summaryrefslogtreecommitdiffstats
path: root/roles/common/files/etc/fail2ban
Commit message (Collapse)AuthorAgeFiles
* IMAP: Update role to Debian Buster.Guilhem Moulin2020-05-191
| | | | | | | | For `ssl_cipher_list` we pick the suggested value from https://ssl-config.mozilla.org/#server=dovecot&version=2.3.9&config=intermediate&openssl=1.1.1d At the moment it's equivalent (modulo order) to adding ‘EDH+AESGCM+aRSA’ to ‘EECDH+AESGCM:EECDH+CHACHA20!MEDIUM!LOW!EXP!aNULL!eNULL’.
* Improve/harden fail2ban configuration.Guilhem Moulin2020-01-254
| | | | | | | | | * Use nftables sets with a timeout * Start daemon with a hardened unit file and restricted Capability Bounding Set. (This requires to change the log path to /var/log/fail2ban/*.) * Skip database as we don't care about persistence. * Refactor jail.local
* Update 'IMAP', 'MSA' and 'LDAP-provider' roles to Debian Stretch.Guilhem Moulin2018-12-091
|
* Configure the webmail.Guilhem Moulin2015-06-071