Updating rsyslog role install pr devel 2.x #2330
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
* r68069-alb-healthchecks-and-nginx * r68069-alb-healthchecks-and-nginx * r68069-alb-healthchecks-and-nginx * r68069-nice-indentation
* r69332-le-cron-mail-alerts * Changing-recipient-to-var * Changing-recipient-to-var-2 * Fixing-email-var * Fixing-email-var-2
* Fixing AWS ACL role defaults. * Docs update. * Punctuation fix!
Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
* First pass at APT repo role. * Adding APT autoremove task to the _exit role. * Adding systemd timer for APT key renewal. * Adding role documentation. * Adding new role to MySQL role to test. * Adding python-debian dependency for deb822 repo handling. * Removing obsolete variable check. * Defaulting the APT 'suites' value to the Ansible-detected release name. * Adding APT suite to MySQL repo installation. * Better docs and fixed a syntax error. * Fixing shell script for refreshing APT keys. * Ensuring APT clean-up in _exit always runs as root. * Fixing up MySQL config for 8.0 and tidying vars.
* First pass at APT repo role. * Adding APT autoremove task to the _exit role. * Adding systemd timer for APT key renewal. * Adding role documentation. * Adding new role to MySQL role to test. * Adding python-debian dependency for deb822 repo handling. * Removing obsolete variable check. * Defaulting the APT 'suites' value to the Ansible-detected release name. * Adding APT suite to MySQL repo installation. * Better docs and fixed a syntax error. * Fixing shell script for refreshing APT keys. * Ensuring APT clean-up in _exit always runs as root. * Fixing up MySQL config for 8.0 and tidying vars. * Adding MySQL repo to unattended upgrades. * Adding README for Docker CE, Docker Compose support and switching to apt_repository role. * Updating docker_registry role to use docker_ce and deleting obsolete docker_compose role. * Updating docs index. * Adding Docker repo to unattended upgrades. * Updating MySQL docs. * Updating repo handling for GitLab and GitLab Runner. * Ensuring wget is installed. * wget seems more reliable than cURL for key fetching. * Updating Jenkins repo handling. * Fixing openjdk default version and updating nodejs APT repo handling. * Removing OSSEC, replaced by Wazuh. * Updating repo handling for the PAM LinOTP role. * Updating repo handling for the LHCI role. * Updating repo handling for PHP components. * Trying out a different config for Jenkins. * Updating docs. * Forgot to remove old yarn repo code. * Adding python3-debian package to python_common defaults to avoid first build failures. * Adding list format support to APT role. * Testing list format support with jenkins role. * Downloading GPG public key. * Ensuring the _apt_repository.key_filename var exists. * Fixing SSL vars in Jenkins role. * Updating repo handling for jitsi role. * Updating docs. * Bad SSL var name.
…1641) * required_paramater_for_gp3_storage_type_tidying_up_and_refactoring * fix vars * fixing more vars * fixing more vars * fixing loop in template
Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
* First pass at APT repo role. * Adding APT autoremove task to the _exit role. * Adding systemd timer for APT key renewal. * Adding role documentation. * Adding new role to MySQL role to test. * Adding python-debian dependency for deb822 repo handling. * Removing obsolete variable check. * Defaulting the APT 'suites' value to the Ansible-detected release name. * Adding APT suite to MySQL repo installation. * Better docs and fixed a syntax error. * Fixing shell script for refreshing APT keys. * Ensuring APT clean-up in _exit always runs as root. * Fixing up MySQL config for 8.0 and tidying vars. * Adding MySQL repo to unattended upgrades. * Adding README for Docker CE, Docker Compose support and switching to apt_repository role. * Updating docker_registry role to use docker_ce and deleting obsolete docker_compose role. * Updating docs index. * Adding Docker repo to unattended upgrades. * Updating MySQL docs. * Updating repo handling for GitLab and GitLab Runner. * Ensuring wget is installed. * wget seems more reliable than cURL for key fetching. * Updating Jenkins repo handling. * Fixing openjdk default version and updating nodejs APT repo handling. * Removing OSSEC, replaced by Wazuh. * Updating repo handling for the PAM LinOTP role. * Updating repo handling for the LHCI role. * Updating repo handling for PHP components. * Trying out a different config for Jenkins. * Updating docs. * Forgot to remove old yarn repo code. * Adding python3-debian package to python_common defaults to avoid first build failures. * Adding list format support to APT role. * Testing list format support with jenkins role. * Downloading GPG public key. * Ensuring the _apt_repository.key_filename var exists. * Fixing SSL vars in Jenkins role. * Updating repo handling for jitsi role. * Updating docs. * Bad SSL var name. * Making timer name dynamic. * Adding missing repo format var to all APT repo handling. * Updating docs.
* Improving AWS subnet docs. * Error in timers structure in the SSL role. * Removing obsolete backports requirements. * Allow the billing role to access Sustainability information. * Missing comma in IAM billing policy. * Removing broken GitLab Runner code. * Fixed the include_role task in gitlab_runner. * Suppressing a failure if there is no system pip to call. * Logic error in Ansible installer username, needs to be set from calling role. * ansible_user is a reserved variable, seems to be causing issues. * _ansible_ANYTHING is reserved, using _install_username instead. * python_boto role also needs the username set in the calling role. * Updating python_boto docs. * Making profile.d loading more robust. * Also pip removing ansible-core and trying with pip and pip3 to cover all bases. * Updating bad AWS SG role var namespacing in other roles. * Refactoring how we handle python3-pip. * Allow passing in of the Python interpreter to Ansible. * Updating the packages server for CE. * Installing Ansible in a venv on all machines. * Changing common_base format for readability. * No need to specify Python to the point release. * Docs update. * Fixing LDAP SSL to use systemd timer. * Allowing different systemd timer names for different Ansible installs. * Fixing dynamic key name in ansible role. * Trying to debug missing timer_command var. * Treating the timer string so it becomes a dict. * Moving default log location for clamav. * Updating ClamAV docs. * Grouping systemd timer tasks together. * Exposing ce-provision version in build output. * Wrong variable in meta role for controller username. * Removing any reference to _aws variables in debian role defaults.
* First pass at APT repo role. * Adding APT autoremove task to the _exit role. * Adding systemd timer for APT key renewal. * Adding role documentation. * Adding new role to MySQL role to test. * Adding python-debian dependency for deb822 repo handling. * Removing obsolete variable check. * Defaulting the APT 'suites' value to the Ansible-detected release name. * Adding APT suite to MySQL repo installation. * Better docs and fixed a syntax error. * Fixing shell script for refreshing APT keys. * Ensuring APT clean-up in _exit always runs as root. * Fixing up MySQL config for 8.0 and tidying vars. * Adding MySQL repo to unattended upgrades. * Adding README for Docker CE, Docker Compose support and switching to apt_repository role. * Updating docker_registry role to use docker_ce and deleting obsolete docker_compose role. * Updating docs index. * Adding Docker repo to unattended upgrades. * Updating MySQL docs. * Updating repo handling for GitLab and GitLab Runner. * Ensuring wget is installed. * wget seems more reliable than cURL for key fetching. * Updating Jenkins repo handling. * Fixing openjdk default version and updating nodejs APT repo handling. * Removing OSSEC, replaced by Wazuh. * Updating repo handling for the PAM LinOTP role. * Updating repo handling for the LHCI role. * Updating repo handling for PHP components. * Trying out a different config for Jenkins. * Updating docs. * Forgot to remove old yarn repo code. * Adding python3-debian package to python_common defaults to avoid first build failures. * Adding list format support to APT role. * Testing list format support with jenkins role. * Downloading GPG public key. * Ensuring the _apt_repository.key_filename var exists. * Fixing SSL vars in Jenkins role. * Updating repo handling for jitsi role. * Updating docs. * Bad SSL var name. * Making timer name dynamic. * Adding missing repo format var to all APT repo handling. * Updating docs. * Fixing bug where list is passed instead of dict for systemd timer.
* Improving AWS subnet docs. * Error in timers structure in the SSL role. * Removing obsolete backports requirements. * Allow the billing role to access Sustainability information. * Missing comma in IAM billing policy. * Removing broken GitLab Runner code. * Fixed the include_role task in gitlab_runner. * Suppressing a failure if there is no system pip to call. * Logic error in Ansible installer username, needs to be set from calling role. * ansible_user is a reserved variable, seems to be causing issues. * _ansible_ANYTHING is reserved, using _install_username instead. * python_boto role also needs the username set in the calling role. * Updating python_boto docs. * Making profile.d loading more robust. * Also pip removing ansible-core and trying with pip and pip3 to cover all bases. * Updating bad AWS SG role var namespacing in other roles. * Refactoring how we handle python3-pip. * Allow passing in of the Python interpreter to Ansible. * Updating the packages server for CE. * Installing Ansible in a venv on all machines. * Changing common_base format for readability. * No need to specify Python to the point release. * Docs update. * Fixing LDAP SSL to use systemd timer. * Allowing different systemd timer names for different Ansible installs. * Fixing dynamic key name in ansible role. * Trying to debug missing timer_command var. * Treating the timer string so it becomes a dict. * Moving default log location for clamav. * Updating ClamAV docs. * Grouping systemd timer tasks together. * Exposing ce-provision version in build output. * Wrong variable in meta role for controller username. * Removing any reference to _aws variables in debian role defaults. * Setting more sane ASG defaults.
* Improving AWS subnet docs. * Error in timers structure in the SSL role. * Removing obsolete backports requirements. * Allow the billing role to access Sustainability information. * Missing comma in IAM billing policy. * Removing broken GitLab Runner code. * Fixed the include_role task in gitlab_runner. * Suppressing a failure if there is no system pip to call. * Logic error in Ansible installer username, needs to be set from calling role. * ansible_user is a reserved variable, seems to be causing issues. * _ansible_ANYTHING is reserved, using _install_username instead. * python_boto role also needs the username set in the calling role. * Updating python_boto docs. * Making profile.d loading more robust. * Also pip removing ansible-core and trying with pip and pip3 to cover all bases. * Updating bad AWS SG role var namespacing in other roles. * Refactoring how we handle python3-pip. * Allow passing in of the Python interpreter to Ansible. * Updating the packages server for CE. * Installing Ansible in a venv on all machines. * Changing common_base format for readability. * No need to specify Python to the point release. * Docs update. * Fixing LDAP SSL to use systemd timer. * Allowing different systemd timer names for different Ansible installs. * Fixing dynamic key name in ansible role. * Trying to debug missing timer_command var. * Treating the timer string so it becomes a dict. * Moving default log location for clamav. * Updating ClamAV docs. * Grouping systemd timer tasks together. * Exposing ce-provision version in build output. * Wrong variable in meta role for controller username. * Removing any reference to _aws variables in debian role defaults. * Setting more sane ASG defaults. * Making ClamAV timers a list so they can be entirely replaced.
Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
* Setting-up-proxy-vhost * Setting-up-proxy-vhost-2
* New-version-of-aws-acl-role * Fixing-jinja-linting --------- Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
* Improving AWS subnet docs. * Error in timers structure in the SSL role. * Removing obsolete backports requirements. * Allow the billing role to access Sustainability information. * Missing comma in IAM billing policy. * Removing broken GitLab Runner code. * Fixed the include_role task in gitlab_runner. * Suppressing a failure if there is no system pip to call. * Logic error in Ansible installer username, needs to be set from calling role. * ansible_user is a reserved variable, seems to be causing issues. * _ansible_ANYTHING is reserved, using _install_username instead. * python_boto role also needs the username set in the calling role. * Updating python_boto docs. * Making profile.d loading more robust. * Also pip removing ansible-core and trying with pip and pip3 to cover all bases. * Updating bad AWS SG role var namespacing in other roles. * Refactoring how we handle python3-pip. * Allow passing in of the Python interpreter to Ansible. * Updating the packages server for CE. * Installing Ansible in a venv on all machines. * Changing common_base format for readability. * No need to specify Python to the point release. * Docs update. * Fixing LDAP SSL to use systemd timer. * Allowing different systemd timer names for different Ansible installs. * Fixing dynamic key name in ansible role. * Trying to debug missing timer_command var. * Treating the timer string so it becomes a dict. * Moving default log location for clamav. * Updating ClamAV docs. * Grouping systemd timer tasks together. * Exposing ce-provision version in build output. * Wrong variable in meta role for controller username. * Removing any reference to _aws variables in debian role defaults. * Setting more sane ASG defaults. * Making ClamAV timers a list so they can be entirely replaced. * Spacing fix for linting. * Renaming npm module.
Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
* Adding lock file behaviour to ce-provision. * Updating documentation. * Adding extra lock file handling for ASG EC2 machines. * Moving lock file paths to variables. * Adding docs about connection management. * Fixing placement of lock files on ASGs. * Removing the 'Remove lock file' task for ASGs as it is doomed to fail (machine is gone). * Adding in a lock file removal if we do not replace the ASG.
* Improving AWS subnet docs. * Error in timers structure in the SSL role. * Removing obsolete backports requirements. * Allow the billing role to access Sustainability information. * Missing comma in IAM billing policy. * Removing broken GitLab Runner code. * Fixed the include_role task in gitlab_runner. * Suppressing a failure if there is no system pip to call. * Logic error in Ansible installer username, needs to be set from calling role. * ansible_user is a reserved variable, seems to be causing issues. * _ansible_ANYTHING is reserved, using _install_username instead. * python_boto role also needs the username set in the calling role. * Updating python_boto docs. * Making profile.d loading more robust. * Also pip removing ansible-core and trying with pip and pip3 to cover all bases. * Updating bad AWS SG role var namespacing in other roles. * Refactoring how we handle python3-pip. * Allow passing in of the Python interpreter to Ansible. * Updating the packages server for CE. * Installing Ansible in a venv on all machines. * Changing common_base format for readability. * No need to specify Python to the point release. * Docs update. * Fixing LDAP SSL to use systemd timer. * Allowing different systemd timer names for different Ansible installs. * Fixing dynamic key name in ansible role. * Trying to debug missing timer_command var. * Treating the timer string so it becomes a dict. * Moving default log location for clamav. * Updating ClamAV docs. * Grouping systemd timer tasks together. * Exposing ce-provision version in build output. * Wrong variable in meta role for controller username. * Removing any reference to _aws variables in debian role defaults. * Setting more sane ASG defaults. * Making ClamAV timers a list so they can be entirely replaced. * Spacing fix for linting. * Renaming npm module. * Removing NGINX installation as part of phpMyAdmin role by default.
* Adding some inline documentation. * Fixing Postfix template to allow external relays. * Adding a FQDN postfix transport map. * Updating CI to 2.x. * Defending against missing Ansible. * Making the ce-provision-config branch in CI dynamic. * We do not want a 'ce-dev provision' because it breaks our controller. * Reverting 'ce-dev provision' change. * Trying a different ansible_facts var. * Testing using the source branch in ce-dev. * Setting max_childen to an integer to avoid CI issues. * Trying to change the python interpreter used. * Adding platform and cgroup values to ce-dev compose template. * Trying latest ubuntu containers in GitHub Actions. * Fixing the test.sh script to work with venvs. * Documentation for PHP in CI. * Adding GitLab test back in. * Fixing role namespaces. * Minor bug fixes to ce-provision installer. * Testing installing ce-provision in the GitHub Actions container directly. * Using the submitted install script as well. * Trying as runner user. * Trying to use the ce-dev base container. * Updating key name. * Suppressing systemd actions in Docker. * Seems Ansible flags have changed. * Still trying to get --extra-vars right! * Catching Ansible Galaxy upgrade timers for docker containers. * Trying to force --roles-path for Galaxy. * Trying different quotes. * Missed a line. * Trying a different approach to passing vars. * Adding some debug. * Running ce-python debug first. * Trying moving to the ce-provision directory. * Checking the specific path to galaxy roles in ce-provision. * Trying as controller user again. * Trying to make the roles dir. * Being consistent about paths in bash. * Removing debug lines for now. * Allowing script to skip iptables. * Misnamed flag. * Adding user_provision role to configure controller user. * Wrapping cleanup so it doesn't break GitHub Actions. * Completing variables for user_provisin. * Missed the sudoers var. * Quoting vars. * GitLab installer needs _domain_name. * Logic error in clean-up script. * Fixing paths to ce-provision in container. * Trying to fix CI perms issues. * Git dubious ownership error. * Git dubious ownership error. * Running the web server test as the controller user. * Missed a controller var. * Commenting out the CE container to test. * Adding a separate step for Git actions. * Need sudo for Ubuntu. * Using a volume to persist data between steps. * Adding debug commands to test volumes. * Tweaking volumes. * Adding the checkout command back in. * Trying a different approach. * ls command looks good, so putting web build back in. * More Ansible Galaxy debug. * Trying to make ansible-galaxy detect installed roles. * Run galaxy command as controller. * Trying galaxy command and cd wrapped in su. * Specifically checking the contents of galaxy/roles. * Trying a double-tap install process. * Quick refactor and debug of SSH. * Adding OpenSSH server package. * Checking for a firewall. * Checking listening packages. * Starting SSHD especially. * Starting SSHD without systemd. * Pre-empting config a bit more. * More galaxy path debug. * Running a find to see if we can find the missing roles. * More verbosity. * Checking for missing requirements file. * Removing eroneous when clause. * Tidying up redundant debug lines. * Creating a separate ci.yml play targeting localhost. * Making sure sshd is running. * Tidying up GitLab CI file and installing SSHD. * Installing SSHD as a separate step. * SSHD already installed, starting it instead. * Don't create systemd timers in containers. * Preparing a test GitLab build. * Making builds nightly and fixing GitLab role bug. * Ensuring is_local var exists and making lock behaviour optional. * Fixing location and owner of Blackfire config so it is configurable. * Documentation update. * Removing all is defined checks for is_local since it is now always defined. * Letting GitLab know it's on Docker earlier. * Trying to run runsvdir-start to avoid container freezing. * Temporarily skipping reconfigure of GitLab to test the rest. * Trying to move GitLab reconfigure commands to CI. * Fixing service namespace for runner and reinstating GitLab tasks. * Trying to get config script working for GitLab in CI. * No systemd, do not try to restart gitlab-runner. * Removing firewall role from CI GitLab test, don't need it and it breaks CI. * Outputting PostGreSQL logs to see if there are errors. * Outputting PostGreSQL logs to see if there are errors. * Trying the config script for GitLab again. * Suppressing extra GitLab config for CI runs. * Setting Blackfire CLI defaults to use ce-dev user. * Improving GitLab vars and adding force stop feature. * Not installed aws_credentials in meta roles if AWS support disabled. * Most people will not want pam_ldap or pam_linotp, should not be in meta. * If you don't create LDAP SSL certs you might not have a /etc/ldap directory. * Adding a merge of the main branch into the docs branch to CI. * Adding comment to not use hyphens in boto profile names. * Supporting different key types to publish to AWS. * Adding a git fetch before the merge in docs publishing. * Using the safer _ce_provision_username var in AWS key role. * Adding the --allow-unrelated-histories flag to git merge in CI. * Commenting out some of the AWS ACL rulesets to leave them as examples. * Trying to pull the docs branch to ensure it is up to date. * Adding keyserver.ubuntu.com to the key servers we publish to by default in gpg_key. * CI updates and improving SOPS role. * Swapping hard coded branch names for vars in CI. * Giving up on merging 2.x - will have to try another approach. * Change of approach to Packer plugin management. * Renaming task. * Reorganising the GitLab Runner role into blocks.
* Updating-nodejs * Updating-nodejs * Fixing-linting * Missing-variables-fix-nodejx * Working-on-nodejs * Pushing-nodejs-versioning * Polishing-nodejs-setup * Fixing-linting * Updating-nodejs-install-task
* Fixing-unattended-upgrades * Fixing-linting
* Adding a FQDN postfix transport map. * Updating CI to 2.x. * Defending against missing Ansible. * Making the ce-provision-config branch in CI dynamic. * We do not want a 'ce-dev provision' because it breaks our controller. * Reverting 'ce-dev provision' change. * Trying a different ansible_facts var. * Testing using the source branch in ce-dev. * Setting max_childen to an integer to avoid CI issues. * Trying to change the python interpreter used. * Adding platform and cgroup values to ce-dev compose template. * Trying latest ubuntu containers in GitHub Actions. * Fixing the test.sh script to work with venvs. * Documentation for PHP in CI. * Adding GitLab test back in. * Fixing role namespaces. * Minor bug fixes to ce-provision installer. * Testing installing ce-provision in the GitHub Actions container directly. * Using the submitted install script as well. * Trying as runner user. * Trying to use the ce-dev base container. * Updating key name. * Suppressing systemd actions in Docker. * Seems Ansible flags have changed. * Still trying to get --extra-vars right! * Catching Ansible Galaxy upgrade timers for docker containers. * Trying to force --roles-path for Galaxy. * Trying different quotes. * Missed a line. * Trying a different approach to passing vars. * Adding some debug. * Running ce-python debug first. * Trying moving to the ce-provision directory. * Checking the specific path to galaxy roles in ce-provision. * Trying as controller user again. * Trying to make the roles dir. * Being consistent about paths in bash. * Removing debug lines for now. * Allowing script to skip iptables. * Misnamed flag. * Adding user_provision role to configure controller user. * Wrapping cleanup so it doesn't break GitHub Actions. * Completing variables for user_provisin. * Missed the sudoers var. * Quoting vars. * GitLab installer needs _domain_name. * Logic error in clean-up script. * Fixing paths to ce-provision in container. * Trying to fix CI perms issues. * Git dubious ownership error. * Git dubious ownership error. * Running the web server test as the controller user. * Missed a controller var. * Commenting out the CE container to test. * Adding a separate step for Git actions. * Need sudo for Ubuntu. * Using a volume to persist data between steps. * Adding debug commands to test volumes. * Tweaking volumes. * Adding the checkout command back in. * Trying a different approach. * ls command looks good, so putting web build back in. * More Ansible Galaxy debug. * Trying to make ansible-galaxy detect installed roles. * Run galaxy command as controller. * Trying galaxy command and cd wrapped in su. * Specifically checking the contents of galaxy/roles. * Trying a double-tap install process. * Quick refactor and debug of SSH. * Adding OpenSSH server package. * Checking for a firewall. * Checking listening packages. * Starting SSHD especially. * Starting SSHD without systemd. * Pre-empting config a bit more. * More galaxy path debug. * Running a find to see if we can find the missing roles. * More verbosity. * Checking for missing requirements file. * Removing eroneous when clause. * Tidying up redundant debug lines. * Creating a separate ci.yml play targeting localhost. * Making sure sshd is running. * Tidying up GitLab CI file and installing SSHD. * Installing SSHD as a separate step. * SSHD already installed, starting it instead. * Don't create systemd timers in containers. * Preparing a test GitLab build. * Making builds nightly and fixing GitLab role bug. * Ensuring is_local var exists and making lock behaviour optional. * Fixing location and owner of Blackfire config so it is configurable. * Documentation update. * Removing all is defined checks for is_local since it is now always defined. * Letting GitLab know it's on Docker earlier. * Trying to run runsvdir-start to avoid container freezing. * Temporarily skipping reconfigure of GitLab to test the rest. * Trying to move GitLab reconfigure commands to CI. * Fixing service namespace for runner and reinstating GitLab tasks. * Trying to get config script working for GitLab in CI. * No systemd, do not try to restart gitlab-runner. * Removing firewall role from CI GitLab test, don't need it and it breaks CI. * Outputting PostGreSQL logs to see if there are errors. * Outputting PostGreSQL logs to see if there are errors. * Trying the config script for GitLab again. * Suppressing extra GitLab config for CI runs. * Setting Blackfire CLI defaults to use ce-dev user. * Improving GitLab vars and adding force stop feature. * Not installed aws_credentials in meta roles if AWS support disabled. * Most people will not want pam_ldap or pam_linotp, should not be in meta. * If you don't create LDAP SSL certs you might not have a /etc/ldap directory. * Adding a merge of the main branch into the docs branch to CI. * Adding comment to not use hyphens in boto profile names. * Supporting different key types to publish to AWS. * Adding a git fetch before the merge in docs publishing. * Using the safer _ce_provision_username var in AWS key role. * Adding the --allow-unrelated-histories flag to git merge in CI. * Commenting out some of the AWS ACL rulesets to leave them as examples. * Trying to pull the docs branch to ensure it is up to date. * Adding keyserver.ubuntu.com to the key servers we publish to by default in gpg_key. * CI updates and improving SOPS role. * Swapping hard coded branch names for vars in CI. * Giving up on merging 2.x - will have to try another approach. * Change of approach to Packer plugin management. * Renaming task. * Reorganising the GitLab Runner role into blocks. * Updating amazon.aws collection for Ansible.
#2250) * Allowing more flexible definition of sudo privileges via user_ansible. * Fixing ce-deploy example.
* Updating CI to 2.x. * Defending against missing Ansible. * Making the ce-provision-config branch in CI dynamic. * We do not want a 'ce-dev provision' because it breaks our controller. * Reverting 'ce-dev provision' change. * Trying a different ansible_facts var. * Testing using the source branch in ce-dev. * Setting max_childen to an integer to avoid CI issues. * Trying to change the python interpreter used. * Adding platform and cgroup values to ce-dev compose template. * Trying latest ubuntu containers in GitHub Actions. * Fixing the test.sh script to work with venvs. * Documentation for PHP in CI. * Adding GitLab test back in. * Fixing role namespaces. * Minor bug fixes to ce-provision installer. * Testing installing ce-provision in the GitHub Actions container directly. * Using the submitted install script as well. * Trying as runner user. * Trying to use the ce-dev base container. * Updating key name. * Suppressing systemd actions in Docker. * Seems Ansible flags have changed. * Still trying to get --extra-vars right! * Catching Ansible Galaxy upgrade timers for docker containers. * Trying to force --roles-path for Galaxy. * Trying different quotes. * Missed a line. * Trying a different approach to passing vars. * Adding some debug. * Running ce-python debug first. * Trying moving to the ce-provision directory. * Checking the specific path to galaxy roles in ce-provision. * Trying as controller user again. * Trying to make the roles dir. * Being consistent about paths in bash. * Removing debug lines for now. * Allowing script to skip iptables. * Misnamed flag. * Adding user_provision role to configure controller user. * Wrapping cleanup so it doesn't break GitHub Actions. * Completing variables for user_provisin. * Missed the sudoers var. * Quoting vars. * GitLab installer needs _domain_name. * Logic error in clean-up script. * Fixing paths to ce-provision in container. * Trying to fix CI perms issues. * Git dubious ownership error. * Git dubious ownership error. * Running the web server test as the controller user. * Missed a controller var. * Commenting out the CE container to test. * Adding a separate step for Git actions. * Need sudo for Ubuntu. * Using a volume to persist data between steps. * Adding debug commands to test volumes. * Tweaking volumes. * Adding the checkout command back in. * Trying a different approach. * ls command looks good, so putting web build back in. * More Ansible Galaxy debug. * Trying to make ansible-galaxy detect installed roles. * Run galaxy command as controller. * Trying galaxy command and cd wrapped in su. * Specifically checking the contents of galaxy/roles. * Trying a double-tap install process. * Quick refactor and debug of SSH. * Adding OpenSSH server package. * Checking for a firewall. * Checking listening packages. * Starting SSHD especially. * Starting SSHD without systemd. * Pre-empting config a bit more. * More galaxy path debug. * Running a find to see if we can find the missing roles. * More verbosity. * Checking for missing requirements file. * Removing eroneous when clause. * Tidying up redundant debug lines. * Creating a separate ci.yml play targeting localhost. * Making sure sshd is running. * Tidying up GitLab CI file and installing SSHD. * Installing SSHD as a separate step. * SSHD already installed, starting it instead. * Don't create systemd timers in containers. * Preparing a test GitLab build. * Making builds nightly and fixing GitLab role bug. * Ensuring is_local var exists and making lock behaviour optional. * Fixing location and owner of Blackfire config so it is configurable. * Documentation update. * Removing all is defined checks for is_local since it is now always defined. * Letting GitLab know it's on Docker earlier. * Trying to run runsvdir-start to avoid container freezing. * Temporarily skipping reconfigure of GitLab to test the rest. * Trying to move GitLab reconfigure commands to CI. * Fixing service namespace for runner and reinstating GitLab tasks. * Trying to get config script working for GitLab in CI. * No systemd, do not try to restart gitlab-runner. * Removing firewall role from CI GitLab test, don't need it and it breaks CI. * Outputting PostGreSQL logs to see if there are errors. * Outputting PostGreSQL logs to see if there are errors. * Trying the config script for GitLab again. * Suppressing extra GitLab config for CI runs. * Setting Blackfire CLI defaults to use ce-dev user. * Improving GitLab vars and adding force stop feature. * Not installed aws_credentials in meta roles if AWS support disabled. * Most people will not want pam_ldap or pam_linotp, should not be in meta. * If you don't create LDAP SSL certs you might not have a /etc/ldap directory. * Adding a merge of the main branch into the docs branch to CI. * Adding comment to not use hyphens in boto profile names. * Supporting different key types to publish to AWS. * Adding a git fetch before the merge in docs publishing. * Using the safer _ce_provision_username var in AWS key role. * Adding the --allow-unrelated-histories flag to git merge in CI. * Commenting out some of the AWS ACL rulesets to leave them as examples. * Trying to pull the docs branch to ensure it is up to date. * Adding keyserver.ubuntu.com to the key servers we publish to by default in gpg_key. * CI updates and improving SOPS role. * Swapping hard coded branch names for vars in CI. * Giving up on merging 2.x - will have to try another approach. * Change of approach to Packer plugin management. * Renaming task. * Reorganising the GitLab Runner role into blocks. * Updating amazon.aws collection for Ansible. * Merging 2.x. * Adding a generic launcher playbook. * Updating default branch names to 'main'. * Adding code to launcher playbook that adds new server to hosts.yml. * Adding hosts.yml file handling to launcher.
* Making the ce-provision-config branch in CI dynamic. * We do not want a 'ce-dev provision' because it breaks our controller. * Reverting 'ce-dev provision' change. * Trying a different ansible_facts var. * Testing using the source branch in ce-dev. * Setting max_childen to an integer to avoid CI issues. * Trying to change the python interpreter used. * Adding platform and cgroup values to ce-dev compose template. * Trying latest ubuntu containers in GitHub Actions. * Fixing the test.sh script to work with venvs. * Documentation for PHP in CI. * Adding GitLab test back in. * Fixing role namespaces. * Minor bug fixes to ce-provision installer. * Testing installing ce-provision in the GitHub Actions container directly. * Using the submitted install script as well. * Trying as runner user. * Trying to use the ce-dev base container. * Updating key name. * Suppressing systemd actions in Docker. * Seems Ansible flags have changed. * Still trying to get --extra-vars right! * Catching Ansible Galaxy upgrade timers for docker containers. * Trying to force --roles-path for Galaxy. * Trying different quotes. * Missed a line. * Trying a different approach to passing vars. * Adding some debug. * Running ce-python debug first. * Trying moving to the ce-provision directory. * Checking the specific path to galaxy roles in ce-provision. * Trying as controller user again. * Trying to make the roles dir. * Being consistent about paths in bash. * Removing debug lines for now. * Allowing script to skip iptables. * Misnamed flag. * Adding user_provision role to configure controller user. * Wrapping cleanup so it doesn't break GitHub Actions. * Completing variables for user_provisin. * Missed the sudoers var. * Quoting vars. * GitLab installer needs _domain_name. * Logic error in clean-up script. * Fixing paths to ce-provision in container. * Trying to fix CI perms issues. * Git dubious ownership error. * Git dubious ownership error. * Running the web server test as the controller user. * Missed a controller var. * Commenting out the CE container to test. * Adding a separate step for Git actions. * Need sudo for Ubuntu. * Using a volume to persist data between steps. * Adding debug commands to test volumes. * Tweaking volumes. * Adding the checkout command back in. * Trying a different approach. * ls command looks good, so putting web build back in. * More Ansible Galaxy debug. * Trying to make ansible-galaxy detect installed roles. * Run galaxy command as controller. * Trying galaxy command and cd wrapped in su. * Specifically checking the contents of galaxy/roles. * Trying a double-tap install process. * Quick refactor and debug of SSH. * Adding OpenSSH server package. * Checking for a firewall. * Checking listening packages. * Starting SSHD especially. * Starting SSHD without systemd. * Pre-empting config a bit more. * More galaxy path debug. * Running a find to see if we can find the missing roles. * More verbosity. * Checking for missing requirements file. * Removing eroneous when clause. * Tidying up redundant debug lines. * Creating a separate ci.yml play targeting localhost. * Making sure sshd is running. * Tidying up GitLab CI file and installing SSHD. * Installing SSHD as a separate step. * SSHD already installed, starting it instead. * Don't create systemd timers in containers. * Preparing a test GitLab build. * Making builds nightly and fixing GitLab role bug. * Ensuring is_local var exists and making lock behaviour optional. * Fixing location and owner of Blackfire config so it is configurable. * Documentation update. * Removing all is defined checks for is_local since it is now always defined. * Letting GitLab know it's on Docker earlier. * Trying to run runsvdir-start to avoid container freezing. * Temporarily skipping reconfigure of GitLab to test the rest. * Trying to move GitLab reconfigure commands to CI. * Fixing service namespace for runner and reinstating GitLab tasks. * Trying to get config script working for GitLab in CI. * No systemd, do not try to restart gitlab-runner. * Removing firewall role from CI GitLab test, don't need it and it breaks CI. * Outputting PostGreSQL logs to see if there are errors. * Outputting PostGreSQL logs to see if there are errors. * Trying the config script for GitLab again. * Suppressing extra GitLab config for CI runs. * Setting Blackfire CLI defaults to use ce-dev user. * Improving GitLab vars and adding force stop feature. * Not installed aws_credentials in meta roles if AWS support disabled. * Most people will not want pam_ldap or pam_linotp, should not be in meta. * If you don't create LDAP SSL certs you might not have a /etc/ldap directory. * Adding a merge of the main branch into the docs branch to CI. * Adding comment to not use hyphens in boto profile names. * Supporting different key types to publish to AWS. * Adding a git fetch before the merge in docs publishing. * Using the safer _ce_provision_username var in AWS key role. * Adding the --allow-unrelated-histories flag to git merge in CI. * Commenting out some of the AWS ACL rulesets to leave them as examples. * Trying to pull the docs branch to ensure it is up to date. * Adding keyserver.ubuntu.com to the key servers we publish to by default in gpg_key. * CI updates and improving SOPS role. * Swapping hard coded branch names for vars in CI. * Giving up on merging 2.x - will have to try another approach. * Change of approach to Packer plugin management. * Renaming task. * Reorganising the GitLab Runner role into blocks. * Updating amazon.aws collection for Ansible. * Merging 2.x. * Adding a generic launcher playbook. * Updating default branch names to 'main'. * Adding code to launcher playbook that adds new server to hosts.yml. * Adding hosts.yml file handling to launcher. * Fixing installer failure.
* Added more generic firewall rules that might be useful. * Added an update step to the installer. * Providing some default playbooks people can use in ce-provision. * Slight docs tweak for showtime! * Modernising hostname handling to use systemd. * Switching default key type to ED25519 because it is supported by both Debian and GitLab. * Switching to ED25519 SSH keys and adding hostname and hosts handling to installer. * Adding iproute2 package so hosts role works. * Also need an apt-get update in CI. * Change of plan, stop hosts running in containers. * Small inline docs change. * Providing sane defaults for VPC security groups. * Making key name dynamic in the installer. * Error in variable namespace. * Adding GPG and SOPS to installer.
* ldap ca certificate refactor * small spacing fix * fixing system ca path to not depend on defined ssl cert * fixing ldap ssl cert path to not depend on defined ssl cert * adding lenght requirement so an emtpy string is not true * fix for jinja template * adjusting use ldap system ca variable * fixing small syntax --------- Co-authored-by: filip <filip.rupic@codeenigma.com>
* Added more generic firewall rules that might be useful. * Added an update step to the installer. * Providing some default playbooks people can use in ce-provision. * Slight docs tweak for showtime! * Modernising hostname handling to use systemd. * Switching default key type to ED25519 because it is supported by both Debian and GitLab. * Switching to ED25519 SSH keys and adding hostname and hosts handling to installer. * Adding iproute2 package so hosts role works. * Also need an apt-get update in CI. * Change of plan, stop hosts running in containers. * Small inline docs change. * Providing sane defaults for VPC security groups. * Making key name dynamic in the installer. * Error in variable namespace. * Adding GPG and SOPS to installer. * The GPG role should make sure GPG is installed! * Enforcing correct working directory when installing Galaxy roles and collections. * Indentation fix.
* Added more generic firewall rules that might be useful. * Added an update step to the installer. * Providing some default playbooks people can use in ce-provision. * Slight docs tweak for showtime! * Modernising hostname handling to use systemd. * Switching default key type to ED25519 because it is supported by both Debian and GitLab. * Switching to ED25519 SSH keys and adding hostname and hosts handling to installer. * Adding iproute2 package so hosts role works. * Also need an apt-get update in CI. * Change of plan, stop hosts running in containers. * Small inline docs change. * Providing sane defaults for VPC security groups. * Making key name dynamic in the installer. * Error in variable namespace. * Adding GPG and SOPS to installer. * The GPG role should make sure GPG is installed! * Enforcing correct working directory when installing Galaxy roles and collections. * Indentation fix. * Ensuring controller user is used when delegating back to localhost. * Adding missing become parameters. * Adding the acl Debian package to the installer. * Removing unnecessary become_user parameters where it breaks CI. * Providing a README file for the launcher playbook.
* Allowing openvpn role to set up a client config location. * Refactoring openvpn role into blocks and creating client config directory. * Removing MIT GPG server from defaults.
* Allowing openvpn role to set up a client config location. * Refactoring openvpn role into blocks and creating client config directory. * Removing MIT GPG server from defaults. * We will need to delete default push routes if client config provides them.
* The mysql_client role assumes the deploy user exists, so it should depend on user_deploy. * Fixing pre-push git hooks.
* The mysql_client role assumes the deploy user exists, so it should depend on user_deploy. * Fixing pre-push git hooks. * Trying to fix ACL linting issue.
* Updating-haymarket-drupal-common * Fixing-j2-spaces-drupal-common
* The mysql_client role assumes the deploy user exists, so it should depend on user_deploy. * Fixing pre-push git hooks. * Trying to fix ACL linting issue. * Adding default portpathwhitelist variable to rkhunter. * Accidentally doubled up on when clauses. * Adding another when to rkhunter tasks for when no port paths or scripts are defined.
…le-install-PR-devel-2.x
…le-install-PR-devel-2.x
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.