sovereign

Author	SHA1	Message	Date
Alex Payne	b674035d21	formatting	9 years ago
Alex Payne	6906412f63	Remove wheezy-specific ufw task.	9 years ago
Alex Payne	6d1eebb9d2	Use Ansible task names, not comments.	9 years ago
Alex Payne	c9b32cd2e2	Same Google auth install should work for both Jessie and Trusty. Move Apache task to their own file.	9 years ago
Alex Payne	006f8e9b82	Just plain Ruby	9 years ago
Florian Anderiasch	076b6d2452	Fix typo in tarsnap.yml	9 years ago
Alex Payne	58a4532fe7	Better permission handling for OpenDMARC. Resolves #400.	9 years ago
Alex Payne	417403f534	Use {{ mail_server_hostname }} over mail.servername Resolves #402.	9 years ago
Alex Payne	7bb62ca678	Explicitly require MySQL server as part of OpenDMARC isntall. Resolves #410.	9 years ago
Miloš Hadžić	d823ed0848	Use lmtp instead of lda for delivery.	9 years ago
Pavel Karoukin	a86e43d5b4	Couple issues with OpenDMARC on Debian 7: * fix mail_db_opendmarc_username/mail_db_opendmarc_password variable not found. * python-mysqldb package is required. Add it to opendmarc task.	9 years ago
Laurent Arnoud	21e0110684	Ignore copy tasks	9 years ago
Laurent Arnoud	ad22aed4cc	rm used in place of argument state=absent to file module	9 years ago
Laurent Arnoud	343db8edea	Git checkouts must contain explicit version	9 years ago
Laurent Arnoud	a09e2e71c1	tar used in place of unarchive module	9 years ago
Laurent Arnoud	0730284671	curl used in place of get_url module	9 years ago
Laurent Arnoud	311fae7e11	Trailing whitespace	9 years ago
Laurent Arnoud	3b8f15b745	Added whois for fail2ban report Report will print: "missing whois program"	9 years ago
Will McCutchen	1be1afe1ff	Disable SSL stapling on wheezy	9 years ago
Will McCutchen	16b66cc849	Define apache SSL config in one place	9 years ago
Alex Payne	26d61c68a8	Implement OpenDMARC. Resolves #369.	9 years ago
Manfred Touron	16c93ea486	Using more verbose 'dependencies' tag (#393)	9 years ago
Manfred Touron	b49f3a6586	Tagged 'deps' aptitude tasks	9 years ago
John Rogerson	f72e1d2350	Update dovecot version from wheezy backports For correct implementation of the fix for logjam attack (https://github.com/sovereign/sovereign/pull/372), state=latest is needed to grab sufficient version of Dovecot. If not then 37aa7e2cb5 doesn't work.	9 years ago
Sven Neuhaus	a088d9c456	Use "modern" SSLCipherSuite per Mozilla recommendations. See https://wiki.mozilla.org/Security/Server_Side_TLS for details. Removes RC4 cipher. Fixes issue #341. Also explicitly disabled SSLCompression and enables OCSP stapling. We should put all these settings in /etc/apache2/mods-enabled/ssl.conf to avoid duplication...	9 years ago
Sven Neuhaus	c898aa98d6	Install postgresql 9.4, 9.3 or 9.1 if available (on Debian Jessie, Ubuntu Trusty or older distributions such as Debian Wheezy and Ubuntu Precise).	9 years ago
Sven Neuhaus	edf65c530a	Install lua-sec-prosody package on Debian Wheezy and Ubuntu Precise This is the updated version from the prosody repository because these distributions have an old version of the lua-sec package that lacks PFS and other features. Second commit for issue #285.	9 years ago
Sven Neuhaus	570bebac70	wheezy: need librrd2-dev from backports to be compatible with dovecot	9 years ago
Sven Neuhaus	a849a49f37	Fix: Files shouldn't be owned or writeable by httpd unless necessary.	9 years ago
Sven Neuhaus	8b5ed21e38	use wheezy-backports for dspam and solr packages on wheezy relates to pull request #372	9 years ago
Laurent Arnoud	353e69d299	Remove duplication with items unattended upgrades	9 years ago
Alex Payne	34448d5d34	install Dovecot from wheezy-backports on wheezy, specifying default_release	9 years ago
Alex Payne	5222776e34	install Dovecot from wheezy-backports on wheezy, specifying default_release	9 years ago
Alex Payne	c3afbc3b46	install Dovecot from wheezy-backports on wheezy. resolves #372	9 years ago
Laurent Arnoud	89d47731ff	Add molly-guard and unattended-upgrades as common pkgs	9 years ago
Yannik	7c5d1c2261	remove duplicate options which are already specified in main.cf	9 years ago
Sven Neuhaus	37aa7e2cb5	Dovecot: Fix for logjam attack	9 years ago
Bob Van Landuyt	211b95189e	Add a tag for newebe, so it can be installed separately Added a tag for newebe in a similar style to the other roles.	9 years ago
Alex Payne	1a96a87374	Ubuntu Trusty gets postgresql-9.3. Resolves #363.	9 years ago
Alex Payne	177ac9222b	Affix Postgres to version 9.1. Addresses #362.	9 years ago
Alex Payne	b11fb68559	Automatically set up passwordless sudo for deploy user. Closes #343.	9 years ago
Aleksandr Bogdanov	a849948e8d	Choosing the closest ubuntu mirror before anything else	10 years ago
Aleksandr Bogdanov	461be2b260	fixing a dependency on mailserver, as psycopg and postgres are only installed there	10 years ago
Aleksandr Bogdanov	2b9c722ed9	Enabling php5-mcrypt for roundcube, as it is not by default	10 years ago
Sven Neuhaus	ae58053653	Create /decrypted directory even if encfs is not used. Helps with issue #120.	9 years ago
Sven Neuhaus	d5217ea1cd	Create main user without "fuse" group, instead add it later as part of the "encfs" tag. This allows the user to make encfs optional. Helps with issue #120.	9 years ago
Justin Plock	941baf72d6	Integration between selfoss and wallabag (fixes #349	9 years ago
Marius Voila	b13ab39f11	cleaning security.yml	9 years ago
fengor	7ed46f590c	renamed templates to be consistent with coding standard. removed comment line in ssh_config	9 years ago
Marius Voila	ec69fef60c	removed old template	9 years ago

First Previous 1 2 3 4 5 ... Next Last

340 Commits (b674035d21853e8b0b1aecbe01f4c54e797e240a)