index
:
fripost-ansible
master
Fripost ansible scripts
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
roles
/
common
/
files
/
usr
Commit message (
Expand
)
Author
Age
Files
*
LDAP: Rotate soon-to-be expired key material.
HEAD
master
Guilhem Moulin
2024-09-08
1
*
Port baseline to Debian 11 (codename Bullseye).
Guilhem Moulin
2022-10-13
1
*
Upgrade baseline to Debian 10.
Guilhem Moulin
2020-05-16
1
*
Convert firewall to nftables.
Guilhem Moulin
2020-01-23
2
*
firewall: gracefully close invalid connections.
Guilhem Moulin
2018-12-22
1
*
Firewall: REJECT outgoing connections instead of DROPing them.
Guilhem Moulin
2018-12-09
1
*
DKIM: also include the "d=" tag in key filenames, not only the "s=" tag.
Guilhem Moulin
2018-12-05
1
*
Upgrade baseline to Debian Stretch.
Guilhem Moulin
2018-12-03
1
*
Firewall: allow duplicates rules.
Guilhem Moulin
2016-09-18
1
*
IPSec → IPsec
Guilhem Moulin
2016-06-29
1
*
update-firewall.sh: COMMIT empty iptables rule files.
Guilhem Moulin
2016-06-29
1
*
typo
Guilhem Moulin
2016-05-24
1
*
IPSec: replace (self-signed) X.509 certs by their raw pubkey for authentication.
Guilhem Moulin
2016-05-24
1
*
genkeypair, gendhparam: use -rand /dev/urandom when generating keys or DH par...
Guilhem Moulin
2016-05-22
2
*
Set up IPSec tunnels between each pair of hosts.
Guilhem Moulin
2016-05-22
1
*
Move /etc/ssl/private/dhparams.pem to /etc/ssl/dhparams.pem and make it public.
Guilhem Moulin
2016-05-18
1
*
typo
Guilhem Moulin
2015-12-04
1
*
genkeypair: use install(1) for atomic file creation with permission mode.
Guilhem Moulin
2015-10-28
2
*
Use a single LDAP connection per Munin round to collect slapd statistics.
Guilhem Moulin
2015-06-11
2
*
slapd monitoring.
Guilhem Moulin
2015-06-10
1
*
Configure munin nodes & master.
Guilhem Moulin
2015-06-10
7
*
firewall: allow 127.0.0.1/8 on lo.
Guilhem Moulin
2015-06-07
1
*
genkeypair.sh: Merge privkey and pubkey for identical filekeys.
Guilhem Moulin
2015-06-07
1
*
logjam mitigation.
Guilhem Moulin
2015-06-07
2
*
Key usage 'keyCertSign' is required for self-signed certificates.
Guilhem Moulin
2015-06-07
1
*
'default_days' in openssl.cnf doesn't work, use -days instead.
Guilhem Moulin
2015-06-07
1
*
Add ability to add custom OrganizationalUnits in genkeypair.
Guilhem Moulin
2015-06-07
1
*
Add ability to chmod, chown and set the key usage in genkeypair.
Guilhem Moulin
2015-06-07
1
*
Install amavisd-new on the outgoing SMTP proxy.
Guilhem Moulin
2015-06-07
1
*
Make genkeypair.sh able to display TXT record for DKIM signatures.
Guilhem Moulin
2015-06-07
1
*
Add support for CSR and subjectAltName in genkeypair.sh.
Guilhem Moulin
2015-06-07
1
*
Don't require a PKI for IPSec.
Guilhem Moulin
2015-06-07
1
*
Replace mktemp's deprecated -t option by --tmpdir.
Guilhem Moulin
2015-06-07
1
*
wibble
Guilhem Moulin
2015-06-07
1
*
Reformulate the headers showing the license.
Guilhem Moulin
2015-06-07
1
*
wibble
Guilhem Moulin
2015-06-07
1
*
Replace the 'syslog' facility (5) by 'user' (1).
Guilhem Moulin
2015-06-07
1
*
wibble
Guilhem Moulin
2015-06-07
1
*
Be more specific regarding the protocol in use for IPSec policies.
Guilhem Moulin
2015-06-07
1
*
Prohibit binding against the IP reserved for IPSec.
Guilhem Moulin
2015-06-07
1
*
Prefer maching on policy rather than marks.
Guilhem Moulin
2015-06-07
1
*
Preserve canonical the order of IP tables.
Guilhem Moulin
2015-06-07
1
*
Documentation.
Guilhem Moulin
2015-06-07
1
*
Use a dedicated, non-routable, IPv4 for IPSec.
Guilhem Moulin
2015-06-07
1
*
Major refactoring of the firewall.
Guilhem Moulin
2015-06-07
1
*
Don't save dynamic rules.
Guilhem Moulin
2015-06-07
1
*
Use a dedicated 'fail2ban' chain for fail2ban.
Guilhem Moulin
2015-06-07
1
*
Add a 'check' switch to the firewall.
Guilhem Moulin
2015-06-07
1
*
Configure v4 and v6 iptable rulesets.
Guilhem Moulin
2015-06-07
1