sovereign

Author	SHA1	Message	Date
Lorenzo Villani	6c58422d25	Add BindHost to prevent random "Connection timed out" errors Also see: http://b.wardje.eu/2011/12/znc-failing-to-connect.html	10 years ago
Lorenzo Villani	32ac785667	Make sure to remove 'install' directory if wallabag is already installed Subsequent runs of wallabag's playbook result in the 'install' directory being recreated, (after the "Clone wallabag" step) kicking wallabag's first time setup procedure. With this patch we automatically remove the 'install' directory if wallabag's configuration file appears to be in place before cloning the repository.	10 years ago
Lorenzo Villani	e7703d0d9c	Add support for Apache 2.4 on Ubuntu 14.04	10 years ago
Lorenzo Villani	e2e61a2f76	Install 'fuse' instead of 'fuse-utils' The 'fuse-utils' package doesn't exist on Ubuntu 14.04 and is marked as a transitional package on both Debian 7 and Ubuntu 12.04 that installs the 'fuse' package. Since Debian 7 is the officially supported distribution we can safely switch to install 'fuse' instead of 'fuse-utils' and we also gain compatibility with Ubuntu 14.04.	10 years ago
Justin Plock	0c38a44f82	Fix monit ZNC monitoring	10 years ago
Justin Plock	e47e3774dd	Compress Postgres backup file Compress Postgres backup file	10 years ago
Michael West	aa2e1a0e74	Increase security of postfix smtp tls ciphers, that is sending email to other smtp servers using encryption	10 years ago
Michael West	0c01f4cdf0	Changed tarsnap.sh to not shut down postgresql, instead use the pg_dumpall command to create a .sql backup file in /decrypted/. Much better than shutting down the entire db server.	10 years ago
Luke Cyca	8f4c9ea5f3	Put ZNC web interface on its on port that is inaccessible through the firewall	10 years ago
Luke Cyca	785cad2e84	Upgrade ZNC to 1.4	10 years ago
Alex Payne	e6bd0a08c2	Set `smtpd_relay_restrictions` to backwards compatible mode. Resolves #231.	10 years ago
Luke Cyca	1986dc96a4	Fix dspam user parameter and data paths. fixes #196	10 years ago
Hector Castro	05426d04bb	Add collectd to the monitoring suite This change set builds collectd from source and configures it in one of the following ways: - If Librato credentials are present, collectd will be configured to send data points to Librato using the collectd-librato plugin. - If no Librato credentials are present, collectd will be configured to write RRD files locally (/opt/collectd/var/lib/collectd/rrd by default).	10 years ago
Justin Plock	e11f494183	Rotate selfoss logs My selfoss logs were using 10GB of space because they weren't being rotated properly.	10 years ago
Sven Neuhaus	9a4d253d3e	Use available gitolite3 package on Ubuntu trusty	10 years ago
Sven Neuhaus	63ba754eb7	libpam-google-authenticator uses distribution package on Ubuntu 14.04	10 years ago
Sven Neuhaus	0a164d519f	Fix syntax for "removes" options	10 years ago
Sven Neuhaus	ab614fd70a	Added rules for dealing with old virtualhost files in /etc/apache2/sites-available and old (dangling) symlinks in /etc/apaches/sites-enabled. Also, remove unnecessary apache2 restart after creating a new virtualhost but not yet enabling it.	10 years ago
Sven Neuhaus	779d6c6bb9	Ubuntu Trusty fix for Dovecot (postgresql 9.3 instead of 9.1)	10 years ago
Sven Neuhaus	0ebda3b32e	Fixes for Ubuntu 14.04 LTS 'trusty' * Postfix: Trusty comes with postgresql 9.3, not 9.1 * owncloud 6.0.1 is part of the distribution, doesn't require opensuse repository * owncloud requires libapache2-mod-php5 * uses prosody repository that matches the ansible_distribution_release (trusty, wheezy, etc)	10 years ago
Sven Neuhaus	0f6dfdc6ca	More apache fixes. The virtual site files must be owned by root (serious security issue) and they must have the .conf filename suffix for a2ensite on Ubuntu 14.04LTS (apache 2.4.7).	10 years ago
Sven Neuhaus	22f6228758	Make the .conf change backward compatible I guess the .conf appendix is a change introduced in apache 2.4. This change should make it backward compatible with apache 2.2.	10 years ago
Sven Neuhaus	67a9ce43bd	apache roundcube: Wrong ownership and filename On Ubuntu 14.04 LTS, a2ensite automatically appends ".conf" to the filename it looks for in /etc/apache2/sites-available/ Therefore, the file "/etc/apache2/sites-available/roundcube" must be renamed to "/etc/apache2/sites-available/roundcube.conf". Security issue: This file must be owned by root, otherwise it is a huge security issue (User www-data could modify the file and get root at next restart of apache).	10 years ago
Gelnior	7995bac36c	put back enc.fs (removed by mistake)	10 years ago
Gelnior	bd57edd5a5	newebe config: fix Newebe config file task	10 years ago
Gelnior	e4021dda88	newebe config: use template instead of file + make lines < 80 chars	10 years ago
Gelnior	89b6a8d7a4	turn newebe config.yaml into a template	10 years ago
Gelnior	5a30943955	add newebe playbooks and config files/templates	10 years ago
Justin Plock	1d7986fd96	Enable UFW and deny everything by default Removed unused status checks on UFW	10 years ago
Justin Plock	ea0b288818	Moved ufw firewall rules into individual roles	10 years ago
Thom Wiggers	6312286b64	Remove ahbl as it's being winded down http://ahbl.org/content/changes-ahbl Fixes #232	10 years ago
brandon	7c9084fcba	fixes "Warning: autocreate plugin is deprecated, use mailbox { auto } setting instead"	10 years ago
Alban Seurat	c22d179e83	cgit dependency missing	10 years ago
Justin Plock	d1073d042d	Added read-it-later functionality from Wallabag	10 years ago
Norman S.	53010bed89	fixes #156 fixes #156 by adding the -L flag, as suggested by @ventolin	10 years ago
Alex Dunae	b44972ab87	Only install Tarsnap when version is missing Checks if the exact version of Tarsnap is already installed and, if so, skips the download and build steps.	10 years ago
Justin Plock	79fd923668	Initial work to support wallabag	10 years ago
Mike Hostetler	8ec36ca875	add cgi module for cgit	10 years ago
Thom Wiggers	8578f49e21	Make sure that only ZNC can read its certificate To bring this certificate in line with how those in ssl.yml are managed.	10 years ago
Joshua Lund	64883159e9	* Update OpenVPN role to generate self-contained "unified" .ovpn profiles * The role now generates .ovpn profiles with embedded CA, certificate, key, and HMAC firewall key information. These .ovpn profiles are compatible with OpenVPN for iOS and Android, and only a single file needs to be transferred to your mobile device. * Added explicit route information to the .ovpn profile	10 years ago
Justin Plock	ed75c9469b	libpam-dev didn't exist for some people so switching to libpam0g-dev instead	10 years ago
Justin Plock	921ae6957e	Optional 2FA support for OpenVPN (requires uncommenting on the server and pushing new client configs)	10 years ago
Justin Plock	e88fb57cba	Skip the google authenticator generation if we're running as vagrant. Vagrant can't sudo to the sovereign test user so this won't work.	10 years ago
Justin Plock	408d83341f	Add a 2FA plugin for Roundcube (fixes #201)	10 years ago
Justin Plock	2d751ab680	The .google_authenticator file has to be generated by the user that is going to attempt to use it. Also, -W doesn't seem to work (results an in INVALID_WINDOW error in /var/log/auth.log), so use -w 1 to allow for a single concurrent token	10 years ago
Justin Plock	c037dce07a	Clarified parameters are bit in a comment	10 years ago
Justin Plock	22a8717f6d	Automatically generate the Google authenticator file for the default user	10 years ago
Justin Plock	84c9febec7	Added Google Authenticator 2FA logins	10 years ago
Justin Plock	89f018bd23	In preparation for using any 2FA solution, it will most likely need to modify sshd_config, so let's change the file in place instead of overwriting it completely.	10 years ago
Norman S.	b1092e800b	changed from 52 to 5 versions.	10 years ago

First Previous ... 11 12 13 14 15 Next Last

721 Commits (08462f5d86db12489252f46558f11c6f077437ed)