db25755b52
reduce banner
2021-01-21 15:12:18 -07:00
d20f9a5e61
fix hardening
2021-01-21 15:05:35 -07:00
a283fd378f
mantis
2021-01-20 17:55:13 -07:00
992f4cddd9
naming consistency
2021-01-20 16:56:01 -07:00
ccebf54810
forgot sigul service
2021-01-19 22:17:01 -07:00
87bd02945a
sigul and koji
2021-01-19 22:05:28 -07:00
1747f1f76e
noggin theme
2021-01-17 23:34:42 -07:00
b032f130b8
merging some internal changes for awx
2021-01-17 20:46:06 -07:00
a3c3ae91d6
ipa changes
2021-01-17 18:49:28 -07:00
dc1f097622
add in binder adhoc
2021-01-17 15:15:39 -07:00
4f1ae71031
getcert
2021-01-17 14:41:18 -07:00
a784cdd6cc
ipa getcert adhoc
2021-01-17 13:04:57 -07:00
608c1e24c8
fixes
2021-01-14 21:28:47 -07:00
a01b607299
ignoring inventories
2021-01-14 21:19:35 -07:00
5b3293c2f5
email uniqueness constraints
2021-01-10 16:47:00 -07:00
852be5c8cd
fixing other bits
2021-01-10 03:22:41 -07:00
31d777eebe
dynamic updates should be true
2021-01-10 03:08:32 -07:00
ad81b58d3c
prepping for AWX future
2021-01-09 21:47:18 -07:00
60580742fc
upcoming bz and account services
2021-01-09 17:49:05 -07:00
8686535611
add support for member managers
2021-01-05 15:51:17 -07:00
80a4efd099
force ipa_admin requirement in some adhoc
2021-01-05 15:24:00 -07:00
9928289f2e
rename to hidden
2021-01-05 14:29:47 -07:00
adfb259cbf
preparing for account services
2021-01-05 14:27:14 -07:00
ca80358b46
ipsilon changes
2021-01-05 13:46:08 -07:00
91caf03464
fix gitignore for vaults
2021-01-04 13:25:16 -07:00
abbfcad909
removing vaults
2021-01-04 13:20:32 -07:00
8a8958b46c
ignoring vaults
2021-01-04 13:19:24 -07:00
786be11457
preparing account services
2021-01-04 12:31:13 -07:00
6c05b159cc
vars for vaults
2021-01-04 12:01:44 -07:00
cdce2cc45e
keytab checks
2021-01-04 01:38:13 -07:00
b60dcb31c4
kojid
2021-01-04 01:25:53 -07:00
96bb3a6b5a
ipa dns recorder
2021-01-03 13:07:12 -07:00
cb69d9eca9
rearranging
2021-01-02 22:20:20 -07:00
b45404cdc2
rearranging
2021-01-02 22:18:47 -07:00
d2dc1bef07
Add missing service account and privs
2021-01-01 20:50:00 -07:00
8e2f81c415
Ansible 2.7+ Best Practices and GetKeyTab Fixes
...
-> Changed specific pieces that are recommended to be changed in Ansible
2.7 and higher (such as using fail_msg and success_msg, not just msg for
assertions
-> Improved the getkeytab adhoc playbook for flexibility and delegations
against a IPA server, as well as forcing the choice of the user with
permissions that can perform the action rather than the default "admin"
user in FreeIPA as a security fix.
2021-01-01 20:14:24 -07:00
17b7ef186e
fixing spacing and tab issues
2020-12-31 20:05:27 -07:00
4ff14a8641
kojihub changes
2020-12-31 14:49:48 -07:00
99e163b220
slurry of changes and fixes
2020-12-30 02:22:58 -07:00
7d8ed3bbe5
adhoc rabbitmq user
2020-12-29 17:03:36 -07:00
b8ea1c51a1
gitlab external database prep
2020-12-28 20:43:17 -07:00
5f2426d840
Add requirements and fix ipa vars
2020-12-27 19:27:45 -07:00
928c944bb4
rabbitmq
2020-12-27 13:04:13 -07:00
ca68f884b7
Updating/Adding rabbitmq vars and playbooks
2020-12-26 20:39:02 -07:00
496e2d208d
Updating/Adding rabbitmq vars and playbooks
2020-12-26 20:36:14 -07:00
6c27e93d7d
add rabbitmq requirement
2020-12-26 09:55:46 -07:00
7bfc3c3b27
Merge pull request #14956 from rocky-linux/develop
...
Holiday End of Development - IPA, Koji, plus other fixes
2020-12-24 10:51:25 -07:00
942da4ce48
quick correction on vars for koji
2020-12-24 10:45:17 -07:00
319584355f
Merge pull request #14955 from samveen/langcheck
...
minor language nits picked
2020-12-24 10:42:52 -07:00
503235ecd3
gitlab ssl changes
2020-12-23 17:02:40 -07:00
83b76d9393
ipa groups
2020-12-23 16:19:28 -07:00
d30b1e6d9a
add a note
2020-12-23 12:25:41 -07:00
fe7fb4bb07
quick fixes
2020-12-23 05:21:01 -07:00
7a010775c9
adding kojihub
2020-12-23 03:52:34 -07:00
8c1a54dafb
Add ipa-getkeytab playbook
2020-12-20 22:45:55 -07:00
4a15dfc093
Adding in missing adhoc playbook
2020-12-20 22:34:55 -07:00
8dc0268a50
IPA Privileges
...
This release adds support for privileges and roles for the initial IPA
team accounts.
2020-12-20 22:05:52 -07:00
a491898f28
staging idea for koji
2020-12-18 15:52:05 -07:00
bae96c0431
Add a section to the repo for architecture ( #14944 )
...
* Proposal for monitoring responsibilities
* added an architecture diagram for Prometheus
* install graphviz
* Only run the diagrams action when someone commits a diagram
* Filled out the architecture README
* Install node Prometheus Node Exporter on all hosts
Co-authored-by: Chris Cowley <chris.cowley@fr.clara.net>
2020-12-18 16:03:49 -05:00
c0c8ea1ec6
fixing spelling errors
2020-12-18 01:17:53 -07:00
239ae1a025
Attempt Lab Rollout
2020-12-18 00:43:21 -07:00
e3b6aa652f
add custom gitlab template
2020-12-18 00:39:37 -07:00
c6323199f4
Infrastructure GitLab Updates
...
In this push, we are making a decent amount of updates to the gitlab
playbooks as well as updating the README. See below for the changes:
* README updated for further clarity
* GitLab role with further reconfiguration for group lookups
* GitLab role with further reconfiguration to disable built-in nginx
* nginx configuration added and provided to work with omnibus
* GitLab variables updated
2020-12-17 23:40:14 -07:00
5383853681
Merge pull request #14947 from nasirhm/add_gitlab_ee_role
...
[init] Initialize Gitlab EE Role
2020-12-17 14:59:12 -07:00
83283fcf4e
🔧 fix LDAP and Domain name
...
Signed-off-by: nasirhm <nasirhussainm14@gmail.com>
2020-12-18 02:47:46 +05:00
309b6739b8
ipsilon missing a few vars
2020-12-16 19:35:30 -07:00
f15a9d3db0
adding gitlab primers with ipa fixes
2020-12-16 19:34:13 -07:00
ec22cb4773
🔧 Fix ansible YAML
...
Signed-off-by: nasirhm <nasirhussainm14@gmail.com>
2020-12-17 01:31:42 +05:00
1ab71a2d4d
repo changes and ipa fqdn notes
2020-12-16 00:09:58 -07:00
8e98dc04e0
Ipsilon Ready
...
This push is here to note that ipsilon is completed and ready to go. The
infrastructure team at some point will need certificates, whether this
is from let's encrypt or otherwise if this service is used.
2020-12-15 20:15:50 -07:00
06f3c0d338
fixing additional errors from testing
2020-12-15 18:26:57 -07:00
8e5cae005d
updating ansible readme for lint
2020-12-15 00:31:41 -07:00
2c398aefc2
minor language nits picked
2020-12-15 10:43:04 +05:30
1811f9343e
make linter happy
2020-12-14 17:52:49 -07:00
08f6ff985b
make linter happy
2020-12-14 17:47:22 -07:00
de05e55cef
IdM and Variable Fixes
...
Identity management Team in their testing found several issues while
testing the playbooks. To ensure they continue working on deployment and
in testing, we have identified and fixed the following issues:
- Inventory variables moved to separate main.yml files were not in yaml
format
- role-rocky-ipa-client.yml was not directly pointing to its
collection/role
- role-rocky-ipa-replica.yml was not directly pointing to its
collection/role
2020-12-14 16:33:16 -07:00
b282c97daa
making sure all systems get the ipa client vars
2020-12-14 14:31:01 -07:00
8f3bf01869
🎉 Initialized Playbook for Gitlab EE configuration.
...
Signed-off-by: nasirhm <nasirhussainm14@gmail.com>
2020-12-15 01:57:09 +05:00
c76c58b139
\#14939 - Fixing .com to .org - It was bothering me
2020-12-14 08:55:08 -05:00
b68cf49de9
typo
2020-12-14 11:20:20 +01:00
ce8ba1d52b
had a duplicate ipsilon role file
2020-12-14 02:23:36 -07:00
875a3bf917
community.mysql should be a collection
2020-12-14 02:17:52 -07:00
e19edd02ff
make linter happy
2020-12-14 02:14:48 -07:00
73b304758e
make linter happy
2020-12-14 02:04:40 -07:00
f32720f0de
adding ipsilon
2020-12-14 02:01:23 -07:00
7a1de933d4
making linter happy
2020-12-14 00:06:29 -07:00
353d4bb0cf
fixing issue #582
2020-12-13 23:57:25 -07:00
e9106cdb69
Merge pull request #581 from derekmpage/issue-183/chrony
...
Issue #183/chrony
2020-12-13 22:35:38 -07:00
9caf9ced6b
issue-183 - make lint happy
2020-12-13 23:09:20 -05:00
faf9e6fd48
issue-183 - make lint happy
2020-12-13 23:04:42 -05:00
5c50c36a69
issue-183 - add chrony server/client playbooks
2020-12-13 22:49:57 -05:00
46c00c6139
Merge pull request #580 from bluikko/requirements-ipsilon
...
Fix branch name for ipsilon role requirement
2020-12-13 20:08:08 -07:00
868c9fc772
fixing some little mistakes
2020-12-13 20:06:42 -07:00
fea1a13b73
Fix branch name for ipsilon role requirement
2020-12-14 08:51:18 +07:00
ea56897fe3
Real changed_when for galaxy installs
...
Instead of always claiming nothing changed, set changed when something was installed.
2020-12-14 08:42:30 +07:00
dec785e225
make linter happy
2020-12-13 19:46:38 +01:00
dca7691f4a
grub tasks moved to separate file
2020-12-13 19:41:26 +01:00
3379f4d1eb
Merge pull request #576 from danielkubat/auditd
...
auditd moved to separate tasks file
2020-12-13 10:44:35 -07:00
6ccae2ef4e
handler removed, auditd can't be managed manually
2020-12-13 18:24:14 +01:00
c8cb5ef4cf
auditd move to separate tasks file
2020-12-13 18:22:55 +01:00
77bebb1a08
updates syntax and deprecated include statements
2020-12-13 13:54:31 +02:00
cdd0e25232
fixing latest / present lint
2020-12-13 03:09:00 -07:00
6822dfe739
prepping for ipsilon role
2020-12-13 03:00:33 -07:00
63abc4341d
lnting, removing redundant requirements
2020-12-12 14:42:03 -07:00
107081378b
Merge pull request #186 from chriscowley/main
...
WIP: Added some code to install a Prometheus server
2020-12-12 14:33:13 -07:00
e7c8997f9f
Lint fixes
2020-12-12 22:31:26 +01:00
1ec706d2f4
Add an example config for nodes
2020-12-12 22:24:01 +01:00
e1085d7e22
Do not open up FW port for Prometheus.
2020-12-12 22:14:57 +01:00
9b52bb2110
Add monitoring roles to requirements.yml
2020-12-12 22:12:50 +01:00
706c504431
Make yamllint happy, formatting fixes
2020-12-12 22:02:53 +01:00
e1bd3b1eb1
Install Prometheus
2020-12-12 21:34:59 +01:00
242c506bcd
authentication - prepping system build
2020-12-12 12:58:00 -07:00
1b185b581d
linting changes, prepping for pam/authselect
2020-12-12 11:46:20 -07:00
525802e753
fixing linting errors
2020-12-12 11:16:37 -07:00
ec056805ff
changed the structure to reflect more modern ansible best practices
...
moved inv vars to group vars
moved roles to collections and fixed playbooks
added a prepare ansible host playbook to download needed roles and playbooks
modified public roles and collection paths to install inside our dir structure to keep them from global installation
2020-12-12 18:13:38 +04:00
bbf1976a5f
starting auth section
2020-12-12 05:39:37 -07:00
534c1f8a48
Add Ansible Lint action and fix lint errors
2020-12-12 15:16:44 +07:00
c41119f58a
Comment out unfinished task
2020-12-12 14:57:10 +07:00
c3dcc26f29
Comment not indented like content
2020-12-12 03:32:37 +01:00
af0b20f7a8
Sudoers include defined as file
2020-12-12 03:28:20 +01:00
458d5db418
Empty line deleted
2020-12-12 03:11:06 +01:00
4032d4ce1d
Make yamllint happy
2020-12-12 03:10:29 +01:00
893c8a343b
Use pam_limits module to set limits
2020-12-12 02:52:30 +01:00
10f14194fe
Formatting fixes
2020-12-12 02:12:11 +01:00
902cc8536e
Use template to generate modprobe settings
2020-12-12 02:11:30 +01:00
1f20af2331
Merge pull request #17 from danielkubat/ssh
...
Ensure SSH daemon is enabled
2020-12-11 17:40:54 -07:00
69f3fe199f
Ensure SSH daemon is enabled, better wording
2020-12-12 01:31:23 +01:00
67e17edf7a
hardening corrections
2020-12-11 17:31:21 -07:00
42abf5df58
ansible lint fixes
2020-12-11 16:54:32 -07:00
fb29ea7a85
Formatting fixes
2020-12-12 00:07:58 +01:00
2eff99f318
linting test and some fixes for #15
2020-12-11 15:20:26 -07:00
33a6d29608
linting, ipa rdns
2020-12-11 14:00:14 -07:00
085c9ae83e
additional hardening - preparing for test
2020-12-11 12:15:17 -07:00
b0c2eb1abb
update readme for ansible
2020-12-11 03:47:36 -07:00
3ab07302dd
update readme for ansible
2020-12-11 03:30:37 -07:00
801e586c97
yaml and ansible linting
2020-12-11 01:13:16 -07:00
eeed6dbcb2
yaml and ansible linting
2020-12-11 00:39:15 -07:00
ee72d1960f
linting
2020-12-10 16:40:49 -07:00
e2626acf9f
docs and bugfixes
2020-12-10 16:11:41 -07:00
348b543cb3
automated test failure: wrong file name
2020-12-10 14:31:39 -07:00
d80300602d
hardening and sysconfig
2020-12-10 12:59:59 -07:00
523d673038
restructure
2020-12-10 12:28:25 -07:00
0e156c8808
restructure
2020-12-10 12:26:11 -07:00
e22874986a
docs and change from role to init
2020-12-10 11:19:24 -07:00
d6ec1cc605
adding prechecks to roles
2020-12-10 11:07:43 -07:00
9a62020a48
Merge pull request #4 from SherifNagy/kvmhosts-playbook
...
KVM host initial playbook
2020-12-10 10:50:36 -07:00
6d133a5f96
documentation
2020-12-10 10:48:58 -07:00
ff54f8249e
KVM host initial playbook
2020-12-10 17:38:37 +00:00
a9a483b546
Fix DNS for replica rollout plus info
2020-12-10 01:43:19 -07:00
d07670d7e2
Additional comments and docs
2020-12-10 00:42:05 -07:00
nazunalika
Louis Abel
Chris Cowley
nasirhm
Samveen Gulati
Derek Page
Alexander Gabert
bluikko
danielkubat
Pavlos Daoglou
Chris Cowley
Pascal Watteel
Sherif Nagy
