sovereign

Autor	SHA1	Mensagem	Data
maxbachmann	4f3d1e415f	Update security.yml	5 anos atrás
Thomas Buck	8b83bd66b1	Properly setup hostname	5 anos atrás
Thomas Buck	5684f3c673	Install fail2ban with IPv6 support from stretch-backports (Debian 9).	5 anos atrás
Thomas Buck	72cb7a3d23	letsencrypt cert folder should stay with ssl-cert group	5 anos atrás
Thomas Buck	bad2e4f9a1	Add tmux to common programs. Generate german locale. Remove unneeded empty lines.	5 anos atrás
Thomas Buck	04ba7ad539	Added Fathom statistics tracker to blog task	5 anos atrás
Thomas Buck	4cf67e7aed	Explicitly install postgres-9.6 and fix monit pid-file location for it.	5 anos atrás
Thomas Buck	f34c0c827f	Typo in common apache config, file actually ends with .conf	5 anos atrás
Thomas Buck	c41cd737fd	Support multiple domains for letsencrypt	5 anos atrás
Thomas Buck	1b7628c756	Install ACL so newer ansible versions can properly upload scripts from and for unprivileged users.	5 anos atrás
Thomas Buck	c71c6d8559	Use new style of calling apt in ansible	5 anos atrás
Thomas Buck	472dd068c2	Remove unneeded testing / vagrant stuff.	5 anos atrás
Thomas Buck	31afcaa7b9	Remove encfs and call directory data instead of decrypted	5 anos atrás
Thomas Buck	183b80da8d	Remove Google Authenticator / Two-Factor Authentification	5 anos atrás
Óscar Nájera	8f0cc14f76	Fix: Ansible uses the value present in apt module state parameter	6 anos atrás
Bryan Voss	128b7e63a2	Update for Debian 9	7 anos atrás
Ndubisi Nwaku	55770977da	Add group name ssl-cert for SSL certificates	7 anos atrás
Aleksandr Bogdanov	cdc0d3fb4e	Fixing encfs shell invocation for ansible 2 compatibility	7 anos atrás
Óscar Nájera	0635815b52	Ensure en_US.UTF-8 locale is present	7 anos atrás
Wolfgang Steitz	3a42d15850	setup posgres within the common role Postgres is used by several roles, but the setup is currently part of the 'mailserver' role. By moving it to 'common', it's possible to disable the mailserver without breaking the others.	8 anos atrás
Mike Ashley	0e7adf6e3a	Fix bug exposed by commit 264c232b (#572) The `private_key` variable used to check for changes was never registered.	8 anos atrás
Simon Schoeters	264c232bbf	Remove duplicate when statement in Let's Encrypt task While adding the Let's Encrypt offline testing block in 1746afcc we accidentially duplicated a the 'when' statement. Ansible only looks at the last when statement for a given block meaning the earlier one has no use. This commit merges both lines in one.	8 anos atrás
Dosenpfand	f2c14dd911	Remove unneeded/deprecated apache configuration	8 anos atrás
Tomas Bedrich	899f527ca3	Updated LE renewal hook system	8 anos atrás
Tomas Bedrich	9786230808	Changed LE-renew cron frequency	8 anos atrás
Mike Ashley	3d68705341	Add leading 0 to octal file permissions This is done to suppress warnings from ansible-lint.	8 anos atrás
Carl Meyer	a343509129	No need for letsencrypt.yml to ensure Apache is running.	8 anos atrás
Carl Meyer	a5f3ec17c1	Workaround bug with enabling SysV scripts on Jessie.	8 anos atrás
Carl Meyer	c3c2cbf096	Don't bounce Apache unless we actually need to.	8 anos atrás
Carl Meyer	cc4b3d6fef	Don't request a new LE cert if we have one already.	8 anos atrás
Carl Meyer	3009c9d2d3	Fix changed-reporting for LE deps installation.	8 anos atrás
Carl Meyer	e8796ecd28	Idempotent and independent post-certificate-renewal tasks.	8 anos atrás
Allen Riddell	a77f9b95ad	Replace deprecated sudo_user with become_user The ``sudo`` and ``sudo_user`` directives are replaced with ``become`` and ``become_user`` in Ansible 1.9.	8 anos atrás
Mike Ashley	3d4987c4e2	Use a more descriptive name for cert generation script	8 anos atrás
Mike Ashley	a38f4e08d3	Force download of letsencrypt release The installer automatically updates itself, which registers as a change in the git repo. To maintain idempotency of the task list, the repo download must be forced.	8 anos atrás
Mike Ashley	5385badd49	Correct bug in SSL cert setup for test environment	8 anos atrás
Mike Ashley	bc5bfa4b21	Determine registered subdomains at deploy-time for LE	8 anos atrás
Mike Ashley	86048ee397	Update prosody to use LE certs directly Don't copy the LE certificates. Instead use the ssl-cert group to manage access to the LE certificates directly. See https://github.com/letsencrypt/letsencrypt/issues/1425 for a request to have the LE client do this itself.	8 anos atrás
Mike Ashley	1746afcc3a	Arrange automated tests to not use Let's Encrypt	8 anos atrás
Mike Ashley	8e1d473027	Use Let's Encrypt for generating site certificates This method uses Subjective Alternative Names (SANs) to get one certificate for all the subdomains that Sovereign employs, whether or not the user configured their site with the roles.	8 anos atrás
Mike Ashley	7f46129a4c	Remove use of wildcard certificate	8 anos atrás
Mike Ashley	195d8811fc	Remove references to Trusty and Wheezy Make a clean distinction between Debian 7 and Debian 8. Anticipate the next Ubuntu LTS release (Xenial) that is planned for support.	8 anos atrás
Mike Ashley	d3abc02f84	Clean up Apache SSL configuration Avoid using the Include directive. Move most of the SSL configuration to the global configuration and leave enabling the SSL engine to each virtual host that wants to use it.	8 anos atrás
Sebastian Kriems	fe536873b7	ufw tasks shall have the ufw tag resolves #453 Conflicts: roles/common/tasks/ufw.yml	8 anos atrás
Dan Milon	829c8491c7	restart apache on SSL changes	9 anos atrás
Dan Milon	a5c6f663ce	properly install changed SSL certificate	9 anos atrás
Sven Neuhaus	d59c5eff05	Generate 2048 DH group and add it to Postfix	9 anos atrás
Dan Milon	2fb7cfa7c9	Add SSL stapling cache for apache Fixes #406	9 anos atrás
Laurent Arnoud	1419c4e26e	Use common_timezone and fix idempotence Thanks-to: 8e693b3db3 Conflicts: roles/common/tasks/main.yml	9 anos atrás
Sebastian Kriems	968abba197	ufw tasks shall have the ufw tag resolves #453	8 anos atrás

Primeira Anterior 1 2 3 Próximo Última

134 Commits (4f3d1e415f563f285b4aaf201069292541d5cd50)