Newebe: improve playbook and don't fail on first installation
- Add test
- Fixed Newebe's playbook failing on first run on a fresh Debian 7 VM
- Restart supervisord on changes
- Security: Use /usr/sbin/nologin as login shell for newebe user
- Speed: Consolidate all 'apt' entries into one
- Strip trailing whitespaces
- Update to take advantage of apache2_module from Ansible 1.6
- Use file path=... state=absent instead of "rm" command to delete files
ZNC 1.4 uses a new section within the configuration file to specify
password hash and salt. This requires adding a new Ansible variable
'irc_password_salt'.
Also update the README file to reflect above changes.
Make sure to remove 'install' directory if wallabag is already installed
Subsequent runs of wallabag's playbook result in the 'install' directory being
recreated, (after the "Clone wallabag" step) kicking wallabag's first time
setup procedure.
With this patch we automatically remove the 'install' directory if wallabag's
configuration file appears to be in place before cloning the repository.
The 'fuse-utils' package doesn't exist on Ubuntu 14.04 and is marked as a
transitional package on both Debian 7 and Ubuntu 12.04 that installs the
'fuse' package.
Since Debian 7 is the officially supported distribution we can safely
switch to install 'fuse' instead of 'fuse-utils' and we also gain
compatibility with Ubuntu 14.04.
Changed tarsnap.sh to not shut down postgresql, instead use the pg_dumpall command to create a .sql backup file in /decrypted/. Much better than shutting down the entire db server.
This change set builds collectd from source and configures it in one of
the following ways:
- If Librato credentials are present, collectd will be configured to
send data points to Librato using the collectd-librato plugin.
- If no Librato credentials are present, collectd will be configured to
write RRD files locally (/opt/collectd/var/lib/collectd/rrd by default).
Added rules for dealing with old virtualhost files in
/etc/apache2/sites-available and old (dangling) symlinks in
/etc/apaches/sites-enabled.
Also, remove unnecessary apache2 restart after creating a new
virtualhost but not yet enabling it.
* Postfix: Trusty comes with postgresql 9.3, not 9.1
* owncloud 6.0.1 is part of the distribution, doesn't require opensuse repository
* owncloud requires libapache2-mod-php5
* uses prosody repository that matches the ansible_distribution_release (trusty, wheezy, etc)
The virtual site files must be owned by root (serious security issue)
and they must have the .conf filename suffix for a2ensite on
Ubuntu 14.04LTS (apache 2.4.7).
On Ubuntu 14.04 LTS, a2ensite automatically appends ".conf" to the filename it looks for in /etc/apache2/sites-available/
Therefore, the file "/etc/apache2/sites-available/roundcube" must be renamed to
"/etc/apache2/sites-available/roundcube.conf".
Security issue:
This file must be owned by root, otherwise it is a huge security issue (User www-data could modify the file and get root at next restart of apache).
* Update OpenVPN role to generate self-contained "unified" .ovpn
profiles
* The role now generates .ovpn profiles with embedded CA, certificate,
key, and HMAC firewall key information. These .ovpn profiles are
compatible with OpenVPN for iOS and Android, and only a single file
needs to be transferred to your mobile device.
* Added explicit route information to the .ovpn profile