index
:
fripost-ansible
master
Fripost ansible scripts
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
roles
/
MSA
Commit message (
Expand
)
Author
Age
Files
*
Prefix ‘ipaddr’ and ‘ipv4’ with ‘ansible.utils.’.
Guilhem Moulin
2022-10-11
1
*
Postfix: pin key material to our MX:es for fripost.org and its subdomains.
Guilhem Moulin
2021-01-26
2
*
Postfix: Install -lmdb in all roles using db=lmdb.
Guilhem Moulin
2020-05-21
1
*
postfix-sender-login: Better hardening.
Guilhem Moulin
2020-05-21
3
*
MSA: Update role to Debian Buster.
Guilhem Moulin
2020-05-19
2
*
submission: Prospective SPF checking.
Guilhem Moulin
2018-12-12
3
*
MSA verification probes: enable opportunistic encryption.
Guilhem Moulin
2018-12-09
1
*
Update 'IMAP', 'MSA' and 'LDAP-provider' roles to Debian Stretch.
Guilhem Moulin
2018-12-09
1
*
systemd.service: Tighten hardening options.
Guilhem Moulin
2018-12-09
1
*
systemd: Replace ‘ProtectSystem=full’ with ‘ProtectSystem=strict’.
Guilhem Moulin
2018-12-09
1
*
postfix: remove explicit default 'mail_owner = postfix'.
Guilhem Moulin
2018-12-06
1
*
Upgrade syntax to Ansible 2.7 (apt module).
Guilhem Moulin
2018-12-03
1
*
Postfix: replace cdb & btree tables with lmdb ones.
Guilhem Moulin
2018-12-03
2
*
Perform recipient address verification on the MSA itself.
Guilhem Moulin
2018-04-04
1
*
postfix-sender-login: strip extension before lookup.
Guilhem Moulin
2017-06-13
1
*
postfix-msa: anonymize SASL-authenticated senders using IPv6.
Guilhem Moulin
2017-06-06
1
*
postfix-sender-login: wibble
Guilhem Moulin
2017-06-05
1
*
move postfix-sender-login.{service,socket} to files/.
Guilhem Moulin
2017-06-02
2
*
postfix: don't rate-limit our IPsec subnet.
Guilhem Moulin
2017-06-02
1
*
postfix-sender-login: terminate the worker after 32*$nProc connections to rel...
Guilhem Moulin
2017-06-01
1
*
postfix-sender-login: handle EINTR in read(2) and write(2) calls.
Guilhem Moulin
2017-06-01
1
*
postfix-sender-login: pre-fork 2 servers.
Guilhem Moulin
2017-06-01
1
*
Don't let authenticated client use arbitrary sender addresses.
Guilhem Moulin
2017-06-01
6
*
Use blackhole subdomain for sender addresses of verify probes.
Guilhem Moulin
2017-05-16
1
*
MSA: reject null sender address.
Guilhem Moulin
2017-05-14
3
*
postfix: commit the master.cf symlinks.
Guilhem Moulin
2016-07-12
1
*
Route all internal SMTP traffic through IPsec.
Guilhem Moulin
2016-07-10
1
*
Postfix MX/MSA instances: put certs in the the instance's $config_directory.
Guilhem Moulin
2016-07-10
2
*
Postfix MX/MSA instances: don't ask the remote SMTP client for a client certi...
Guilhem Moulin
2016-07-10
1
*
Postfix: don't share the master.cf between the instances.
Guilhem Moulin
2016-07-10
2
*
postfix: Don't explicitly set inet_interfaces=all as it's the default.
Guilhem Moulin
2016-07-10
1
*
Change the pubkey extension from .pem to .pub.
Guilhem Moulin
2016-07-10
1
*
Postfix MSA: don't allow unauthenticated clients from $mynetworks.
Guilhem Moulin
2016-06-29
1
*
certs/public: fetch each cert's pubkey (SPKI), not the cert itself.
Guilhem Moulin
2016-06-15
1
*
postfix: rotate the sender address for verify probes.
Guilhem Moulin
2016-06-02
1
*
postfix: Update to recommended TLS settings.
Guilhem Moulin
2016-05-18
1
*
postfix: unset 'smtpd_tls_session_cache_database'.
Guilhem Moulin
2016-05-18
1
*
Move /etc/ssl/private/dhparams.pem to /etc/ssl/dhparams.pem and make it public.
Guilhem Moulin
2016-05-18
1
*
postfix: disable weak ciphers for the 'encrypt' TLS security level.
Guilhem Moulin
2016-05-18
1
*
Add an ansible module 'fetch_cmd' to fetch the output of a remote command loc...
Guilhem Moulin
2016-05-18
1
*
Let's Encrypt
Guilhem Moulin
2016-03-02
1
*
Upgrade playbooks to Ansible 2.0.
Guilhem Moulin
2016-02-12
1
*
Use the Let's Encrypt CA for our public certs.
Guilhem Moulin
2015-12-20
1
*
Automatically fetch X.509 certificates, and add them to git.
Guilhem Moulin
2015-12-03
1
*
Fix address verification probes on the MSA.
Guilhem Moulin
2015-09-16
1
*
Use 'double-bounce@fripost.org' as envelope sender for verification probes.
Guilhem Moulin
2015-06-11
1
*
Don't bounce unverified recipients upon 4xx errors.
Guilhem Moulin
2015-06-11
1
*
Configure munin nodes & master.
Guilhem Moulin
2015-06-10
2
*
Use recipient address verification probes.
Guilhem Moulin
2015-06-07
1
*
logjam mitigation.
Guilhem Moulin
2015-06-07
1
[next]