Commits · 1d8d133e8bcd89efb42edab6f94db71ddc90baac · Arch Linux / infrastructure

Jul 08, 2021
- mailman: Forward common mailboxes to root@archlinux.org · 1d8d133e
  Kristian Klausen authored 3 years ago
  
  Verified
  
  1d8d133e
- mailman: Don't receive mails for UNIX system accounts · 70459b61
  Kristian Klausen authored 3 years ago
  
  Verified
  
  70459b61
- mailman: Remove unneeded virtual_alias_maps · cc07ef33
  Kristian Klausen authored 3 years ago
  
  Verified
  
  cc07ef33
Jun 30, 2021
- Add mailman role for the new lists.al.org machine · bc1c5fe6
  Kristian Klausen authored 3 years ago
  
  The DNS is still pointing to luna.
  bc1c5fe6
Apr 12, 2021
- remove unused mailman role · 207bee2a
  Jelle van der Waa authored 3 years ago
  
  The redirects are now done by the `redirects` role.
  Verified
  
  207bee2a
Apr 08, 2021

Kristian Klausen authored 4 years ago and

A extra access_log entry was added with the following commands:
$ cd roles
$ grep -lr access_log | xargs -P 1 -n 1 sed -i '/access_log/ s/\(.*\)\( \)\(\(reduced\|main\);$\)/\1 \3\n\1.json json_\3/'

Verified

b70d04fa

Feb 14, 2021

Make ansible-lint happy · 4112bdf9

Kristian Klausen authored 4 years ago

yaml: truthy value should be one of [false, true] (truthy)
yaml: wrong indentation: expected 4 but found 2 (indentation)
yaml: too few spaces before comment (comments)
yaml: missing starting space in comment (comments)
yaml: too many blank lines (1 > 0) (empty-lines)
yaml: too many spaces after colon (colons)
yaml: comment not indented like content (comments-indentation)
yaml: no new line character at the end of file (new-line-at-end-of-file)
load-failure: Failed to load or parse file
parser-error: couldn't resolve module/action 'hosts'. This often indicates a misspelling, missing collection, or incorrect module path.

4112bdf9

Sep 05, 2019
- nginx: Use matchless https redirection · 93f5d62d
  Jan Alexander Steffens (heftig) authored 5 years ago
  
  https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/#taxing-rewrites
  Verified
  
  93f5d62d
May 30, 2018

nginx: Reduce access log content for static data · f5ee7a08

Florian Pritz authored 6 years ago

For proxy/fastcgi/uwsgi blocks, logging is still set to the old format,
but for everything else (= static data) a reduced format is used that
excludes items that no longer make sense (request_time, remote_user) and
those that are personal information all the time (remote_addr, http_x_forwarded_for).

Signed-off-by: Florian Pritz <bluewind@xinu.at>

Verified

f5ee7a08

Disable access log for https redirects in nginx · ebd659d6
Florian Pritz authored 6 years ago
```
Signed-off-by: Florian Pritz <bluewind@xinu.at>
```
Verified

ebd659d6

Feb 19, 2018

Define and use our own log format for nginx · 6bf14014

Florian Pritz authored 7 years ago


This is the same as used on luna and as expected by the zabbix nginx
monitoring service.

Signed-off-by: Florian Pritz <bluewind@xinu.at>

Verified

6bf14014

Feb 10, 2017

roles/*: Fix nginx log dir permissions · ff27e416

Giancarlo Razzolini authored 8 years ago

To correctly be safe for CVE-2016-1247, we need all nginx log dirs
to be owned by both user and group root. Also, since nginx childs
runs as http user, the directories permissions must be 0755, so the
http user can descent into it. Since the logrotate will create the
log files as http:log, the nginx childs will be able to write to the
logs, but will not be able to create files inside those dirs, fully
preventing CVE-2016-1247.

Verified

ff27e416

Feb 08, 2017
- mailman: Add redirect for mailman.archlinux.org · 791144b9
  Florian Pritz authored 8 years ago
  
  Signed-off-by: Florian Pritz <bluewind@xinu.at>
  Verified
  
  791144b9

Admin message