summaryrefslogtreecommitdiffstats
path: root/roles
Commit message (Collapse)AuthorAgeFiles
* ngnix: mv ssl/config conf.d/sslGuilhem Moulin2015-12-097
|
* typoGuilhem Moulin2015-12-041
|
* Postfix TLS policy: Store the fingerprint of the cert's pubkey, not of the ↵Guilhem Moulin2015-12-034
| | | | cert itself.
* Use a dedicated subdomain for ManageSieve.Guilhem Moulin2015-12-031
|
* Automatically fetch X.509 certificates, and add them to git.Guilhem Moulin2015-12-037
|
* More logcheck-database tweaks.Guilhem Moulin2015-12-011
|
* dovecot-sieve: Enable the 'editheader' extension (5293).Guilhem Moulin2015-11-261
| | | | | Which is disabled by default, as per http://wiki.dovecot.org/Pigeonhole/Sieve
* More logcheck-database tweaks.Guilhem Moulin2015-11-121
|
* nginx: adjust expiration date for static content.Guilhem Moulin2015-10-303
|
* ikiwiki: Also install Authen::Passphrase.Guilhem Moulin2015-10-281
|
* Internal Postfix config: Generate RSA 4096 keys by default.Guilhem Moulin2015-10-281
|
* genkeypair: use install(1) for atomic file creation with permission mode.Guilhem Moulin2015-10-283
|
* Internal Postfix config: Disable TLS protocols <1.2 rather than enable 1.2 only.Guilhem Moulin2015-10-271
|
* Roundcube managesieve SSL options: use AESGCM and disable compression.Guilhem Moulin2015-10-271
|
* stunnel: disable compression.Guilhem Moulin2015-10-277
|
* autoconfiguration: Don't use HTML entities as it makes Thunderbird unhappy.Guilhem Moulin2015-10-271
|
* stunnel: use GCM ciphers only; use SSL options rather than ciphers to ↵Guilhem Moulin2015-10-277
| | | | disable protocols.
* More logcheck-database tweaks.Guilhem Moulin2015-10-142
|
* Wiki: add the 'getsource' plugin.Guilhem Moulin2015-09-301
|
* Remove \Recent flags when a virtual mailbox is SELECTed.Guilhem Moulin2015-09-304
|
* IMAP: Store virtual indexes in memory.Guilhem Moulin2015-09-301
|
* roundcube: Raise 'imap_timeout' from 1 to 3 minutes.Guilhem Moulin2015-09-301
| | | | See http://wiki.fripost.org/tracker/Error_on_search_in_roundcube/ .
* Cgit: Add gitolite@ for clone ssh:// URLs.Guilhem Moulin2015-09-291
|
* roundcube: Use php5-enchant and GNU Aspell for spell-checking.Guilhem Moulin2015-09-291
|
* ikiwiki: Enable DNSSEC and email notification.Guilhem Moulin2015-09-292
|
* Add jqueryui configuration.Guilhem Moulin2015-09-292
|
* Make roundcube plugin configuration static files.Guilhem Moulin2015-09-294
|
* More logcheck-database tweaks.Guilhem Moulin2015-09-241
|
* Upgrade Roundcube to 1.1.2.Guilhem Moulin2015-09-248
|
* Replace gitweb with cgit.Guilhem Moulin2015-09-2116
|
* More logcheck-database tweaks.Guilhem Moulin2015-09-212
|
* dovecot: Disable SSLv3.Guilhem Moulin2015-09-171
|
* Fix address verification probes on the MSA.Guilhem Moulin2015-09-165
| | | | | Put all relay restrictions under smtpd_relay_restrictions and leave smtpd_recipient_restrictions empty, since we don't do DNSBL.
* More logcheck-database tweaks.Guilhem Moulin2015-09-151
|
* systemd: Auto-restart the gitweb service.Guilhem Moulin2015-09-152
|
* Configure FreshClam.Guilhem Moulin2015-09-152
|
* Enable the IMAP COMPRESS extension [RFC4978].Guilhem Moulin2015-09-151
|
* Add .asc to text/plain nginx MIME types.Guilhem Moulin2015-08-211
|
* More logcheck-database tweaks.Guilhem Moulin2015-08-213
|
* Update unattended-upgrades configuration.Guilhem Moulin2015-07-191
|
* Use full name rather than prefix for MySQL option 'key_buffer_size'.Guilhem Moulin2015-07-191
| | | | | | [Warning] Using unique option prefix key_buffer instead of key_buffer_size is deprecated and will be removed in a future release. Please use the full name instead.
* Use <bacula@fripost.org> as envelope sender for bacula.Guilhem Moulin2015-07-191
|
* Change match to "^(Genuine)?Intel.*" for Intel processors.Guilhem Moulin2015-07-123
|
* Rename 'mysql_user' plugin to 'mysql_user2' to avoid name collisions.Guilhem Moulin2015-07-124
|
* More logcheck-database tweaks.Guilhem Moulin2015-06-221
|
* logcheck: Match only hexdigits in postfix queue ID.Guilhem Moulin2015-06-191
|
* Match IPv6 addresses in logcheck rules.Guilhem Moulin2015-06-191
|
* Use 'double-bounce@fripost.org' as envelope sender for verification probes.Guilhem Moulin2015-06-112
|
* Don't bounce unverified recipients upon 4xx errors.Guilhem Moulin2015-06-113
| | | | | | | We don't want to bounce messages for which the recipient(s)' MTA replies 451 due to some greylisting in place. We would like to accept 451 alone, but unfortunately it's not possible to bounce unverified recipients due to DNS or networking errors.
* Set a rootdn on cn=Monitor.Guilhem Moulin2015-06-111
|