Mike Ashley
d3abc02f84
Clean up Apache SSL configuration
Avoid using the Include directive. Move most of the SSL configuration
to the global configuration and leave enabling the SSL engine to each
virtual host that wants to use it.
9 anni fa
Sven Neuhaus
bd0176e003
Merge pull request #476 from ariddell/feature/jessie-catchup-3b4f93-to-56f3d7
Include commits to master which were missing in jessie
8 anni fa
Allen Riddell
4d55a21b6c
Merge pull request #481 from pawel-lewtak/jessie
Fix links to Ansible website in readme
9 anni fa
pawel
2a084cf6a1
Fix links to Ansible website in readme
9 anni fa
Sven Neuhaus
150fa2bf06
Merge pull request #472 from mikeashley/z-push-fix
Correct special-casing of z-push Apache configuration
9 anni fa
NickBusey
4d0a577c2b
Adding monit tunnel information to Readme
9 anni fa
Mike Ashley
e229e904b9
Run ansible-lint before submitting a pull request
9 anni fa
Mike Ashley
f16d0bf4d1
Ask for good commit practices
9 anni fa
Mike Ashley
bf3b3cf53d
Document the design
Writing clarifies thinking and leaves behind guidance for future
maintainers. Design descriptions shouldn't be required, though,
especially for trivial modules.
9 anni fa
Mike Ashley
e7817da0af
Consider README.md in the design checklist
9 anni fa
Mike Ashley
fc28baf6b8
Make decisions
Users expect role authors to make decisions. The role author is
supposed to be the expert who knows what choices to make on behalf of
the user.
9 anni fa
Mike Ashley
4609e82621
Consider testing in design
9 anni fa
Mike Ashley
d7e71b268a
Updated contribution guidelines
I probably got this wrong, but I'm putting a stake in the ground based
on work I've done on the Roundcube module and adding Let's Encrypt
support to the common module.
Conflicts:
CONTRIBUTING.md
9 anni fa
fengor
05cb26f239
reverting become change. become directive is only available in ansible 1.9.x and newer.
9 anni fa
fengor
fec3fb279e
sudo directive was deprecated in ansible 1.9.x. Changed the entry to become directive to fix deprecation warnings.
9 anni fa
fengor
e63661f982
Added "UseRoaming no" to ssh.config to fix OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778
see: http://undeadly.org/cgi?action=article&sid= 2016011414
9 anni fa
Sebastian Kriems
fe536873b7
ufw tasks shall have the ufw tag
resolves #453
Conflicts:
roles/common/tasks/ufw.yml
9 anni fa
Dan Milon
829c8491c7
restart apache on SSL changes
9 anni fa
Dan Milon
a5c6f663ce
properly install changed SSL certificate
9 anni fa
Justin Plock
833cd92d02
Ensure the config.ini is readable by www-data
9 anni fa
Sven Neuhaus
d59c5eff05
Generate 2048 DH group and add it to Postfix
9 anni fa
Filipp Frizzy
7cb76741e7
update openvpn server config
Change default network buffer size
Should increase tcp tunnel speed for openvpn < 2.3.9
https://community.openvpn.net/openvpn/ticket/461
9 anni fa
Dan Milon
97e996b225
Configure logrotate permissions for selfoss
9 anni fa
Allen Riddell
3346c4aede
Remove reference to Google's DNS servers
Per discussion on #429 (after the merge). This project is about encouraging users to run services themselves and not rely on for-profit corporations such as Google.
9 anni fa
Dan Milon
2fb7cfa7c9
Add SSL stapling cache for apache
Fixes #406
9 anni fa
Allen Riddell
43f3840b3b
Comment copyediting
9 anni fa
Filipp Frizzy
fc374682f6
up comments in openvpn config template
add additional comment about `tun-mtu` parameter in openvpn config template
9 anni fa
Filipp Frizzy
3024d03552
comment out google dns in openvpn config template
9 anni fa
Filipp Frizzy
da10178f4b
add new settings into openvpn config template
- google dns setting for client
- verb level
- mtu
- TLS settings
9 anni fa
Filipp Frizzy
651b0fd655
update openvpn variables
Notes about security: https://blog.g3rt.nl/openvpn-security-tips.html
Check privacy: http://witch.valdikss.org.ru/
9 anni fa
Mike Ashley
aa59a1a2f0
Correct special-casing of z-push Apache configuration
9 anni fa
Reh Wanne
e7562d14d1
change auth to interna_hashed
because why the fuck not?
9 anni fa
Laurent Arnoud
39cea9e5a1
Remove not needed common_timezone on user vars
9 anni fa
Laurent Arnoud
a25aec10d0
Set Etc/UTC as default timezone
9 anni fa
Laurent Arnoud
1419c4e26e
Use common_timezone and fix idempotence
Thanks-to: 8e693b3db3
Conflicts:
roles/common/tasks/main.yml
9 anni fa
Piet Jaspers
cd61f5ad69
Add some info on DMARC
I ran a check on http://mail-tester.com and found out I was missing a header to be set for DMARC. SInce I missed it, maybe someone else missed it as well, so maybe it could go into the README.
9 anni fa
Sven Neuhaus
89c7a6038a
Merge pull request #427 from sread/z-push-apache
Z-push apache config: Jessie also uses conf-available/conf-enabled
9 anni fa
Stuart Read
e444efa2b4
Add jessie to special-casing for modern apache conf.d handling.
9 anni fa
Stuart Read
22ef6be96e
Revert "Z-push apache config: Jessie also uses conf-available/conf-enabled"
This reverts commit 6b53da4bdc .
Using a different approach to maintain wheezy compatibility
9 anni fa
Stuart Read
6b53da4bdc
Z-push apache config: Jessie also uses conf-available/conf-enabled
9 anni fa
Justin Plock
89d0c07659
Merge pull request #419 from rokaz/jessie
Jessie
9 anni fa
rokaz
e2cd77b7b1
Add missing variable
9 anni fa
rokaz
70a1081a84
Fix typo in package name
9 anni fa
rokaz
a8a0905738
Fix dependency for Solr
9 anni fa
Alex Payne
b3dc1b00e9
Correct Tomact config file name.
9 anni fa
Alex Payne
372f84473f
init.d -> systemctl
9 anni fa
Alex Payne
69abd70297
Remove references to Debian 7
9 anni fa
Alex Payne
2352d2d67e
OpenDMARC running under Postgres (?)
9 anni fa
Alex Payne
7275a52ba6
Update to Tomcat 8
9 anni fa
Alex Payne
34d537fcf2
Remove Dovecot installation for older distros
9 anni fa