| Commit message (Collapse) | Author | Age | Files | |
|---|---|---|---|---|
| * | Upgrade syntax to Ansible 2.7 (apt module). | Guilhem Moulin | 2018-12-03 | 1 |
| | | ||||
| * | Postfix: replace cdb & btree tables with lmdb ones. | Guilhem Moulin | 2018-12-03 | 1 |
| | | | | | Cf. lmdb_table(5). | |||
| * | Upgrade baseline to Debian Stretch. | Guilhem Moulin | 2018-12-03 | 1 |
| | | ||||
| * | Postfix: ensure common aliases are present. | Guilhem Moulin | 2016-09-18 | 1 |
| | | ||||
| * | Route all internal SMTP traffic through IPsec. | Guilhem Moulin | 2016-07-10 | 1 |
| | | ||||
| * | Postfix: don't share the master.cf between the instances. | Guilhem Moulin | 2016-07-10 | 1 |
| | | ||||
| * | Add an ansible module 'fetch_cmd' to fetch the output of a remote command ↵ | Guilhem Moulin | 2016-05-18 | 1 |
| | | | | | | | locally. And use this to fetch all X.509 leaf certificates. | |||
| * | Ansible: Using bare variables is deprecated, and will be removed in a future ↵ | Guilhem Moulin | 2016-03-02 | 1 |
| | | | | | release. | |||
| * | Upgrade playbooks to Ansible 2.0. | Guilhem Moulin | 2016-02-12 | 1 |
| | | ||||
| * | Internal Postfix config: Generate RSA 4096 keys by default. | Guilhem Moulin | 2015-10-28 | 1 |
| | | ||||
| * | Add a 'root' alias to root@fripost.org. | Guilhem Moulin | 2015-06-07 | 1 |
| | | ||||
| * | Ensure have a TLS policy for each of our host we want to relay to. | Guilhem Moulin | 2015-06-07 | 1 |
| | | ||||
| * | Postfix needs to be restarted after rekeying. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | (It opens the key as root, but then drops the permissions.) | |||
| * | Add a tag 'tls_policy' to facilitate rekeying. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | | First generate all certs (-t genkey), then build the TLS policy maps ( -t tls_policy). | |||
| * | Add ability to add custom OrganizationalUnits in genkeypair. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | Also, it's now possible to reuse an existing private key (with -f). | |||
| * | Reload Postfix upon configuration change, but don't restart it. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | | | (Unless a new instance is created, or the master.cf change is modified.) Changing some variables, such as inet_protocols, require a full restart, but most of the time it's overkill. | |||
| * | Don't restart/reload Postifx upon change of a file based database. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | | | And don't restart or reload either upon change of pcre: files that are used by smtpd(8), cleanup(8) or local(8), following the suggestion from http://www.postfix.org/DATABASE_README.html#detect . | |||
| * | Replace IPSec tunnels by app-level ephemeral TLS sessions. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | | For some reason giraff doesn't like IPSec. App-level TLS sessions are less efficient, but thanks to ansible it still scales well. | |||
| * | Don't use generic maps. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | | | | | | | | | | | | | | In fact we want to only rewrite the envelope sender: :/etc/postfix/main.cf # Overwrite local FQDN envelope sender addresses sender_canonical_classes = envelope_sender propagate_unmatched_extensions = sender_canonical_maps = cdb:$config_directory/sender_canonical :/etc/postfix/sender_canonical @elefant.fripost.org admin@fripost.org However, when canonical(5) processes a mail sent vias sendmail(1), it rewrites the envelope sender which seems to *later* be use as From: header. | |||
| * | wibble | Guilhem Moulin | 2015-06-07 | 1 |
| | | ||||
| * | Share master.cf accross all Postfix instances. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | | | And use main.cf's 'master_service_disable' setting to deactivate each service that's useless for a given instance. (Hence solve conflict when trying to listen twice on the same port, for instance.) | |||
| * | Postfix master (nullmailer) configuration | Guilhem Moulin | 2015-06-07 | 1 |
| We use a dedicated instance for each role: MDA, MTA out, MX, etc. | ||||
 |
index : fripost-ansible | |
| Fripost ansible scripts |
| summaryrefslogtreecommitdiffstats |