Alex Payne
b674035d21
formatting
9 yıl önce
Alex Payne
6906412f63
Remove wheezy-specific ufw task.
9 yıl önce
Alex Payne
6d1eebb9d2
Use Ansible task names, not comments.
9 yıl önce
Alex Payne
c9b32cd2e2
Same Google auth install should work for both Jessie and Trusty.
Move Apache task to their own file.
9 yıl önce
Alex Payne
006f8e9b82
Just plain Ruby
9 yıl önce
Florian Anderiasch
076b6d2452
Fix typo in tarsnap.yml
9 yıl önce
Alex Payne
58a4532fe7
Better permission handling for OpenDMARC.
Resolves #400 .
9 yıl önce
Alex Payne
417403f534
Use {{ mail_server_hostname }} over mail.servername
Resolves #402 .
9 yıl önce
Alex Payne
7bb62ca678
Explicitly require MySQL server as part of OpenDMARC isntall.
Resolves #410 .
9 yıl önce
Miloš Hadžić
d823ed0848
Use lmtp instead of lda for delivery.
9 yıl önce
Pavel Karoukin
a86e43d5b4
Couple issues with OpenDMARC on Debian 7:
* fix mail_db_opendmarc_username/mail_db_opendmarc_password variable
not found.
* python-mysqldb package is required. Add it to opendmarc task.
9 yıl önce
Laurent Arnoud
21e0110684
Ignore copy tasks
9 yıl önce
Laurent Arnoud
ad22aed4cc
rm used in place of argument state=absent to file module
9 yıl önce
Laurent Arnoud
343db8edea
Git checkouts must contain explicit version
9 yıl önce
Laurent Arnoud
a09e2e71c1
tar used in place of unarchive module
9 yıl önce
Laurent Arnoud
0730284671
curl used in place of get_url module
9 yıl önce
Laurent Arnoud
311fae7e11
Trailing whitespace
9 yıl önce
Laurent Arnoud
3b8f15b745
Added whois for fail2ban report
Report will print: "missing whois program"
9 yıl önce
Will McCutchen
1be1afe1ff
Disable SSL stapling on wheezy
9 yıl önce
Will McCutchen
16b66cc849
Define apache SSL config in one place
9 yıl önce
Alex Payne
26d61c68a8
Implement OpenDMARC. Resolves #369 .
9 yıl önce
Manfred Touron
16c93ea486
Using more verbose 'dependencies' tag (#393 )
9 yıl önce
Manfred Touron
b49f3a6586
Tagged 'deps' aptitude tasks
9 yıl önce
John Rogerson
f72e1d2350
Update dovecot version from wheezy backports
For correct implementation of the fix for logjam attack (https://github.com/sovereign/sovereign/pull/372 ), state=latest is needed to grab sufficient version of Dovecot. If not then 37aa7e2cb5 doesn't work.
9 yıl önce
Sven Neuhaus
a088d9c456
Use "modern" SSLCipherSuite per Mozilla recommendations.
See https://wiki.mozilla.org/Security/Server_Side_TLS for details.
Removes RC4 cipher. Fixes issue #341 .
Also explicitly disabled SSLCompression and enables OCSP stapling.
We should put all these settings in
/etc/apache2/mods-enabled/ssl.conf
to avoid duplication...
9 yıl önce
Sven Neuhaus
c898aa98d6
Install postgresql 9.4, 9.3 or 9.1 if available
(on Debian Jessie, Ubuntu Trusty or older distributions such as
Debian Wheezy and Ubuntu Precise).
9 yıl önce
Sven Neuhaus
edf65c530a
Install lua-sec-prosody package on Debian Wheezy and Ubuntu Precise
This is the updated version from the prosody repository because
these distributions have an old version of the lua-sec package
that lacks PFS and other features. Second commit for issue #285 .
9 yıl önce
Sven Neuhaus
570bebac70
wheezy: need librrd2-dev from backports to be compatible with dovecot
9 yıl önce
Sven Neuhaus
a849a49f37
Fix: Files shouldn't be owned or writeable by httpd unless necessary.
9 yıl önce
Sven Neuhaus
8b5ed21e38
use wheezy-backports for dspam and solr packages on wheezy
relates to pull request #372
9 yıl önce
Laurent Arnoud
353e69d299
Remove duplication with items unattended upgrades
9 yıl önce
Alex Payne
34448d5d34
install Dovecot from wheezy-backports on wheezy, specifying default_release
9 yıl önce
Alex Payne
5222776e34
install Dovecot from wheezy-backports on wheezy, specifying default_release
9 yıl önce
Alex Payne
c3afbc3b46
install Dovecot from wheezy-backports on wheezy. resolves #372
9 yıl önce
Laurent Arnoud
89d47731ff
Add molly-guard and unattended-upgrades as common pkgs
9 yıl önce
Yannik
7c5d1c2261
remove duplicate options which are already specified in main.cf
9 yıl önce
Sven Neuhaus
37aa7e2cb5
Dovecot: Fix for logjam attack
9 yıl önce
Bob Van Landuyt
211b95189e
Add a tag for newebe, so it can be installed separately
Added a tag for newebe in a similar style to the other roles.
9 yıl önce
Alex Payne
1a96a87374
Ubuntu Trusty gets postgresql-9.3.
Resolves #363 .
9 yıl önce
Alex Payne
177ac9222b
Affix Postgres to version 9.1.
Addresses #362 .
9 yıl önce
Alex Payne
b11fb68559
Automatically set up passwordless sudo for deploy user.
Closes #343 .
9 yıl önce
Aleksandr Bogdanov
a849948e8d
Choosing the closest ubuntu mirror before anything else
10 yıl önce
Aleksandr Bogdanov
461be2b260
fixing a dependency on mailserver, as psycopg and postgres are only installed there
10 yıl önce
Aleksandr Bogdanov
2b9c722ed9
Enabling php5-mcrypt for roundcube, as it is not by default
10 yıl önce
Sven Neuhaus
ae58053653
Create /decrypted directory even if encfs is not used.
Helps with issue #120 .
9 yıl önce
Sven Neuhaus
d5217ea1cd
Create main user without "fuse" group, instead add it later as part
of the "encfs" tag. This allows the user to make encfs optional.
Helps with issue #120 .
9 yıl önce
Justin Plock
941baf72d6
Integration between selfoss and wallabag (fixes #349
9 yıl önce
Marius Voila
b13ab39f11
cleaning security.yml
9 yıl önce
fengor
7ed46f590c
renamed templates to be consistent with coding standard.
removed comment line in ssh_config
9 yıl önce
Marius Voila
ec69fef60c
removed old template
9 yıl önce