d5a03479af
New certbot role covering standalone and webroot setups
2021-02-02 21:49:20 +00:00
cba94e7929
Manage secrets outside Ansible
2021-02-02 18:29:48 +00:00
c2ea9c6600
Hacky mediawiki role
2021-02-02 18:27:37 +00:00
058910b93a
Finish the mail setup. Closes #10 .
2021-02-01 02:45:58 +01:00
060ba82d42
Perform daily backups. Close #22
2021-01-31 20:25:31 +01:00
03c34b1216
s6-svscan lost its -s flag with the 2.10.0 release
2021-01-31 19:20:46 +01:00
07a61ac55f
Add mlmmj map
2021-01-31 19:18:31 +01:00
c49a79fe20
Update gitea submodule?
2021-01-31 19:17:40 +01:00
98a412c27b
Renew Let's Encrypt certificates
2021-01-31 19:16:27 +01:00
925499223e
Use correct handlers
2021-01-04 23:33:42 +01:00
68c6b53f68
gitea update
2020-12-14 23:53:27 +01:00
531b7ef276
Reenable redis dependency
2020-10-27 21:09:38 +01:00
c18f53b8ea
Add rspamd support.
...
Postfix uses the Rspamd proxy as spam filtering milter
and HAProxy exposes the Rspamd webinterface through HTTPS.
Updates #10
2020-10-26 23:46:16 +01:00
28fbdff74b
Make HAProxy use its new chroot jail in /var/run/haproxy.
...
Fixes #19
2020-10-26 23:31:57 +01:00
97daf854d0
Add the missing sender_access map to Postfix's configuration.
...
Updates #18
2020-10-24 19:34:42 +02:00
0a6b680cda
Write a role to setup a Redis instance.
...
The role expects two parameters:
* `redis_instance`: the instance name
* `redis_client_group`: the group allowed to access the instance's unix socket
Fixes #17
Updates #10
2020-10-24 14:07:10 +02:00
593d8deddf
Only delete old service databases after a *successful* update
2020-10-24 05:25:49 +02:00
36e65e6fe3
Install and configure nsd and unbound on emma.ccchb.de
...
Fixes #15
2020-10-23 19:37:15 +02:00
8ea37c14df
Wait for readiness.
...
Fixes #16 .
2020-10-23 19:28:36 +02:00
7d811568e5
Make use of the Hetzner NTP servers.
...
Fixes #14 (again)
2020-10-23 19:12:55 +02:00
4addf597cc
Install OpenNTPD on mail servers
...
Fixes #14
2020-10-23 19:03:23 +02:00
9110d9df82
Add a Postfix role and apply it to emma
...
Changes #10
2020-10-23 03:32:54 +02:00
372f5265d7
Add a Dovecot role
...
Changes #10
2020-10-21 16:18:30 +02:00
4dfd89dff1
Add Let's Encrypt support to HAProxy.
...
Closes #13
2020-10-21 16:10:23 +02:00
4696d140aa
Use s6-log's native readiness notification support.
...
Fixes #9
2020-10-20 14:08:28 +02:00
d3f447dce4
Tag the /var/log/haproxy tmpfs as a late file system.
...
Fixes #8
2020-10-19 14:21:11 +02:00
cb8403a0d3
Create a tmpfs at /var/log/haproxy.
...
Fixes #6 .
2020-10-16 15:55:54 +02:00
6031ddc028
Apply a 16 or 56 bit mask to source IP addresses
2020-10-03 04:00:30 +02:00
dd16e9281d
Make HAProxy happy (overwrite log type)
2020-10-03 03:19:12 +02:00
3609982b4c
Enable HAProxy service
2020-10-03 03:14:01 +02:00
02fdf86327
Add SNI support as requested in #1
2020-10-03 03:04:44 +02:00
276cff4373
Add HAProxy role. Fixes #4
2020-10-03 02:30:41 +02:00
45f8337144
use current template version of gitea
2020-09-18 16:22:28 +00:00
c6fee04ba6
roles/gitea-ccchb: make menu black
2020-09-18 16:10:02 +00:00
5378e6f7f9
gitea: add logo
2020-09-18 15:47:42 +00:00
e5afb434a5
move ansible-role-gitea to fork
2020-09-18 13:02:21 +00:00
1b35ee4de3
roles/user_mgmt: fix state for ssh_keys
2020-09-18 11:17:02 +00:00
48541be6dd
roles/debian: fix networking disable
2020-09-18 11:16:42 +00:00
bff7609ec4
add gitea
2020-09-18 11:15:57 +00:00
Geno
a771624793
roles/user_mgmt: improve by using state and default values
2020-09-17 14:12:22 +00:00
Geno
dee5a45271
roles/user_mgmt: for add/delete users and ssh_keys
2020-09-17 12:55:13 +00:00
Crest
53f795faf6
Autostart the enabled bhyve guests
2020-09-17 02:38:24 +02:00
Geno
d39eb49c37
roles: Add nextcloud (for debian)
2020-09-17 00:16:55 +00:00
Geno
fcf03aaea7
roles: Add php (for debian)
2020-09-17 00:16:36 +00:00
Geno
1bcada7ffe
roles: Add nginx (for debian)
2020-09-17 00:16:19 +00:00
Geno
2803c0aaea
Add default setup for debian (HACKY/WIP)
2020-09-17 00:14:54 +00:00
Crest
2bae7c9cc1
Run bhyve guests under s6 supervision
2020-09-14 03:52:49 +02:00
Crest
e03c04873c
Create (multiple) ZFS volumes per guest
2020-09-14 01:25:20 +02:00
Crest
05ec7f2022
Use ansible ipath to derive /31 and /127 from the guest index
2020-09-14 01:24:17 +02:00
Crest
82df9558cd
Split bhyve into network, storage and s6
2020-09-14 00:40:21 +02:00