Mike Ashley
17bb355dfd
Add default sieve filter to roundcube
hace 8 años
Mike Ashley
ed5b451c39
Add a few plugins to roundcube install
- managesieve :: this allows sieve filters to be edited through a
brower
- twofactor_gauthenticator :: allow optional two-factor authentication
when logging into webmail
- carddav :: sync ownCloud contacts with roundcube
hace 8 años
Mike Ashley
959e893862
Create webmail role that installs Roundcube
hace 8 años
Mike Ashley
a8807afb04
Copy Roundcube configuration file
Baseline the configuration file distributed Roundcube 1.4.1 before
modification for sovereign.
hace 8 años
Mike Ashley
0eb4cda07a
Update mailserver role for rmilter change
The rmilter package changed the name of its listener service similar to
what was done for rspamd (see commit 2dbc976b ).
hace 8 años
Tomas Bedrich
2dbc976b99
Updated rspamd service name
hace 8 años
Allen Riddell
c1511c057f
Remove unnecessary defaults from openvpn certificate
hace 8 años
Dosenpfand
9697cbe6b3
Silence letsencrypt cron output unless there is an error
hace 8 años
Tomas Bedrich
7a399d45ca
Fix SSH connections to Github
hace 8 años
Mike Ashley
0e7adf6e3a
Fix bug exposed by commit 264c232b (#572 )
The `private_key` variable used to check for changes was never
registered.
hace 8 años
Simon Schoeters
264c232bbf
Remove duplicate when statement in Let's Encrypt task
While adding the Let's Encrypt offline testing block in 1746afcc we
accidentially duplicated a the 'when' statement. Ansible only looks at
the last when statement for a given block meaning the earlier one has no
use. This commit merges both lines in one.
hace 8 años
Mike Ashley
97b11e3953
Eliminate need for access_compat module in Apache
The directives provided by `mod_access_compat` are deprecated. This
patch eliminates references to them.
hace 8 años
Mike Ashley
166c57f045
Use submission port for client outgoing email
Currently client email is submitted via ssmtp (port 465). This has been
deprecated for years. The correct way to submit email is via
submission (port 587).
This patch adds port 587 as a second and the default way of submitting
email for delivery. Port 465 remains open for backwards compatibility
with existing clients.
hace 8 años
Mike Ashley
b00b93a85b
Add missing configuration variable for ircbouncer
hace 8 años
Sharif Nassar
73c30c313b
VPN - enforce TLS min version on the client
hace 8 años
Allen Riddell
19ff4c5958
Add readlater/wallabag default vars to role
hace 8 años
Allen Riddell
712ea7aee2
news role: add missing restart apache handler
hace 8 años
Allen Riddell
4339192052
Add news/selfoss default vars to role
hace 8 años
Allen Riddell
9067f4cc27
Add git role default vars to role
hace 8 años
Allen Riddell
86bc3ab073
Add tarsnap default vars to role
hace 8 años
Allen Riddell
ab9ebd6e5c
Add owncloud default vars to role
hace 8 años
Allen Riddell
9e71d9067f
Add openvpn default vars to role
hace 8 años
Allen Riddell
98cb6dd610
Add prosody/xmpp default vars to role
hace 8 años
Allen Riddell
f31ac23001
Add monitoring default vars to role
hace 8 años
Allen Riddell
ca6eb2d85b
Add mailserver default vars to role
hace 8 años
Allen Riddell
9f34027d8b
Add common default vars to role
hace 8 años
Allen Riddell
e95caea06c
common: use password lookup to generate passwords
See https://docs.ansible.com/ansible/playbooks_lookups.html
hace 8 años
Dosenpfand
f2c14dd911
Remove unneeded/deprecated apache configuration
hace 8 años
Tomas Bedrich
899f527ca3
Updated LE renewal hook system
hace 8 años
Tomas Bedrich
9786230808
Changed LE-renew cron frequency
hace 8 años
Tomas Bedrich
e08acd2deb
Simplified LE renew script
hace 8 años
Carl Meyer
60855eda70
Fix typo in fail2ban config for dovecot.
hace 8 años
Mike Ashley
2243dd73a4
Remove unnecessary ownCloud configuration
The ownCloud configuration file does not get touched. The virtual host
configuration is modified by sovereign but can be updated in place and
Apache restarted.
hace 8 años
Mike Ashley
3d68705341
Add leading 0 to octal file permissions
This is done to suppress warnings from ansible-lint.
hace 8 años
Mike Ashley
4a33ebecdc
Add non-interactive to LE client options
Depending on when the client is run, there are no certificates to
update. By default, the client runs in interactive mode and wants to
notify the user of this. This causes Ansible to hang waiting for an
acknowledgement that will never come. Adding the non-interactive flag
fixes this.
hace 8 años
Carl Meyer
2737b16477
Use postgresql_user module for configuring PG admin user in owncloud role.
hace 8 años
Carl Meyer
a343509129
No need for letsencrypt.yml to ensure Apache is running.
hace 8 años
Carl Meyer
579afa68d3
Add comment into letsencrypt-gencert script clarifying why we stop Apache.
hace 8 años
John Giannelos
0b62ed998b
Add directories to allow persistent znc user/modules configuration.
hace 8 años
John Giannelos
66cc560281
Fix monitoring config for apache/postgresql.
hace 8 años
Carl Meyer
0abf92734e
Don't stop Apache until we have to; start it again right after.
hace 8 años
Carl Meyer
a636a43948
Don't try to execute any non-executable file in LE postrenew dir.
hace 8 años
Carl Meyer
619eac6534
Adjust comment for clarity.
hace 8 años
Carl Meyer
15cff22f14
Workaround bug with enabling SysV init scripts in Jessie, for collectd.
hace 8 años
Carl Meyer
d46a9c47ef
Idempotency/changed-reporting fixes for OpenDMARC tasks.
hace 8 años
Carl Meyer
7e817bfae6
Encrypt Postgres passwords, and fix change-reporting.
hace 8 años
Carl Meyer
a5f3ec17c1
Workaround bug with enabling SysV scripts on Jessie.
hace 8 años
Carl Meyer
c3c2cbf096
Don't bounce Apache unless we actually need to.
hace 8 años
Carl Meyer
cc4b3d6fef
Don't request a new LE cert if we have one already.
hace 8 años
Carl Meyer
3009c9d2d3
Fix changed-reporting for LE deps installation.
hace 8 años