sovereign

Author	SHA1	Message	Date
Justin Plock	ab00ee6376	Ensure the config.ini is readable by www-data	9 years ago
Alex Payne	27e9340402	Pin Selfoss version to an actual release	9 years ago
Sven Neuhaus	20bd80c599	Generate 2048 DH group and add it to Postfix	9 years ago
Filipp Frizzy	309bdc7f60	update openvpn server config Change default network buffer size Should increase tcp tunnel speed for openvpn < 2.3.9 https://community.openvpn.net/openvpn/ticket/461	9 years ago
Dan Milon	af80bc817d	Configure logrotate permissions for selfoss	9 years ago
Allen Riddell	22cd611e90	Remove reference to Google's DNS servers Per discussion on #429 (after the merge). This project is about encouraging users to run services themselves and not rely on for-profit corporations such as Google.	9 years ago
Dan Milon	34f3a483aa	Add SSL stapling cache for apache Fixes #406	9 years ago
Dan Milon	a419d9403b	restart apache on SSL changes	9 years ago
Dan Milon	e063abaa51	properly install changed SSL certificate	9 years ago
Allen Riddell	6cc6756ce1	Comment copyediting	9 years ago
Filipp Frizzy	39d8983452	up comments in openvpn config template add additional comment about `tun-mtu` parameter in openvpn config template	9 years ago
Filipp Frizzy	68b4bf7954	comment out google dns in openvpn config template	9 years ago
Filipp Frizzy	3cca3c61d4	add new settings into openvpn config template - google dns setting for client - verb level - mtu - TLS settings	9 years ago
Laurent Arnoud	dfb1b764d7	Use common_timezone and fix idempotence Thanks-to: 8e693b3db3	9 years ago
Reh Wanne	71fffc20f7	change auth to interna_hashed because why the fuck not?	9 years ago
Florian Anderiasch	076b6d2452	Fix typo in tarsnap.yml	9 years ago
Alex Payne	58a4532fe7	Better permission handling for OpenDMARC. Resolves #400.	10 years ago
Alex Payne	417403f534	Use {{ mail_server_hostname }} over mail.servername Resolves #402.	10 years ago
Alex Payne	7bb62ca678	Explicitly require MySQL server as part of OpenDMARC isntall. Resolves #410.	10 years ago
Miloš Hadžić	d823ed0848	Use lmtp instead of lda for delivery.	10 years ago
Pavel Karoukin	a86e43d5b4	Couple issues with OpenDMARC on Debian 7: * fix mail_db_opendmarc_username/mail_db_opendmarc_password variable not found. * python-mysqldb package is required. Add it to opendmarc task.	10 years ago
Laurent Arnoud	21e0110684	Ignore copy tasks	10 years ago
Laurent Arnoud	ad22aed4cc	rm used in place of argument state=absent to file module	10 years ago
Laurent Arnoud	343db8edea	Git checkouts must contain explicit version	10 years ago
Laurent Arnoud	a09e2e71c1	tar used in place of unarchive module	10 years ago
Laurent Arnoud	0730284671	curl used in place of get_url module	10 years ago
Laurent Arnoud	311fae7e11	Trailing whitespace	10 years ago
Laurent Arnoud	3b8f15b745	Added whois for fail2ban report Report will print: "missing whois program"	10 years ago
Will McCutchen	1be1afe1ff	Disable SSL stapling on wheezy	10 years ago
Will McCutchen	16b66cc849	Define apache SSL config in one place	10 years ago
Alex Payne	26d61c68a8	Implement OpenDMARC. Resolves #369.	10 years ago
Manfred Touron	16c93ea486	Using more verbose 'dependencies' tag (#393)	10 years ago
Manfred Touron	b49f3a6586	Tagged 'deps' aptitude tasks	10 years ago
John Rogerson	f72e1d2350	Update dovecot version from wheezy backports For correct implementation of the fix for logjam attack (https://github.com/sovereign/sovereign/pull/372), state=latest is needed to grab sufficient version of Dovecot. If not then 37aa7e2cb5 doesn't work.	10 years ago
Sven Neuhaus	a088d9c456	Use "modern" SSLCipherSuite per Mozilla recommendations. See https://wiki.mozilla.org/Security/Server_Side_TLS for details. Removes RC4 cipher. Fixes issue #341. Also explicitly disabled SSLCompression and enables OCSP stapling. We should put all these settings in /etc/apache2/mods-enabled/ssl.conf to avoid duplication...	10 years ago
Sven Neuhaus	c898aa98d6	Install postgresql 9.4, 9.3 or 9.1 if available (on Debian Jessie, Ubuntu Trusty or older distributions such as Debian Wheezy and Ubuntu Precise).	10 years ago
Sven Neuhaus	edf65c530a	Install lua-sec-prosody package on Debian Wheezy and Ubuntu Precise This is the updated version from the prosody repository because these distributions have an old version of the lua-sec package that lacks PFS and other features. Second commit for issue #285.	10 years ago
Sven Neuhaus	570bebac70	wheezy: need librrd2-dev from backports to be compatible with dovecot	10 years ago
Sven Neuhaus	a849a49f37	Fix: Files shouldn't be owned or writeable by httpd unless necessary.	10 years ago
Sven Neuhaus	8b5ed21e38	use wheezy-backports for dspam and solr packages on wheezy relates to pull request #372	10 years ago
Laurent Arnoud	353e69d299	Remove duplication with items unattended upgrades	10 years ago
Alex Payne	34448d5d34	install Dovecot from wheezy-backports on wheezy, specifying default_release	10 years ago
Laurent Arnoud	89d47731ff	Add molly-guard and unattended-upgrades as common pkgs	10 years ago
Yannik	7c5d1c2261	remove duplicate options which are already specified in main.cf	10 years ago
Sven Neuhaus	37aa7e2cb5	Dovecot: Fix for logjam attack	10 years ago
Bob Van Landuyt	211b95189e	Add a tag for newebe, so it can be installed separately Added a tag for newebe in a similar style to the other roles.	10 years ago
Alex Payne	1a96a87374	Ubuntu Trusty gets postgresql-9.3. Resolves #363.	10 years ago
Alex Payne	177ac9222b	Affix Postgres to version 9.1. Addresses #362.	10 years ago
Alex Payne	b11fb68559	Automatically set up passwordless sudo for deploy user. Closes #343.	10 years ago
Aleksandr Bogdanov	a849948e8d	Choosing the closest ubuntu mirror before anything else	10 years ago

First Previous 1 2 3 4 5 ... Next Last

353 Commits (e95e3e1bf844b353e8ac31359e980a48bfcaf70b)