xsrv v1.7.0 Release Notes
Release Date: 2022-04-22 // almost 2 years ago-
⬆️ Upgrade procedure:
- ⬆️
xsrv self-upgrade
to upgrade the xsrv script - 🚀
xsrv upgrade
to upgrade roles/ansible environments to the latest release - ⬆️ this upgrade will cause Nextcloud instances to go down for a few minutes, depending on the number of files in their data directory
➕ Added:
- 🚀 xsrv: add
init-vm
command (initialize a ready-to-deploy libvirt VM from a template) - ✅ xsrv: add
edit-group-vault
command (edit encrypted group variables file) - 🌲 common: make cron jobs log level configurable (
cron_log_level
) - common: apt: clean downloaded package archives every 7 days by default (
apt_clean_days
) - netdata: allow configuring the fping plugin (ping hosts/measure loss/latency) (
netdata_fping_*
) - netdata: make netdata filechecks configurable (
netdata_file_checks
) - 🚀 transmission/gotty/jellyfin/docker: monitoring/netdata: raise alarms when corresponding systemd services are in the failed state (and the
monitoring_netdata
role is deployed) - 🚀 homepage: add rss-bridge to the homepage when the rss_bridge role is deployed on the host
- ➕ add ansible tags:
netdata-modules
,netdata-needrestart
,netdata-debsecan
,netdata-logcount
,netdata-config
🔄 Changed:
- 🔒 common: sysctl/security: disable potentially exploitable unprivileged BPF and user namespaces
- gitea: limit systemd service automatic restart attempts to 4 in 10 seconds
- 🚀 gitea: update to v1.16.5 [1] [2] [3] [4] [5]
- gotty: attempt to restart the systemd service every 2 seconds in case of failure, for a maximum of 4 times in 10 seconds
- 🔌 netdata: disable more internal monitoring charts (plugin execution time, webserver threads CPU)
- 0️⃣ netdata: re-add default netdata alarms for the
systemdunits
module - ⚡️ nextcloud: update to v23.0.3 [1] [2]
- nextcloud: run nextcloud PHP processes under a dedicated
nextcloud
user, if an older installation owned bywww-data
is found, it will be migrated to the new user automatically - 🚀 openldap: update LDAP Account Manager to v8.0.1
- 🚀 rocketchat: update to v3.18.4
- 🚚 apache/fail2ban/nextcloud: remove obsolete workaround for nextcloud desktop client issue
- xsrv: store group_vars files under
group_vars/$group_name/
(allows multiple vars files per group). If agroup_vars/$group_name.yml
file is found, it will be moved to the subdirectory automatically. - ⚡️ xsrv: update ansible to v5.5.0
- 🔧 cleanup: make netdata assembled configuration more readable (add blank line delimiters)
- cleanup: standardize file names
- all roles: check that variables are correctly defined before running roles
- 👕 tests: ansible-lint: ignore
fqcn-bultins,truthy,braces,line-length
rules - 🚚 tests: remove broken jinja2 syntax test
- 👕 tests: remove obsolete
ansible-playbook --syntax-check
andyamllint
tests, replaced by ansible-lint - 🚀 tests: automate tests for
init-vm
,xsrv check
,xsrv deploy
- 📚 doc: update documentation, default playbook README, Gitlab CI example
🛠 Fixed:
- 🚀 all roles: ensure
check
mode doesn't fail when running it before before first deployment - common: ssh/users: fix SFTP-only user accounts creation (set permissions after creating user accounts)
- all roles: firewall: fix 'reload firewall/fail2ban/apache' handlers failures when called from other roles
- 📦 openldap: fix ldap-ccount-manager installation on Debian 11 (php package name changes)
- 🔧 graylog: fix graylog service not starting/incorrect permissions on configuration files
- graylog/mumble: monitoring/netdata: fix healthcheck/alarm not returning correct status when systemd services are in the failed state
- 🔧 netdata: fix location for needrestart module configuration file
- netdata: fix/standardize indentation in configuration files produced by
to_nice_yaml
- homepage: fix homepage templating when the homepage role is not part of the same play as related roles
- 📦 shaarli: explicitly use php 7.4 packages, fix possible installation problems on Debian 11
- 👕 tests: fix and speed up
ansible-lint
tests, fix ansible-lint warnings
- ⬆️