summaryrefslogtreecommitdiffstats
path: root/roles/webmail
Commit message (Collapse)AuthorAgeFiles
* Use the Let's Encrypt CA for our public certs.Guilhem Moulin2015-12-202
|
* nginx: Move include.d/* to snippets/.Guilhem Moulin2015-12-201
|
* nginx: s/conf.d/include.d/Guilhem Moulin2015-12-151
|
* wibbleGuilhem Moulin2015-12-091
|
* ngnix: mv ssl/config conf.d/sslGuilhem Moulin2015-12-091
|
* Use a dedicated subdomain for ManageSieve.Guilhem Moulin2015-12-031
|
* Automatically fetch X.509 certificates, and add them to git.Guilhem Moulin2015-12-031
|
* Roundcube managesieve SSL options: use AESGCM and disable compression.Guilhem Moulin2015-10-271
|
* stunnel: disable compression.Guilhem Moulin2015-10-271
|
* stunnel: use GCM ciphers only; use SSL options rather than ciphers to ↵Guilhem Moulin2015-10-271
| | | | disable protocols.
* roundcube: Raise 'imap_timeout' from 1 to 3 minutes.Guilhem Moulin2015-09-301
| | | | See http://wiki.fripost.org/tracker/Error_on_search_in_roundcube/ .
* roundcube: Use php5-enchant and GNU Aspell for spell-checking.Guilhem Moulin2015-09-291
|
* Add jqueryui configuration.Guilhem Moulin2015-09-292
|
* Make roundcube plugin configuration static files.Guilhem Moulin2015-09-294
|
* Upgrade Roundcube to 1.1.2.Guilhem Moulin2015-09-248
|
* Make the webmail connect directly to the outgoing SMTP proxy.Guilhem Moulin2015-06-076
| | | | | (Hence delete the 'webmail' Postfix instance.) This shortens the delay caused by the recipient verification probes.
* Use recipient address verification probes.Guilhem Moulin2015-06-071
| | | | | | | This is specially useful for mailing lists and the webmail, since it prevents our outgoing gateway from accepting mails known to be bouncing. However the downside is that it adds a delay of up to 6s after the RCPT TO command.
* Upgrade the webmail configuration from Wheezy to Jessie.Guilhem Moulin2015-06-073
|
* Don't make Roundcube add a 'X-Sender' header with the sender's identity.Guilhem Moulin2015-06-071
|
* Roundcube's 'password' plugin.Guilhem Moulin2015-06-071
|
* Make Nginx send the intermediate certificate along with the server's.Guilhem Moulin2015-06-071
|
* Remove o=mailHosting from the LDAP directory suffix.Guilhem Moulin2015-06-071
| | | | | | So our suffix is now a mere 'dc=fripost,dc=org'. We're also using the default '/var/lib/ldap' as olcDbDirectory (hence we don't clear it before hand).
* Add ability to add custom OrganizationalUnits in genkeypair.Guilhem Moulin2015-06-071
| | | | Also, it's now possible to reuse an existing private key (with -f).
* Tell vim the underlying filetype of templates for syntax highlighting.Guilhem Moulin2015-06-071
|
* Reload Postfix upon configuration change, but don't restart it.Guilhem Moulin2015-06-072
| | | | | | (Unless a new instance is created, or the master.cf change is modified.) Changing some variables, such as inet_protocols, require a full restart, but most of the time it's overkill.
* Replace IPSec tunnels by app-level ephemeral TLS sessions.Guilhem Moulin2015-06-073
| | | | | For some reason giraff doesn't like IPSec. App-level TLS sessions are less efficient, but thanks to ansible it still scales well.
* Outgoing SMTP proxy.Guilhem Moulin2015-06-071
|
* Expose the real user ID when using the webmail.Guilhem Moulin2015-06-071
| | | | | | Sadly not doing so and keeping a table message ID -> username, like we do for SASL authenticated users, doesn't seem trivial here. We could encrypt the header, though.
* Fix syntax error.Guilhem Moulin2015-06-071
|
* Generate certs for Dovecot and Nginx if they are not there.Guilhem Moulin2015-06-072
|
* Force Roundcube to connect the IMAP server on localhost:143.Guilhem Moulin2015-06-071
|
* Allow Roundcube to offer JavaScript.Guilhem Moulin2015-06-071
|
* Support boken SMTP clients and LOGIN SASL mechanism.Guilhem Moulin2015-06-071
|
* Install Rouncube from backports.Guilhem Moulin2015-06-072
| | | | | | Recent versions have a whole bunch of bugfixes and nice new features: http://trac.roundcube.net/wiki/Changelog
* wibbleGuilhem Moulin2015-06-071
|
* Assume a DNS entry for each role.Guilhem Moulin2015-06-073
| | | | | | E.g., ldap.fripost.org, ntp.fripost.org, etc. (Ideally the DNS zone would be provisioned by ansible, too.) It's a bit unclear how to index the subdomains (mx{1,2,3}, etc), though.
* typoGuilhem Moulin2015-06-071
|
* wibbleGuilhem Moulin2015-06-072
|
* Don't pass the client information unless necessary.Guilhem Moulin2015-06-071
|
* Don't use IPSec to relay messages to localhost.Guilhem Moulin2015-06-071
|
* Excplicitely make local services run on localhost.Guilhem Moulin2015-06-071
|
* typoGuilhem Moulin2015-06-071
|
* Configure Sieve and ManageSieve.Guilhem Moulin2015-06-072
| | | | | Also, add the 'managesieve' RoundCube plugin to communicate with our server.
* Use a local IMAP caching proxy under the webmail.Guilhem Moulin2015-06-071
| | | | | | | | | | | | (Unless the webmail is itself a full IMAP server.) It replaces RoundCube's own IMAP and message caches. Dovecot's IMAPC storage backend is not very documented, but provides smart IMAP proxying. References include: http://dovecot.org/pipermail/dovecot/2011-January/056975.html http://wiki2.dovecot.org/HowTo/ImapcProxy http://wiki2.dovecot.org/Migration/Dsync
* Configure the webmail.Guilhem Moulin2015-06-079
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-10 14:52:58 +0000