http://ahbl.org/content/changes-ahbl

Fixes #232

fixes #156 by adding the -L flag, as suggested by @ventolin

Checks if the exact version of Tarsnap is already installed and, if so,
skips the download and build steps.

To bring this certificate in line with how those in ssl.yml are managed.

  profiles

  * The role now generates .ovpn profiles with embedded CA, certificate,
    key, and HMAC firewall key information. These .ovpn profiles are
    compatible with OpenVPN for iOS and Android, and only a single file
    needs to be transferred to your mobile device.

  * Added explicit route information to the .ovpn profile

This reverts commit 703d356492.

Data loss will occur if backing up postgresql while it runs. A simple
fix is to stop it during the backup. I've moved the backup to early
morning to reduce possible downtime.

A better approach would be to use pg_dump.

The previous behaviour relied on managesieve copying over the
.dovecot.sieve file into the user's directory. I found this to be
particularly fragile. For instance, re-deploying roundcube without
dovecot could overwrite the .dovecot.sieve symlink and break
managesieve.

A better approach is to use the global sieve configuration that
roundcube provides and not mess with dovecot's files directly.

Properly behaving websites should 301 redirect the naked domain.

This prevents timeouts when trying to sync very large mailboxes. By
default, z-push attempts to get headers for all messages in a folder.

String-valued variables containing spaces can be substituted into an ansible
tasks file but they will not be interpreted correctly.

I had a # in my mail_db_password and spent the last 2 hours trying to figure out why I couldn't connect by IMAP. A # is only allowed if the connect string is wrapped in quotes.