sovereign

Author	SHA1	Message	Date
Pavel Karoukin	9df8d06f2c	Make /decrypted/roundcube writeable by www-user The directory `/decrypted/roundcube` is not writeable by the user `www-data`. This leads to "unable to connect to the database" errors from roundcube on new installs. This patch corrects the problem.	8 years ago
Mike Ashley	ebddb05fb4	Fix outgoing mail port configuration in webmail role	8 years ago
Mike Ashley	0bf32f2ce1	Add design document for webmail role	8 years ago
Mike Ashley	17bb355dfd	Add default sieve filter to roundcube	8 years ago
Mike Ashley	ed5b451c39	Add a few plugins to roundcube install - managesieve :: this allows sieve filters to be edited through a brower - twofactor_gauthenticator :: allow optional two-factor authentication when logging into webmail - carddav :: sync ownCloud contacts with roundcube	8 years ago
Mike Ashley	959e893862	Create webmail role that installs Roundcube	8 years ago
Mike Ashley	a8807afb04	Copy Roundcube configuration file Baseline the configuration file distributed Roundcube 1.4.1 before modification for sovereign.	8 years ago
Mike Ashley	05d125681f	Remove webmail role Roundcube is not available on Jessie except in backports. This role is also out of date and needs reviewed and updated for the release included in backports. Roundcube could alternatively be installed from source as recommended by the maintainers.	8 years ago
Mike Ashley	195d8811fc	Remove references to Trusty and Wheezy Make a clean distinction between Debian 7 and Debian 8. Anticipate the next Ubuntu LTS release (Xenial) that is planned for support.	8 years ago
Alex Payne	ecaa4c2330	Partially working Rspamd replacement for dspam	9 years ago
Alex Payne	cea968d5ae	Only install Roundcube on Trusty for now, since there's no Jessie package. Not awesome. We need a better alternative, ideally one with a better security stance.	9 years ago
Laurent Arnoud	ad22aed4cc	rm used in place of argument state=absent to file module	9 years ago
Laurent Arnoud	343db8edea	Git checkouts must contain explicit version	9 years ago
Laurent Arnoud	a09e2e71c1	tar used in place of unarchive module	9 years ago
Laurent Arnoud	311fae7e11	Trailing whitespace	9 years ago
Will McCutchen	16b66cc849	Define apache SSL config in one place	9 years ago
Manfred Touron	16c93ea486	Using more verbose 'dependencies' tag (#393)	9 years ago
Manfred Touron	b49f3a6586	Tagged 'deps' aptitude tasks	9 years ago
Sven Neuhaus	a088d9c456	Use "modern" SSLCipherSuite per Mozilla recommendations. See https://wiki.mozilla.org/Security/Server_Side_TLS for details. Removes RC4 cipher. Fixes issue #341. Also explicitly disabled SSLCompression and enables OCSP stapling. We should put all these settings in /etc/apache2/mods-enabled/ssl.conf to avoid duplication...	9 years ago
Aleksandr Bogdanov	2b9c722ed9	Enabling php5-mcrypt for roundcube, as it is not by default	10 years ago
Mike Ashley	0b164bd904	Correct whitespace error	10 years ago
Sven Neuhaus	925d67988b	Do not add wheezy backports on Ubuntu	10 years ago
Sven Neuhaus	4201f0b182	Update roundcube.yml	10 years ago
Sven Neuhaus	53ede6e37a	roundcube install from wheezy backports or Ubuntu main Make change to install roundcube from wheezy backports on Debian 7 work with Ubuntu 14.04	10 years ago
Mike Ashley	e4c3c8a288	Update roundcube role to use backport - Added backports to apt configuration. - Updated roundcube task to use the roundcube backport. - Updated roundcube's main.inc.php configuration file to use the one included in the backport distribution. Migrated configuration parameters from the existing configuration file except in cases where it looked like the Roundcube team was changing defaults that were not touched by Sovereign's configuration. I may have gotten some wrong; needs review by Sovereign maintainer.	10 years ago
Patrick O'Doherty	6f6fc6a90f	Disable SSLv3 in all Apache vhosts	10 years ago
Alex Payne	4d8ed34b47	Accept hostkey for all GitHub repos. Resolves #266.	10 years ago
Lorenzo Villani	d5ecf673d3	Calm OCD by sorting almost every with_items block in alphabetical order	10 years ago
Sven Neuhaus	0a164d519f	Fix syntax for "removes" options	10 years ago
Sven Neuhaus	ab614fd70a	Added rules for dealing with old virtualhost files in /etc/apache2/sites-available and old (dangling) symlinks in /etc/apaches/sites-enabled. Also, remove unnecessary apache2 restart after creating a new virtualhost but not yet enabling it.	10 years ago
Sven Neuhaus	22f6228758	Make the .conf change backward compatible I guess the .conf appendix is a change introduced in apache 2.4. This change should make it backward compatible with apache 2.2.	10 years ago
Sven Neuhaus	67a9ce43bd	apache roundcube: Wrong ownership and filename On Ubuntu 14.04 LTS, a2ensite automatically appends ".conf" to the filename it looks for in /etc/apache2/sites-available/ Therefore, the file "/etc/apache2/sites-available/roundcube" must be renamed to "/etc/apache2/sites-available/roundcube.conf". Security issue: This file must be owned by root, otherwise it is a huge security issue (User www-data could modify the file and get root at next restart of apache).	10 years ago
Justin Plock	408d83341f	Add a 2FA plugin for Roundcube (fixes #201)	10 years ago
Justin Plock	8928993772	The group and mode of debian-db.php need to be readable by apache	10 years ago
Justin Plock	00b263608e	Properly generate a PHP /etc/roundcube/debian-db.php file	10 years ago
Justin Plock	c3b1362e78	Ignore carddav database errors	10 years ago
Justin Plock	1bd900bfae	Properly set the roundcube database password	10 years ago
Justin Plock	057a8c8872	Properly reconfigure the roundcube database and import the carddav tables	10 years ago
Justin Plock	bd9b22f603	Import carddav database schema. I'm unable to run this against the vagrant VM as the webmail_db_password seems to be automatically generated.	10 years ago
Justin Plock	d3499da52e	Safer symlink creation and downloaded file removal	10 years ago
Justin Plock	876b81a1a7	Install the carddav plugin so owncloud contacts can be used (fixes #154)	10 years ago
James Ravn	6ec6a6d03f	Uses global roundcube sieve configuration option The previous behaviour relied on managesieve copying over the .dovecot.sieve file into the user's directory. I found this to be particularly fragile. For instance, re-deploying roundcube without dovecot could overwrite the .dovecot.sieve symlink and break managesieve. A better approach is to use the global sieve configuration that roundcube provides and not mess with dovecot's files directly.	10 years ago
Shawn Sorichetti	da1b1ad685	Change database to PostgreSQL Remove all configuration for MySQL and configure PostgreSQL as the main database. All _mysql_ options have been changed to _db_ options. Postgres requires the database user to have a password in order to connect via localhost. The db_admin_password option is used to set the password of the admin user (usually postgres).	11 years ago
Alex Payne	f7f7157cec	more updated variable formatting and accommodation of the YAML parser being a fussbudget	11 years ago
PajamaSoft	54648a8f39	Enable Roundcube's managesieve plugin or server-side filters These are the changes necessary to enable Roundcube's manage sieve plugin to mange server-side sieve filters. Signed-off-by: PajamaSoft <support@pajamasoft.com>	11 years ago
Luke Cyca	2f145ce543	Two small apache-related fixes	11 years ago
Luke Cyca	37a0400c22	Standardize apache’s 301 redirect to https, and enable HSTS	11 years ago
Greg Karékinian	58dddc55d1	Remove variables from roles Refs #39	11 years ago
Greg Karékinian	894808b50c	Fix trailing whitespace	11 years ago
Bruno Dupuis	c1ceae3e2a	added rouncube webmail	11 years ago

First Previous 1 2 Next Last

52 Commits (6064b93c85c565d59e4c9d34cc41098cd9854e0f)