Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2021-03-31 | fix: typo in README | Lars Wirzenius | 1 | -1/+1 | |
2020-11-08 | feat(unix_users): allow a user to be added to extra groups | Lars Wirzenius | 4 | -3/+28 | |
2020-11-08 | fix(subplot/qemumgr.py): use known hosts file to avoid warning | Lars Wirzenius | 1 | -3/+5 | |
"Host key added" warning was always happening in the ssh output, and it's annoying. This avoids it. | |||||
2020-11-04 | feat! make all sane_debian_system variables be prefixed properly | Lars Wirzenius | 6 | -36/+27 | |
This is a breaking change. | |||||
2020-11-01 | fix(subplot/runcmd.py): fix runcmd_run to accept an env argument | Lars Wirzenius | 1 | -0/+4 | |
2020-11-01 | chore: update vendored copy of runcmd.py from Subplot | Lars Wirzenius | 2 | -81/+247 | |
2020-11-01 | sane_debian_system: check that debian_codename is set | Lars Wirzenius | 3 | -2/+40 | |
2020-10-21 | unix_users: drop obsolete authkeys_dir variable, bump version | Lars Wirzenius | 3 | -27/+32 | |
Also, document the variables in the subplot. | |||||
2020-10-21 | doc: all roles | Lars Wirzenius | 4 | -3/+29 | |
2020-10-18 | fix(sane_debian_system): set hostname via Ansible | Lars Wirzenius | 4 | -12/+25 | |
2020-10-11 | fix: syntax non-error | Lars Wirzenius | 1 | -1/+1 | |
2020-10-10 | test(sane_debian_system): add subplot scenarios | Lars Wirzenius | 6 | -1/+78 | |
2020-10-10 | fix(subplot/subplot.py): handle an unspecified vars file correctly | Lars Wirzenius | 1 | -1/+1 | |
Previously we created a file with a list, when it needs to be a dict. | |||||
2020-10-10 | doc: add instructions for using | Lars Wirzenius | 2 | -1/+23 | |
2020-10-10 | feat(unix_users): user MUST declare compat version they want | Lars Wirzenius | 3 | -0/+13 | |
2020-10-10 | test(unix_users): verify setting authorized_keys | Lars Wirzenius | 3 | -1/+16 | |
2020-10-10 | test(unix_users): set encrypted password for users | Lars Wirzenius | 3 | -0/+16 | |
2020-10-10 | feat: verify unix_users can set shell | Lars Wirzenius | 3 | -1/+20 | |
2020-10-10 | test: make test configurable | Lars Wirzenius | 5 | -34/+25 | |
Create test.cfg in the source tree for this. Currently, ./check does that with hardcoded values. I may change that later if need be, but this is simple for now. | |||||
2020-10-10 | fix: unix_users scenario verifies user doesn't exist before creating | Lars Wirzenius | 3 | -0/+11 | |
2020-10-10 | fix: shebang in ./check | Lars Wirzenius | 1 | -1/+1 | |
2020-10-07 | fix: use a random port for Qemu client | Lars Wirzenius | 2 | -3/+9 | |
2020-10-06 | test: add a subplot to verify the roles work | Lars Wirzenius | 16 | -0/+703 | |
2020-09-08 | fix(sane_debian_system): install sudo | Lars Wirzenius | 1 | -0/+4 | |
2020-09-08 | fix(apache_server: allow apache2 restarting to fail | Lars Wirzenius | 1 | -1/+2 | |
2019-10-02 | Fix: don't fail when apache can't be started | Lars Wirzenius | 1 | -1/+2 | |
This happens on first run, since apache want to use a cert that hasn't been created yet. | |||||
2019-10-02 | Change: allow setting Debian release from which certbot is installed | Lars Wirzenius | 2 | -1/+4 | |
2019-09-29 | Change: don't terminate even if certbot fails | Lars Wirzenius | 1 | -1/+1 | |
Need to restart apache back up again. | |||||
2019-09-29 | Change: order of installing haproxy, running certbot | Lars Wirzenius | 1 | -6/+6 | |
For freshly installed systems so the first run doesn't fail. | |||||
2019-05-19 | Fix: add newline to end of /etc/cron.d/deploy_static_site_certs | Lars Wirzenius | 1 | -1/+2 | |
2019-05-19 | Fix: how we check that haproxy_domain is set | Lars Wirzenius | 1 | -14/+11 | |
2019-02-25 | Change: use apt with list of packages, intead of looping | Lars Wirzenius | 3 | -6/+3 | |
2019-02-16 | Refactor: install daily cron job, then invoke it, instead of inline | Lars Wirzenius | 1 | -14/+14 | |
2019-01-24 | Change: add cron job to run deploy_static_site_certs | Lars Wirzenius | 1 | -0/+10 | |
2019-01-06 | Fix: restart haproxy after Let's Encrypt certifiacte is renewed | Lars Wirzenius | 1 | -0/+1 | |
2019-01-06 | Change: default Debian mirror | Lars Wirzenius | 1 | -1/+1 | |
2018-11-06 | Fix: recreate haproxy.pem in cron job | Lars Wirzenius | 1 | -0/+11 | |
haproxy wants a haproxy.pem that is the catenation of letsencrypt's fullchain.pem and privkey.pem. It's created by the Ansible playbook, but if you don't run Ansible for three months, the cert will expire. Add a daily cron job that recreates haproxy.pem every day. This might be doable using a certbot haproxy plugin, but I can't be arsed to find out. Don't understand why letsencrypt doesn't just create such a file by default, or why haproxy wants such a file. | |||||
2018-08-07 | Add: check that letsencrypt_email is set | Lars Wirzenius | 1 | -2/+12 | |
2018-08-07 | Add: haproxy role | Lars Wirzenius | 4 | -0/+146 | |
2018-07-30 | Fix: well-known dir for certbot | Lars Wirzenius | 1 | -1/+1 | |
2018-07-03 | Change: stop Apache while running certbot | Lars Wirzenius | 1 | -0/+2 | |
The certbot apache support is not currently working in Debian, so this is a workaround. Not ideal, but good enough for me. | |||||
2018-07-03 | Change: let user group Let's Encrypt certs | Lars Wirzenius | 3 | -48/+65 | |
2018-06-19 | Change: support static website aliases for letsenrypt | Lars Wirzenius | 2 | -15/+17 | |
2018-05-30 | Fix: drop jinja2 templating from a "when:" | Lars Wirzenius | 1 | -1/+1 | |
2018-05-30 | Fix: allow access via HTTP when no HTTPS is to be required | Lars Wirzenius | 1 | -0/+1 | |
2018-05-22 | Merge branch 'liw/le' | Lars Wirzenius | 4 | -4/+121 | |
2018-05-22 | Fix: enable apache ssl module only after configs | Lars Wirzenius | 1 | -8/+8 | |
2018-05-18 | Change: allow .well-known dir be outside webroot | Lars Wirzenius | 3 | -9/+18 | |
2018-05-18 | Fix: don't run things that require letencrypt vars, unlss desired | Lars Wirzenius | 1 | -0/+3 | |
2018-05-18 | Change: don't use Let's Encrypt certificates by default | Lars Wirzenius | 1 | -1/+1 | |