sovereign

Автор	SHA1	Сообщение	Дата
Dosenpfand	f2c14dd911	Remove unneeded/deprecated apache configuration	8 лет назад
Tomas Bedrich	899f527ca3	Updated LE renewal hook system	8 лет назад
Tomas Bedrich	9786230808	Changed LE-renew cron frequency	8 лет назад
Tomas Bedrich	e08acd2deb	Simplified LE renew script	8 лет назад
Carl Meyer	60855eda70	Fix typo in fail2ban config for dovecot.	8 лет назад
Mike Ashley	3d68705341	Add leading 0 to octal file permissions This is done to suppress warnings from ansible-lint.	8 лет назад
Mike Ashley	4a33ebecdc	Add non-interactive to LE client options Depending on when the client is run, there are no certificates to update. By default, the client runs in interactive mode and wants to notify the user of this. This causes Ansible to hang waiting for an acknowledgement that will never come. Adding the non-interactive flag fixes this.	8 лет назад
Carl Meyer	a343509129	No need for letsencrypt.yml to ensure Apache is running.	8 лет назад
Carl Meyer	579afa68d3	Add comment into letsencrypt-gencert script clarifying why we stop Apache.	8 лет назад
Carl Meyer	0abf92734e	Don't stop Apache until we have to; start it again right after.	8 лет назад
Carl Meyer	a636a43948	Don't try to execute any non-executable file in LE postrenew dir.	8 лет назад
Carl Meyer	a5f3ec17c1	Workaround bug with enabling SysV scripts on Jessie.	8 лет назад
Carl Meyer	c3c2cbf096	Don't bounce Apache unless we actually need to.	8 лет назад
Carl Meyer	cc4b3d6fef	Don't request a new LE cert if we have one already.	8 лет назад
Carl Meyer	3009c9d2d3	Fix changed-reporting for LE deps installation.	8 лет назад
Carl Meyer	e8796ecd28	Idempotent and independent post-certificate-renewal tasks.	8 лет назад
nodiscc	d876c87e21	bash syntax cleanup as per discussion in https://github.com/sovereign/sovereign/pull/504	8 лет назад
Carl Meyer	b93deb9411	Remove stray + prefix in sudoers file.	8 лет назад
Allen Riddell	a77f9b95ad	Replace deprecated sudo_user with become_user The ``sudo`` and ``sudo_user`` directives are replaced with ``become`` and ``become_user`` in Ansible 1.9.	8 лет назад
Mike Ashley	3d4987c4e2	Use a more descriptive name for cert generation script	8 лет назад
Mike Ashley	a38f4e08d3	Force download of letsencrypt release The installer automatically updates itself, which registers as a change in the git repo. To maintain idempotency of the task list, the repo download must be forced.	8 лет назад
Mike Ashley	5385badd49	Correct bug in SSL cert setup for test environment	8 лет назад
Mike Ashley	bc5bfa4b21	Determine registered subdomains at deploy-time for LE	8 лет назад
Mike Ashley	2ad6f78e45	Address incomplete chain error Fix Apache's configuration for version 2.4.8 and above. See https://community.letsencrypt.org/t/untrusted-on-mobile-newbe/7903	8 лет назад
Mike Ashley	58e9e7a445	Add a short introduction to Let's Encrypt	8 лет назад
Mike Ashley	86048ee397	Update prosody to use LE certs directly Don't copy the LE certificates. Instead use the ssl-cert group to manage access to the LE certificates directly. See https://github.com/letsencrypt/letsencrypt/issues/1425 for a request to have the LE client do this itself.	8 лет назад
Mike Ashley	1746afcc3a	Arrange automated tests to not use Let's Encrypt	9 лет назад
Mike Ashley	8f1b6a9ed8	Arrange for services to restart on cert renewal	8 лет назад
Mike Ashley	65729d12f8	Update xmpp role for LE certificate	9 лет назад
Mike Ashley	7bb523950e	Draft design description for Let's Encrypt support	9 лет назад
Mike Ashley	8e1d473027	Use Let's Encrypt for generating site certificates This method uses Subjective Alternative Names (SANs) to get one certificate for all the subdomains that Sovereign employs, whether or not the user configured their site with the roles.	9 лет назад
Mike Ashley	7f46129a4c	Remove use of wildcard certificate	9 лет назад
Mike Ashley	195d8811fc	Remove references to Trusty and Wheezy Make a clean distinction between Debian 7 and Debian 8. Anticipate the next Ubuntu LTS release (Xenial) that is planned for support.	8 лет назад
Mike Ashley	d3abc02f84	Clean up Apache SSL configuration Avoid using the Include directive. Move most of the SSL configuration to the global configuration and leave enabling the SSL engine to each virtual host that wants to use it.	8 лет назад
fengor	e63661f982	Added "UseRoaming no" to ssh.config to fix OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778 see: http://undeadly.org/cgi?action=article&sid=2016011414	8 лет назад
Sebastian Kriems	fe536873b7	ufw tasks shall have the ufw tag resolves #453 Conflicts: roles/common/tasks/ufw.yml	9 лет назад
Dan Milon	829c8491c7	restart apache on SSL changes	9 лет назад
Dan Milon	a5c6f663ce	properly install changed SSL certificate	9 лет назад
Sven Neuhaus	d59c5eff05	Generate 2048 DH group and add it to Postfix	9 лет назад
Dan Milon	2fb7cfa7c9	Add SSL stapling cache for apache Fixes #406	9 лет назад
Laurent Arnoud	1419c4e26e	Use common_timezone and fix idempotence Thanks-to: 8e693b3db3 Conflicts: roles/common/tasks/main.yml	9 лет назад
Alex Payne	0579cf1ba9	Use same Apache server name configuration across distros	9 лет назад
Alex Payne	290a3b4312	Remove wheezy-specific Apache SSL config omission	9 лет назад
Alex Payne	474c1d5f92	No longer need `fuse` group in Jessie.	9 лет назад
Alex Payne	6906412f63	Remove wheezy-specific ufw task.	9 лет назад
Alex Payne	6d1eebb9d2	Use Ansible task names, not comments.	9 лет назад
Alex Payne	c9b32cd2e2	Same Google auth install should work for both Jessie and Trusty. Move Apache task to their own file.	9 лет назад
Alex Payne	006f8e9b82	Just plain Ruby	9 лет назад
Laurent Arnoud	a09e2e71c1	tar used in place of unarchive module	9 лет назад
Laurent Arnoud	311fae7e11	Trailing whitespace	9 лет назад

Первая Предыдущая страница 1 2 3 Следующая страница Последняя

146 Коммиты (f7784c3b5588f4babf95b9cc4c3ca725a4224185)