Skip to content

CHANGELOG.md

Latest commit

 

History

History
365 lines (265 loc) · 10.3 KB

CHANGELOG.md

File metadata and controls

365 lines (265 loc) · 10.3 KB

Changelog

This is a changelog.

This project attempts to follow semantic versioning.

Known Bugs

  • Terminal Color
    • Not working on OSX - macs don't read from /etc/profile.d/
    • Stops showing color if you sudo su

Unreleased

3.0.23

  • Add cache_valid_time to apt update_cache calls across roles to avoid redundant apt updates during provision

3.0.22

  • Switch nginx from ppa:ondrej/nginx to official nginx.org repository.

3.0.21

  • Add gem-patch-report role. Sends stats for each vulnerable gem fixed since the start of the month.

3.0.20

  • Update postgresql-client role to get the actual psql database version instead of the local client version

3.0.19

  • Fix ansible fact deprecations

3.0.18

  • Fix conditional when checking for newrelic_logs so that it returns a boolean instead of an integer

3.0.17

  • Fix update count when sending stats

3.0.16

  • Ignore errors on getting rails version

3.0.15

  • Add 'abbrev' gem as runtime dependency to fix issue when doing subspace ssh {hostname}

3.0.14

  • Update oxenwagen template: remove profile, add final_snapshot_identifier
  • Change key to stat_type for client stats

3.0.13

  • Allow tailscale to update itself again; bug that required known good version pinning in 3.0.10 has been resolved.

3.0.12

  • Bugfix: use exist?

3.0.11

  • Change tailscale pinning behavior to allow install, and then pin to specific version
  • Fix psycopg2 break_system_packages to work across ubuntu/python versions

3.0.10

  • Pin tailscale to known good version

3.0.9

  • Use pretty name for ubuntu version string
  • break system packages for psycopg2

3.0.8

  • fix nodejs gpg key

3.0.7

  • Fix tailscale_reauth role so it also ensures tailscale is installed
  • Change nodesource to use the nodistro codename

3.0.6

  • fix redis server thing again

3.0.5

  • update rake task for secerts
  • update readme
  • remove unneeded deps for rails
  • fix include deprecation
  • Remove punctuation from tailscale host name

3.0.4

  • log ansible update output to var

3.0.1

  • Add maintenance tag to tailscale commands
  • Only run tailscale up if forcing reauth

3.0.0.rc2

  • Install redis from vendor repos (BREAKING, see README)
  • Removed outdated awscli role
  • Added subspace secrets rekey to generate and rekey ansible-vault secrets
  • Update tailscale role
  • Don't default to using pemfile (use tailscale instead!)
  • Add subspace inventory keyscan to fix ssh fingerprints
  • Use sidekiq_workers var in systemd
  • Tailscale hostname is now {{project_name}}-{{hostname}}

3.0.0.rc1

  • Added infrastructure management via Terraform!
  • Added new subspace exec command for manual remote management
  • BREAKING: Consolidated inventory file into config/provision/inventory.env.yml
    • No more hosts file
    • No more host_vars directory
    • No more group_vars directory
    • All of the host/group configuration is in that one file now!
  • BREAKING: subspace vars is now subspace secrets
  • BREAKING: sidekiq_concurrency renamed to sidekiq_workers, default changed from 10 -> 1
  • BREAKING: swap_space variable must be defined for the common ansible role (previously defaulted to 512MB)
  • BREAKING: removed defaults from rails, postgis, puma roles

2.5.8

  • Add a new role for configuring a monit-based resque server
  • Auto-detect mitogen for speed

2.5.7

  • Add ability to set the timezone for servers instead of forcing to Central Time
  • Update puma configuration to support puma 5 with puma-daemon
  • Update letsencrypt to add certbot-nginx support for newer ubuntu

2.5.6

  • Fix sending security stats
  • Make sure apt package acl is installed in common role so ansible can become a non-privileged user

2.5.5

  • Remove duplicate nginx role from playbook templates
  • Don't send stats if there have been no upgrades

2.5.4

  • certbox => certbot

2.5.3

  • Add a friendly error message if ansible is not installed
  • Add new role to support New Relic One's infrastructure agent

2.5.2

  • Always specify the letsencrypt cert_name so they are consistent

2.5.1

  • Fix os upgrades stat collection for ubuntu 20

2.5

  • Get actual os version number along with kernal name
  • Update MOTD version automatically!
  • Get and upload unattended security updates

2.4.2

  • Update deprecated syntax for ansible
  • Fix postgresql-client for python 3

2.4.1

  • Allow extra nginx options via extra_nginx_config eg: 
    extra_nginx_config: |
  proxy_http_version 1.1;
  chunked_transfer_encoding off;
  proxy_buffering off;
  proxy_cache off;
  • Add keepalive_timeout for nginx

2.4

Lots of modifications for ubuntu 20.04, which has python3 as a default

  • Change letsencrypt to pull from apt instead of build from source (backwards compatible)
  • Change postgres to a cleaner install and deprecate the old zenoamaro role
  • postgresql_version is now a required variable and no longer defaults to 9.4
  • Better detection of web servers

2.3.3

  • Tweak the way that different roles are detected to be more reliable

2.3.2

  • Update papertrail to latest version of remote_syslog2 and add support for nginx logs

2.3.1

  • Sidekiq concurrency actually works

2.3.0

  • Grab linux kernel to send as stats
  • Grab psql version to send as stats

2.2.3

  • Add PATH to crontab for letsencrypt auto renewal
  • log letsencrypt crontab to /var/log/cron.log
  • fix setting hostname with systemd

2.2.2

  • Use state: "present" instead of "installed"

2.2.1

  • Update URL for letsencrypt tls raw file

2.2.0

  • Add maintenance_mode command
  • Add ppa:ondrej/nginx repo in common role for TLS 1.3 and nginx support

2.1.2

  • bug fixes
    • PostgreSQL database server works for version > 10
    • New LetsEncrypt/NGINX servers get the correct file from the certbot repo

2.1.1

  • bug fixes
    • Fix error when not setting send_stats
    • ignore errors when uninstalling bundler - can fail when trying to uninstall the version provided by ruby

2.1.0

  • Add config option for default_server directive in nginx.
  • Fixed bug in SSL redirect from 2.0.1
  • Adds ability to gather Ruby, Rails, and apt details from servers and send to a stats collector
  • Add maintain command

2.0.4

  • Add letsencrypt_dns role for doing DNS validation vs HTTP validation

2.0.3

  • Fix bundler / gem version installation on new/vanilla servers

2.0.2

  • Adds FFMPEG to Rails role so ActiveStorage can generate video previews

2.0.1

  • Option to not redirect to SSL on nginx
  • Group delayed jobs by queue in collectd config

2.0.0

  • breaking changes

    • Add bundler_version to install specific bundler version. Is required.

  • enhancements

    • Updates rubygems in ruby-common task
    • Logs apt updates to /opt/subspace/updates.log

1.0.8

  • enhancements

    • Add support for -i in subpsace ssh command.

  • bug fixes

    • Check for all monit jobs stopping before changing config.
    • Ensure /etc/profile.d/ exists

1.0.7

  • enhancements

    • Add a terminal environment prompt background color to the common role, so you know what environment you're ssh'd into.

  • bug fixes

    • Stop all monit jobs before changing the monit config.

1.0.6 - 2018-11-12

  • bug fixes
    • Fix setting the timezone

1.0.5 - 2018-10-16

  • bug fixes

    • Fix bug with task that modifies imagemagick policy to enable reading PDFs which was causing it to insert the same line multiple times.

  • enhancements

    • Unpin monit since they fixed it, and the version we have pinned isn't available in Ubuntu 18.04.

1.0.4 - 2018-10-18

  • enhancements
    • Add way to specify private key when running the bootstrap command.
    • Add way to specify only certain hosts to run the playbook on when running the provision command.
    • The common role now runs apt-get autoremove after doing the update and upgrade.

1.0.3 - 2018-10-08

  • bug fixes

  • enhancements

    • Make it possible to specify private key file when running provision command.

1.0.2 - 2018-09-12

  • bug fixes
    • Pin monit to the version that isn't broken. Since it was a security update, monit would re-update if not pinned.

1.0.1 - 2018-08-15

  • bug fixes
    • Update alienvault role to handle Ubuntu and Amazon ansible_distributions.

1.0.0 - 2018-08-15

No breaking changes from 0.6.17 to 1.0.0, but decided it's time for version 1.0.0 to be out.

  • enhancements

    • Tag tasks in the alienvault and monit roles such that all tasks are tagged with the role name.
    • Make tags 'upgrade' for doing apt-get update and upgrade and 'authorized_keys' for setting deploy user's authorized_keys in the common role.
    • Make tag 'appyml' for the task to upload application.yml in the rails role.

  • features

    • Add ability to pass certain options through subspace provision to ansible-playbook. These are: tags, start-at-task

0.6.17 - 2018-08-14

  • bug fixes
    • Pin monit version to 1:5.16-2 due to a bug

0.6.16 - 2018-07-27

  • bug fixes
    • Remove /cable location entry for nginx-rails config file

0.6.15 - 2018-07-17

  • features

    • The nginx collectd configuration now reports number of errors (500-503), timeouts (504) and successes (200, 302, 304)
    • Add alienvault role that can configure ubuntu to send syslog to a sensor.
    • nginx-rails role: Add ability to set nginx's proxy_read_timeout.

  • bug fixes

    • Don't have rails role install yarn -- it's not needed by default, and if the project does need it, it should explicitly use the yarn role.

0.5.15 - 2018-06-15

  • bug fixes
    • Update rails and logrotate modules to work with Python 3

0.5.14 - 2018-06-15

  • bug fixes

    • Fix Postgres role's backup script to include AWS ACL header that fixes bucket object permissions.

  • features

    • Add yarn and nodejs roles.

Version - Date

  • breaking changes

    • enhancement A
    • enhancement B

  • deprecations

    • deprecation A
    • deprecation B

  • bug fixes

    • bug fix A
    • bug fix B

  • enhancements

    • enhancement A
    • enhancement B

  • features

    • feature A
    • feature B