sovereign

提交線圖

作者	SHA1	備註	提交日期
Sebastian Kriems	fe536873b7	ufw tasks shall have the ufw tag resolves #453 Conflicts: roles/common/tasks/ufw.yml	9 年之前
Sven Neuhaus	d59c5eff05	Generate 2048 DH group and add it to Postfix	9 年之前
Stuart Read	e444efa2b4	Add jessie to special-casing for modern apache conf.d handling.	9 年之前
Stuart Read	22ef6be96e	Revert "Z-push apache config: Jessie also uses conf-available/conf-enabled" This reverts commit 6b53da4bdc. Using a different approach to maintain wheezy compatibility	9 年之前
Stuart Read	6b53da4bdc	Z-push apache config: Jessie also uses conf-available/conf-enabled	9 年之前
rokaz	a8a0905738	Fix dependency for Solr	9 年之前
Alex Payne	b3dc1b00e9	Correct Tomact config file name.	10 年之前
Alex Payne	69abd70297	Remove references to Debian 7	10 年之前
Alex Payne	2352d2d67e	OpenDMARC running under Postgres (?)	10 年之前
Alex Payne	7275a52ba6	Update to Tomcat 8	10 年之前
Alex Payne	34d537fcf2	Remove Dovecot installation for older distros	10 年之前
Alex Payne	2e966fe790	Don't need older Postgres anymore	10 年之前
Alex Payne	b674e0a669	Unified Solr installation across distros	10 年之前
Alex Payne	ecaa4c2330	Partially working Rspamd replacement for dspam	10 年之前
Alex Payne	58a4532fe7	Better permission handling for OpenDMARC. Resolves #400.	10 年之前
Alex Payne	417403f534	Use {{ mail_server_hostname }} over mail.servername Resolves #402.	10 年之前
Alex Payne	7bb62ca678	Explicitly require MySQL server as part of OpenDMARC isntall. Resolves #410.	10 年之前
Miloš Hadžić	d823ed0848	Use lmtp instead of lda for delivery.	10 年之前
Pavel Karoukin	a86e43d5b4	Couple issues with OpenDMARC on Debian 7: * fix mail_db_opendmarc_username/mail_db_opendmarc_password variable not found. * python-mysqldb package is required. Add it to opendmarc task.	10 年之前
Laurent Arnoud	21e0110684	Ignore copy tasks	10 年之前
Laurent Arnoud	a09e2e71c1	tar used in place of unarchive module	10 年之前
Will McCutchen	16b66cc849	Define apache SSL config in one place	10 年之前
Alex Payne	26d61c68a8	Implement OpenDMARC. Resolves #369.	10 年之前
Manfred Touron	16c93ea486	Using more verbose 'dependencies' tag (#393)	10 年之前
Manfred Touron	b49f3a6586	Tagged 'deps' aptitude tasks	10 年之前
John Rogerson	f72e1d2350	Update dovecot version from wheezy backports For correct implementation of the fix for logjam attack (https://github.com/sovereign/sovereign/pull/372), state=latest is needed to grab sufficient version of Dovecot. If not then 37aa7e2cb5 doesn't work.	10 年之前
Sven Neuhaus	a088d9c456	Use "modern" SSLCipherSuite per Mozilla recommendations. See https://wiki.mozilla.org/Security/Server_Side_TLS for details. Removes RC4 cipher. Fixes issue #341. Also explicitly disabled SSLCompression and enables OCSP stapling. We should put all these settings in /etc/apache2/mods-enabled/ssl.conf to avoid duplication...	10 年之前
Sven Neuhaus	c898aa98d6	Install postgresql 9.4, 9.3 or 9.1 if available (on Debian Jessie, Ubuntu Trusty or older distributions such as Debian Wheezy and Ubuntu Precise).	10 年之前
Sven Neuhaus	a849a49f37	Fix: Files shouldn't be owned or writeable by httpd unless necessary.	10 年之前
Sven Neuhaus	8b5ed21e38	use wheezy-backports for dspam and solr packages on wheezy relates to pull request #372	10 年之前
Alex Payne	34448d5d34	install Dovecot from wheezy-backports on wheezy, specifying default_release	10 年之前
Alex Payne	5222776e34	install Dovecot from wheezy-backports on wheezy, specifying default_release	10 年之前
Alex Payne	c3afbc3b46	install Dovecot from wheezy-backports on wheezy. resolves #372	10 年之前
Yannik	7c5d1c2261	remove duplicate options which are already specified in main.cf	10 年之前
Sven Neuhaus	37aa7e2cb5	Dovecot: Fix for logjam attack	10 年之前
Alex Payne	1a96a87374	Ubuntu Trusty gets postgresql-9.3. Resolves #363.	10 年之前
Alex Payne	177ac9222b	Affix Postgres to version 9.1. Addresses #362.	10 年之前
Philip Potter	41243fa3ec	Bump checkrbl version to stop using ahbl ahbl is no longer being maintained and has been configured to return a positive value for every host. This means I get a cron warning every day reporting that my mailserver is in ircbl.ahbl.org and dnsbl.ahbl.org. lukecyca/check-rbl#1 has removed ahbl from the blacklists that it checks. This just pulls in that change. Unfortunately, ansible's get_url won't update files which have been downloaded already unless you set force=yes, which will cause ansible to pull down the file from github on every single run, which isn't really acceptable. I have filed ansible/ansible-modules-core#625 to ask that get_url redownload if and only if the sha256sum differs. In the meantime, you have to manually delete /opt/check-rbl.pl before rerunning ansible to pull in the update. However, at least this will work fine for new installs. Related to #338 (though I don't know if it truly fixes it).	10 年之前
Sven Neuhaus	ac59435d6e	exclude SSLv3 for all TLS to mitigate POODLE vulnerability	10 年之前
Sven Neuhaus	f338b1e15d	Postfix: Disable SSLv2 and SSLv3 for mandatory TLS connections Postfix: Disable SSLv2 and SSLv3 for 'mandatory SSL' mode connections to completely mitigate the POODLE issue.	10 年之前
Sven Neuhaus	f4177313d7	Disable SSLv3 in Dovecot imap server Disable SSLv3 in Dovecot imap server to avoid POODLE vulnerability	10 年之前
Mike Ashley	cf5d98c505	Correct SMTP port number	10 年之前
Patrick O'Doherty	6f6fc6a90f	Disable SSLv3 in all Apache vhosts	10 年之前
Luke Cyca	befde9f660	Update check-rbl to omit uribl. Fixes #279	11 年之前
Lorenzo Villani	8959f1c183	Add support for Thunderbird automatic configuration Resolves #114	11 年之前
Lorenzo Villani	661ed29a3e	Use /usr/sbin/nologin as login shells for vmail and znc users	11 年之前
Lorenzo Villani	d5ecf673d3	Calm OCD by sorting almost every with_items block in alphabetical order	11 年之前
Lorenzo Villani	e7703d0d9c	Add support for Apache 2.4 on Ubuntu 14.04	11 年之前
Michael West	aa2e1a0e74	Increase security of postfix smtp tls ciphers, that is sending email to other smtp servers using encryption	11 年之前
Alex Payne	e6bd0a08c2	Set `smtpd_relay_restrictions` to backwards compatible mode. Resolves #231.	11 年之前

114 次程式碼提交 (e63661f98245cd643c500aa71b8de46cbfd8536c)