75c91e72cb
Merge pull request 'Set env_order + ping_on_rotate' ( #58 ) from saltenv into production
...
Reviewed-on: #58
2023-05-01 20:27:12 +02:00
2a9a5cf394
Set ping_on_rotate
...
Enable option to ensure minions are immediately responsive after key
rotations.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-01 20:24:13 +02:00
1089146801
Set env_order
...
Option was removed in d4f39e8e5f807169b790d5380c10872d1ba31710, but the
default environment seems to not be set to "production" without
it being present. Adding it back until a better way is found.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-01 20:20:32 +02:00
27d178d852
Merge pull request 'Repair BookStack httpd configuration' ( #57 ) from themis-httpd-fixup into production
...
Reviewed-on: #57
2023-05-01 00:08:00 +02:00
841317e0f4
Repair BookStack httpd configuration
...
- Replace wrong instances of RewriteCond with RewriteRule
- Remove wrong quotes around rewrite conditions
- Set correct options (seemingly our version of httpd does not set
FollowSymLinks by default?)
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-05-01 00:00:31 +02:00
5f1793547b
Merge pull request 'Repair PrivateBin config quoting' ( #56 ) from privatebin-quoting into production
...
Reviewed-on: #56
2023-04-30 20:42:21 +02:00
942b71815e
Repair PrivateBin config quoting
...
Ensure strings are quoted correctly.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-30 20:38:43 +02:00
edd16ff3a7
Merge pull request 'Repair undefined id' ( #55 ) from common-id-var into production
...
Reviewed-on: #55
2023-04-30 20:14:32 +02:00
1290fd5ec7
Repair undefined id
...
Replace with call to grains dict.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-30 20:11:24 +02:00
f56ed6f64e
Merge pull request 'Adjust themis httpd directory options' ( #50 ) from themis-httpd-fixup into production
...
Reviewed-on: #50
2023-04-30 20:04:42 +02:00
d8263f9b80
Merge pull request 'Exclude libX11 removal for FPM hosts' ( #54 ) from libX11-php into production
...
Reviewed-on: #54
2023-04-30 19:58:19 +02:00
269b30ce9f
Exclude libX11 removal for FPM hosts
...
Needed for some PHP extensions.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-30 19:48:36 +02:00
21f8818a52
Merge pull request 'Repair BookStack quoting' ( #53 ) from bookstack-quoting into production
...
Reviewed-on: #53
2023-04-30 19:00:05 +02:00
985b401aaa
Repair BookStack quoting
...
Re-order ending quote.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-30 18:57:03 +02:00
65af33d4fb
Merge pull request 'Repair BookStack quoting' ( #52 ) from bookstack-quoting into production
...
Reviewed-on: #52
2023-04-30 18:53:40 +02:00
4053be45d2
Repair BookStack quoting
...
Attempt to repair quoting by correcting the if-condition grouping and by
replacing the quote filter with manual quotes.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-30 18:50:25 +02:00
8d9af70941
Merge pull request 'BookStack fixups' ( #51 ) from bookstack-fixup into production
...
Reviewed-on: #51
2023-04-30 18:34:12 +02:00
ef0a931157
Correct BookStack group
...
Environment file needs to be readable by the www, not the wwwrun, group
for PHP-FPM to be able to access it.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-30 18:27:35 +02:00
d8359f002d
Correct SAML realm capitalization
...
The Keycloak realm is named "LibertaCasa", not "libertacasa".
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-30 18:22:58 +02:00
938be46faf
Quote BookStack values
...
Some strings contain spaces or special characters and should be quoted.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-30 18:20:54 +02:00
0a3d34d962
Adjust themis httpd directory options
...
Some directory options are not needed and were listed with syntax
issues. Set to false to prevent "Options" from
being added, which equals "Options +FollowSymLinks".
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-30 18:16:35 +02:00
600a73a984
Merge pull request 'Add empty role.privatebin pillar' ( #49 ) from privatebin-role into production
...
Reviewed-on: #49
2023-04-30 16:44:56 +02:00
b0613cf377
Add empty role.privatebin pillar
...
For some reason Salt complains about the file missing, albeit us using
"ignore_missing" in the top file.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-30 16:41:22 +02:00
b7f34f8b9d
Merge pull request 'Add manage_firewall conditional' ( #48 ) from firewall-optional into production
...
Reviewed-on: #48
2023-04-30 16:11:46 +02:00
b685f16c91
Add manage_firewall conditional
...
Allow us to enroll machines in Salt which do not yet have their firewall
configuration imported without having their rules overwritten.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-30 16:07:21 +02:00
f90197f791
Merge pull request 'Add empty role.bookstack pillar' ( #47 ) from bookstack-pillar into production
...
Reviewed-on: #47
2023-04-30 14:58:14 +02:00
e8107a3054
Add empty role.bookstack pillar
...
For some reason Salt complains about the file missing (albeit us using
having "ignore_missing" enabled in the pillar top).
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-30 14:54:43 +02:00
524c82cafa
Merge pull request 'Allow saltenv/pillarenv override' ( #45 ) from saltenv into production
...
Reviewed-on: #45
2023-04-30 14:49:12 +02:00
d4f39e8e5f
Allow saltenv/pillarenv override
...
To ease development, allow saltenv=<branch>/pillarenv=<branch> instead
of enforcing the production branch.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-30 14:43:59 +02:00
a7cd6609e6
Merge pull request 'Watch httpd service for snippets' ( #46 ) from httpd-service into production
...
Reviewed-on: #46
2023-04-30 14:43:42 +02:00
d65cb9a43b
Watch httpd service for snippets
...
The reload/restart module calls have been dropped from the formula.
Watch the service.running state instead.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-30 14:39:27 +02:00
b1249e69eb
Merge pull request 'Import themis / PrivateBin' ( #40 ) from privatebin into production
...
Reviewed-on: #40
2023-04-30 14:37:12 +02:00
87bb69fa37
Merge pull request 'Split out salt.formulas state' ( #44 ) from profile-formulas into production
...
Reviewed-on: #44
2023-04-29 19:07:32 +02:00
76d1da11d9
Split out salt.formulas state
...
Allow formulas update on Salt master without applying the complete Salt
master profile.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-29 18:55:49 +02:00
f32d814658
id.themis: import backend firewall rules
...
Allow HTTPS traffic.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-29 18:39:30 +02:00
a6319da822
Merge pull request 'Add tg lucy channel mapping' ( #43 ) from mattertgbridge into production
...
Reviewed-on: #43
Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-14 17:07:49 +02:00
9d9e61d51d
Add tg lucy channel mapping
...
Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-04-14 18:45:51 +05:30
8420bbdf6f
Merge pull request 'Add ChillNet matterbridge' ( #42 ) from chillnet into production
...
Reviewed-on: #42
Reviewed-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-09 21:24:24 +02:00
508c0dc1b2
Add Chillnet to matterbridge
...
Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-04-10 00:25:14 +05:30
6ebd02042f
Refactor matterbridge_media macro
...
Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-04-10 00:18:59 +05:30
4ff7a39f0e
id.themis: import PrivateBin httpd vhost
...
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-03-12 17:21:32 +01:00
bf3aaa5ff1
id.themis: import PrivateBin configuration
...
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-03-12 17:01:17 +01:00
96daffc979
Add privatebin profile+role
...
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-03-12 17:01:00 +01:00
84c1cecf61
Merge pull request 'Import themis / BookStack' ( #35 ) from bookstack into production
...
Reviewed-on: #35
Reviewed-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-03-11 22:11:32 +01:00
c932881cd7
profile.bookstack: quote keys
...
Some keys needed quoting to pass the YAML parser.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-03-11 18:10:07 +01:00
a1ce36fd6c
Enable php-formula
...
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-26 13:14:29 +01:00
c28a4f5a52
role.bookstack: include php-fpm
...
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-26 13:14:29 +01:00
361e118b31
Add php-fpm role
...
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-26 13:14:29 +01:00
f55e5363a0
Enable memcached-formula
...
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-26 13:14:28 +01:00
edbf9f3f20
role.bookstack: include memcached
...
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-26 13:14:28 +01:00
