index
:
fripost-ansible
master
Fripost ansible scripts
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
roles
/
common
Commit message (
Expand
)
Author
Age
Files
*
Improve/harden fail2ban configuration.
Guilhem Moulin
2020-01-25
7
*
Convert firewall to nftables.
Guilhem Moulin
2020-01-23
11
*
Postfix: disable DNS lookups on the internal SMTPds.
Guilhem Moulin
2020-01-23
1
*
tr/-/_/ in group names.
Guilhem Moulin
2020-01-22
3
*
MSA: Open 465/TCP for Email Submission over TLS.
Guilhem Moulin
2019-03-19
4
*
firewall: gracefully close invalid connections.
Guilhem Moulin
2018-12-22
1
*
fail2ban: Only install the roundcube/dovecot filters if needed.
Guilhem Moulin
2018-12-15
1
*
submission: Prospective SPF checking.
Guilhem Moulin
2018-12-12
2
*
IPsec: use Suite-B-GCM-256 algorithms for IKEv2 & ESP.
Guilhem Moulin
2018-12-09
1
*
MSA verification probes: enable opportunistic encryption.
Guilhem Moulin
2018-12-09
1
*
Update 'IMAP', 'MSA' and 'LDAP-provider' roles to Debian Stretch.
Guilhem Moulin
2018-12-09
6
*
Disable resume device.
Guilhem Moulin
2018-12-09
3
*
systemd.service: Tighten hardening options.
Guilhem Moulin
2018-12-09
2
*
bacula-*.service: Don't fork in the background.
Guilhem Moulin
2018-12-09
1
*
Upgrade 'lists' role to Debian Stretch.
Guilhem Moulin
2018-12-09
1
*
Firewall: disable outgoing access to git:// remote servers.
Guilhem Moulin
2018-12-09
1
*
systemd: Replace ‘ProtectSystem=full’ with ‘ProtectSystem=strict’.
Guilhem Moulin
2018-12-09
2
*
Firewall: REJECT outgoing connections instead of DROPing them.
Guilhem Moulin
2018-12-09
1
*
Don't install the haveged entropy daemon.
Guilhem Moulin
2018-12-09
2
*
ntp.conf: reduce delta with the packaged version.
Guilhem Moulin
2018-12-09
1
*
MX: chroot postscreen(8), smtpd(8) and cleanup(8) daemons.
Guilhem Moulin
2018-12-09
1
*
postfix: remove explicit default 'mail_owner = postfix'.
Guilhem Moulin
2018-12-06
1
*
postfix ≥3.0: don't advertise SMTPUTF8 support.
Guilhem Moulin
2018-12-06
1
*
DKIM: also include the "d=" tag in key filenames, not only the "s=" tag.
Guilhem Moulin
2018-12-05
1
*
Install unbound on metal hosts.
Guilhem Moulin
2018-12-03
4
*
Define new host "calima" serving Nextcloud.
Guilhem Moulin
2018-12-03
1
*
Upgrade syntax to Ansible 2.7 (apt module).
Guilhem Moulin
2018-12-03
9
*
Postfix: replace cdb & btree tables with lmdb ones.
Guilhem Moulin
2018-12-03
4
*
IPsec: allow ISAKMP over IPv6.
Guilhem Moulin
2018-12-03
2
*
Upgrade baseline to Debian Stretch.
Guilhem Moulin
2018-12-03
15
*
Skip samhain installation.
Guilhem Moulin
2018-12-03
4
*
Harden anti spam on the MX:es.
Guilhem Moulin
2018-06-09
1
*
More logcheck-database tweaks.
Guilhem Moulin
2018-04-04
3
*
Postfix: replace 'fifo' types with 'unix', as it's the new default.
Guilhem Moulin
2018-04-04
1
*
sympa: wibble
Guilhem Moulin
2018-04-04
1
*
Firewall: Allow DNS queries over TCP.
Guilhem Moulin
2018-04-04
1
*
APT: use deb.debian.org as archive source.
Guilhem Moulin
2018-04-04
1
*
Perform recipient address verification on the MSA itself.
Guilhem Moulin
2018-04-04
2
*
Upgrade syntax to Ansible 2.5.
Guilhem Moulin
2018-04-04
3
*
Upgrade syntax to Ansible 2.4.
Guilhem Moulin
2017-11-23
1
*
More logcheck-database tweaks.
Guilhem Moulin
2017-09-14
3
*
Fix detection of KVM guests.
Guilhem Moulin
2017-07-29
3
*
rkhunter: Disable remote updates to fix CVE-2017-7480.
Guilhem Moulin
2017-07-29
1
*
Use MariaDB as default MySQL flavor.
Guilhem Moulin
2017-07-29
1
*
Don't install debsecan anymore by default.
Guilhem Moulin
2017-06-26
2
*
Webmail: don't allow outgoing TCP/993 connections.
Guilhem Moulin
2017-06-15
1
*
More logcheck-database tweaks.
Guilhem Moulin
2017-06-07
1
*
postfix-sender-login: wibble
Guilhem Moulin
2017-06-05
1
*
dovecot: enable user iteration and add a cronjob for `doveadm purge -A`
Guilhem Moulin
2017-06-05
1
*
postfix: enable XFORWARD command from our internal relays.
Guilhem Moulin
2017-06-02
1
[next]