index
:
fripost-ansible
master
Fripost ansible scripts
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
roles
/
common
/
files
Commit message (
Expand
)
Author
Age
Files
*
Upgrade baseline to Debian 10.
Guilhem Moulin
2020-05-16
11
*
Improve/harden fail2ban configuration.
Guilhem Moulin
2020-01-25
5
*
Convert firewall to nftables.
Guilhem Moulin
2020-01-23
4
*
MSA: Open 465/TCP for Email Submission over TLS.
Guilhem Moulin
2019-03-19
1
*
firewall: gracefully close invalid connections.
Guilhem Moulin
2018-12-22
1
*
Update 'IMAP', 'MSA' and 'LDAP-provider' roles to Debian Stretch.
Guilhem Moulin
2018-12-09
3
*
Disable resume device.
Guilhem Moulin
2018-12-09
1
*
systemd.service: Tighten hardening options.
Guilhem Moulin
2018-12-09
2
*
bacula-*.service: Don't fork in the background.
Guilhem Moulin
2018-12-09
1
*
Upgrade 'lists' role to Debian Stretch.
Guilhem Moulin
2018-12-09
1
*
systemd: Replace ‘ProtectSystem=full’ with ‘ProtectSystem=strict’.
Guilhem Moulin
2018-12-09
2
*
Firewall: REJECT outgoing connections instead of DROPing them.
Guilhem Moulin
2018-12-09
1
*
DKIM: also include the "d=" tag in key filenames, not only the "s=" tag.
Guilhem Moulin
2018-12-05
1
*
Postfix: replace cdb & btree tables with lmdb ones.
Guilhem Moulin
2018-12-03
1
*
IPsec: allow ISAKMP over IPv6.
Guilhem Moulin
2018-12-03
1
*
Upgrade baseline to Debian Stretch.
Guilhem Moulin
2018-12-03
9
*
Skip samhain installation.
Guilhem Moulin
2018-12-03
1
*
Harden anti spam on the MX:es.
Guilhem Moulin
2018-06-09
1
*
More logcheck-database tweaks.
Guilhem Moulin
2018-04-04
3
*
sympa: wibble
Guilhem Moulin
2018-04-04
1
*
Perform recipient address verification on the MSA itself.
Guilhem Moulin
2018-04-04
1
*
More logcheck-database tweaks.
Guilhem Moulin
2017-09-14
3
*
rkhunter: Disable remote updates to fix CVE-2017-7480.
Guilhem Moulin
2017-07-29
1
*
Use MariaDB as default MySQL flavor.
Guilhem Moulin
2017-07-29
1
*
More logcheck-database tweaks.
Guilhem Moulin
2017-06-07
1
*
postfix-sender-login: wibble
Guilhem Moulin
2017-06-05
1
*
dovecot: enable user iteration and add a cronjob for `doveadm purge -A`
Guilhem Moulin
2017-06-05
1
*
postfix: don't rate-limit our IPsec subnet.
Guilhem Moulin
2017-06-02
1
*
/lib/systemd/system → /etc/systemd/system
Guilhem Moulin
2017-05-31
3
*
MSA: reject null sender address.
Guilhem Moulin
2017-05-14
1
*
More logcheck-database tweaks.
Guilhem Moulin
2016-12-08
1
*
Firewall: allow duplicates rules.
Guilhem Moulin
2016-09-18
1
*
More logcheck-database tweaks.
Guilhem Moulin
2016-08-22
2
*
Postfix: don't share the master.cf between the instances.
Guilhem Moulin
2016-07-10
1
*
More logcheck-database tweaks.
Guilhem Moulin
2016-07-09
2
*
IPSec → IPsec
Guilhem Moulin
2016-06-29
1
*
More logcheck-database tweaks.
Guilhem Moulin
2016-06-29
3
*
update-firewall.sh: COMMIT empty iptables rule files.
Guilhem Moulin
2016-06-29
1
*
typo
Guilhem Moulin
2016-05-24
1
*
IPSec: replace (self-signed) X.509 certs by their raw pubkey for authentication.
Guilhem Moulin
2016-05-24
1
*
genkeypair, gendhparam: use -rand /dev/urandom when generating keys or DH par...
Guilhem Moulin
2016-05-22
2
*
Tunnel bacula (dir → {fd,sd} and fd → sd) traffic through IPSec.
Guilhem Moulin
2016-05-22
1
*
Set up IPSec tunnels between each pair of hosts.
Guilhem Moulin
2016-05-22
4
*
postfix: master.cf wibble
Guilhem Moulin
2016-05-18
1
*
postfix: Update to recommended TLS settings.
Guilhem Moulin
2016-05-18
1
*
Move /etc/ssl/private/dhparams.pem to /etc/ssl/dhparams.pem and make it public.
Guilhem Moulin
2016-05-18
1
*
Add hardening options to our systemd unit files.
Guilhem Moulin
2016-05-12
1
*
Use systemd unit files for stunnel4.
Guilhem Moulin
2016-05-12
3
*
More logcheck-database tweaks.
Guilhem Moulin
2016-03-13
1
*
More logcheck-database tweaks.
Guilhem Moulin
2016-02-17
1
[next]