Nslcd nscd restart pr devel 2.x (#2694)

* Fixing-email-title-for-backup-validation (#2657)

Co-authored-by: Matej Stajduhar <[email protected]>

* Adding-task-to-create-aurora-cluster (#2659)

* Adding-task-to-create-aurora-cluster

* Adding-region-profile-and-tags-to-aurora-cluster

* Updating-engine-for-aurora-cluster

* Updating-parameter-group-engine

* Updating-engine-version

* Updating-engine-version-2

* Disabling-automated-backups

* Disabling-automated-backups-2

* Disabling-automated-backups-3

* Disabling-automated-backups-4

* Skipping-task-if-not-aurora

* Adding-subnet-group-to-instances

* Adding-subnet-group-to-instances

* Updating-SG-return-values

* Updating-SG-return-values-2

* Updating-SG-return-values-3

* Updating-SG-return-values-4

* Updating-SG-return-value-debug

* Updating-SG-return-value-debug-2

* Updating-SG-return-value-debug-3

* Removing-debug-tasks

* Removing-init-var-for-SG-list

* Adding-character-set-option

---------

Co-authored-by: Matej Stajduhar <[email protected]>

* Fixing truthy variable mistakes. (#2662)

* Fixing installer variable bug.

* Fixing tests for external PRs.

* Testing with a fork.

* Adding repo owner's username into installer string.

* Refactoring config repo detection to simplify.

* No longer permitted to use an integer as a truthy value.

* No longer permitted to use existence check as a truthy value.

* Can't see a reason why linotp var shouldn't be a boolean.

* No longer permitted to use existence check as a truthy value.

* Fixing truthy errors in ce_deploy role.

* No longer permitted to use an integer as a truthy value.

* feat(php): Add FPM slow logrotate (#2625)

* feat(php): Support removal of APCU, add FPM slow logrotate

* simplify condition

* revert apcu installed setting, not needed

* r73458-install-php-gmp-by-default2 (#2667)

* r73458-install-php-gmp-by-default2

* re-add required packages

* Wazuh-mitre-report-setup (#2588)

* Wazuh-mitre-report-setup

* Wazuh-mitre-shellshock-longurl-block

* Fixing-vars

* Wazuh-mitre-report-setup-PR-2.x

* Wazuh mitre report setup pr 2.x (#2669)

* Wazuh-mitre-report-setup

* Wazuh-mitre-shellshock-longurl-block

* Fixing-vars

* Wazuh-mitre-report-setup-PR-2.x

* Wazuh-mitre-report-setup-PR-2.x

* pin_ansible_version (#2671)

* pin_ansible_version

* pin_ansible_version

* pin_ansible_version

* pin_ansible_version

* pin_ansible_version_fix_upgrade_timer

* pin_ansible_version_fix_upgrade_timer

* pin_ansible_version_fix_upgrade_timer

* pin_ansible_version_disable_upgrade_timer

* pin_ansible_version_disable_upgrade_timer

* pin_ansible_version_disable_upgrade_timer

* pin_ansible_version_disable_upgrade_timer

* Fixing-ce-provision-vars (#2678)

* Updating-string (#2507)

* Updating-string

* Updating-string-3

---------

Co-authored-by: Matej Stajduhar <[email protected]>

* Added-tasks-to-backup-Aurora-and-copy-AMI-to-safe-region (#2682)

* Added-tasks-to-backup-Aurora-and-copy-AMI-to-safe-region

* Fixing-aurora-backup-tasks

* Fixing-aurora-backup-tasks-2

* Fixing-aurora-backup-tasks-3

* Fixing-aurora-backup-tasks-5

* Adding-aurora-template

* Updating-aurora-vars

* Adding-handler-to-defaults-for-CF

---------

Co-authored-by: Matej Stajduhar <[email protected]>

* SG-creation-update (#2605)

* SG-creation-update

* Updating-lambda-tasks-to-handle-various-file-options

* Updating-lambda-tasks-for-url-handling

* Updating-aws_admin_tools-for-aws_lambda

* Updating-aws_admin_tools-for-aws_lambda

* Setting-loop-item

* Setting-loop-item-2

* Updating-vpc-sec-group-vars

* Removing-extra-vars-for-git-module

* Adding-default-for-git_url

* Cleaning-up-tasks

* Updating-ansible-lint

* Updating-ansible-lint

* Ommiting-name-if-no-sec_group-name-defined

* Removing-loop-var

---------

Co-authored-by: Matej Stajduhar <[email protected]>

* Fixing-copy-AMI-to-backup-region (#2684)

Co-authored-by: Matej Stajduhar <[email protected]>

* Fixing-ami-copy-task (#2686)

Co-authored-by: Matej Stajduhar <[email protected]>

* Bug fixes pr 2.x (#2690)

* Fixing installer variable bug.

* Fixing tests for external PRs.

* Testing with a fork.

* Adding repo owner's username into installer string.

* Refactoring config repo detection to simplify.

* No longer permitted to use an integer as a truthy value.

* No longer permitted to use existence check as a truthy value.

* Can't see a reason why linotp var shouldn't be a boolean.

* No longer permitted to use existence check as a truthy value.

* Fixing truthy errors in ce_deploy role.

* No longer permitted to use an integer as a truthy value.

* Updating clamav command to use flock avoiding duplicate processes running.

* 73569 allowing webp nginx pr 2.x (#2692)

* allowing webp extension

* adding webp mime type

---------

Co-authored-by: filip <[email protected]>

* Nslcd-nscd-restart

---------

Co-authored-by: Matej Štajduhar <[email protected]>
Co-authored-by: Matej Stajduhar <[email protected]>
Co-authored-by: Greg Harvey <[email protected]>
Co-authored-by: Klaus Purer <[email protected]>
Co-authored-by: nfawbert <[email protected]>
Co-authored-by: tymofiisobchenko <[email protected]>
Co-authored-by: Filip Rupic <[email protected]>
Co-authored-by: filip <[email protected]>

Author: 9 people

roles/aws/aws_ec2_autoscale_cluster/tasks/main.yml

@@ -30,6 +30,21 @@
   when: aws_ec2_autoscale_cluster.vpc_name is not defined or (aws_ec2_autoscale_cluster.vpc_name | length) == 0
 
 - name: Create matching Security Group.
+  ansible.builtin.include_role:
+    name: aws/aws_vpc
+    tasks_from: security_group
+  vars:
+    aws_vpc:
+      name: "{{ aws_ec2_autoscale_cluster.name }}"
+      profile: "{{ aws_ec2_autoscale_cluster.aws_profile }}"
+      region: "{{ aws_ec2_autoscale_cluster.region }}"
+      tags: "{{ aws_ec2_autoscale_cluster.tags | combine({'Name': aws_ec2_autoscale_cluster.name}) }}"
+      state: "{{ aws_ec2_autoscale_cluster.state }}"
+      id: "{{ _aws_ec2_autoscale_cluster_vpc_id }}"
+      description: "Allow internal traffic for cluster {{ aws_ec2_autoscale_cluster.name }}"
+      rules:
+        - proto: all
+          group_name: "{{ aws_ec2_autoscale_cluster.name }}"
   ansible.builtin.include_role:
     name: aws/aws_vpc
     tasks_from: security_group
@@ -54,6 +69,10 @@
   ansible.builtin.set_fact:
     _aws_ec2_autoscale_cluster_security_group: "{{ aws_vpc._result[aws_ec2_autoscale_cluster.name] }}"
 
+- name: Set _aws_ec2_autoscale_cluster_security_group variable.
+  ansible.builtin.set_fact:
+    _aws_ec2_autoscale_cluster_security_group: "{{ aws_vpc._result[aws_ec2_autoscale_cluster.name] }}"
+
 - name: Reset subnets lists.
   ansible.builtin.set_fact:
     _aws_ec2_autoscale_cluster_subnets_ids: []
@@ -778,10 +797,3 @@
   when:
     - aws_ec2_autoscale_cluster.route_53.zone is defined
     - aws_ec2_autoscale_cluster.route_53.zone | length > 0
-
-- name: Copy AMI to backup region.
-  community.aws.ec2_ami_copy:
-    aws_profile: "{{ aws_ec2_autoscale_cluster.aws_profile }}"
-    source_region: "{{ aws_ec2_autoscale_cluster.region }}"
-    region: "{{ aws_backup.copy_vault.region }}"
-    source_image_id: "{{ aws_ec2_autoscale_cluster_image_latest.image_id }}"

roles/debian/pam_ldap/tasks/main.yml

@@ -124,17 +124,31 @@
     regexp: "AuthorizedKeysCommandUser "
     line: AuthorizedKeysCommandUser root
 
+- name: Check if nslcd service exists.
+  ansible.builtin.systemd:
+    name: nslcd
+  register: _nslcd_service_check
+  failed_when: false
+  changed_when: false
+
 - name: Restart nslcd service.
   ansible.builtin.service:
     name: nslcd
     state: restarted
-  when: ansible_facts.services['nslcd.service'] is defined
+  when: _nslcd_service_check is defined
+
+- name: Check if nscd service exists.
+  ansible.builtin.systemd:
+    name: nscd
+  register: _nscd_service_check
+  failed_when: false
+  changed_when: false
 
 - name: Restart nscd service.
   ansible.builtin.service:
     name: nscd
     state: restarted
-  when: ansible_facts.services['nscd.service'] is defined
+  when: _nscd_service_check is defined
 
 - name: Restart SSH service.
   ansible.builtin.service: