summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFiles
* Install CAcert.org root certificates.Guilhem Moulin2015-06-071
| | | | | XXX: this is a workaround the CAcert root CAs not being present in Jessie. In stretch, we would merely install the 'ca-cacert' package.
* typoGuilhem Moulin2015-06-072
|
* Enforce "strong" authentication and FPS in LDAP.Guilhem Moulin2015-06-071
| | | | | Which is now possible since all LDAP clients and servers have been upgraded to Jessie, and Postfix is now able to perform SASL binds.
* Upgrade the webmail configuration from Wheezy to Jessie.Guilhem Moulin2015-06-076
|
* Upgrade the MX configuration from Wheezy to Jessie.Guilhem Moulin2015-06-0711
| | | | | | In particular, since Postfix is now able to perform LDAP lookups using SASL, previous hacks with simble binds on cn=postfix,ou=services,… can now be removed.
* logjam mitigation.Guilhem Moulin2015-06-0710
|
* More logcheck-database tweaks.Guilhem Moulin2015-06-073
|
* Don't restart sympa on logrotate.Guilhem Moulin2015-06-071
| | | | This is unnecessary since it uses syslog.
* typoGuilhem Moulin2015-06-071
|
* wibbleGuilhem Moulin2015-06-071
|
* typoGuilhem Moulin2015-06-071
|
* Allow outgoing HKP and WHOIS traffic on the LDAP provider.Guilhem Moulin2015-06-071
|
* Allow outgoing SSH traffic.Guilhem Moulin2015-06-071
|
* Add wildcard Pin version in apt preferences.Guilhem Moulin2015-06-071
|
* Don't instal smartd on KVM guests.Guilhem Moulin2015-06-071
|
* Upgrade the common package list.Guilhem Moulin2015-06-072
|
* Add a 'root' alias to root@fripost.org.Guilhem Moulin2015-06-071
|
* Upgrade samhain config to Jessie.Guilhem Moulin2015-06-071
|
* Upgrade custom logcheck-database to Jessie.Guilhem Moulin2015-06-071
|
* Fix tab damage.Guilhem Moulin2015-06-071
|
* Upgrade rkhunter config to Jessie.Guilhem Moulin2015-06-072
|
* Upgrade amavis config to Jessie.Guilhem Moulin2015-06-074
|
* Upgrade Postfix config to Jessie (MSA & outgoing proxy).Guilhem Moulin2015-06-073
|
* typoGuilhem Moulin2015-06-071
|
* ansible ssh transport wibbleGuilhem Moulin2015-06-071
|
* Upgrade Dovecot config to Jessie.Guilhem Moulin2015-06-0714
|
* Configure the list manager (Sympa).Guilhem Moulin2015-06-0726
|
* Upgrade the LDAP config to Jessie.Guilhem Moulin2015-06-076
|
* More logcheck-database tweaks.Guilhem Moulin2015-06-071
|
* Enable the use of git:// clients.Guilhem Moulin2015-06-071
|
* Disable rsyslog's rate-limiting.Guilhem Moulin2015-06-071
| | | | The default for rsyslog v7, but not for rsyslog v5.
* More logcheck-database tweaks.Guilhem Moulin2015-06-073
|
* Don't make Roundcube add a 'X-Sender' header with the sender's identity.Guilhem Moulin2015-06-071
|
* typoGuilhem Moulin2015-06-073
|
* Roundcube's 'password' plugin.Guilhem Moulin2015-06-071
|
* More logcheck-database tweaks.Guilhem Moulin2015-06-071
|
* Key usage 'keyCertSign' is required for self-signed certificates.Guilhem Moulin2015-06-072
|
* Add a keyring and alternative contact to the LDAP DIT.Guilhem Moulin2015-06-071
|
* More logcheck-database tweaks.Guilhem Moulin2015-06-073
|
* wibbleGuilhem Moulin2015-06-071
|
* More logcheck-database tweaks.Guilhem Moulin2015-06-073
|
* Remove reject_unknown_sender_domain from the MDA and outgoing SMTP.Guilhem Moulin2015-06-072
| | | | | | | | | | We already removed it from the MX:es (see 32e605d4); we need to remove it from the MDA and outgoing SMTP as well, otherwise mails could bounce or get stuck in the middle (the're rejected with 450: deferred by default). However we can keep the restriction on the entry points (MSA and webmail).
* More logcheck-database tweaks.Guilhem Moulin2015-06-072
|
* Amavis is logging to syslog with severity 'notice'.Guilhem Moulin2015-06-071
|
* typoGuilhem Moulin2015-06-071
|
* Don't install intel-microcode on Xen guests.Guilhem Moulin2015-06-073
| | | | It should be installed on the dom0 instead.
* Don't install smartd on Xen guests.Guilhem Moulin2015-06-072
| | | | S.M.A.R.T makes little sense for virtual HDDs.
* Don't merge amavis' logs into /var/log/syslog.Guilhem Moulin2015-06-071
| | | | | As they contain user information, we keep it in /var/log/mail.log only. These logs are kept for 3 days "only", as per our policy.
* Install auditd.Guilhem Moulin2015-06-073
|
* Split templates / files in lookup tables.Guilhem Moulin2015-06-078
|