ansible-personal

Author	SHA1	Message	Date
Alan Orth	1ffc4eebc9	roles/nginx: Use default_server instead of default Seems to be the new keyword for quite some time now, despite not causing an error: http://nginx.org/en/docs/http/server_names.html	2016-04-25 21:48:36 +03:00
Alan Orth	03519831cb	roles/nginx: Return HTTP 444 for requests to invalid hostnames 444 is a special nginx return code that means the request was closed without a response, see: http://nginx.org/en/docs/http/request_processing.html	2016-04-25 21:45:21 +03:00
Alan Orth	37b4809546	roles/nginx: Add IPv6 DNS resolvers for OCSP stapling	2016-04-25 13:25:05 +03:00
Alan Orth	cd77b088e9	Fix a few references to php5-fpm Unless we really mean php5-fpm, let's just say php-fpm.	2016-04-25 12:33:12 +03:00
Alan Orth	336ff4c2e5	Add web07 Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-04-24 19:04:55 +03:00
Alan Orth	6bf9aec64e	roles/php-fpm: Add some packages needed by Piwik on PHP7	2016-04-24 19:04:29 +03:00
Alan Orth	0bed8e4c0b	roles/nginx: Fix for path to PHP-FPM socket on Ubuntu 16.04	2016-04-22 18:19:30 +03:00
Alan Orth	4a99c73d62	roles/php-fpm: Add php.ini and pool.conf for PHP 7	2016-04-22 11:25:35 +03:00
Alan Orth	da63e67614	roles/php-fpm: Split up task for Debian and Ubuntu Debian 8 and Ubuntu 16.04 use PHP 5.6 and 7.0, respectively, and the php-fpm versions use slightly different configs and service names.	2016-04-22 11:25:35 +03:00
Alan Orth	904bb9c094	roles/php-fpm: Rename tags from php5-fpm to php-fpm	2016-04-22 11:25:35 +03:00
Alan Orth	8d4ee6f430	Rename php5-fpm role to php-fpm In Ubuntu 16.04 the package is now called just "php-fpm" and it makes more sense to just have this role be called that.	2016-04-22 11:25:35 +03:00
Alan Orth	f90eff6b1a	roles/nginx: Update sources.list template for Ubuntu 16.04 Use Ubuntu 15.10 builds for now.	2016-04-22 11:25:35 +03:00
Alan Orth	419d0c7e9a	roles/mariadb: Remove old MariaDB sources.list	2016-04-22 11:25:35 +03:00
Alan Orth	35d0bee6cf	roles/mariadb: Use a template for sources When you use the apt_repository module it adds a sources.list with an annoying filename, and also it's just easier to use a template when we have different distros/versions to support.	2016-04-22 11:25:35 +03:00
Alan Orth	a0bb4c2f57	roles/common: Add sshd_config for Ubuntu 16.04	2016-04-22 11:25:35 +03:00
Alan Orth	d265b522e8	roles/common: Update iptables for Ubuntu 16.04 Basically, anything after 15.04 is using firewalld.	2016-04-22 11:25:35 +03:00
Alan Orth	ad232a7a8b	roles/common: Remove old SSH key	2016-04-22 11:24:35 +03:00
Alan Orth	a107f44ee8	Merge pull request #25 from alanorth/maridb-template roles/mariadb: Manage /etc/mysql/my.cnf	2016-04-22 10:11:48 +03:00
Alan Orth	bedc820312	roles/mariadb: Manage /etc/mysql/my.cnf Set some sane defaults and manage the config file with a template.	2016-04-22 10:08:32 +03:00
Alan Orth	ebf79c5b07	roles/nginx: Add missing nginx tag The creation of the fastcgi cache dir is part of the nginx role and should be labled as such. In situations where you only run nginx tasks with `-t nginx` nginx will fail to start due to the missing cache dir.	2016-04-15 12:29:35 +03:00
Alan Orth	fc66f8c354	host_vars/web06: Update WordPress to 4.5	2016-04-13 08:25:04 +03:00
Alan Orth	c8d2783159	roles/php5-fpm: Update php.ini from latest upstream Debian 8.4 shipped with a new php.ini. It's mostly just updates to comments and default values. Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-04-02 20:14:53 +03:00
Alan Orth	d50212c66c	roles/nginx: Remove extra semi colon in HSTS preload header Google's preload check application pointed out that there was an extra semi colon in the HTTP header: $ hstspreload checkdomain alaninkenya.org Warning: 1. Syntax warning: Header includes an empty directive or extra semicolon. The tool can be downloaded here: https://github.com/chromium/hstspreload Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-03-31 13:35:44 +03:00
Alan Orth	fe6c733cae	roles/nginx: Turn on tcp_nopush in nginx.conf It seems tcp_nopush is meant to be used with sendfile in newer versions of nginx. See: https://github.com/h5bp/server-configs-nginx/blob/master/nginx.conf See: https://t37.net/nginx-optimization-understanding-sendfile-tcp_nodelay-and-tcp_nopush.html Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-03-14 00:07:35 +02:00
Alan Orth	250b196bf8	roles/nginx: Add comment for sendfile option From: https://github.com/h5bp/server-configs-nginx/blob/master/nginx.conf Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-03-12 19:27:56 +02:00
Alan Orth	89bee2e6db	roles/nginx: Add comment for gzip_vary From: https://github.com/h5bp/server-configs-nginx/blob/master/nginx.conf Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-03-12 19:25:57 +02:00
Alan Orth	27a3ee9651	roles/nginx: Add cache control header for SVG images Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-03-12 19:17:40 +02:00
Alan Orth	c6cc1f57bb	roles/nginx: Add image/svg+xml to gzip types Google's PageSpeed Insights tool pointed out that the Genericons in WordPress' Jetpack module could be compressed. Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-03-12 19:16:23 +02:00
Alan Orth	926cdf58cf	roles/nginx: keepalive_timeout is in seconds See: http://nginx.org/en/docs/http/ngx_http_core_module.html#keepalive_timeout Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-03-12 19:02:57 +02:00
Alan Orth	b9a9d415f1	host_vars/web06: Add vars for new Piwik database Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-03-11 19:09:55 +02:00
Alan Orth	6a3b8f0918	Update some bare variables in with_items loops to use Ansible 2.0 syntax See: https://docs.ansible.com/ansible/porting_guide_2.0.html Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-03-11 18:53:07 +02:00
Alan Orth	869d7f6c7e	roles/php5-fpm: Disable always_populate_raw_post_data Deprecated in PHP 5.6 and causes problems with Piwik. I'm not sure if WordPress needs this, but I did find some references in its code to $HTTP_RAW_POST_DATA. See: https://secure.php.net/manual/en/migration56.deprecated.php#migration56.deprecated.raw-post-data See: https://www.bram.us/2014/10/26/php-5-6-automatically-populating-http_raw_post_data-is-deprecated-and-will-be-removed-in-a-future-version/ Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-03-11 18:50:32 +02:00
Alan Orth	c3dc5dc0aa	group_vars/all: Update TLS cipher suite to latest Mozilla "Intermediate" recommendations See: https://wiki.mozilla.org/Security/Server_Side_TLS Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-03-08 12:45:58 +02:00
Alan Orth	7d61262a76	README.md: Update copyright to 2016 Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-02-27 18:45:36 +02:00
Alan Orth	94abbc3cd0	README.md: Update playbook invocation for ansible become See: https://docs.ansible.com/ansible/become.html Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-02-09 16:43:08 +02:00
Alan Orth	237bf50ac7	host_vars/web06: Update to WordPress 4.4.2 Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-02-04 18:17:19 +02:00
Alan Orth	ee0621fc20	web.yml: sudo -> become for Ansible 2.0 Some language changed in Ansible 2.0. Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-01-12 22:55:58 +02:00
Alan Orth	2da8876caa	host_vars/web06: Update to WordPress 4.4.1 Signed-off-by: Alan Orth <alan.orth@gmail.com>	2016-01-07 12:37:36 +02:00
Alan Orth	65d4c28396	README.md: Grammar Signed-off-by: Alan Orth <alan.orth@gmail.com>	2015-12-10 00:44:14 +02:00
Alan Orth	43a7039dc9	roles/nginx: Remove "enable_https" config logic Everything is HTTPS now, whether self-signed or otherwise, so it doesn't make sense to have a config switch for this. Signed-off-by: Alan Orth <alan.orth@gmail.com>	2015-12-10 00:38:53 +02:00
Alan Orth	940b2720da	Rename nginx_* variables underneath nginx_vhosts It's just deduplication, since it's already obvious that the dict is for nginx-related vars: - nginx_domain_name→domain_name - nginx_domain_aliases→domain_aliases - nginx_enable_https→enable_https - nginx_enable_hsts→enable_hsts Signed-off-by: Alan Orth <alan.orth@gmail.com>	2015-12-10 00:25:44 +02:00
Alan Orth	41547defb9	Finish moving logic and variables from nginx_tls_vhosts to nginx_vhosts Everything is TLS now (whether self-signed or not), so it's pointless to distinguish. Signed-off-by: Alan Orth <alan.orth@gmail.com>	2015-12-10 00:14:47 +02:00
Alan Orth	7b9536838c	roles/nginx: Move nginx tls_vhosts.yml to vhosts.yml Signed-off-by: Alan Orth <alan.orth@gmail.com>	2015-12-09 23:56:50 +02:00
Alan Orth	dc5c09036c	Change pattern from nginx_tls_vhosts→nginx_vhosts All hosts should have TLS now, whether self-signed "snakeoil" certs or otherwise. Signed-off-by: Alan Orth <alan.orth@gmail.com>	2015-12-09 23:54:18 +02:00
Alan Orth	27a4abfcfd	roles/nginx: Add comments about defaults in templates It would be bettwe to set these defaults in the role's defaults, but we can't because they exist in dicts for each of the host's sites. Signed-off-by: Alan Orth <alan.orth@gmail.com>	2015-12-09 23:29:33 +02:00
Alan Orth	86ee36da77	roles/nginx: Clean up template spacing Signed-off-by: Alan Orth <alan.orth@gmail.com>	2015-12-09 23:25:38 +02:00
Alan Orth	a8005404f1	roles/nginx: Use more consistent naming for per-host nginx options The `enable_https` option in host_vars becomes `nginx_enable_https` to be more consistent with other nginx options used in host_vars. Signed-off-by: Alan Orth <alan.orth@gmail.com>	2015-12-09 23:21:19 +02:00
Alan Orth	1701937006	host_vars/web06: Update to WordPress 4.4 Signed-off-by: Alan Orth <alan.orth@gmail.com>	2015-12-09 11:00:51 +02:00
Alan Orth	178d633794	host_vars/web06: Add HSTS to englishbulgaria.net Signed-off-by: Alan Orth <alan.orth@gmail.com>	2015-12-08 22:42:41 +02:00
Alan Orth	d80399d152	roles/php5-fpm: Increase memory allocation I added another WordPress blog so I need more memory for caching now. Eventually I wonder if I should deduplicate these somehow... Signed-off-by: Alan Orth <alan.orth@gmail.com>	2015-12-08 21:08:34 +02:00

... 12 13 14 15 16 ...

925 Commits