James Ravn
3f45b1bee4
Uses monit to stop/start postgres for tarsnap
10 years ago
James Ravn
146c587644
Stops postgresql for tarsnap backup
Data loss will occur if backing up postgresql while it runs. A simple
fix is to stop it during the backup. I've moved the backup to early
morning to reduce possible downtime.
A better approach would be to use pg_dump.
10 years ago
James Ravn
6ec6a6d03f
Uses global roundcube sieve configuration option
The previous behaviour relied on managesieve copying over the
.dovecot.sieve file into the user's directory. I found this to be
particularly fragile. For instance, re-deploying roundcube without
dovecot could overwrite the .dovecot.sieve symlink and break
managesieve.
A better approach is to use the global sieve configuration that
roundcube provides and not mess with dovecot's files directly.
10 years ago
James Ravn
703d356492
Redirects naked domain to www
Properly behaving websites should 301 redirect the naked domain.
10 years ago
James Ravn
46eabbedd7
Limits z-push sync to 3 months
This prevents timeouts when trying to sync very large mailboxes. By
default, z-push attempts to get headers for all messages in a folder.
10 years ago
James Ravn
bccbe24f28
Adds mention of setting up postgresql for owncloud in readme
10 years ago
Luke Cyca
f83c131bbe
Merge pull request #165 from Korni22/master
Update README to include troubleshooting page in wiki
10 years ago
Eric S.
6258964079
Update README.textile
10 years ago
Eric S.
1898c2598d
Update README.textile
10 years ago
Eric S.
a9023647c0
Update README.textile
10 years ago
Luke Cyca
bfbdafd5aa
Merge pull request #162 from nstanke/patch-1
polish to match the replacement of MySQL.
10 years ago
Norman S.
fd6c99c0d2
polish to match the replacement of MySQL.
polish to match the replacement of MySQL with PostgreSQL.
10 years ago
Luke Cyca
56737491d6
Merge pull request #161 from ariddell/master
Quote password substitution (may contain spaces)
10 years ago
Allen Riddell
9a6cbcd925
Quote password substitution (may contain spaces)
10 years ago
Luke Cyca
7a45fc25e2
Merge pull request #160 from ariddell/master
Quote password variables (they may contain spaces)
10 years ago
Allen Riddell
d1e9e2b4ff
Quote password variables (they may contain spaces)
String-valued variables containing spaces can be substituted into an ansible
tasks file but they will not be interpreted correctly.
10 years ago
Luke Cyca
be9db3054a
Merge pull request #159 from knitatoms/patch-1
Docs on setting up a DNS txt record for DKIM
10 years ago
Tom Atkins
645ac231a1
Docs on setting up a DNS txt record for DKIM
To take advantage of the OpenDKIM installation it's important to set up a DNS txt record. This documentation addition explains how to do that.
10 years ago
Luke Cyca
fb743a9889
Merge pull request #158 from snowyote/master
quote password environment variable
10 years ago
Ben Morse
869e73fa4d
quote password environment variable in case it contains shell metacharacters
10 years ago
Luke Cyca
fdce2b0a9a
Merge pull request #151 from nureineide/master
Making main user's shell configurable
10 years ago
Benjamin Reitzammer
d957760697
Making main user's shell configurable
10 years ago
Luke Cyca
a65dd414c8
Merge pull request #152 from ConceitedCode/patch-1
Allow # in mail_db_password
10 years ago
Luke Cyca
299c5d3115
Merge pull request #140 from jplock/jp-postgres-pid
PostgreSQL 9.1 installs its pid into a different folder than 9.2
10 years ago
Cameron Rudnick
0493e9b57e
Allow # in mail_db_password
I had a # in my mail_db_password and spent the last 2 hours trying to figure out why I couldn't connect by IMAP. A # is only allowed if the connect string is wrapped in quotes.
10 years ago
Alex Payne
e1dbde2cb4
Merge pull request #145 from jplock/jp-postgres-tarsnap
Tarsnap looking for PostgreSQL in the wrong place
10 years ago
Justin Plock
6e669fb2df
Following the instructions of using a Debian 7 image, PostgreSQL 9.1 is installed in /var/lib/postgresql not /opt/postgresql
11 years ago
Alex Payne
ea6833bafa
Merge pull request #144 from jplock/jp-ufw-udp-port
Allow both TCP and UDP port 53 for DNS lookups through OpenVPN
11 years ago
Justin Plock
3b0308d69e
Allow both TCP and UDP port 53 for DNS lookups through OpenVPN
11 years ago
Alex Payne
2e72d6f670
Merge pull request #142 from jplock/jp-freenode-ssl-port
Update chat.freenode.net port to SSL-only
11 years ago
Justin Plock
f16d7f33d7
If we want to use SSL, I wasn’t able to connect to port 6667 so I had to change this to 6697 which is the SSL only port
11 years ago
Luke Cyca
7ac1954020
Merge pull request #141 from cji/master
Fixes issue #8
11 years ago
cji
015617c18c
Fixes issue #8
Fixes issue #8 . Adds new variable mail_header_privacy, on by default.
Installs postfix-pcre unconditionally, and then copies the pcre file
over and adds the header check to main.cf based on the variable value.
“this header replacement works great, but it logs that the replacement
has been done, which means that you are storing this information,
unless you are anonymizing your logs”
11 years ago
Justin Plock
8b2d31e985
PostgreSQL 9.1 installs its pid into a different folder than 9.2
11 years ago
Luke Cyca
6c3cee70f2
Merge pull request #138 from tilsammans/ntp
Make the ntp pool configurable
11 years ago
Joost Baaij
0257797282
use the geo located ntp servers for everyone
still allow people to override them in defaults.yml
11 years ago
Joost Baaij
ae2e74bb79
make NTP pool configurable
use the world-wide pool by default, but specify north-america in
user.yml. Also, documentation. This way Sovereign will still behave the
same, but the NTP servers can be changed when desired.
11 years ago
Joost Baaij
4837d2e87a
extract NTP logic
11 years ago
Luke Cyca
460026cfb3
Merge pull request #135 from tilsammans/fail2ban-imaps-pop3s
added pop3s and imaps ports to fail2ban.
11 years ago
Joost Baaij
715399a2f1
added pop3s and imaps ports to fail2ban.
Otherwise only pop and imap (un-secured) are blocked.
Which we don't use.
11 years ago
Luke Cyca
f7cccbc89c
Merge pull request #133 from tilsammans/pop3s
Enabled POP3S for old-timeys who dig that
11 years ago
Luke Cyca
121cde3814
Merge pull request #134 from tilsammans/unattended-upgrades
Enabled unattended-upgrades
11 years ago
Joost Baaij
2033c37982
Enabled unattended-upgrades
This works on Debian/Ubuntu only.
There are similar packages for other distributions, but they still
need manual configuration. It seemed better to go for the common
denominator. unattended-upgrades is usually installed by default
anyway, so we are just reinforcing best practices.
11 years ago
Joost Baaij
335cef5c9f
Enabled POP3S for old-timeys who dig that
added dovecot-pop3d
allowed in the firewall
monitored with monit
added relevant tests
11 years ago
Luke Cyca
40f8c50239
Merge pull request #132 from jplock/patch-1
Changed port to reflect MySQL -> Postgres change
11 years ago
Justin Plock
75ce61f993
Changed port to reflect MySQL -> Postgres change
Updated the default port to reflect MySQL to Postgres change (port 3306 to 5432)
11 years ago
Alex Payne
f24a8a5dd7
Merge pull request #131 from jlund/openvpn-improvements
OpenVPN improvements
11 years ago
Joshua Lund
4ed07a1e0a
* Made the OpenVPN port and protocol (tcp/udp) configurable
* Added 'cipher' and 'auth' lines to the generated client configs
11 years ago
Alex Payne
b4f6ecb516
Merge pull request #126 from yuvadm/self-signed-ssl
Add self-signed SSL cert section to README
11 years ago
Alex Payne
2a0d379db3
Reflect change to Postgres in README
11 years ago