sovereign

Commit Graph

Автор	SHA1	Съобщение	Дата
Alex Payne	58a4532fe7	Better permission handling for OpenDMARC. Resolves #400.	преди 9 години
Alex Payne	417403f534	Use {{ mail_server_hostname }} over mail.servername Resolves #402.	преди 9 години
Alex Payne	7bb62ca678	Explicitly require MySQL server as part of OpenDMARC isntall. Resolves #410.	преди 9 години
Miloš Hadžić	d823ed0848	Use lmtp instead of lda for delivery.	преди 9 години
Pavel Karoukin	a86e43d5b4	Couple issues with OpenDMARC on Debian 7: * fix mail_db_opendmarc_username/mail_db_opendmarc_password variable not found. * python-mysqldb package is required. Add it to opendmarc task.	преди 9 години
Laurent Arnoud	21e0110684	Ignore copy tasks	преди 9 години
Laurent Arnoud	a09e2e71c1	tar used in place of unarchive module	преди 9 години
Will McCutchen	16b66cc849	Define apache SSL config in one place	преди 9 години
Alex Payne	26d61c68a8	Implement OpenDMARC. Resolves #369.	преди 9 години
Manfred Touron	16c93ea486	Using more verbose 'dependencies' tag (#393)	преди 9 години
Manfred Touron	b49f3a6586	Tagged 'deps' aptitude tasks	преди 9 години
John Rogerson	f72e1d2350	Update dovecot version from wheezy backports For correct implementation of the fix for logjam attack (https://github.com/sovereign/sovereign/pull/372), state=latest is needed to grab sufficient version of Dovecot. If not then 37aa7e2cb5 doesn't work.	преди 9 години
Sven Neuhaus	a088d9c456	Use "modern" SSLCipherSuite per Mozilla recommendations. See https://wiki.mozilla.org/Security/Server_Side_TLS for details. Removes RC4 cipher. Fixes issue #341. Also explicitly disabled SSLCompression and enables OCSP stapling. We should put all these settings in /etc/apache2/mods-enabled/ssl.conf to avoid duplication...	преди 9 години
Sven Neuhaus	c898aa98d6	Install postgresql 9.4, 9.3 or 9.1 if available (on Debian Jessie, Ubuntu Trusty or older distributions such as Debian Wheezy and Ubuntu Precise).	преди 9 години
Sven Neuhaus	a849a49f37	Fix: Files shouldn't be owned or writeable by httpd unless necessary.	преди 9 години
Sven Neuhaus	8b5ed21e38	use wheezy-backports for dspam and solr packages on wheezy relates to pull request #372	преди 9 години
Alex Payne	34448d5d34	install Dovecot from wheezy-backports on wheezy, specifying default_release	преди 9 години
Alex Payne	5222776e34	install Dovecot from wheezy-backports on wheezy, specifying default_release	преди 9 години
Alex Payne	c3afbc3b46	install Dovecot from wheezy-backports on wheezy. resolves #372	преди 9 години
Yannik	7c5d1c2261	remove duplicate options which are already specified in main.cf	преди 9 години
Sven Neuhaus	37aa7e2cb5	Dovecot: Fix for logjam attack	преди 9 години
Alex Payne	1a96a87374	Ubuntu Trusty gets postgresql-9.3. Resolves #363.	преди 9 години
Alex Payne	177ac9222b	Affix Postgres to version 9.1. Addresses #362.	преди 9 години
Philip Potter	41243fa3ec	Bump checkrbl version to stop using ahbl ahbl is no longer being maintained and has been configured to return a positive value for every host. This means I get a cron warning every day reporting that my mailserver is in ircbl.ahbl.org and dnsbl.ahbl.org. lukecyca/check-rbl#1 has removed ahbl from the blacklists that it checks. This just pulls in that change. Unfortunately, ansible's get_url won't update files which have been downloaded already unless you set force=yes, which will cause ansible to pull down the file from github on every single run, which isn't really acceptable. I have filed ansible/ansible-modules-core#625 to ask that get_url redownload if and only if the sha256sum differs. In the meantime, you have to manually delete /opt/check-rbl.pl before rerunning ansible to pull in the update. However, at least this will work fine for new installs. Related to #338 (though I don't know if it truly fixes it).	преди 9 години
Sven Neuhaus	ac59435d6e	exclude SSLv3 for all TLS to mitigate POODLE vulnerability	преди 10 години
Sven Neuhaus	f338b1e15d	Postfix: Disable SSLv2 and SSLv3 for mandatory TLS connections Postfix: Disable SSLv2 and SSLv3 for 'mandatory SSL' mode connections to completely mitigate the POODLE issue.	преди 10 години
Sven Neuhaus	f4177313d7	Disable SSLv3 in Dovecot imap server Disable SSLv3 in Dovecot imap server to avoid POODLE vulnerability	преди 10 години
Mike Ashley	cf5d98c505	Correct SMTP port number	преди 10 години
Patrick O'Doherty	6f6fc6a90f	Disable SSLv3 in all Apache vhosts	преди 10 години
Luke Cyca	befde9f660	Update check-rbl to omit uribl. Fixes #279	преди 10 години
Lorenzo Villani	8959f1c183	Add support for Thunderbird automatic configuration Resolves #114	преди 10 години
Lorenzo Villani	661ed29a3e	Use /usr/sbin/nologin as login shells for vmail and znc users	преди 10 години
Lorenzo Villani	d5ecf673d3	Calm OCD by sorting almost every with_items block in alphabetical order	преди 10 години
Lorenzo Villani	e7703d0d9c	Add support for Apache 2.4 on Ubuntu 14.04	преди 10 години
Michael West	aa2e1a0e74	Increase security of postfix smtp tls ciphers, that is sending email to other smtp servers using encryption	преди 10 години
Alex Payne	e6bd0a08c2	Set `smtpd_relay_restrictions` to backwards compatible mode. Resolves #231.	преди 10 години
Luke Cyca	1986dc96a4	Fix dspam user parameter and data paths. fixes #196	преди 10 години
Sven Neuhaus	779d6c6bb9	Ubuntu Trusty fix for Dovecot (postgresql 9.3 instead of 9.1)	преди 10 години
Sven Neuhaus	0ebda3b32e	Fixes for Ubuntu 14.04 LTS 'trusty' * Postfix: Trusty comes with postgresql 9.3, not 9.1 * owncloud 6.0.1 is part of the distribution, doesn't require opensuse repository * owncloud requires libapache2-mod-php5 * uses prosody repository that matches the ansible_distribution_release (trusty, wheezy, etc)	преди 10 години
Justin Plock	ea0b288818	Moved ufw firewall rules into individual roles	преди 10 години
Thom Wiggers	6312286b64	Remove ahbl as it's being winded down http://ahbl.org/content/changes-ahbl Fixes #232	преди 10 години
brandon	7c9084fcba	fixes "Warning: autocreate plugin is deprecated, use mailbox { auto } setting instead"	преди 10 години
Norman S.	b1092e800b	changed from 52 to 5 versions.	преди 10 години
Norman S.	d8153552b8	add logrotate task	преди 10 години
Norman S.	a6889500b6	add logrotate task	преди 10 години
Bryan Swift	9194c5fe55	Fix URL of z-push download	преди 10 години
James Ravn	aa404cd642	Fixes z-push download	преди 10 години
James Ravn	6ec6a6d03f	Uses global roundcube sieve configuration option The previous behaviour relied on managesieve copying over the .dovecot.sieve file into the user's directory. I found this to be particularly fragile. For instance, re-deploying roundcube without dovecot could overwrite the .dovecot.sieve symlink and break managesieve. A better approach is to use the global sieve configuration that roundcube provides and not mess with dovecot's files directly.	преди 10 години
James Ravn	46eabbedd7	Limits z-push sync to 3 months This prevents timeouts when trying to sync very large mailboxes. By default, z-push attempts to get headers for all messages in a folder.	преди 10 години
Allen Riddell	9a6cbcd925	Quote password substitution (may contain spaces)	преди 10 години

Първа Предишна 1 2 Следваща Последна

100 Ревизии (b674035d21853e8b0b1aecbe01f4c54e797e240a)