sovereign

Tekijä	SHA1	Viesti	Päivämäärä
fengor	b368984641	Added "UseRoaming no" to ssh.config to fix OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778 see: http://undeadly.org/cgi?action=article&sid=2016011414	9 vuotta sitten
Sebastian Kriems	968abba197	ufw tasks shall have the ufw tag resolves #453	9 vuotta sitten
Justin Plock	ab00ee6376	Ensure the config.ini is readable by www-data	9 vuotta sitten
Alex Payne	27e9340402	Pin Selfoss version to an actual release	10 vuotta sitten
Sven Neuhaus	20bd80c599	Generate 2048 DH group and add it to Postfix	9 vuotta sitten
Filipp Frizzy	309bdc7f60	update openvpn server config Change default network buffer size Should increase tcp tunnel speed for openvpn < 2.3.9 https://community.openvpn.net/openvpn/ticket/461	9 vuotta sitten
Dan Milon	af80bc817d	Configure logrotate permissions for selfoss	9 vuotta sitten
Allen Riddell	22cd611e90	Remove reference to Google's DNS servers Per discussion on #429 (after the merge). This project is about encouraging users to run services themselves and not rely on for-profit corporations such as Google.	9 vuotta sitten
Dan Milon	34f3a483aa	Add SSL stapling cache for apache Fixes #406	9 vuotta sitten
Dan Milon	a419d9403b	restart apache on SSL changes	9 vuotta sitten
Dan Milon	e063abaa51	properly install changed SSL certificate	9 vuotta sitten
Allen Riddell	6cc6756ce1	Comment copyediting	9 vuotta sitten
Filipp Frizzy	39d8983452	up comments in openvpn config template add additional comment about `tun-mtu` parameter in openvpn config template	9 vuotta sitten
Filipp Frizzy	68b4bf7954	comment out google dns in openvpn config template	9 vuotta sitten
Filipp Frizzy	3cca3c61d4	add new settings into openvpn config template - google dns setting for client - verb level - mtu - TLS settings	9 vuotta sitten
Laurent Arnoud	dfb1b764d7	Use common_timezone and fix idempotence Thanks-to: 8e693b3db3	9 vuotta sitten
Reh Wanne	71fffc20f7	change auth to interna_hashed because why the fuck not?	10 vuotta sitten
Florian Anderiasch	076b6d2452	Fix typo in tarsnap.yml	10 vuotta sitten
Alex Payne	58a4532fe7	Better permission handling for OpenDMARC. Resolves #400.	10 vuotta sitten
Alex Payne	417403f534	Use {{ mail_server_hostname }} over mail.servername Resolves #402.	10 vuotta sitten
Alex Payne	7bb62ca678	Explicitly require MySQL server as part of OpenDMARC isntall. Resolves #410.	10 vuotta sitten
Miloš Hadžić	d823ed0848	Use lmtp instead of lda for delivery.	10 vuotta sitten
Pavel Karoukin	a86e43d5b4	Couple issues with OpenDMARC on Debian 7: * fix mail_db_opendmarc_username/mail_db_opendmarc_password variable not found. * python-mysqldb package is required. Add it to opendmarc task.	10 vuotta sitten
Laurent Arnoud	21e0110684	Ignore copy tasks	10 vuotta sitten
Laurent Arnoud	ad22aed4cc	rm used in place of argument state=absent to file module	10 vuotta sitten
Laurent Arnoud	343db8edea	Git checkouts must contain explicit version	10 vuotta sitten
Laurent Arnoud	a09e2e71c1	tar used in place of unarchive module	10 vuotta sitten
Laurent Arnoud	0730284671	curl used in place of get_url module	10 vuotta sitten
Laurent Arnoud	311fae7e11	Trailing whitespace	10 vuotta sitten
Laurent Arnoud	3b8f15b745	Added whois for fail2ban report Report will print: "missing whois program"	10 vuotta sitten
Will McCutchen	1be1afe1ff	Disable SSL stapling on wheezy	10 vuotta sitten
Will McCutchen	16b66cc849	Define apache SSL config in one place	10 vuotta sitten
Alex Payne	26d61c68a8	Implement OpenDMARC. Resolves #369.	10 vuotta sitten
Manfred Touron	16c93ea486	Using more verbose 'dependencies' tag (#393)	10 vuotta sitten
Manfred Touron	b49f3a6586	Tagged 'deps' aptitude tasks	10 vuotta sitten
John Rogerson	f72e1d2350	Update dovecot version from wheezy backports For correct implementation of the fix for logjam attack (https://github.com/sovereign/sovereign/pull/372), state=latest is needed to grab sufficient version of Dovecot. If not then 37aa7e2cb5 doesn't work.	10 vuotta sitten
Sven Neuhaus	a088d9c456	Use "modern" SSLCipherSuite per Mozilla recommendations. See https://wiki.mozilla.org/Security/Server_Side_TLS for details. Removes RC4 cipher. Fixes issue #341. Also explicitly disabled SSLCompression and enables OCSP stapling. We should put all these settings in /etc/apache2/mods-enabled/ssl.conf to avoid duplication...	10 vuotta sitten
Sven Neuhaus	c898aa98d6	Install postgresql 9.4, 9.3 or 9.1 if available (on Debian Jessie, Ubuntu Trusty or older distributions such as Debian Wheezy and Ubuntu Precise).	10 vuotta sitten
Sven Neuhaus	edf65c530a	Install lua-sec-prosody package on Debian Wheezy and Ubuntu Precise This is the updated version from the prosody repository because these distributions have an old version of the lua-sec package that lacks PFS and other features. Second commit for issue #285.	10 vuotta sitten
Sven Neuhaus	570bebac70	wheezy: need librrd2-dev from backports to be compatible with dovecot	10 vuotta sitten
Sven Neuhaus	a849a49f37	Fix: Files shouldn't be owned or writeable by httpd unless necessary.	10 vuotta sitten
Sven Neuhaus	8b5ed21e38	use wheezy-backports for dspam and solr packages on wheezy relates to pull request #372	10 vuotta sitten
Laurent Arnoud	353e69d299	Remove duplication with items unattended upgrades	10 vuotta sitten
Alex Payne	34448d5d34	install Dovecot from wheezy-backports on wheezy, specifying default_release	10 vuotta sitten
Laurent Arnoud	89d47731ff	Add molly-guard and unattended-upgrades as common pkgs	10 vuotta sitten
Yannik	7c5d1c2261	remove duplicate options which are already specified in main.cf	10 vuotta sitten
Sven Neuhaus	37aa7e2cb5	Dovecot: Fix for logjam attack	10 vuotta sitten
Bob Van Landuyt	211b95189e	Add a tag for newebe, so it can be installed separately Added a tag for newebe in a similar style to the other roles.	10 vuotta sitten
Alex Payne	1a96a87374	Ubuntu Trusty gets postgresql-9.3. Resolves #363.	10 vuotta sitten
Alex Payne	177ac9222b	Affix Postgres to version 9.1. Addresses #362.	10 vuotta sitten

Ensimmäinen Edellinen 1 2 3 4 5 ... Seuraava Viimeisin

356 Commitit (ecf5f8341e1faea798aa79fec1a6d870275fa97a)