free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
9,687 Commits 5 Branches 0 Tags 125 MiB
Commit Graph

161 Commits

Author SHA1 Message Date
Bob Mottram 3ba7b5db42 Disable site if certificate creation fails 2018-02-18 12:35:01 +00:00
Bob Mottram ee1330f442 Update year 2018-01-25 18:35:39 +00:00
Bob Mottram e05dfbb27c Check for fullchain 2018-01-21 10:32:55 +00:00
Bob Mottram 0ddebf4dc3 Separate out mumble. It doesn't need to depend on prosody being installed 2018-01-21 10:15:20 +00:00
Bob Mottram fa493156d4 prosody modules in two directories 2018-01-21 10:12:32 +00:00
Bob Mottram 980320f9e5 Only copy prosody modules if the directory exists 2018-01-21 10:10:43 +00:00
Bob Mottram d22c6e7608 Scope 2018-01-21 10:07:21 +00:00
Bob Mottram a5eb051bbf Ensure letsencrypt certs are used where appropriate 2018-01-21 09:58:16 +00:00
Bob Mottram f410d0a13f Retire support for keybase.io gpg version 2.x doesn't appear to work well with it, but beyond that there's the really concerning issue that the site asks users to upload their *private keys*. Even if the private keys are client side passphrase encrypted this gives that site a full time opportunity to crack private keys. Even if they don't so that, a leak happens and suddenly letter agencies have your private key. Not a good way to go. 2018-01-11 20:26:27 +00:00
Bob Mottram a6e2b54950 Placeholder web user interface 2018-01-07 14:47:43 +00:00
Bob Mottram 2805ec45a7 certificate not certkey 2018-01-05 15:46:26 +00:00
Bob Mottram 2db60740d6 Unfortunately, copying of tls keys for exim seems like the only option 2018-01-05 15:18:07 +00:00
Bob Mottram 761bf4ccb4 Install akaunting with composer 2017-12-20 21:53:18 +00:00
Bob Mottram e9ebb25bab Disable email chunking on upgrades 2017-11-27 22:46:29 +00:00
Bob Mottram e901851d9c Don't use local search because torify objects to anything local 2017-09-23 12:42:39 +01:00
Bob Mottram 1f7c90cd49 Set default search if searx is available 2017-09-23 12:28:57 +01:00
Bob Mottram 5293a3cdf2 Avoid duplicate bashrc entries 2017-09-23 12:24:23 +01:00
Bob Mottram 391edfe243 Update default search engine for all users 2017-09-23 12:17:16 +01:00
Bob Mottram ca5428ca33 Remove xinetd when fixing stig tests, since it causes a violation 2017-09-01 11:05:05 +01:00
Bob Mottram eacb504795 Reverse logic 2017-08-31 19:48:56 +01:00
Bob Mottram 306ef598bf Restart daemon after email config changes 2017-08-31 19:46:25 +01:00
Bob Mottram 8a88f5ff35 Move tls function to be accessible to upgrade 2017-08-31 19:44:16 +01:00
Bob Mottram c713c613c9 Don't repeatedly config congestion control 2017-08-05 22:11:02 +01:00
Bob Mottram db091e1d72 Only update files when they change 2017-08-05 20:08:57 +01:00
Bob Mottram 5914a8c190 Check inadyn commit 2017-08-05 17:48:08 +01:00
Bob Mottram dd04199b4a Install composer 2017-07-25 22:11:03 +01:00
Bob Mottram e941516024 php process timeout 2017-07-10 18:30:09 +01:00
Bob Mottram d96d5bcf23 Ensure correct prosody modules are loaded 2017-07-10 16:36:14 +01:00
Bob Mottram fdef7c93d7 Change php to static processes 2017-07-10 12:40:16 +01:00
Bob Mottram 7552dc20fc More php settings 2017-07-10 10:22:37 +01:00
Bob Mottram beb4a88bd2 php systemd interval 2017-07-10 09:58:44 +01:00
Bob Mottram 8c20b15f6f Experimental control scripts 2017-06-23 10:35:58 +01:00
Bob Mottram 2ac43eabb2 Copying with hidden files 2017-06-17 18:37:06 +01:00
Bob Mottram e65779aa0b Include extra repos 2017-06-15 12:43:52 +01:00
Bob Mottram 8803eb6e5f Missing slash 2017-06-04 10:09:00 +01:00
Bob Mottram f495828a2d php directory 2017-06-03 12:43:06 +01:00
Bob Mottram 92edd5dc1f Update php to version 7.0 2017-05-29 14:40:34 +01:00
Bob Mottram b6ae4623ec Don't use autogen in inadyn build 2017-05-18 09:56:00 +01:00
Bob Mottram 4485d92021 autogen for inadyn 2017-05-16 23:13:00 +01:00
Bob Mottram 6ccd81f39c Use compressed responses for gnusocial/postactiv 2017-05-14 10:52:16 +01:00
Bob Mottram 0af189ce2b Use mobile ciphers for default domain 2017-05-11 12:54:38 +01:00
Bob Mottram c9eb34c7d1 Allow some apps to use ciphers better suited for mobile apps 2017-05-10 22:27:52 +01:00
Bob Mottram 6225616be2 Some additional nginx security settings 2017-05-08 16:43:42 +01:00
Bob Mottram 368fd5b8d2 Don't need to copy jitsi certs 2017-05-07 16:12:02 +01:00
Bob Mottram ce071bcc7b Use letsencrypt cert for mumble 2017-05-07 12:55:02 +01:00
Bob Mottram d41fb6f08c Ensure that xmpp cert paths get converted on certificate reissue 2017-05-07 11:49:13 +01:00
Bob Mottram 31671f6194 Avoid copying xmpp certs 2017-05-07 10:52:00 +01:00
Bob Mottram 407309fe8a Switch to mozilla recommended ciphers 
These work better on Android devices
 2017-05-05 22:31:24 +01:00
Bob Mottram 9e31cf4802 Enable letsencrypt 
Why wasn't that on already?
 2017-05-05 19:48:30 +01:00
Bob Mottram 4a8b70fc83 Remove sydent 2017-05-05 12:35:24 +01:00
Bob Mottram dceb07a885 certificate permission 2017-05-04 22:21:12 +01:00
Bob Mottram 14617a85d9 Install nginx before npm 2017-04-13 20:49:58 +01:00
Bob Mottram 240a9e9283 Additional index on http redirect 2017-04-03 20:24:25 +01:00
Bob Mottram 7c40b53833 use letsencrypt for ssl 2017-03-14 22:26:35 +00:00
Bob Mottram 03c1fee44a Matrix domain certificate 2017-02-09 12:53:42 +00:00
Bob Mottram 2778298607 Reorganize matrix 2017-01-01 20:40:08 +00:00
Bob Mottram 6ea77bde31 Update matrix certs 2016-12-30 20:00:50 +00:00
Bob Mottram ac496b3fe3 restart mumble 2016-12-30 18:42:59 +00:00
Bob Mottram bf8a858ff8 Fix mumble certs 2016-12-30 18:32:06 +00:00
Bob Mottram d24d6ba000 Test domain gets modified 2016-12-21 21:55:50 +00:00
Bob Mottram cf4e137c25 Exit if upgrade fails 2016-12-21 21:51:56 +00:00
Bob Mottram f2f72193b8 Check default domain name is more than zero length 2016-12-05 16:01:19 +00:00
Bob Mottram 052b557053 Multi-user chat config 2016-12-03 19:13:35 +00:00
Bob Mottram e1a352919f No permissions on shadow most of the time 2016-11-29 15:00:40 +00:00
Bob Mottram 6a176f021e Permissions and certs for prosody 2016-11-22 11:02:50 +00:00
Bob Mottram 655ff977ad Web logs off by default 2016-11-18 18:33:08 +00:00
Bob Mottram 0dbebd4c4f Turn off nginx logs on install 2016-11-18 15:06:14 +00:00
Bob Mottram 30ce2ce362 Fix dovecot's odd cert definition format 2016-11-16 09:52:37 +00:00
Bob Mottram 3bd64b0fb9 Filename 2016-11-11 18:18:50 +00:00
Bob Mottram 850b9c1f4d Tidying 2016-11-11 17:36:30 +00:00
Bob Mottram 7e7e463ea0 Check that jitsi is installed 2016-11-11 09:09:34 +00:00
Bob Mottram 6c101abdb3 Turning logs off 2016-11-10 13:26:31 +00:00
Bob Mottram 5491dbbe9a matrix installation 2016-11-07 20:58:26 +00:00
Bob Mottram d31474df79 jitsi app 2016-11-05 15:42:19 +00:00
Bob Mottram 6aa70353bf irc configuration for onion only systems 2016-11-01 21:53:25 +00:00
Bob Mottram ad2ab45a70 Handle dovecot cert 2016-10-31 18:39:35 +00:00
Bob Mottram 557b25b4a8 Change email address 2016-10-31 16:24:49 +00:00
Bob Mottram 5a12545657 When ssl is enabled only allow https content within the site 2016-10-31 10:42:03 +00:00
Bob Mottram a1de6ba0c8 quotes 2016-10-30 19:59:40 +00:00
Bob Mottram 680312859f Check letsencrypt directory 2016-10-30 19:50:02 +00:00
Bob Mottram 9bb7352de7 Messages 2016-10-30 19:42:39 +00:00
Bob Mottram 46b62d9f63 Update message 2016-10-30 19:37:48 +00:00
Bob Mottram ec53797e47 Change irc certs 2016-10-30 19:34:28 +00:00
Bob Mottram afb0a46fc8 Use pem cert if it's available 2016-10-29 14:05:35 +01:00
Bob Mottram 6a4087525a Missing fi 2016-10-28 16:00:22 +01:00
Bob Mottram c797c0f94d Use letsencrypt certificate for irc bouncer 2016-10-28 15:47:08 +01:00
Bob Mottram 2e986b42d0 Reload mumble after new certs applied 2016-10-28 13:27:42 +01:00
Bob Mottram f40d44e6b2 Use letsencrypt cert with mumble 2016-10-28 13:19:08 +01:00
Bob Mottram e6215a9e2d prosody cert permissions 2016-10-28 09:30:29 +01:00
Bob Mottram 6d4819ff47 Prosody conference domain 2016-10-27 22:55:49 +01:00
Bob Mottram 685db44679 Handle prosody letsencrypt certs 2016-10-27 22:51:21 +01:00
Bob Mottram 75b27e65dc Checking that certs exist 2016-10-26 17:08:45 +01:00
Bob Mottram 1000297af0 Improve letsencrypt certs 2016-10-26 16:10:46 +01:00
Bob Mottram 061e65520d Quieter install 2016-10-23 19:38:14 +01:00
Bob Mottram 66bdd41ec1 Move firewall functions to their logical homes 2016-10-22 18:26:17 +01:00
Bob Mottram 0b8fc22d70 Convert between pem and crt if letsencrypt fails 2016-10-20 22:46:51 +01:00
Bob Mottram 1d5edecce3 Remove individual cert files 2016-10-20 22:02:16 +01:00
Bob Mottram 47db991abf Move to debian packaged certbot 2016-10-20 19:05:27 +01:00
Bob Mottram f7d3f228d9 No stapling 2016-10-17 17:57:16 +01:00
Bob Mottram 607d4bdc95 Tidying 2016-10-16 19:50:56 +01:00