Mike Ashley
1011d76866
Fix systemd configuration of OpenVPN server
The server was not starting. As a result, the dnsmasq service failed to
start, and the playbook thus failed to run when using the vpn role.
This patch corrects the configuration per instructions from
https://help.ubuntu.com/community/OpenVPN.
OpenVPN PAM configuration moved up to reduce server bouncing as the
playbook runs. The dependency on service (re)starts between openvpn and
dnsmasq works but feels brittle.
8 years ago
Mike Ashley
4afa3c97b0
Use systemd service unit configuration for ZNC
8 years ago
Mike Ashley
5647fe0d6d
Correct znc monitoring task list
8 years ago
Mike Ashley
e29be39280
Correct typo
8 years ago
Mike Ashley
b9eb9ef9bb
Fix znc configuration
The znc package installs the client but does not set it up as a
service. This patch restores the service configuration that
was done on wheezy/trusty.
8 years ago
Mike Ashley
b8f030eb48
Merge tomcat changes to default configuration
Take changes to the tomcat6 default configuration and apply to tomcat7
configuration. This was done by review of the diff between sovereign's
tomcat6 configuration and the default tomcat7 configuration.
8 years ago
Mike Ashley
ae6d97a4b6
Match tomcat version to solr
The package solr installs and uses tomcat7. Installing tomcat8 appears
to be a mistake for Debian Jessie.
8 years ago
Mike Ashley
d3abc02f84
Clean up Apache SSL configuration
Avoid using the Include directive. Move most of the SSL configuration
to the global configuration and leave enabling the SSL engine to each
virtual host that wants to use it.
9 years ago
Carl Meyer
3265e77865
Update rspamd repository to the official one.
8 years ago
fengor
e63661f982
Added "UseRoaming no" to ssh.config to fix OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778
see: http://undeadly.org/cgi?action=article&sid= 2016011414
9 years ago
Sebastian Kriems
fe536873b7
ufw tasks shall have the ufw tag
resolves #453
Conflicts:
roles/common/tasks/ufw.yml
9 years ago
Dan Milon
829c8491c7
restart apache on SSL changes
9 years ago
Dan Milon
a5c6f663ce
properly install changed SSL certificate
9 years ago
Justin Plock
833cd92d02
Ensure the config.ini is readable by www-data
9 years ago
Sven Neuhaus
d59c5eff05
Generate 2048 DH group and add it to Postfix
9 years ago
Filipp Frizzy
7cb76741e7
update openvpn server config
Change default network buffer size
Should increase tcp tunnel speed for openvpn < 2.3.9
https://community.openvpn.net/openvpn/ticket/461
9 years ago
Dan Milon
97e996b225
Configure logrotate permissions for selfoss
9 years ago
Allen Riddell
3346c4aede
Remove reference to Google's DNS servers
Per discussion on #429 (after the merge). This project is about encouraging users to run services themselves and not rely on for-profit corporations such as Google.
9 years ago
Dan Milon
2fb7cfa7c9
Add SSL stapling cache for apache
Fixes #406
9 years ago
Allen Riddell
43f3840b3b
Comment copyediting
9 years ago
Filipp Frizzy
fc374682f6
up comments in openvpn config template
add additional comment about `tun-mtu` parameter in openvpn config template
9 years ago
Filipp Frizzy
3024d03552
comment out google dns in openvpn config template
9 years ago
Filipp Frizzy
da10178f4b
add new settings into openvpn config template
- google dns setting for client
- verb level
- mtu
- TLS settings
9 years ago
Mike Ashley
aa59a1a2f0
Correct special-casing of z-push Apache configuration
9 years ago
Reh Wanne
e7562d14d1
change auth to interna_hashed
because why the fuck not?
9 years ago
Laurent Arnoud
1419c4e26e
Use common_timezone and fix idempotence
Thanks-to: 8e693b3db3
Conflicts:
roles/common/tasks/main.yml
9 years ago
Stuart Read
e444efa2b4
Add jessie to special-casing for modern apache conf.d handling.
9 years ago
Stuart Read
22ef6be96e
Revert "Z-push apache config: Jessie also uses conf-available/conf-enabled"
This reverts commit 6b53da4bdc .
Using a different approach to maintain wheezy compatibility
9 years ago
Stuart Read
6b53da4bdc
Z-push apache config: Jessie also uses conf-available/conf-enabled
9 years ago
rokaz
70a1081a84
Fix typo in package name
9 years ago
rokaz
a8a0905738
Fix dependency for Solr
9 years ago
Alex Payne
b3dc1b00e9
Correct Tomact config file name.
9 years ago
Alex Payne
372f84473f
init.d -> systemctl
9 years ago
Alex Payne
69abd70297
Remove references to Debian 7
9 years ago
Alex Payne
2352d2d67e
OpenDMARC running under Postgres (?)
9 years ago
Alex Payne
7275a52ba6
Update to Tomcat 8
9 years ago
Alex Payne
34d537fcf2
Remove Dovecot installation for older distros
9 years ago
Alex Payne
2e966fe790
Don't need older Postgres anymore
9 years ago
Alex Payne
b674e0a669
Unified Solr installation across distros
9 years ago
Alex Payne
a6a3baa49b
Add the repo key for ownCloud under Jessie
9 years ago
Alex Payne
d7da63aced
Use same Prosody installation procedure across distros
9 years ago
Alex Payne
0579cf1ba9
Use same Apache server name configuration across distros
9 years ago
Alex Payne
290a3b4312
Remove wheezy-specific Apache SSL config omission
9 years ago
Alex Payne
474c1d5f92
No longer need `fuse` group in Jessie.
9 years ago
Alex Payne
ecaa4c2330
Partially working Rspamd replacement for dspam
9 years ago
Alex Payne
d998640087
formatting
9 years ago
Alex Payne
cea968d5ae
Only install Roundcube on Trusty for now, since there's no Jessie package.
Not awesome. We need a better alternative, ideally one with a better security stance.
9 years ago
Alex Payne
d010a0cda5
Formatting.
9 years ago
Alex Payne
76050eda6b
Newest Tarsnap.
Formatting the task names.
9 years ago
Alex Payne
ebe3562921
Clean up ownCloud for Jessie and Trusty
9 years ago