xsrv v1.7.0 Release Notes
Release Date: 2022-04-22 // almost 2 years ago-
⬆️ Upgrade procedure:
- ⬆️
xsrv self-upgradeto upgrade the xsrv script - 🚀
xsrv upgradeto upgrade roles/ansible environments to the latest release - ⬆️ this upgrade will cause Nextcloud instances to go down for a few minutes, depending on the number of files in their data directory
➕ Added:
- 🚀 xsrv: add
init-vmcommand (initialize a ready-to-deploy libvirt VM from a template) - ✅ xsrv: add
edit-group-vaultcommand (edit encrypted group variables file) - 🌲 common: make cron jobs log level configurable (
cron_log_level) - common: apt: clean downloaded package archives every 7 days by default (
apt_clean_days) - netdata: allow configuring the fping plugin (ping hosts/measure loss/latency) (
netdata_fping_*) - netdata: make netdata filechecks configurable (
netdata_file_checks) - 🚀 transmission/gotty/jellyfin/docker: monitoring/netdata: raise alarms when corresponding systemd services are in the failed state (and the
monitoring_netdatarole is deployed) - 🚀 homepage: add rss-bridge to the homepage when the rss_bridge role is deployed on the host
- ➕ add ansible tags:
netdata-modules,netdata-needrestart,netdata-debsecan,netdata-logcount,netdata-config
🔄 Changed:
- 🔒 common: sysctl/security: disable potentially exploitable unprivileged BPF and user namespaces
- gitea: limit systemd service automatic restart attempts to 4 in 10 seconds
- 🚀 gitea: update to v1.16.5 [1] [2] [3] [4] [5]
- gotty: attempt to restart the systemd service every 2 seconds in case of failure, for a maximum of 4 times in 10 seconds
- 🔌 netdata: disable more internal monitoring charts (plugin execution time, webserver threads CPU)
- 0️⃣ netdata: re-add default netdata alarms for the
systemdunitsmodule - ⚡️ nextcloud: update to v23.0.3 [1] [2]
- nextcloud: run nextcloud PHP processes under a dedicated
nextclouduser, if an older installation owned bywww-datais found, it will be migrated to the new user automatically - 🚀 openldap: update LDAP Account Manager to v8.0.1
- 🚀 rocketchat: update to v3.18.4
- 🚚 apache/fail2ban/nextcloud: remove obsolete workaround for nextcloud desktop client issue
- xsrv: store group_vars files under
group_vars/$group_name/(allows multiple vars files per group). If agroup_vars/$group_name.ymlfile is found, it will be moved to the subdirectory automatically. - ⚡️ xsrv: update ansible to v5.5.0
- 🔧 cleanup: make netdata assembled configuration more readable (add blank line delimiters)
- cleanup: standardize file names
- all roles: check that variables are correctly defined before running roles
- 👕 tests: ansible-lint: ignore
fqcn-bultins,truthy,braces,line-lengthrules - 🚚 tests: remove broken jinja2 syntax test
- 👕 tests: remove obsolete
ansible-playbook --syntax-checkandyamllinttests, replaced by ansible-lint - 🚀 tests: automate tests for
init-vm,xsrv check,xsrv deploy - 📚 doc: update documentation, default playbook README, Gitlab CI example
🛠 Fixed:
- 🚀 all roles: ensure
checkmode doesn't fail when running it before before first deployment - common: ssh/users: fix SFTP-only user accounts creation (set permissions after creating user accounts)
- all roles: firewall: fix 'reload firewall/fail2ban/apache' handlers failures when called from other roles
- 📦 openldap: fix ldap-ccount-manager installation on Debian 11 (php package name changes)
- 🔧 graylog: fix graylog service not starting/incorrect permissions on configuration files
- graylog/mumble: monitoring/netdata: fix healthcheck/alarm not returning correct status when systemd services are in the failed state
- 🔧 netdata: fix location for needrestart module configuration file
- netdata: fix/standardize indentation in configuration files produced by
to_nice_yaml - homepage: fix homepage templating when the homepage role is not part of the same play as related roles
- 📦 shaarli: explicitly use php 7.4 packages, fix possible installation problems on Debian 11
- 👕 tests: fix and speed up
ansible-linttests, fix ansible-lint warnings
- ⬆️