Changelog History
Page 2
-
v0.7.2 Changes
March 28, 2018.. _debops v0.7.2: https://github.com/debops/debops/compare/v0.7.2...v0.7.2
๐ Fixed
General ''''''' - โ Add missing ``python-ldap`` dependency as an APT package in the Dockerfile.
-
v0.7.1 Changes
March 28, 2018.. _debops v0.7.1: https://github.com/debops/debops/compare/v0.7.0...v0.7.1
โ Added
๐ New DebOps roles '''''''''''''''' - The :ref:`debops.ansible` role: install Ansible on a Debian/Ubuntu host using Ansible. The ```debops.debops`` role now uses the new role to install Ansible instead of doing it directly. - ๐ฆ The :ref:`debops.apt_mark` role: set install state of APT packages (manual/auto) or specify that particular packages should be held in their current state. The role is included in the ``common.yml`` playbook. - ๐ง The :ref:`debops.kmod` role: manage kernel module configuration and module loading at boot time. This role replaces the ``debops-contrib.kernel_module`` role. - The ``debops-contrib.etckeeper`` role has been integrated into DebOps as :ref:`debops.etckeeper`. The new role is included in the ``common.yml`` playbook. :ref:`debops.ifupdown` role ''''''''''''''''''''''''''' - The role has new tasks that manage custom hooks in other services. First hook is :ref:`ifupdown__ref_custom_hooks_filter_dhcp_options` which can be used to selectively apply DHCP options per network interface. ๐ Changed
Continuous Integration ''''''''''''''''''''''
- โ
The test suite used on Travis-CI now checks the syntax of the YAML files, as
well as Python and shell scripts included in the repository. The syntax is
checked using the :command:
yamllint
, :command:pycodestyle
and :command:shellcheck
scripts, respectively. Tests can also be invoked separately via the :command:make
command.
:ref:
debops.etherpad
role '''''''''''''''''''''''''''- The role can now autodetect and use a PostgreSQL database as a backend database for Etherpad.
:ref:
debops.ferm
role '''''''''''''''''''''''- The role should now correctly detect what Internet Protocols are available on a host (IPv4, IPv6) and configure firewall only for the protocols that are present.
.. __: https://github.com/diafygi/acme-tiny
:ref:
debops.lxc
role ''''''''''''''''''''''- The role will now generate the
lxc-debops
LXC template script from different templates, based on an OS release. This change should help fix the issues with LXC container creation on Debian Stretch.
:ref:
debops.pki
role ''''''''''''''''''''''0๏ธโฃ The X.509 certificate included in the default
domain
PKI realm will now have a SubjectAltName wildcard entry for the host's FQDN. This should allow for easy usage of services related to a particular host in the cluster over encrypted connections, for example host monitoring, service discovery, etc. which can be now published in the DNS zone at*.host.example.org
resource records.๐ The role now supports Let's Encrypt ACMEv2 API via the
acme-tiny
__ Python script. The existing PKI realms will need to be re-created or updated for the new API to work, new PKI realms should work out of the box. Check the :ref:upgrade_notes
for more details.
:ref:
debops.proc_hidepid
role '''''''''''''''''''''''''''''''- The role now uses a static GID
70
for theprocadmins
group to synchronize the access permissions on a host and inside the LXC containers. You will need to remount the filesystems, restart services and LXC containers that rely on this functionality.
:ref:
debops.sysctl
role '''''''''''''''''''''''''- ๐ง The configuration of the kernel parameters has been redesigned, instead of
being based on YAML dictionaries, is now based on YAML lists of dictionaries
and can be easily changed via Ansible inventory. You will need to update your
inventory for the new changes to take effect, refer to the :ref:
role documentation <sysctl__ref_parameters>
for details.
๐ Fixed
General ''''''' - The :command:`debops` command will now generate the :file:`ansible.cfg` configuration file with correct path to the Ansible roles provided with the DebOps Python package. :ref:`debops.nginx` role '''''''''''''''''''''''' - ๐ Fix a long standing bug in the role with Ansible failing during welcome page template generation with Jinja2 >= 2.9.4. It was related to `non-backwards compatible change in Jinja`__ that modified how variables are processed in a loop. .. __: https://github.com/pallets/jinja/issues/659 โ Removed
๐ Roles removed from DebOps '''''''''''''''''''''''''
- ๐ The
debops-contrib.kernel_module
Ansible role has been removed; it was replaced by the new :ref:debops.kmod
Ansible role.
:ref:
debops.ferm
role '''''''''''''''''''''''- The
ferm-forward
hook script in the :file:/etc/network/if-pre-up.d/
directory has been removed (existing instances will be cleaned up). Recent changes in the :ref:debops.ferm
role broke idempotency with the :ref:debops.ifupdown
role, and it was determined that the functionality provided by the hook is no longer needed, recent OS releases should deal with it adequately.
- โ
The test suite used on Travis-CI now checks the syntax of the YAML files, as
well as Python and shell scripts included in the repository. The syntax is
checked using the :command:
-
v0.7.0 Changes
February 11, 2018.. _debops v0.7.0: https://github.com/debops/debops/compare/v0.6.0...v0.7.0
โ Added
๐ New DebOps roles '''''''''''''''' - ๐ New Ansible roles have been imported from the ``debops-contrib`` organization: ``apparmor``, ``bitcoind``, ``btrfs``, ``dropbear_initramfs``, ``etckeeper``, ``firejail``, ``foodsoft``, ``fuse``, ``homeassistant``, ``kernel_module``, ``kodi``, ``neurodebian``, ``snapshot_snapper``, ``tor``, ``volkszaehler``, ``x2go_server``. They are not yet included in the main playbook and still need to be renamed to fit with the rest of the ``debops.*`` roles. - ๐ง The :ref:`debops.sysfs` role: configuration of the Linux kernel attributes through the :file:`/sys` filesystem. The role is not enabled by default. - ๐ง The :ref:`debops.locales` role: configure localization and internationalization on a given host or set of hosts. - The :ref:`debops.machine` role: manage the :file:`/etc/machine-info` file, the :file:`/etc/issue` file and a dynamic MOTD. - ๐ง The :ref:`debops.proc_hidepid` role: configure the ``/proc`` ``hidepid=`` options. - The :ref:`debops.roundcube` role: manage RoundCube Webmail application. - ๐ง The :ref:`debops.prosody` role: configure an xmpp server on a given host. - The :ref:`debops.sysnews` role: manage System News bulletin for UNIX accounts. Continuous Integration '''''''''''''''''''''' - โ DebOps roles and playbooks can now be tested using local or remote `GitLab CI <https://about.gitlab.com/>`_ instance, with Vagrant, KVM and LXC technologies and some custom scripts. General ''''''' - You can now :ref:`use Vagrant <quick_start__vagrant>` to create an Ansible Controller based on Debian Stretch and use it to manage itself or other hosts over the network. - ๐ You can now build an Ansible Controller with DebOps support as a Docker container. :ref:`Official Docker image <quick_start__docker>` is also available, automatically rebuilt on every commit. - ๐ง You can now install DebOps on `Arch Linux <https://www.archlinux.org/>`__ using an included ``PKGBUILD`` file. - โ Add new playbook, ``agent.yml``. This playbook is executed at the end of the main playbook, and contains applications or services which act as "agents" of other services. They may contact their parent applications to report about the state of the host they are executed on, therefore the agents are installed and configured at the end of the main playbook. - ๐ DebOps roles and playbooks will be included in the Python packages released on PyPI. This will allow for easier installation of DebOps via :command:`pip` (no need to download the roles and playbooks separately) as well as simple stable releases. The DebOps monorepo can still be installed separately. :ref:`debops.libvirtd` role ''''''''''''''''''''''''''' - The role can now detect if nested KVM is enabled in a particular virtual machine and install KVM support. :ref:`debops.nodejs` role ''''''''''''''''''''''''' - The :ref:`debops.nodejs` role can now install `Yarn <https://yarnpkg.com/>`_ package manager using its upstream APT repository (not enabled by default). ๐ Changed
Continuous Integration ''''''''''''''''''''''
- ๐
The project repository is tested using :command:
pycodestyle
for compliance with Python'sPEP8 Style Guide <https://pep8.org/>
_.
General '''''''
โก๏ธ The :command:
debops-update
script will now install or update the DebOps monorepo instead of separatedebops-playbooks
and DebOps roles git repositories. Existing installations shouldn't be affected.The :command:
debops
script will now include the DebOps monorepo roles and playbooks in the generated :file:ansible.cfg
configuration. The monorepo roles and playbooks are preferred over the olddebops-playbooks
ones.
The script is backwards compatible and should work correctly with or without the
debops-playbooks
repository and roles installed.- ๐ Improved Python 3 support in the DebOps scripts and throughout the playbooks/roles. DebOps should now be compatible with both Python versions.
:ref:
debops.gitlab_runner
role ''''''''''''''''''''''''''''''''- ๐ The GitLab Runner playbook is moved to the
agent.yml
playbook; it will be executed at the end of the main playbook and should that way include correct information about installed services.
:ref:
debops.gunicorn
role '''''''''''''''''''''''''''- ๐ Update the role to work correctly on Debian Stretch and newer releases. The
support for multiple :command:
gunicorn
instances using custom Debian scripts has been removed in Debian Stretch, therefore the role replaces it with its own setup based on :command:systemd
instances.
:ref:
debops.nodejs
role '''''''''''''''''''''''''- ๐ฆ The
npm
package has been removed from Debian Stable. The role will now install NPM using the GitHub source, unless upstream NodeJS is enabled, which includes its own NPM version.
โ Removed
General ''''''' - โ Remove the :file:`ipaddr.py` Ansible filter plugin, it is now included in the Ansible core distribution. ``debops.console`` role ''''''''''''''''''''''' - โ Remove the ``locales`` configuration from the 'debops.console' role, this functionality has been moved to the new 'debops.locales' role. You will need to update the Ansible inventory variables to reflect the changes. - โ Remove management of the :file:`/etc/issue` and :file:`/etc/motd` files from the ``debops.console`` role. That functionality is now available in the :ref:`debops.machine` role. You will need to update the Ansible inventory variables to reflect the changes. - ๐ Management of the ``/proc`` ``hidepid=`` option has been moved to a new role, :ref:`debops.proc_hidepid`. You will need to update the Ansible inventory variables to reflect the changes. - ๐ฆ Management of the System News using the ``sysnews`` Debian package has been removed from the role; it's now available as a separate :ref:`debops.sysnews` Ansible role. You will need to update the Ansible inventory variables related to System News due to this changes.
- ๐
The project repository is tested using :command:
-
v0.6.0 Changes
October 21, 2017โ Added
General ''''''' - ๐ Various repositories that comprise the DebOps project have been merged into a single monorepo which will be used as the main development repository. Check the :command:`git` log for information about older releases of DebOps roles and/or playbooks.