Bob Mottram
|
3ba7b5db42
|
Disable site if certificate creation fails
|
2018-02-18 12:35:01 +00:00 |
Bob Mottram
|
ee1330f442
|
Update year
|
2018-01-25 18:35:39 +00:00 |
Bob Mottram
|
e05dfbb27c
|
Check for fullchain
|
2018-01-21 10:32:55 +00:00 |
Bob Mottram
|
0ddebf4dc3
|
Separate out mumble. It doesn't need to depend on prosody being installed
|
2018-01-21 10:15:20 +00:00 |
Bob Mottram
|
fa493156d4
|
prosody modules in two directories
|
2018-01-21 10:12:32 +00:00 |
Bob Mottram
|
980320f9e5
|
Only copy prosody modules if the directory exists
|
2018-01-21 10:10:43 +00:00 |
Bob Mottram
|
d22c6e7608
|
Scope
|
2018-01-21 10:07:21 +00:00 |
Bob Mottram
|
a5eb051bbf
|
Ensure letsencrypt certs are used where appropriate
|
2018-01-21 09:58:16 +00:00 |
Bob Mottram
|
f410d0a13f
|
Retire support for keybase.io gpg version 2.x doesn't appear to work well with it, but beyond that there's the really concerning issue that the site asks users to upload their *private keys*. Even if the private keys are client side passphrase encrypted this gives that site a full time opportunity to crack private keys. Even if they don't so that, a leak happens and suddenly letter agencies have your private key. Not a good way to go.
|
2018-01-11 20:26:27 +00:00 |
Bob Mottram
|
a6e2b54950
|
Placeholder web user interface
|
2018-01-07 14:47:43 +00:00 |
Bob Mottram
|
2805ec45a7
|
certificate not certkey
|
2018-01-05 15:46:26 +00:00 |
Bob Mottram
|
2db60740d6
|
Unfortunately, copying of tls keys for exim seems like the only option
|
2018-01-05 15:18:07 +00:00 |
Bob Mottram
|
761bf4ccb4
|
Install akaunting with composer
|
2017-12-20 21:53:18 +00:00 |
Bob Mottram
|
e9ebb25bab
|
Disable email chunking on upgrades
|
2017-11-27 22:46:29 +00:00 |
Bob Mottram
|
e901851d9c
|
Don't use local search because torify objects to anything local
|
2017-09-23 12:42:39 +01:00 |
Bob Mottram
|
1f7c90cd49
|
Set default search if searx is available
|
2017-09-23 12:28:57 +01:00 |
Bob Mottram
|
5293a3cdf2
|
Avoid duplicate bashrc entries
|
2017-09-23 12:24:23 +01:00 |
Bob Mottram
|
391edfe243
|
Update default search engine for all users
|
2017-09-23 12:17:16 +01:00 |
Bob Mottram
|
ca5428ca33
|
Remove xinetd when fixing stig tests, since it causes a violation
|
2017-09-01 11:05:05 +01:00 |
Bob Mottram
|
eacb504795
|
Reverse logic
|
2017-08-31 19:48:56 +01:00 |
Bob Mottram
|
306ef598bf
|
Restart daemon after email config changes
|
2017-08-31 19:46:25 +01:00 |
Bob Mottram
|
8a88f5ff35
|
Move tls function to be accessible to upgrade
|
2017-08-31 19:44:16 +01:00 |
Bob Mottram
|
c713c613c9
|
Don't repeatedly config congestion control
|
2017-08-05 22:11:02 +01:00 |
Bob Mottram
|
db091e1d72
|
Only update files when they change
|
2017-08-05 20:08:57 +01:00 |
Bob Mottram
|
5914a8c190
|
Check inadyn commit
|
2017-08-05 17:48:08 +01:00 |
Bob Mottram
|
dd04199b4a
|
Install composer
|
2017-07-25 22:11:03 +01:00 |
Bob Mottram
|
e941516024
|
php process timeout
|
2017-07-10 18:30:09 +01:00 |
Bob Mottram
|
d96d5bcf23
|
Ensure correct prosody modules are loaded
|
2017-07-10 16:36:14 +01:00 |
Bob Mottram
|
fdef7c93d7
|
Change php to static processes
|
2017-07-10 12:40:16 +01:00 |
Bob Mottram
|
7552dc20fc
|
More php settings
|
2017-07-10 10:22:37 +01:00 |
Bob Mottram
|
beb4a88bd2
|
php systemd interval
|
2017-07-10 09:58:44 +01:00 |
Bob Mottram
|
8c20b15f6f
|
Experimental control scripts
|
2017-06-23 10:35:58 +01:00 |
Bob Mottram
|
2ac43eabb2
|
Copying with hidden files
|
2017-06-17 18:37:06 +01:00 |
Bob Mottram
|
e65779aa0b
|
Include extra repos
|
2017-06-15 12:43:52 +01:00 |
Bob Mottram
|
8803eb6e5f
|
Missing slash
|
2017-06-04 10:09:00 +01:00 |
Bob Mottram
|
f495828a2d
|
php directory
|
2017-06-03 12:43:06 +01:00 |
Bob Mottram
|
92edd5dc1f
|
Update php to version 7.0
|
2017-05-29 14:40:34 +01:00 |
Bob Mottram
|
b6ae4623ec
|
Don't use autogen in inadyn build
|
2017-05-18 09:56:00 +01:00 |
Bob Mottram
|
4485d92021
|
autogen for inadyn
|
2017-05-16 23:13:00 +01:00 |
Bob Mottram
|
6ccd81f39c
|
Use compressed responses for gnusocial/postactiv
|
2017-05-14 10:52:16 +01:00 |
Bob Mottram
|
0af189ce2b
|
Use mobile ciphers for default domain
|
2017-05-11 12:54:38 +01:00 |
Bob Mottram
|
c9eb34c7d1
|
Allow some apps to use ciphers better suited for mobile apps
|
2017-05-10 22:27:52 +01:00 |
Bob Mottram
|
6225616be2
|
Some additional nginx security settings
|
2017-05-08 16:43:42 +01:00 |
Bob Mottram
|
368fd5b8d2
|
Don't need to copy jitsi certs
|
2017-05-07 16:12:02 +01:00 |
Bob Mottram
|
ce071bcc7b
|
Use letsencrypt cert for mumble
|
2017-05-07 12:55:02 +01:00 |
Bob Mottram
|
d41fb6f08c
|
Ensure that xmpp cert paths get converted on certificate reissue
|
2017-05-07 11:49:13 +01:00 |
Bob Mottram
|
31671f6194
|
Avoid copying xmpp certs
|
2017-05-07 10:52:00 +01:00 |
Bob Mottram
|
407309fe8a
|
Switch to mozilla recommended ciphers
These work better on Android devices
|
2017-05-05 22:31:24 +01:00 |
Bob Mottram
|
9e31cf4802
|
Enable letsencrypt
Why wasn't that on already?
|
2017-05-05 19:48:30 +01:00 |
Bob Mottram
|
4a8b70fc83
|
Remove sydent
|
2017-05-05 12:35:24 +01:00 |
Bob Mottram
|
dceb07a885
|
certificate permission
|
2017-05-04 22:21:12 +01:00 |
Bob Mottram
|
14617a85d9
|
Install nginx before npm
|
2017-04-13 20:49:58 +01:00 |
Bob Mottram
|
240a9e9283
|
Additional index on http redirect
|
2017-04-03 20:24:25 +01:00 |
Bob Mottram
|
7c40b53833
|
use letsencrypt for ssl
|
2017-03-14 22:26:35 +00:00 |
Bob Mottram
|
03c1fee44a
|
Matrix domain certificate
|
2017-02-09 12:53:42 +00:00 |
Bob Mottram
|
2778298607
|
Reorganize matrix
|
2017-01-01 20:40:08 +00:00 |
Bob Mottram
|
6ea77bde31
|
Update matrix certs
|
2016-12-30 20:00:50 +00:00 |
Bob Mottram
|
ac496b3fe3
|
restart mumble
|
2016-12-30 18:42:59 +00:00 |
Bob Mottram
|
bf8a858ff8
|
Fix mumble certs
|
2016-12-30 18:32:06 +00:00 |
Bob Mottram
|
d24d6ba000
|
Test domain gets modified
|
2016-12-21 21:55:50 +00:00 |
Bob Mottram
|
cf4e137c25
|
Exit if upgrade fails
|
2016-12-21 21:51:56 +00:00 |
Bob Mottram
|
f2f72193b8
|
Check default domain name is more than zero length
|
2016-12-05 16:01:19 +00:00 |
Bob Mottram
|
052b557053
|
Multi-user chat config
|
2016-12-03 19:13:35 +00:00 |
Bob Mottram
|
e1a352919f
|
No permissions on shadow most of the time
|
2016-11-29 15:00:40 +00:00 |
Bob Mottram
|
6a176f021e
|
Permissions and certs for prosody
|
2016-11-22 11:02:50 +00:00 |
Bob Mottram
|
655ff977ad
|
Web logs off by default
|
2016-11-18 18:33:08 +00:00 |
Bob Mottram
|
0dbebd4c4f
|
Turn off nginx logs on install
|
2016-11-18 15:06:14 +00:00 |
Bob Mottram
|
30ce2ce362
|
Fix dovecot's odd cert definition format
|
2016-11-16 09:52:37 +00:00 |
Bob Mottram
|
3bd64b0fb9
|
Filename
|
2016-11-11 18:18:50 +00:00 |
Bob Mottram
|
850b9c1f4d
|
Tidying
|
2016-11-11 17:36:30 +00:00 |
Bob Mottram
|
7e7e463ea0
|
Check that jitsi is installed
|
2016-11-11 09:09:34 +00:00 |
Bob Mottram
|
6c101abdb3
|
Turning logs off
|
2016-11-10 13:26:31 +00:00 |
Bob Mottram
|
5491dbbe9a
|
matrix installation
|
2016-11-07 20:58:26 +00:00 |
Bob Mottram
|
d31474df79
|
jitsi app
|
2016-11-05 15:42:19 +00:00 |
Bob Mottram
|
6aa70353bf
|
irc configuration for onion only systems
|
2016-11-01 21:53:25 +00:00 |
Bob Mottram
|
ad2ab45a70
|
Handle dovecot cert
|
2016-10-31 18:39:35 +00:00 |
Bob Mottram
|
557b25b4a8
|
Change email address
|
2016-10-31 16:24:49 +00:00 |
Bob Mottram
|
5a12545657
|
When ssl is enabled only allow https content within the site
|
2016-10-31 10:42:03 +00:00 |
Bob Mottram
|
a1de6ba0c8
|
quotes
|
2016-10-30 19:59:40 +00:00 |
Bob Mottram
|
680312859f
|
Check letsencrypt directory
|
2016-10-30 19:50:02 +00:00 |
Bob Mottram
|
9bb7352de7
|
Messages
|
2016-10-30 19:42:39 +00:00 |
Bob Mottram
|
46b62d9f63
|
Update message
|
2016-10-30 19:37:48 +00:00 |
Bob Mottram
|
ec53797e47
|
Change irc certs
|
2016-10-30 19:34:28 +00:00 |
Bob Mottram
|
afb0a46fc8
|
Use pem cert if it's available
|
2016-10-29 14:05:35 +01:00 |
Bob Mottram
|
6a4087525a
|
Missing fi
|
2016-10-28 16:00:22 +01:00 |
Bob Mottram
|
c797c0f94d
|
Use letsencrypt certificate for irc bouncer
|
2016-10-28 15:47:08 +01:00 |
Bob Mottram
|
2e986b42d0
|
Reload mumble after new certs applied
|
2016-10-28 13:27:42 +01:00 |
Bob Mottram
|
f40d44e6b2
|
Use letsencrypt cert with mumble
|
2016-10-28 13:19:08 +01:00 |
Bob Mottram
|
e6215a9e2d
|
prosody cert permissions
|
2016-10-28 09:30:29 +01:00 |
Bob Mottram
|
6d4819ff47
|
Prosody conference domain
|
2016-10-27 22:55:49 +01:00 |
Bob Mottram
|
685db44679
|
Handle prosody letsencrypt certs
|
2016-10-27 22:51:21 +01:00 |
Bob Mottram
|
75b27e65dc
|
Checking that certs exist
|
2016-10-26 17:08:45 +01:00 |
Bob Mottram
|
1000297af0
|
Improve letsencrypt certs
|
2016-10-26 16:10:46 +01:00 |
Bob Mottram
|
061e65520d
|
Quieter install
|
2016-10-23 19:38:14 +01:00 |
Bob Mottram
|
66bdd41ec1
|
Move firewall functions to their logical homes
|
2016-10-22 18:26:17 +01:00 |
Bob Mottram
|
0b8fc22d70
|
Convert between pem and crt if letsencrypt fails
|
2016-10-20 22:46:51 +01:00 |
Bob Mottram
|
1d5edecce3
|
Remove individual cert files
|
2016-10-20 22:02:16 +01:00 |
Bob Mottram
|
47db991abf
|
Move to debian packaged certbot
|
2016-10-20 19:05:27 +01:00 |
Bob Mottram
|
f7d3f228d9
|
No stapling
|
2016-10-17 17:57:16 +01:00 |
Bob Mottram
|
607d4bdc95
|
Tidying
|
2016-10-16 19:50:56 +01:00 |