path: root/roles
AgeCommit message (Expand)AuthorFilesLines
2020-10-10feat: verify unix_users can set shellLars Wirzenius3-1/+20
2020-10-10fix: unix_users scenario verifies user doesn't exist before creatingLars Wirzenius3-0/+11
2020-10-06test: add a subplot to verify the roles workLars Wirzenius3-0/+28
2020-09-08fix(sane_debian_system): install sudoLars Wirzenius1-0/+4
2020-09-08fix(apache_server: allow apache2 restarting to failLars Wirzenius1-1/+2
2019-10-02Fix: don't fail when apache can't be startedLars Wirzenius1-1/+2
2019-10-02Change: allow setting Debian release from which certbot is installedLars Wirzenius2-1/+4
2019-09-29Change: don't terminate even if certbot failsLars Wirzenius1-1/+1
2019-09-29Change: order of installing haproxy, running certbotLars Wirzenius1-6/+6
2019-05-19Fix: add newline to end of /etc/cron.d/deploy_static_site_certsLars Wirzenius1-1/+2
2019-05-19Fix: how we check that haproxy_domain is setLars Wirzenius1-14/+11
2019-02-25Change: use apt with list of packages, intead of loopingLars Wirzenius3-6/+3
2019-02-16Refactor: install daily cron job, then invoke it, instead of inlineLars Wirzenius1-14/+14
2019-01-24Change: add cron job to run deploy_static_site_certsLars Wirzenius1-0/+10
2019-01-06Fix: restart haproxy after Let's Encrypt certifiacte is renewedLars Wirzenius1-0/+1
2019-01-06Change: default Debian mirrorLars Wirzenius1-1/+1
2018-11-06Fix: recreate haproxy.pem in cron jobLars Wirzenius1-0/+11
2018-08-07Add: check that letsencrypt_email is setLars Wirzenius1-2/+12
2018-08-07Add: haproxy roleLars Wirzenius4-0/+146
2018-07-30Fix: well-known dir for certbotLars Wirzenius1-1/+1
2018-07-03Change: stop Apache while running certbotLars Wirzenius1-0/+2
2018-07-03Change: let user group Let's Encrypt certsLars Wirzenius3-48/+65
2018-06-19Change: support static website aliases for letsenryptLars Wirzenius2-15/+17
2018-05-30Fix: drop jinja2 templating from a "when:"Lars Wirzenius1-1/+1
2018-05-30Fix: allow access via HTTP when no HTTPS is to be requiredLars Wirzenius1-0/+1
2018-05-22Fix: enable apache ssl module only after configsLars Wirzenius1-8/+8
2018-05-18Change: allow .well-known dir be outside webrootLars Wirzenius3-9/+18
2018-05-18Fix: don't run things that require letencrypt vars, unlss desiredLars Wirzenius1-0/+3
2018-05-18Change: don't use Let's Encrypt certificates by defaultLars Wirzenius1-1/+1
2018-05-12Add: support optional Let's Encrypt TLS certs for static web sitesLars Wirzenius4-4/+109
2018-02-25Add: if the initial apt setup, ignore the failureLars Wirzenius1-0/+8
2018-02-25Add: sanity check: is debian_codename set?Lars Wirzenius2-1/+11
2018-02-15Merge branch 'liw/htpasswd'Ivan Dolgov2-2/+20
2018-02-14Change: optionally install a per-site htpasswd fileLars Wirzenius2-2/+20
2018-01-10Change: set debian_codename to a never-valid valueLars Wirzenius1-1/+1
2017-12-16Fix: only set password if one is givenLars Wirzenius1-1/+7
2017-12-13Add: password field for users in unix_usersLars Wirzenius2-0/+5
2017-12-06Add: new way of installined authorized_keysLars Wirzenius1-1/+39
2017-12-06Add: new fields for unix_users list itemsLars Wirzenius1-1/+10
2017-11-15Add: allow overriding AuthConfig in .htaccessLars Wirzenius1-0/+1
2017-10-19Add: in sources_lists signing-key and keyring-package are optionalLars Wirzenius1-0/+2
2017-10-19Fix: don't install -updates/-backports for busterLars Wirzenius1-0/+5
2017-10-14Fix: set ownership, perms for /etc/hostnameLars Wirzenius1-0/+3
2017-10-13Add: install signing key, keyring package via sources_listsLars Wirzenius2-1/+15
2017-08-02Add: git-annex on a gitano serverLars Wirzenius1-0/+4
2017-07-09Add: robots.txt for cgit to exclude everyoneLars Wirzenius3-0/+11
2017-05-08Handle ssh keys as content; restart apache after cgitLars Wirzenius3-3/+11
2017-04-24Disable cgit cachingLars Wirzenius1-2/+2
2017-04-24Rename roles to be more specificLars Wirzenius16-0/+0
2017-04-21Add web_server and git_server rolesLars Wirzenius16-0/+324