dustin/configpolicy
1
1
Fork 0
Code Issues Releases Activity
Files
f9e8c78e5ac175ed59b3db6343cc605a94df847e
configpolicy/roles
History
Dustin C. Hatch f9e8c78e5a roles/websites: Set authorized_keys file perms 
Because the various "webapp.*" users' home directories are under
`/srv/www`, the default SELinux context type is `httpd_sys_content_t`.
The SSH daemon is not allowed to read files with this label, so it
cannot load the contents of these users' `authorized_keys` files.  To
address this, we have to explicitly set the SELinux type to
`ssh_home_t`.
2020-12-30 20:59:27 -06:00
..
ansible/tasks
roles/ansible: Install python-netaddr
2018-04-08 12:33:54 -05:00
apache
roles/apache: Add tags to tasks
2020-12-26 11:35:45 -06:00
aria2
aria2: Deploy aria2 download manager
2018-08-19 14:17:48 -05:00
base
roles/base: Basic config management support
2018-01-29 15:02:10 -06:00
bitwarden_rs
roles/bitwarden_rs: Update to new Docker image
2020-11-13 06:52:56 -06:00
burp-client
burp-client: Use burp.p.b name
2020-01-18 12:10:53 -06:00
burp-server
roles/burp-server: switch to version_compare test
2020-01-25 13:54:42 -06:00
cert/tasks
roles/cert: Add handler topic notification
2020-12-26 10:38:17 -06:00
certbot
roles/certbot: Ensure certbot is configured first
2019-09-19 19:50:35 -05:00
collectd
collectd: Ensure service is enabled
2020-12-23 21:25:49 -06:00
collectd-prometheus
roles/collectd-prometheus: Configure plugin
2020-12-26 09:44:04 -06:00
cronie/tasks
roles/cronie: Install cronie
2018-08-08 21:38:56 -05:00
dch-gw
dch-gw: Restrict traffic from Management network
2018-07-15 12:16:43 -05:00
dch-openvpn-server
dch-openvpn: Support road-warrior clients
2018-10-07 21:42:18 -05:00
dch-proxy
websites: Add chmod777.sh
2020-03-09 20:29:52 -05:00
dch-storage-net
roles/dch-storage-net: Add After device dependency
2018-07-29 10:14:00 -05:00
dch-vpn-server
roles/strongswan: Update service name
2020-07-04 14:32:22 -05:00
dhcpcd
roles/dhcpcd: Always send FQDN
2018-07-23 17:35:10 -05:00
dhcpd
roles/dhcpd: Support UniFi DHCP option 43
2019-03-22 09:29:56 -05:00
docker
roles/docker: Install and set up Docker daemon
2019-09-19 19:27:12 -05:00
elasticsearch
roles/elasticsearch: Add Elasticsearch deployment
2019-10-28 18:33:37 -05:00
fileserver
roles/fileserver: Deploy Samba file server
2018-08-01 22:04:07 -05:00
freeradius
roles/freeradius: Set dhparam permissions
2019-09-19 19:50:35 -05:00
gitea
roles/gitea: Install from upstream binary
2020-02-22 16:43:46 -06:00
graylog
roles/graylog: Add Graylog server deployment
2019-10-28 18:47:09 -05:00
haproxy
roles/haproxy: Fix undefined var on Fedora hosts
2020-03-03 19:27:19 -06:00
hass-dhcp
roles/hass-dhcp: Enable DNS query logging
2019-09-19 19:50:35 -05:00
hassdb/tasks
roles/hassdb: Deploy Home Assistant database
2020-07-14 11:38:30 -05:00
homeassistant
roles/homeassistant: Add HTTPS redirect
2020-07-04 14:25:16 -05:00
hostname
hostname: Also write /etc/hosts
2018-04-08 10:11:43 -05:00
jenkins-slave
jenkins-slave: Allow Jenkins to connect to Docker
2019-09-19 19:50:35 -05:00
kerberos
roles/kerberos: Configure mit-krb5
2018-01-29 15:05:51 -06:00
koji-builder
roles/koji-builder: Deploy the Koji builder
2018-08-12 10:14:25 -05:00
koji-client
roles/koji-client: Configure the koji client
2018-08-12 10:05:56 -05:00
koji-gc
roles/koji-gc: Deploy the Koji garbage collector
2018-08-12 09:58:56 -05:00
koji-hub
roles/koji-hub: Deploy the Koji Hub
2018-08-12 09:33:08 -05:00
koji-web
roles/koji-web: Deploy the Koji Web UI
2018-08-12 10:08:01 -05:00
kojira
roles/kojira: Deploy the Koji repository agent
2018-08-12 10:04:23 -05:00
logrotate/tasks
roles/logrotate: Install and enable logrotate
2020-12-08 20:59:40 -06:00
mongodb
roles/mongodb: Add MongoDB deployment
2019-10-28 18:34:45 -05:00
motioneye
motioneye: Deploy motionEye camera software
2020-10-03 11:29:39 -05:00
named
roles/named: Send application logs to syslog
2020-12-26 11:36:15 -06:00
net-ifaces
roles/net-ifaces: Update VLAN for pyrocufflink.blue
2020-05-25 09:17:24 -05:00
nextcloud
roles/cert: Add handler topic notification
2020-12-26 10:38:17 -06:00
nftables
roles/nftables: Basic nftables configuration
2018-03-27 20:44:43 -05:00
nsswitch
roles/nsswitch: Configure glibc name service
2018-03-11 18:16:17 -05:00
ntpd
ntp: Initial PB and role to set up ntpd
2018-04-22 11:19:22 -05:00
postfix
roles/postfix: Vary shlib directory by arch
2018-08-07 19:51:09 -05:00
postgresql-server
roles/postgresql-server: Remove postgresql-setup
2020-07-14 10:56:01 -05:00
protonvpn
roles/protonvpn: Set infinite keying retries
2020-10-10 11:10:12 -05:00
rabbitmq/tasks
roles/rabbitmq: Deploy RabbitMQ
2019-03-07 13:29:29 -06:00
radvd
roles/radvd: Support multiple prefixes per network
2018-04-06 20:16:02 -05:00
rhel-network
roles/rhel-network: Add static route support
2018-03-27 20:44:43 -05:00
samba
roles/samba: Support selecting interfaces
2018-06-23 14:42:45 -05:00
samba-dc
roles/samba: Manage LDAP TLS certificates
2019-03-22 09:31:19 -05:00
squid
squid: Add role and PB to deploy Squid
2018-08-12 16:00:32 -05:00
ssh-hostkeys
hosts: Add motion0.p.b
2020-10-03 11:30:38 -05:00
sshd
roles/sshd: Configure OpenSSH daemon
2018-06-06 21:44:28 -05:00
strongswan
roles/strongswan: Update service name
2020-07-04 14:32:22 -05:00
strongswan-swanctl/tasks
pyrocufflink-dns: Cloudflare over ProtonVPN
2020-09-06 11:06:58 -05:00
sudo
roles/sudo: Configure sudo and policy
2018-03-11 18:16:17 -05:00
system-auth
roles/system-auth: Configure PAM system authentication
2018-03-11 18:16:17 -05:00
taiga
roles/taiga: Fix HTTP->HTTPS redirect
2019-03-22 09:29:56 -05:00
trustca
roles/trustca: Generic role for adding CA certs
2018-06-04 20:03:55 -05:00
vmhost
roles/vmhost: Enable KSM
2019-03-22 09:29:56 -05:00
websites
roles/websites: Set authorized_keys file perms
2020-12-30 20:59:27 -06:00
wheelhost
wheelhost: Publish wheels built by Jenkins
2019-03-22 10:19:27 -05:00
winbind
roles/winbind: Fix error handling in ads_member
2019-03-22 09:29:56 -05:00
zabbix-agent
roles/zabbix: Add support for Debian
2019-03-22 09:29:56 -05:00
zabbix-server
roles/zabbix-server: Redirect HTTP -> HTTPS
2018-06-09 14:35:22 -05:00