sovereign

作者	SHA1	備註	提交日期
Alban Seurat	c22d179e83	cgit dependency missing	10 年之前
Norman S.	53010bed89	fixes #156 fixes #156 by adding the -L flag, as suggested by @ventolin	10 年之前
Alex Dunae	b44972ab87	Only install Tarsnap when version is missing Checks if the exact version of Tarsnap is already installed and, if so, skips the download and build steps.	10 年之前
Mike Hostetler	8ec36ca875	add cgi module for cgit	10 年之前
Thom Wiggers	8578f49e21	Make sure that only ZNC can read its certificate To bring this certificate in line with how those in ssl.yml are managed.	10 年之前
Joshua Lund	64883159e9	* Update OpenVPN role to generate self-contained "unified" .ovpn profiles * The role now generates .ovpn profiles with embedded CA, certificate, key, and HMAC firewall key information. These .ovpn profiles are compatible with OpenVPN for iOS and Android, and only a single file needs to be transferred to your mobile device. * Added explicit route information to the .ovpn profile	10 年之前
Justin Plock	ed75c9469b	libpam-dev didn't exist for some people so switching to libpam0g-dev instead	10 年之前
Justin Plock	921ae6957e	Optional 2FA support for OpenVPN (requires uncommenting on the server and pushing new client configs)	10 年之前
Justin Plock	e88fb57cba	Skip the google authenticator generation if we're running as vagrant. Vagrant can't sudo to the sovereign test user so this won't work.	10 年之前
Justin Plock	408d83341f	Add a 2FA plugin for Roundcube (fixes #201)	10 年之前
Justin Plock	2d751ab680	The .google_authenticator file has to be generated by the user that is going to attempt to use it. Also, -W doesn't seem to work (results an in INVALID_WINDOW error in /var/log/auth.log), so use -w 1 to allow for a single concurrent token	10 年之前
Justin Plock	c037dce07a	Clarified parameters are bit in a comment	10 年之前
Justin Plock	22a8717f6d	Automatically generate the Google authenticator file for the default user	10 年之前
Justin Plock	84c9febec7	Added Google Authenticator 2FA logins	10 年之前
Justin Plock	89f018bd23	In preparation for using any 2FA solution, it will most likely need to modify sshd_config, so let's change the file in place instead of overwriting it completely.	10 年之前
Norman S.	b1092e800b	changed from 52 to 5 versions.	10 年之前
Larry Fox	092cb287e0	add gitolite and some cgit settings	10 年之前
Larry Fox	158503b6ca	add cgit	10 年之前
Justin Plock	9f918363b9	Set a ServerName for apache (fixes #187)	10 年之前
Norman S.	d8153552b8	add logrotate task	10 年之前
Norman S.	a6889500b6	add logrotate task	10 年之前
Justin Plock	8928993772	The group and mode of debian-db.php need to be readable by apache	10 年之前
Justin Plock	00b263608e	Properly generate a PHP /etc/roundcube/debian-db.php file	10 年之前
Justin Plock	c3b1362e78	Ignore carddav database errors	10 年之前
Justin Plock	1bd900bfae	Properly set the roundcube database password	10 年之前
Justin Plock	057a8c8872	Properly reconfigure the roundcube database and import the carddav tables	10 年之前
Justin Plock	bd9b22f603	Import carddav database schema. I'm unable to run this against the vagrant VM as the webmail_db_password seems to be automatically generated.	10 年之前
Justin Plock	d19e9a7d73	Move tarsnap.key from /root to /decrypted and don't overwrite it if one already exists (fixes #15)	10 年之前
Justin Plock	d3499da52e	Safer symlink creation and downloaded file removal	10 年之前
Justin Plock	876b81a1a7	Install the carddav plugin so owncloud contacts can be used (fixes #154)	10 年之前
James Ravn	e3825cf6dd	Revert "Redirects naked domain to www" This reverts commit 703d356492.	10 年之前
Bryan Swift	9194c5fe55	Fix URL of z-push download	10 年之前
James Ravn	aa404cd642	Fixes z-push download	10 年之前
James Ravn	3f45b1bee4	Uses monit to stop/start postgres for tarsnap	10 年之前
James Ravn	146c587644	Stops postgresql for tarsnap backup Data loss will occur if backing up postgresql while it runs. A simple fix is to stop it during the backup. I've moved the backup to early morning to reduce possible downtime. A better approach would be to use pg_dump.	10 年之前
James Ravn	6ec6a6d03f	Uses global roundcube sieve configuration option The previous behaviour relied on managesieve copying over the .dovecot.sieve file into the user's directory. I found this to be particularly fragile. For instance, re-deploying roundcube without dovecot could overwrite the .dovecot.sieve symlink and break managesieve. A better approach is to use the global sieve configuration that roundcube provides and not mess with dovecot's files directly.	10 年之前
James Ravn	703d356492	Redirects naked domain to www Properly behaving websites should 301 redirect the naked domain.	10 年之前
James Ravn	46eabbedd7	Limits z-push sync to 3 months This prevents timeouts when trying to sync very large mailboxes. By default, z-push attempts to get headers for all messages in a folder.	10 年之前
Allen Riddell	9a6cbcd925	Quote password substitution (may contain spaces)	10 年之前
Allen Riddell	d1e9e2b4ff	Quote password variables (they may contain spaces) String-valued variables containing spaces can be substituted into an ansible tasks file but they will not be interpreted correctly.	10 年之前
Ben Morse	869e73fa4d	quote password environment variable in case it contains shell metacharacters	10 年之前
Benjamin Reitzammer	d957760697	Making main user's shell configurable	10 年之前
Cameron Rudnick	0493e9b57e	Allow # in mail_db_password I had a # in my mail_db_password and spent the last 2 hours trying to figure out why I couldn't connect by IMAP. A # is only allowed if the connect string is wrapped in quotes.	10 年之前
Justin Plock	6e669fb2df	Following the instructions of using a Debian 7 image, PostgreSQL 9.1 is installed in /var/lib/postgresql not /opt/postgresql	10 年之前
Justin Plock	3b0308d69e	Allow both TCP and UDP port 53 for DNS lookups through OpenVPN	10 年之前
Justin Plock	f16d7f33d7	If we want to use SSL, I wasn’t able to connect to port 6667 so I had to change this to 6697 which is the SSL only port	10 年之前
cji	015617c18c	Fixes issue #8 Fixes issue #8. Adds new variable mail_header_privacy, on by default. Installs postfix-pcre unconditionally, and then copies the pcre file over and adds the header check to main.cf based on the variable value. “this header replacement works great, but it logs that the replacement has been done, which means that you are storing this information, unless you are anonymizing your logs”	10 年之前
Justin Plock	8b2d31e985	PostgreSQL 9.1 installs its pid into a different folder than 9.2	11 年之前
Joost Baaij	ae2e74bb79	make NTP pool configurable use the world-wide pool by default, but specify north-america in user.yml. Also, documentation. This way Sovereign will still behave the same, but the NTP servers can be changed when desired.	11 年之前
Joost Baaij	4837d2e87a	extract NTP logic	11 年之前

185 次程式碼提交 (c22d179e8339f7167fee2d65432964c91c815b6c)