Hi all,
this week ansible Updates to our server systems have been rolled out with a lot of smaller changes to servers directly, more work has been put into stabilizing automated rollouts and configuration via Ansible.
Kind regards
Gunnar
Release 22.03 (2022-10-28)
Highlights
- VPN Monitoring
- CDE Updates
- sFTP Rollout reworked
Added
- inventory: “deployment” local dev test stage live environment definition
- keepalived setup for CDE servers
- mariadB upgrade playbook for KVM guests
- root authorized keys now set up from freeipa SSH pubkeys of “admin” group
- sftp_ipa: implemented permissions for multiple groups on shares
- tools/get-dns-zone-ips: DNS zone free ip finder
- tools/get-vmhost-ressources: added RSS, VSZ mem
- users and groups setup for CDE servers
- vpn monitoring at xres routers
- xrescachenode: added zstd compressed tmpfs mount (zram) under /tmp
Changes
- Adjusted fstab mount options in a way that btrfs and xfs data volumes mount
- SSH pubkeys for root are now assembled from multiple roles and playbook
- ansible: monitoring playbook continues on db servers in case mysql is not yet installed
- cde: reworked ssh setup: pubkeys for users pulled from freeipa client on jump server
- disabled mariadb rollout for containers
- inventory: README updated with old “doc” stuff
- inventory: cleaned up global/meta/class group scheme
- inventory: combined README files under
doc into one document - mariadb: configured extra logfile for mysql errors
- megacli-healthcheck: added raid level translation
- nscd: Fixed error in nscd rollout - nscd service has not been enabled and started on some servers
- reworked sftp role to work with ipa groups, improved acl handling - split role “sftpipa” and “sftpunix”
- ssh pubkeys pulled from freeipa instead from fixed inventory entries
- tools, csvedit: Fixed csv.DictWriter() using CRLF instead of LF
- tools, csvedit: Fixed error of creating empty files for mistyped csv file names
- tools: Fixed vim yaml file indenting
- tools: bash: longer history, date in history
