xsrv/xsrv
#1292 - netdata grafana source -
1.25.0
feature,monitoring,upstream
#1291 - debsecan: per-host dashboard -
1.24.0
enhancement,monitoring,security
#1290 - monitoring_rsyslog: use common name based authentication to authenticate peers -
1.25.0
enhancement,security
#1289 - graylog: enable TLS client authentication -
1.24.0
documentation,enhancement,security
#1288 - samba: ldapsam: better documentation of samba LDAP attributes -
-
documentation
#1286 - doc: graylog: add example stream setup -
-
documentation
#1285 - gotty: check sha256sums after download -
-
enhancement,security
#1282 - xsrv nmpa: allow output to SVG graph -
-
feature
#1279 - local LLM (Large Language Model) + web interface -
1.24.0
feature
#1276 - WIP: common: split role into sub-roles, make the common role a ‘meta’ role depending on all sub roles -
1.25.0
maintenance
#1275 - WIP: rsnapshot: allow automatic discovery of paths to backup from/commands to run on remote hosts -
1.25.0
backups,enhancement
#1269 - document getting ansible-vault-password from keepassxc -
2.0.0
documentation,enhancement,security,upstream
#1268 - backup: allow automatic discovery of paths to backup/commands to run for each host -
1.24.0
backups,enhancement
#1267 - xsrv self-upgrade: update the bash completion script as well -
-
enhancement
#1266 - homepage: allow displaying arbitrary netdata badges in the footer -
-
easy,enhancement
#1264 - WIP: mumble: allow uninstalling mumble server using the
utils-mumble-uninstall
ansible tag -1.24.0
enhancement
#1259 - WIP: wireguard: when peer.public_key is not defined, auto-generate a public/private key pair for this peer -
1.24.0
enhancement
#1257 - graylog: upgrade to v5.2.x -
1.24.0
maintenance
#1256 - wireguard: web interface? -
-
enhancement,question
#1253 - wireguard: add QR code to auto-generated client config files -
1.24.0
enhancement
#1251 - WIP: xsrv: don’t require sudo during xsrv init-vm-template -
-
difficult,enhancement
#1245 - gitea: use unix socket instead of HTTP socket? -
1.24.0
enhancement,question,security
#1235 - gitea_act_runner: do not log job output to syslog by default -
-
enhancement,monitoring,upstream
#1230 - podman: add docker-compose? -
1.24.0
enhancement,question
#1226 - postgresql: allow enabling pg_stat_statements extension -
1.24.0
easy,enhancement,monitoring,performance
#1215 - WIP: tests: add tests for deploying individual roles to a host -
1.24.0
tools
#1214 - nextcloud: enable machine learning (AI) related features? -
-
feature,question
#1212 - nextcloud: allow enabling/disabling file locking? -
-
enhancement,question
#1211 - nextcloud: warning about opcache incorrect configuration -
-
enhancement,performance
#1209 - gitea_act_runner: allow limiting the scope of runners to instance/owner/user/repo -
-
enhancement,security
#1202 - kexec? -
-
enhancement,question
#1201 - WIP: xsrv: init-vm-template: add a video output and spice display device to newly created VM templates -
2.0.0
difficult,enhancement
#1172 - WIP: use
diff: no
instead ofno_log: yes
to mask sensitive info/silence excessively verbose diffs when using diff mode -2.0.0
enhancement,maintenance,upstream
#1155 - gamevault role? -
-
question
#1144 - automate roles uninstallation procedures? -
-
enhancement,question
#1143 - nextcloud: upload speed improvements? -
-
configuration,enhancement,performance,question
#1134 - Lemmy role? -
-
feature,question
#1127 - xsrv: help-tags: outputs duplicate tags when running on non-default playbook -
-
bug
#1122 - nextcloud: install memories app? -
-
feature,question
#1119 - WIP: common/firewalld: allow defining a manual IP address/network blacklist (firewalld_bad_ips) -
1.24.0
enhancement,security
#1108 - matrix/element: Cross-Origin Request Blocked: .well-known/matrix/client -
-
question
#1103 - xsrv: bash completion: auto-complete init-vm/init-vm-template options? -
-
enhancement,question
#1099 - graylog: document backup restoration procedure -
-
backups,documentation
#1087 - openldap/netdata: setup netdata OpenLDAP monitoring? -
-
monitoring,question
#1067 - graylog: migrate to opensearch? -
2.0.0
maintenance,question
#1057 - jellyfin: task
mount jellyfin samba share to jellyfin directory
is not idempotent/always returns changed --
bug,upstream
#1040 - jitsi: /var/log/jitsi/jicofo.log and /var/log/jitsi/jvb.log do not append to syslog properly -
-
bug,monitoring
#1026 - libvirt: changing a libvirt network’s settings does not work if the network already exists -
-
bug,upstream
#1012 - dovecot: encrypt all incoming e-mail with the recipient’s GPG key? -
-
enhancement,question,security
#1001 - libvirt: add support for EFI as an alternative to legacy BIOS? -
-
enhancement,question
#986 - matrix: allow self-hosting Element Call? -
-
enhancement,feature,question
#983 - readme-gen: show netmasks in IP address/host summary? -
-
difficult,enhancement,question
#977 - Soulseek client? (slskd) -
-
feature,question
#969 - graylog/elasticsearch: setup “minimal security”/authentication -
-
enhancement,security
#949 - loki role? -
-
feature,question
#937 - DDoS mitigation mode? -
-
question,security
#931 - jitsi: noise cancellation/suppression doesn’t work for clients using Pulseaudio microphone input -
-
bug,question,upstream
#927 - jitsi: permanently disable RECENT_LIST_ENABLED -
-
enhancement,security,upstream
#925 - jitsi: setup TURN server for P2P one-to-one calls? -
-
enhancement,question
#920 - xsrv: graphical user interface? -
-
question
#915 - Snipe-IT role -
-
feature
#912 - mount /tmp noexec? -
-
question,security
#911 - test compatibility with librelogic.librelogic.gitlab/gitlab-runner? -
2.0.0
documentation,easy,enhancement,feature
#890 - apache: implement modpagespeed? -
-
performance,question
#881 - Keycloak role? -
-
feature,question
#870 - xsrv: allow using
xsrv show-defaults | grep some_search_term
to search/filter available configuration variables -2.0.0
enhancement
#868 - dovecot: document how to open a local copy of a maildir with a mail client -
-
backups,documentation
#867 - dovecot: document/test LDAPS setup -
-
documentation,enhancement,question,security
#862 - dovecot: enable other mail plugins? -
-
question
#861 - dovecot: performance tweaks? -
-
performance,question
#860 - dovecot: harden SSL configuration/ciphers? -
-
question,security
#859 - dovecot: allow generating and using Let’s Encrypt SSL/TLS certificates -
2.0.0
enhancement,question,security
#858 - dovecot: setup dovecot-submissiond? -
-
question
#857 - dovecot: setup server-side full text search? -
-
question
#856 - dovecot: setup antispam? -
-
question
#855 - dovecot: add autoconfig TXT record or A record + webserver vhost? -
-
question,wontfix
#835 - monitoring_utils: lynis: suggestion[]=HOME-9306|Double check the ownership of home directories as some might be incorrect. -
-
enhancement,question,security
#833 - monitoring_utils: lynis: suggestion[]=FILE-7524|Consider restricting file permissions -
-
easy,enhancement,question,security
#831 - monitoring_utils: lynis: suggestion[]=TIME-3128|Check ntpq peers output for time source candidates -
-
enhancement,question,security
#829 - monitoring_utils: lynis: suggestion[]=ACCT-9622|Enable process accounting -
-
configuration,easy,enhancement,monitoring,question,security
#817 - monitoring_utils: lynis: suggestion[]=HTTP-6643|Install Apache modsecurity to guard webserver against web application attacks -
-
enhancement,question,security
#816 - monitoring_utils: lynis: suggestion[]=FIRE-4513|Check iptables rules to see which rules are currently not used -
-
enhancement,question,security
#811 - monitoring_utils: lynis: suggestion[]=FILE-6430|Consider disabling unused kernel modules -
-
enhancement,question,security
#798 - tt_rss: document LDAP over SSL/TLS + self-signed certificate setup? -
-
documentation,enhancement,question,security
#796 - shaarli: document LDAP over SSL/TLS + self-signed certificate setup? -
-
documentation,enhancement,question,security
#794 - openldap: self-service-password: allow trusting self-signed certificates? -
-
enhancement,question,security
#782 - xsrv init-vm: don’t require sudo to fix cloned disk image permissions -
2.0.0
enhancement,question
#778 - systemd-nspawn/systemd-machined role? -
-
feature,question
#768 - add ldap-client role (LDAP PAM/SSH authentication)? -
-
feature,question
#751 - monitoring_utils: add scripts to measure disk usage by type/extension/path? -
-
easy,enhancement,monitoring,question
#723 - Automate DNS scans with dnsspy.io? -
-
feature,question,security
#722 - Allow hdparm/disk spindown time configuration? -
-
feature,question
#717 - transmission: configuration templating task always returns changed (cleartext/hashed password) -
2.0.0
enhancement,maintenance,upstream
#715 - dnsmasq: DNS-over-HTTPS support? -
-
configuration,enhancement,question,security
#686 - samba: announce shares over MDNS? -
-
enhancement,question
#685 - apache: automate running Qualys SSLLabs scans against all virtualhosts? -
-
feature,monitoring,question,security
#684 - yt-dlp web interface? -
-
feature,question
#642 - mumble: LDAP user backend? -
-
question
#640 - common: apt: enable purging data/configuration files by default -
-
configuration,enhancement
#637 - firewalld: implement DNAT/SNAT -
-
enhancement
#635 - firewalld: implement outbound traffic filtering -
2.0.0
enhancement,security
#604 - use j2cli or yq for init-playbook/init-host templating? -
-
maintenance,question,tools
#598 - CI/CD: automate checks for newer upstream versions of software? -
-
enhancement,question,tools
#546 - nextcloud: allow optional configuration of server-side encryption? -
-
configuration,enhancement,question,security
#535 - Add hardening measures from ANSSI guidelines? -
-
enhancement,question,security
#522 - openldap: performance optimizations? -
-
enhancement,performance,question
#517 - allow configuration of a custom MOTD? -
-
feature,question
#497 - nextcloud: allow enabling 2-factor authentication? -
-
configuration,enhancement,question,security
#475 - ACME certificate authority role/PKI? -
-
feature,question,security
#451 - Document management system? -
-
feature,question
#445 - bookstack role? -
2.0.0
feature,question
#441 - openldap: allow restricting application access to groups/setup MemberOf overlay -
-
enhancement,security
#405 - xsrv: replace environment variable-based settings with options, arguments or configuration from file? -
-
enhancement,maintenance,question
#379 - setup IPV6 support (sysctl, firewall, applications…)? -
-
question
#366 - nextcloud: setup redis memcache backend? -
-
configuration,performance,question
#348 - ldap-account-manager: Unable to set locale -
-
bug
#344 - nextcloud: replace onlyoffice integration with collabora/nextcloud office? -
-
feature,question
#323 - prometheus role? -
-
feature,monitoring,question
#322 - Frontail role? -
-
feature,monitoring,question
#317 - monitoring_utils: lynis: suggestion[]=BOOT-5264|Consider hardening system services -
1.24.0
enhancement,security
#310 - samba: ability to whitelist/blacklist files by extension? -
-
enhancement,question,security
#309 - apply postgresqltuner recommended settings? -
-
enhancement,performance,question
#280 - Samba Directory Controller or other Identity Management solution? -
-
feature,question
#274 - Samba: advertise samba server over avahi/zeroconf? -
-
enhancement,question
#267 - apache: make disabled modules list configurable, disable more modules by default? -
-
enhancement,performance,question,security
#265 - apache: provide custom error pages? -
-
enhancement,question
#256 - CAS, SAML or Oauth Single Sign On (SSO)? -
-
feature,question
#202 - netdata: monitoring network bandwidth per application with ebpf -
1.25.0
enhancement,monitoring,upstream
#200 - roles for other monitoring software? -
-
feature,monitoring,question
#193 - netdata: graph tiger warnings? -
-
feature,monitoring,question,security
#184 - monitoring_utils: add Mozilla observatory module? -
-
feature,monitoring,question,security
#180 - netdata: graph SCAP workbench warnings? -
-
feature,monitoring,question,security
#178 - netdata: graph/alert on deborphan matches -
-
feature,monitoring
#172 - netdata: support long-term archiving -
-
enhancement,monitoring
#155 - nextcloud: add Fulltextsearch App + OCR? -
-
feature,question
#146 - nextcloud: add Collabora Online integration -
-
feature
#144 - nextcloud: task
set nextcloud config.php values
is not idempotent/always returns changed --
enhancement,upstream
#137 - apache: allow setting up HTTP Basic auth and autoindex for specific directories/URLs/virtualhosts? -
-
feature,question,security
#127 - xsrv: add commands to check firewall/fail2ban status/active TCP/UDP connections? -
-
feature,monitoring,question
#125 - common: enforce AppArmor on all services/executables? -
-
enhancement,question,security
#120 - common: firewalld: add a manual IP whitelist/blacklist mechanism -
-
feature,security
#119 - monitoring_utils: lynis: suggestion[]=AUTH-9262|Install a PAM module for password strength testing like pam_cracklib or pam_passwdqc -
-
configuration,enhancement,question,security
#117 - common: prevent forkbombs through ulimit/limits.conf? -
-
enhancement,performance,question,security
#115 - monitoring_utils: lynis: suggestion[]=ACCT-9628|Enable auditd to collect audit information -
-
feature,question,security
#108 - common: minimize write access to a list of files/directories? -
-
question,security
#105 - xsrv: add a global download cache dir variable? (instead of /root) -
-
maintenance,question,tools,wontfix
#98 - Maps and routing services -
-
feature
#97 - openshift/openstack role? -
-
question
#96 - grafana role? -
-
feature,monitoring,question
#93 - VNC/other remote desktop server role? -
-
feature,question
#86 - Peertube role? -
-
feature,question
#78 - Adminer role -
1.24.0
feature
#70 - common: ssh: allow setting up endlessh? -
-
feature,question,security
#69 - IDS/IPS role? -
1.25.0
question,security
#64 - RAID role? -
-
feature,question
#63 - pfSense role? -
-
feature,question,wontfix
#61 - GDPR compliance? -
-
feature,question
#59 - Collaborative pad? -
-
feature,question
#58 - HTTP downloader? -
-
feature,question
#57 - rundeck role? -
-
feature,question
#55 - Guacamole remote control gateway role? -
-
feature,question
#52 - blogging engine/static site generator role? -
-
feature,question
#49 - caching HTTP proxy/squid role? -
-
feature,question
#46 - Printer sharing server? -
-
feature,question
#44 - jellyfin: document DLNA/UPnP usage -
-
configuration,documentation,feature,question
#43 - OSM routing service role? -
-
feature,question
#42 - OpenStreetMap/maps tileserver role? -
-
feature,question
#41 - network scanner (SANE) server role? -
-
feature,question
#40 - SearxNG role -
1.24.0
feature
#39 - wallabag role? -
-
feature,question
#37 - Replace
ntp
withchrony
? -2.0.0
question
#35 - simple git server role? -
-
feature,question,wontfix
#34 - CentOS compatibility? -
-
feature,question,wontfix
#33 - Minecraft server role? -
1.25.0
feature,question
#30 - Gitlab role? -
-
feature,question
#26 - dynamic DNS updater role? -
2.0.0
feature
#24 - DHCP/TFTP/PXE server role? -
-
feature,question
#22 - Add molecule tests? -
-
difficult,enhancement,question,tools
#10 - xsrv init-vm: use cloud-init images -
1.25.0
enhancement
#3 - Mail server role? -
-
feature,question