index
:
fripost-ansible
master
Fripost ansible scripts
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
roles
/
common
Commit message (
Expand
)
Author
Age
Files
*
IPsec: use Suite-B-GCM-256 algorithms for IKEv2 & ESP.
Guilhem Moulin
2018-12-09
1
*
MSA verification probes: enable opportunistic encryption.
Guilhem Moulin
2018-12-09
1
*
Update 'IMAP', 'MSA' and 'LDAP-provider' roles to Debian Stretch.
Guilhem Moulin
2018-12-09
6
*
Disable resume device.
Guilhem Moulin
2018-12-09
3
*
systemd.service: Tighten hardening options.
Guilhem Moulin
2018-12-09
2
*
bacula-*.service: Don't fork in the background.
Guilhem Moulin
2018-12-09
1
*
Upgrade 'lists' role to Debian Stretch.
Guilhem Moulin
2018-12-09
1
*
Firewall: disable outgoing access to git:// remote servers.
Guilhem Moulin
2018-12-09
1
*
systemd: Replace ‘ProtectSystem=full’ with ‘ProtectSystem=strict’.
Guilhem Moulin
2018-12-09
2
*
Firewall: REJECT outgoing connections instead of DROPing them.
Guilhem Moulin
2018-12-09
1
*
Don't install the haveged entropy daemon.
Guilhem Moulin
2018-12-09
2
*
ntp.conf: reduce delta with the packaged version.
Guilhem Moulin
2018-12-09
1
*
MX: chroot postscreen(8), smtpd(8) and cleanup(8) daemons.
Guilhem Moulin
2018-12-09
1
*
postfix: remove explicit default 'mail_owner = postfix'.
Guilhem Moulin
2018-12-06
1
*
postfix ≥3.0: don't advertise SMTPUTF8 support.
Guilhem Moulin
2018-12-06
1
*
DKIM: also include the "d=" tag in key filenames, not only the "s=" tag.
Guilhem Moulin
2018-12-05
1
*
Install unbound on metal hosts.
Guilhem Moulin
2018-12-03
4
*
Define new host "calima" serving Nextcloud.
Guilhem Moulin
2018-12-03
1
*
Upgrade syntax to Ansible 2.7 (apt module).
Guilhem Moulin
2018-12-03
9
*
Postfix: replace cdb & btree tables with lmdb ones.
Guilhem Moulin
2018-12-03
4
*
IPsec: allow ISAKMP over IPv6.
Guilhem Moulin
2018-12-03
2
*
Upgrade baseline to Debian Stretch.
Guilhem Moulin
2018-12-03
15
*
Skip samhain installation.
Guilhem Moulin
2018-12-03
4
*
Harden anti spam on the MX:es.
Guilhem Moulin
2018-06-09
1
*
More logcheck-database tweaks.
Guilhem Moulin
2018-04-04
3
*
Postfix: replace 'fifo' types with 'unix', as it's the new default.
Guilhem Moulin
2018-04-04
1
*
sympa: wibble
Guilhem Moulin
2018-04-04
1
*
Firewall: Allow DNS queries over TCP.
Guilhem Moulin
2018-04-04
1
*
APT: use deb.debian.org as archive source.
Guilhem Moulin
2018-04-04
1
*
Perform recipient address verification on the MSA itself.
Guilhem Moulin
2018-04-04
2
*
Upgrade syntax to Ansible 2.5.
Guilhem Moulin
2018-04-04
3
*
Upgrade syntax to Ansible 2.4.
Guilhem Moulin
2017-11-23
1
*
More logcheck-database tweaks.
Guilhem Moulin
2017-09-14
3
*
Fix detection of KVM guests.
Guilhem Moulin
2017-07-29
3
*
rkhunter: Disable remote updates to fix CVE-2017-7480.
Guilhem Moulin
2017-07-29
1
*
Use MariaDB as default MySQL flavor.
Guilhem Moulin
2017-07-29
1
*
Don't install debsecan anymore by default.
Guilhem Moulin
2017-06-26
2
*
Webmail: don't allow outgoing TCP/993 connections.
Guilhem Moulin
2017-06-15
1
*
More logcheck-database tweaks.
Guilhem Moulin
2017-06-07
1
*
postfix-sender-login: wibble
Guilhem Moulin
2017-06-05
1
*
dovecot: enable user iteration and add a cronjob for `doveadm purge -A`
Guilhem Moulin
2017-06-05
1
*
postfix: enable XFORWARD command from our internal relays.
Guilhem Moulin
2017-06-02
1
*
postfix: don't rate-limit our IPsec subnet.
Guilhem Moulin
2017-06-02
2
*
Don't let authenticated client use arbitrary sender addresses.
Guilhem Moulin
2017-06-01
1
*
/lib/systemd/system → /etc/systemd/system
Guilhem Moulin
2017-05-31
5
*
Also install non-free firmwares on civett.
Guilhem Moulin
2017-05-30
2
*
Change group of executables in /usr/local/{bin,sbin} from root to staff.
Guilhem Moulin
2017-05-14
2
*
MSA: reject null sender address.
Guilhem Moulin
2017-05-14
1
*
Fix Ansible 2.2.0 compatibility of a Jinja2 template.
Guilhem Moulin
2017-01-14
1
*
More logcheck-database tweaks.
Guilhem Moulin
2016-12-08
1
[next]