index
:
fripost-ansible
master
Fripost ansible scripts
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
Commit message (
Collapse
)
Author
Age
Files
...
*
wibble
Guilhem Moulin
2016-04-02
3
|
*
Set a HPKP on the webmail, website/wiki/git and list manager.
Guilhem Moulin
2016-04-01
9
|
*
Set a CSP on the webmail, website/wiki and list manager.
Guilhem Moulin
2016-04-01
5
|
*
sysctl: don't set IPv6 privacy extensions globaly.
Guilhem Moulin
2016-04-01
1
|
*
sysctl: set net.ipv6.conf.all.accept_ra = 0.
Guilhem Moulin
2016-03-30
1
|
*
Set HTTP security headers.
Guilhem Moulin
2016-03-30
9
|
|
|
|
See https://securityheaders.io .
*
gencerts.sh: typo
Guilhem Moulin
2016-03-28
1
|
*
gencerts.sh: improve formatting.
Guilhem Moulin
2016-03-28
1
|
*
Replace LE's X1 intermediate CA with X3 since the latter has better support ↵
Guilhem Moulin
2016-03-28
2
|
|
|
|
for XP.
*
Reissue certs on civett and elefant since LE's X3 intermediate CA has better ↵
Guilhem Moulin
2016-03-27
5
|
|
|
|
support for XP.
*
munin-master CGI: add application-level ACLs to keep non-local users at bay.
Guilhem Moulin
2016-03-21
1
|
*
Remove SMTP message size limit on non public MTAs.
Guilhem Moulin
2016-03-21
3
|
*
More logcheck-database tweaks.
Guilhem Moulin
2016-03-13
1
|
*
Let's Encrypt: Only reload (as opposed to restart) postfix/nginx after ↵
Guilhem Moulin
2016-03-05
4
|
|
|
|
renewing the cert
*
Amavis: use the LMTP protocol in the policy banks.
Guilhem Moulin
2016-03-03
1
|
*
Let's Encrypt
Guilhem Moulin
2016-03-02
21
|
*
cgit: Create cache directory /var/cache/cgit
Guilhem Moulin
2016-03-02
1
|
*
Ansible: Using bare variables is deprecated, and will be removed in a future ↵
Guilhem Moulin
2016-03-02
4
|
|
|
|
release.
*
More logcheck-database tweaks.
Guilhem Moulin
2016-02-17
1
|
*
s/ansible_ssh_/ansible_/
Guilhem Moulin
2016-02-12
2
|
*
Upgrade playbooks to Ansible 2.0.
Guilhem Moulin
2016-02-12
25
|
*
Update all Fripost links from http:// to https://.
Guilhem Moulin
2015-12-28
3
|
*
Only install letsencrypt-tiny to the relevant hosts.
Guilhem Moulin
2015-12-28
3
|
*
Fix Let's Encrypt CAfile.
Guilhem Moulin
2015-12-28
1
|
*
Copy and install Let's Encrypt ACME client.
Guilhem Moulin
2015-12-20
2
|
*
Improve gencert.sh
Guilhem Moulin
2015-12-20
1
|
*
Use the Let's Encrypt CA for our public certs.
Guilhem Moulin
2015-12-20
30
|
*
nginx: Move include.d/* to snippets/.
Guilhem Moulin
2015-12-20
12
|
*
More logcheck-database tweaks.
Guilhem Moulin
2015-12-15
2
|
*
dovecot: remove !SSLv2 from ssl_cipher_list.
Guilhem Moulin
2015-12-15
1
|
*
nginx: s/conf.d/include.d/
Guilhem Moulin
2015-12-15
7
|
*
wibble
Guilhem Moulin
2015-12-09
2
|
*
ngnix: mv ssl/config conf.d/ssl
Guilhem Moulin
2015-12-09
7
|
*
typo
Guilhem Moulin
2015-12-04
1
|
*
Change Postfix certs from ECDSA to RSA 4096.
Guilhem Moulin
2015-12-03
4
|
*
Postfix TLS policy: Store the fingerprint of the cert's pubkey, not of the ↵
Guilhem Moulin
2015-12-03
4
|
|
|
|
cert itself.
*
wibble
Guilhem Moulin
2015-12-03
1
|
*
Add script to automatically generate the fingerprint list.
Guilhem Moulin
2015-12-03
1
|
*
Add 'git.fripost.org' to the SSH known_hosts file.
Guilhem Moulin
2015-12-03
1
|
*
Use a dedicated subdomain for ManageSieve.
Guilhem Moulin
2015-12-03
1
|
*
Automatically fetch X.509 certificates, and add them to git.
Guilhem Moulin
2015-12-03
16
|
*
Add SSH host keys to git.
Guilhem Moulin
2015-12-02
2
|
*
More logcheck-database tweaks.
Guilhem Moulin
2015-12-01
1
|
*
dovecot-sieve: Enable the 'editheader' extension (5293).
Guilhem Moulin
2015-11-26
1
|
|
|
|
|
Which is disabled by default, as per http://wiki.dovecot.org/Pigeonhole/Sieve
*
More logcheck-database tweaks.
Guilhem Moulin
2015-11-12
1
|
*
‘benjamin.marxist.se’ → ‘benjamin.skangas.se’
Guilhem Moulin
2015-11-09
3
|
*
nginx: adjust expiration date for static content.
Guilhem Moulin
2015-10-30
3
|
*
ikiwiki: Also install Authen::Passphrase.
Guilhem Moulin
2015-10-28
1
|
*
Internal Postfix config: Generate RSA 4096 keys by default.
Guilhem Moulin
2015-10-28
1
|
*
genkeypair: use install(1) for atomic file creation with permission mode.
Guilhem Moulin
2015-10-28
3
|
[prev]
[next]