sovereign

Author	SHA1	Message	Date
Thomas Buck	3dc25b1bc9	common was missing db admin user pass in default vars.	5 years ago
Thomas Buck	472dd068c2	Remove unneeded testing / vagrant stuff.	5 years ago
Thomas Buck	03f37267df	Remove cgit/gitolite git repo hosting	5 years ago
Thomas Buck	82a931b55d	Remove Tarsnap stuff	5 years ago
Thomas Buck	31afcaa7b9	Remove encfs and call directory data instead of decrypted	5 years ago
Thomas Buck	183b80da8d	Remove Google Authenticator / Two-Factor Authentification	5 years ago
Brett Haines	eddcdd7993	Updating fail2ban jail list	6 years ago
Óscar Nájera	8f0cc14f76	Fix: Ansible uses the value present in apt module state parameter	6 years ago
Óscar Nájera	ae0594dc4a	use mozilla sshd config on algorithms	6 years ago
Bryan Voss	128b7e63a2	Update for Debian 9	7 years ago
Ndubisi Nwaku	55770977da	Add group name ssl-cert for SSL certificates	7 years ago
Aleksandr Bogdanov	cdc0d3fb4e	Fixing encfs shell invocation for ansible 2 compatibility	7 years ago
Óscar Nájera	0635815b52	Ensure en_US.UTF-8 locale is present	7 years ago
Wolfgang Steitz	3a42d15850	setup posgres within the common role Postgres is used by several roles, but the setup is currently part of the 'mailserver' role. By moving it to 'common', it's possible to disable the mailserver without breaking the others.	8 years ago
Mike Ashley	fc023dfc31	Clean up merge Clean up some artifacts from the merge to match the `jessie` branch. Keep the changes on master made with commits bfe6fe84 and e229c551.	8 years ago
Tomas Bedrich	3efc7ae54e	Allowed SSH agent forwarding when using sudo	8 years ago
Dosenpfand	9697cbe6b3	Silence letsencrypt cron output unless there is an error	8 years ago
Tomas Bedrich	7a399d45ca	Fix SSH connections to Github	8 years ago
Mike Ashley	0e7adf6e3a	Fix bug exposed by commit 264c232b (#572) The `private_key` variable used to check for changes was never registered.	8 years ago
Simon Schoeters	264c232bbf	Remove duplicate when statement in Let's Encrypt task While adding the Let's Encrypt offline testing block in 1746afcc we accidentially duplicated a the 'when' statement. Ansible only looks at the last when statement for a given block meaning the earlier one has no use. This commit merges both lines in one.	8 years ago
Allen Riddell	9f34027d8b	Add common default vars to role	8 years ago
Allen Riddell	e95caea06c	common: use password lookup to generate passwords See https://docs.ansible.com/ansible/playbooks_lookups.html	8 years ago
Dosenpfand	f2c14dd911	Remove unneeded/deprecated apache configuration	8 years ago
Tomas Bedrich	899f527ca3	Updated LE renewal hook system	8 years ago
Tomas Bedrich	9786230808	Changed LE-renew cron frequency	8 years ago
Tomas Bedrich	e08acd2deb	Simplified LE renew script	8 years ago
Carl Meyer	60855eda70	Fix typo in fail2ban config for dovecot.	8 years ago
Mike Ashley	3d68705341	Add leading 0 to octal file permissions This is done to suppress warnings from ansible-lint.	8 years ago
Mike Ashley	4a33ebecdc	Add non-interactive to LE client options Depending on when the client is run, there are no certificates to update. By default, the client runs in interactive mode and wants to notify the user of this. This causes Ansible to hang waiting for an acknowledgement that will never come. Adding the non-interactive flag fixes this.	8 years ago
Carl Meyer	a343509129	No need for letsencrypt.yml to ensure Apache is running.	8 years ago
Carl Meyer	579afa68d3	Add comment into letsencrypt-gencert script clarifying why we stop Apache.	8 years ago
Carl Meyer	0abf92734e	Don't stop Apache until we have to; start it again right after.	8 years ago
Carl Meyer	a636a43948	Don't try to execute any non-executable file in LE postrenew dir.	8 years ago
Carl Meyer	a5f3ec17c1	Workaround bug with enabling SysV scripts on Jessie.	8 years ago
Carl Meyer	c3c2cbf096	Don't bounce Apache unless we actually need to.	8 years ago
Carl Meyer	cc4b3d6fef	Don't request a new LE cert if we have one already.	8 years ago
Carl Meyer	3009c9d2d3	Fix changed-reporting for LE deps installation.	8 years ago
Carl Meyer	e8796ecd28	Idempotent and independent post-certificate-renewal tasks.	8 years ago
nodiscc	d876c87e21	bash syntax cleanup as per discussion in https://github.com/sovereign/sovereign/pull/504	8 years ago
Carl Meyer	b93deb9411	Remove stray + prefix in sudoers file.	8 years ago
Allen Riddell	a77f9b95ad	Replace deprecated sudo_user with become_user The ``sudo`` and ``sudo_user`` directives are replaced with ``become`` and ``become_user`` in Ansible 1.9.	8 years ago
Mike Ashley	3d4987c4e2	Use a more descriptive name for cert generation script	8 years ago
Mike Ashley	a38f4e08d3	Force download of letsencrypt release The installer automatically updates itself, which registers as a change in the git repo. To maintain idempotency of the task list, the repo download must be forced.	8 years ago
Mike Ashley	5385badd49	Correct bug in SSL cert setup for test environment	8 years ago
Mike Ashley	bc5bfa4b21	Determine registered subdomains at deploy-time for LE	8 years ago
Mike Ashley	2ad6f78e45	Address incomplete chain error Fix Apache's configuration for version 2.4.8 and above. See https://community.letsencrypt.org/t/untrusted-on-mobile-newbe/7903	8 years ago
Mike Ashley	58e9e7a445	Add a short introduction to Let's Encrypt	8 years ago
Mike Ashley	86048ee397	Update prosody to use LE certs directly Don't copy the LE certificates. Instead use the ssl-cert group to manage access to the LE certificates directly. See https://github.com/letsencrypt/letsencrypt/issues/1425 for a request to have the LE client do this itself.	8 years ago
Mike Ashley	1746afcc3a	Arrange automated tests to not use Let's Encrypt	9 years ago
Mike Ashley	8f1b6a9ed8	Arrange for services to restart on cert renewal	8 years ago

First Previous 1 2 3 4 Next Last

195 Commits (0ecd31c1594ea54f1f58e94af5486a2b24d37867)