Commit Graph

166 Commits

Author SHA1 Message Date
genofire c18f53b8ea Add rspamd support.
Postfix uses the Rspamd proxy as spam filtering milter
and HAProxy exposes the Rspamd webinterface through HTTPS.

Updates #10
2020-10-26 23:46:16 +01:00
genofire 28fbdff74b Make HAProxy use its new chroot jail in /var/run/haproxy.
Fixes #19
2020-10-26 23:31:57 +01:00
genofire 97daf854d0 Add the missing sender_access map to Postfix's configuration.
Updates #18
2020-10-24 19:34:42 +02:00
genofire de6c1a4d8b Add dns playbook
Fixes #15
2020-10-24 14:11:39 +02:00
genofire 0a6b680cda Write a role to setup a Redis instance.
The role expects two parameters:

  * `redis_instance`: the instance name
  * `redis_client_group`: the group allowed to access the instance's unix socket

Fixes #17
Updates #10
2020-10-24 14:07:10 +02:00
genofire 593d8deddf Only delete old service databases after a *successful* update 2020-10-24 05:25:49 +02:00
genofire e8ad17c054 Add forgotten playbooks.
Changes #10, #15
2020-10-23 19:45:21 +02:00
genofire 01cace0b95 Merge branch 'master' of ssh://dev.ccchb.de:2222/ccchb/ansible into master 2020-10-23 19:37:21 +02:00
genofire 36e65e6fe3 Install and configure nsd and unbound on emma.ccchb.de
Fixes #15
2020-10-23 19:37:15 +02:00
genofire 83a7a1b4d1 Install and configure nsd and unbound on emma.ccchb.de
Fixes #16
2020-10-23 19:35:52 +02:00
genofire 8ea37c14df Wait for readiness.
Fixes #16.
2020-10-23 19:28:36 +02:00
genofire 7d811568e5 Make use of the Hetzner NTP servers.
Fixes #14 (again)
2020-10-23 19:12:55 +02:00
genofire 4addf597cc Install OpenNTPD on mail servers
Fixes #14
2020-10-23 19:03:23 +02:00
genofire 9110d9df82 Add a Postfix role and apply it to emma
Changes #10
2020-10-23 03:32:54 +02:00
genofire 9edf07c8bb Merge branch 'master' of ssh://dev.ccchb.de:2222/ccchb/ansible into master 2020-10-21 16:41:17 +02:00
genofire d64eb534bb Define a mail host group containing the hashed passwords
Changes #10
2020-10-21 16:41:06 +02:00
genofire c2929aee96 Define a mail host group containing the hashed passwords
Changes #10
2020-10-21 16:23:10 +02:00
genofire 372f5265d7 Add a Dovecot role
Changes #10
2020-10-21 16:18:30 +02:00
genofire 4dfd89dff1 Add Let's Encrypt support to HAProxy.
Closes #13
2020-10-21 16:10:23 +02:00
genofire 4696d140aa Use s6-log's native readiness notification support.
Fixes #9
2020-10-20 14:08:28 +02:00
genofire d3f447dce4 Tag the /var/log/haproxy tmpfs as a late file system.
Fixes #8
2020-10-19 14:21:11 +02:00
genofire 75e2c3768f Add the postconf ansible module to the library.
Fixes #7
2020-10-17 03:46:59 +02:00
genofire cb8403a0d3 Create a tmpfs at /var/log/haproxy.
Fixes #6.
2020-10-16 15:55:54 +02:00
genofire 31427fb19e update gitea 2020-10-03 07:50:30 +00:00
genofire 03dd50685a Start a site.yml playbook 2020-10-03 04:27:41 +02:00
genofire 6031ddc028 Apply a 16 or 56 bit mask to source IP addresses 2020-10-03 04:00:30 +02:00
genofire dd16e9281d Make HAProxy happy (overwrite log type) 2020-10-03 03:19:12 +02:00
genofire 3609982b4c Enable HAProxy service 2020-10-03 03:14:01 +02:00
genofire 02fdf86327 Add SNI support as requested in #1 2020-10-03 03:04:44 +02:00
genofire 276cff4373 Add HAProxy role. Fixes #4 2020-10-03 02:30:41 +02:00
genofire 45f8337144 use current template version of gitea 2020-09-18 16:22:28 +00:00
genofire c6fee04ba6 roles/gitea-ccchb: make menu black 2020-09-18 16:10:02 +00:00
genofire 2ed5a3ce51 gitea: improve mailing 2020-09-18 15:48:04 +00:00
genofire 5378e6f7f9 gitea: add logo 2020-09-18 15:47:42 +00:00
genofire e5afb434a5 move ansible-role-gitea to fork 2020-09-18 13:02:21 +00:00
genofire 29ea8933fa Add geno-playground as bhyve-VM on emma 2020-09-18 11:18:00 +00:00
genofire 1b35ee4de3 roles/user_mgmt: fix state for ssh_keys 2020-09-18 11:17:02 +00:00
genofire 48541be6dd roles/debian: fix networking disable 2020-09-18 11:16:42 +00:00
genofire bff7609ec4 add gitea 2020-09-18 11:15:57 +00:00
genofire 0fe815ffa2 group_vars: calc debian ip address 2020-09-17 15:07:30 +00:00
Geno a771624793 roles/user_mgmt: improve by using state and default values 2020-09-17 14:12:22 +00:00
Geno dee5a45271 roles/user_mgmt: for add/delete users and ssh_keys 2020-09-17 12:55:13 +00:00
Crest 53f795faf6 Autostart the enabled bhyve guests 2020-09-17 02:38:24 +02:00
Crest 38e8fd2ec5 Add cloud and dn42 bhyve guests 2020-09-17 02:35:22 +02:00
Geno 98abfcfc93 playbook: Add nextcloud 2020-09-17 00:17:49 +00:00
Geno d39eb49c37 roles: Add nextcloud (for debian) 2020-09-17 00:16:55 +00:00
Geno fcf03aaea7 roles: Add php (for debian) 2020-09-17 00:16:36 +00:00
Geno 1bcada7ffe roles: Add nginx (for debian) 2020-09-17 00:16:19 +00:00
Geno 2803c0aaea Add default setup for debian (HACKY/WIP) 2020-09-17 00:14:54 +00:00
Geno dbe4a55f73 inventory: Add host_vars for dn42.emma.ccchb.de 2020-09-17 00:12:13 +00:00