ovh/the-bastion
1
1
Fork 0
mirror of https://github.com/ovh/the-bastion.git synced 2025-01-01 13:01:53 +08:00
Code Issues Projects Releases Packages Wiki Activity
438 commits 6 branches 48 tags 7.3 MiB
Commit graph

438 commits

This branch
This branch
All branches
Author SHA1 Message Date
Stéphane Lesimple
633061872e chore: remove non-longer used param in load_configuration_file() calls 2022-02-09 14:31:33 +01:00
Stéphane Lesimple
bbdf5a36b8 feat: add NRPE probes 2022-02-09 14:31:33 +01:00
Stéphane Lesimple
e71aa7b975 feat: add osh-cleanup-guest-key-access.pl script 
This script removes system-level access to group keys to old guests
of groups that no longer have any active access to servers of that group.
This only happens when the last access to be removed from them had a TTL.
 2022-02-09 14:31:33 +01:00
Stéphane Lesimple
f43fdaaf82 enh: osh-lingering-sessions-reaper: make it configurable 2022-02-09 14:31:33 +01:00
Stéphane Lesimple
572ced2af7 enh: osh-piv-grace-reaper: run only on master, standardize config reading 2022-02-09 14:31:33 +01:00
Stéphane Lesimple
7fa2523bfc fix: get_group_list() returned invalid members list (was not used anywhere) 2022-02-09 14:31:33 +01:00
Stéphane Lesimple
07f5c35458 fix: piv-grace-reaper: don't use hash values (had no impact) 
This coding error had no impact because the values are hash references,
hence were rejected immediately as invalid accoounts by account_config()
 2022-02-09 14:31:33 +01:00
Stéphane Lesimple
bd13e5a476 enh: osh-encrypt-rsync: catch warnings emitted by GetOptions 2022-02-09 14:31:33 +01:00
Stéphane Lesimple
c38c9c09f2 chore: fix typos 2022-02-09 14:31:33 +01:00
Stéphane Lesimple
a178aa7906 enh: cron scripts: factorize common code and standardize logging 2022-02-09 14:31:33 +01:00
Stéphane Lesimple
2c2064a484 feat: osh-encrypt-rsync: handle sqlite and user logs along with ttyrec files 2022-02-09 14:31:33 +01:00
Stéphane Lesimple
86c7bf39e6 remove compress-old-logs script, as osh-encrypt-rsync will do the job instead 2022-02-09 14:31:33 +01:00
Stéphane Lesimple
6baa61a7f4 fix: accountInfo: missing creation date on non-json output 2022-02-03 14:27:15 +01:00
Stéphane Lesimple
e5cfa26853 fix: install: avoid cases of sigpipe on tr 2022-02-01 10:53:01 +01:00
Stéphane Lesimple
dc16e628e2 fix: osh-remove-empty-folders: fix folders counting (logging only) 2022-01-19 16:19:52 +01:00
Stéphane Lesimple
0ffdd108bd v3.08.01 2022-01-19 11:24:12 +01:00
Stéphane Lesimple
3331e158a0 enh: better error detection and logging in (account|group)Delete 2022-01-19 11:24:03 +01:00
Stéphane Lesimple
9d371f90a9 doc: add documentation for osh-remove-empty-folders 2022-01-19 11:23:44 +01:00
Stéphane Lesimple
7bb0843de1 feat: add osh-remove-empty-folders.sh 2022-01-19 11:23:44 +01:00
Stéphane Lesimple
744bd5fa0c enh: introduce exit_fail and exit_success for shell scripts 2022-01-19 11:23:44 +01:00
Stéphane Lesimple
d7a898a5fa Release v3.08.00 2022-01-04 15:50:02 +01:00
Antoine Leblanc
1c8efa6590 fix: osh-accountCreate: fix typo 
Signed-off-by: Antoine Leblanc <antoine.leblanc@ovhcloud.com>
 2021-12-31 16:22:03 +01:00
Stéphane Lesimple
716594e20e chore: doc: limit .rst lines to 120 chars 2021-12-30 15:39:31 +01:00
Stéphane Lesimple
7f28cce490 chore: install: remove obsolete upgrading sections 
These portions of code were only useful to upgrade bastions from
versions older than v3.00.00, which was the first public release.

There has been no remaining pre-v3.x version in production internally
since some time now, so there is no use keeping that code.
 2021-12-29 13:19:53 +01:00
Stéphane Lesimple
37842c29d3 chore: packages-check.sh: remove obsolete -t and -v options 2021-12-29 13:19:53 +01:00
Stéphane Lesimple
da5cb3c232 chore: packages-check.sh: implement installed pkg detection in rhel/suse, use proper pkg names 2021-12-29 13:19:53 +01:00
Stéphane Lesimple
6694518ab5 chore: remove obsolete check-ssh-hardening.pl 2021-12-29 13:19:53 +01:00
Stéphane Lesimple
bfaea07a12 docs: fix a log example line 2021-12-29 13:19:53 +01:00
Stéphane Lesimple
ae74a823f8 chore: perltidy: rewrite perl-tidy.sh to support single-file tidy 2021-12-29 11:40:34 +01:00
Stéphane Lesimple
ae997dd93c chore: shellcheck: rewrite shell-check.sh and make files compliant with v0.8.0 2021-12-29 11:40:34 +01:00
Stéphane Lesimple
54a4dc6c65 chore: use state vars where we can 2021-12-29 11:21:04 +01:00
Stéphane Lesimple
b3af2933f9 enh: install.inc: random delay under CI 2021-12-29 11:20:55 +01:00
Stéphane Lesimple
be6a71afab fix: install.inc: verbose under CI 2021-12-29 11:20:55 +01:00
Stéphane Lesimple
2f623dfb3a fix: install.inc: fail nicely on invalid JSON under set -e 2021-12-29 11:20:55 +01:00
Stéphane Lesimple
11e81614a4 fix: remove hardcoded config path and fix FreeBSD 2021-12-29 11:20:55 +01:00
Stéphane Lesimple
f609565fe8 enh: batch: detect when asked to start a plugin requiring MFA 2021-12-29 11:20:55 +01:00
Stéphane Lesimple
000ed4e8af feat: move scripts to GnuPG 2.x and add tests 2021-12-29 11:20:43 +01:00
Stéphane Lesimple
4471cee434 chore: tests: 400-piv: don't print data on countonly phase 2021-12-29 11:20:43 +01:00
Stéphane Lesimple
0f1596b51c enh: tests: --module can be specified multiple times 2021-12-29 11:20:43 +01:00
Stéphane Lesimple
4e9dffda44 chore: tests: don't shadow the $name var 2021-12-28 09:54:44 +01:00
Stéphane Lesimple
f8f193b298 enh: selfMFASetupPassword: add more messages for the user 2021-12-28 09:54:17 +01:00
Stéphane Lesimple
0f90dfef2d chore: tests: remove consistency check from long tests 2021-12-23 12:42:56 +01:00
Stéphane Lesimple
e847a19857 enh: ttyrec & yubico installs: hardcode URLs for when API is down 2021-12-22 18:00:21 +01:00
Stéphane Lesimple
415bc9b903 doc: add more info about root 2FA in sshd_config templates 2021-12-21 14:44:48 +01:00
Stéphane Lesimple
8b02d610be doc: add FAQ entry about Ansible 2021-12-21 14:44:48 +01:00
Stéphane Lesimple
a68ccb3f8c feat: add new OSes and deprecate old ones 
add:
- Debian 11
- RockyLinux 8

remove:
- OpenSUSE Leap 15.2
- Old minor versions of CentOS 7.x
- Old minor versions of CentOS 8.x
 2021-12-21 12:00:04 +01:00
Stéphane Lesimple
aaaa173764 feat: add the accountUnlock restricted plugin 2021-12-21 09:42:54 +01:00
Stéphane Lesimple
d51c4c8be0 fix: tests: full tests on FreeBSD 2021-12-20 12:54:32 +01:00
Stéphane Lesimple
c48af00ff8 feat: add info_syslog() and code-info syslog type 2021-12-16 11:02:26 +01:00
Stéphane Lesimple
7cc350b40d chore: check for spurious args in all helpers 2021-12-16 11:02:13 +01:00