Update chat.freenode.net port to SSL-only

Fixes issue #8

Fixes issue #8. Adds new variable mail_header_privacy, on by default.
Installs postfix-pcre unconditionally, and then copies the pcre file
over and adds the header check to main.cf based on the variable value.
“this header replacement works great, but it logs that the replacement
has been done, which means that you are storing this information,
unless you are anonymizing your logs”

Make the ntp pool configurable

still allow people to override them in defaults.yml

use the world-wide pool by default, but specify north-america in
user.yml. Also, documentation. This way Sovereign will still behave the
same, but the NTP servers can be changed when desired.

added pop3s and imaps ports to fail2ban.

Otherwise only pop and imap (un-secured) are blocked.
Which we don't use.

Enabled POP3S for old-timeys who dig that

Enabled unattended-upgrades

This works on Debian/Ubuntu only.

There are similar packages for other distributions, but they still
need manual configuration. It seemed better to go for the common
denominator. unattended-upgrades is usually installed by default
anyway, so we are just reinforcing best practices.

added dovecot-pop3d
allowed in the firewall
monitored with monit
added relevant tests

Changed port to reflect MySQL -> Postgres change

Updated the default port to reflect MySQL to Postgres change (port 3306 to 5432)

OpenVPN improvements

* Added 'cipher' and 'auth' lines to the generated client configs

Add self-signed SSL cert section to README

Change database to PostgreSQL

PostgreSQL works similarly with varchar and text columns. Rather than
limiting the amount of characters a column can hold simply use text
columns.

Because this sql is now PostgreSQL specific, there's no need to maintain
what was set in the mysql settings.

Remove all configuration for MySQL and configure PostgreSQL as the main
database.

All *_mysql_* options have been changed to *_db_* options.

Postgres requires the database user to have a password in order to
connect via localhost. The db_admin_password option is used to set the
password of the admin user (usually postgres).

add indexes on the virtual alias tables

Don't individually mail all fail2ban actions

When you're hosting a couple of hundred aliases, you will benefit.
It seems safer to create the index and deal with the slight overhead
for just a couple of records, as opposed to not having these
indexes and deal with serious performance issues if you have
lots of aliases on the machine.

Don't mail them individually to the destemail. The destemail setting is thus no
longer used, but let's set it anyway to be clear where it will mail if you
change the action back.

recipient_delimeter not working

This allows the `recipient_delimiter` setting in etc_postfix_main.cf.j2
to function as intended.

Fixes: #121

See #121

Update the APT cache after adding the ownCloud repo

Silence the selfoss cron job

Fix the Selfoss cron job

Also mailing to root (which gets forwarded to admin_email) for easier automated sorting

Signed-off-by: PajamaSoft <support@pajamasoft.com>

Signed-off-by: PajamaSoft <support@pajamasoft.com>

Signed-off-by: PajamaSoft <support@pajamasoft.com>

Add an RSS Reader

OwnCloud speed