index
:
fripost-ansible
master
Fripost ansible scripts
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
roles
/
common
Commit message (
Expand
)
Author
Age
Files
*
Firewall: allow duplicates rules.
Guilhem Moulin
2016-09-18
1
*
More logcheck-database tweaks.
Guilhem Moulin
2016-08-22
2
*
postfix: Remove obsolete templates tls_policy/relay_clientcerts.
Guilhem Moulin
2016-07-12
1
*
Route all internal SMTP traffic through IPsec.
Guilhem Moulin
2016-07-10
4
*
Postfix: avoid hardcoding the instance names.
Guilhem Moulin
2016-07-10
1
*
Postfix: don't share the master.cf between the instances.
Guilhem Moulin
2016-07-10
2
*
Route SMTP traffic from the webmail through IPsec.
Guilhem Moulin
2016-07-10
1
*
More logcheck-database tweaks.
Guilhem Moulin
2016-07-09
2
*
Localize the NTP pool hostnames.
Guilhem Moulin
2016-07-09
1
*
Localize the debian archive hostnames.
Guilhem Moulin
2016-07-09
1
*
ClamAV (FreshClam): use a localized Database Mirror.
Guilhem Moulin
2016-07-09
2
*
IPSec → IPsec
Guilhem Moulin
2016-06-29
5
*
More logcheck-database tweaks.
Guilhem Moulin
2016-06-29
3
*
update-firewall.sh: COMMIT empty iptables rule files.
Guilhem Moulin
2016-06-29
1
*
Use stunnel to secure the connection from the webmail to ldap.fripost.org.
Guilhem Moulin
2016-06-05
1
*
typo
Guilhem Moulin
2016-05-24
1
*
IPSec: replace (self-signed) X.509 certs by their raw pubkey for authentication.
Guilhem Moulin
2016-05-24
3
*
genkeypair, gendhparam: use -rand /dev/urandom when generating keys or DH par...
Guilhem Moulin
2016-05-22
2
*
Tunnel bacula (dir → {fd,sd} and fd → sd) traffic through IPSec.
Guilhem Moulin
2016-05-22
6
*
Tunnel munin-update traffic through IPSec.
Guilhem Moulin
2016-05-22
7
*
Tunnel internal NTP traffic through IPSec.
Guilhem Moulin
2016-05-22
2
*
Set up IPSec tunnels between each pair of hosts.
Guilhem Moulin
2016-05-22
13
*
postfix: master.cf wibble
Guilhem Moulin
2016-05-18
1
*
postfix: Update to recommended TLS settings.
Guilhem Moulin
2016-05-18
2
*
Move /etc/ssl/private/dhparams.pem to /etc/ssl/dhparams.pem and make it public.
Guilhem Moulin
2016-05-18
2
*
postfix: disable weak ciphers for the 'encrypt' TLS security level.
Guilhem Moulin
2016-05-18
1
*
Add an ansible module 'fetch_cmd' to fetch the output of a remote command loc...
Guilhem Moulin
2016-05-18
3
*
bacula: Set heartbeat options.
Guilhem Moulin
2016-05-12
2
*
Add hardening options to our systemd unit files.
Guilhem Moulin
2016-05-12
1
*
Use systemd unit files for stunnel4.
Guilhem Moulin
2016-05-12
11
*
sysctl: don't set IPv6 privacy extensions globaly.
Guilhem Moulin
2016-04-01
1
*
sysctl: set net.ipv6.conf.all.accept_ra = 0.
Guilhem Moulin
2016-03-30
1
*
More logcheck-database tweaks.
Guilhem Moulin
2016-03-13
1
*
Ansible: Using bare variables is deprecated, and will be removed in a future ...
Guilhem Moulin
2016-03-02
2
*
More logcheck-database tweaks.
Guilhem Moulin
2016-02-17
1
*
s/ansible_ssh_/ansible_/
Guilhem Moulin
2016-02-12
2
*
Upgrade playbooks to Ansible 2.0.
Guilhem Moulin
2016-02-12
5
*
Only install letsencrypt-tiny to the relevant hosts.
Guilhem Moulin
2015-12-28
2
*
Copy and install Let's Encrypt ACME client.
Guilhem Moulin
2015-12-20
1
*
Use the Let's Encrypt CA for our public certs.
Guilhem Moulin
2015-12-20
2
*
More logcheck-database tweaks.
Guilhem Moulin
2015-12-15
2
*
typo
Guilhem Moulin
2015-12-04
1
*
Postfix TLS policy: Store the fingerprint of the cert's pubkey, not of the ce...
Guilhem Moulin
2015-12-03
1
*
More logcheck-database tweaks.
Guilhem Moulin
2015-12-01
1
*
More logcheck-database tweaks.
Guilhem Moulin
2015-11-12
1
*
Internal Postfix config: Generate RSA 4096 keys by default.
Guilhem Moulin
2015-10-28
1
*
genkeypair: use install(1) for atomic file creation with permission mode.
Guilhem Moulin
2015-10-28
2
*
Internal Postfix config: Disable TLS protocols <1.2 rather than enable 1.2 only.
Guilhem Moulin
2015-10-27
1
*
stunnel: disable compression.
Guilhem Moulin
2015-10-27
2
*
stunnel: use GCM ciphers only; use SSL options rather than ciphers to disable...
Guilhem Moulin
2015-10-27
2
[next]