Bob Mottram
|
81a78f5b92
|
Don't list selected apps
|
2017-06-17 18:11:42 +01:00 |
Bob Mottram
|
81e06abc20
|
Some filesystem optimisations for btrfs
|
2017-06-17 12:26:00 +01:00 |
Bob Mottram
|
641a576e24
|
Apache2
|
2017-06-14 10:50:46 +01:00 |
Bob Mottram
|
a6cbf0dc65
|
Change location of resolv.conf
|
2017-06-14 10:48:41 +01:00 |
Bob Mottram
|
c17a68139b
|
Only purge the main apache package
|
2017-06-12 13:17:55 +01:00 |
Bob Mottram
|
04826948f0
|
Check for files
|
2017-06-01 21:30:17 +01:00 |
Bob Mottram
|
8b13d28361
|
Don't use monkeysphere
|
2017-06-01 17:59:28 +01:00 |
Bob Mottram
|
dfda824730
|
utils setup sequence
|
2017-05-30 13:45:19 +01:00 |
Bob Mottram
|
8ba6c594b5
|
awk package
|
2017-05-29 19:48:42 +01:00 |
Bob Mottram
|
d308c83e0a
|
Change distro to stretch
|
2017-05-29 13:57:39 +01:00 |
Bob Mottram
|
fbc4c53d3a
|
letsencrypt permissions
|
2017-05-28 14:31:55 +01:00 |
Bob Mottram
|
2508d63134
|
Add powerline
|
2017-05-27 14:03:52 +01:00 |
Bob Mottram
|
3730e21fa9
|
app name during upgrade
|
2017-05-11 22:40:39 +01:00 |
Bob Mottram
|
c9a1c8b510
|
ME might affect many x86 installs, so instead of stopping the show just remove the interface, which reduces risks a little
|
2017-05-02 17:35:23 +01:00 |
Bob Mottram
|
cbddf8308f
|
Check for AMT within tests, because it could get turned on after installation
|
2017-05-02 11:03:25 +01:00 |
Bob Mottram
|
d6222879d2
|
Check for active Intel backdoor
|
2017-05-02 10:59:31 +01:00 |
Bob Mottram
|
427e910b0f
|
Only use usb canary on non-mesh installs
|
2017-05-01 12:34:47 +01:00 |
Bob Mottram
|
aabb4503f0
|
usb canary only installs once
|
2017-05-01 12:28:44 +01:00 |
Bob Mottram
|
c7bffe6a77
|
Add usb canary
|
2017-05-01 12:25:15 +01:00 |
Bob Mottram
|
bde41a1f21
|
Re-introduce rate limits on the firewall
|
2017-04-25 13:45:44 +01:00 |
Bob Mottram
|
38072abc54
|
Drop spoofed packets
|
2017-04-25 13:40:11 +01:00 |
Bob Mottram
|
794962ac85
|
Drop any outgoing telnet connections
|
2017-04-25 12:28:26 +01:00 |
Bob Mottram
|
39c126cba5
|
Remove any cached yarn files
|
2017-04-14 10:41:48 +01:00 |
Bob Mottram
|
425a4fc132
|
Block bad ip ranges
|
2017-03-31 15:27:09 +01:00 |
Bob Mottram
|
0913425df4
|
Take ownership of the snakeoil
|
2017-03-18 12:48:54 +00:00 |
Bob Mottram
|
16d1681d35
|
bad yarn cache permissions
|
2017-03-18 11:24:19 +00:00 |
Bob Mottram
|
873f67068d
|
Bump /tmp to 150M to allow tahoe-lafs install
|
2017-03-04 22:31:08 +00:00 |
Bob Mottram
|
747f533efb
|
Extra packages
|
2017-02-24 15:44:01 +00:00 |
Bob Mottram
|
fbeb938fc8
|
Include more of the base install within image builds
|
2017-02-23 15:44:09 +00:00 |
Bob Mottram
|
840c5f7976
|
Remove unused function
|
2016-12-21 20:05:00 +00:00 |
Bob Mottram
|
7ad43b6800
|
quotes
|
2016-12-21 19:40:28 +00:00 |
Bob Mottram
|
e3ff98ce41
|
quotes
|
2016-12-21 19:33:55 +00:00 |
Bob Mottram
|
2712e1cedd
|
echo
|
2016-12-21 19:28:35 +00:00 |
Bob Mottram
|
5c7ac4e375
|
Permissions
|
2016-12-03 17:57:00 +00:00 |
Bob Mottram
|
0f89aafbad
|
Prosody permissions
|
2016-12-03 13:07:29 +00:00 |
Bob Mottram
|
3806f4e4e9
|
Ensure prosody permissions
|
2016-12-03 12:37:07 +00:00 |
Bob Mottram
|
8d8ba4a788
|
dovecot permissions
|
2016-12-02 18:48:04 +00:00 |
Bob Mottram
|
46a4f19698
|
Dovecot permissions
|
2016-12-02 12:41:48 +00:00 |
Bob Mottram
|
df8886a222
|
During interactive install bypass the app selecting stage
This will ensure that apps all get separate passwords assigned
|
2016-12-01 13:51:11 +00:00 |
Bob Mottram
|
3695d6a138
|
Bump size of tmp
|
2016-12-01 10:53:40 +00:00 |
Bob Mottram
|
4ed6e4ff7f
|
Schedule daily STIG tests
|
2016-11-30 21:00:17 +00:00 |
Bob Mottram
|
42d5bc9321
|
Move tmp to a ramdisk
|
2016-11-30 20:10:51 +00:00 |
Bob Mottram
|
28e8155750
|
Modules aren't installed anyway
|
2016-11-30 18:27:07 +00:00 |
Bob Mottram
|
3f0d9b7b82
|
Disable null passwords
|
2016-11-30 17:54:45 +00:00 |
Bob Mottram
|
b88a3e867b
|
Disable tipc
|
2016-11-30 17:24:05 +00:00 |
Bob Mottram
|
6b4dba4771
|
Disable rds
|
2016-11-30 17:21:22 +00:00 |
Bob Mottram
|
21a3edf51a
|
Disable sctp
|
2016-11-30 17:18:22 +00:00 |
Bob Mottram
|
c9f6fbd54f
|
Disable dccp
|
2016-11-30 17:15:43 +00:00 |
Bob Mottram
|
23f67f2426
|
Checking for ctrl-alt-del link
|
2016-11-30 15:43:31 +00:00 |
Bob Mottram
|
73316797e3
|
Change rule to exclude nonexistent directory
|
2016-11-30 14:38:28 +00:00 |
Bob Mottram
|
5c79c584fc
|
Set sticky bits
|
2016-11-30 13:40:17 +00:00 |
Bob Mottram
|
3f58fc17d2
|
exim/procmail command permissions
|
2016-11-30 13:12:15 +00:00 |
Bob Mottram
|
b97ec3892b
|
Dummy nologin command
To fix STIG error
|
2016-11-30 10:30:56 +00:00 |
Bob Mottram
|
466dec4d89
|
Change function name
|
2016-11-30 09:41:56 +00:00 |
Bob Mottram
|
396b202982
|
Disable core dumps
|
2016-11-29 23:19:31 +00:00 |
Bob Mottram
|
4eced972fd
|
Install screen to enable console locking
|
2016-11-29 22:39:29 +00:00 |
Bob Mottram
|
f6fd2111e7
|
Ensure permissions on freedombone commands
|
2016-11-29 21:49:40 +00:00 |
Bob Mottram
|
9749cb43ce
|
sudo permissions
|
2016-11-29 21:17:52 +00:00 |
Bob Mottram
|
11899c9904
|
Set command file permissions
|
2016-11-29 20:49:11 +00:00 |
Bob Mottram
|
8e9933725d
|
Remove logins via serial console
|
2016-11-29 20:34:29 +00:00 |
Bob Mottram
|
35d789f133
|
Limit the number of user logins
|
2016-11-29 19:30:36 +00:00 |
Bob Mottram
|
a686f2401c
|
Limit number of login attempts
|
2016-11-29 18:10:27 +00:00 |
Bob Mottram
|
b8b0637e13
|
Set maximum login attempts
|
2016-11-29 16:31:07 +00:00 |
Bob Mottram
|
0d568644e0
|
Set shadow permissions
|
2016-11-29 14:31:54 +00:00 |
Bob Mottram
|
63821d3c21
|
Disable deferred execution
|
2016-11-29 13:53:16 +00:00 |
Bob Mottram
|
f5b3393a3b
|
Set login umask
|
2016-11-29 13:31:36 +00:00 |
Bob Mottram
|
4d0e030130
|
Disable nfs insecure locks
|
2016-11-29 13:16:53 +00:00 |
Bob Mottram
|
cb87c06f90
|
Remove bluetooth
|
2016-11-29 13:01:00 +00:00 |
Bob Mottram
|
98c312fec5
|
Tidying
|
2016-11-18 18:08:18 +00:00 |
Bob Mottram
|
ab03b8e159
|
Use backports kernel if possible
|
2016-11-02 17:03:56 +00:00 |
Bob Mottram
|
557b25b4a8
|
Change email address
|
2016-10-31 16:24:49 +00:00 |
Bob Mottram
|
8409b0f198
|
Copy letsencrypt keys if available
|
2016-10-26 22:55:59 +01:00 |
Bob Mottram
|
43c5e1dd15
|
Tidy up initial loading of some files from usb
|
2016-10-26 19:58:48 +01:00 |
Bob Mottram
|
05cb1404da
|
Automatic detection of the usb drive
|
2016-10-25 10:40:49 +01:00 |
Bob Mottram
|
061e65520d
|
Quieter install
|
2016-10-23 19:38:14 +01:00 |
Bob Mottram
|
882ea66ef7
|
pci
|
2016-10-21 14:10:57 +01:00 |
Bob Mottram
|
c9885f8485
|
Quotes
|
2016-10-21 14:06:03 +01:00 |
Bob Mottram
|
bb4e27fd67
|
Reset usb devices
|
2016-10-21 14:00:29 +01:00 |
Bob Mottram
|
f24c1f6f2d
|
Check if running as root
|
2016-10-21 13:56:13 +01:00 |
Bob Mottram
|
9e556faa8f
|
If apps fail to install then keep going but record them in the log
|
2016-10-19 20:21:49 +01:00 |
Bob Mottram
|
28b8ebc4da
|
List the apps which failed
|
2016-10-19 20:06:54 +01:00 |
Bob Mottram
|
d925c4f00d
|
Check that all chosen apps actually do get installed
|
2016-10-19 10:50:22 +01:00 |
Bob Mottram
|
15f6c6709b
|
quiet
|
2016-10-18 11:16:04 +01:00 |
Bob Mottram
|
345e9f0ef1
|
Check that admin sudoer doesn't already exist
|
2016-10-18 11:15:23 +01:00 |
Bob Mottram
|
cf9ce1c0bf
|
Enable admin sudoer in non-image install
|
2016-10-18 11:14:02 +01:00 |
Bob Mottram
|
ad39b2c78d
|
Initially select all apps for install in interactive mode
|
2016-10-17 13:01:13 +01:00 |
Bob Mottram
|
5161fee8f6
|
Initially select all apps for install in interactive mode
|
2016-10-17 12:40:53 +01:00 |
Bob Mottram
|
3d259de720
|
Different method of interactive install allows the user to select apps from a list
|
2016-10-17 10:45:12 +01:00 |
Bob Mottram
|
f0d725c627
|
typo
|
2016-10-16 23:06:11 +01:00 |
Bob Mottram
|
31300402d4
|
Tidying
|
2016-10-16 20:00:20 +01:00 |
Bob Mottram
|
607d4bdc95
|
Tidying
|
2016-10-16 19:50:56 +01:00 |
Bob Mottram
|
df6af676ee
|
Don't clear available apps array
|
2016-10-15 10:43:34 +01:00 |
Bob Mottram
|
b81252a159
|
Detect apps
|
2016-10-14 20:25:51 +01:00 |
Bob Mottram
|
f3a6124fe1
|
Tidying
|
2016-10-11 13:25:26 +01:00 |
Bob Mottram
|
f1ba82984a
|
load app variables before upgrade
|
2016-10-11 13:10:59 +01:00 |
Bob Mottram
|
4a70e40c1c
|
Better separation of emacs from mutt
So that other editors could potentially be installed
|
2016-10-11 12:05:34 +01:00 |
Bob Mottram
|
6047020d66
|
Consistent config file location
|
2016-10-10 22:50:59 +01:00 |
Bob Mottram
|
91cf5eb739
|
Deprecate tlsdate
The status of this project is unknown. If it looks as if it's continuing then it will likely be reinstated.
|
2016-10-10 18:32:48 +01:00 |
Bob Mottram
|
7bac22dbf7
|
Reading the project repo
|
2016-10-10 14:21:08 +01:00 |
Bob Mottram
|
a15ec75aff
|
Checking of system type
|
2016-10-09 11:07:05 +01:00 |