From 62b5ef0b14ca70cba586e11ad80834edf5349822 Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Wed, 9 Jun 2021 18:00:05 +0200 Subject: [PATCH] Update to 2021-06-09 18:00 --- roles/funkwhale/defaults/main.yml | 6 +++--- roles/redis_server/tasks/main.yml | 15 +++++++++++++-- roles/squid/files/acl/software_various.domains | 2 ++ roles/squid/files/acl/software_windows.domains | 5 +++++ 4 files changed, 23 insertions(+), 5 deletions(-) diff --git a/roles/funkwhale/defaults/main.yml b/roles/funkwhale/defaults/main.yml index 121e3df..3472180 100644 --- a/roles/funkwhale/defaults/main.yml +++ b/roles/funkwhale/defaults/main.yml @@ -1,13 +1,13 @@ --- -funkwhale_version: 1.1 +funkwhale_version: 1.1.2 funkwhale_id: 1 # https://dev.funkwhale.audio/funkwhale/funkwhale/-/jobs/artifacts/{{ funkwhale_version }}/download?job=build_front # https://dev.funkwhale.audio/funkwhale/funkwhale/-/jobs/artifacts/{{ funkwhale_version }}/download?job=build_api funkwhale_base_url: https://dev.funkwhale.audio/funkwhale/funkwhale/-/jobs/artifacts/{{ funkwhale_version }}/download funkwhale_archive_sha1: - api: 1b2871d54086235afc00cfd27ff37504d916c9eb - front: 055db8f662cf7d984f042594c093613b89d0546e + api: 43c123ab0f19e81169372d79a3b322cb2e079974 + front: 6a5d2b586fd54dd433a7aeb7ef6fe166485d4a13 funkwhale_root_dir: /opt/funkwhale_{{ funkwhale_id }} # Should ansible manage upgrades of funkwhale, or only initial install diff --git a/roles/redis_server/tasks/main.yml b/roles/redis_server/tasks/main.yml index 23d5ecc..f870a5e 100644 --- a/roles/redis_server/tasks/main.yml +++ b/roles/redis_server/tasks/main.yml @@ -2,10 +2,17 @@ - name: Install redis server yum: name=redis state=present + tags: redis + +- name: Check if /etc/redis dir exists + stat: path=/etc/redis + register: redis_etc_dir + tags: redis - name: Deploy redis configuration - template: src=redis.conf.j2 dest=/etc/redis.conf + template: src=redis.conf.j2 dest={{ (redis_etc_dir.stat.isdir) | ternary('/etc/redis/redis.conf','/etc/redis.conf') }} notify: restart redis + tags: redis - name: Deploy pre and post backup hooks copy: src={{ item.script }} dest=/etc/backup/{{ item.hook }}.d/{{ item.script }} mode=755 @@ -14,9 +21,11 @@ hook: pre - script: 'redis_delete_dumps.sh' hook: post + tags: redis - name: Disable redis-sentinel service: name=redis-sentinel state=stopped enabled=no + tags: redis - name: Handle redis port iptables_raw: @@ -24,8 +33,10 @@ state: "{{ (redis_src_ip | length > 0) | ternary('present','absent') }}" rules: "-A INPUT -m state --state NEW -p tcp --dport {{ redis_port }} -s {{ redis_src_ip | join(',') }} -j ACCEPT" when: iptables_manage | default(True) + tags: redis - name: Start and enable the service - service: name=redis state=started enabled=yes + service: name=redis state=started enabled=True + tags: redis ... diff --git a/roles/squid/files/acl/software_various.domains b/roles/squid/files/acl/software_various.domains index 7a80907..71435f8 100644 --- a/roles/squid/files/acl/software_various.domains +++ b/roles/squid/files/acl/software_various.domains @@ -51,6 +51,8 @@ dl.google.com # Hosts several things, including the Zabbix datasource for Grafana .storage.googleapis.com +# And kubernetes packages +packages.cloud.google.com # Grafana repo grafanarel.s3.amazonaws.com diff --git a/roles/squid/files/acl/software_windows.domains b/roles/squid/files/acl/software_windows.domains index 21a6dd1..1ef3d4a 100644 --- a/roles/squid/files/acl/software_windows.domains +++ b/roles/squid/files/acl/software_windows.domains @@ -34,6 +34,11 @@ crl.comodoca.com isrg.trustid.ocsp.identrust.com crl.identrust.com status.rapidssl.com +crl.certum.pl +ocsp.thawte.com +crl.thawte.com +ts-ocsp.ws.symantec.com +ts-crl.ws.symantec.com # Common AV .avast.com