index
:
fripost-ansible
master
Fripost ansible scripts
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
certs
Commit message (
Expand
)
Author
Age
Files
*
Remove trailing spaces.
Guilhem Moulin
2018-12-05
1
*
DKIM: also include the "d=" tag in key filenames, not only the "s=" tag.
Guilhem Moulin
2018-12-05
3
*
Upgrade DKIM keys to rsa2048, and allow for multiple keys.
Guilhem Moulin
2018-12-04
3
*
gencerts: Also show the algorithm for SSH host keys.
Guilhem Moulin
2018-12-03
1
*
Define new host "calima" serving Nextcloud.
Guilhem Moulin
2018-12-03
5
*
ssh_known_hosts: also list ed25519 host (pub)keys.
Guilhem Moulin
2018-12-03
1
*
certs/gencerts.sh: wibble
Guilhem Moulin
2018-12-03
1
*
Rotate civett's IPsec's key.
Guilhem Moulin
2017-05-29
2
*
Change civett's CNAME from civett.friprogramvarusyndikatet.se to civett.fripo...
Guilhem Moulin
2017-05-14
1
*
HPKP: increase max-mage directive to 6 months from 1 hour.
Guilhem Moulin
2016-09-18
1
*
gencerts: improve workning: s/pubkey/SPKI/
Guilhem Moulin
2016-09-18
1
*
Improve certs formatting.
Guilhem Moulin
2016-07-12
1
*
gencerts: Print the SHA1 digests in hex not base64 format.
Guilhem Moulin
2016-07-12
1
*
typo
Guilhem Moulin
2016-07-12
1
*
typo
Guilhem Moulin
2016-07-12
1
*
gencerts: make the SSHFPR output match the X509 ones.
Guilhem Moulin
2016-07-12
1
*
gencerts: Include SAN for the website and webmail.
Guilhem Moulin
2016-07-12
1
*
gencerts: base64-encode the SHA256 digests.
Guilhem Moulin
2016-07-12
1
*
nginx: Don't hard-code the HPKP headers.
Guilhem Moulin
2016-07-12
5
*
gencerts: exclude expired certs in the CRT queries.
Guilhem Moulin
2016-07-10
1
*
Route all internal SMTP traffic through IPsec.
Guilhem Moulin
2016-07-10
7
*
Change the pubkey extension from .pem to .pub.
Guilhem Moulin
2016-07-10
9
*
typo
Guilhem Moulin
2016-06-15
1
*
crt.sh: Replace SHA1 by SHA256 as SPKI digest to list certificates.
Guilhem Moulin
2016-06-15
1
*
certs/public: fetch each cert's pubkey (SPKI), not the cert itself.
Guilhem Moulin
2016-06-15
9
*
Renew cert for https://lists.fripost.org.
Guilhem Moulin
2016-05-28
1
*
IPSec: replace (self-signed) X.509 certs by their raw pubkey for authentication.
Guilhem Moulin
2016-05-24
6
*
Restore the public part of Bacula's data encryption master key.
Guilhem Moulin
2016-05-23
1
*
Remove CAcert certificates.
Guilhem Moulin
2016-05-22
2
*
gencerts: improve formatting.
Guilhem Moulin
2016-05-22
1
*
Tunnel bacula (dir → {fd,sd} and fd → sd) traffic through IPSec.
Guilhem Moulin
2016-05-22
9
*
Tunnel munin-update traffic through IPSec.
Guilhem Moulin
2016-05-22
6
*
Set up IPSec tunnels between each pair of hosts.
Guilhem Moulin
2016-05-22
6
*
Add an ansible module 'fetch_cmd' to fetch the output of a remote command loc...
Guilhem Moulin
2016-05-18
8
*
Renew imap.fripost.org:993 and smtp.fripost.org:587 X.509 certificates.
Guilhem Moulin
2016-05-18
4
*
Set a HPKP on the webmail, website/wiki/git and list manager.
Guilhem Moulin
2016-04-01
4
*
gencerts.sh: typo
Guilhem Moulin
2016-03-28
1
*
gencerts.sh: improve formatting.
Guilhem Moulin
2016-03-28
1
*
Replace LE's X1 intermediate CA with X3 since the latter has better support f...
Guilhem Moulin
2016-03-28
1
*
Reissue certs on civett and elefant since LE's X3 intermediate CA has better ...
Guilhem Moulin
2016-03-27
5
*
Let's Encrypt: Only reload (as opposed to restart) postfix/nginx after renewi...
Guilhem Moulin
2016-03-05
3
*
Let's Encrypt
Guilhem Moulin
2016-03-02
8
*
Improve gencert.sh
Guilhem Moulin
2015-12-20
1
*
Use the Let's Encrypt CA for our public certs.
Guilhem Moulin
2015-12-20
11
*
Change Postfix certs from ECDSA to RSA 4096.
Guilhem Moulin
2015-12-03
4
*
wibble
Guilhem Moulin
2015-12-03
1
*
Add script to automatically generate the fingerprint list.
Guilhem Moulin
2015-12-03
1
*
Add 'git.fripost.org' to the SSH known_hosts file.
Guilhem Moulin
2015-12-03
1
*
Automatically fetch X.509 certificates, and add them to git.
Guilhem Moulin
2015-12-03
9
*
Add SSH host keys to git.
Guilhem Moulin
2015-12-02
1
[next]