Updating pam ldap condition pr devel 2.x (#2696)

* Fixing-email-title-for-backup-validation (#2657)

Co-authored-by: Matej Stajduhar <[email protected]>

* Adding-task-to-create-aurora-cluster (#2659)

* Adding-task-to-create-aurora-cluster

* Adding-region-profile-and-tags-to-aurora-cluster

* Updating-engine-for-aurora-cluster

* Updating-parameter-group-engine

* Updating-engine-version

* Updating-engine-version-2

* Disabling-automated-backups

* Disabling-automated-backups-2

* Disabling-automated-backups-3

* Disabling-automated-backups-4

* Skipping-task-if-not-aurora

* Adding-subnet-group-to-instances

* Adding-subnet-group-to-instances

* Updating-SG-return-values

* Updating-SG-return-values-2

* Updating-SG-return-values-3

* Updating-SG-return-values-4

* Updating-SG-return-value-debug

* Updating-SG-return-value-debug-2

* Updating-SG-return-value-debug-3

* Removing-debug-tasks

* Removing-init-var-for-SG-list

* Adding-character-set-option

---------

Co-authored-by: Matej Stajduhar <[email protected]>

* Fixing truthy variable mistakes. (#2662)

* Fixing installer variable bug.

* Fixing tests for external PRs.

* Testing with a fork.

* Adding repo owner's username into installer string.

* Refactoring config repo detection to simplify.

* No longer permitted to use an integer as a truthy value.

* No longer permitted to use existence check as a truthy value.

* Can't see a reason why linotp var shouldn't be a boolean.

* No longer permitted to use existence check as a truthy value.

* Fixing truthy errors in ce_deploy role.

* No longer permitted to use an integer as a truthy value.

* feat(php): Add FPM slow logrotate (#2625)

* feat(php): Support removal of APCU, add FPM slow logrotate

* simplify condition

* revert apcu installed setting, not needed

* r73458-install-php-gmp-by-default2 (#2667)

* r73458-install-php-gmp-by-default2

* re-add required packages

* Wazuh-mitre-report-setup (#2588)

* Wazuh-mitre-report-setup

* Wazuh-mitre-shellshock-longurl-block

* Fixing-vars

* Wazuh-mitre-report-setup-PR-2.x

* Wazuh mitre report setup pr 2.x (#2669)

* Wazuh-mitre-report-setup

* Wazuh-mitre-shellshock-longurl-block

* Fixing-vars

* Wazuh-mitre-report-setup-PR-2.x

* Wazuh-mitre-report-setup-PR-2.x

* pin_ansible_version (#2671)

* pin_ansible_version

* pin_ansible_version

* pin_ansible_version

* pin_ansible_version

* pin_ansible_version_fix_upgrade_timer

* pin_ansible_version_fix_upgrade_timer

* pin_ansible_version_fix_upgrade_timer

* pin_ansible_version_disable_upgrade_timer

* pin_ansible_version_disable_upgrade_timer

* pin_ansible_version_disable_upgrade_timer

* pin_ansible_version_disable_upgrade_timer

* Fixing-ce-provision-vars (#2678)

* Updating-string (#2507)

* Updating-string

* Updating-string-3

---------

Co-authored-by: Matej Stajduhar <[email protected]>

* Added-tasks-to-backup-Aurora-and-copy-AMI-to-safe-region (#2682)

* Added-tasks-to-backup-Aurora-and-copy-AMI-to-safe-region

* Fixing-aurora-backup-tasks

* Fixing-aurora-backup-tasks-2

* Fixing-aurora-backup-tasks-3

* Fixing-aurora-backup-tasks-5

* Adding-aurora-template

* Updating-aurora-vars

* Adding-handler-to-defaults-for-CF

---------

Co-authored-by: Matej Stajduhar <[email protected]>

* SG-creation-update (#2605)

* SG-creation-update

* Updating-lambda-tasks-to-handle-various-file-options

* Updating-lambda-tasks-for-url-handling

* Updating-aws_admin_tools-for-aws_lambda

* Updating-aws_admin_tools-for-aws_lambda

* Setting-loop-item

* Setting-loop-item-2

* Updating-vpc-sec-group-vars

* Removing-extra-vars-for-git-module

* Adding-default-for-git_url

* Cleaning-up-tasks

* Updating-ansible-lint

* Updating-ansible-lint

* Ommiting-name-if-no-sec_group-name-defined

* Removing-loop-var

---------

Co-authored-by: Matej Stajduhar <[email protected]>

* Fixing-copy-AMI-to-backup-region (#2684)

Co-authored-by: Matej Stajduhar <[email protected]>

* Fixing-ami-copy-task (#2686)

Co-authored-by: Matej Stajduhar <[email protected]>

* Bug fixes pr 2.x (#2690)

* Fixing installer variable bug.

* Fixing tests for external PRs.

* Testing with a fork.

* Adding repo owner's username into installer string.

* Refactoring config repo detection to simplify.

* No longer permitted to use an integer as a truthy value.

* No longer permitted to use existence check as a truthy value.

* Can't see a reason why linotp var shouldn't be a boolean.

* No longer permitted to use existence check as a truthy value.

* Fixing truthy errors in ce_deploy role.

* No longer permitted to use an integer as a truthy value.

* Updating clamav command to use flock avoiding duplicate processes running.

* 73569 allowing webp nginx pr 2.x (#2692)

* allowing webp extension

* adding webp mime type

---------

Co-authored-by: filip <[email protected]>

* Updating-pam-ldap-condition

* Updating-pam-ldap-condition-PR-devel-2.x

---------

Co-authored-by: Matej Štajduhar <[email protected]>
Co-authored-by: Matej Stajduhar <[email protected]>
Co-authored-by: Greg Harvey <[email protected]>
Co-authored-by: Klaus Purer <[email protected]>
Co-authored-by: nfawbert <[email protected]>
Co-authored-by: tymofiisobchenko <[email protected]>
Co-authored-by: Filip Rupic <[email protected]>
Co-authored-by: filip <[email protected]>

Author: 9 people

roles/aws/aws_ec2_autoscale_cluster/tasks/main.yml

@@ -34,7 +34,7 @@
     name: aws/aws_vpc
     tasks_from: security_group
   vars:
-    aws_vpc:
+    aws_vpc_sg:
       name: "{{ aws_ec2_autoscale_cluster.name }}"
       profile: "{{ aws_ec2_autoscale_cluster.aws_profile }}"
       region: "{{ aws_ec2_autoscale_cluster.region }}"
@@ -45,29 +45,10 @@
       rules:
         - proto: all
           group_name: "{{ aws_ec2_autoscale_cluster.name }}"
-  ansible.builtin.include_role:
-    name: aws/aws_vpc
-    tasks_from: security_group
-  vars:
-    aws_vpc:
-      name: "{{ aws_ec2_autoscale_cluster.name }}"
-      profile: "{{ aws_ec2_autoscale_cluster.aws_profile }}"
-      region: "{{ aws_ec2_autoscale_cluster.region }}"
-      tags: "{{ aws_ec2_autoscale_cluster.tags | combine({'Name': aws_ec2_autoscale_cluster.name}) }}"
-      state: "{{ aws_ec2_autoscale_cluster.state }}"
-      id: "{{ _aws_ec2_autoscale_cluster_vpc_id }}"
-      description: "Allow internal traffic for cluster {{ aws_ec2_autoscale_cluster.name }}"
-      rules:
+      rules_egress:
         - proto: all
           group_name: "{{ aws_ec2_autoscale_cluster.name }}"
-    rules_egress:
-      - proto: all
-        group_name: "{{ aws_ec2_autoscale_cluster.name }}"
-        rule_desc: "Allow internal traffic for cluster {{ aws_ec2_autoscale_cluster.name }}"
-
-- name: Set _aws_ec2_autoscale_cluster_security_group variable.
-  ansible.builtin.set_fact:
-    _aws_ec2_autoscale_cluster_security_group: "{{ aws_vpc._result[aws_ec2_autoscale_cluster.name] }}"
+          rule_desc: "Allow internal traffic for cluster {{ aws_ec2_autoscale_cluster.name }}"
 
 - name: Set _aws_ec2_autoscale_cluster_security_group variable.
   ansible.builtin.set_fact:
@@ -797,3 +778,10 @@
   when:
     - aws_ec2_autoscale_cluster.route_53.zone is defined
     - aws_ec2_autoscale_cluster.route_53.zone | length > 0
+
+#- name: Copy AMI to backup region.
+#  community.aws.ec2_ami_copy:
+#    aws_profile: "{{ aws_ec2_autoscale_cluster.aws_profile }}"
+#    source_region: "{{ aws_ec2_autoscale_cluster.region }}"
+#    region: "{{ aws_backup.copy_vault.region }}"
+#    source_image_id: "{{ aws_ec2_autoscale_cluster_image_latest.image_id }}"

roles/debian/pam_ldap/tasks/main.yml

@@ -14,14 +14,14 @@
   ansible.builtin.file:
     path: /etc/ldap/ssl
     state: directory
-  when: pam_ldap.ssl_certificate is defined and pam_ldap.ssl_certificate
+  when: pam_ldap.ssl_certificate is defined and pam_ldap.ssl_certificate | length > 0
 
 - name: Copy certificate.
   ansible.builtin.copy:
     src: "{{ pam_ldap.ssl_certificate }}"
     dest: "/etc/ldap/ssl/{{ pam_ldap.ssl_certificate | basename }}"
     mode: "0666"
-  when: pam_ldap.ssl_certificate is defined and pam_ldap.ssl_certificate
+  when: pam_ldap.ssl_certificate is defined and pam_ldap.ssl_certificate | length > 0
 
 - name: Copy nslcd config.
   ansible.builtin.template: