log

age author description
Sat, 01 Apr 2017 10:54:09 +0100 IBBoard Make the IBBoard repo config go away, rather than just leaving it undefined puppet-3.6
Fri, 31 Mar 2017 21:00:58 +0100 IBBoard IBBoard repo is no longer necessary and has been removed! puppet-3.6
Thu, 30 Mar 2017 21:00:21 +0100 IBBoard Remove unused (and slightly confusing) class puppet-3.6
Thu, 30 Mar 2017 20:41:18 +0100 IBBoard Move all sites to separate LetsEncrypt certs to make adding future domains easier puppet-3.6
Tue, 28 Mar 2017 21:12:49 +0100 IBBoard Remove slash in redirect because group catches path slash puppet-3.6
Tue, 28 Mar 2017 21:05:12 +0100 IBBoard Make sure that we still redirect to non-www if we want it puppet-3.6
Tue, 28 Mar 2017 20:56:53 +0100 IBBoard Swap GlitterGoth to its own Let's Encrypt cert puppet-3.6
Tue, 28 Mar 2017 20:51:06 +0100 IBBoard Remove unused Apache config files puppet-3.6
Tue, 28 Mar 2017 20:50:17 +0100 IBBoard Add missing HTTPS site config template puppet-3.6
Tue, 28 Mar 2017 20:47:45 +0100 IBBoard Update test machine IPs to match new DHCP pool puppet-3.6
Tue, 28 Mar 2017 20:46:35 +0100 IBBoard Restructure HTTPS certificates and multiple TLD sites for clarity puppet-3.6
Sun, 26 Mar 2017 16:53:34 +0100 IBBoard Remove now deprecated mcrypt extension - all scripts now use openssl puppet-3.6
Sun, 26 Mar 2017 16:12:57 +0100 IBBoard Fix pip installations puppet-3.6
Sat, 25 Mar 2017 20:54:34 +0000 IBBoard Switch to mercurial_keyring from Pip puppet-3.6
Sat, 25 Mar 2017 20:18:13 +0000 IBBoard Remove mod_auth_token and replace with mod_xsendfile puppet-3.6
Sat, 25 Mar 2017 12:05:36 +0000 IBBoard Add BDStrike domains puppet-3.6
Sat, 25 Mar 2017 12:05:23 +0000 IBBoard Make IP on redirects optional (defaults to primary IP) puppet-3.6
Fri, 03 Mar 2017 19:48:06 +0000 IBBoard Remove hgview because it is GUI only puppet-3.6
Thu, 09 Feb 2017 20:54:30 +0000 IBBoard Add OLE detection to SpamAssassin without ClamAV puppet-3.6
Wed, 18 Jan 2017 21:13:20 +0000 IBBoard Make GG DB backup less frequent now that site is closing puppet-3.6
Sun, 15 Jan 2017 20:47:13 +0000 IBBoard Remove ClamAV from server config puppet-3.6
Mon, 09 Jan 2017 21:06:10 +0000 IBBoard Block another annoying IP with a firewall rule puppet-3.6
Sat, 17 Dec 2016 12:01:55 +0000 IBBoard Override minimum UID for Dovecot/IMAP, as we use old "500+ is users" range puppet-3.6
Sat, 17 Dec 2016 12:01:16 +0000 IBBoard Firewall Baidu's new Brazillian IP range for being to agressive puppet-3.6
Fri, 11 Nov 2016 21:04:13 +0000 IBBoard Fix "direct under CA" custom conditions and sites that use "cert named after domain" pattern puppet-3.6
Fri, 11 Nov 2016 21:02:09 +0000 IBBoard Add Certbot packages we depend on for commands and providing certs puppet-3.6
Fri, 11 Nov 2016 18:17:46 +0000 IBBoard Do not supply incorrect CA chain for GG Test site puppet-3.6
Fri, 11 Nov 2016 17:15:23 +0000 IBBoard Switch to using LetsEncrypt certs by default puppet-3.6
Fri, 04 Nov 2016 20:55:22 +0000 IBBoard Remove (hopefully) redundant Spamhaus checks - Postscreen should do this puppet-3.6
Wed, 26 Oct 2016 19:40:37 +0100 IBBoard Change all "latest" packages to "installed" puppet-3.6
Thu, 06 Oct 2016 19:02:30 +0100 IBBoard Be less agressive with blocking on the grounds of SPF puppet-3.6
Sun, 02 Oct 2016 19:33:22 +0100 IBBoard Filter what we see in Postwhite cron output puppet-3.6
Sun, 18 Sep 2016 07:22:22 +0100 IBBoard Fix rookie cron mistake - don't run Postwhite EVERY MINUTE! puppet-3.6
Sat, 17 Sep 2016 15:19:54 +0100 IBBoard Fix PHP reporting in logwatch puppet-3.6
Tue, 13 Sep 2016 21:04:40 +0100 IBBoard Fix Apache 2.4 Logwatch support puppet-3.6
Tue, 13 Sep 2016 20:53:16 +0100 IBBoard Schedule Postwhite to run regularly puppet-3.6
Tue, 13 Sep 2016 20:27:22 +0100 IBBoard Swap from manual Postscreen whitelist to Postwhite generated whitelist puppet-3.6
Sat, 03 Sep 2016 20:31:35 +0100 IBBoard Add missing "permit" on Postscreen whitelist lines puppet-3.6
Sat, 03 Sep 2016 14:28:56 +0100 IBBoard Blacklist more spamming IPs (with a ######.info domain) puppet-3.6
Fri, 02 Sep 2016 13:40:26 +0100 IBBoard Add eBay to Postscreen whitelist puppet-3.6
Sat, 13 Aug 2016 13:44:01 +0100 IBBoard Disable PCRE JIT to stop SELinux giving "denied execmem" for Apache puppet-3.6
Wed, 20 Jul 2016 20:31:22 +0100 IBBoard Blank some Apache configs to prevent httpd update breaking the server puppet-3.6
Tue, 19 Jul 2016 20:25:44 +0100 IBBoard Ban IODC bot, because they can't behave and don't have robots.txt instructions puppet-3.6
Fri, 08 Jul 2016 20:34:29 +0100 IBBoard Redirect dumb bots that removed the ID number to the main module page puppet-3.6
Wed, 29 Jun 2016 20:49:56 +0100 IBBoard Make sure that we're detecting and serving 7zip and RAR files correctly puppet-3.6
Tue, 28 Jun 2016 20:36:42 +0100 IBBoard Make sure that custom config comes before site configs puppet-3.6
Sat, 04 Jun 2016 14:08:19 +0100 IBBoard Update test machine IP again puppet-3.6
Sat, 04 Jun 2016 14:07:37 +0100 IBBoard Make sure our websites load after ALL other Apache config puppet-3.6
Sat, 04 Jun 2016 14:06:15 +0100 IBBoard Make sure that we don't leak PHP source code if something breaks puppet-3.6
Sat, 04 Jun 2016 14:05:14 +0100 IBBoard Make sure that HTTPS redirects have the full set of headers puppet-3.6
Tue, 31 May 2016 22:02:15 +0100 IBBoard Switch to PHP 7 from Webtatic puppet-3.6
Tue, 31 May 2016 22:00:56 +0100 IBBoard Add dev machine entry with correct IPs puppet-3.6
Tue, 31 May 2016 20:57:39 +0100 IBBoard Swap Webtatic to new GPG key puppet-3.6
Sat, 21 May 2016 15:32:13 +0100 IBBoard Add more Postscreen whitelisting, and a private section puppet-3.6
Sat, 14 May 2016 17:10:10 +0100 IBBoard Lock down Apache headers for security, based on https://securityheaders.io/ puppet-3.6
Sat, 23 Apr 2016 16:28:47 +0100 IBBoard Make sure that we're always setting HSTS headers, even when cannonicalising domains puppet-3.6
Thu, 21 Apr 2016 20:53:37 +0100 IBBoard Add PayPal IPs to whitelist so that they don't get delayed puppet-3.6
Sat, 26 Mar 2016 09:05:36 +0000 IBBoard Remove review email, as GG is shutting down puppet-3.6
Tue, 22 Mar 2016 21:09:25 +0000 IBBoard Avoid SELinux warnings by disabling bytecode support puppet-3.6
Sun, 13 Mar 2016 19:58:17 +0000 IBBoard Stop Bind trying IPv6, as we only have a link-local IP puppet-3.6
Wed, 24 Feb 2016 20:21:44 +0000 IBBoard Set up a recursive localhost-only Bind server (assuming RH's safe and sane default configs) puppet-3.6
Tue, 16 Feb 2016 20:26:00 +0000 IBBoard Patch isn't a standard package on a minimal install. Make sure we have it. puppet-3.6
Sun, 14 Feb 2016 20:04:04 +0000 IBBoard Reduce the number of spare servers, because we're quiet and need spare memory puppet-3.6
Wed, 27 Jan 2016 20:18:32 +0000 IBBoard Add another regular command to check that we've not got services requiring a restart puppet-3.6
Tue, 26 Jan 2016 20:15:23 +0000 IBBoard Remove repo checking cruft from potential Yum Check Update cron job output puppet-3.6
Sun, 24 Jan 2016 20:11:51 +0000 IBBoard Make sure that we don't get Yum just emailing us "I updated my metadata for the repos" puppet-3.6
Fri, 22 Jan 2016 20:27:16 +0000 IBBoard Reduce opcache memory usage because it doesn't use that much puppet-3.6
Sat, 16 Jan 2016 15:03:04 +0000 IBBoard Run cron job to notify of available updates puppet-3.6
Sat, 16 Jan 2016 11:01:09 +0000 IBBoard Add body checks to emails for the minority of obvious spam that aren't caught puppet-3.6
Sat, 16 Jan 2016 11:00:38 +0000 IBBoard Follow the documentation properly and specify dport, not just port puppet-3.6
Sat, 16 Jan 2016 10:59:56 +0000 IBBoard Extend blocked files to include backup files puppet-3.6
Sun, 10 Jan 2016 20:24:22 +0000 IBBoard Whitelist Google's IPs so that they don't get greylisted puppet-3.6
Tue, 05 Jan 2016 21:00:52 +0000 IBBoard Put postscreen back (our second SMTP line seems to have overridden it) puppet-3.6
Sun, 03 Jan 2016 20:48:38 +0000 IBBoard Make sure that config file changes for changes trigger a reload puppet-3.6
Sun, 03 Jan 2016 20:13:19 +0000 IBBoard Make sure that Amavis daemon is running so mail gets delivered after reboot! puppet-3.6
Sat, 26 Dec 2015 20:26:22 +0000 IBBoard Fight back against spam puppet-3.6
Wed, 23 Dec 2015 11:16:17 +0000 IBBoard Drop the number of spare servers to save some memory when we normally only have a couple of processes at once puppet-3.6
Tue, 24 Nov 2015 20:48:36 +0000 IBBoard Add mlocate as another core package, since it wasn't on our (very) minimal CentOS 7 install puppet-3.6
Sat, 14 Nov 2015 14:08:32 +0000 IBBoard New LogRotate is picky about usernames for security reasons. Fix it for Trac logs. puppet-3.6
Sun, 01 Nov 2015 21:18:07 +0000 IBBoard Move to CentOS7-based dovecot (with a tweak for "in=…") because it seems to match output better puppet-3.6
Sat, 31 Oct 2015 20:33:05 +0000 IBBoard Require bzip2 - why isn't this a default?! puppet-3.6
Sat, 31 Oct 2015 20:30:31 +0000 IBBoard Hide extra output from Puppet cron job that later Puppet generates puppet-3.6
Tue, 27 Oct 2015 08:53:00 +0000 IBBoard Fix typo (missing single quote) puppet-3.6
Mon, 26 Oct 2015 19:40:00 +0000 IBBoard Add required package for email SPF checking puppet-3.6
Mon, 26 Oct 2015 08:46:22 +0000 IBBoard Do it properly and put a path in our cron job puppet-3.6
Sun, 25 Oct 2015 21:21:13 +0000 IBBoard Fix package name - doing it from memory is bad puppet-3.6
Sun, 25 Oct 2015 20:55:19 +0000 IBBoard Add missing dependency for Trac Subversion support on CentOS 7 puppet-3.6
Sun, 25 Oct 2015 20:28:43 +0000 IBBoard Fix differences in how we allow/deny between Apache 2.2 and 2.4 puppet-3.6
Sun, 25 Oct 2015 20:17:52 +0000 IBBoard Merge latest changes from Default puppet-3.6
Sun, 18 Oct 2015 19:39:46 +0100 IBBoard Be specific about port blocking on Repeat Offender to try to prevent accidental lock-out puppet-3.6
Sun, 18 Oct 2015 18:57:46 +0100 IBBoard Update IP address of clouduk - test VM should use a different name! puppet-3.6
Sat, 17 Oct 2015 15:03:45 +0000 IBBoard Allow for specifying extra PHP packages (e.g. to enable Posix)
Sun, 11 Oct 2015 19:03:30 +0000 IBBoard Add missing fail2ban.local config file
Sun, 11 Oct 2015 18:41:53 +0000 IBBoard "Already Banned" is actually at NOTICE
Sat, 26 Sep 2015 14:28:16 +0000 IBBoard Update/fix Fail2Ban parsing in Logwatch
Sun, 13 Sep 2015 21:03:49 +0100 IBBoard Remove unused Fail2Ban filter puppet-3.6
Sun, 13 Sep 2015 20:48:18 +0100 IBBoard Make sure Fail2Ban rules are in right order (using separate chain) and whitelist Googlebot (which keeps hitting Script Kiddy targets for unknown reasons) puppet-3.6
Sun, 13 Sep 2015 19:48:35 +0100 IBBoard Fix syntax for port range in Fail2Ban rules puppet-3.6
Sat, 12 Sep 2015 21:00:55 +0100 IBBoard Add CentOS 7 config for postfix to take advantage of Postfix 2.10 and Postscreen puppet-3.6
Sat, 12 Sep 2015 16:42:27 +0100 IBBoard Remove "mod_version" from templates as Website module handles it and it isn't site specific puppet-3.6
Sat, 12 Sep 2015 11:08:22 +0000 IBBoard Allow requests to ".well-known" so that we don't accidentally get blocked
Sun, 06 Sep 2015 09:50:39 +0000 IBBoard Add more complex fragment for Forums to stop hotlinking
Sun, 26 Jul 2015 17:58:06 +0100 IBBoard Merge Default again puppet-3.6
Sun, 26 Jul 2015 17:55:43 +0100 IBBoard Merge Default changes to Puppet 3.6 and fix conflict puppet-3.6
Sun, 26 Jul 2015 17:50:51 +0100 IBBoard New IP address for test machine puppet-3.6
Sun, 26 Jul 2015 17:46:32 +0100 IBBoard Update firewalling so that we block the right ports when using iptables directly puppet-3.6
Sun, 26 Jul 2015 15:21:00 +0100 IBBoard Make Webtatic distro-specific using built-in Yum variable puppet-3.6
Thu, 03 Sep 2015 08:25:02 +0000 IBBoard Remove BarracudaCentral from email blacklisting
Sat, 15 Aug 2015 19:15:19 +0000 IBBoard Mercurial repo versions index.php files etc, so removing index.php breaks things!
Sat, 08 Aug 2015 15:20:17 +0000 IBBoard Reduce table cache because of possible odd performance issues and increase query cache
Sat, 08 Aug 2015 08:48:06 +0000 IBBoard Fix Trac log rotation with correct username
Sat, 01 Aug 2015 19:53:18 +0000 IBBoard Make sure that we compress JavaScript that uses the OTHER mime type
Sat, 25 Jul 2015 17:10:35 +0100 IBBoard Add SELinux support for website content puppet-3.6
Sat, 25 Jul 2015 11:48:42 +0100 IBBoard Use other IP range so that we can contact it (rather than NAT, which prevents us testing in-bound connections, which is the point of a server!) puppet-3.6
Sat, 27 Jun 2015 19:10:52 +0100 IBBoard Don't specify how to restart SSHD so that Puppet does its default thing (and works) puppet-3.6
Sun, 07 Jun 2015 20:47:31 +0100 IBBoard Tweak wording for accuracy puppet-3.6
Sat, 06 Jun 2015 19:13:02 +0000 IBBoard Remove "puppet" host name because we don't need it
Sat, 11 Apr 2015 08:21:12 +0000 IBBoard Update the "repeat offender" rule so that a) it works, and b) "already banned"* also counts as repeat
Sat, 14 Mar 2015 22:37:07 +0000 IBBoard Fix hgignore and add some files that accidentally got ignored puppet-3.6
Sat, 14 Mar 2015 22:34:35 +0000 IBBoard Load custom "private" rules/config puppet-3.6
Sat, 14 Mar 2015 22:22:26 +0000 IBBoard Add firewall handling when we run without APF puppet-3.6
Sat, 14 Mar 2015 20:58:03 +0000 IBBoard Add "Firewall" module puppet-3.6
Sat, 14 Mar 2015 20:22:36 +0000 IBBoard Move APF refresh command to node template, as it won't work on boxes without it! puppet-3.6
Sat, 14 Mar 2015 20:09:45 +0000 IBBoard Update Puppet "stdlib" module puppet-3.6
Sat, 14 Mar 2015 20:07:04 +0000 IBBoard Update Puppet module for Apache (pulls in concat module) puppet-3.6
Sat, 14 Mar 2015 20:01:17 +0000 IBBoard Handle differences in firewalling between ASO (using APF) and most other hosts (using iptables) puppet-3.6
Sun, 22 Mar 2015 18:26:06 +0000 IBBoard Make sure that we have mod_version installed so that Apache config fragments that try to support 2.2 and 2.4 work properly
Sat, 14 Mar 2015 19:38:50 +0000 IBBoard Merge the PTerry header into the Puppet-3.6 branch puppet-3.6
Sat, 14 Mar 2015 19:33:06 +0000 IBBoard Tidy up ordering and dependencies (including making sure we have a necessary file for Fail2Ban to start) puppet-3.6
Sat, 14 Mar 2015 19:32:15 +0000 IBBoard Make sure that we're creating a file to mark our one-time run in a location that'll reliably exist puppet-3.6
Sun, 15 Mar 2015 18:51:57 +0000 IBBoard Put Sir Terry Pratchett's name on the Clacks, as the Smoking Gnu would do.
Sat, 14 Mar 2015 15:49:40 +0000 IBBoard Add trial node config for new site (IPs for test VM) puppet-3.6
Mon, 09 Mar 2015 06:42:55 +0000 IBBoard Fix quote issue in MySQL 'root' user renaming command puppet-3.6
Mon, 09 Mar 2015 03:30:18 +0000 IBBoard Remove unnecessary log directory creation and try to fix SQL statement puppet-3.6
Mon, 09 Mar 2015 01:34:59 +0000 IBBoard Update MySQL module (which adds "staging" module) puppet-3.6
Mon, 09 Mar 2015 00:58:19 +0000 IBBoard Use "<IfVersion>" to handle auth differences between 2.2 and 2.4 puppet-3.6
Mon, 09 Mar 2015 00:01:27 +0000 IBBoard Use MariaDB on CentOS7 and manage hiera.yaml (to avoid warnings) puppet-3.6
Sun, 08 Mar 2015 23:58:22 +0000 IBBoard Make MySQL Website class more flexible for supporting MariaDB puppet-3.6
Sun, 08 Mar 2015 23:57:04 +0000 IBBoard Fix ordering of packages vs files so that config files go in afterwards puppet-3.6
Sun, 08 Mar 2015 23:56:35 +0000 IBBoard Fix issues with newer Puppet trying to find files for abstract instances that aren't ever used puppet-3.6
Sun, 08 Mar 2015 20:48:03 +0000 IBBoard Fix bad practice of using variable incorrectly, which raises a warning in 3.6 puppet-3.6
Sun, 08 Mar 2015 20:47:27 +0000 IBBoard Prevent warning by setting a value for allow_virtual (when we need it) puppet-3.6
Tue, 03 Mar 2015 19:30:07 +0000 IBBoard Migrate to IBBoard's versions of PHP libraries so that they're build against a later libxml2
Sat, 21 Feb 2015 09:37:00 +0000 IBBoard Make sure we specify a default charset (even thought it defaults to UTF-8) because ownCloud complains
Sat, 24 Jan 2015 16:20:10 +0000 IBBoard Add another Postfix blacklist, check HELO for blacklisting, and tweak pipelining issue
Tue, 02 Dec 2014 20:45:31 +0000 IBBoard Add "reject unauth pipelining" (i.e. firing commands without waiting for auth) on CentOS recommendation
Mon, 01 Dec 2014 21:28:45 +0000 IBBoard Tweak time on permission setting script so that it is less likely to clash with LoadAVG run every 6 minutes
Mon, 01 Dec 2014 20:27:57 +0000 IBBoard Add Liz's site
Mon, 01 Dec 2014 20:27:38 +0000 IBBoard Update HTTP website manifest so that it works, since we're now hosting a HTTP site
Sat, 08 Nov 2014 15:36:42 +0000 IBBoard Make sure that alternate TLDs get certificate chain flowed through, and fix key file check for redirects
Sat, 08 Nov 2014 15:35:38 +0000 IBBoard Add missing php.conf and make html-php config try index.html first as index
Mon, 27 Oct 2014 20:31:27 +0000 IBBoard Update mirror list to match one supplied by RPM
Wed, 08 Oct 2014 19:45:54 +0000 IBBoard Lock down ownership and permissions on certificates
Wed, 08 Oct 2014 19:45:21 +0000 IBBoard Disable slow query logging - it got quite large and needs looking at!
Sun, 28 Sep 2014 08:03:46 +0000 IBBoard Add "Shellshock" exploit Fail2ban rule
Sat, 30 Aug 2014 10:05:08 +0000 IBBoard Increase memory a bit more for optimisation
Wed, 27 Aug 2014 13:46:07 +0000 IBBoard Fix "slow query" log - previously MySQL didn't have permission to write it
Wed, 27 Aug 2014 12:57:47 +0000 IBBoard Give OpCache more memory and make sure that we refresh on config changes
Wed, 27 Aug 2014 12:57:19 +0000 IBBoard Start optimising MySQL based on "MySQLTuner.pl" script
Mon, 18 Aug 2014 18:57:52 +0000 IBBoard Bump the number of server processes - the server seems to cope, and a South Korean forum's hotlinking was flooding us
Sat, 16 Aug 2014 19:47:38 +0000 IBBoard Initial public release of Puppet configs