summaryrefslogtreecommitdiffstats
path: root/roles/webmail/tasks
Commit message (Collapse)AuthorAgeFiles
* certs/public: fetch each cert's pubkey (SPKI), not the cert itself.Guilhem Moulin2016-06-151
| | | | To avoid new commits upon cert renewal.
* Use stunnel to secure the connection from the webmail to ldap.fripost.org.Guilhem Moulin2016-06-052
| | | | | We should use IPSec instead, but doing so would force us to weaken slapd.conf's ‘security’ setting.
* Roundcube: route IMAP and managesieve traffic through IPSec.Guilhem Moulin2016-05-281
|
* Roundcube: add a link to our webpage as support URL.Guilhem Moulin2016-05-241
|
* Roundcube: add a warning regarding IMAP hostname change.Guilhem Moulin2016-05-231
|
* Add an ansible module 'fetch_cmd' to fetch the output of a remote command ↵Guilhem Moulin2016-05-181
| | | | | | locally. And use this to fetch all X.509 leaf certificates.
* roundube: Pin X.509 certificate for sieve.fripost.org:4190.Guilhem Moulin2016-05-171
|
* Use systemd unit files for stunnel4.Guilhem Moulin2016-05-121
|
* Upgrade playbooks to Ansible 2.0.Guilhem Moulin2016-02-122
|
* Use the Let's Encrypt CA for our public certs.Guilhem Moulin2015-12-201
|
* Automatically fetch X.509 certificates, and add them to git.Guilhem Moulin2015-12-031
|
* roundcube: Raise 'imap_timeout' from 1 to 3 minutes.Guilhem Moulin2015-09-301
| | | | See http://wiki.fripost.org/tracker/Error_on_search_in_roundcube/ .
* roundcube: Use php5-enchant and GNU Aspell for spell-checking.Guilhem Moulin2015-09-291
|
* Add jqueryui configuration.Guilhem Moulin2015-09-291
|
* Make roundcube plugin configuration static files.Guilhem Moulin2015-09-291
|
* Upgrade Roundcube to 1.1.2.Guilhem Moulin2015-09-241
|
* Make the webmail connect directly to the outgoing SMTP proxy.Guilhem Moulin2015-06-073
| | | | | (Hence delete the 'webmail' Postfix instance.) This shortens the delay caused by the recipient verification probes.
* Upgrade the webmail configuration from Wheezy to Jessie.Guilhem Moulin2015-06-071
|
* Add ability to add custom OrganizationalUnits in genkeypair.Guilhem Moulin2015-06-071
| | | | Also, it's now possible to reuse an existing private key (with -f).
* Reload Postfix upon configuration change, but don't restart it.Guilhem Moulin2015-06-071
| | | | | | (Unless a new instance is created, or the master.cf change is modified.) Changing some variables, such as inet_protocols, require a full restart, but most of the time it's overkill.
* Replace IPSec tunnels by app-level ephemeral TLS sessions.Guilhem Moulin2015-06-071
| | | | | For some reason giraff doesn't like IPSec. App-level TLS sessions are less efficient, but thanks to ansible it still scales well.
* Fix syntax error.Guilhem Moulin2015-06-071
|
* Generate certs for Dovecot and Nginx if they are not there.Guilhem Moulin2015-06-071
|
* Force Roundcube to connect the IMAP server on localhost:143.Guilhem Moulin2015-06-071
|
* Install Rouncube from backports.Guilhem Moulin2015-06-071
| | | | | | Recent versions have a whole bunch of bugfixes and nice new features: http://trac.roundcube.net/wiki/Changelog
* wibbleGuilhem Moulin2015-06-071
|
* typoGuilhem Moulin2015-06-071
|
* wibbleGuilhem Moulin2015-06-071
|
* Configure Sieve and ManageSieve.Guilhem Moulin2015-06-071
| | | | | Also, add the 'managesieve' RoundCube plugin to communicate with our server.
* Use a local IMAP caching proxy under the webmail.Guilhem Moulin2015-06-071
| | | | | | | | | | | | (Unless the webmail is itself a full IMAP server.) It replaces RoundCube's own IMAP and message caches. Dovecot's IMAPC storage backend is not very documented, but provides smart IMAP proxying. References include: http://dovecot.org/pipermail/dovecot/2011-January/056975.html http://wiki2.dovecot.org/HowTo/ImapcProxy http://wiki2.dovecot.org/Migration/Dsync
* Configure the webmail.Guilhem Moulin2015-06-073