index
:
fripost-ansible
master
Fripost ansible scripts
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
roles
/
common
/
templates
/
etc
Commit message (
Expand
)
Author
Age
Files
*
Webmail: don't allow outgoing TCP/993 connections.
Guilhem Moulin
2017-06-15
1
*
postfix: enable XFORWARD command from our internal relays.
Guilhem Moulin
2017-06-02
1
*
postfix: don't rate-limit our IPsec subnet.
Guilhem Moulin
2017-06-02
1
*
Don't let authenticated client use arbitrary sender addresses.
Guilhem Moulin
2017-06-01
1
*
Also install non-free firmwares on civett.
Guilhem Moulin
2017-05-30
2
*
Fix Ansible 2.2.0 compatibility of a Jinja2 template.
Guilhem Moulin
2017-01-14
1
*
postfix: Remove obsolete templates tls_policy/relay_clientcerts.
Guilhem Moulin
2016-07-12
1
*
Route all internal SMTP traffic through IPsec.
Guilhem Moulin
2016-07-10
3
*
Postfix: avoid hardcoding the instance names.
Guilhem Moulin
2016-07-10
1
*
Postfix: don't share the master.cf between the instances.
Guilhem Moulin
2016-07-10
1
*
Localize the NTP pool hostnames.
Guilhem Moulin
2016-07-09
1
*
Localize the debian archive hostnames.
Guilhem Moulin
2016-07-09
1
*
ClamAV (FreshClam): use a localized Database Mirror.
Guilhem Moulin
2016-07-09
1
*
IPSec → IPsec
Guilhem Moulin
2016-06-29
2
*
IPSec: replace (self-signed) X.509 certs by their raw pubkey for authentication.
Guilhem Moulin
2016-05-24
1
*
Tunnel bacula (dir → {fd,sd} and fd → sd) traffic through IPSec.
Guilhem Moulin
2016-05-22
3
*
Tunnel munin-update traffic through IPSec.
Guilhem Moulin
2016-05-22
3
*
Tunnel internal NTP traffic through IPSec.
Guilhem Moulin
2016-05-22
2
*
Set up IPSec tunnels between each pair of hosts.
Guilhem Moulin
2016-05-22
5
*
postfix: Update to recommended TLS settings.
Guilhem Moulin
2016-05-18
1
*
postfix: disable weak ciphers for the 'encrypt' TLS security level.
Guilhem Moulin
2016-05-18
1
*
bacula: Set heartbeat options.
Guilhem Moulin
2016-05-12
2
*
Use systemd unit files for stunnel4.
Guilhem Moulin
2016-05-12
2
*
s/ansible_ssh_/ansible_/
Guilhem Moulin
2016-02-12
2
*
Postfix TLS policy: Store the fingerprint of the cert's pubkey, not of the ce...
Guilhem Moulin
2015-12-03
1
*
Internal Postfix config: Disable TLS protocols <1.2 rather than enable 1.2 only.
Guilhem Moulin
2015-10-27
1
*
stunnel: disable compression.
Guilhem Moulin
2015-10-27
2
*
stunnel: use GCM ciphers only; use SSL options rather than ciphers to disable...
Guilhem Moulin
2015-10-27
2
*
Change match to "^(Genuine)?Intel.*" for Intel processors.
Guilhem Moulin
2015-07-12
2
*
Use a single LDAP connection per Munin round to collect slapd statistics.
Guilhem Moulin
2015-06-11
1
*
slapd monitoring.
Guilhem Moulin
2015-06-10
1
*
Configure munin nodes & master.
Guilhem Moulin
2015-06-10
4
*
Configure Bacula File Daemon / Storage Daemon / Director.
Guilhem Moulin
2015-06-07
3
*
wibble
Guilhem Moulin
2015-06-07
1
*
Configure ikiwiki (website + wiki).
Guilhem Moulin
2015-06-07
1
*
typo
Guilhem Moulin
2015-06-07
1
*
typo
Guilhem Moulin
2015-06-07
1
*
Allow outgoing HKP and WHOIS traffic on the LDAP provider.
Guilhem Moulin
2015-06-07
1
*
Allow outgoing SSH traffic.
Guilhem Moulin
2015-06-07
1
*
Add wildcard Pin version in apt preferences.
Guilhem Moulin
2015-06-07
1
*
Configure the list manager (Sympa).
Guilhem Moulin
2015-06-07
2
*
Enable the use of git:// clients.
Guilhem Moulin
2015-06-07
1
*
typo
Guilhem Moulin
2015-06-07
1
*
wibble
Guilhem Moulin
2015-06-07
1
*
Don't install intel-microcode on Xen guests.
Guilhem Moulin
2015-06-07
2
*
wibble
Guilhem Moulin
2015-06-07
1
*
Fix NTP configuration.
Guilhem Moulin
2015-06-07
2
*
Ensure have a TLS policy for each of our host we want to relay to.
Guilhem Moulin
2015-06-07
1
*
typo
Guilhem Moulin
2015-06-07
1
*
Fix Dovecot's mail location.
Guilhem Moulin
2015-06-07
1
[next]