ansible

Author	SHA1	Message	Date
Markus Hauschild	e31abbb8bb	web: switch to PHP 7.3	2019-09-12 13:34:05 +02:00
Markus Hauschild	772df6c630	common: also clear motd on Proxmox hosts	2019-09-12 13:22:19 +02:00
Markus Hauschild	bd06590301	nginx: enable TLSv1.3 (relevant VMs have buster)	2019-09-12 13:09:52 +02:00
Markus Hauschild	fb81c5ce02	common: remove snmp, add acpid (on VMs)	2019-09-12 12:00:59 +02:00
Markus Hauschild	ef7177f0ec	common: set vm.swappiness on Proxmox hosts	2019-09-10 19:14:55 +02:00
Markus Hauschild	3d1a681850	librenms: debian buster	2019-09-09 19:33:47 +02:00
Markus Hauschild	a6a973c034	prosody: make it work with buster	2019-09-09 19:09:44 +02:00
Markus Hauschild	8a2ade46cb	Remove host apfelkuchen	2019-09-07 20:45:11 +02:00
Markus Hauschild	c763264ccd	hackmd: update and fix uploads folder link creation	2019-09-06 16:17:34 +02:00
Markus Hauschild	4c7d472f2f	remove racktables and partially remove snmpd	2019-09-03 13:13:03 +02:00
Kishi85	6945b4918c	mail: Enable subject privacy for the history module	2019-09-03 11:50:08 +02:00
Markus Hauschild	6e593d0feb	gogs: switch to debian buster	2019-08-30 11:20:40 +02:00
Kishi85	6ce23ca253	mail: disable rspamd actions for mail from localhost	2019-07-24 10:11:38 +02:00
Kishi85	83afecfd72	mail: use srs only for forwards and MDA, not for incoming mails	2019-07-24 09:38:01 +02:00
Kishi85	5faf9de93e	mail: fix redis config	2019-07-23 17:23:14 +02:00
Kishi85	5df4457b0e	mail: add postsrsd to stop breaking forwards for SPF domains	2019-07-23 16:06:16 +02:00
Markus Hauschild	43f1633a22	cleanup roles	2019-07-23 12:00:59 +02:00
Kishi85	2153438ec5	mail: allow any sender from our internal networks	2019-07-23 11:29:34 +02:00
Markus Hauschild	85c2a90431	bk-dss: enable admin menu for zaesa	2019-07-22 13:18:46 +02:00
Kishi85	884bbbfbae	mail: use rspamd with automatic learning using sieve + managesieve	2019-07-16 09:37:50 +02:00
Markus Hauschild	4b1952a6e0	uau: minimize diff to default config	2019-07-10 18:43:08 +02:00
Markus Hauschild	5ead59ce14	acertmgr: update to version 0.9.8	2019-07-09 12:39:31 +02:00
Markus Hauschild	f1dec82592	prometheus: only support Debian buster	2019-07-09 12:38:32 +02:00
Markus Hauschild	909e767b36	dhcp/dns: add new hosts and IP ranges	2019-06-27 10:09:39 +02:00
Markus Hauschild	2a417cdee2	acertmgr: update to version 0.9.7	2019-06-18 15:13:05 +02:00
Markus Hauschild	f8daa11de1	nextcloud: first step towards handling php from ansible again	2019-05-20 21:35:58 +02:00
Markus Hauschild	477441585d	owncloud: rename to nextcloud	2019-05-20 20:55:50 +02:00
Markus Hauschild	7f689e1a82	owncloud: rename to nextcloud	2019-05-20 20:55:05 +02:00
Markus Hauschild	06dcb1b082	mail: fix SSL CA settings	2019-05-20 20:09:07 +02:00
Markus Hauschild	4ee7c6ad16	acertmgr: migrate from legacy paths	2019-05-20 19:49:08 +02:00
Markus Hauschild	17f25f2c32	acertmgr: migrate from legacy paths	2019-05-20 19:38:32 +02:00
Markus Hauschild	b6f0b9417d	bk-dss: update to version 0.8.3	2019-05-17 08:29:40 +02:00
Markus Hauschild	8a33cdc4ad	slapd: fix ACLs	2019-05-17 08:25:14 +02:00
Markus Hauschild	b4f95eefc8	bk-dss: fix typo	2019-05-16 15:52:49 +02:00
Markus Hauschild	e99c8d34dd	pvessl: nginx based reverse proxy w/ certs for PVE	2019-05-13 21:46:37 +02:00
Markus Hauschild	c4bcc13ccd	slapd: simplify ACL	2019-05-13 21:45:37 +02:00
Markus Hauschild	45917de310	bk-dss: add new admin	2019-05-13 21:44:27 +02:00
Kishi85	cc7d959435	mail: dovecot verify password by binding to ldap	2019-05-13 21:30:13 +02:00
Markus Hauschild	2abc3819ac	acme-dnskey-generate: handle empty san list	2019-05-13 21:00:50 +02:00
Markus Hauschild	e5ca7f59db	replace hard coded values by variables	2019-05-13 20:22:02 +02:00
Markus Hauschild	00826a8d14	slapd: implement proper ACL	2019-05-13 20:03:20 +02:00
Markus Hauschild	6fec0e62bc	mail: fix aliases	2019-04-23 08:07:35 +02:00
Markus Hauschild	9f3923f494	acertmgr: update to 0.9.5	2019-04-01 18:51:01 +02:00
Markus Hauschild	ad2e2dca6b	dns-intern: move cannelloni to user vlan, add tmp	2019-04-01 18:35:27 +02:00
Markus Hauschild	5c07927012	Remove BKCA for good	2019-03-25 21:08:23 +01:00
Markus Hauschild	50cab2429d	raduis: use LE certificate via dns	2019-03-25 21:08:19 +01:00
Markus Hauschild	c6c91d7256	Migrate LDAP from BKCA to Let's Encrypt	2019-03-25 19:58:06 +01:00
Markus Hauschild	c0070e042b	acertmgr: update to 0.9.4	2019-03-25 19:25:56 +01:00
Markus Hauschild	606851de76	slapd: use LE certificate via dns	2019-03-25 19:05:31 +01:00
Markus Hauschild	3471c0ca34	bk-dss: update to 0.8.2	2019-03-22 13:09:58 +01:00
Markus Hauschild	e72ee8fb74	acertmgr: update to 0.8.2	2019-03-21 22:33:05 +01:00
Markus Hauschild	218ae6c4dd	bk-dss: restart uwsgi on changes (fixes #28 )	2019-03-18 22:18:43 +01:00
Markus Hauschild	cefabcaa7f	web: no longer server binary-kitchen.space	2019-03-09 18:39:27 +01:00
Markus Hauschild	654c2c0122	cleanup whitespace	2019-03-09 18:38:07 +01:00
Markus Hauschild	e7375cac3e	new host: mpcnc	2019-03-09 18:33:00 +01:00
Markus Hauschild	97cb51efbf	hackmd: increase max upload size	2019-03-07 21:17:19 +01:00
Markus Hauschild	e1e110e704	acertmgr: update to 0.8.1	2019-03-07 15:01:06 +01:00
Markus Hauschild	56df920ec0	bk-dss: update to 0.8.1	2019-02-28 11:17:08 +01:00
Markus Hauschild	7fb5ac8875	acertmgr: fix typo	2019-02-25 18:10:56 +01:00
Markus Hauschild	476df56fcc	acertmgr: rename vars, introduce version	2019-02-25 08:34:21 +01:00
Markus Hauschild	a2e6267ec8	slapd: use base from variables	2019-02-23 23:55:35 +01:00
Markus Hauschild	9bffa36a33	acertmgr: rename from certmgr, run on config change	2019-02-23 23:54:24 +01:00
Markus Hauschild	407409010e	bk-dss: use vault for secret, use tagged version, use correct certificate for ldap	2019-02-23 23:34:23 +01:00
Markus Hauschild	845a9f3c76	dss: remove unused role (replaced by bk-dss)	2019-02-19 09:31:33 +01:00
Markus Hauschild	905f86f2df	gogs: apt repo key location has changed	2019-02-18 19:15:34 +01:00
Markus Hauschild	f576ebe615	common: forgot to remove gentoo prompt from Debian	2019-02-18 18:39:12 +01:00
Markus Hauschild	d5c98eb13c	common: don't use gentoo prompt anymore	2019-02-18 18:35:54 +01:00
Markus Hauschild	41784f514f	Cleanup whitespace	2019-02-13 16:01:32 +01:00
Markus Hauschild	b47be3287a	librenms & racktables: use LE certificates	2019-02-13 15:57:46 +01:00
Markus Hauschild	766ece5b10	acme-dnskey-generate: fix naming inconsistencies	2019-02-13 15:40:12 +01:00
Markus Hauschild	275b9a6071	Cleanup whitespace	2019-02-13 14:28:16 +01:00
Markus Hauschild	cffa318bea	Remove acme.sh client	2019-02-13 14:05:27 +01:00
Markus Hauschild	82b5f9cdf3	dns-intern: sync A/PTR, use RR for radius, fix erx-rz loopback	2019-02-13 13:38:08 +01:00
Markus Hauschild	82181c2eb2	Remove forseti/checkmk	2019-02-13 13:30:16 +01:00
Markus Hauschild	d52b5c0b76	bk-dss: update to current version	2019-02-12 09:45:10 +01:00
Markus Hauschild	fa7fec4a93	certmgr: update to latest version, adjust config	2019-02-11 19:36:35 +01:00
Kishi85	06760bf9f7	Add role to generate dns keys for acme/cermgr	2019-02-11 18:38:41 +01:00
Markus Hauschild	40efa84fcf	dovecot: add logrotate config	2019-02-04 20:31:13 +01:00
Markus Hauschild	8b0be8cc6f	dns: host ffrgb (offloader)	2019-02-04 18:33:06 +01:00
Markus Hauschild	7b53f00a5e	new hosts: maccaroni & spaghetti	2019-01-20 14:47:55 +01:00
Kishi85	3425fdeac9	new host: magnesium (partdb/partkeepr)	2018-12-17 19:25:15 +01:00
Markus Hauschild	5fae8fa02c	dns-intern: update loopback addresses	2018-10-30 12:31:34 +01:00
Markus Hauschild	543ffce274	dhcpd: dhcp for Aruba APs	2018-10-26 18:43:18 +02:00
Markus Hauschild	2f1ed864cd	dns-extern: update documentation	2018-10-22 21:03:18 +02:00
Markus Hauschild	ae65e438dc	dns-extern: role for primary nameserver	2018-10-22 20:58:34 +02:00
Kishi85	e3c7c0cc1b	Change updatepolicy.aliases format	2018-10-22 20:30:12 +02:00
Markus Hauschild	267557f068	common: install software on proxmox	2018-10-15 21:47:26 +02:00
Markus Hauschild	65786edf03	common: run apt task to ensure python-apt is installed	2018-10-15 21:47:03 +02:00
Markus Hauschild	e88a6e5691	further updates wrt changed ntp server	2018-10-15 21:46:30 +02:00
Kishi85	271305ad34	Proxmox handling	2018-10-15 21:08:06 +02:00
Markus Hauschild	67d4340ba6	hackmd: fix owner, persistent upload path, allow anon edits	2018-10-15 18:46:34 +02:00
Markus Hauschild	22c1b0d469	bk-dss: new role to be deployed on LDAP host	2018-10-15 18:25:30 +02:00
Markus Hauschild	32f976a163	hackmd: fix when	2018-10-08 21:46:29 +02:00
Markus Hauschild	4a93fab603	hackmd: update database scheme	2018-10-08 20:29:18 +02:00
Markus Hauschild	9b19d93bf9	hackmd: update version to codimd 1.2.1	2018-10-08 20:28:06 +02:00
Markus Hauschild	ebecd957b2	hackmd: reload systemd before restarting hackmd	2018-10-08 20:14:33 +02:00
Markus Hauschild	e2fd44eb53	prometheus: new role	2018-10-06 22:19:37 +02:00
Markus Hauschild	634b952321	common: update zsh path for FreeBSDH	2018-10-06 22:18:40 +02:00
Markus Hauschild	b6605467fa	dhcpd: new lock IP	2018-10-06 20:37:41 +02:00
Markus Hauschild	1b25547d97	dns: remove old hosts	2018-10-04 21:38:59 +02:00
Kishi	ca86d25ed5	Fix dovecot ldaps	2018-10-04 21:29:16 +02:00
Markus Hauschild	59cca157e2	web: new domain makerspace-regensburg.de	2018-10-02 18:35:30 +02:00
Markus Hauschild	d434e9e70d	hackmd: only rebuild if changed (properly this time)	2018-09-20 22:57:51 +02:00
Markus Hauschild	9e0e5923a8	dns-intern: renumber RZ	2018-09-20 22:31:12 +02:00
Rudolf Mayerhofer	482d67ebb1	Change BKCA to a system CA for migration to Let's Encrypt	2018-09-20 18:55:17 +02:00
Markus Hauschild	1a511a9faf	root-keys: new role to set ssh authorized keys for the root user	2018-09-17 22:03:35 +02:00
Markus Hauschild	0a2f85459d	common: update FreeBSD zsh location	2018-09-16 11:50:45 +02:00
Markus Hauschild	3be1e06242	hackmd: disable anon usage	2018-09-16 11:49:53 +02:00
Kishi	9f608c886d	Change certificate locations, update powerdns aliases	2018-09-11 13:58:24 +02:00
Kishi	9dcdbdf983	acme.sh role	2018-09-10 22:52:41 +02:00
Markus Hauschild	b3d3888518	dchpd: don't use global ntp servers	2018-08-27 23:31:29 +02:00
Markus Hauschild	d571ff6827	dns-intern: new hosts	2018-08-27 23:30:49 +02:00
Markus Hauschild	6a73265d79	dhcp: increase lease times	2018-08-21 12:59:41 +02:00
Markus Hauschild	8d7d6f6765	dns-intern: fix typo in hostname	2018-08-21 12:59:22 +02:00
Markus Hauschild	008f64cb08	dns-intern: new host sw03	2018-08-20 15:46:09 +02:00
Kishi	6c7014e7fc	Set sane default for DMARC_MODERATION_ACTION	2018-07-30 21:32:09 +02:00
Kishi	9baad14c37	Remove, rename and preserve DKIM headers (mode=3)	2018-07-24 12:21:57 +02:00
Markus Hauschild	74aa02420e	mail: make mailman work with postfix again	2018-07-23 22:36:54 +02:00
Markus Hauschild	6db9b2eafd	dns-intern: new hosts (ap04 and modem)	2018-07-23 21:54:27 +02:00
Kishi	ede83b43a1	Mailman: Remove (wrong) DKIM headers	2018-07-23 18:47:56 +02:00
Markus Hauschild	bfe0d994d0	common: fix regex	2018-07-17 13:26:45 +02:00
Markus Hauschild	b456e13542	radius: update to freeradius 3 (and no more LDAP)	2018-07-17 10:43:31 +02:00
Tomoto	4204334e3d	Clean cmk server	2018-07-16 21:03:25 +02:00
Tomoto	ff98616d94	new agent ver	2018-07-16 21:02:50 +02:00
Tomoto	2876acf4d6	Check_MK for bacon, new cmk version	2018-07-16 20:52:33 +02:00
Markus Hauschild	e4b07bc43b	dns/dhcp: reserved host mirror	2018-07-08 16:38:16 +02:00
Markus Hauschild	4aa681ff70	common: udpate zsh prompt path	2018-07-06 12:12:29 +02:00
Tomoto	26ed972c00	Check_MK update p33 to p34	2018-06-27 21:09:12 +02:00
Markus Hauschild	66bdb9ec16	dns-intern: style fix	2018-06-27 20:27:00 +02:00
Markus Hauschild	66c36c4896	common: fix network interfaces names (ensXX -> ethX) in consistent way with systems upgraded from debian 8	2018-06-27 20:04:45 +02:00
Markus Hauschild	0622787e0c	new host: neon, rename dns to dns-intern	2018-06-27 19:35:30 +02:00
tomoto	8ae92ce745	Add alias for forseti, checkmk.bk	2018-06-13 17:29:37 +02:00
tomoto	69edc1d5bf	Downloaded file mode 0755 -> 0644	2018-06-13 16:56:19 +02:00
tomoto	a025bc0301	Merge branch 'master' of git.binary-kitchen.de:moepman/infra	2018-06-13 16:48:27 +02:00
tomoto	b5b06841d1	Add check_mk tasks and roles	2018-06-13 16:47:18 +02:00
Markus Hauschild	0cafa543aa	run unattented updates on non-critial hosts	2018-06-13 15:08:04 +02:00
Markus Hauschild	4ae4cb8b13	member-sw: install ansible	2018-06-13 14:53:59 +02:00
Markus Hauschild	b570b30ad2	common: prevent normal users from running su	2018-06-13 14:43:13 +02:00
Tomoto	2417bf1302	Add forseti check_mk VM	2018-06-11 21:08:37 +02:00
Markus Hauschild	850f813079	hackmd: fix service file (missing working dir)	2018-06-04 15:59:11 +02:00
Markus Hauschild	b68232cea4	hackmd: improve (csp, hsts, version bump) and start to use vault	2018-06-04 14:00:55 +02:00
Markus Hauschild	197af9ee3f	dns: update IPs	2018-05-14 20:02:18 +02:00
Markus Hauschild	ce8959a1d2	gogs: use debian stretch packages	2018-05-08 23:15:06 +02:00
Markus Hauschild	cc5611ca37	common: use ansible facts to detect KVM VMs	2018-05-02 12:11:31 +02:00
Markus Hauschild	d3a50a75d6	hackmd: SSL, temporary CSP'fix	2018-05-01 11:49:42 +02:00
Markus Hauschild	e24a9ede41	DNS and DHCP update: obazda, garlic	2018-05-01 11:48:55 +02:00
Markus Hauschild	2bebcc16a3	common: install qemu-agent on VMs	2018-05-01 11:47:57 +02:00
Markus Hauschild	2a15de42cf	gogs: style fix	2018-05-01 11:43:51 +02:00
Markus Hauschild	7806c6b9e9	DNS and DHCP updates	2018-05-01 11:43:51 +02:00
Markus Hauschild	95084d6cc6	mail: reduce dovecot logging	2018-04-18 15:07:58 +02:00

1 2 3 4 5 ...

427 Commits