| Commit message (Collapse) | Author | Age | Files | |
|---|---|---|---|---|
| * | Send internal system mails to root@f.o. | Guilhem Moulin | 39 hours | 1 |
| | | | | | Instead of admin@f.o. Per msgid=<ad724342-b3bb-48d9-9984-6d277714910d@fripost.org>. | |||
| * | Update logcheck database. | Guilhem Moulin | 2025-04-04 | 2 |
| | | ||||
| * | Update logcheck database. | Guilhem Moulin | 2025-01-28 | 3 |
| | | ||||
| * | Update logcheck database. | Guilhem Moulin | 2025-01-28 | 3 |
| | | ||||
| * | logcheck-database update. | Guilhem Moulin | 2024-09-08 | 2 |
| | | ||||
| * | Improve Debian 11's fail2ban rules. | Guilhem Moulin | 2022-12-18 | 1 |
| | | ||||
| * | Port baseline to Debian 11 (codename Bullseye). | Guilhem Moulin | 2022-10-13 | 4 |
| | | ||||
| * | logcheck-database update. | Guilhem Moulin | 2022-10-11 | 3 |
| | | ||||
| * | logcheck-database update. | Guilhem Moulin | 2021-02-13 | 1 |
| | | | | | ansible 2.10.7 uses "ansible-ansible.legacy.stat: Invoked with […]". | |||
| * | logcheck-database update. | Guilhem Moulin | 2020-11-15 | 4 |
| | | ||||
| * | Upgrade baseline to Debian 10. | Guilhem Moulin | 2020-05-16 | 1 |
| | | ||||
| * | MSA: Open 465/TCP for Email Submission over TLS. | Guilhem Moulin | 2019-03-19 | 1 |
| | | | | | See RFC 8314 sec. 3.3 "Cleartext Considered Obsolete". | |||
| * | Update 'IMAP', 'MSA' and 'LDAP-provider' roles to Debian Stretch. | Guilhem Moulin | 2018-12-09 | 2 |
| | | ||||
| * | Upgrade 'lists' role to Debian Stretch. | Guilhem Moulin | 2018-12-09 | 1 |
| | | ||||
| * | Postfix: replace cdb & btree tables with lmdb ones. | Guilhem Moulin | 2018-12-03 | 1 |
| | | | | | Cf. lmdb_table(5). | |||
| * | Upgrade baseline to Debian Stretch. | Guilhem Moulin | 2018-12-03 | 3 |
| | | ||||
| * | Harden anti spam on the MX:es. | Guilhem Moulin | 2018-06-09 | 1 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2018-04-04 | 3 |
| | | ||||
| * | sympa: wibble | Guilhem Moulin | 2018-04-04 | 1 |
| | | ||||
| * | Perform recipient address verification on the MSA itself. | Guilhem Moulin | 2018-04-04 | 1 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2017-09-14 | 3 |
| | | ||||
| * | Use MariaDB as default MySQL flavor. | Guilhem Moulin | 2017-07-29 | 1 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2017-06-07 | 1 |
| | | ||||
| * | postfix-sender-login: wibble | Guilhem Moulin | 2017-06-05 | 1 |
| | | ||||
| * | dovecot: enable user iteration and add a cronjob for `doveadm purge -A` | Guilhem Moulin | 2017-06-05 | 1 |
| | | ||||
| * | postfix: don't rate-limit our IPsec subnet. | Guilhem Moulin | 2017-06-02 | 1 |
| | | ||||
| * | MSA: reject null sender address. | Guilhem Moulin | 2017-05-14 | 1 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2016-12-08 | 1 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2016-08-22 | 2 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2016-07-09 | 2 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2016-06-29 | 3 |
| | | ||||
| * | Set up IPSec tunnels between each pair of hosts. | Guilhem Moulin | 2016-05-22 | 1 |
| | | | | | | | | | | | | | | | | We use a dedicated, non-routable, IPv4 subnet for IPSec. Furthermore the subnet is nullrouted in the absence of xfrm lookup (i.e., when there is no matching IPSec Security Association) to avoid data leaks. Each host is associated with an IP in that subnet (thus only reachble within that subnet, either by the host itself or by its IPSec peers). The peers authenticate each other using RSA public key authentication. Kernel traps are used to ensure that connections are only established when traffic is detected between the peers; after 30m of inactivity (this value needs to be less than the rekeying period) the connection is brought down and a kernel trap is installed. | |||
| * | Use systemd unit files for stunnel4. | Guilhem Moulin | 2016-05-12 | 1 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2016-03-13 | 1 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2016-02-17 | 1 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2015-12-15 | 2 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2015-12-01 | 1 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2015-11-12 | 1 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2015-10-14 | 2 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2015-09-24 | 1 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2015-09-21 | 2 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2015-09-15 | 1 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2015-08-21 | 3 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2015-06-22 | 1 |
| | | ||||
| * | logcheck: Match only hexdigits in postfix queue ID. | Guilhem Moulin | 2015-06-19 | 1 |
| | | ||||
| * | Match IPv6 addresses in logcheck rules. | Guilhem Moulin | 2015-06-19 | 1 |
| | | ||||
| * | More logcheck-database tweaks. | Guilhem Moulin | 2015-06-10 | 3 |
| | | ||||
| * | Configure munin nodes & master. | Guilhem Moulin | 2015-06-10 | 1 |
| | | | | | | Interhost communications are protected by stunnel4. The graphs are only visible on the master itself, and content is generated by Fast CGI. | |||
| * | Don't assume that Postfix queue ID are always 10-digits long. | Guilhem Moulin | 2015-06-10 | 1 |
| | | ||||
| * | Add a reserved domain 'discard.fripost.org' to discard messages. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | | ‘noreply@’ aliases can be added by routing them to ‘@discard.fripost.org’. | |||
 |
index : fripost-ansible | |
| Fripost ansible scripts |
| summaryrefslogtreecommitdiffstats |