Commit graph

124 commits

Author SHA1 Message Date
Alexander Dietrich 77d88b0290 nginx: add security-related headers 2018-11-16 22:34:59 +01:00
Alexander Dietrich 920dee9057 Update hopglass-frontend site template 2018-11-10 14:39:10 +01:00
Alexander Dietrich b3d0c76949 Update website/meta role 2018-11-10 00:48:06 +01:00
Alexander Dietrich e8b7f0c6da Update website/media role 2018-11-10 00:45:19 +01:00
Alexander Dietrich 4b39d2a02c Update website/updates role 2018-11-10 00:32:31 +01:00
Alexander Dietrich 9e576edab6 Remove website/ffnord role 2018-11-10 00:20:18 +01:00
Alexander Dietrich c59549b709 Remove website/includes 2018-11-10 00:20:18 +01:00
Alexander Dietrich 7956d09b3e New nginx role 2018-11-10 00:20:18 +01:00
Alexander Dietrich 71caecc508 Check for certbot-auto before downloading 2018-11-10 00:20:18 +01:00
Alexander Dietrich 8766f7b48c hopglass-frontend: add nginx dependency, update attribution URLs 2018-11-10 00:19:54 +01:00
Alexander Dietrich 559562cdf2 Add Stamen.TonerLite to hopglass-frontend 2018-11-09 21:51:54 +01:00
Alexander Dietrich 3f48fa7972 Update hopglass-frontend server name 2018-11-05 21:30:34 +01:00
Alexander Dietrich 92ed3f25ed Update apt parameters for Ansible 2.7 2018-11-05 21:30:09 +01:00
Alexander Dietrich 2508e60dc4 Update basics role to v1.5.0 2018-11-05 21:23:23 +01:00
Alexander Dietrich 66afa8879e Add certbot role 2018-11-03 22:57:35 +01:00
Alexander Dietrich a0da1ff4df Update HopGlass backend URL 2018-11-03 16:24:12 +01:00
Alexander Dietrich bc6edb2ca3 Add hopglass-frontend role 2018-11-03 00:00:16 +01:00
Alexander Dietrich a341ff4260 Update basics submodule to v1.4.2 2018-05-01 14:50:59 +02:00
Alexander Dietrich ef15cb3c6c Add srv02, change autoupdate settings 2018-04-30 22:49:56 +02:00
Alexander Dietrich e42a2ec9bf Update basics role to v1.4.1 2018-04-30 22:48:19 +02:00
Alexander Dietrich 723cd51455 Disable CPU microcode updates for VMs 2018-04-01 12:28:02 +02:00
Alexander Dietrich 60b3cbc5e7 Update basics role to v1.3.1 2018-04-01 12:20:38 +02:00
Alexander Dietrich 26edd061c7 Remove domain split config 2018-04-01 02:21:05 +02:00
Alexander Dietrich 15de2e680e Remove letsrenew role 2018-03-26 22:23:47 +02:00
Alexander Dietrich 1eac320d75 Update updates role 2017-11-04 16:54:59 +01:00
Alexander Dietrich edae4c4089 Update srv01 and srv03 config 2017-10-03 19:31:06 +02:00
Alexander Dietrich 888ebb634f Update updates role for srv01 2017-10-03 17:30:06 +02:00
Alexander Dietrich bba9cb6c17 Move certsync to basics.yml 2017-10-03 17:28:19 +02:00
Alexander Dietrich cee2fde3ac Add letsrenew role 2017-10-03 16:05:22 +02:00
Alexander Dietrich 84799fc22b Remove deploy.sh 2017-09-04 22:53:37 +02:00
Alexander Dietrich 166daf50db Add basics role as submodule 2017-09-04 19:39:32 +02:00
Alexander Dietrich 7119b0f8f5 Add node_hierarchy config to srv03 updates 2017-09-01 21:32:33 +02:00
Alexander Dietrich d24285cfc3 certsync changes
- run weekly
- preserve modification times
- reload nginx conditionally
2017-06-30 22:24:56 +02:00
Alexander Dietrich 42b013c2c1 Update README.md 2017-04-08 13:16:35 +02:00
Alexander Dietrich 4dee59fad1 Add ffhh-basics role 2017-04-08 12:56:53 +02:00
Alexander Dietrich 81ccb6e583 Forward Let's Encrypt challenges for updates from srv03 to srv02 2017-04-07 20:54:58 +02:00
Alexander Dietrich acf416f7ef Externe Rolle "basics" statt "common" 2017-04-01 01:00:07 +02:00
Alexander Dietrich a7e9078453 Lower random sleep interval for unattended upgrades 2017-02-22 20:23:43 +01:00
Alexander Dietrich 0848933f52 Update apt package cache if older than one day 2017-02-22 18:45:20 +01:00
Alexander Dietrich b5b679f42a Remove fallback key exchange algorithm from sshd_config 2017-02-22 16:05:59 +01:00
Alexander Dietrich 54120314b8 Remove location block from listing.conf 2017-02-18 14:57:09 +01:00
Alexander Dietrich 4c41b64426 Change certificate property names for updates 2017-02-18 14:32:05 +01:00
Alexander Dietrich aaebecfc53 Add srv03 2017-02-18 14:29:20 +01:00
Alexander Dietrich ba5a82e1ac Add certsync role 2017-02-18 14:18:39 +01:00
Alexander Dietrich 4958014991 Only install unattended security updates by default 2017-02-15 21:11:35 +01:00
Alexander Dietrich 6606abafbc Add fallback key exchange algorithm to sshd_config 2017-02-14 21:46:14 +01:00
Alexander Dietrich 46b6049ca9 Add website/updates role 2017-02-10 22:51:55 +01:00
Alexander Dietrich 28efaaafdc Update nginx SSL settings, includes 2017-02-10 22:19:12 +01:00
Alexander Dietrich eed7317b0c Update nginx role
- Switch "worker_processes" to "auto"
- Disable "server_tokens" globally
- Change formatting for readability
2017-02-05 16:12:39 +01:00
Alexander Dietrich 9ff6b69b82 Change ntp-server role formatting 2017-02-05 13:47:57 +01:00