This merge switches Sovereign from systems based on Debian 7 to Debian
8. It's a recursive merge of the jessie branch with direction to take
conflicting hunks from jessie (-Xours). The merge was subsequently
cleaned up to match the jessie branch with a couple of exceptions noted
in the cleanup commit.
This merge reinstates the webmail role lost when we moved to Jessie. The carddav, managesieve, and twofactor_gauthentication plugins are carried forward.
- managesieve :: this allows sieve filters to be edited through a
brower
- twofactor_gauthenticator :: allow optional two-factor authentication
when logging into webmail
- carddav :: sync ownCloud contacts with roundcube
Merge pull request #588 from tomasbedrich/sudo-ssh-agent-forwarding
Allow SSH agent forwarding when using sudo. This allows one to use SSH agent forwarding from a local machine when logged in as a root on the Sovereign server. This is useful, for example, for cloning a Github repository to /var/www (owned by root) without the need to store private SSH keys on the Sovereign server.
Remove duplicate when statement in Let's Encrypt task
While adding the Let's Encrypt offline testing block in 1746afcc we
accidentially duplicated a the 'when' statement. Ansible only looks at
the last when statement for a given block meaning the earlier one has no
use. This commit merges both lines in one.
* Harvest testing configuration into group variables
* Define testing group for Vagrant to use
* Move testing passwords to secrets directory that Vagrant uses
* Update .gitignore to keep the testing secrets
Currently client email is submitted via ssmtp (port 465). This has been
deprecated for years. The correct way to submit email is via
submission (port 587).
This patch adds port 587 as a second and the default way of submitting
email for delivery. Port 465 remains open for backwards compatibility
with existing clients.