Commit graph

72 commits

Author SHA1 Message Date
Crest
493a459466 Use path variables for mlmmj. Changes #31 2022-07-04 02:46:45 +02:00
Crest
6f18f4a005 Use path variables for HAProxy. Changes #31 2022-07-04 02:46:09 +02:00
Crest
b9d4e0b0d0 Use s6 path variables for Dovecot
Updates #31
2022-07-04 02:44:47 +02:00
Crest
803ebdbded Improve s6-rc rc.d script
* Deduplicate path literals
	* Pass live directory to s6-rc invocations

Changes #31
2022-07-04 02:42:22 +02:00
Crest
050fb34846 Deduplicate path literals
Changes #31
2022-07-04 02:41:15 +02:00
Crest
09cf6f693b Update account.json location.
Closes #30.
2022-07-01 15:25:52 +02:00
Crest
428f4be8da Add --email to acme.sh invocation.
Closes #28.
2022-07-01 13:56:31 +02:00
64fb3f2ff3 mediawiki: Enable OATHAuth module 2022-02-18 07:54:22 +00:00
Crest
1294722061 Restore docloc@ alias 2021-12-03 13:53:36 +01:00
Crest
ce8978725d Add alias thoddi@ccchb.de -> mail@thoddi.de 2021-11-30 11:56:29 +01:00
4ac1006e98 roles/nextcloud: update to new configuration 2021-07-11 23:43:16 +02:00
Crest
b8f2306667 Merge branch 'master' of ssh://dev.ccchb.de:2222/ccchb/ansible 2021-03-31 00:57:26 +02:00
c5ecf1df63 Enable HSTS for mediawiki 2021-03-10 11:30:18 +00:00
3c1aed2eee role/nginx: add timer for dehydrated / lets encrypt
fixed #21
2021-03-06 18:51:00 +01:00
aa2063743c NSD configuration for patterns 2021-02-28 13:56:30 +00:00
036f12630c Enable APC cache in wiki 2021-02-28 03:10:24 +00:00
ff8ad02776 Mete role 2021-02-16 23:38:59 +00:00
Crest
faaa5c71a5 Merge branch 'master' of ssh://dev.ccchb.de:2222/ccchb/ansible 2021-02-10 15:33:15 +01:00
Crest
25167bc296 Implement the requested features (as far as possible) 2021-02-10 15:32:59 +01:00
ed30097745 First draft for a prosody role 2021-02-03 00:04:38 +00:00
fdd1e5ce35 Handle nginx configuration in mediawiki role 2021-02-02 22:02:44 +00:00
d5a03479af New certbot role covering standalone and webroot setups 2021-02-02 21:49:20 +00:00
cba94e7929 Manage secrets outside Ansible 2021-02-02 18:29:48 +00:00
c2ea9c6600 Hacky mediawiki role 2021-02-02 18:27:37 +00:00
058910b93a Finish the mail setup. Closes #10. 2021-02-01 02:45:58 +01:00
060ba82d42 Perform daily backups. Close #22 2021-01-31 20:25:31 +01:00
03c34b1216 s6-svscan lost its -s flag with the 2.10.0 release 2021-01-31 19:20:46 +01:00
07a61ac55f Add mlmmj map 2021-01-31 19:18:31 +01:00
c49a79fe20 Update gitea submodule? 2021-01-31 19:17:40 +01:00
98a412c27b Renew Let's Encrypt certificates 2021-01-31 19:16:27 +01:00
925499223e Use correct handlers 2021-01-04 23:33:42 +01:00
68c6b53f68 gitea update 2020-12-14 23:53:27 +01:00
531b7ef276 Reenable redis dependency 2020-10-27 21:09:38 +01:00
c18f53b8ea Add rspamd support.
Postfix uses the Rspamd proxy as spam filtering milter
and HAProxy exposes the Rspamd webinterface through HTTPS.

Updates #10
2020-10-26 23:46:16 +01:00
28fbdff74b Make HAProxy use its new chroot jail in /var/run/haproxy.
Fixes #19
2020-10-26 23:31:57 +01:00
97daf854d0 Add the missing sender_access map to Postfix's configuration.
Updates #18
2020-10-24 19:34:42 +02:00
0a6b680cda Write a role to setup a Redis instance.
The role expects two parameters:

  * `redis_instance`: the instance name
  * `redis_client_group`: the group allowed to access the instance's unix socket

Fixes #17
Updates #10
2020-10-24 14:07:10 +02:00
593d8deddf Only delete old service databases after a *successful* update 2020-10-24 05:25:49 +02:00
36e65e6fe3 Install and configure nsd and unbound on emma.ccchb.de
Fixes #15
2020-10-23 19:37:15 +02:00
8ea37c14df Wait for readiness.
Fixes #16.
2020-10-23 19:28:36 +02:00
7d811568e5 Make use of the Hetzner NTP servers.
Fixes #14 (again)
2020-10-23 19:12:55 +02:00
4addf597cc Install OpenNTPD on mail servers
Fixes #14
2020-10-23 19:03:23 +02:00
9110d9df82 Add a Postfix role and apply it to emma
Changes #10
2020-10-23 03:32:54 +02:00
372f5265d7 Add a Dovecot role
Changes #10
2020-10-21 16:18:30 +02:00
4dfd89dff1 Add Let's Encrypt support to HAProxy.
Closes #13
2020-10-21 16:10:23 +02:00
4696d140aa Use s6-log's native readiness notification support.
Fixes #9
2020-10-20 14:08:28 +02:00
d3f447dce4 Tag the /var/log/haproxy tmpfs as a late file system.
Fixes #8
2020-10-19 14:21:11 +02:00
cb8403a0d3 Create a tmpfs at /var/log/haproxy.
Fixes #6.
2020-10-16 15:55:54 +02:00
6031ddc028 Apply a 16 or 56 bit mask to source IP addresses 2020-10-03 04:00:30 +02:00
dd16e9281d Make HAProxy happy (overwrite log type) 2020-10-03 03:19:12 +02:00