ansible.git
6 years agoinstall acl; use latest LE-tiny
Ralf Jung [Fri, 11 May 2018 17:15:33 +0000 (19:15 +0200)]
install acl; use latest LE-tiny

6 years agoadd README
Ralf Jung [Fri, 11 May 2018 11:08:51 +0000 (13:08 +0200)]
add README

6 years agoadd lets-encrypt-tiny
Ralf Jung [Fri, 11 May 2018 10:01:13 +0000 (12:01 +0200)]
add lets-encrypt-tiny

6 years agogroup newmail script stuff in a block
Ralf Jung [Fri, 11 May 2018 08:53:14 +0000 (10:53 +0200)]
group newmail script stuff in a block

6 years agoMove dh2048 creation to base, remove server-scripts from base
Ralf Jung [Fri, 11 May 2018 08:47:45 +0000 (10:47 +0200)]
Move dh2048 creation to base, remove server-scripts from base

6 years agoadd newmail script
Ralf Jung [Thu, 10 May 2018 22:51:53 +0000 (00:51 +0200)]
add newmail script

6 years agoadd mailman-check cronjob
Ralf Jung [Thu, 10 May 2018 22:41:37 +0000 (00:41 +0200)]
add mailman-check cronjob

6 years agomake base a role
Ralf Jung [Thu, 10 May 2018 10:58:34 +0000 (12:58 +0200)]
make base a role

6 years agoconfigure timesyncd
Ralf Jung [Thu, 10 May 2018 08:44:31 +0000 (10:44 +0200)]
configure timesyncd

6 years agodon't get DNS via DHCPv6 either
Ralf Jung [Thu, 10 May 2018 07:35:31 +0000 (09:35 +0200)]
don't get DNS via DHCPv6 either

6 years agounbound: make sure unbound is loaded before the network is considered online
Ralf Jung [Thu, 10 May 2018 07:18:52 +0000 (09:18 +0200)]
unbound: make sure unbound is loaded before the network is considered online

6 years agoadd do-update script
Ralf Jung [Thu, 10 May 2018 07:08:04 +0000 (09:08 +0200)]
add do-update script

6 years agopostfix needs opendkim access
Ralf Jung [Sat, 5 May 2018 15:23:13 +0000 (17:23 +0200)]
postfix needs opendkim access

6 years agoupdate server-scripts repo URL
Ralf Jung [Wed, 2 May 2018 07:53:25 +0000 (09:53 +0200)]
update server-scripts repo URL

6 years agodeploy apache log anonymizer
Ralf Jung [Tue, 1 May 2018 16:25:51 +0000 (18:25 +0200)]
deploy apache log anonymizer

6 years agojournalwatch: ssh, postfix
Ralf Jung [Tue, 1 May 2018 08:25:09 +0000 (10:25 +0200)]
journalwatch: ssh, postfix

6 years agofix NEEDRESTART_MODE
Ralf Jung [Tue, 1 May 2018 08:18:27 +0000 (10:18 +0200)]
fix NEEDRESTART_MODE

6 years agoI don't think we still need this with PW-logins disabled
Ralf Jung [Fri, 20 Apr 2018 07:33:58 +0000 (09:33 +0200)]
I don't think we still need this with PW-logins disabled

6 years agoapache: disable access_compat module
Ralf Jung [Tue, 17 Apr 2018 20:37:17 +0000 (22:37 +0200)]
apache: disable access_compat module

6 years agoless MAM
Ralf Jung [Tue, 17 Apr 2018 14:56:46 +0000 (16:56 +0200)]
less MAM

6 years agojournalwatch: ssh
Ralf Jung [Mon, 16 Apr 2018 20:36:38 +0000 (22:36 +0200)]
journalwatch: ssh

6 years agomake sure dhclient does not give us another DNS server
Ralf Jung [Mon, 16 Apr 2018 17:39:54 +0000 (19:39 +0200)]
make sure dhclient does not give us another DNS server

6 years agoSSH: filter more
Ralf Jung [Mon, 16 Apr 2018 08:52:38 +0000 (10:52 +0200)]
SSH: filter more

6 years agoadd unbound and more tools
Ralf Jung [Sun, 15 Apr 2018 16:26:57 +0000 (18:26 +0200)]
add unbound and more tools

6 years agoinstall more stuff
Ralf Jung [Sun, 15 Apr 2018 15:54:32 +0000 (17:54 +0200)]
install more stuff

6 years agoadd prosody config
Ralf Jung [Sun, 15 Apr 2018 15:32:35 +0000 (17:32 +0200)]
add prosody config

6 years agoconfigure root shell from /etc/skel; put conditionals above actions
Ralf Jung [Sun, 15 Apr 2018 15:32:25 +0000 (17:32 +0200)]
configure root shell from /etc/skel; put conditionals above actions

6 years agojournalwatch: ignore failed SSH attempts... there are just too many...
Ralf Jung [Sun, 15 Apr 2018 13:35:42 +0000 (15:35 +0200)]
journalwatch: ignore failed SSH attempts... there are just too many...

6 years agoroll out psmisc (for killall)
Ralf Jung [Sun, 15 Apr 2018 13:30:31 +0000 (15:30 +0200)]
roll out psmisc (for killall)

6 years agofail2ban cleanup done
Ralf Jung [Sun, 15 Apr 2018 13:27:03 +0000 (15:27 +0200)]
fail2ban cleanup done

6 years agoget rid of fail2ban, it doesnt actually help
Ralf Jung [Sun, 15 Apr 2018 13:23:25 +0000 (15:23 +0200)]
get rid of fail2ban, it doesnt actually help

6 years agoadd shared apache config
Ralf Jung [Sun, 8 Apr 2018 11:12:39 +0000 (13:12 +0200)]
add shared apache config

6 years agofix postscreen and DKIM permissions
Ralf Jung [Sun, 8 Apr 2018 10:16:12 +0000 (12:16 +0200)]
fix postscreen and DKIM permissions

6 years agoproperly set up opendkim
Ralf Jung [Sun, 8 Apr 2018 09:58:45 +0000 (11:58 +0200)]
properly set up opendkim

6 years agomake --diff the default
Ralf Jung [Sun, 8 Apr 2018 08:32:00 +0000 (10:32 +0200)]
make --diff the default

6 years agoadd script to run ad-hoc on all hosts
Ralf Jung [Sun, 8 Apr 2018 08:23:11 +0000 (10:23 +0200)]
add script to run ad-hoc on all hosts

6 years agotweak upgrade playbook
Ralf Jung [Sun, 8 Apr 2018 08:22:34 +0000 (10:22 +0200)]
tweak upgrade playbook

6 years agoonly install needrestart from backports; pin server-scripts commit
Ralf Jung [Sun, 8 Apr 2018 08:17:14 +0000 (10:17 +0200)]
only install needrestart from backports; pin server-scripts commit

6 years agoextend gitignore
Ralf Jung [Sat, 7 Apr 2018 21:11:40 +0000 (23:11 +0200)]
extend gitignore

6 years agoextend postfix: vmail and more
Ralf Jung [Sat, 7 Apr 2018 21:05:20 +0000 (23:05 +0200)]
extend postfix: vmail and more

6 years agoadd master playbook
Ralf Jung [Sat, 7 Apr 2018 18:20:59 +0000 (20:20 +0200)]
add master playbook

6 years agotweak email
Ralf Jung [Sat, 7 Apr 2018 18:20:47 +0000 (20:20 +0200)]
tweak email

6 years agocheck if we are on a supported distro
Ralf Jung [Sat, 7 Apr 2018 18:20:06 +0000 (20:20 +0200)]
check if we are on a supported distro

6 years agoadd postfix and journalwatch roles
Ralf Jung [Sat, 7 Apr 2018 17:01:29 +0000 (19:01 +0200)]
add postfix and journalwatch roles

6 years agowork
Ralf Jung [Sat, 7 Apr 2018 15:27:45 +0000 (17:27 +0200)]
work

6 years agoadd basic packages playbook; work on upgrade playbook; provide script to run it on...
Ralf Jung [Thu, 5 Apr 2018 08:10:23 +0000 (10:10 +0200)]
add basic packages playbook; work on upgrade playbook; provide script to run it on all hosts despite sudo PW differences

6 years agowrite upgrade playbook and try it on some more hosts
Ralf Jung [Tue, 3 Apr 2018 09:33:50 +0000 (11:33 +0200)]
write upgrade playbook and try it on some more hosts

6 years agoinitial commit
Ralf Jung [Mon, 2 Apr 2018 20:11:12 +0000 (22:11 +0200)]
initial commit