index
:
fripost-ansible
master
Fripost ansible scripts
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
roles
/
common
/
templates
/
etc
Commit message (
Expand
)
Author
Age
Files
*
Postfix: pin key material to our MX:es for fripost.org and its subdomains.
Guilhem Moulin
2021-01-26
1
*
Firewall: Always include 172.16.0.0/12 to the bogon list.
Guilhem Moulin
2020-11-15
1
*
Firewall: Add counter to dropped ICMP packets.
Guilhem Moulin
2020-11-15
1
*
Firewall: ICMPv6: accept link-local multicast receiver notification messages.
Guilhem Moulin
2020-11-15
1
*
Change NTP client to systemd-timesyncd.
Guilhem Moulin
2020-11-15
3
*
Firewall: allow ICMP type 11 (time time-exceeded).
Guilhem Moulin
2020-11-03
1
*
Firewall: Move IPsec/ICMP/ICMPv6 rules to ingress chain.
Guilhem Moulin
2020-11-03
1
*
Firewall: Move martian and bogus TCP filters early in the packet flow.
Guilhem Moulin
2020-11-02
1
*
MSA: Update role to Debian Buster.
Guilhem Moulin
2020-05-19
1
*
s/LDAP-provider/LDAP_provider/
Guilhem Moulin
2020-05-19
1
*
Firewall: note on reqid matching.
Guilhem Moulin
2020-05-18
1
*
AEAD ciphers: Add EECDH+CHACHA20 macro.
Guilhem Moulin
2020-05-18
1
*
Firewall: Use `meta secpath exists` to match xfrm associations.
Guilhem Moulin
2020-05-18
1
*
Roundcube: Port to Debian 10.
Guilhem Moulin
2020-05-17
1
*
typofix
Guilhem Moulin
2020-05-16
1
*
Upgrade baseline to Debian 10.
Guilhem Moulin
2020-05-16
6
*
/etc/apt/sources.list: Use https:// URIs.
Guilhem Moulin
2020-01-25
1
*
Improve/harden fail2ban configuration.
Guilhem Moulin
2020-01-25
1
*
Convert firewall to nftables.
Guilhem Moulin
2020-01-23
4
*
Postfix: disable DNS lookups on the internal SMTPds.
Guilhem Moulin
2020-01-23
1
*
tr/-/_/ in group names.
Guilhem Moulin
2020-01-22
3
*
MSA: Open 465/TCP for Email Submission over TLS.
Guilhem Moulin
2019-03-19
3
*
submission: Prospective SPF checking.
Guilhem Moulin
2018-12-12
2
*
IPsec: use Suite-B-GCM-256 algorithms for IKEv2 & ESP.
Guilhem Moulin
2018-12-09
1
*
MSA verification probes: enable opportunistic encryption.
Guilhem Moulin
2018-12-09
1
*
Update 'IMAP', 'MSA' and 'LDAP-provider' roles to Debian Stretch.
Guilhem Moulin
2018-12-09
2
*
Firewall: disable outgoing access to git:// remote servers.
Guilhem Moulin
2018-12-09
1
*
ntp.conf: reduce delta with the packaged version.
Guilhem Moulin
2018-12-09
1
*
MX: chroot postscreen(8), smtpd(8) and cleanup(8) daemons.
Guilhem Moulin
2018-12-09
1
*
postfix: remove explicit default 'mail_owner = postfix'.
Guilhem Moulin
2018-12-06
1
*
postfix ≥3.0: don't advertise SMTPUTF8 support.
Guilhem Moulin
2018-12-06
1
*
Install unbound on metal hosts.
Guilhem Moulin
2018-12-03
1
*
Define new host "calima" serving Nextcloud.
Guilhem Moulin
2018-12-03
1
*
Postfix: replace cdb & btree tables with lmdb ones.
Guilhem Moulin
2018-12-03
1
*
IPsec: allow ISAKMP over IPv6.
Guilhem Moulin
2018-12-03
1
*
Upgrade baseline to Debian Stretch.
Guilhem Moulin
2018-12-03
5
*
Postfix: replace 'fifo' types with 'unix', as it's the new default.
Guilhem Moulin
2018-04-04
1
*
Firewall: Allow DNS queries over TCP.
Guilhem Moulin
2018-04-04
1
*
APT: use deb.debian.org as archive source.
Guilhem Moulin
2018-04-04
1
*
Perform recipient address verification on the MSA itself.
Guilhem Moulin
2018-04-04
1
*
Upgrade syntax to Ansible 2.5.
Guilhem Moulin
2018-04-04
2
*
Fix detection of KVM guests.
Guilhem Moulin
2017-07-29
2
*
Don't install debsecan anymore by default.
Guilhem Moulin
2017-06-26
1
*
Webmail: don't allow outgoing TCP/993 connections.
Guilhem Moulin
2017-06-15
1
*
postfix: enable XFORWARD command from our internal relays.
Guilhem Moulin
2017-06-02
1
*
postfix: don't rate-limit our IPsec subnet.
Guilhem Moulin
2017-06-02
1
*
Don't let authenticated client use arbitrary sender addresses.
Guilhem Moulin
2017-06-01
1
*
Also install non-free firmwares on civett.
Guilhem Moulin
2017-05-30
2
*
Fix Ansible 2.2.0 compatibility of a Jinja2 template.
Guilhem Moulin
2017-01-14
1
*
postfix: Remove obsolete templates tls_policy/relay_clientcerts.
Guilhem Moulin
2016-07-12
1
[next]