index
:
fripost-ansible
master
Fripost ansible scripts
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
roles
Commit message (
Expand
)
Author
Age
Files
*
Tunnel internal NTP traffic through IPSec.
Guilhem Moulin
2016-05-22
2
*
Set up IPSec tunnels between each pair of hosts.
Guilhem Moulin
2016-05-22
13
*
postfix: master.cf wibble
Guilhem Moulin
2016-05-18
1
*
postfix: Update to recommended TLS settings.
Guilhem Moulin
2016-05-18
7
*
postfix: unset 'smtpd_tls_session_cache_database'.
Guilhem Moulin
2016-05-18
5
*
Move /etc/ssl/private/dhparams.pem to /etc/ssl/dhparams.pem and make it public.
Guilhem Moulin
2016-05-18
8
*
postfix: disable weak ciphers for the 'encrypt' TLS security level.
Guilhem Moulin
2016-05-18
3
*
Add an ansible module 'fetch_cmd' to fetch the output of a remote command loc...
Guilhem Moulin
2016-05-18
13
*
dovecot imapc: wibble
Guilhem Moulin
2016-05-17
2
*
roundube: Pin X.509 certificate for sieve.fripost.org:4190.
Guilhem Moulin
2016-05-17
2
*
bacula: Set heartbeat options.
Guilhem Moulin
2016-05-12
6
*
bacula-sd: wibble
Guilhem Moulin
2016-05-12
1
*
bacula-dir: Fix Reschedule Interval from 17 months to 17 mins.
Guilhem Moulin
2016-05-12
1
*
MySQL: set flush InnoDB flush method to 'O_DIRECT'
Guilhem Moulin
2016-05-12
1
*
Add hardening options to our systemd unit files.
Guilhem Moulin
2016-05-12
6
*
Use systemd unit files for stunnel4.
Guilhem Moulin
2016-05-12
26
*
Roundcube's CSP: remove 'upgrade-insecure-requests' and 'block-all-mixed-cont...
Guilhem Moulin
2016-04-08
1
*
Roundcube's CSP: allow loading images from data: URIs and arbitrary URLs.
Guilhem Moulin
2016-04-07
1
*
nginx: update ssl_ciphers to follow Mozilla's TLS server recommendation.
Guilhem Moulin
2016-04-02
1
*
Set frame-ancestors from 'none' to 'self' in roundcube's CSP.
Guilhem Moulin
2016-04-02
1
*
wibble
Guilhem Moulin
2016-04-02
3
*
Set a HPKP on the webmail, website/wiki/git and list manager.
Guilhem Moulin
2016-04-01
5
*
Set a CSP on the webmail, website/wiki and list manager.
Guilhem Moulin
2016-04-01
5
*
sysctl: don't set IPv6 privacy extensions globaly.
Guilhem Moulin
2016-04-01
1
*
sysctl: set net.ipv6.conf.all.accept_ra = 0.
Guilhem Moulin
2016-03-30
1
*
Set HTTP security headers.
Guilhem Moulin
2016-03-30
9
*
Replace LE's X1 intermediate CA with X3 since the latter has better support f...
Guilhem Moulin
2016-03-28
1
*
munin-master CGI: add application-level ACLs to keep non-local users at bay.
Guilhem Moulin
2016-03-21
1
*
Remove SMTP message size limit on non public MTAs.
Guilhem Moulin
2016-03-21
3
*
More logcheck-database tweaks.
Guilhem Moulin
2016-03-13
1
*
Let's Encrypt: Only reload (as opposed to restart) postfix/nginx after renewi...
Guilhem Moulin
2016-03-05
1
*
Amavis: use the LMTP protocol in the policy banks.
Guilhem Moulin
2016-03-03
1
*
Let's Encrypt
Guilhem Moulin
2016-03-02
12
*
cgit: Create cache directory /var/cache/cgit
Guilhem Moulin
2016-03-02
1
*
Ansible: Using bare variables is deprecated, and will be removed in a future ...
Guilhem Moulin
2016-03-02
4
*
More logcheck-database tweaks.
Guilhem Moulin
2016-02-17
1
*
s/ansible_ssh_/ansible_/
Guilhem Moulin
2016-02-12
2
*
Upgrade playbooks to Ansible 2.0.
Guilhem Moulin
2016-02-12
23
*
Update all Fripost links from http:// to https://.
Guilhem Moulin
2015-12-28
3
*
Only install letsencrypt-tiny to the relevant hosts.
Guilhem Moulin
2015-12-28
2
*
Fix Let's Encrypt CAfile.
Guilhem Moulin
2015-12-28
1
*
Copy and install Let's Encrypt ACME client.
Guilhem Moulin
2015-12-20
1
*
Use the Let's Encrypt CA for our public certs.
Guilhem Moulin
2015-12-20
19
*
nginx: Move include.d/* to snippets/.
Guilhem Moulin
2015-12-20
12
*
More logcheck-database tweaks.
Guilhem Moulin
2015-12-15
2
*
dovecot: remove !SSLv2 from ssl_cipher_list.
Guilhem Moulin
2015-12-15
1
*
nginx: s/conf.d/include.d/
Guilhem Moulin
2015-12-15
7
*
wibble
Guilhem Moulin
2015-12-09
2
*
ngnix: mv ssl/config conf.d/ssl
Guilhem Moulin
2015-12-09
7
*
typo
Guilhem Moulin
2015-12-04
1
[next]