Commit message (Collapse) | Author | Age | Files | |
---|---|---|---|---|
* | slapd monitoring. | Guilhem Moulin | 2015-06-10 | 6 |
| | | | | | We don't use the provided 'slapd_' Munin plugin because it doesn't support SASL binds. | |||
* | Configure munin nodes & master. | Guilhem Moulin | 2015-06-10 | 39 |
| | | | | | Interhost communications are protected by stunnel4. The graphs are only visible on the master itself, and content is generated by Fast CGI. | |||
* | Don't assume that Postfix queue ID are always 10-digits long. | Guilhem Moulin | 2015-06-10 | 1 |
| | ||||
* | Prefer 302 over 301 redirections. | Guilhem Moulin | 2015-06-10 | 1 |
| | ||||
* | Add references to bug reports. | Guilhem Moulin | 2015-06-10 | 2 |
| | ||||
* | Dovecot: Collect IMAP statistics. | Guilhem Moulin | 2015-06-10 | 4 |
| | ||||
* | Allow 'vmail' users with a UID lower than 500. | Guilhem Moulin | 2015-06-10 | 2 |
| | | | | Fix regression introduced in f7c8011. | |||
* | Provide Thunderbird autoconfiguration. | Guilhem Moulin | 2015-06-07 | 3 |
| | | | | | | | References: - https://developer.mozilla.org/en-US/docs/Mozilla/Thunderbird/Autoconfiguration - https://developer.mozilla.org/en-US/docs/Mozilla/Thunderbird/Autoconfiguration/FileFormat/HowTo - https://wiki.mozilla.org/Thunderbird:Autoconfiguration:ConfigFileFormat | |||
* | Remove ‘:’ from the list of valid chars in wiki filenames. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | | | | | | Because it's interpreted weirdly by Image::Magick: $ identify 'Screenshot_from_2015-02-23_18:59:48-extract.png[0]' identify: no decode delegate for this image format `59\' @ error/constitute.c/ReadImage/501. $ mv 'Screenshot_from_2015-02-23_18:59:48-extract.png' screenshot.png $ identify 'screenshot.png[0]' screenshot.png[0]=>screenshot.png PNG 453x122 453x122+0+0 8-bit sRGB 11.2KB 0.000u 0:00.000 | |||
* | Fix log filenames for lists.f.o. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | wiki: enable comments in the tracker. | Guilhem Moulin | 2015-06-07 | 2 |
| | ||||
* | Change slapd dump filenames. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | E.g., ‘0.ldif’ → ‘slapd-0.ldif’. | |||
* | Fix bacula priorities. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Add a reserved domain 'discard.fripost.org' to discard messages. | Guilhem Moulin | 2015-06-07 | 4 |
| | | | | | ‘noreply@’ aliases can be added by routing them to ‘@discard.fripost.org’. | |||
* | Make the webmail connect directly to the outgoing SMTP proxy. | Guilhem Moulin | 2015-06-07 | 8 |
| | | | | | (Hence delete the 'webmail' Postfix instance.) This shortens the delay caused by the recipient verification probes. | |||
* | Use recipient address verification probes. | Guilhem Moulin | 2015-06-07 | 4 |
| | | | | | | | This is specially useful for mailing lists and the webmail, since it prevents our outgoing gateway from accepting mails known to be bouncing. However the downside is that it adds a delay of up to 6s after the RCPT TO command. | |||
* | Rename imap.conf → roundcube.conf | Guilhem Moulin | 2015-06-07 | 2 |
| | ||||
* | VERP management. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Configure Bacula File Daemon / Storage Daemon / Director. | Guilhem Moulin | 2015-06-07 | 20 |
| | | | | | Using client-side data signing/encryption and wrapping inter-host communication into stunnel. | |||
* | wibble | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Restart services when updating systemd unit files. | Guilhem Moulin | 2015-06-07 | 3 |
| | ||||
* | firewall: allow 127.0.0.1/8 on lo. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | More logcheck-database tweaks. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | genkeypair.sh: Merge privkey and pubkey for identical filekeys. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | Also, set ‘subjectKeyIdentifier = hash’ in the CSR. | |||
* | rkhunter: Allow hidden dir /etc/.java | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | wibble | Guilhem Moulin | 2015-06-07 | 2 |
| | ||||
* | SQL: Set empty passwords for auth_socket authentication. | Guilhem Moulin | 2015-06-07 | 3 |
| | ||||
* | stunnel.conf → imap.conf | Guilhem Moulin | 2015-06-07 | 2 |
| | ||||
* | Add a redirection www.fripost.org → fripost.org. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Also distribute material and minutes. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | gitweb workaround encoding issues in FCGI mode. | Guilhem Moulin | 2015-06-07 | 3 |
| | ||||
* | typo | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | More logcheck-database tweaks. | Guilhem Moulin | 2015-06-07 | 3 |
| | ||||
* | Prefer '/usr/sbin/nologin' over '/bin/false' for system users. | Guilhem Moulin | 2015-06-07 | 3 |
| | ||||
* | Configure ikiwiki (website + wiki). | Guilhem Moulin | 2015-06-07 | 7 |
| | ||||
* | Git (gitolite + git-http-backend + gitweb) configuration | Guilhem Moulin | 2015-06-07 | 9 |
| | | | | | | | | | | | By default repos are be readable by gitweb and the web server ('gitweb' and 'www-data' are both in the 'gitolite' group). Private repo owners will have 'chmod -R og-rwx' manually. To automatically add new repos to gitweb's 'project.list' file, make it readable to the special 'gitweb' user. See /usr/share/doc/gitolite3/README.txt.gz for details. | |||
* | Install CAcert.org root certificates. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | XXX: this is a workaround the CAcert root CAs not being present in Jessie. In stretch, we would merely install the 'ca-cacert' package. | |||
* | typo | Guilhem Moulin | 2015-06-07 | 2 |
| | ||||
* | Enforce "strong" authentication and FPS in LDAP. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | Which is now possible since all LDAP clients and servers have been upgraded to Jessie, and Postfix is now able to perform SASL binds. | |||
* | Upgrade the webmail configuration from Wheezy to Jessie. | Guilhem Moulin | 2015-06-07 | 6 |
| | ||||
* | Upgrade the MX configuration from Wheezy to Jessie. | Guilhem Moulin | 2015-06-07 | 11 |
| | | | | | | In particular, since Postfix is now able to perform LDAP lookups using SASL, previous hacks with simble binds on cn=postfix,ou=services,… can now be removed. | |||
* | logjam mitigation. | Guilhem Moulin | 2015-06-07 | 10 |
| | ||||
* | More logcheck-database tweaks. | Guilhem Moulin | 2015-06-07 | 3 |
| | ||||
* | Don't restart sympa on logrotate. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | This is unnecessary since it uses syslog. | |||
* | typo | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | wibble | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | typo | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Allow outgoing HKP and WHOIS traffic on the LDAP provider. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Allow outgoing SSH traffic. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Add wildcard Pin version in apt preferences. | Guilhem Moulin | 2015-06-07 | 1 |
| |