infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions
21796 commits 9 branches 0 tags 110 MiB
Commit graph

53 commits

Author SHA1 Message Date
Till Maas
8f7acb0dde Increase HSTS max age to one year 
The HSTS preload list requires this now: https://hstspreload.org/
 2018-02-07 12:42:36 +01:00
Patrick Uiterwijk
adcbf72f03 Packageize this, packageize that, packageize the world 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-10-08 22:25:52 +00:00
Nick Bebout
890c57123e Add robots.txt 2017-09-05 01:55:34 +00:00
Nick Bebout
ceccbd1f58 Merge branch 'master' of /git/ansible 2017-05-10 16:21:18 +00:00
Nick Bebout
ab1ba867c8 Disable sks-keyservers.net SSL 2017-05-10 16:21:01 +00:00
Kevin Fenzi
da7df487f9 switch this to pkill and use the new process name 2017-05-02 19:15:50 +00:00
Kevin Fenzi
32b8553fe7 add rule to allow certbot to work 2017-04-25 17:50:55 +00:00
Kevin Fenzi
c90aae63c9 Move keys back to it's own instance and use letsencrypt for cert. 2017-04-25 17:31:31 +00:00
Kevin Fenzi
3d5d20e1e0 drop wildcard keys from keys 2017-04-25 02:50:44 +00:00
Kevin Fenzi
c481276d66 More tweaks of keys for moving behind proxy 2017-04-25 00:47:49 +00:00
Kevin Fenzi
4e3c0cd018 drop redirect to https on keys for now 2017-04-25 00:21:59 +00:00
Nick Bebout
0bbac5dbe3 New sks-keyservers.net cert for keys 2017-02-27 23:29:09 +00:00
Nick Bebout
8ffc6ec982 Add keyserver1/2.canonical.com AKA keyserver.ubuntu.com to membership file 2016-11-16 18:45:08 +00:00
Nick Bebout
c0b6f7d6a3 Update SKS membership file 2016-10-11 17:35:22 +00:00
Patrick Uiterwijk
f1dd7a7432 Unify all ssl cipher suite configurations 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-08-31 19:28:26 +00:00
Nick Bebout
5a91d320b5 Update SKS membership 2016-04-28 14:07:24 +00:00
Nick Bebout
f32d692584 Update sks membership file 2016-04-22 19:09:32 +00:00
Nick Bebout
ea20281b1c Update SKS membership 2016-04-17 13:41:36 +00:00
Nick Bebout
831e1e693a Update memberhsip 2016-04-15 19:47:30 +00:00
Nick Bebout
169036924d Update membership again 2016-04-15 15:56:46 +00:00
Nick Bebout
d57ef59be4 Add tag to membership file task 2016-04-15 15:54:29 +00:00
Nick Bebout
7323956622 Update sks membership file 2016-04-15 15:51:23 +00:00
Kevin Fenzi
f0c80375b5 Remove action: in all roles. 2016-01-06 21:58:31 +00:00
Nick Bebout
cd8e3869aa Update pool.sks-keyservers.net certificate filename 2015-12-17 22:19:30 +00:00
Nick Bebout
540ab60440 Add new peer to sks membership file 2015-12-17 15:48:11 +00:00
Kevin Fenzi
41a3cb067d Does ordering matter here? 2015-12-01 18:40:25 +00:00
Kevin Fenzi
6e5df77ce7 Add hsts also to https virthost 2015-12-01 18:37:05 +00:00
Kevin Fenzi
a73d331bbf Add hsts and redirect to https for keys. Ticket 4960 2015-12-01 17:58:02 +00:00
Kevin Fenzi
2873cdd427 Move all puppet_private stuff to ansible private so we can stop using puppet private. 2015-09-25 18:16:23 +00:00
Nick Bebout
c4859531ed Add new peers to sks membership file 2015-09-02 22:59:07 +00:00
Nick Bebout
e9be360909 Add new servers to sks membership file 2015-09-02 06:10:40 +00:00
Praveen Kumar
4b1e5162d7 Update state from installed/removed to present/absent for yum module as per latest documents -> http://docs.ansible.com/yum_module.html 2014-11-05 15:32:11 +00:00
Nick Bebout
499ab100c9 Finish SSL changes for sks 2014-10-21 00:07:37 +00:00
Nick Bebout
b44af2e6ce Try disabling SSLv3 in the individual SKS virtualhost bloks 2014-10-21 00:00:38 +00:00
Nick Bebout
e1a098145d Update to new cert 2014-10-18 00:58:47 +00:00
Kevin Fenzi
74694aaffd Some keyserver fixes. 2014-10-15 04:19:48 +00:00
Kevin Fenzi
b5b308b131 Set keys to not use SSLv3 2014-10-15 04:01:11 +00:00
Nick Bebout
1b593caf3b More changes 2014-08-29 23:10:45 +00:00
Nick Bebout
c2f24955a3 Update keyserver selinux module 2014-08-29 23:10:00 +00:00
Stephen Smoogen
4f44b33da7 spaces are important.. I think. magic voudou doll dont fail me now 2014-08-29 22:34:08 +00:00
Nick Bebout
df2be0b8b5 Revert "Try something" 
This reverts commit 24cd65dd33.
 2014-08-28 23:06:15 +00:00
Nick Bebout
24cd65dd33 Try something 2014-08-28 23:05:25 +00:00
Nick Bebout
8e99806cdc Add keyserver selinux module 2014-08-28 22:58:41 +00:00
Nick Bebout
56b007a016 Update membership file 2014-08-12 02:54:25 +00:00
Nick Bebout
5f44093277 Remove long dead servers from sks peering file 2014-08-12 02:44:10 +00:00
Nick Bebout
624520a7a4 Add logging verbosity to sks config since it isn't by default anymore 2014-08-12 02:39:47 +00:00
Nick Bebout
5559f0eb0f Add more sks peers 2014-08-12 02:31:22 +00:00
Nick Bebout
2d7d78bc1e Update membership file 2014-08-05 15:50:05 +00:00
Kevin Fenzi
f92e040821 Correct path 2014-04-24 21:53:13 +00:00
Kevin Fenzi
aab9defc22 Use correct key here too 2014-04-24 21:48:05 +00:00