110 Commit (1011d7686617225d7f1e0977c9d56bd9e7d6d207)

Autore SHA1 Messaggio Data
  Mike Ashley d3abc02f84 Clean up Apache SSL configuration 9 anni fa
  fengor e63661f982 Added "UseRoaming no" to ssh.config to fix OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778 9 anni fa
  Sebastian Kriems fe536873b7 ufw tasks shall have the ufw tag 9 anni fa
  Dan Milon 829c8491c7 restart apache on SSL changes 9 anni fa
  Dan Milon a5c6f663ce properly install changed SSL certificate 9 anni fa
  Sven Neuhaus d59c5eff05 Generate 2048 DH group and add it to Postfix 9 anni fa
  Dan Milon 2fb7cfa7c9 Add SSL stapling cache for apache 9 anni fa
  Laurent Arnoud 1419c4e26e Use common_timezone and fix idempotence 9 anni fa
  Alex Payne 0579cf1ba9 Use same Apache server name configuration across distros 9 anni fa
  Alex Payne 290a3b4312 Remove wheezy-specific Apache SSL config omission 9 anni fa
  Alex Payne 474c1d5f92 No longer need `fuse` group in Jessie. 9 anni fa
  Alex Payne 6906412f63 Remove wheezy-specific ufw task. 9 anni fa
  Alex Payne 6d1eebb9d2 Use Ansible task names, not comments. 9 anni fa
  Alex Payne c9b32cd2e2 Same Google auth install should work for both Jessie and Trusty. 9 anni fa
  Alex Payne 006f8e9b82 Just plain Ruby 9 anni fa
  Laurent Arnoud a09e2e71c1 tar used in place of unarchive module 9 anni fa
  Laurent Arnoud 311fae7e11 Trailing whitespace 9 anni fa
  Laurent Arnoud 3b8f15b745 Added whois for fail2ban report 9 anni fa
  Will McCutchen 1be1afe1ff Disable SSL stapling on wheezy 9 anni fa
  Will McCutchen 16b66cc849 Define apache SSL config in one place 9 anni fa
  Manfred Touron 16c93ea486
Using more verbose 'dependencies' tag (#393) 9 anni fa
  Manfred Touron b49f3a6586 Tagged 'deps' aptitude tasks 9 anni fa
  Laurent Arnoud 353e69d299 Remove duplication with items unattended upgrades 9 anni fa
  Laurent Arnoud 89d47731ff Add molly-guard and unattended-upgrades as common pkgs 9 anni fa
  Alex Payne b11fb68559 Automatically set up passwordless sudo for deploy user. 9 anni fa
  Aleksandr Bogdanov a849948e8d Choosing the closest ubuntu mirror before anything else 10 anni fa
  Sven Neuhaus ae58053653 Create /decrypted directory even if encfs is not used. 9 anni fa
  Sven Neuhaus d5217ea1cd Create main user without "fuse" group, instead add it later as part 9 anni fa
  Marius Voila b13ab39f11 cleaning security.yml 10 anni fa
  fengor 7ed46f590c renamed templates to be consistent with coding standard. 10 anni fa
  Marius Voila ec69fef60c removed old template 10 anni fa
  Marius Voila 2ae2c3683c removed template and implemented logic 10 anni fa
  fengor 2fd1e1b722 readded google authenticator lines 10 anni fa
  fengor 224e8cb339 Setting timezone to UTC 10 anni fa
  fengor 39566abb6c More secure defaults for ssh. 10 anni fa
  Marius Voila 67e1bf0fc3 fail2ban support for Trusty 10 anni fa
  Marius Voila e62bd7c71a fail2ban support for Trusty 10 anni fa
  Anthony Perez-sanz cdf9ed07bb Enable UFW after setting firewall rules 10 anni fa
  Lorenzo Villani 5d1090d488 Make sure fail2ban is started 10 anni fa
  Lorenzo Villani d5ecf673d3 Calm OCD by sorting almost every with_items block in alphabetical order 10 anni fa
  Lorenzo Villani e7703d0d9c Add support for Apache 2.4 on Ubuntu 14.04 10 anni fa
  Lorenzo Villani e2e61a2f76 Install 'fuse' instead of 'fuse-utils' 10 anni fa
  Sven Neuhaus 63ba754eb7 libpam-google-authenticator uses distribution package on Ubuntu 14.04 10 anni fa
  Gelnior 7995bac36c put back enc.fs (removed by mistake) 10 anni fa
  Gelnior bd57edd5a5 newebe config: fix Newebe config file task 10 anni fa
  Justin Plock 1d7986fd96 Enable UFW and deny everything by default 10 anni fa
  Justin Plock ea0b288818
Moved ufw firewall rules into individual roles 10 anni fa
  Justin Plock ed75c9469b
libpam-dev didn't exist for some people so switching to libpam0g-dev instead 10 anni fa
  Justin Plock e88fb57cba
Skip the google authenticator generation if we're running as vagrant. Vagrant can't sudo to the sovereign test user so this won't work. 10 anni fa
  Justin Plock 2d751ab680
The .google_authenticator file has to be generated by the user that is going to attempt to use it. Also, -W doesn't seem to work (results an in INVALID_WINDOW error in /var/log/auth.log), so use -w 1 to allow for a single concurrent token 10 anni fa