-tr8, sw01, sw02	2017-07-01 14:25:43 +02:00
Markus Hauschild	438ed4e24e	Reserve DNS/IPs for new network equipment.	2017-06-05 21:39:41 +02:00
Markus Hauschild	05e54ced02	Change mac address of lock.	2017-06-05 21:38:47 +02:00
Markus Hauschild	5feacf313f	Prosody: enable XEP-0313 (for OMEMO).	2017-04-03 12:25:18 +02:00
Markus Hauschild	fa23c6281b	New hosts: ap03, klopi.	2017-03-21 20:45:16 +01:00
Markus Hauschild	1cbb6e7f1d	New host: cannelloni.	2017-03-21 20:45:16 +01:00
Markus Hauschild	bc270519b0	Begin work on directory-self-service role.	2017-03-21 20:45:12 +01:00
Markus Hauschild	1b587c0eec	Switch to nginx-light.	2017-03-01 09:33:49 +01:00
Markus Hauschild	2978ef8177	Fix certmgr actions for cron usage.	2017-02-28 14:48:03 +01:00
Markus Hauschild	e7e49f356f	Use Leti's Encrypt certificates for binary-kitchen.de.	2017-02-28 14:14:33 +01:00
Markus Hauschild	7c01620a0f	Enable certificate manager cron job.	2017-02-28 13:20:48 +01:00
Markus Hauschild	c6a563b1bd	Add (free)radius role.	2017-02-21 20:20:04 +01:00
Markus Hauschild	60561fafea	Update subnet names.	2017-02-21 18:47:11 +01:00
Markus Hauschild	9e77e2cc4b	Add VPN IPs to DNS.	2017-02-21 18:46:47 +01:00
Markus Hauschild	12742d569d	IP/DNS changes.	2017-02-17 21:16:09 +01:00
Markus Hauschild	b00e335278	Make snmpd less verbose.	2017-02-17 11:12:12 +01:00
Markus Hauschild	8405d98926	Remove unused DHCP reservations.	2017-01-30 20:00:58 +01:00
Markus Hauschild	21790f63b0	Unify ldap-server/mirror into slapd.	2017-01-30 20:00:37 +01:00
Markus Hauschild	25e0f52789	Add DHCP reservation for sushi.	2017-01-28 16:44:36 +01:00
Markus Hauschild	59f56d4a32	Add ldap-mirror role.	2017-01-28 16:42:22 +01:00
Markus Hauschild	d1b6a47d46	Disable DNSSEC for resolving.	2017-01-23 20:09:43 +01:00
Markus Hauschild	30fd032a59	Change client network gateways.	2017-01-23 19:26:35 +01:00
Markus Hauschild	46889c110b	Add secondary DNS/DHCP.	2017-01-23 18:47:24 +01:00
Markus Hauschild	df240d2652	Adjust DHCP pools.	2017-01-23 15:27:07 +01:00
Markus Hauschild	f05e808aef	Rename dhcp role to dhcpd.	2017-01-21 17:56:12 +01:00
Markus Hauschild	6ae56bc002	Add DHCP server role.	2017-01-21 17:55:08 +01:00
Markus Hauschild	f3e469bfb6	Fix ldap permissions.	2017-01-17 12:57:40 +01:00
Markus Hauschild	5980848421	Add new hosts to dns.	2017-01-17 12:44:46 +01:00
Markus Hauschild	4bad44c464	Add dns-server role	2017-01-07 15:41:21 +01:00
Markus Hauschild	21aefb8633	Fix zsh prompt for 5.3.1.	2017-01-07 15:10:50 +01:00
Markus Hauschild	b2ef100994	gogs: increase client_max_body_size to 128M	2017-01-03 15:47:53 +01:00
Markus Hauschild	3b1ab3877d	Only create DH param file when using ssl.	2016-11-19 22:24:21 +01:00
Markus Hauschild	8aa3a6c806	Use current acertmgr version.	2016-10-06 09:27:35 +02:00
Markus Hauschild	1a8c57f041	Fix typo.	2016-07-28 12:23:48 +02:00
Markus Hauschild	27ff25bdf7	Add git to software available to members.	2016-07-28 12:21:08 +02:00
Markus Hauschild	a8fdb58d9f	Place librenms to /usr/share/librenms.	2016-07-07 07:03:53 +02:00
Markus Hauschild	3ba596b471	Improve librenms role.	2016-07-06 16:28:16 +02:00
Markus Hauschild	31b4b2e385	Add incomplete librenms role.	2016-07-06 13:26:42 +02:00
Markus Hauschild	b2ca65b0cc	Do not create unnecessary directory for racktables.	2016-07-06 13:24:37 +02:00
Markus Hauschild	54caed7299	Complete RackTables installation.	2016-06-18 14:44:59 +02:00
Markus Hauschild	5bb3a44c71	Add racktables role (unfinished) and apply it.	2016-06-18 13:23:12 +02:00
Markus Hauschild	b83b2f02f1	Prepare nginx to be used without SSL.	2016-06-18 13:21:21 +02:00
Markus Hauschild	89c9e8031c	Add ccc-r.de and ccc-regensburg.de to web.	2016-05-09 20:33:49 +02:00
Markus Hauschild	96fb3a84dc	Allow mail relay from trusted servers, enable ipv6.	2016-04-13 08:59:45 +02:00
Markus Hauschild	c8d0e43743	Configure owncloud vhost even more like upstream suggests.	2016-04-12 17:02:20 +02:00
Markus Hauschild	70c4185053	Add more http headers to the owncloud vhost.	2016-04-12 16:52:27 +02:00
Markus Hauschild	f90df2aae9	Remove static vhost from web.	2016-04-12 09:36:12 +02:00
Markus Hauschild	131a99e96b	Add software to install on member server.	2016-04-11 22:42:21 +02:00
Markus Hauschild	fb36cabe6c	Use current acertmgr version.	2016-04-11 22:41:32 +02:00
Markus Hauschild	79303d999c	Add apt-dater-host to default installed packages.	2016-04-11 22:39:59 +02:00
Markus Hauschild	54a86c3b4f	Enable greylisting for info@ and vorstand@.	2016-04-11 22:39:29 +02:00
Markus Hauschild	171700f752	Set domains for which amavis feels responsible.	2016-04-11 22:39:05 +02:00
Markus Hauschild	b8455c62a7	Fix ACME directories in nginx vhosts.	2016-04-09 23:42:13 +02:00
Markus Hauschild	86df50da48	Add gogs role.	2016-04-09 23:41:41 +02:00
Markus Hauschild	9d1862d7fc	Optimize owncloud settings (APCu, HSTS).	2016-04-09 22:08:43 +02:00
Markus Hauschild	caaf9f5606	Add .space domain for web.	2016-04-09 21:14:57 +02:00
Markus Hauschild	1f679bcbcf	Another round of new mailman vhost settings.	2016-04-09 20:41:17 +02:00
Markus Hauschild	8f70860f8e	Adjust mail role to reality (now with working fcgi).	2016-04-08 20:00:21 +02:00
Markus Hauschild	aaf7ff604e	Unify certmgr configs.	2016-04-08 10:24:23 +02:00
Markus Hauschild	429e212599	Add rsync to common role.	2016-04-08 09:12:19 +02:00
Markus Hauschild	3c9fa5cf2a	Use saslauth for prosody.	2016-04-08 09:07:06 +02:00
Markus Hauschild	63b1ecd671	Add redirect for owncloud to web host.	2016-04-08 07:43:23 +02:00
Markus Hauschild	838a98f7e3	Update mail configs (greylisting, minor fixes).	2016-04-08 07:42:21 +02:00
Markus Hauschild	090fad6a01	Fix web vhost and software dependencies.	2016-04-07 20:51:56 +02:00
Markus Hauschild	eb5a2552a8	FreeBSD has native htop now.	2016-04-07 16:09:04 +02:00
Markus Hauschild	747feab2ad	Add a very basic web role.	2016-04-07 15:51:30 +02:00
Markus Hauschild	ffdfa8f08b	Update postfix TLS settings.	2016-04-07 00:03:27 +02:00
Markus Hauschild	1d2836001e	Fix sa-update key import.	2016-04-06 23:47:14 +02:00
Markus Hauschild	ae42cedb2c	Cleanup mail role.	2016-04-06 22:58:54 +02:00
Markus Hauschild	2319827c79	Fix problems related to postfix running ldap maps in chroot.	2016-04-06 22:40:38 +02:00
Markus Hauschild	88bf7e2f09	Remove unnecessary dovecot settings.	2016-04-06 21:39:41 +02:00
Markus Hauschild	2f8d0729c0	Allow more virtual postfix domains and make aliases configurable.	2016-04-06 21:38:54 +02:00
Markus Hauschild	65f1511913	Fix dovecot auth settings.	2016-04-06 21:20:19 +02:00
Markus Hauschild	34663c35c6	Fix amavis config file paths.	2016-04-06 19:32:14 +02:00
Markus Hauschild	91f2bd73e5	Add Sought ruleset to spamassassin.	2016-04-06 19:30:16 +02:00
Markus Hauschild	b50ed3717c	Enable spamassassin cronjob for mail.	2016-04-06 19:04:45 +02:00
Markus Hauschild	566c1d9fc5	Fix certmgr config templates.	2016-04-06 19:02:54 +02:00
Markus Hauschild	8d7abb4f0c	Fix certificate/CA handling.	2016-04-06 18:00:23 +02:00
Markus Hauschild	ad9f37a966	Adjust php5-fpm config for owncloud.	2016-04-06 10:19:01 +02:00
Markus Hauschild	072a7d9cf8	Add recommended headers to owncloud vhost.	2016-04-06 10:10:06 +02:00
Markus Hauschild	07ca697e63	Deploy sane ldap.conf for ldap clients.	2016-04-06 09:50:00 +02:00
Markus Hauschild	1f11072d0f	Fix owncloud DB creation and add forgotten ldap module.	2016-04-06 09:49:25 +02:00
Markus Hauschild	75aa51d0bb	Fix ntp role issues with included handlers.	2016-04-05 10:33:55 +02:00
Markus Hauschild	3f4f47adfe	Modify owncloud vhost config (cf upstream config).	2016-04-05 09:19:27 +02:00
Markus Hauschild	6e954168db	Add owncloud role.	2016-04-05 08:49:08 +02:00
Markus Hauschild	69b704dac3	Update certmgr version and dependencies.	2016-04-05 08:46:41 +02:00
Markus Hauschild	26951c89a6	Fix nginx handling of acme challenges.	2016-04-05 08:46:38 +02:00
Markus Hauschild	f5146bf438	Fix LDAP and adjust to new schema.	2016-04-01 20:27:29 +02:00
Markus Hauschild	cf3667ddcf	Forgot to add notify statement.	2016-04-01 18:37:47 +02:00
Markus Hauschild	749991b39a	Have ldap-server offer ldaps connections.	2016-04-01 18:37:02 +02:00
Markus Hauschild	157577dfcb	Fix mail-related certificate handling.	2016-04-01 08:10:00 +02:00
Markus Hauschild	4b22d48931	Use officially assigned OID values.	2016-03-30 22:09:15 +02:00
Markus Hauschild	bb814ddfba	Adjust ntp for servers hosted at FAN.	2016-03-30 21:40:40 +02:00
Markus Hauschild	9359a37f3f	Rename ldap-client to ldap-pam.	2016-03-26 14:07:13 +01:00
Markus Hauschild	38e33ab164	Adjust mail to ldap changes.	2016-03-26 10:46:46 +01:00
Markus Hauschild	5d3282d567	Fix ldap-server (confirmed working on debian).	2016-03-24 11:43:40 +01:00
Markus Hauschild	7f8971338c	Move LDAP CA certificate to a better location.	2016-03-23 20:58:17 +01:00
Markus Hauschild	23cfe4486e	Add ldap-server role.	2016-03-23 12:14:18 +01:00
Markus Hauschild	5ce470c9dd	Move nginx ssl config to nginx.conf (from default).	2016-03-13 01:37:26 +01:00
Markus Hauschild	198783d10b	Make mailman https only.	2016-03-09 23:46:37 +01:00
Markus Hauschild	168a158922	Make nginx work with http2.	2016-03-09 22:25:48 +01:00
Markus Hauschild	01f968ecb7	Add dependencies to mail role.	2016-03-09 22:21:56 +01:00
Markus Hauschild	2fe21d0638	Add nginx role.	2016-03-09 22:10:14 +01:00
Markus Hauschild	42e928126d	Empty motd on debian systems.	2016-03-04 13:02:55 +01:00
Markus Hauschild	f70a7dbbdd	Postfix should check the LDAP certficate as well.	2016-03-03 08:19:18 +01:00
Markus Hauschild	1cdb5750dc	Make LDAP CA cert file a variable.	2016-03-03 08:14:43 +01:00
Markus Hauschild	4f5558528e	Adjust ldap-client role for new CA path.	2016-03-03 08:11:14 +01:00
Markus Hauschild	5b463c1631	Add LDAP certificate to common role.	2016-03-03 08:09:26 +01:00
Markus Hauschild	7f5f30bd4f	Switch dovecot to LDAP auth.	2016-03-03 08:02:56 +01:00
Markus Hauschild	056c86a7ea	Enable SSL for mailman vhost.	2016-03-01 07:56:37 +01:00
Markus Hauschild	3eafb60eba	Fix mailman vhost.	2016-02-29 21:55:12 +01:00
Markus Hauschild	e711819e2f	Configure mailman vhost.	2016-02-29 21:29:44 +01:00
Markus Hauschild	3859a3912b	Restart postfix if mailman config changes.	2016-02-29 21:07:45 +01:00
Markus Hauschild	09df61bbe5	Add mailman configuration.	2016-02-29 21:05:21 +01:00
Markus Hauschild	bc22efc8f9	Prepare mailman configuration.	2016-02-29 20:50:14 +01:00
Markus Hauschild	ecf3b91abd	Fix postfix/policyd-spf and a minor typo.	2016-02-29 20:39:14 +01:00
Markus Hauschild	3bfa0391b1	Create certficate config in mail role.	2016-02-28 15:30:57 +01:00
Markus Hauschild	2732c1a4ca	Add certmgr role.	2016-02-28 15:19:21 +01:00
Markus Hauschild	e6f0e45ffc	Add mailman, fix typo.	2016-02-25 08:01:03 +01:00
Markus Hauschild	ec50f7afcb	Use "smtpd_tls_ciphers = medium" for TLS security.	2016-02-23 21:03:12 +01:00
Markus Hauschild	cb54f03a2a	Use gentoo zsh prompt in common role.	2016-02-23 15:01:34 +01:00
Markus Hauschild	942a3d6724	Fix LDAP for mail role. Missing postfix-ldap, use uri instead of host.	2016-02-23 14:57:53 +01:00
Markus Hauschild	9c6e1d1387	Fix ownership of /var/log/dovecot.	2016-02-23 14:56:18 +01:00
Markus Hauschild	2bbe026cd2	Run postmap after relevant files have changed.	2016-02-22 18:07:24 +01:00
Markus Hauschild	04ca9ff769	Create dovecot log dir and fix vmail user for mail role.	2016-02-15 23:48:24 +01:00
Markus Hauschild	5f42f9e70c	Prepare mail role for real ssl certs.	2016-02-15 23:31:05 +01:00
Markus Hauschild	68cdb42b77	Use more variables for mail templates.	2016-02-15 21:30:24 +01:00
Markus Hauschild	fbcac9f826	Add sudo package to common role.	2016-02-15 21:04:37 +01:00
Markus Hauschild	175ee1841b	Add config files and extend tasks for mail role.	2016-02-15 21:04:01 +01:00
Markus Hauschild	fbe164e2db	Enable TLS for LDAP in postfix.	2016-02-15 19:21:17 +01:00
Markus Hauschild	7999a4ec89	Unify action names.	2016-02-15 19:17:28 +01:00
Markus Hauschild	f535c13cba	Add prosody role.	2016-02-11 16:15:38 +01:00
Markus Hauschild	ba1f088be7	Add dnsutils on to common/Debian.	2016-02-01 21:01:52 +01:00
Markus Hauschild	d0f6809dc4	Add more tags.	2016-02-01 20:56:51 +01:00
Markus Hauschild	4b34ce0954	Add very basic mail role.	2016-02-01 20:52:34 +01:00
Markus Hauschild	cb2147d9c1	Change LDAP CA cert path.	2016-01-31 12:15:23 +01:00
Markus Hauschild	0c72c8f8ba	Add very basic and incomplete mail role.	2016-01-26 10:36:33 +01:00
Markus Hauschild	46e42058e7	Rename some LDAP related variables.	2016-01-26 10:35:17 +01:00
Markus Hauschild	ede470acf9	Name includes (useful for ansible 2.0)	2016-01-13 14:19:50 +01:00
Markus Hauschild	ce1d8fcac3	Add/merge group_vars.	2016-01-07 23:28:42 +01:00
Markus Hauschild	c425172e7d	ldap-client: improve naming.	2016-01-04 21:40:59 +01:00
Markus Hauschild	8b41211346	Add ldap-client role.	2016-01-04 20:05:08 +01:00
Markus Hauschild	7ca8e1ad50	Add common role.	2015-12-13 18:54:49 +01:00
Markus Hauschild	f354af18a8	Add ntp role.	2015-12-13 18:51:08 +01:00

... 8 9 10 11 12 ...

647 Commits