From 14548481a1b23a3de2c7ea8618a7d67bd7e60ab2 Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Thu, 14 Oct 2021 15:00:07 +0200 Subject: [PATCH] Update to 2021-10-14 15:00 --- roles/documize/tasks/archive_pre.yml | 2 +- roles/documize/tasks/install.yml | 2 +- roles/documize/templates/pre-backup.j2 | 4 ++-- roles/funkwhale/tasks/archive_pre.yml | 2 +- roles/funkwhale/templates/pre-backup.sh.j2 | 2 +- roles/funkwhale/vars/RedHat-7.yml | 2 +- roles/funkwhale/vars/RedHat-8.yml | 2 +- roles/mailman/tasks/archive_pre.yml | 2 +- roles/mailman/templates/pre-backup.sh.j2 | 4 ++-- roles/matrix_synapse/tasks/archive_pre.yml | 2 +- roles/matrix_synapse/tasks/install.yml | 2 +- roles/matrix_synapse/templates/pre-backup.sh.j2 | 2 +- roles/matrix_synapse/vars/RedHat-7.yml | 2 +- roles/matrix_synapse/vars/RedHat-8.yml | 2 +- roles/mayan_edms/tasks/archive_pre.yml | 2 +- roles/mayan_edms/tasks/install.yml | 2 +- roles/mayan_edms/templates/pre_backup.sh.j2 | 2 +- roles/miniflux/tasks/archive_pre.yml | 2 +- roles/miniflux/tasks/install.yml | 2 +- roles/miniflux/templates/pre-backup.j2 | 2 +- roles/nginx/defaults/main.yml | 1 + roles/nginx/templates/ansible_conf.d/30-vhosts.conf.j2 | 5 ++++- roles/paperless_ng/tasks/archive_pre.yml | 4 ++-- roles/paperless_ng/templates/pre-backup.j2 | 2 +- roles/paperless_ng/vars/RedHat-8.yml | 2 +- roles/papermerge/tasks/archive_pre.yml | 4 ++-- roles/papermerge/tasks/install.yml | 2 +- roles/psono/tasks/archive_pre.yml | 2 +- roles/repo_base/templates/postgresql-client.repo.j2 | 6 +++--- roles/repo_samba4/defaults/main.yml | 2 +- roles/wapt_server/templates/pre-backup.sh.j2 | 2 +- roles/wapt_server/vars/RedHat-7.yml | 2 +- roles/wapt_server/vars/RedHat-8.yml | 2 +- 33 files changed, 42 insertions(+), 38 deletions(-) diff --git a/roles/documize/tasks/archive_pre.yml b/roles/documize/tasks/archive_pre.yml index 844f16d..6631278 100644 --- a/roles/documize/tasks/archive_pre.yml +++ b/roles/documize/tasks/archive_pre.yml @@ -10,7 +10,7 @@ - name: Backup the database command: > - /usr/pgsql-13/bin/pg_dump + /usr/pgsql-14/bin/pg_dump --clean --create --host={{ documize_db_server }} diff --git a/roles/documize/tasks/install.yml b/roles/documize/tasks/install.yml index bf4c95c..70f9e08 100644 --- a/roles/documize/tasks/install.yml +++ b/roles/documize/tasks/install.yml @@ -5,7 +5,7 @@ name: - tar - zstd - - postgresql13 + - postgresql14 tags: documize - name: Download documize diff --git a/roles/documize/templates/pre-backup.j2 b/roles/documize/templates/pre-backup.j2 index ae47ee0..e82ec85 100644 --- a/roles/documize/templates/pre-backup.j2 +++ b/roles/documize/templates/pre-backup.j2 @@ -13,14 +13,14 @@ set -eo pipefail --add-drop-table {{ documize_db_name | quote }} | zstd -c > "{{ documize_root_dir }}/backup/{{ documize_db_name }}.sql.zst" {% elif documize_db_engine == 'postgres' %} {% if documize_db_server not in ['127.0.0.1','localhost'] %} -PGPASSWORD={{ documize_db_pass | quote }} /usr/pgsql-13/bin/pg_dump \ +PGPASSWORD={{ documize_db_pass | quote }} /usr/pgsql-14/bin/pg_dump \ --clean \ --create \ --username={{ documize_db_user | quote }} \ --host={{ documize_db_server | quote }} \ {{ documize_db_name | quote }} | \ {% else %} -su - postgres -c "/usr/pgsql-13/bin/pg_dump --clean --create {{ documize_db_name | quote }}" | \ +su - postgres -c "/usr/pgsql-14/bin/pg_dump --clean --create {{ documize_db_name | quote }}" | \ {% endif %} zstd -c > "{{ documize_root_dir }}/backup/{{ documize_db_name }}.sql.zst" {% endif %} diff --git a/roles/funkwhale/tasks/archive_pre.yml b/roles/funkwhale/tasks/archive_pre.yml index 654d1a0..8dc0d19 100644 --- a/roles/funkwhale/tasks/archive_pre.yml +++ b/roles/funkwhale/tasks/archive_pre.yml @@ -19,7 +19,7 @@ - name: Archive a database dump command: > - /usr/pgsql-13/bin/pg_dump + /usr/pgsql-14/bin/pg_dump --clean --create --host={{ funkwhale_db_server }} diff --git a/roles/funkwhale/templates/pre-backup.sh.j2 b/roles/funkwhale/templates/pre-backup.sh.j2 index b35db67..3afe803 100644 --- a/roles/funkwhale/templates/pre-backup.sh.j2 +++ b/roles/funkwhale/templates/pre-backup.sh.j2 @@ -2,7 +2,7 @@ set -eo pipefail -PGPASSWORD={{ funkwhale_db_pass | quote }} /usr/pgsql-13/bin/pg_dump \ +PGPASSWORD={{ funkwhale_db_pass | quote }} /usr/pgsql-14/bin/pg_dump \ --clean \ --create \ --username={{ funkwhale_db_user | quote }} \ diff --git a/roles/funkwhale/vars/RedHat-7.yml b/roles/funkwhale/vars/RedHat-7.yml index c46b46b..afc9ca4 100644 --- a/roles/funkwhale/vars/RedHat-7.yml +++ b/roles/funkwhale/vars/RedHat-7.yml @@ -3,7 +3,7 @@ funkwhale_packages: - gcc - git - - postgresql13 + - postgresql14 - postgresql-devel - openldap-devel - cyrus-sasl-devel diff --git a/roles/funkwhale/vars/RedHat-8.yml b/roles/funkwhale/vars/RedHat-8.yml index 8320024..6936f30 100644 --- a/roles/funkwhale/vars/RedHat-8.yml +++ b/roles/funkwhale/vars/RedHat-8.yml @@ -3,7 +3,7 @@ funkwhale_packages: - gcc - git - - postgresql13 + - postgresql14 - postgresql-devel - openldap-devel - cyrus-sasl-devel diff --git a/roles/mailman/tasks/archive_pre.yml b/roles/mailman/tasks/archive_pre.yml index 76443b8..a035f17 100644 --- a/roles/mailman/tasks/archive_pre.yml +++ b/roles/mailman/tasks/archive_pre.yml @@ -20,7 +20,7 @@ - name: Dump the database command: > - /usr/pgsql-13/bin/pg_dump + /usr/pgsql-14/bin/pg_dump --clean --create --host={{ mailman_db_server | quote }} diff --git a/roles/mailman/templates/pre-backup.sh.j2 b/roles/mailman/templates/pre-backup.sh.j2 index e4e322a..80dacd6 100644 --- a/roles/mailman/templates/pre-backup.sh.j2 +++ b/roles/mailman/templates/pre-backup.sh.j2 @@ -6,7 +6,7 @@ set -eo pipefail {% if mailman_db_engine == 'postgres' %} {% if mailman_db_server not in ['localhost', '127.0.0.1'] %} PGPASSWORD={{ mailman_db_pass | quote }} \ - /usr/pgsql-13/bin/pg_dump \ + /usr/pgsql-14/bin/pg_dump \ --clean \ --create \ --username={{ mailman_db_user | quote }} \ @@ -15,7 +15,7 @@ PGPASSWORD={{ mailman_db_pass | quote }} \ {{ mailman_db_name[db] }} | \ zstd -c > {{ mailman_root_dir }}/backup/{{ mailman_db_name[db] }}.sql.zst {% else %} -su - postgres -c "/usr/pgsql-13/bin/pg_dump --clear {{ mailman_db_name[db] }}" | \ +su - postgres -c "/usr/pgsql-14/bin/pg_dump --clear {{ mailman_db_name[db] }}" | \ {% endif %} zstd -c > {{ mailman_root_dir }}/backup/{{ mailman_db_name[db] }}.sql.zst {% else %} diff --git a/roles/matrix_synapse/tasks/archive_pre.yml b/roles/matrix_synapse/tasks/archive_pre.yml index f2f2a1b..ed3f8a4 100644 --- a/roles/matrix_synapse/tasks/archive_pre.yml +++ b/roles/matrix_synapse/tasks/archive_pre.yml @@ -19,7 +19,7 @@ - name: Archive a database dump shell: > - /usr/pgsql-13/bin/pg_dump + /usr/pgsql-14/bin/pg_dump --clean --create --host={{ synapse_pg_db_server }} diff --git a/roles/matrix_synapse/tasks/install.yml b/roles/matrix_synapse/tasks/install.yml index 4048e68..fb324ef 100644 --- a/roles/matrix_synapse/tasks/install.yml +++ b/roles/matrix_synapse/tasks/install.yml @@ -13,7 +13,7 @@ alternatives: name: psql-pg_config link: /bin/pg_config - path: /usr/pgsql-13/bin/pg_config + path: /usr/pgsql-14/bin/pg_config when: not synapse_pg_config.stat.exists tags: matrix diff --git a/roles/matrix_synapse/templates/pre-backup.sh.j2 b/roles/matrix_synapse/templates/pre-backup.sh.j2 index 6272e29..dea5491 100644 --- a/roles/matrix_synapse/templates/pre-backup.sh.j2 +++ b/roles/matrix_synapse/templates/pre-backup.sh.j2 @@ -2,7 +2,7 @@ set -eo pipefail -PGPASSWORD='{{ synapse_pg_db_pass }}' /usr/pgsql-13/bin/pg_dump \ +PGPASSWORD='{{ synapse_pg_db_pass }}' /usr/pgsql-14/bin/pg_dump \ --clean \ --create \ --username={{ synapse_pg_db_user }} \ diff --git a/roles/matrix_synapse/vars/RedHat-7.yml b/roles/matrix_synapse/vars/RedHat-7.yml index ddcd7d5..b2c7dff 100644 --- a/roles/matrix_synapse/vars/RedHat-7.yml +++ b/roles/matrix_synapse/vars/RedHat-7.yml @@ -17,7 +17,7 @@ synapse_packages: - libtool - autoconf - automake - - postgresql13 + - postgresql14 - postgresql-devel - libpqxx-devel - jemalloc diff --git a/roles/matrix_synapse/vars/RedHat-8.yml b/roles/matrix_synapse/vars/RedHat-8.yml index ec0c599..ac28bc1 100644 --- a/roles/matrix_synapse/vars/RedHat-8.yml +++ b/roles/matrix_synapse/vars/RedHat-8.yml @@ -17,7 +17,7 @@ synapse_packages: - libtool - autoconf - automake - - postgresql13 + - postgresql14 - postgresql-devel - jemalloc - python3-virtualenv diff --git a/roles/mayan_edms/tasks/archive_pre.yml b/roles/mayan_edms/tasks/archive_pre.yml index 8580240..1bbb593 100644 --- a/roles/mayan_edms/tasks/archive_pre.yml +++ b/roles/mayan_edms/tasks/archive_pre.yml @@ -41,7 +41,7 @@ - name: Dump the database command: > - /usr/pgsql-13/bin/pg_dump + /usr/pgsql-14/bin/pg_dump --clean --create --host={{ mayan_db_server | quote }} diff --git a/roles/mayan_edms/tasks/install.yml b/roles/mayan_edms/tasks/install.yml index 124b24f..cf09c4f 100644 --- a/roles/mayan_edms/tasks/install.yml +++ b/roles/mayan_edms/tasks/install.yml @@ -50,7 +50,7 @@ yum: name: - postgresql-devel - - postgresql13 + - postgresql14 - python-psycopg2 when: mayan_db_engine == 'postgresql' tags: mayan diff --git a/roles/mayan_edms/templates/pre_backup.sh.j2 b/roles/mayan_edms/templates/pre_backup.sh.j2 index 9b414b7..36b488b 100644 --- a/roles/mayan_edms/templates/pre_backup.sh.j2 +++ b/roles/mayan_edms/templates/pre_backup.sh.j2 @@ -9,7 +9,7 @@ set -eo pipefail --quick --single-transaction \ --add-drop-table {{ mayan_db_name | quote }} | zstd -c > {{ mayan_root_dir }}/backup/{{ mayan_db_name }}.sql.zst {% else %} -PGPASSWORD={{ mayan_db_pass | quote }} /usr/pgsql-13/bin/pg_dump \ +PGPASSWORD={{ mayan_db_pass | quote }} /usr/pgsql-14/bin/pg_dump \ --clean \ --create \ --username={{ mayan_db_user | quote }} \ diff --git a/roles/miniflux/tasks/archive_pre.yml b/roles/miniflux/tasks/archive_pre.yml index 3ef2dce..ecd1803 100644 --- a/roles/miniflux/tasks/archive_pre.yml +++ b/roles/miniflux/tasks/archive_pre.yml @@ -10,7 +10,7 @@ - name: Backup the database command: > - /usr/pgsql-13/bin/pg_dump + /usr/pgsql-14/bin/pg_dump --clean --create --host={{ miniflux_db_server }} diff --git a/roles/miniflux/tasks/install.yml b/roles/miniflux/tasks/install.yml index 0704f16..f3ffb41 100644 --- a/roles/miniflux/tasks/install.yml +++ b/roles/miniflux/tasks/install.yml @@ -5,7 +5,7 @@ name: - tar - zstd - - postgresql13 + - postgresql14 tags: miniflux - name: Download miniflux diff --git a/roles/miniflux/templates/pre-backup.j2 b/roles/miniflux/templates/pre-backup.j2 index b0c2ea9..412446e 100644 --- a/roles/miniflux/templates/pre-backup.j2 +++ b/roles/miniflux/templates/pre-backup.j2 @@ -2,7 +2,7 @@ set -eo pipefail -PGPASSWORD='{{ miniflux_db_pass }}' /usr/pgsql-13/bin/pg_dump \ +PGPASSWORD='{{ miniflux_db_pass }}' /usr/pgsql-14/bin/pg_dump \ --clean \ --create \ --username={{ miniflux_db_user | quote }} \ diff --git a/roles/nginx/defaults/main.yml b/roles/nginx/defaults/main.yml index 2637302..663596c 100644 --- a/roles/nginx/defaults/main.yml +++ b/roles/nginx/defaults/main.yml @@ -56,6 +56,7 @@ nginx_default_vhost_base: X-Forwarded-For: '$proxy_add_x_forwarded_for' X-Real-IP: '$remote_addr' X-Forwarded-Proto: '$scheme' + X-Scheme: '$scheme' X-Forwarded-Host: '$host' X-Forwarded-Port: '$server_port' Host: '$host' diff --git a/roles/nginx/templates/ansible_conf.d/30-vhosts.conf.j2 b/roles/nginx/templates/ansible_conf.d/30-vhosts.conf.j2 index 3acb4d4..943be8a 100644 --- a/roles/nginx/templates/ansible_conf.d/30-vhosts.conf.j2 +++ b/roles/nginx/templates/ansible_conf.d/30-vhosts.conf.j2 @@ -179,10 +179,13 @@ server { # Hide some headers sent by the backend proxy_hide_header X-Powered-By; + proxy_hide_header Content-Security-Policy; +{% if vhost.perf %} + # Cache control and expiration is managed by the proxy proxy_hide_header Cache-Control; proxy_hide_header Pragma; proxy_hide_header Expires; - proxy_hide_header Content-Security-Policy; +{% endif %} {% for header in vhost.headers.keys() %} proxy_hide_header {{ header }}; {% endfor %} diff --git a/roles/paperless_ng/tasks/archive_pre.yml b/roles/paperless_ng/tasks/archive_pre.yml index eb7ff19..3b47300 100644 --- a/roles/paperless_ng/tasks/archive_pre.yml +++ b/roles/paperless_ng/tasks/archive_pre.yml @@ -7,7 +7,7 @@ - name: Install postgresql client package: name: - - postgresql13 + - postgresql14 tags: ged - name: Archive previous version @@ -25,7 +25,7 @@ - name: Dump the database command: > - /usr/pgsql-13/bin/pg_dump + /usr/pgsql-14/bin/pg_dump --clean --create --host={{ paperless_db_server | quote }} diff --git a/roles/paperless_ng/templates/pre-backup.j2 b/roles/paperless_ng/templates/pre-backup.j2 index 90f036f..9c4d611 100644 --- a/roles/paperless_ng/templates/pre-backup.j2 +++ b/roles/paperless_ng/templates/pre-backup.j2 @@ -2,7 +2,7 @@ set -eo pipefail -PGPASSWORD='{{ paperless_db_pass }}' /usr/pgsql-13/bin/pg_dump \ +PGPASSWORD='{{ paperless_db_pass }}' /usr/pgsql-14/bin/pg_dump \ --clean \ --create \ --username={{ paperless_db_user | quote }} \ diff --git a/roles/paperless_ng/vars/RedHat-8.yml b/roles/paperless_ng/vars/RedHat-8.yml index ae7490c..4e89153 100644 --- a/roles/paperless_ng/vars/RedHat-8.yml +++ b/roles/paperless_ng/vars/RedHat-8.yml @@ -21,4 +21,4 @@ paperless_packages: - policycoreutils - unpaper - ghostscript - - postgresql13 + - postgresql14 diff --git a/roles/papermerge/tasks/archive_pre.yml b/roles/papermerge/tasks/archive_pre.yml index 7e84f38..bcc97e7 100644 --- a/roles/papermerge/tasks/archive_pre.yml +++ b/roles/papermerge/tasks/archive_pre.yml @@ -7,7 +7,7 @@ - name: Install postgresql client package: name: - - postgresql13 + - postgresql14 tags: ged - name: Stop sevices during upgrade @@ -31,7 +31,7 @@ - name: Dump the database command: > - /usr/pgsql-13/bin/pg_dump + /usr/pgsql-14/bin/pg_dump --clean --create --host={{ papermerge_db_server | quote }} diff --git a/roles/papermerge/tasks/install.yml b/roles/papermerge/tasks/install.yml index 7d37fde..fb781f5 100644 --- a/roles/papermerge/tasks/install.yml +++ b/roles/papermerge/tasks/install.yml @@ -9,7 +9,7 @@ - python-setuptools - python-psycopg2 - postgresql-devel - - postgresql13 + - postgresql14 - tesseract - tesseract-langpack-fra - tesseract-langpack-deu diff --git a/roles/psono/tasks/archive_pre.yml b/roles/psono/tasks/archive_pre.yml index 8b6e9fa..e6d3a9d 100644 --- a/roles/psono/tasks/archive_pre.yml +++ b/roles/psono/tasks/archive_pre.yml @@ -26,7 +26,7 @@ - name: Archive database command: > - /usr/pgsql-13/bin/pg_dump + /usr/pgsql-14/bin/pg_dump --clean --create --host={{ psono_db_server }} diff --git a/roles/repo_base/templates/postgresql-client.repo.j2 b/roles/repo_base/templates/postgresql-client.repo.j2 index 36dd6ac..834c034 100644 --- a/roles/repo_base/templates/postgresql-client.repo.j2 +++ b/roles/repo_base/templates/postgresql-client.repo.j2 @@ -1,9 +1,9 @@ [postgresql-client] -baseurl = https://download.postgresql.org/pub/repos/yum/13/redhat/rhel-$releasever-$basearch +baseurl = https://download.postgresql.org/pub/repos/yum/14/redhat/rhel-$releasever-$basearch gpgcheck = 1 -gpgkey = https://download.postgresql.org/pub/repos/yum/RPM-GPG-KEY-PGDG-13 +gpgkey = https://download.postgresql.org/pub/repos/yum/RPM-GPG-KEY-PGDG-14 name = PostgreSQL Client -includepkgs = postgresql13 postgresql13-libs +includepkgs = postgresql14 postgresql14-libs {% if ansible_os_family == 'RedHat' and ansible_distribution_major_version is version('8', '>=') %} # Workaround a bug in dnf which would make the default module mask packages from postgres repo module_hotfixes = true diff --git a/roles/repo_samba4/defaults/main.yml b/roles/repo_samba4/defaults/main.yml index 1629f7c..93cce59 100644 --- a/roles/repo_samba4/defaults/main.yml +++ b/roles/repo_samba4/defaults/main.yml @@ -1,3 +1,3 @@ --- # Select a branch from https://samba.tranquil.it/centos7/ or https://samba.tranquil.it/centos7/ -samba_major_version: samba-{{ (ansible_distribution_major_version is version('8','<')) | ternary('4.12.15','4.14.7') }} +samba_major_version: samba-{{ (ansible_distribution_major_version is version('8','<')) | ternary('4.12.15','4.14.8') }} diff --git a/roles/wapt_server/templates/pre-backup.sh.j2 b/roles/wapt_server/templates/pre-backup.sh.j2 index 8024db7..316d262 100644 --- a/roles/wapt_server/templates/pre-backup.sh.j2 +++ b/roles/wapt_server/templates/pre-backup.sh.j2 @@ -2,7 +2,7 @@ set -eo pipefail -PGPASSWORD={{ wapt_db_pass | quote }} /usr/pgsql-13/bin/pg_dump \ +PGPASSWORD={{ wapt_db_pass | quote }} /usr/pgsql-14/bin/pg_dump \ --clean \ --create \ --username={{ wapt_db_user | quote }} \ diff --git a/roles/wapt_server/vars/RedHat-7.yml b/roles/wapt_server/vars/RedHat-7.yml index 9051edc..e9aa05c 100644 --- a/roles/wapt_server/vars/RedHat-7.yml +++ b/roles/wapt_server/vars/RedHat-7.yml @@ -3,5 +3,5 @@ wapt_packages: - tis-waptserver - tis-waptsetup - - postgresql13 + - postgresql14 - python-psycopg2 # Needed to manage PG with ansible diff --git a/roles/wapt_server/vars/RedHat-8.yml b/roles/wapt_server/vars/RedHat-8.yml index 11a9ec2..ffb6428 100644 --- a/roles/wapt_server/vars/RedHat-8.yml +++ b/roles/wapt_server/vars/RedHat-8.yml @@ -3,5 +3,5 @@ wapt_packages: - tis-waptserver # - tis-waptsetup - - postgresql13 + - postgresql14 - python3-psycopg2 # Needed to manage PG with ansible