Update to 2021-02-03 21:00

3 years ago · 13588e992b
parent 3ad8774c32
commit 13588e992b
5 changed files with 9 additions and 14 deletions
--- a/roles/diagrams/defaults/main.yml
+++ b/roles/diagrams/defaults/main.yml
@ -1,11 +1,11 @@
 ---

 # Veresion of diagrams to deploy
-diagrams_version: 14.2.4
+diagrams_version: 14.2.9
 # URL of the WAR file to deploy
 diagrams_war_url: https://github.com/jgraph/drawio/releases/download/v{{ diagrams_version }}/draw.war
 # Expected sha1 of the WAR file
-diagrams_war_sha1: 68bd9f564453a540c2a167f7d75ae1347a79c4ba
+diagrams_war_sha1: 061b500ffc908fe603ecf8d43fb4259bd83315fe
 # root directory of the installation
 diagrams_root_dir: /opt/diagrams
 # Should ansible manage upgrades, or just initial install ?
--- a/roles/lemonldap_ng/templates/llng-fastcgi-server.service.j2
+++ b/roles/lemonldap_ng/templates/llng-fastcgi-server.service.j2
@ -7,15 +7,16 @@ Type=simple
 PIDFile=/var/run/llng-fastcgi-server/llng-fastcgi-server.pid
 User=apache
 Group=apache
+{% if ansible_os_family == 'RedHat' and ansible_distribution_major_version is version('8','<') %}
 Environment=PM_MAX_REQUESTS=5000
 Environment=PM_SIZECHECK_NUM_REQUESTS=100
 Environment=PM_MAX_SIZE=800000
+{% endif %}
 Environment=SOCKET=/var/run/llng-fastcgi-server/llng-fastcgi.sock
 Environment=PID=/var/run/llng-fastcgi-server/llng-fastcgi-server.pid
 Environment=PERL_LWP_ENV_PROXY={{ llng_reload_use_proxy | ternary('1','0') }}
 ExecStart=/usr/libexec/lemonldap-ng/sbin/llng-fastcgi-server \
-             --foreground \
-             --plackOptions=--manager=FCGI::ProcManager::Constrained
+             --foreground
 PrivateTmp=yes
 PrivateDevices=yes
 ProtectSystem=full
--- a/roles/postfix/defaults/main.yml
+++ b/roles/postfix/defaults/main.yml
@ -20,10 +20,6 @@
 #   - 'localhost'
 #
 #
-# If set to true, postfix will bind on all interfaces
-# If false, only on loopback
-postfix_networking: False
-
 #
 # List of IP/Network allowed to relay
 # 127.0.0.0/8 should always be in the list
@ -31,10 +27,8 @@ postfix_networking: False
 #   - 127.0.0.0/8
 #   - 10.10.0.0/16
 #   - 192.168.7.0/24
-#
-# List of IP addresses which will have access to port 25

-postfix_src_ip:
-  - 0.0.0.0/0
+# List of IP addresses which will have access to port 25
+postfix_src_ip: []

 ...
--- a/roles/postfix/tasks/main.yml
+++ b/roles/postfix/tasks/main.yml
@ -44,7 +44,7 @@
 - name: Handle postfix port
  iptables_raw:
    name: postfix_ports
-    state: "{{ (postfix_src_ip is defined and postfix_src_ip | length > 0 and postfix_networking) | ternary('present','absent') }}"
+    state: "{{ (postfix_src_ip is defined and postfix_src_ip | length > 0) | ternary('present','absent') }}"
    rules: "-A INPUT -m state --state NEW -p tcp -m multiport --dports {{ postfix_ports | default(['25']) | join(',') }} -s {{ postfix_src_ip | join(',') }} -j ACCEPT"
  when: iptables_manage | default(True)
  tags: postfix
--- a/roles/postfix/templates/main.cf.j2
+++ b/roles/postfix/templates/main.cf.j2
@ -10,7 +10,7 @@ mydomain = {{ postfix_mydomain }}

 myorigin = $mydomain

-inet_interfaces = {{ postfix_networking | default(False) | ternary('all','localhost') }}
+inet_interfaces = all
 inet_protocols = ipv4

 mydestination = {{ postfix_mydestination | default(['$myhostname', 'localhost.$mydomain', 'localhost']) | join(', ') }}