Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Bug fixes 2.x pr 2.x (#1975) * Improving AWS subnet docs. * Error in timers structure in the SSL role. * Removing obsolete backports requirements. * Allow the billing role to access Sustainability information. * Missing comma in IAM billing policy. * Removing broken GitLab Runner code. * Fixed the include_role task in gitlab_runner. * Suppressing a failure if there is no system pip to call. * Logic error in Ansible installer username, needs to be set from calling role. * ansible_user is a reserved variable, seems to be causing issues. * _ansible_ANYTHING is reserved, using _install_username instead. * python_boto role also needs the username set in the calling role. * Updating python_boto docs. * Making profile.d loading more robust. * Also pip removing ansible-core and trying with pip and pip3 to cover all bases. * Updating bad AWS SG role var namespacing in other roles. * Refactoring how we handle python3-pip. * Allow passing in of the Python interpreter to Ansible. * Updating the packages server for CE. * Installing Ansible in a venv on all machines. * Changing common_base format for readability. * No need to specify Python to the point release. * Docs update. * Fixing LDAP SSL to use systemd timer. * Allowing different systemd timer names for different Ansible installs. * Fixing dynamic key name in ansible role. * Trying to debug missing timer_command var. * Treating the timer string so it becomes a dict. * Moving default log location for clamav. * Updating ClamAV docs. * Grouping systemd timer tasks together. * Exposing ce-provision version in build output. * Wrong variable in meta role for controller username. * Removing any reference to _aws variables in debian role defaults. * Setting more sane ASG defaults. * Making ClamAV timers a list so they can be entirely replaced. * Spacing fix for linting. * Renaming npm module. * Removing NGINX installation as part of phpMyAdmin role by default. * Fixing Varnish handler names. * Excluding name[casing] rule from linting due to false positives. * Put rule in wrong place! * Removing lock file behaviour from ASGs as it cannot work unless controller and ASG are in the same VPC. * Capturing lock file limitations in comment. * Updating documentation for LE. * Using pip to install certbot plugins. * Updating README docs. * Docs error corrected. * Working around deprecated SSH algorithms. * Upgrading SSH key type standard for controller and deploy users. * Adding SCP args for legacy mode needed by Packer. * Adding an extra when clause to ACM SAN cert check. * Trying different approach to ACM SAN cert check. * Removing /bin/which from rkhunter defaults, it isn't present in Debian 11. * RDS param group module has changed name. * Adding passlib to libraries installed for ce-provision. * Adding in valid path for 'which' to rkhunter. * Catching up documentation. * Catching up documentation. * Making user creation optional and home directories a variable. * Missed passing new home var to task. * Fixing firewall.bash deletion issues. * Getting rid of accidental extra braces. * Simplifying usernames so you only need to set one var. * Docs update and making Ansible installation via _init an option. * Variable path error. * Updating linter ignore paths. * Making the NGINX test result var private. * Documentation update. * Fixing role dependency in NGINX role. * Adding installation path handling for Galaxy collections. * Removing -p option due to unexpected ill effects for role paths. * Moving X-Content-Type-Options header to project type templates. * Adding some inline documentation. * Bug fixes 2.x pr 2.x (#1978) * Improving AWS subnet docs. * Error in timers structure in the SSL role. * Removing obsolete backports requirements. * Allow the billing role to access Sustainability information. * Missing comma in IAM billing policy. * Removing broken GitLab Runner code. * Fixed the include_role task in gitlab_runner. * Suppressing a failure if there is no system pip to call. * Logic error in Ansible installer username, needs to be set from calling role. * ansible_user is a reserved variable, seems to be causing issues. * _ansible_ANYTHING is reserved, using _install_username instead. * python_boto role also needs the username set in the calling role. * Updating python_boto docs. * Making profile.d loading more robust. * Also pip removing ansible-core and trying with pip and pip3 to cover all bases. * Updating bad AWS SG role var namespacing in other roles. * Refactoring how we handle python3-pip. * Allow passing in of the Python interpreter to Ansible. * Updating the packages server for CE. * Installing Ansible in a venv on all machines. * Changing common_base format for readability. * No need to specify Python to the point release. * Docs update. * Fixing LDAP SSL to use systemd timer. * Allowing different systemd timer names for different Ansible installs. * Fixing dynamic key name in ansible role. * Trying to debug missing timer_command var. * Treating the timer string so it becomes a dict. * Moving default log location for clamav. * Updating ClamAV docs. * Grouping systemd timer tasks together. * Exposing ce-provision version in build output. * Wrong variable in meta role for controller username. * Removing any reference to _aws variables in debian role defaults. * Setting more sane ASG defaults. * Making ClamAV timers a list so they can be entirely replaced. * Spacing fix for linting. * Renaming npm module. * Removing NGINX installation as part of phpMyAdmin role by default. * Fixing Varnish handler names. * Excluding name[casing] rule from linting due to false positives. * Put rule in wrong place! * Removing lock file behaviour from ASGs as it cannot work unless controller and ASG are in the same VPC. * Capturing lock file limitations in comment. * Updating documentation for LE. * Using pip to install certbot plugins. * Updating README docs. * Docs error corrected. * Working around deprecated SSH algorithms. * Upgrading SSH key type standard for controller and deploy users. * Adding SCP args for legacy mode needed by Packer. * Adding an extra when clause to ACM SAN cert check. * Trying different approach to ACM SAN cert check. * Removing /bin/which from rkhunter defaults, it isn't present in Debian 11. * RDS param group module has changed name. * Adding passlib to libraries installed for ce-provision. * Adding in valid path for 'which' to rkhunter. * Catching up documentation. * Catching up documentation. * Making user creation optional and home directories a variable. * Missed passing new home var to task. * Fixing firewall.bash deletion issues. * Getting rid of accidental extra braces. * Simplifying usernames so you only need to set one var. * Docs update and making Ansible installation via _init an option. * Variable path error. * Updating linter ignore paths. * Making the NGINX test result var private. * Documentation update. * Fixing role dependency in NGINX role. * Adding installation path handling for Galaxy collections. * Removing -p option due to unexpected ill effects for role paths. * Moving X-Content-Type-Options header to project type templates. * Adding some inline documentation. * Fixing Postfix template to allow external relays. * Bug fixes 2.x pr 2.x (#1980) * Improving AWS subnet docs. * Error in timers structure in the SSL role. * Removing obsolete backports requirements. * Allow the billing role to access Sustainability information. * Missing comma in IAM billing policy. * Removing broken GitLab Runner code. * Fixed the include_role task in gitlab_runner. * Suppressing a failure if there is no system pip to call. * Logic error in Ansible installer username, needs to be set from calling role. * ansible_user is a reserved variable, seems to be causing issues. * _ansible_ANYTHING is reserved, using _install_username instead. * python_boto role also needs the username set in the calling role. * Updating python_boto docs. * Making profile.d loading more robust. * Also pip removing ansible-core and trying with pip and pip3 to cover all bases. * Updating bad AWS SG role var namespacing in other roles. * Refactoring how we handle python3-pip. * Allow passing in of the Python interpreter to Ansible. * Updating the packages server for CE. * Installing Ansible in a venv on all machines. * Changing common_base format for readability. * No need to specify Python to the point release. * Docs update. * Fixing LDAP SSL to use systemd timer. * Allowing different systemd timer names for different Ansible installs. * Fixing dynamic key name in ansible role. * Trying to debug missing timer_command var. * Treating the timer string so it becomes a dict. * Moving default log location for clamav. * Updating ClamAV docs. * Grouping systemd timer tasks together. * Exposing ce-provision version in build output. * Wrong variable in meta role for controller username. * Removing any reference to _aws variables in debian role defaults. * Setting more sane ASG defaults. * Making ClamAV timers a list so they can be entirely replaced. * Spacing fix for linting. * Renaming npm module. * Removing NGINX installation as part of phpMyAdmin role by default. * Fixing Varnish handler names. * Excluding name[casing] rule from linting due to false positives. * Put rule in wrong place! * Removing lock file behaviour from ASGs as it cannot work unless controller and ASG are in the same VPC. * Capturing lock file limitations in comment. * Updating documentation for LE. * Using pip to install certbot plugins. * Updating README docs. * Docs error corrected. * Working around deprecated SSH algorithms. * Upgrading SSH key type standard for controller and deploy users. * Adding SCP args for legacy mode needed by Packer. * Adding an extra when clause to ACM SAN cert check. * Trying different approach to ACM SAN cert check. * Removing /bin/which from rkhunter defaults, it isn't present in Debian 11. * RDS param group module has changed name. * Adding passlib to libraries installed for ce-provision. * Adding in valid path for 'which' to rkhunter. * Catching up documentation. * Catching up documentation. * Making user creation optional and home directories a variable. * Missed passing new home var to task. * Fixing firewall.bash deletion issues. * Getting rid of accidental extra braces. * Simplifying usernames so you only need to set one var. * Docs update and making Ansible installation via _init an option. * Variable path error. * Updating linter ignore paths. * Making the NGINX test result var private. * Documentation update. * Fixing role dependency in NGINX role. * Adding installation path handling for Galaxy collections. * Removing -p option due to unexpected ill effects for role paths. * Moving X-Content-Type-Options header to project type templates. * Adding some inline documentation. * Fixing Postfix template to allow external relays. * Adding a FQDN postfix transport map. * Updating defaults pr 2.x (#1982) * Updated-defaults-for-aws_acl-role * Removing-Identity-search --------- Co-authored-by: Matej Stajduhar <[email protected]> * Updating defaults pr 2.x (#1984) * Updated-defaults-for-aws_acl-role * Removing-Identity-search * Removing-undefined-variable --------- Co-authored-by: Matej Stajduhar <[email protected]> * Removing-gawk-apt (#1985) * Adding-gawk-removing-gawk-csh (#1987) * Adding-when-statement-for-assigning-instance (#1990) * Adding-when-statement-for-assigning-instance * Adding-check-prior-to-assigning-resources * Adding-check-prior-to-assigning-resources * Adding-region-to-aws-cli-command * Print-protected-resource * Adding-resource-type-definition * Resolved-conflicts * Removing-empty-line * Disabling-assigning-instance-to-restore-testing-plan --------- Co-authored-by: Matej Stajduhar <[email protected]> * Matching-2.x-and-devel-branches (#1999) Co-authored-by: Matej Stajduhar <[email protected]> * Adding-aws-ses-role (#2003) * Adding-aws-ses-role * Removing-python-script * Changing-domain-name * Using-variable-for-domain-name --------- Co-authored-by: Matej Stajduhar <[email protected]> * Resolving-conflicts (#2015) Co-authored-by: Matej Stajduhar <[email protected]> * Resolving-conflicts (#2018) Co-authored-by: Matej Stajduhar <[email protected]> * Updating nginx ssl le roles pr 2.x (#2021) * Updating-nginx-SSL-LE-roles * Updating-nginx-vars * r70260 Option to ignore false-positive shared memory segment warnings (#2023) * Adding-wazuh-ossec-from-enigma00a (#2027) * Updating-gitlab-runner-env (#2031) * r70987-decom-vpn-guest (#2034) * r70797 nodhcp module in system role for hetzner cloud systems (#2036) * r70797 nodhcp module in system role for hetzner cloud systems * fix syntax * r70797 set pipefail to resolve linting failure * fix pipefail with bash (#2038) * fix var in templ (#2040) * R70928 adding webroot option for le ssl task and fixing looping over domains pr 2.x (#2042) * r70928-adding-webroot-option-for-LE-SSL-task-and-fixing-looping-over-domains * Changing-LE-cron * Changing-script-from-sh-to-bash --------- Co-authored-by: Matej Stajduhar <[email protected]> * Updating-local-ossec-rules (#2045) * Updating-local-ossec-rules * Fixing-syntax * Updating-wazuh-vars (#2048) * Updating-wazuh-vars * Changing-var-defaults * Removing-wrong-variables * r70260-rkhunter-tested-good-tweaks (#2051) * Fixing-LE-renew-timer (#2052) Co-authored-by: Matej Stajduhar <[email protected]> * R70260 rkhunter tweak portpathwhitelist pr 2.x (#2055) * r70260-rkhunter-tweak-portpathwhitelist TEST * sanitise portpath items * Updating-system-role-condition (#2056) * Updating system role condition pr 2.x (#2059) * Updating-system-role-condition * Updating-system-role-condition-v2 * r71121-tweak-nohetznerdhcp-condition (#2061) * Changing-aws-acl-when-statement (#2063) Co-authored-by: Matej Stajduhar <[email protected]> * R71127 r71052 check pr 2.x (#2073) * r71127-r71052-attemt-to-workaround-elb-module-change-or-bug * debug alb issue * revert changes as the bug is outside of ce-provision https://github.com/ansible-collections/amazon.aws/issues/2376 * Newer aws collection test pr 2.x (#2077) * newer_aws_collection_test * 8.2.1 didnt work, back to 8.0.1 * r71171-efs-client-upgrade (#2079) * Turning-off-ami-cleanup-task (#2083) Co-authored-by: Matej Stajduhar <[email protected]> * Changing subnet for rds pr 2.x (#2087) * Changing-subnet-for-RDS * Uncommenting-tasks --------- Co-authored-by: Matej Stajduhar <[email protected]> * fix(debian/duplicity): Fix missing compilation dependencies (#2029) * fix(php-fpm): Set a good process children default for bigger servers (#1895) * fix(php-fpm): Set a good process children default for bigger servers * Fix min max logic * formatting * Fixing-RDS-backup-validation (#2089) Co-authored-by: Matej Stajduhar <[email protected]> * Updating-postfix-default-transport-maps (#2092) * Updated lambda backup validation reporting pr 2.x (#2099) * Updated-lambda-backup-validation-reporting * Updating-docs * Updating-lambda-handler * Adding-region-to-cloudwatch-task * Trimming-version-number-from-lambda * Fixing-text-manipulation * Updating-arn-for-cloudwatch-task --------- Co-authored-by: Matej Stajduhar <[email protected]> * Bug fixes 2.x pr 2.x (#2096) * Improving AWS subnet docs. * Error in timers structure in the SSL role. * Removing obsolete backports requirements. * Allow the billing role to access Sustainability information. * Missing comma in IAM billing policy. * Removing broken GitLab Runner code. * Fixed the include_role task in gitlab_runner. * Suppressing a failure if there is no system pip to call. * Logic error in Ansible installer username, needs to be set from calling role. * ansible_user is a reserved variable, seems to be causing issues. * _ansible_ANYTHING is reserved, using _install_username instead. * python_boto role also needs the username set in the calling role. * Updating python_boto docs. * Making profile.d loading more robust. * Also pip removing ansible-core and trying with pip and pip3 to cover all bases. * Updating bad AWS SG role var namespacing in other roles. * Refactoring how we handle python3-pip. * Allow passing in of the Python interpreter to Ansible. * Updating the packages server for CE. * Installing Ansible in a venv on all machines. * Changing common_base format for readability. * No need to specify Python to the point release. * Docs update. * Fixing LDAP SSL to use systemd timer. * Allowing different systemd timer names for different Ansible installs. * Fixing dynamic key name in ansible role. * Trying to debug missing timer_command var. * Treating the timer string so it becomes a dict. * Moving default log location for clamav. * Updating ClamAV docs. * Grouping systemd timer tasks together. * Exposing ce-provision version in build output. * Wrong variable in meta role for controller username. * Removing any reference to _aws variables in debian role defaults. * Setting more sane ASG defaults. * Making ClamAV timers a list so they can be entirely replaced. * Spacing fix for linting. * Renaming npm module. * Removing NGINX installation as part of phpMyAdmin role by default. * Fixing Varnish handler names. * Excluding name[casing] rule from linting due to false positives. * Put rule in wrong place! * Removing lock file behaviour from ASGs as it cannot work unless controller and ASG are in the same VPC. * Capturing lock file limitations in comment. * Updating documentation for LE. * Using pip to install certbot plugins. * Updating README docs. * Docs error corrected. * Working around deprecated SSH algorithms. * Upgrading SSH key type standard for controller and deploy users. * Adding SCP args for legacy mode needed by Packer. * Adding an extra when clause to ACM SAN cert check. * Trying different approach to ACM SAN cert check. * Removing /bin/which from rkhunter defaults, it isn't present in Debian 11. * RDS param group module has changed name. * Adding passlib to libraries installed for ce-provision. * Adding in valid path for 'which' to rkhunter. * Catching up documentation. * Catching up documentation. * Making user creation optional and home directories a variable. * Missed passing new home var to task. * Fixing firewall.bash deletion issues. * Getting rid of accidental extra braces. * Simplifying usernames so you only need to set one var. * Docs update and making Ansible installation via _init an option. * Variable path error. * Updating linter ignore paths. * Making the NGINX test result var private. * Documentation update. * Fixing role dependency in NGINX role. * Adding installation path handling for Galaxy collections. * Removing -p option due to unexpected ill effects for role paths. * Moving X-Content-Type-Options header to project type templates. * Adding some inline documentation. * Fixing Postfix template to allow external relays. * Adding a FQDN postfix transport map. * Updating CI to 2.x. * Defending against missing Ansible. * Making the ce-provision-config branch in CI dynamic. * We do not want a 'ce-dev provision' because it breaks our controller. * Reverting 'ce-dev provision' change. * Trying a different ansible_facts var. * Testing using the source branch in ce-dev. * Setting max_childen to an integer to avoid CI issues. * Trying to change the python interpreter used. * Adding platform and cgroup values to ce-dev compose template. * Trying latest ubuntu containers in GitHub Actions. * Fixing the test.sh script to work with venvs. * Documentation for PHP in CI. * Avoiding-backup-restoration-for-dev-env (#2108) Co-authored-by: Matej Stajduhar <[email protected]> * Updating-nodejs-to-nodistro (#2094) * Updating-nodejs-to-nodistro * Fixing-nodejs-unattended-upgrades * r71344-Updating-aws-acl-role (#2111) Co-authored-by: Matej Stajduhar <[email protected]> * r71344-Updating-aws-acl-role (#2112) * r71344-Updating-aws-acl-role * Adding-option-to-avoid-recreating-ACLs * Updating-aws-acl-vars * Updating-aws-acl-vars-2 --------- Co-authored-by: Matej Stajduhar <[email protected]> * Fixing-non-utf8-item (#2116) Co-authored-by: Matej Stajduhar <[email protected]> * Fixing non utf8 item pr 2.x (#2117) * Fixing-non-utf8-item * Changing-var-name-for-when-condition --------- Co-authored-by: Matej Stajduhar <[email protected]> * Fixing-utf8 (#2129) * Fixing utf8-2.x (#2131) * Fixing-utf8 * Adding-debug * Changing-lambda-creation-from-tip-file-to-s3 (#2122) * Changing-lambda-creation-from-tip-file-to-s3 * Fixing-syntax-error * indentation-fix * Finishing-backup-valdation-role --------- Co-authored-by: Matej Stajduhar <[email protected]> * Updating email notification title pr 2.x (#2140) * Updating-email-notification-title * Resolving-conflicts * Resolving-conflicts-2 --------- Co-authored-by: Matej Stajduhar <[email protected]> * Adding-defaults-to-max-children (#2141) * Adding defaults to max children pr 2.x (#2144) * Adding-defaults-to-max-children * Updating-max-children * Updating-php-defaults (#2145) * Updating php defaults pr 2.x (#2147) * Updating-php-defaults * Updating-php-defaults * Updating-php-defaults * efs_version_fix_for_old_debian_workaround (#2151) * fix(duplicity): Fix file name of include/exclude list (#2152) * Bug fixes 2.x pr 2.x (#2120) * Removing /bin/which from rkhunter defaults, it isn't present in Debian 11. * RDS param group module has changed name. * Adding passlib to libraries installed for ce-provision. * Adding in valid path for 'which' to rkhunter. * Catching up documentation. * Catching up documentation. * Making user creation optional and home directories a variable. * Missed passing new home var to task. * Fixing firewall.bash deletion issues. * Getting rid of accidental extra braces. * Simplifying usernames so you only need to set one var. * Docs update and making Ansible installation via _init an option. * Variable path error. * Updating linter ignore paths. * Making the NGINX test result var private. * Documentation update. * Fixing role dependency in NGINX role. * Adding installation path handling for Galaxy collections. * Removing -p option due to unexpected ill effects for role paths. * Moving X-Content-Type-Options header to project type templates. * Adding some inline documentation. * Fixing Postfix template to allow external relays. * Adding a FQDN postfix transport map. * Updating CI to 2.x. * Defending against missing Ansible. * Making the ce-provision-config branch in CI dynamic. * We do not want a 'ce-dev provision' because it breaks our controller. * Reverting 'ce-dev provision' change. * Trying a different ansible_facts var. * Testing using the source branch in ce-dev. * Setting max_childen to an integer to avoid CI issues. * Trying to change the python interpreter used. * Adding platform and cgroup values to ce-dev compose template. * Trying latest ubuntu containers in GitHub Actions. * Fixing the test.sh script to work with venvs. * Documentation for PHP in CI. * Adding GitLab test back in. * Fixing role namespaces. * Minor bug fixes to ce-provision installer. * Testing installing ce-provision in the GitHub Actions container directly. * Using the submitted install script as well. * Trying as runner user. * Trying to use the ce-dev base container. * Updating key name. * Suppressing systemd actions in Docker. * Seems Ansible flags have changed. * Still trying to get --extra-vars right! * Catching Ansible Galaxy upgrade timers for docker containers. * Trying to force --roles-path for Galaxy. * Trying different quotes. * Missed a line. * Trying a different approach to passing vars. * Adding some debug. * Running ce-python debug first. * Trying moving to the ce-provision directory. * Checking the specific path to galaxy roles in ce-provision. * Trying as controller user again. * Trying to make the roles dir. * Being consistent about paths in bash. * Removing debug lines for now. * Allowing script to skip iptables. * Misnamed flag. * Adding user_provision role to configure controller user. * Wrapping cleanup so it doesn't break GitHub Actions. * Completing variables for user_provisin. * Missed the sudoers var. * Quoting vars. * GitLab installer needs _domain_name. * Logic error in clean-up script. * Fixing paths to ce-provision in container. * Trying to fix CI perms issues. * Git dubious ownership error. * Git dubious ownership error. * Running the web server test as the controller user. * Missed a controller var. * Commenting out the CE container to test. * Adding a separate step for Git actions. * Need sudo for Ubuntu. * Using a volume to persist data between steps. * Adding debug commands to test volumes. * Tweaking volumes. * Adding the checkout command back in. * Trying a different approach. * ls command looks good, so putting web build back in. * More Ansible Galaxy debug. * Trying to make ansible-galaxy detect installed roles. * Run galaxy command as controller. * Trying galaxy command and cd wrapped in su. * Specifically checking the contents of galaxy/roles. * Trying a double-tap install process. * Quick refactor and debug of SSH. * Adding OpenSSH server package. * Checking for a firewall. * Checking listening packages. * Starting SSHD especially. * Starting SSHD without systemd. * Pre-empting config a bit more. * More galaxy path debug. * Running a find to see if we can find the missing roles. * More verbosity. * Checking for missing requirements file. * Removing eroneous when clause. * Tidying up redundant debug lines. * Creating a separate ci.yml play targeting localhost. * Making sure sshd is running. * Tidying up GitLab CI file and installing SSHD. * Installing SSHD as a separate step. * SSHD already installed, starting it instead. * Don't create systemd timers in containers. * Preparing a test GitLab build. * Making builds nightly and fixing GitLab role bug. * Ensuring is_local var exists and making lock behaviour optional. * Fixing location and owner of Blackfire config so it is configurable. * Documentation update. * Removing all is defined checks for is_local since it is now always defined. * Letting GitLab know it's on Docker earlier. * Trying to run runsvdir-start to avoid container freezing. * Temporarily skipping reconfigure of GitLab to test the rest. * Trying to move GitLab reconfigure commands to CI. * Fixing service namespace for runner and reinstating GitLab tasks. * Trying to get config script working for GitLab in CI. * No systemd, do not try to restart gitlab-runner. * Removing firewall role from CI GitLab test, don't need it and it breaks CI. * Outputting PostGreSQL logs to see if there are errors. * Outputting PostGreSQL logs to see if there are errors. * Trying the config script for GitLab again. * Suppressing extra GitLab config for CI runs. * Setting Blackfire CLI defaults to use ce-dev user. * Update .wikis2pages.yml * Nightly builds (#2153) * Create ce-provision-test-nightly.yml * Remove nightly check from GitLab test. * Remove nightly check from web server test. * Removing branch references. * Updating installer config branch to 2.x * Removing config branch, default is fine now * Updating-wazuh-template (#2154) * Updating le template (#2156) * Updating-le-template * Updating-le-template * Reworking-nodejs-for-older-versions (#2157) * Reworking nodejs for older versions pr 2.x (#2159) * Reworking-nodejs-for-older-versions * Reworking-nodejs-for-older-versions * Reworking nodejs for older versions pr 2.x (#2160) * Reworking-nodejs-for-older-versions * Reworking-nodejs-for-older-versions * Fixing-nodejs-syntax * Tweaking-apt-types-nodejs * Reworking nodejs for older versions pr 2.x (#2161) * Reworking-nodejs-for-older-versions * Reworking-nodejs-for-older-versions * Fixing-nodejs-syntax * Tweaking-apt-types-nodejs * Separating-node-tasks-for-older-node * Altering workflow in GitHub Actions for building wiki2pages files. * Attempting to set a hosts file for Ansible in CI. * Trying to force Ansible host. * Trying to force Ansible host. * Trying with an inventory file instead. * Running Ansible as the 'ce-dev' user. * Fixing path to playbook. * Disabling host key checking. * Disabling host checking in SSH. * Trying to use ce-dev user instead of root. * Fixing path to scripts. * Adding some debug lines to check playbooks. * Fixing workspace volume mount point. * Trying a whole new /build location. * Setting permissions on mounted disk. * Checking ce-dev dir contents. * Changing mount point to not destroy ce-dev files. * Commenting permissions line. * Fixing playbook paths. * Outputting hosts and SSH config for debug. * Checking SSH settings. * Manually creating authorized_keys. * Fixing path to set-current. * Refactoring SSH set-up and looking at set-current script. * Trying to fix mount point. * Updating paths to generated docs. * Trying to pass in path to wiki2pages. * Removing obsolete debug line. * Correcting path to script. * Changing path we execute from. * Adding first pass at docs publish step. * Repairing working dir paths. * Incorrect repo path. * Removing most of the debug lines. * Publish docs pr 2.x (#2164) * Altering workflow in GitHub Actions for building wiki2pages files. * Attempting to set a hosts file for Ansible in CI. * Trying to force Ansible host. * Trying to force Ansible host. * Trying with an inventory file instead. * Running Ansible as the 'ce-dev' user. * Fixing path to playbook. * Disabling host key checking. * Disabling host checking in SSH. * Trying to use ce-dev user instead of root. * Fixing path to scripts. * Adding some debug lines to check playbooks. * Fixing workspace volume mount point. * Trying a whole new /build location. * Setting permissions on mounted disk. * Checking ce-dev dir contents. * Changing mount point to not destroy ce-dev files. * Commenting permissions line. * Fixing playbook paths. * Outputting hosts and SSH config for debug. * Checking SSH settings. * Manually creating authorized_keys. * Fixing path to set-current. * Refactoring SSH set-up and looking at set-current script. * Trying to fix mount point. * Updating paths to generated docs. * Trying to pass in path to wiki2pages. * Removing obsolete debug line. * Correcting path to script. * Changing path we execute from. * Adding first pass at docs publish step. * Repairing working dir paths. * Incorrect repo path. * Removing most of the debug lines. * Adding more debug to try to find where 1.x is coming from. * Moving the hugo script check. * More debug. * Moving the config.toml debug line. * Checking the entire disk for 2.x. * Trying a find instead of a grep. * Trying to update ce-provision and ce-deploy. * Getting more debug info. * Adding --verbose to Ansible. * Trying running Hugo directly. * Changed the Hugo start script. * Trying just running 'hugo' in the right directory. * Adding ce-deploy back in with option to not run Hugo. * Updating docs to make _Sidebar.md lose the starting slash. * Publish docs pr 2.x (#2166) * Altering workflow in GitHub Actions for building wiki2pages files. * Attempting to set a hosts file for Ansible in CI. * Trying to force Ansible host. * Trying to force Ansible host. * Trying with an inventory file instead. * Running Ansible as the 'ce-dev' user. * Fixing path to playbook. * Disabling host key checking. * Disabling host checking in SSH. * Trying to use ce-dev user instead of root. * Fixing path to scripts. * Adding some debug lines to check playbooks. * Fixing workspace volume mount point. * Trying a whole new /build location. * Setting permissions on mounted disk. * Checking ce-dev dir contents. * Changing mount point to not destroy ce-dev files. * Commenting permissions line. * Fixing playbook paths. * Outputting hosts and SSH config for debug. * Checking SSH settings. * Manually creating authorized_keys. * Fixing path to set-current. * Refactoring SSH set-up and looking at set-current script. * Trying to fix mount point. * Updating paths to generated docs. * Trying to pass in path to wiki2pages. * Removing obsolete debug line. * Correcting path to script. * Changing path we execute from. * Adding first pass at docs publish step. * Repairing working dir paths. * Incorrect repo path. * Removing most of the debug lines. * Adding more debug to try to find where 1.x is coming from. * Moving the hugo script check. * More debug. * Moving the config.toml debug line. * Checking the entire disk for 2.x. * Trying a find instead of a grep. * Trying to update ce-provision and ce-deploy. * Getting more debug info. * Adding --verbose to Ansible. * Trying running Hugo directly. * Changed the Hugo start script. * Trying just running 'hugo' in the right directory. * Adding ce-deploy back in with option to not run Hugo. * Updating docs to make _Sidebar.md lose the starting slash. * Changing sidebar paths didn't fix Hugo. * Re-removing opening slash to fix Hugo. * Fixing Sidebar merge issues. * Publish docs pr 2.x (#2168) * Altering workflow in GitHub Actions for building wiki2pages files. * Attempting to set a hosts file for Ansible in CI. * Trying to force Ansible host. * Trying to force Ansible host. * Trying with an inventory file instead. * Running Ansible as the 'ce-dev' user. * Fixing path to playbook. * Disabling host key checking. * Disabling host checking in SSH. * Trying to use ce-dev user instead of root. * Fixing path to scripts. * Adding some debug lines to check playbooks. * Fixing workspace volume mount point. * Trying a whole new /build location. * Setting permissions on mounted disk. * Checking ce-dev dir contents. * Changing mount point to not destroy ce-dev files. * Commenting permissions line. * Fixing playbook paths. * Outputting hosts and SSH config for debug. * Checking SSH settings. * Manually creating authorized_keys. * Fixing path to set-current. * Refactoring SSH set-up and looking at set-current script. * Trying to fix mount point. * Updating paths to generated docs. * Trying to pass in path to wiki2pages. * Removing obsolete debug line. * Correcting path to script. * Changing path we execute from. * Adding first pass at docs publish step. * Repairing working dir paths. * Incorrect repo path. * Removing most of the debug lines. * Catching up devel. (#2163) * Bug fixes 2.x pr 2.x (#1395) * Improving AWS subnet docs. * Error in timers structure in the SSL role. * Removing obsolete backports requirements. * Allow the billing role to access Sustainability information. * Missing comma in IAM billing policy. * Removing broken GitLab Runner code. * Fixed the include_role task in gitlab_runner. * Suppressing a failure if there is no system pip to call. * Logic error in Ansible installer username, needs to be set from calling role. * ansible_user is a reserved variable, seems to be causing issues. * _ansible_ANYTHING is reserved, using _install_username instead. * python_boto role also needs the username set in the calling role. * Updating python_boto docs. * Making profile.d loading more robust. * Also pip removing ansible-core and trying with pip and pip3 to cover all bases. * Updating bad AWS SG role var namespacing in other roles. * Refactoring how we handle python3-pip. * Allow passing in of the Python interpreter to Ansible. * Updating the packages server for CE. * Installing Ansible in a venv on all machines. * Changing common_base format for readability. * No need to specify Python to the point release. * Docs update. * Fixing LDAP SSL to use systemd timer. * Allowing different systemd timer names for different Ansible installs. * Fixing dynamic key name in ansible role. * Trying to debug missing timer_command var. * Treating the timer string so it becomes a dict. * Moving default log location for clamav. * Updating ClamAV docs. * Ansible install perms pr 2.x (#1398) * 2.x (#1363) * Devel 2.x (#1216) * R62347 fix postfix mail delivery pr devel (#791) * GitHub Actions - Rebuilt documentation. * Need to check if is_local is defined in webserver meta dependencies. (#522) * Ce dev refactor pr 1.x (#518) * Making it easier to test with provision-target and ce-dev. * Moving the provision forcing var back to plays so _init has it. * Adding defaults vars and test script extra options. * Adding a web server test to CI. * examples string needs to be in quotes. * Making sure is_local and _ce_provision_force_play are available to the _init role. * Adding SSH keys to the provision user. * Adding a --force to the test script. * Explicitly adding vars to role. * Fixing _init behaviour and adding SSH key for web role. * Setting default PHP version to 7.4. * Looking up the generated ce-dev SSH key instead of hard-coding one. * We cannot run the ssh_server role locally, so excluding for tests of webserver role. * Trying to remove user_root.yml in case it's breaking CI. * Adding a verbose mode to the test script. * Exposing the command in the test script. * Trying hard-coded keys again. * Changing location of data dir for test containers. * Putting vars back and restricting CI to the 'web' example. * Adding backup handling to ldap_server. (#525) * Adding backup handling to ldap_server. * Improving SSL docs and handling perms for openldap and letsencrypt. * Cron user must be specified with file. * Running as root, do not need a 'sudo' in this cron. * Allowing 'gitLab' to disable Prometheus. (#530) * Allowing 'gitLab' to disable Prometheus. * Booleans to use in jinja2 as strings must be cast as strings. * GitHub Actions - Rebuilt documentation. (#526) Co-authored-by: Code Enigma CI <[email protected]> * Prometheus pr 1.x (#533) * Allowing 'gitLab' to disable Prometheus. * Booleans to use in jinja2 as strings must be cast as strings. * Tidying up CI and adding a GitLab test. * Fixing CI job description. * Add private files support for Drupal in Nginx. (#535) * Prometheus pr 1.x (#539) * Allowing 'gitLab' to disable Prometheus. * Booleans to use in jinja2 as strings must be cast as strings. * Tidying up CI and adding a GitLab test. * Fixing CI job description. * Adding a firewall config preset to open port 80 for LetsEncrypt. * Removing our unused ClamAV roles and adding a Galaxy role to common base. (#541) * Revert "Moving OSSEC pkill to use process_manager role instead. (#258)" (#544) This reverts commit 73c7bd0adb1105436e484fe794182c915b2d25dd. * Moving key servers to a variable so we can set them. (#555) * Moving key servers to a variable so we can set them. * Allowing us to disable sending keys completely. * Oops, doubled up on existing functionality. * Fixing var name. * Adding a reboot option to the patching role. (#557) * Add minimal support for Aurora RDS instances (#567) * Attempt to create an RDS read replica. * Use new task to create Aurora RDS instances. * Try and fix linting issues. * Don't pass max_storage variable for Aurora instances. * Remove more storage related vars from Aurora RDS instance creation task. * Add profile and region to read replica creation. * Try creating the Aurora read replica another way. * Add some debug info. * Work around the silly registering of variables in Ansible. * Rename an RDS CloudWatch task for Aurora DBs and remove RDS debug info. * Add some Aurora info to aws_rds README file. * Use reader instead of replica for Aurora readers. * Remove db_cluster_identifier variable from non-Aurora RDS task. * Gpg servers fix pr 1.x (#571) * Moving key servers to a variable so we can set them. * Allowing us to disable sending keys completely. * Oops, doubled up on existing functionality. * Fixing var name. * Using a pipe to grep with 'command' cannot work, refactoring. * Making CI use the meta deploy role to test gitlab. * We mustn't assume AWS servers for deploy and controller. * Support termination protection in EC2. (#573) * Support termination protection in EC2. * Fixing CI vars. * Fixing CI vars. * Fix managed SSL key perms and the variable used for the private key. (#575) * Ec2 subnet lookup pr 1.x (#583) * First pass at EC2 subnet detection. * Touching subnet file to ensure it exists. * Trying a different approach, file module didn't work. * Switching back to file module. * We need to create the directory for new servers too. * Bad variable name. * Ec2 subnet lookup pr 1.x (#589) * First pass at EC2 subnet detection. * Touching subnet file to ensure it exists. * Trying a different approach, file module didn't work. * Switching back to file module. * We need to create the directory for new servers too. * Bad variable name. * Changing subnet lookup order to check for defined subnet first. * Fixing gitlab-runner overriders so upgrades do not break the runner. (#586) * Fixing gitlab-runner overriders so upgrades do not break the runner. * Fixing override file template. * Hopefully fixing CI. * Making sure the service directory exists. * We cannot use the deploy meta role in CI because of LDAP. * Changing dir perms and adding a force. * Gitlab runner service override pr 1.x (#591) * Fixing gitlab-runner overriders so upgrades do not break the runner. * Fixing override file template. * Hopefully fixing CI. * Making sure the service directory exists. * We cannot use the deploy meta role in CI because of LDAP. * Changing dir perms and adding a force. * Debugging gitlab-runner directory creation issues in CI. * Fixing linting error. * Removing verbosity again but leaving 'stat' command in. * Pass db_cluster_identifier for RDS instance during ASG build (#600) * Pass RDS db_cluster_identifier, if present, during an ASG build. * Use correct variable name for RDS db_cluster_identifier. * Add a commented variable to ASG role for db_cluster_identifier so it's documented. * Also pass in the aurora_reader var from the ASG role when including the aws_rds role. (#605) * Removing obsolete MySQL config option log_syslog from template. (#607) * GitHub Actions - Rebuilt documentation. (#536) Co-authored-by: Code Enigma CI <[email protected]> * Consistent default region pr 1.x (#611) * Moving all region settings to _aws_region var and adding README update. * Documentation update. * No need for region, IAM SAML setup is global, (#617) * Support ebs encryption pr 1.x (#609) * Adding volume encryption and type options plus a bit more flexibility on EBS control for EC2. * Setting more sane default instance sizes. * Adding more EBS options for ASGs. * Setting encryption to match AMI settings. * Setting encryption to match AMI settings. * We also need to dynamically set the ASGs own encrypt_boot var. * We need to merge the new branch changes before we can rebuild the docs. * Fixing merge command in CI. * Not sure toc.sh is actually executing. * Refactoring encrypt EBS flags to avoid detected loop condition in vars. * Safer CI, only adds .md files. * Trying to figure out CI logic for building docs. * Trying to figure out CI logic for building docs. * Trying to figure out CI logic for building docs. * Trying adding a git pull. * Setting git pull config options. * Reordering things. * Adding --allow-unrelated-histories to the git pull. * Trying a feature branch approach. * Forcing the GitHub action to fetch all git history. * Bad whitespace, naughty whitespace. * Trying a different PR action. * Do not merge the branch in, we only want the markdown changes. * Keeping the documentation branch clean. * We need to push a detached HEAD. * Do we need the checkout at all? * Adding a docs pull. * Allow install|update scripts in Drupal8+ (#599) * Add some flexibility to Packer (#633) * Add ability to pass on-error and force to Packer. * Add new Packer options to the ASG role as well. * Packer build options need to be declared before the file that is being built. * Allow Packer ssh_username to be set. * Making PHP >= 8.0 compatible (#634) * Packer VPC filtering (#638) * Add ability to set vpc_filter and subnet AZ for Packer builds. * Add fqcn-builtins to .ansible-lint warn_list for now. * GitHub Actions seemingly ignores warn_list. * Use simplified variables for Packer VPC stuff. * Only use one filter when filtering VPCs for Packer. * Cert management pr 1.x (#640) * Making sure we can't accidentally commit AWS API credentials. * Initial commit of ACM role. * Only pause for a get-certificate call if we want to export. * Updating docs. * Cert management pr 1.x (#642) * Making sure we can't accidentally commit AWS API credentials. * Initial commit of ACM role. * Only pause for a get-certificate call if we want to export. * Updating docs. * Missed a couple of variables to update. * Cert management pr 1.x (#644) * Making sure we can't accidentally commit AWS API credentials. * Initial commit of ACM role. * Only pause for a get-certificate call if we want to export. * Updating docs. * Missed a couple of variables to update. * We cannot rely on the variable being nonexistent here. * Cert management pr 1.x (#647) * Making sure we can't accidentally commit AWS API credentials. * Initial commit of ACM role. * Only pause for a get-certificate call if we want to export. * Updating docs. * Missed a couple of variables to update. * We cannot rely on the variable being nonexistent here. * Allowing ce-provision to set the basic auth message for Nginx. * Supporting SAN certs and tags on ACM certificates. * Fixing namespacing. * Auto-generating SSL certs for ALB and CloudFront. * More namespace fixes. * Fixing CI issue with missing AWS region var. * Reinstating replace_batch_size for ASGs to see if it speeds up infra builds. * Adding public IP option to LC config for ASGs. * Refactoring ACM domain handling so we can create DNS entries for each SAN domain. * Fixing mistake in domains set_fact. * Fixing AnsibleUndefined bug caused by skipped task. * Fix Nginx auth_message in vhost (#653) * Revert auth_message change in Nginx role for now. * Revert "Revert auth_message change in Nginx role for now." This reverts commit d030e4c628728ab553a0f5687497cf566bcd1179. * Add default for Nginx auth_message. * Cert management pr 1.x (#655) * Making sure we can't accidentally commit AWS API credentials. * Initial commit of ACM role. * Only pause for a get-certificate call if we want to export. * Updating docs. * Missed a couple of variables to update. * We cannot rely on the variable being nonexistent here. * Allowing ce-provision to set the basic auth message for Nginx. * Supporting SAN certs and tags on ACM certificates. * Fixing namespacing. * Auto-generating SSL certs for ALB and CloudFront. * More namespace fixes. * Fixing CI issue with missing AWS region var. * Reinstating replace_batch_size for ASGs to see if it speeds up infra builds. * Adding public IP option to LC config for ASGs. * Refactoring ACM domain handling so we can create DNS entries for each SAN domain. * Fixing mistake in domains set_fact. * Fixing AnsibleUndefined bug caused by skipped task. * Handling multiple domain validations for SAN certs. * Fixing bad variable name. * Fixing ASG DNS entries so it adds entries for SAN cert domains too. * For DNS validation we should not use --domain-validation-options at all. * Writing over the aws_acm.extra_domains var didn't work, setting a new var instead. * Bad dict structure. * Improving multi domain handling for ASG DNS. * Supporting multiple CloudFront aliases for an ASG. * Adding options to disable sign-up, sign-in and private projects. (#663) * Making ALB healthchecks optional and defaulting to disabled. (#670) * Making ALB healthchecks optional and defaulting to disabled. * Defaulting back to ELB health checks. * Remove alb healthchecks pr 1.x (#673) * Making ALB healthchecks optional and defaulting to disabled. * Defaulting back to ELB health checks. * Making sure new clusters won't fail because no ALB yet. * Allow user to set cachetool version in the opcache role. (#665) * Allow user to set cachetool version in the opcache role. * Adding a comment for a future improvement. * Adding a 'repack' option for AMIs and ASGs. (#675) * Adding a 'repack' option for AMIs and ASGs. * Adding an option to force a Packer rebuild in an ASG. * Fixing EC2 instance look-up to use cluster name. * Separating AMI provisioning tasks into a tasks file that can be included. * Refactoring AMI operation to allow current behaviour to remain default. * Trying to delegate tasks to target repack instance. * Switching from import_tasks to include_tasks. * Fixing the instance DNS name var. * Changing approach to make a standalone machine to generate AMI from. * Gah! Typo! * AMI generation requires region and profile. * Didn't wrap instance_id lookup properly. * Fixing some missing namespaces. * Missed a bad var when fixing. * Adding full set of variables for EC2 instance. * Fixing AWS SSH key name. * Decided not to use the EC2 + EIP role. * Trying to add a pause after instance launch. * Passing the target branch to Ansible as a var. * Support absolute paths to playbooks. * Refactoring to make ce-provision call itself for AMI packing tasks. * Doubled up the script path. * Switching to base dir var for ce-provision call. * Moving temp EC2 instances for AMI creation to subnet with IGW. * State of EC2 instance needs to be started instead of running. * We need to delete the AMI we created before making another one. * Refactoring AMI repack variables for readability and removing volume size. * Missed a refactored var. * Defending against AMI volume size issues for ASGs. * Refactoring extra vars handling. * For some reason Packer seems to double the brackets. * Revert "For some reason Packer seems to double the brackets." This reverts commit 13ee8df42b80b102e9e19a01407b3afb69952ee5. * Fixing packer.json white space. * We need to reset the _aws_ami_extra_vars variable to an empty string before we rebuild it. * Slight refactor to move the extra vars building to the relevant included tasks. * Slight documentation change. * Moved config extra vars to ce-provision as they are globally sane. * Error in jinja list building for RDS. * Ami repack option pr 1.x (#707) * Adding a 'repack' option for AMIs and ASGs. * Adding an option to force a Packer rebuild in an ASG. * Fixing EC2 instance look-up to use cluster name. * Separating AMI provisioning tasks into a tasks file that can be included. * Refactoring AMI operation to allow current behaviour to remain default. * Trying to delegate tasks to target repack instance. * Switching from import_tasks to include_tasks. * Fixing the instance DNS name var. * Changing approach to make a standalone machine to generate AMI from. * Gah! Typo! * AMI generation requires region and profile. * Didn't wrap instance_id lookup properly. * Fixing some missing namespaces. * Missed a bad var when fixing. * Adding full set of variables for EC2 instance. * Fixing AWS SSH key name. * Decided not to use the EC2 + EIP role. * Trying to add a pause after instance launch. * Passing the target branch to Ansible as a var. * Support absolute paths to playbooks. * Refactoring to make ce-provision call itself for AMI packing tasks. * Doubled up the script path. * Switching to base dir var for ce-provision call. * Moving temp EC2 instances for AMI creation to subnet with IGW. * State of EC2 instance needs to be started instead of running. * We need to delete the AMI we created before making another one. * Refactoring AMI repack variables for readability and removing volume size. * Missed a refactored var. * Defending against AMI volume size issues for ASGs. * Refactoring extra vars handling. * For some reason Packer seems to double the brackets. * Revert "For some reason Packer seems to double the brackets." This reverts commit 13ee8df42b80b102e9e19a01407b3afb69952ee5. * Fixing packer.json white space. * We need to reset the _aws_ami_extra_vars variable to an empty string before we rebuild it. * Slight refactor to move the extra vars building to the relevant included tasks. * Slight documentation change. * Moved config extra vars to ce-provision as they are globally sane. * Error in jinja list building for RDS. * Trailing VPC ID fields using the wrong variable. * Editing GitLab config so LE is enabled and auto-renewing by default. (#709) * Provide profile and region when creating an RDS parameter group, and also provide ability to set the parameter group for an Aurora RDS instance. (#712) * Add a task in ASG role to add an Aurora RDS endpoint. (#714) * Ssl le fixes pr 1.x (#725) * Allow multiple domains to be passed. * Ensuring we don't break older implementations. * First pass at a bash script we can run on cron for LE renewals. * Place the autorenewal script and create a cron entry. * Allowing the HTTP-01 listen port to be set to something other than 80. * Need single quotes within our double quotes. * Adding optional proxy for LE. * Revert "Adding optional proxy for LE." This reverts commit cf5720b450744915872eacafee82164300df90aa. * Adding support for apache and nginx plugins for certbot. * Fixing quote error. * Fixing SSL LE handilng and ensuring other handlers work with multiple provided domains. * Fixing issue with selecting first domain. * Correcting variable names. * LE cron template missing an endfor. * Missing carriage return in LE cron script. * Turns out you can't alter facts passed in via vars by include_role. * Fixing SSL defaults. * Realised if there are multiple different LE runs each needs it's own renewal cron. * Ensure builds don't fail if ssl.web_server isn't provided. * Defending against empty SSL services list. * Improving vhost template LE handling. * Adjusting SSL cert and key var names. * Adding a temporary vhost so newly added domains can request LE certs. * Tabbing error. * Fixing possible 'resolver' errors in Nginx if you use localhost. * Renaming loopvar from domain to certificate_domain to avoid clash with nginx role. * Tweaking Nginx LE handling and making certbot commands customisable. * Fixing minor typo. * Trying giving include_role the public flag. * Documentation updates. * Adding default value to Nginx vhost template. * Move drupal8 install/update config to drupal_common under if local block. (#733) * WIP: 58848 apache role pr 1.x (#667) * Catching up devel. (#243) * Devel (#175) * Wrong filter for efs info * Fix indentation error * Do not purge tags on existing EFS * Wrong name for updating EFS targets * Remove leftover loop * Fix error in subnet gathering * Split EFS creation * Use subnet ids * Wrong var name * Remove dead code * Wrong var * Missing subnet ids * Try not to loose existing SGs * Try to dedupe targets * Wrong syntax for combine * Typo in combining tupples * Wrong var name for append items * Fix appending subnets * Wrong list transformation * Switch to community module for efs * Remove unecessary complexity * Update documentation * Comment out Redefine Autoscale groups task for now and move some of its parameters to the other ASG creation task. * Remove replace_batch_size from ASG creation task, so it now defaults to 1. * Wrap Postfix handler commands in quotes. (#26) * Try using shell instead of command in Postfix handlers. * GitHub Actions integration (#29) * Adding Super Linter workflow for GitHub Actions. * Adding the documentation checker. * Getting GitHub Actions to continue on failure. * Seeing if Git exists. * Missing space. * Re-adding the checkout and the git commands. * Trying Pascal's script. * Adding both lines to the same 'run' command. * GitHub Actions wtf - splitting into two steps. * Trying steps on branch name. * Trying steps on branch name AGAIN. * Would be good to get the syntax right. * Trying different quotes. * Checking the contents of the github.ref variable. * Trying to add in Pascal's testing step. * Adding in /bin/sh to hopefully make test.sh run. * Google says try it with /bin/bash. * Trying a different Ubuntu version. * Installing net-tools to have ifconfig. * Updating testing shell (#28) * Use correct variable when setting the RDS instance type as part of ASG creation. (#27) * Fixing test.sh to explicitly call bash. GitHub Actions only supports Ubuntu containers and Ubuntu shell is dash by default, not bash. Consequently /bin/sh doesn't invoke bash, but dash, which causes some unexpected errors down the line. Co-authored-by: EmlynK <[email protected]> * We probably don't need /bin/bash * Making test.sh executable. * Checking shell. * Explicitly setting shell to bash in provision.sh. * Trying ubuntu-16.04 as Travis used this. * Putting shell back. * Update provision.sh * Making /bin/bash the shell. * Making /bin/bash the shell for provision. * Explicitly stating bash again in YML. * Turns out the mkcert binary is out of date. * Compiled mkcert from source. * Fixing curl error. * Switching to wget. * Starting the linter again and renaming job. * Only lint changed files. * Linting a non-existent branch! * Tidying the documentation check. * Revert "Making /bin/bash the shell for provision." This reverts commit f5f35818205cd364a66a6e51c9f9d8254f016422. * Revert "Making /bin/bash the shell." This reverts commit df585b36877aa2328adc228cd8f76950e2853d36. * Revert "Tidying the documentation check." This reverts commit a0c964e15003c8486f4d01232af6e855a475298e. * Swapping Super-Linter for ansible-lint. * Running ansible-lint directly in the container. * Updating to latest Ubuntu. * Revert "Fixing test.sh to explicitly call bash." This reverts commit 521279ebc16a4c4459c981bfb813cf6aa4d4f3ad. * Fixing ansible-lint issues. * Revert "Fixing ansible-lint issues." This reverts commit 08a74046d567ea80acc080ec3cec60a7f8ceed48. * Removing old travis config. * Spacing issue fix. * Running tests on pull_request only. Co-authored-by: EmlynK <[email protected]> * Use correct variable when setting the RDS instance type as part of ASG creation. (#32) Co-authored-by: Emlyn Kinzett <[email protected]> * Fix alb health check (#31) * It's traffic-port, not target-port. Doh. * Update documentation. Co-authored-by: Emlyn Kinzett <[email protected]> * Adding note on existence of 'config' directory for de-deploy to work. * Adding link to provided example config directory. * Generate saml sso requirements (#33) * Use correct variable when setting the RDS instance type as part of ASG creation. (#27) * Adding AWS CLI and credentials files to local ce-dev. * New AWS IAM Ansible role for creating the necessary IdP and role for admin access. Co-authored-by: EmlynK <[email protected]> * Generate saml sso requirements devel (#36) * Use correct variable when setting the RDS instance type as part of ASG creation. (#27) * Adding AWS CLI and credentials files to local ce-dev. * New AWS IAM Ansible role for creating the necessary IdP and role for admin access. * Cleaning variables to be generic and improving LDAP role handling. Co-authored-by: EmlynK <[email protected]> * Generate saml sso requirements devel (#37) * Use correct variable when setting the RDS instance type as part of ASG creation. (#27) * Adding AWS CLI and credentials files to local ce-dev. * New AWS IAM Ansible role for creating the necessary IdP and role for admin access. * GitHub actions into v1. (#30) * Adding Super Linter workflow for GitHub Actions. * Adding the documentation checker. * Getting GitHub Actions to continue on failure. * Seeing if Git exists. * Missing space. * Re-adding the checkout and the git commands. * Trying Pascal's script. * Adding both lines to the same 'run' command. * GitHub Actions wtf - splitting into two steps. * Trying steps on branch name. * Trying steps on branch name AGAIN. * Would be good to get the syntax right. * Trying different quotes. * Checking the contents of the github.ref variable. * Trying to add in Pascal's testing step. * Adding in /bin/sh to hopefully make test.sh run. * Google says try it with /bin/bash. * Trying a different Ubuntu version. * Installing net-tools to have ifconfig. * Updating testing shell (#28) * Use correct variable when setting the RDS instance type as part of ASG creation. (#27) * Fixing test.sh to explicitly call bash. GitHub Actions only supports Ubuntu containers and Ubuntu shell is dash by default, not bash. Consequently /bin/sh doesn't invoke bash, but dash, which causes some unexpected errors down the line. Co-authored-by: EmlynK <[email protected]> * We probably don't need /bin/bash * Making test.sh executable. * Checking shell. * Explicitly setting shell to bash in provision.sh. * Trying ubuntu-16.04 as Travis used this. * Putting shell back. * Update provision.sh * Making /bin/bash the shell. * Making /bin/bash the shell for provision. * Explicitly stating bash again in YML. * Turns out the mkcert binary is out of date. * Compiled mkcert from source. * Fixing curl error. * Switching to wget. * Starting the linter again and renaming job. * Only lint changed files. * Linting a non-existent branch! * Tidying the documentation check. * Revert "Making /bin/bash the shell for provision." This reverts commit f5f35818205cd364a66a6e51c9f9d8254f016422. * Revert "Making /bin/bash the shell." This reverts commit df585b36877aa2328adc228cd8f76950e2853d36. * Revert "Tidying the documentation check." This reverts commit a0c964e15003c8486f4d01232af6e855a475298e. * Swapping Super-Linter for ansible-lint. * Running ansible-lint directly in the container. * Updating to latest Ubuntu. * Revert "Fixing test.sh to explicitly call bash." This reverts commit 521279ebc16a4c4459c981bfb813cf6aa4d4f3ad. * Fixing ansible-lint issues. * Revert "Fixing ansible-…
- Loading branch information
26 people
authored
Jan 8, 2025
1 parent
2acdd2c
commit 3b093c1