Mike Ashley
bf3b3cf53d
Document the design
Writing clarifies thinking and leaves behind guidance for future
maintainers. Design descriptions shouldn't be required, though,
especially for trivial modules.
9 years ago
Mike Ashley
e7817da0af
Consider README.md in the design checklist
9 years ago
Mike Ashley
fc28baf6b8
Make decisions
Users expect role authors to make decisions. The role author is
supposed to be the expert who knows what choices to make on behalf of
the user.
9 years ago
Mike Ashley
4609e82621
Consider testing in design
9 years ago
Mike Ashley
d7e71b268a
Updated contribution guidelines
I probably got this wrong, but I'm putting a stake in the ground based
on work I've done on the Roundcube module and adding Let's Encrypt
support to the common module.
Conflicts:
CONTRIBUTING.md
9 years ago
fengor
05cb26f239
reverting become change. become directive is only available in ansible 1.9.x and newer.
8 years ago
fengor
fec3fb279e
sudo directive was deprecated in ansible 1.9.x. Changed the entry to become directive to fix deprecation warnings.
8 years ago
fengor
e63661f982
Added "UseRoaming no" to ssh.config to fix OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778
see: http://undeadly.org/cgi?action=article&sid= 2016011414
8 years ago
Sebastian Kriems
fe536873b7
ufw tasks shall have the ufw tag
resolves #453
Conflicts:
roles/common/tasks/ufw.yml
9 years ago
Dan Milon
829c8491c7
restart apache on SSL changes
9 years ago
Dan Milon
a5c6f663ce
properly install changed SSL certificate
9 years ago
Justin Plock
833cd92d02
Ensure the config.ini is readable by www-data
9 years ago
Sven Neuhaus
d59c5eff05
Generate 2048 DH group and add it to Postfix
9 years ago
Filipp Frizzy
7cb76741e7
update openvpn server config
Change default network buffer size
Should increase tcp tunnel speed for openvpn < 2.3.9
https://community.openvpn.net/openvpn/ticket/461
9 years ago
Dan Milon
97e996b225
Configure logrotate permissions for selfoss
9 years ago
Allen Riddell
3346c4aede
Remove reference to Google's DNS servers
Per discussion on #429 (after the merge). This project is about encouraging users to run services themselves and not rely on for-profit corporations such as Google.
9 years ago
Dan Milon
2fb7cfa7c9
Add SSL stapling cache for apache
Fixes #406
9 years ago
Allen Riddell
43f3840b3b
Comment copyediting
9 years ago
Filipp Frizzy
fc374682f6
up comments in openvpn config template
add additional comment about `tun-mtu` parameter in openvpn config template
9 years ago
Filipp Frizzy
3024d03552
comment out google dns in openvpn config template
9 years ago
Filipp Frizzy
da10178f4b
add new settings into openvpn config template
- google dns setting for client
- verb level
- mtu
- TLS settings
9 years ago
Filipp Frizzy
651b0fd655
update openvpn variables
Notes about security: https://blog.g3rt.nl/openvpn-security-tips.html
Check privacy: http://witch.valdikss.org.ru/
9 years ago
Mike Ashley
aa59a1a2f0
Correct special-casing of z-push Apache configuration
8 years ago
Reh Wanne
e7562d14d1
change auth to interna_hashed
because why the fuck not?
9 years ago
Laurent Arnoud
39cea9e5a1
Remove not needed common_timezone on user vars
9 years ago
Laurent Arnoud
a25aec10d0
Set Etc/UTC as default timezone
9 years ago
Laurent Arnoud
1419c4e26e
Use common_timezone and fix idempotence
Thanks-to: 8e693b3db3
Conflicts:
roles/common/tasks/main.yml
9 years ago
Piet Jaspers
cd61f5ad69
Add some info on DMARC
I ran a check on http://mail-tester.com and found out I was missing a header to be set for DMARC. SInce I missed it, maybe someone else missed it as well, so maybe it could go into the README.
9 years ago
Sven Neuhaus
89c7a6038a
Merge pull request #427 from sread/z-push-apache
Z-push apache config: Jessie also uses conf-available/conf-enabled
8 years ago
Stuart Read
e444efa2b4
Add jessie to special-casing for modern apache conf.d handling.
8 years ago
Stuart Read
22ef6be96e
Revert "Z-push apache config: Jessie also uses conf-available/conf-enabled"
This reverts commit 6b53da4bdc .
Using a different approach to maintain wheezy compatibility
8 years ago
Sven Neuhaus
56f3d7cf1f
Merge pull request #452 from NickBusey/master
Adding monit tunnel information to Readme
8 years ago
Sven Neuhaus
24e9175fab
Merge pull request #458 from mikeashley/contributing
Updated contribution guidelines
8 years ago
Sven Neuhaus
19b12722f6
Merge pull request #463 from fengor/master
Added "UseRoaming no" to ssh.config to fix OpenSSH: client bugs CVE-2…
8 years ago
fengor
2613587946
reverting become change. become directive is only available in ansible 1.9.x and newer.
8 years ago
fengor
456458b127
sudo directive was deprecated in ansible 1.9.x. Changed the entry to become directive to fix deprecation warnings.
8 years ago
fengor
b368984641
Added "UseRoaming no" to ssh.config to fix OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778
see: http://undeadly.org/cgi?action=article&sid= 2016011414
8 years ago
Justin Plock
2ac298f436
Merge pull request #460 from skriems/fix/#453
ufw tasks shall have the ufw tag
9 years ago
Mike Ashley
367137b799
Run ansible-lint before submitting a pull request
9 years ago
Sebastian Kriems
968abba197
ufw tasks shall have the ufw tag
resolves #453
9 years ago
Mike Ashley
f2884e877b
Ask for good commit practices
9 years ago
Mike Ashley
fced29f57e
Document the design
Writing clarifies thinking and leaves behind guidance for future
maintainers. Design descriptions shouldn't be required, though,
especially for trivial modules.
9 years ago
Mike Ashley
74ab08d331
Consider README.md in the design checklist
9 years ago
Mike Ashley
982f9b0135
Make decisions
Users expect role authors to make decisions. The role author is
supposed to be the expert who knows what choices to make on behalf of
the user.
9 years ago
Mike Ashley
23a8461a9d
Consider testing in design
9 years ago
Mike Ashley
e44630c208
Updated contribution guidelines
I probably got this wrong, but I'm putting a stake in the ground based
on work I've done on the Roundcube module and adding Let's Encrypt
support to the common module.
9 years ago
NickBusey
c8544a8b7b
Adding monit tunnel information to Readme
9 years ago
Sven Neuhaus
e95e3e1bf8
Merge pull request #430 from danmilon/ssl-restart-nginx-on-new-cert
sl: properly install changed certificate and restart apache on changes
9 years ago
Sven Neuhaus
026b2a98ff
Merge pull request #446 from jplock/jp-selfoss-version
Pin Selfoss version to an actual release
9 years ago
Justin Plock
ab00ee6376
Ensure the config.ini is readable by www-data
9 years ago