Laurent Arnoud
311fae7e11
Trailing whitespace
9 years ago
Laurent Arnoud
3b8f15b745
Added whois for fail2ban report
Report will print: "missing whois program"
9 years ago
Will McCutchen
1be1afe1ff
Disable SSL stapling on wheezy
9 years ago
Will McCutchen
16b66cc849
Define apache SSL config in one place
9 years ago
Alex Payne
72a19d8c19
Note issue with dollar signs in encfs password. Resolves #392 .
9 years ago
Alex Payne
26d61c68a8
Implement OpenDMARC. Resolves #369 .
9 years ago
Alex Payne
e0c5ef0378
Update README.md
9 years ago
Alex Payne
215b1e8168
Merge pull request #393 from moul/master
Tagged 'deps' aptitude tasks
9 years ago
Manfred Touron
16c93ea486
Using more verbose 'dependencies' tag (#393 )
9 years ago
Manfred Touron
a6dcb1c1a4
Added note in README.md
9 years ago
Manfred Touron
b49f3a6586
Tagged 'deps' aptitude tasks
9 years ago
Sven Neuhaus
c28c55108b
Merge pull request #391 from iboxifoo/patch-1
Update dovecot version from wheezy backports
9 years ago
John Rogerson
f72e1d2350
Update dovecot version from wheezy backports
For correct implementation of the fix for logjam attack (https://github.com/sovereign/sovereign/pull/372 ), state=latest is needed to grab sufficient version of Dovecot. If not then 37aa7e2cb5 doesn't work.
9 years ago
Alex Payne
7077c5cdcb
Merge pull request #389 from neuhaus/norc4
Use "modern" SSLCipherSuite per Mozilla recommendations.
9 years ago
Sven Neuhaus
41c9779eb9
Explicitly use SHA256 for openssl (not SHA1)
9 years ago
Sven Neuhaus
a088d9c456
Use "modern" SSLCipherSuite per Mozilla recommendations.
See https://wiki.mozilla.org/Security/Server_Side_TLS for details.
Removes RC4 cipher. Fixes issue #341 .
Also explicitly disabled SSLCompression and enables OCSP stapling.
We should put all these settings in
/etc/apache2/mods-enabled/ssl.conf
to avoid duplication...
9 years ago
Sven Neuhaus
c898aa98d6
Install postgresql 9.4, 9.3 or 9.1 if available
(on Debian Jessie, Ubuntu Trusty or older distributions such as
Debian Wheezy and Ubuntu Precise).
9 years ago
Sven Neuhaus
edf65c530a
Install lua-sec-prosody package on Debian Wheezy and Ubuntu Precise
This is the updated version from the prosody repository because
these distributions have an old version of the lua-sec package
that lacks PFS and other features. Second commit for issue #285 .
9 years ago
Sven Neuhaus
e542de0a5c
Update Debian base box to Debian 7.8
9 years ago
Sven Neuhaus
570bebac70
wheezy: need librrd2-dev from backports to be compatible with dovecot
9 years ago
Sven Neuhaus
a849a49f37
Fix: Files shouldn't be owned or writeable by httpd unless necessary.
9 years ago
Sven Neuhaus
20d3014f00
Merge pull request #386 from spk/remove-duplicate-unattended-upgrades
Installation of package unattended-upgrades was listed twice.
9 years ago
Sven Neuhaus
8b5ed21e38
use wheezy-backports for dspam and solr packages on wheezy
relates to pull request #372
9 years ago
Laurent Arnoud
353e69d299
Remove duplication with items unattended upgrades
9 years ago
Sven Neuhaus
b0c8ab978a
Update CONTRIBUTING.md
added details about the license and the supported distributions.
9 years ago
Alex Payne
34448d5d34
install Dovecot from wheezy-backports on wheezy, specifying default_release
9 years ago
Alex Payne
5222776e34
install Dovecot from wheezy-backports on wheezy, specifying default_release
9 years ago
Alex Payne
c3afbc3b46
install Dovecot from wheezy-backports on wheezy. resolves #372
9 years ago
Luke Cyca
64c8b20559
Merge pull request #381 from neuhaus/patch-2
fix link to build status
9 years ago
Sven Neuhaus
20b0d0394e
show build status for jessie branch while we're on it
9 years ago
Sven Neuhaus
035e19e0f6
fix link to build status
9 years ago
Alex Payne
a6afd2395d
Updated README. Adding AUTHORS, CONTRIBUTING, and LICENSE documents.
Reflects the move to the `sovereign` GitHub organization.
9 years ago
Alex Payne
d64b71e383
Add nose to requirements.txt
9 years ago
Alex Payne
151e0e55b6
Vagrant boxes for Jessie, latest Trusty. Formatting.
9 years ago
Alex Payne
cd8bee604a
Formatting
9 years ago
Alex Payne
a6a06639ac
Latest Ansible in requirements.txt
9 years ago
Alex Payne
8450e059e1
Merge pull request #377 from Yannik/patch-1
remove duplicate options which are already specified in main.cf
9 years ago
Alex Payne
0ccfb6dfb0
Merge pull request #376 from spk/common-packages-safety
Add molly-guard and unattended-upgrades as common pkgs
9 years ago
Laurent Arnoud
89d47731ff
Add molly-guard and unattended-upgrades as common pkgs
9 years ago
Yannik
7c5d1c2261
remove duplicate options which are already specified in main.cf
9 years ago
Alex Payne
5f192bd5bb
Merge pull request #372 from neuhaus/patch-1
Dovecot: Fix for logjam attack
9 years ago
Alex Payne
27cc1a5ff0
Merge pull request #371 from Reprazent/bvl-newebe-tag
Add a tag for newebe, so it can be installed separately
9 years ago
Sven Neuhaus
37aa7e2cb5
Dovecot: Fix for logjam attack
9 years ago
Bob Van Landuyt
211b95189e
Add a tag for newebe, so it can be installed separately
Added a tag for newebe in a similar style to the other roles.
9 years ago
Alex Payne
ae1e6c64f0
Merge pull request #366 from poops/master
adds deploy user to sudoers
9 years ago
brandon paolin
b96b9e6c80
adds deploy user to sudoers
9 years ago
Alex Payne
1a96a87374
Ubuntu Trusty gets postgresql-9.3.
Resolves #363 .
9 years ago
Alex Payne
177ac9222b
Affix Postgres to version 9.1.
Addresses #362 .
9 years ago
Alex Payne
3eff916b3e
Further document what to do on reboot.
Addresses #361 .
9 years ago
Alex Payne
3ff928c762
Merge pull request #339 from fengor/master
More secure defaults for ssh.
9 years ago