Ajout d’UniFi, modif spamassassin, amélioration MariaDB, création de Rhea

production/hosts

@@ -8,6 +8,7 @@ machinbox.mateu.be
 claude.dmz.mateu.be
 dimitri.dmz.mateu.be
 edelgard.dmz.mateu.be
+rhea.dmz.mateu.be
 
 [borgbackup:children]
 borg_server
@@ -41,7 +42,7 @@ edelgard.dmz.mateu.be
 
 [webservers]
 bt.dmz.mateu.be web_hostname="['sonarr.mateu.be','bt.mateu.be','btf.mateu.be']"
-web1.dmz.mateu.be web_hostname="['fav.libertus.eu', 'rss.libertus.eu', 'o.libertus.eu', 'blog.libertus.eu', 'mail.libertus.eu', 'perso.nintendojo.fr', 'perso.libertus.eu', 'r.mateu.be','coince.mateu.be', 'z.libertus.eu', 'autodiscover.libertus.eu']"
+web1.dmz.mateu.be web_hostname="['fav.libertus.eu', 'rss.libertus.eu', 'o.libertus.eu', 'blog.libertus.eu', 'mail.libertus.eu', 'perso.nintendojo.fr', 'perso.libertus.eu', 'r.mateu.be','z.libertus.eu', 'autodiscover.libertus.eu']"
 web2.dmz.mateu.be web_hostname="['analyse.nintendojo.fr', 'nintendojo.fr', 'www.nintendojo.fr', 'forum.nintendojo.fr']"
 ror.dmz.mateu.be web_hostname="['m.nintendojo.fr']"
 jabber.dmz.mateu.be web_hostname="['libertus.eu', 'upload.libertus.eu', 'xmpp.libertus.eu']"
@@ -90,3 +91,6 @@ munin.dmz.mateu.be
 [disabled_munin]
 baybay-ponay.mateu.be
 muse-macbookair.lan
+
+[unifiservers]
+unifi.dmz.mateu.be

roles/mariadb/tasks/main.yml

@@ -85,3 +85,4 @@
       minute: "{{ mariadb_backup_minute }}"
       job: "/usr/local/bin/backup_mysql.sh"
       state: present
+

roles/nginx/templates/vhosts/blog.libertus.eu.conf.j2

@@ -14,27 +14,8 @@ server {
 		deny all;
 	}
 	
-	location ~ ^/(inc|plugins|db|cache)/ {
+	location /feed/atom {
-		deny all;
+		return 302 /atom.xml;
-	}
-	
-	## Inter PHP en path_info
-	location ~ ^/(index).php(/.*)+ {
-		fastcgi_split_path_info ^(.+\.php)(/.*)$;
-		fastcgi_pass unix:/var/run/php/php{{ php_version }}-fpm.sock;
-		include fastcgi_params;
-	}
-	
-	## Inter PHP brute
-	location ~ \.php$ {
-		try_files $uri $uri/ =404;
-		fastcgi_pass unix:/var/run/php/php{{ php_version }}-fpm.sock;
-		include fastcgi_params;
-	}
-	
-	## redirection des zolies URLs vers index.php
-	location / {
-		try_files $uri $uri/ /index.php$uri?$args;
 	}
 }
 

roles/nginx/templates/vhosts/coince.mateu.be.conf.j2

@@ -1,22 +0,0 @@
-server {
-{% include './templates/header.conf.j2' %}
-	root /srv/http/coince.mateu.be/;
-	index index.htm index.html index.php;
-
-	allow 2001:bc8:26c1:101:0:0:0:0/64;
-	allow 2001:bc8:26c1:105:0:0:0:0/64;
-	allow 2001:1b48:2:103::6d:2;
-	allow 83.167.52.81;
-	deny all;
-	
-	location ~ \.php$ {
-		try_files $uri $uri/ =404;
-		fastcgi_pass unix:/var/run/php/php{{ php_version }}-fpm.sock;
-		include fastcgi_params;
-	}
-	
-	location /var {
-		deny all;
-	}
-}
-

roles/spamassassin/files/local.cf

@@ -9,6 +9,9 @@ score   UNWANTED_LANGUAGE_BODY  5
 header		LOCAL_CARESSE	Subject =~ /caresse/i
 score		LOCAL_CARESSE	3.0
 
+header		LOCAL_FRAUEN	Subject =~ /single frauen/i
+score		LOCAL_FRAUEN	10.0
+
 header		LOCAL_CETOSE	Subject =~ /cétose/i
 score		LOCAL_CETOSE	5.0
 
@@ -91,6 +94,9 @@ score		LOCAL_BITCOIN	10.0
 whitelist_from *@chichiclothing.com
 
 # Blacklist manuel
+blacklist_from *@broad-bandsearch.net
+blacklist_from *@nocimase.de
+blacklist_from *@zintesder.de
 blacklist_from *@affgalaxy.com
 blacklist_from *@olabizer.de
 blacklist_from *@bizetase.nl

roles/unifi/tasks/main.yml

@@ -0,0 +1,15 @@
+- name: Add APT Key for Unifi
+  apt_key:
+    url: https://dl.ui.com/unifi/unifi-repo.gpg
+    state: present
+
+- name: Add APT Unifi repository
+  apt_repository:
+    repo: deb https://www.ui.com/downloads/unifi/debian stable ubiquiti
+    state: present
+    filename: unifi
+
+- name: install Unifi
+  package:
+    name: unifi
+    state: present

site.yml

@@ -17,3 +17,4 @@
 - import_playbook: mumble.yml
 - import_playbook: icecast2.yml
 - import_playbook: munin.yml
+- import_playbook: unifi.yml

unifi.yml

@@ -0,0 +1,3 @@
+- hosts: unifiservers
+  roles:
+    - unifi