| Fri, 30 Aug 2024 16:10:36 +0100 |
IBBoard |
Update hiera.yaml within Puppet config
default tip
|
| Fri, 30 Aug 2024 16:02:54 +0100 |
IBBoard |
Fix missed firewall rules updates
|
| Thu, 29 Aug 2024 18:58:49 +0100 |
IBBoard |
Update server defs and own modules to match
|
| Thu, 29 Aug 2024 18:48:03 +0100 |
IBBoard |
Remove unused modules
|
| Thu, 29 Aug 2024 18:47:29 +0100 |
IBBoard |
Update Puppet modules to latest versions
|
| Tue, 27 Aug 2024 13:35:17 +0100 |
IBBoard |
Increase max client connections
|
| Sun, 11 Aug 2024 13:29:59 +0100 |
IBBoard |
Avoid fully controllable rewrite prefix
|
| Sun, 11 Aug 2024 11:18:31 +0100 |
IBBoard |
Improve referer privacy for HTTPS
|
| Sun, 11 Aug 2024 11:16:05 +0100 |
IBBoard |
Keep host on redir to HTTPS to fix HSTS
|
| Sat, 25 May 2024 18:31:52 +0100 |
IBBoard |
Fix hg dirstate change by changing cron user
|
| Tue, 21 May 2024 20:15:05 +0100 |
IBBoard |
Fix HTTP on IPv6
|
| Sun, 12 May 2024 19:51:53 +0100 |
IBBoard |
Tidy up SSH firewall handling
|
| Sun, 12 May 2024 19:50:56 +0100 |
IBBoard |
Avoid new "429 rate limited" in LogWatch
|
| Sun, 12 May 2024 19:49:42 +0100 |
IBBoard |
Rework main vs proxy fragments and redirects
|
| Sat, 06 Apr 2024 19:01:04 +0100 |
IBBoard |
Fix IPs on Ubuntu again )hopefully)
|
| Sat, 23 Mar 2024 19:24:00 +0000 |
IBBoard |
Switch from legacy Apt GPG keys to keyrings
|
| Sun, 25 Feb 2024 10:10:32 +0000 |
IBBoard |
Correct HTTP log paths in LogWatch
|
| Sun, 25 Feb 2024 09:56:16 +0000 |
IBBoard |
Try to fix last day of month HTTP LogWatch
|
| Tue, 20 Feb 2024 19:28:57 +0000 |
IBBoard |
Amavis spool dir and add Tumblock to CSP headers
|
| Tue, 20 Feb 2024 19:26:24 +0000 |
IBBoard |
Update LogWatch Postfix script
|
| Sat, 18 Nov 2023 18:38:12 +0000 |
IBBoard |
Reduce PHP FPM overheads
|
| Sun, 17 Sep 2023 15:20:12 +0100 |
IBBoard |
Fix IP addresses in Ubuntu
|
| Sun, 10 Sep 2023 09:48:49 +0100 |
IBBoard |
Fix CSP headers for WordPress admin panel
|
| Sat, 02 Sep 2023 20:03:11 +0100 |
IBBoard |
Use Apache for BDStrike cron to fix post-update warnings
|
| Sat, 02 Sep 2023 19:59:46 +0100 |
IBBoard |
Disable Puppet service
|
| Sat, 02 Sep 2023 19:58:24 +0100 |
IBBoard |
Set right log ownership/permissions for Ubuntu vs CentOS
|
| Tue, 29 Aug 2023 11:08:28 +0100 |
IBBoard |
Ensure that at least a blank Great Firewall file exists
|
| Sun, 20 Aug 2023 13:28:10 +0100 |
IBBoard |
Switch updates available/restart required to script
|
| Sun, 13 Aug 2023 15:26:37 +0100 |
IBBoard |
Update PHP configs for Ubuntu
|
| Sun, 13 Aug 2023 15:25:01 +0100 |
IBBoard |
Fix Amavis quarantine directory
|
| Sun, 13 Aug 2023 15:21:49 +0100 |
IBBoard |
Log HTTP request duration
|
| Sun, 13 Aug 2023 15:19:38 +0100 |
IBBoard |
Fix Certbot dependency on Ubuntu
|
| Sun, 13 Aug 2023 15:17:57 +0100 |
IBBoard |
Setup Unbound config on Pi server
|
| Wed, 26 Jul 2023 15:30:19 +0100 |
IBBoard |
Update config for real Raspberry Pi host
|
| Sat, 15 Jul 2023 13:31:32 +0100 |
IBBoard |
Remove WarFoundry config
|
| Mon, 08 May 2023 19:24:20 +0100 |
IBBoard |
Add missing package/dir for minimal Ubuntu
|
| Mon, 08 May 2023 13:47:39 +0100 |
IBBoard |
Update config to support Ubuntu
|
| Mon, 08 May 2023 13:45:23 +0100 |
IBBoard |
Add new Ubuntu test nodes
|
| Mon, 08 May 2023 13:41:26 +0100 |
IBBoard |
Increase PHP limits
|
| Mon, 08 May 2023 11:48:41 +0100 |
IBBoard |
Update MySQL module
|
| Mon, 03 Apr 2023 19:41:02 +0100 |
IBBoard |
Configure test machine
|
| Sun, 14 Aug 2022 11:57:06 +0100 |
IBBoard |
Force WSGI for Python3 on Ubuntu
|
| Sun, 14 Aug 2022 11:49:39 +0100 |
IBBoard |
Add default PHP version for Ubuntu 22.04
|
| Sun, 14 Aug 2022 11:47:50 +0100 |
IBBoard |
Ensure Python params are included
|
| Sun, 14 Aug 2022 11:44:25 +0100 |
IBBoard |
Manualy patch SSH module
|
| Sun, 14 Aug 2022 11:30:13 +0100 |
IBBoard |
Update Apache module to latest version
|
| Wed, 19 Apr 2023 18:45:23 +0100 |
IBBoard |
Adjust PHP settings for NextCloud
|
| Wed, 19 Apr 2023 18:44:13 +0100 |
IBBoard |
Switch WarFoundry to redirect before domains expire
|
| Sat, 11 Mar 2023 17:27:23 +0000 |
IBBoard |
Set compatibility mode for Postfix
|
| Tue, 21 Feb 2023 15:56:26 +0000 |
IBBoard |
Set filename on php.conf
|
| Tue, 21 Feb 2023 15:54:18 +0000 |
IBBoard |
Remove now abandoned Strike Creations website
|
| Mon, 09 Jan 2023 21:01:21 +0000 |
IBBoard |
Fix regex compilation
|
| Sun, 11 Dec 2022 20:27:08 +0000 |
IBBoard |
Break up SSH bad users regexes
|
| Sun, 11 Dec 2022 19:03:22 +0000 |
IBBoard |
Migrate NextCloud to LetsEncrypt
|
| Fri, 04 Nov 2022 20:29:31 +0000 |
IBBoard |
Change NAT64 allocation range
|
| Sat, 15 Oct 2022 15:38:08 +0100 |
IBBoard |
Move PHP socket to /run/
|
| Fri, 14 Oct 2022 19:18:57 +0100 |
IBBoard |
Try to resolve more CSP errors
|
| Sun, 09 Oct 2022 10:42:19 +0100 |
IBBoard |
Add another PHP module to fix webmail
|
| Sun, 09 Oct 2022 10:34:32 +0100 |
IBBoard |
Update stdlib in case it fixed deprecation
|
| Sun, 09 Oct 2022 10:34:07 +0100 |
IBBoard |
Resolve deprecation warnings in stdlib type3x
|
| Sat, 08 Oct 2022 20:58:14 +0100 |
IBBoard |
Fix PHP extension loading
|
| Sat, 08 Oct 2022 16:00:06 +0100 |
IBBoard |
Ensure keyring is installed with pip3
|
| Sat, 08 Oct 2022 15:59:27 +0100 |
IBBoard |
Remove unused mod_wsgi variable
|
| Sat, 08 Oct 2022 15:53:01 +0100 |
IBBoard |
Fix PHP setup on CentOS
|
| Sat, 08 Oct 2022 15:24:44 +0100 |
IBBoard |
Fix mod_wsgi package install on CentOS
|
| Sat, 08 Oct 2022 14:35:56 +0100 |
IBBoard |
Add PHP SOAP
|
| Sat, 08 Oct 2022 14:35:13 +0100 |
IBBoard |
Backed out changeset 6421c6f77eb8 - Add SOAP
|
| Sat, 08 Oct 2022 12:19:23 +0100 |
IBBoard |
Fix the "needs updating" regex
|
| Sat, 08 Oct 2022 12:18:44 +0100 |
IBBoard |
Switch to LetsEncrypt on Webmail
|
| Sat, 08 Oct 2022 12:18:02 +0100 |
IBBoard |
Add PHP SOAP dependency
|
| Sat, 08 Oct 2022 12:17:24 +0100 |
IBBoard |
Try to optimise PHP settings
|
| Sat, 08 Oct 2022 12:15:52 +0100 |
IBBoard |
Set security settings on BDStrike.co.uk
|
| Sat, 08 Oct 2022 12:08:50 +0100 |
IBBoard |
Setup CSP Nonce on the server
|
| Wed, 25 May 2022 20:54:03 +0100 |
IBBoard |
Fix `requires devel` problem with CentOS
|
| Wed, 25 May 2022 20:52:17 +0100 |
IBBoard |
Fix typo in `extra_extras` variable on CentOS
|
| Wed, 25 May 2022 20:31:39 +0100 |
IBBoard |
Fix "check updates" regex
|
| Wed, 20 Apr 2022 20:41:07 +0100 |
IBBoard |
Remove Postfix dir that uses default setting
|
| Wed, 20 Apr 2022 19:43:49 +0100 |
IBBoard |
Make sure main DB admin gets GRANT OPTION!
|
| Wed, 20 Apr 2022 19:43:19 +0100 |
IBBoard |
And remove removed files from Firewall update
|
| Wed, 20 Apr 2022 19:30:33 +0100 |
IBBoard |
Add missed new Firewall module files
|
| Wed, 20 Apr 2022 19:24:53 +0100 |
IBBoard |
Switch to more parameters
|
| Wed, 20 Apr 2022 19:13:24 +0100 |
IBBoard |
Switch to Python 3 on all platforms
|
| Wed, 20 Apr 2022 19:11:39 +0100 |
IBBoard |
Switch to Ubuntu-standard PHP FPM socket dir
|
| Wed, 20 Apr 2022 19:08:14 +0100 |
IBBoard |
Switch to config-based PHP extensions
|
| Wed, 20 Apr 2022 19:04:13 +0100 |
IBBoard |
Update and fix firewall for Ubuntu
|
| Mon, 18 Apr 2022 10:49:52 +0100 |
IBBoard |
Remove unused node definitions
|
| Mon, 18 Apr 2022 10:38:28 +0100 |
IBBoard |
Use "param" variables for settings instead of conditions
|
| Mon, 18 Apr 2022 10:37:00 +0100 |
IBBoard |
Fix git-prompt in Ubuntu
|
| Sat, 09 Apr 2022 18:51:03 +0100 |
IBBoard |
Update initial database setup for modern Maria
|
| Sat, 09 Apr 2022 18:49:43 +0100 |
IBBoard |
Fix MySQL package names on Ubuntu
|
| Mon, 14 Feb 2022 20:43:50 +0000 |
IBBoard |
Block lots of probed user account variants
|
| Mon, 03 Jan 2022 19:40:59 +0000 |
IBBoard |
Fix various SSH module warnings
|
| Mon, 03 Jan 2022 18:37:16 +0000 |
IBBoard |
Adapt configs to support Ubuntu
|
| Mon, 03 Jan 2022 17:16:21 +0000 |
IBBoard |
Update MySQL modules
|
| Mon, 03 Jan 2022 17:15:14 +0000 |
IBBoard |
Add missing dependency modules
|
| Mon, 03 Jan 2022 17:13:06 +0000 |
IBBoard |
Update to newer Python module
|
| Mon, 03 Jan 2022 17:09:39 +0000 |
IBBoard |
Add a PHP module to handle platform differences
|
| Mon, 03 Jan 2022 17:05:54 +0000 |
IBBoard |
Migrate to a fully-fledged SSH module
|
| Sun, 19 Dec 2021 20:10:16 +0000 |
IBBoard |
Remove unsupported failover in Yum configs
pre-ubuntu
|
| Thu, 16 Dec 2021 20:37:58 +0000 |
IBBoard |
Attempt to migrate CentOS8 to Streams automatically
|
| Sun, 21 Nov 2021 17:09:18 +0000 |
IBBoard |
Add anchors to simplify dependencies
|
| Fri, 19 Nov 2021 19:57:35 +0000 |
IBBoard |
Restart Dovecot/Postfix after LetsEncrypt renewal
|
| Sat, 16 Oct 2021 15:43:04 +0100 |
IBBoard |
Fix and expand PHP logwatch config
|
| Sat, 16 Oct 2021 15:41:32 +0100 |
IBBoard |
Fix and expand PHP logwatch config
|
| Wed, 29 Sep 2021 20:25:44 +0100 |
IBBoard |
Get more specific with extracting Yum update list
|
| Sat, 25 Sep 2021 16:05:55 +0100 |
IBBoard |
Add Enchant module for webmail spell checking
|
| Sat, 25 Sep 2021 14:59:33 +0100 |
IBBoard |
Fix tailing output in update check
|
| Sat, 17 Jul 2021 15:12:13 +0100 |
IBBoard |
Fix `less` highlighting under sudo
|
| Tue, 15 Jun 2021 19:46:29 +0100 |
IBBoard |
Add mail and imap redirect websites
|
| Tue, 15 Jun 2021 19:30:24 +0100 |
IBBoard |
Increase HSTS header duration
|
| Sat, 24 Apr 2021 11:12:33 +0100 |
IBBoard |
Opt out of FLOC via headers
|
| Sat, 17 Apr 2021 11:35:17 +0100 |
IBBoard |
Double the maximum email size
|
| Sat, 27 Feb 2021 18:39:46 +0000 |
IBBoard |
Block more SSH probe usernames from recent attack
|
| Tue, 16 Feb 2021 13:13:00 +0000 |
IBBoard |
Update Logwatch Systemd to handle lots of unmatched entries
|
| Tue, 02 Feb 2021 20:52:38 +0000 |
IBBoard |
Update logwatch for PHP-FPM logging
|
| Sun, 20 Dec 2020 13:51:58 +0000 |
IBBoard |
Increase memory limit so NextCloud can upgrade
|
| Wed, 02 Dec 2020 19:10:14 +0000 |
IBBoard |
Fix HTML-PHP serving
|
| Sat, 07 Nov 2020 14:33:17 +0000 |
IBBoard |
Make sure missing HTML and PHP files get error handled
|
| Sun, 01 Nov 2020 17:04:44 +0000 |
IBBoard |
Expand BDStrike CSP to allow more styling and fonts
|
| Sun, 25 Oct 2020 13:55:42 +0000 |
IBBoard |
Quiet sites don't need 35 spare PHP servers!
|
| Wed, 21 Oct 2020 18:49:30 +0100 |
IBBoard |
Add "gmp" module that NextCloud now requests
|
| Sat, 17 Oct 2020 14:00:31 +0100 |
IBBoard |
Extend the timeout on the php-fpm proxy
|
| Mon, 05 Oct 2020 20:05:38 +0100 |
IBBoard |
Remove local DNS64 generation to get redundancy back
|
| Sat, 03 Oct 2020 19:49:56 +0100 |
IBBoard |
Enable HTTP/2
|
| Sat, 03 Oct 2020 19:41:25 +0100 |
IBBoard |
Fix PHP-as-html file serving
|
| Sat, 03 Oct 2020 19:33:11 +0100 |
IBBoard |
Reconfigure PHP-FPM to run from a Unix socket
|
| Sat, 03 Oct 2020 19:32:23 +0100 |
IBBoard |
Remove unnecessary group setting on unbound config
|
| Sat, 03 Oct 2020 19:31:19 +0100 |
IBBoard |
Add CentOS 8 dev VM node
|
| Sat, 03 Oct 2020 13:38:30 +0100 |
IBBoard |
Switch to Apache "events" and PHP via FCGI
|
| Sat, 03 Oct 2020 11:58:27 +0100 |
IBBoard |
Fix access control rules
|
| Wed, 30 Sep 2020 19:39:54 +0100 |
IBBoard |
Make mod_wsgi settings optional
|
| Fri, 02 Oct 2020 20:16:04 +0100 |
IBBoard |
Handle DNS64 locally to fix DNSSEC issues
|
| Sun, 27 Sep 2020 12:59:34 +0100 |
IBBoard |
Make opcache core and add APCu for object caching
|
| Sat, 26 Sep 2020 18:48:30 +0100 |
IBBoard |
Un-munge string value to avoid unnecessary single quotes
|
| Wed, 23 Sep 2020 20:43:20 +0100 |
IBBoard |
Update Firewall module to try and fix quoting string issue
|
| Mon, 20 Jul 2020 11:19:52 +0100 |
IBBoard |
Ignore log entries from Cron tasks running in user mode
|
| Mon, 20 Jul 2020 10:33:54 +0100 |
IBBoard |
Ignore X-Comment "SPF whitelisted" messages in Logwatch
|
| Mon, 20 Jul 2020 09:56:09 +0100 |
IBBoard |
Add updated Dovecot script to Logwatch
|
| Sun, 12 Jul 2020 19:54:02 +0100 |
IBBoard |
Make sure php-fpm daemon isn't started while we're not using it
|
| Wed, 24 Jun 2020 20:04:43 +0100 |
IBBoard |
Make sure PHP-FPM service isn't running
|
| Tue, 23 Jun 2020 19:41:37 +0100 |
IBBoard |
Handle "mod_wsgi" not existing as a package/provides in CentOS 8
|
| Wed, 27 May 2020 19:00:28 +0100 |
IBBoard |
Add a "repeat offender" ban to Apache IP block
|
| Sat, 16 May 2020 19:41:37 +0100 |
IBBoard |
Include the trailing slash in the redirect or it all breaks!
|
| Sat, 16 May 2020 14:58:33 +0100 |
IBBoard |
Add an IPv6-only header
|
| Sat, 16 May 2020 14:46:59 +0100 |
IBBoard |
Swap to a Redirect-based canonical hostname
|
| Sat, 16 May 2020 14:05:09 +0100 |
IBBoard |
Implement fail2ban for Apache as mod_rewrite
|
| Wed, 22 Apr 2020 22:28:52 +0100 |
IBBoard |
Enable Postfix (start on boot)
|
| Sun, 22 Mar 2020 19:41:50 +0000 |
IBBoard |
Switch to PHP 7.4 now that NextCloud has reached v18
|
| Sun, 15 Mar 2020 20:02:35 +0000 |
IBBoard |
Separate LetsEncrypt certs
|
| Sun, 15 Mar 2020 16:51:56 +0000 |
IBBoard |
Check sender access earlier to allow whitelisting
|
| Sun, 15 Mar 2020 16:51:11 +0000 |
IBBoard |
Remove custom LogWatch scripts
|
| Sun, 08 Mar 2020 19:56:26 +0000 |
IBBoard |
Separate some certs to make migration easier
|
| Sun, 08 Mar 2020 19:54:42 +0000 |
IBBoard |
Add rsync to tools so that backups work
|
| Sun, 08 Mar 2020 11:14:58 +0000 |
IBBoard |
Fix localhost IMAP on IPv6 (used by Webmail)
|
| Sat, 07 Mar 2020 15:40:25 +0000 |
IBBoard |
Fix type in Postfix paramter name
|
| Sat, 07 Mar 2020 14:31:09 +0000 |
IBBoard |
Swap from Perl to Python for SPF checks
|
| Sat, 07 Mar 2020 14:29:34 +0000 |
IBBoard |
Add fallback relays to Postfix
|
| Tue, 03 Mar 2020 20:26:15 +0000 |
IBBoard |
Fix missing servername on redirs that gave "hostname-PROXY"
|
| Sun, 01 Mar 2020 19:57:21 +0000 |
IBBoard |
Blacklist more users, including sshd, ftpadmin and a cPanel tool
|
| Sun, 01 Mar 2020 11:00:19 +0000 |
IBBoard |
Stop running Great Firewall Against China on IPv6 machines
|
| Sun, 01 Mar 2020 10:59:38 +0000 |
IBBoard |
Add PHP JSON package, which phpMyAdmin requires
|
| Sun, 01 Mar 2020 10:58:46 +0000 |
IBBoard |
Actually install extra PHP packages
|
| Sun, 01 Mar 2020 10:58:00 +0000 |
IBBoard |
Fix Remi PHP on CentOS 8
|
| Sat, 29 Feb 2020 14:10:26 +0000 |
IBBoard |
Remove proxied port 25
|
| Sat, 29 Feb 2020 14:08:49 +0000 |
IBBoard |
Fix outbound mail IP
|
| Sat, 29 Feb 2020 13:21:01 +0000 |
IBBoard |
Swap IPv6 Postfix to "all" protocols to support PROXY
|
| Thu, 27 Feb 2020 21:00:28 +0000 |
IBBoard |
Correct Postfix PROXY listening (and sending)
|
| Tue, 25 Feb 2020 21:02:48 +0000 |
IBBoard |
Add a loopback SMTP (for webmail) and strip out other args
|
| Mon, 24 Feb 2020 20:53:10 +0000 |
IBBoard |
Add forgotten "EPP" format template files
|
| Mon, 24 Feb 2020 20:49:51 +0000 |
IBBoard |
Configure Postfix for IPv6 w/proxy
|
| Sun, 23 Feb 2020 20:29:42 +0000 |
IBBoard |
Make firewall rule numbering consistent for Dovecot
|
| Sun, 23 Feb 2020 16:00:41 +0000 |
IBBoard |
Configure Dovecot (IMAP) for PROXY protocol use
|
| Sun, 23 Feb 2020 15:43:51 +0000 |
IBBoard |
Add yum-utils so that we get "needs-restarting" command
|
| Sun, 23 Feb 2020 15:43:27 +0000 |
IBBoard |
Fix type in Yum update checking
|
| Sun, 23 Feb 2020 12:07:07 +0000 |
IBBoard |
Blacklist more users on SSH including bugzilla
|
| Sat, 22 Feb 2020 17:07:15 +0000 |
IBBoard |
Move puppet.conf out of version control now host names need to be correct
|
| Sat, 22 Feb 2020 16:22:57 +0000 |
IBBoard |
Make sure that the right keyring back-ends are installed
|
| Thu, 20 Feb 2020 16:57:09 +0000 |
IBBoard |
Blacklist hive, polkitd, cinstall and more as SSH logins
|
| Tue, 18 Feb 2020 21:08:35 +0000 |
IBBoard |
Add missing Postfix master.cf and remove old file
|
| Tue, 18 Feb 2020 21:04:14 +0000 |
IBBoard |
Fix mercurial_keyring install
|
| Mon, 17 Feb 2020 19:45:46 +0000 |
IBBoard |
Fix more IPv4 vs IPv6 settings
|
| Mon, 17 Feb 2020 18:45:06 +0000 |
IBBoard |
Fix sa-update by using IPv6 for local DNS cache
|
| Mon, 17 Feb 2020 16:23:04 +0000 |
IBBoard |
Configure Unbound for Mythic-Beasts with DNS64 forwarder
|
| Mon, 17 Feb 2020 16:12:29 +0000 |
IBBoard |
Consolidate Postfix configs
|
| Mon, 17 Feb 2020 16:08:20 +0000 |
IBBoard |
Merge CentOS8 and CentOS7 branches
|
| Sun, 09 Feb 2020 20:31:12 +0000 |
IBBoard |
Blacklist LOTS of usernames
|
| Sun, 09 Feb 2020 14:50:14 +0000 |
IBBoard |
Blacklist Portuguese support, MapR, numbered Oracle and more
|
| Sun, 02 Feb 2020 12:02:06 +0000 |
IBBoard |
Blacklist more SSH users
|
| Sun, 26 Jan 2020 10:53:32 +0000 |
IBBoard |
Blacklist more SSH users
|
| Sun, 19 Jan 2020 15:57:43 +0000 |
IBBoard |
Add more blacklisted SSH usernames
|
| Sat, 18 Jan 2020 15:17:03 +0000 |
IBBoard |
Turn Fail2ban setup into a module
|
| Sat, 18 Jan 2020 14:40:05 +0000 |
IBBoard |
Blacklist LOADS more usernames on SSH probes
|
| Sat, 11 Jan 2020 16:54:39 +0000 |
IBBoard |
Swap from Bind to Named for light-weight DNS
|
| Sun, 16 Feb 2020 20:33:38 +0000 |
IBBoard |
Make 4to6 proxy optional to match undef default
|
| Sun, 16 Feb 2020 20:11:00 +0000 |
IBBoard |
Fix another optional argument
|
| Sun, 16 Feb 2020 19:55:29 +0000 |
IBBoard |
Make upstream proxies optional to match undef default
|
| Sun, 16 Feb 2020 14:12:56 +0000 |
IBBoard |
Fix Augeas setting extra IPv6 lines
|
| Sun, 16 Feb 2020 12:15:17 +0000 |
IBBoard |
Go back to IPv6, not hostnames, for up-stream
|
| Sun, 16 Feb 2020 12:07:35 +0000 |
IBBoard |
Switch to using IPv6 prefix and IP per site
|
| Sat, 15 Feb 2020 20:11:23 +0000 |
IBBoard |
Switch from IPs to hostnames for proxying
|
| Sat, 15 Feb 2020 20:08:21 +0000 |
IBBoard |
Remove unused "http" module
|
| Sat, 15 Feb 2020 19:07:11 +0000 |
IBBoard |
Add 4-to-6 proxy and mod_remoteip setup
|
| Sat, 15 Feb 2020 15:10:28 +0000 |
IBBoard |
IPv6 is 4 hex per block, so swap ::0001:00d4 for straight ::01d4
|
| Sat, 15 Feb 2020 13:52:30 +0000 |
IBBoard |
Start to support IPv6 servers
|
| Sat, 15 Feb 2020 13:12:44 +0000 |
IBBoard |
Make Certbot package version specific
|
| Sun, 26 Jan 2020 12:08:03 +0000 |
IBBoard |
Replace deprecated validation methods
|
| Sun, 26 Jan 2020 12:06:43 +0000 |
IBBoard |
Remove Perl LZMA module because it's in beta
|
| Sun, 26 Jan 2020 11:36:07 +0000 |
IBBoard |
Mass update of modules to remove deprecation warnings
|
| Sat, 04 Jan 2020 11:42:45 +0000 |
IBBoard |
Remove subversion-python bindings as we removed SVN on Trac
|
| Sat, 04 Jan 2020 11:34:30 +0000 |
IBBoard |
Fix Mariadb setup by removing now removed config values
|
| Fri, 03 Jan 2020 19:56:04 +0000 |
IBBoard |
Update to a newer Python module
|
| Tue, 31 Dec 2019 13:49:38 +0000 |
IBBoard |
Add wget so that we can download files like a normal person
|
| Tue, 31 Dec 2019 13:49:02 +0000 |
IBBoard |
Mask "clamav@amavisd" service to save memory
|
| Mon, 30 Dec 2019 17:00:10 +0000 |
IBBoard |
Blacklist more invalid SSH usernames
|
| Sun, 29 Dec 2019 21:00:27 +0000 |
IBBoard |
Filter new log line from puppet-apply output
|
| Sun, 29 Dec 2019 20:56:00 +0000 |
IBBoard |
Set a sensible default timezone for VPS
|
| Sun, 29 Dec 2019 16:58:25 +0000 |
IBBoard |
Remove some version specific code that can use virtual packages
|
| Sun, 29 Dec 2019 16:48:04 +0000 |
IBBoard |
Make PIM site skip CSP headers - NextCloud manages them
|
| Sun, 29 Dec 2019 16:47:31 +0000 |
IBBoard |
Update Hiera to fix warnings
|
| Sun, 29 Dec 2019 16:43:55 +0000 |
IBBoard |
Add a way to skip setting CSP
|
| Sun, 29 Dec 2019 11:00:05 -0500 |
IBBoard |
Re-merge CentOS 7 vs 8 deviations
|
| Sun, 29 Dec 2019 10:57:43 -0500 |
IBBoard |
Fix more CentOS 7 vs 8 differences
|
| Sun, 29 Dec 2019 10:57:18 -0500 |
IBBoard |
Fix naming of files for new VPS overrides
|
| Sun, 29 Dec 2019 10:56:26 -0500 |
IBBoard |
Update OBS key for IBBoard repos
|
| Sun, 22 Dec 2019 14:46:29 -0500 |
IBBoard |
Update repo handling
|
| Sun, 22 Dec 2019 14:43:29 -0500 |
IBBoard |
Update Apache module to get CentOS 8 support
|
| Sun, 29 Dec 2019 15:31:28 +0000 |
IBBoard |
Merge Puppet divergences and fix SSL chain issues it caused
|
| Sun, 29 Dec 2019 14:54:45 +0000 |
IBBoard |
Fix Yum update check to handle hyphenated aliases
|
| Sun, 29 Dec 2019 12:25:14 +0000 |
IBBoard |
Change header types and add module to fix NextCloud header checks
|
| Wed, 25 Dec 2019 12:04:26 +0000 |
IBBoard |
Add more bad SSH users
|
| Sun, 22 Dec 2019 09:41:45 -0500 |
IBBoard |
Use generic, non-version-specific package name for Certbot
|
| Sun, 22 Dec 2019 09:31:31 -0500 |
IBBoard |
Enable console over admin shell via serial
|
| Sun, 22 Dec 2019 06:58:44 -0500 |
IBBoard |
Add some missing command prompt dependencies
|
| Sun, 22 Dec 2019 06:57:52 -0500 |
IBBoard |
Make EPEL work on multiple versions of CentOS
|
| Sat, 21 Dec 2019 14:31:41 -0500 |
IBBoard |
Make sure that web server files come after package creates dir
|
| Sat, 21 Dec 2019 14:30:50 -0500 |
IBBoard |
Add config for new server
|
| Sat, 21 Dec 2019 14:19:47 -0500 |
IBBoard |
Update configs for Puppet 6
|
| Sat, 21 Dec 2019 14:12:10 -0500 |
IBBoard |
Add "translate" module used by MySQL module
|
| Sat, 21 Dec 2019 14:11:43 -0500 |
IBBoard |
Update MySQL module
|
| Fri, 20 Dec 2019 15:36:56 +0000 |
IBBoard |
Merge back in to Master
|
| Fri, 20 Dec 2019 15:17:43 +0000 |
IBBoard |
Change owner/group on Nextcloud for easy upgrade
puppet-3.6
|
| Fri, 20 Dec 2019 12:14:27 +0000 |
IBBoard |
Downgrade to PHP7.3
puppet-3.6
|
| Fri, 20 Dec 2019 11:48:24 +0000 |
IBBoard |
Deduplicate PHP opcache config files
puppet-3.6
|
| Fri, 20 Dec 2019 11:47:01 +0000 |
IBBoard |
Add the Zip module to make Wordpress happy
puppet-3.6
|
| Fri, 20 Dec 2019 11:19:30 +0000 |
IBBoard |
Switch to PHP 7.4 from Remi
puppet-3.6
|
| Fri, 20 Dec 2019 09:41:34 +0000 |
IBBoard |
Add missing custom function
puppet-3.6
|
| Wed, 18 Dec 2019 21:22:50 +0000 |
IBBoard |
Make Content-Security-Policy cleaner and easier to set
puppet-3.6
|
| Sun, 15 Dec 2019 16:28:47 +0000 |
IBBoard |
Make a cron job for updating Wordpress
puppet-3.6
|
| Tue, 10 Dec 2019 20:28:38 +0000 |
IBBoard |
Blacklist more probes
puppet-3.6
|
| Fri, 06 Dec 2019 20:53:55 +0000 |
IBBoard |
Blacklist more SSH attempts
puppet-3.6
|
| Sun, 01 Dec 2019 10:19:47 +0000 |
IBBoard |
Blacklist dietpi and http user names on SSH
puppet-3.6
|
| Tue, 26 Nov 2019 21:02:10 +0000 |
IBBoard |
Blacklist "ftp_user" as well as "ftpuser"
puppet-3.6
|
| Sat, 16 Nov 2019 15:33:26 +0000 |
IBBoard |
Blacklist more bad user accounts
puppet-3.6
|
| Sun, 10 Nov 2019 10:30:30 +0000 |
IBBoard |
Blacklist backlog and dotblot usernames
puppet-3.6
|
| Sat, 09 Nov 2019 20:00:36 +0000 |
IBBoard |
Blacklist two media players, ghost, webmaster and others
puppet-3.6
|
| Tue, 05 Nov 2019 19:24:50 +0000 |
IBBoard |
Blacklist "odroid" username on SSH
puppet-3.6
|
| Sat, 02 Nov 2019 11:38:14 +0000 |
IBBoard |
Blackist libsys testu and unity users
puppet-3.6
|
| Wed, 30 Oct 2019 20:24:18 +0000 |
IBBoard |
Blacklist three more username probes
puppet-3.6
|
| Sun, 27 Oct 2019 16:59:42 +0000 |
IBBoard |
Blacklist more user probes - a database and a generic "service"
puppet-3.6
|
| Wed, 02 Oct 2019 19:03:29 +0100 |
IBBoard |
Blacklist more user probes on SSH
puppet-3.6
|
| Wed, 02 Oct 2019 18:58:59 +0100 |
IBBoard |
Blacklist more bad user requests
puppet-3.6
|
| Mon, 23 Sep 2019 19:47:37 +0100 |
IBBoard |
Blacklist more bad usernames
puppet-3.6
|
| Sat, 14 Sep 2019 10:34:43 +0100 |
IBBoard |
Blacklist lots more users from SSH probes
puppet-3.6
|
| Fri, 06 Sep 2019 19:54:36 +0100 |
IBBoard |
Blacklist more bad usernames, including "UI" in German
puppet-3.6
|
| Wed, 28 Aug 2019 17:25:36 +0100 |
IBBoard |
Blacklist more bad usernames
puppet-3.6
|
| Thu, 15 Aug 2019 18:20:16 +0100 |
IBBoard |
Blacklist more usernames that Script Kiddies probe
puppet-3.6
|
| Sat, 03 Aug 2019 09:54:10 +0100 |
IBBoard |
Blacklist more username probes, including:
puppet-3.6
|
| Thu, 01 Aug 2019 20:26:58 +0100 |
IBBoard |
Make database connections default to UTF-8
puppet-3.6
|
| Sat, 27 Jul 2019 15:28:16 +0100 |
IBBoard |
Blacklist more usernames including "administrateur"
puppet-3.6
|
| Sat, 27 Jul 2019 15:23:20 +0100 |
IBBoard |
Blacklist more bad usernames that skiddies probe
puppet-3.6
|
| Sat, 20 Jul 2019 16:13:52 +0100 |
IBBoard |
Update SSL config for newer, more secure browsers
puppet-3.6
|
| Sun, 14 Jul 2019 20:33:32 +0100 |
IBBoard |
Rework and sort username blacklisting
puppet-3.6
|
| Sun, 14 Jul 2019 10:47:38 +0100 |
IBBoard |
Fix "blacklist three identical characters" pattern
puppet-3.6
|
| Sat, 29 Jun 2019 14:02:07 +0100 |
IBBoard |
Blacklist three identical characters
puppet-3.6
|
| Wed, 26 Jun 2019 20:32:42 +0100 |
IBBoard |
Blacklist more SSH username probes
puppet-3.6
|
| Sat, 22 Jun 2019 15:23:19 +0100 |
IBBoard |
Blacklist a load of new probed usernames
puppet-3.6
|
| Sat, 08 Jun 2019 13:37:19 +0100 |
IBBoard |
Add a load more blacklisted SSH usernames (from probes)
puppet-3.6
|
| Sat, 01 Jun 2019 13:41:53 +0100 |
IBBoard |
Blacklist a stack of extra SSH usernames
puppet-3.6
|
| Wed, 29 May 2019 19:52:31 +0100 |
IBBoard |
Increase the security for the common CSP headers
puppet-3.6
|
| Wed, 29 May 2019 19:51:42 +0100 |
IBBoard |
Blacklist more usernames no-one will ever log in with
puppet-3.6
|
| Mon, 27 May 2019 20:08:57 +0100 |
IBBoard |
Allow locally hosted fonts in Content-Security-Policy
puppet-3.6
|
| Mon, 27 May 2019 11:28:31 +0100 |
IBBoard |
Blacklist even more commonly probed SSH users
puppet-3.6
|
| Sun, 19 May 2019 15:51:15 +0100 |
IBBoard |
Add "bcmath" module to PHP at Wordpress's suggestion
puppet-3.6
|
| Sat, 11 May 2019 09:17:38 +0100 |
IBBoard |
Blacklist more usernames we'll never see that come in SSH probes
puppet-3.6
|
| Sat, 11 May 2019 09:17:07 +0100 |
IBBoard |
Reduce memory footprint of named even more
puppet-3.6
|
| Mon, 22 Apr 2019 20:05:30 +0100 |
IBBoard |
Make Fail2Ban SSH rules more agressive
puppet-3.6
|
| Wed, 17 Apr 2019 12:05:32 +0100 |
IBBoard |
Separate the two Fail2ban SSH rules in iptables
puppet-3.6
|
| Wed, 17 Apr 2019 12:00:31 +0100 |
IBBoard |
Separate out SSH repeats from web/email repeats
puppet-3.6
|
| Wed, 10 Apr 2019 20:11:55 +0100 |
IBBoard |
Add a named.conf file to control cache/memory size
puppet-3.6
|
| Sun, 10 Mar 2019 10:07:52 +0000 |
IBBoard |
Add imagick for PHP to staisfy a NextCloud recommendation
puppet-3.6
|
| Tue, 12 Feb 2019 21:04:51 +0000 |
IBBoard |
Update logwatch fail2ban handling for v0.10 log changes
puppet-3.6
|
| Sun, 10 Feb 2019 19:30:34 +0000 |
IBBoard |
Fix log level for repeat offender checks
puppet-3.6
|
| Sun, 10 Feb 2019 16:17:05 +0000 |
IBBoard |
Add missing GPG key
puppet-3.6
|
| Sun, 10 Feb 2019 16:13:24 +0000 |
IBBoard |
Switch to new Postfix SASL filter (no longer a separate file)
puppet-3.6
|
| Sun, 10 Feb 2019 16:12:45 +0000 |
IBBoard |
Add custom IBBoard repo again
puppet-3.6
|
| Sat, 02 Feb 2019 16:30:40 +0000 |
IBBoard |
Reduce Apache Instaban ban duration to reduce reboot time
puppet-3.6
|
| Tue, 08 Jan 2019 20:13:18 +0000 |
IBBoard |
Update firewall blacklisting
puppet-3.6
|
| Fri, 14 Dec 2018 20:07:09 +0000 |
IBBoard |
Add latest Logwatch "named" script to handle DNS log changes
puppet-3.6
|
| Fri, 14 Dec 2018 19:58:09 +0000 |
IBBoard |
Handle Dovecot "logged out" messages in LogWatch
puppet-3.6
|
| Fri, 07 Dec 2018 19:54:20 +0000 |
IBBoard |
Try to fix "Garbage after numerical service in server description"
puppet-3.6
|
| Fri, 07 Dec 2018 19:52:50 +0000 |
IBBoard |
Set group sticky bit on all sites to ease collaboration
puppet-3.6
|
| Sat, 20 Oct 2018 10:07:51 +0100 |
IBBoard |
Add PHP "intl" module so NextCloud doesn't use fallback implementation
puppet-3.6
|
| Sun, 05 Aug 2018 10:40:51 +0100 |
IBBoard |
Strip some headers on outbound emails
puppet-3.6
|
| Thu, 24 May 2018 20:38:26 +0100 |
IBBoard |
Swap to PHP 7.2, since 7.0 is EOL now
puppet-3.6
|
| Sat, 12 May 2018 10:05:12 +0100 |
IBBoard |
Handle possible "undef" from FileMagic that causes warnings
puppet-3.6
|
| Mon, 07 May 2018 09:40:41 +0100 |
IBBoard |
Add missing dependencies for SpamAssassin rules
puppet-3.6
|
| Sat, 31 Mar 2018 10:19:53 +0100 |
IBBoard |
Make Postfix IPv4 only
puppet-3.6
|
| Sat, 31 Mar 2018 10:19:03 +0100 |
IBBoard |
Add a find time to custom SSH rule as it is low and slow
puppet-3.6
|
| Sat, 03 Mar 2018 14:20:06 +0000 |
IBBoard |
Add extra headers for improved security practice
puppet-3.6
|
| Sat, 17 Feb 2018 20:59:37 +0000 |
IBBoard |
Try to fix NextCloud warnings about "wrong" headers
puppet-3.6
|
| Sat, 10 Feb 2018 13:32:51 +0000 |
IBBoard |
Fix case of <HOST> tag so that rule pulls the IP
puppet-3.6
|
| Tue, 06 Feb 2018 20:42:49 +0000 |
IBBoard |
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
puppet-3.6
|
| Sun, 17 Sep 2017 09:54:44 +0100 |
IBBoard |
Remove GraceBertram sites
puppet-3.6
|
| Fri, 01 Sep 2017 11:36:16 +0100 |
IBBoard |
Expand PHP OpCache config in line with NextCloud recommendations
puppet-3.6
|
| Fri, 01 Sep 2017 11:29:55 +0100 |
IBBoard |
Change MySQL/MariaDB settings to support all Unicode
puppet-3.6
|
| Tue, 01 Aug 2017 19:09:38 +0100 |
IBBoard |
Remove RealmRunner site config
puppet-3.6
|
| Wed, 03 May 2017 21:00:04 +0100 |
IBBoard |
Completely remove GG after running "puppet apply"
puppet-3.6
|
| Wed, 03 May 2017 20:59:33 +0100 |
IBBoard |
Remove GG site information
puppet-3.6
|
| Mon, 17 Apr 2017 16:50:58 +0100 |
IBBoard |
Add a config fragment (for 404s) to BDStrike site
puppet-3.6
|
| Wed, 12 Apr 2017 17:16:26 +0100 |
IBBoard |
Manage SpamAssassin local config
puppet-3.6
|
| Tue, 04 Apr 2017 19:48:44 +0100 |
IBBoard |
Remove lktutoring.com - it expired in December
puppet-3.6
|
| Sun, 02 Apr 2017 20:09:13 +0100 |
IBBoard |
Add custom log format - combined plus requested domain
puppet-3.6
|
| Sat, 01 Apr 2017 10:54:09 +0100 |
IBBoard |
Make the IBBoard repo config go away, rather than just leaving it undefined
puppet-3.6
|
| Fri, 31 Mar 2017 21:00:58 +0100 |
IBBoard |
IBBoard repo is no longer necessary and has been removed!
puppet-3.6
|
| Thu, 30 Mar 2017 21:00:21 +0100 |
IBBoard |
Remove unused (and slightly confusing) class
puppet-3.6
|
| Thu, 30 Mar 2017 20:41:18 +0100 |
IBBoard |
Move all sites to separate LetsEncrypt certs to make adding future domains easier
puppet-3.6
|
| Tue, 28 Mar 2017 21:12:49 +0100 |
IBBoard |
Remove slash in redirect because group catches path slash
puppet-3.6
|
| Tue, 28 Mar 2017 21:05:12 +0100 |
IBBoard |
Make sure that we still redirect to non-www if we want it
puppet-3.6
|
| Tue, 28 Mar 2017 20:56:53 +0100 |
IBBoard |
Swap GlitterGoth to its own Let's Encrypt cert
puppet-3.6
|
| Tue, 28 Mar 2017 20:51:06 +0100 |
IBBoard |
Remove unused Apache config files
puppet-3.6
|
| Tue, 28 Mar 2017 20:50:17 +0100 |
IBBoard |
Add missing HTTPS site config template
puppet-3.6
|
| Tue, 28 Mar 2017 20:47:45 +0100 |
IBBoard |
Update test machine IPs to match new DHCP pool
puppet-3.6
|
| Tue, 28 Mar 2017 20:46:35 +0100 |
IBBoard |
Restructure HTTPS certificates and multiple TLD sites for clarity
puppet-3.6
|
| Sun, 26 Mar 2017 16:53:34 +0100 |
IBBoard |
Remove now deprecated mcrypt extension - all scripts now use openssl
puppet-3.6
|
| Sun, 26 Mar 2017 16:12:57 +0100 |
IBBoard |
Fix pip installations
puppet-3.6
|
| Sat, 25 Mar 2017 20:54:34 +0000 |
IBBoard |
Switch to mercurial_keyring from Pip
puppet-3.6
|
| Sat, 25 Mar 2017 20:18:13 +0000 |
IBBoard |
Remove mod_auth_token and replace with mod_xsendfile
puppet-3.6
|
| Sat, 25 Mar 2017 12:05:36 +0000 |
IBBoard |
Add BDStrike domains
puppet-3.6
|
| Sat, 25 Mar 2017 12:05:23 +0000 |
IBBoard |
Make IP on redirects optional (defaults to primary IP)
puppet-3.6
|
| Fri, 03 Mar 2017 19:48:06 +0000 |
IBBoard |
Remove hgview because it is GUI only
puppet-3.6
|
| Thu, 09 Feb 2017 20:54:30 +0000 |
IBBoard |
Add OLE detection to SpamAssassin without ClamAV
puppet-3.6
|
| Wed, 18 Jan 2017 21:13:20 +0000 |
IBBoard |
Make GG DB backup less frequent now that site is closing
puppet-3.6
|
| Sun, 15 Jan 2017 20:47:13 +0000 |
IBBoard |
Remove ClamAV from server config
puppet-3.6
|
| Mon, 09 Jan 2017 21:06:10 +0000 |
IBBoard |
Block another annoying IP with a firewall rule
puppet-3.6
|
| Sat, 17 Dec 2016 12:01:55 +0000 |
IBBoard |
Override minimum UID for Dovecot/IMAP, as we use old "500+ is users" range
puppet-3.6
|
| Sat, 17 Dec 2016 12:01:16 +0000 |
IBBoard |
Firewall Baidu's new Brazillian IP range for being to agressive
puppet-3.6
|
| Fri, 11 Nov 2016 21:04:13 +0000 |
IBBoard |
Fix "direct under CA" custom conditions and sites that use "cert named after domain" pattern
puppet-3.6
|
| Fri, 11 Nov 2016 21:02:09 +0000 |
IBBoard |
Add Certbot packages we depend on for commands and providing certs
puppet-3.6
|
| Fri, 11 Nov 2016 18:17:46 +0000 |
IBBoard |
Do not supply incorrect CA chain for GG Test site
puppet-3.6
|
| Fri, 11 Nov 2016 17:15:23 +0000 |
IBBoard |
Switch to using LetsEncrypt certs by default
puppet-3.6
|
| Fri, 04 Nov 2016 20:55:22 +0000 |
IBBoard |
Remove (hopefully) redundant Spamhaus checks - Postscreen should do this
puppet-3.6
|
| Wed, 26 Oct 2016 19:40:37 +0100 |
IBBoard |
Change all "latest" packages to "installed"
puppet-3.6
|
| Thu, 06 Oct 2016 19:02:30 +0100 |
IBBoard |
Be less agressive with blocking on the grounds of SPF
puppet-3.6
|
| Sun, 02 Oct 2016 19:33:22 +0100 |
IBBoard |
Filter what we see in Postwhite cron output
puppet-3.6
|
| Sun, 18 Sep 2016 07:22:22 +0100 |
IBBoard |
Fix rookie cron mistake - don't run Postwhite EVERY MINUTE!
puppet-3.6
|
| Sat, 17 Sep 2016 15:19:54 +0100 |
IBBoard |
Fix PHP reporting in logwatch
puppet-3.6
|
| Tue, 13 Sep 2016 21:04:40 +0100 |
IBBoard |
Fix Apache 2.4 Logwatch support
puppet-3.6
|
| Tue, 13 Sep 2016 20:53:16 +0100 |
IBBoard |
Schedule Postwhite to run regularly
puppet-3.6
|
| Tue, 13 Sep 2016 20:27:22 +0100 |
IBBoard |
Swap from manual Postscreen whitelist to Postwhite generated whitelist
puppet-3.6
|
| Sat, 03 Sep 2016 20:31:35 +0100 |
IBBoard |
Add missing "permit" on Postscreen whitelist lines
puppet-3.6
|
| Sat, 03 Sep 2016 14:28:56 +0100 |
IBBoard |
Blacklist more spamming IPs (with a ######.info domain)
puppet-3.6
|
| Fri, 02 Sep 2016 13:40:26 +0100 |
IBBoard |
Add eBay to Postscreen whitelist
puppet-3.6
|
| Sat, 13 Aug 2016 13:44:01 +0100 |
IBBoard |
Disable PCRE JIT to stop SELinux giving "denied execmem" for Apache
puppet-3.6
|
| Wed, 20 Jul 2016 20:31:22 +0100 |
IBBoard |
Blank some Apache configs to prevent httpd update breaking the server
puppet-3.6
|
| Tue, 19 Jul 2016 20:25:44 +0100 |
IBBoard |
Ban IODC bot, because they can't behave and don't have robots.txt instructions
puppet-3.6
|
| Fri, 08 Jul 2016 20:34:29 +0100 |
IBBoard |
Redirect dumb bots that removed the ID number to the main module page
puppet-3.6
|
| Wed, 29 Jun 2016 20:49:56 +0100 |
IBBoard |
Make sure that we're detecting and serving 7zip and RAR files correctly
puppet-3.6
|
| Tue, 28 Jun 2016 20:36:42 +0100 |
IBBoard |
Make sure that custom config comes before site configs
puppet-3.6
|
| Sat, 04 Jun 2016 14:08:19 +0100 |
IBBoard |
Update test machine IP again
puppet-3.6
|
| Sat, 04 Jun 2016 14:07:37 +0100 |
IBBoard |
Make sure our websites load after ALL other Apache config
puppet-3.6
|
| Sat, 04 Jun 2016 14:06:15 +0100 |
IBBoard |
Make sure that we don't leak PHP source code if something breaks
puppet-3.6
|
| Sat, 04 Jun 2016 14:05:14 +0100 |
IBBoard |
Make sure that HTTPS redirects have the full set of headers
puppet-3.6
|
| Tue, 31 May 2016 22:02:15 +0100 |
IBBoard |
Switch to PHP 7 from Webtatic
puppet-3.6
|
| Tue, 31 May 2016 22:00:56 +0100 |
IBBoard |
Add dev machine entry with correct IPs
puppet-3.6
|
| Tue, 31 May 2016 20:57:39 +0100 |
IBBoard |
Swap Webtatic to new GPG key
puppet-3.6
|
| Sat, 21 May 2016 15:32:13 +0100 |
IBBoard |
Add more Postscreen whitelisting, and a private section
puppet-3.6
|
| Sat, 14 May 2016 17:10:10 +0100 |
IBBoard |
Lock down Apache headers for security, based on https://securityheaders.io/
puppet-3.6
|
| Sat, 23 Apr 2016 16:28:47 +0100 |
IBBoard |
Make sure that we're always setting HSTS headers, even when cannonicalising domains
puppet-3.6
|
| Thu, 21 Apr 2016 20:53:37 +0100 |
IBBoard |
Add PayPal IPs to whitelist so that they don't get delayed
puppet-3.6
|
| Sat, 26 Mar 2016 09:05:36 +0000 |
IBBoard |
Remove review email, as GG is shutting down
puppet-3.6
|
| Tue, 22 Mar 2016 21:09:25 +0000 |
IBBoard |
Avoid SELinux warnings by disabling bytecode support
puppet-3.6
|
| Sun, 13 Mar 2016 19:58:17 +0000 |
IBBoard |
Stop Bind trying IPv6, as we only have a link-local IP
puppet-3.6
|
| Wed, 24 Feb 2016 20:21:44 +0000 |
IBBoard |
Set up a recursive localhost-only Bind server (assuming RH's safe and sane default configs)
puppet-3.6
|
| Tue, 16 Feb 2016 20:26:00 +0000 |
IBBoard |
Patch isn't a standard package on a minimal install. Make sure we have it.
puppet-3.6
|
| Sun, 14 Feb 2016 20:04:04 +0000 |
IBBoard |
Reduce the number of spare servers, because we're quiet and need spare memory
puppet-3.6
|
| Wed, 27 Jan 2016 20:18:32 +0000 |
IBBoard |
Add another regular command to check that we've not got services requiring a restart
puppet-3.6
|
| Tue, 26 Jan 2016 20:15:23 +0000 |
IBBoard |
Remove repo checking cruft from potential Yum Check Update cron job output
puppet-3.6
|
| Sun, 24 Jan 2016 20:11:51 +0000 |
IBBoard |
Make sure that we don't get Yum just emailing us "I updated my metadata for the repos"
puppet-3.6
|
| Fri, 22 Jan 2016 20:27:16 +0000 |
IBBoard |
Reduce opcache memory usage because it doesn't use that much
puppet-3.6
|
| Sat, 16 Jan 2016 15:03:04 +0000 |
IBBoard |
Run cron job to notify of available updates
puppet-3.6
|
| Sat, 16 Jan 2016 11:01:09 +0000 |
IBBoard |
Add body checks to emails for the minority of obvious spam that aren't caught
puppet-3.6
|
| Sat, 16 Jan 2016 11:00:38 +0000 |
IBBoard |
Follow the documentation properly and specify dport, not just port
puppet-3.6
|
| Sat, 16 Jan 2016 10:59:56 +0000 |
IBBoard |
Extend blocked files to include backup files
puppet-3.6
|
| Sun, 10 Jan 2016 20:24:22 +0000 |
IBBoard |
Whitelist Google's IPs so that they don't get greylisted
puppet-3.6
|
| Tue, 05 Jan 2016 21:00:52 +0000 |
IBBoard |
Put postscreen back (our second SMTP line seems to have overridden it)
puppet-3.6
|
| Sun, 03 Jan 2016 20:48:38 +0000 |
IBBoard |
Make sure that config file changes for changes trigger a reload
puppet-3.6
|
| Sun, 03 Jan 2016 20:13:19 +0000 |
IBBoard |
Make sure that Amavis daemon is running so mail gets delivered after reboot!
puppet-3.6
|
| Sat, 26 Dec 2015 20:26:22 +0000 |
IBBoard |
Fight back against spam
puppet-3.6
|
| Wed, 23 Dec 2015 11:16:17 +0000 |
IBBoard |
Drop the number of spare servers to save some memory when we normally only have a couple of processes at once
puppet-3.6
|
| Tue, 24 Nov 2015 20:48:36 +0000 |
IBBoard |
Add mlocate as another core package, since it wasn't on our (very) minimal CentOS 7 install
puppet-3.6
|
| Sat, 14 Nov 2015 14:08:32 +0000 |
IBBoard |
New LogRotate is picky about usernames for security reasons. Fix it for Trac logs.
puppet-3.6
|
| Sun, 01 Nov 2015 21:18:07 +0000 |
IBBoard |
Move to CentOS7-based dovecot (with a tweak for "in=…") because it seems to match output better
puppet-3.6
|
| Sat, 31 Oct 2015 20:33:05 +0000 |
IBBoard |
Require bzip2 - why isn't this a default?!
puppet-3.6
|
| Sat, 31 Oct 2015 20:30:31 +0000 |
IBBoard |
Hide extra output from Puppet cron job that later Puppet generates
puppet-3.6
|
| Tue, 27 Oct 2015 08:53:00 +0000 |
IBBoard |
Fix typo (missing single quote)
puppet-3.6
|
| Mon, 26 Oct 2015 19:40:00 +0000 |
IBBoard |
Add required package for email SPF checking
puppet-3.6
|
| Mon, 26 Oct 2015 08:46:22 +0000 |
IBBoard |
Do it properly and put a path in our cron job
puppet-3.6
|
| Sun, 25 Oct 2015 21:21:13 +0000 |
IBBoard |
Fix package name - doing it from memory is bad
puppet-3.6
|
| Sun, 25 Oct 2015 20:55:19 +0000 |
IBBoard |
Add missing dependency for Trac Subversion support on CentOS 7
puppet-3.6
|
| Sun, 25 Oct 2015 20:28:43 +0000 |
IBBoard |
Fix differences in how we allow/deny between Apache 2.2 and 2.4
puppet-3.6
|
| Sun, 25 Oct 2015 20:17:52 +0000 |
IBBoard |
Merge latest changes from Default
puppet-3.6
|
| Sun, 18 Oct 2015 19:39:46 +0100 |
IBBoard |
Be specific about port blocking on Repeat Offender to try to prevent accidental lock-out
puppet-3.6
|
| Sun, 18 Oct 2015 18:57:46 +0100 |
IBBoard |
Update IP address of clouduk - test VM should use a different name!
puppet-3.6
|
| Sat, 17 Oct 2015 15:03:45 +0000 |
IBBoard |
Allow for specifying extra PHP packages (e.g. to enable Posix)
|
| Sun, 11 Oct 2015 19:03:30 +0000 |
IBBoard |
Add missing fail2ban.local config file
|
| Sun, 11 Oct 2015 18:41:53 +0000 |
IBBoard |
"Already Banned" is actually at NOTICE
|
| Sat, 26 Sep 2015 14:28:16 +0000 |
IBBoard |
Update/fix Fail2Ban parsing in Logwatch
|
| Sun, 13 Sep 2015 21:03:49 +0100 |
IBBoard |
Remove unused Fail2Ban filter
puppet-3.6
|
| Sun, 13 Sep 2015 20:48:18 +0100 |
IBBoard |
Make sure Fail2Ban rules are in right order (using separate chain) and whitelist Googlebot (which keeps hitting Script Kiddy targets for unknown reasons)
puppet-3.6
|
| Sun, 13 Sep 2015 19:48:35 +0100 |
IBBoard |
Fix syntax for port range in Fail2Ban rules
puppet-3.6
|
| Sat, 12 Sep 2015 21:00:55 +0100 |
IBBoard |
Add CentOS 7 config for postfix to take advantage of Postfix 2.10 and Postscreen
puppet-3.6
|
| Sat, 12 Sep 2015 16:42:27 +0100 |
IBBoard |
Remove "mod_version" from templates as Website module handles it and it isn't site specific
puppet-3.6
|
| Sat, 12 Sep 2015 11:08:22 +0000 |
IBBoard |
Allow requests to ".well-known" so that we don't accidentally get blocked
|
| Sun, 06 Sep 2015 09:50:39 +0000 |
IBBoard |
Add more complex fragment for Forums to stop hotlinking
|
| Sun, 26 Jul 2015 17:58:06 +0100 |
IBBoard |
Merge Default again
puppet-3.6
|
| Sun, 26 Jul 2015 17:55:43 +0100 |
IBBoard |
Merge Default changes to Puppet 3.6 and fix conflict
puppet-3.6
|
| Sun, 26 Jul 2015 17:50:51 +0100 |
IBBoard |
New IP address for test machine
puppet-3.6
|
| Sun, 26 Jul 2015 17:46:32 +0100 |
IBBoard |
Update firewalling so that we block the right ports when using iptables directly
puppet-3.6
|
| Sun, 26 Jul 2015 15:21:00 +0100 |
IBBoard |
Make Webtatic distro-specific using built-in Yum variable
puppet-3.6
|
| Thu, 03 Sep 2015 08:25:02 +0000 |
IBBoard |
Remove BarracudaCentral from email blacklisting
|
| Sat, 15 Aug 2015 19:15:19 +0000 |
IBBoard |
Mercurial repo versions index.php files etc, so removing index.php breaks things!
|
| Sat, 08 Aug 2015 15:20:17 +0000 |
IBBoard |
Reduce table cache because of possible odd performance issues and increase query cache
|
| Sat, 08 Aug 2015 08:48:06 +0000 |
IBBoard |
Fix Trac log rotation with correct username
|
| Sat, 01 Aug 2015 19:53:18 +0000 |
IBBoard |
Make sure that we compress JavaScript that uses the OTHER mime type
|
| Sat, 25 Jul 2015 17:10:35 +0100 |
IBBoard |
Add SELinux support for website content
puppet-3.6
|
| Sat, 25 Jul 2015 11:48:42 +0100 |
IBBoard |
Use other IP range so that we can contact it (rather than NAT, which prevents us testing in-bound connections, which is the point of a server!)
puppet-3.6
|
| Sat, 27 Jun 2015 19:10:52 +0100 |
IBBoard |
Don't specify how to restart SSHD so that Puppet does its default thing (and works)
puppet-3.6
|
| Sun, 07 Jun 2015 20:47:31 +0100 |
IBBoard |
Tweak wording for accuracy
puppet-3.6
|
| Sat, 06 Jun 2015 19:13:02 +0000 |
IBBoard |
Remove "puppet" host name because we don't need it
|
| Sat, 11 Apr 2015 08:21:12 +0000 |
IBBoard |
Update the "repeat offender" rule so that a) it works, and b) "already banned"* also counts as repeat
|
| Sat, 14 Mar 2015 22:37:07 +0000 |
IBBoard |
Fix hgignore and add some files that accidentally got ignored
puppet-3.6
|
| Sat, 14 Mar 2015 22:34:35 +0000 |
IBBoard |
Load custom "private" rules/config
puppet-3.6
|
| Sat, 14 Mar 2015 22:22:26 +0000 |
IBBoard |
Add firewall handling when we run without APF
puppet-3.6
|
| Sat, 14 Mar 2015 20:58:03 +0000 |
IBBoard |
Add "Firewall" module
puppet-3.6
|
| Sat, 14 Mar 2015 20:22:36 +0000 |
IBBoard |
Move APF refresh command to node template, as it won't work on boxes without it!
puppet-3.6
|
| Sat, 14 Mar 2015 20:09:45 +0000 |
IBBoard |
Update Puppet "stdlib" module
puppet-3.6
|
| Sat, 14 Mar 2015 20:07:04 +0000 |
IBBoard |
Update Puppet module for Apache (pulls in concat module)
puppet-3.6
|
| Sat, 14 Mar 2015 20:01:17 +0000 |
IBBoard |
Handle differences in firewalling between ASO (using APF) and most other hosts (using iptables)
puppet-3.6
|
| Sun, 22 Mar 2015 18:26:06 +0000 |
IBBoard |
Make sure that we have mod_version installed so that Apache config fragments that try to support 2.2 and 2.4 work properly
|
| Sat, 14 Mar 2015 19:38:50 +0000 |
IBBoard |
Merge the PTerry header into the Puppet-3.6 branch
puppet-3.6
|
| Sat, 14 Mar 2015 19:33:06 +0000 |
IBBoard |
Tidy up ordering and dependencies (including making sure we have a necessary file for Fail2Ban to start)
puppet-3.6
|
| Sat, 14 Mar 2015 19:32:15 +0000 |
IBBoard |
Make sure that we're creating a file to mark our one-time run in a location that'll reliably exist
puppet-3.6
|
| Sun, 15 Mar 2015 18:51:57 +0000 |
IBBoard |
Put Sir Terry Pratchett's name on the Clacks, as the Smoking Gnu would do.
|
| Sat, 14 Mar 2015 15:49:40 +0000 |
IBBoard |
Add trial node config for new site (IPs for test VM)
puppet-3.6
|
| Mon, 09 Mar 2015 06:42:55 +0000 |
IBBoard |
Fix quote issue in MySQL 'root' user renaming command
puppet-3.6
|
| Mon, 09 Mar 2015 03:30:18 +0000 |
IBBoard |
Remove unnecessary log directory creation and try to fix SQL statement
puppet-3.6
|
| Mon, 09 Mar 2015 01:34:59 +0000 |
IBBoard |
Update MySQL module (which adds "staging" module)
puppet-3.6
|
| Mon, 09 Mar 2015 00:58:19 +0000 |
IBBoard |
Use "<IfVersion>" to handle auth differences between 2.2 and 2.4
puppet-3.6
|
| Mon, 09 Mar 2015 00:01:27 +0000 |
IBBoard |
Use MariaDB on CentOS7 and manage hiera.yaml (to avoid warnings)
puppet-3.6
|
| Sun, 08 Mar 2015 23:58:22 +0000 |
IBBoard |
Make MySQL Website class more flexible for supporting MariaDB
puppet-3.6
|
| Sun, 08 Mar 2015 23:57:04 +0000 |
IBBoard |
Fix ordering of packages vs files so that config files go in afterwards
puppet-3.6
|
| Sun, 08 Mar 2015 23:56:35 +0000 |
IBBoard |
Fix issues with newer Puppet trying to find files for abstract instances that aren't ever used
puppet-3.6
|
| Sun, 08 Mar 2015 20:48:03 +0000 |
IBBoard |
Fix bad practice of using variable incorrectly, which raises a warning in 3.6
puppet-3.6
|
| Sun, 08 Mar 2015 20:47:27 +0000 |
IBBoard |
Prevent warning by setting a value for allow_virtual (when we need it)
puppet-3.6
|
| Tue, 03 Mar 2015 19:30:07 +0000 |
IBBoard |
Migrate to IBBoard's versions of PHP libraries so that they're build against a later libxml2
|
| Sat, 21 Feb 2015 09:37:00 +0000 |
IBBoard |
Make sure we specify a default charset (even thought it defaults to UTF-8) because ownCloud complains
|
| Sat, 24 Jan 2015 16:20:10 +0000 |
IBBoard |
Add another Postfix blacklist, check HELO for blacklisting, and tweak pipelining issue
|
| Tue, 02 Dec 2014 20:45:31 +0000 |
IBBoard |
Add "reject unauth pipelining" (i.e. firing commands without waiting for auth) on CentOS recommendation
|
| Mon, 01 Dec 2014 21:28:45 +0000 |
IBBoard |
Tweak time on permission setting script so that it is less likely to clash with LoadAVG run every 6 minutes
|
| Mon, 01 Dec 2014 20:27:57 +0000 |
IBBoard |
Add Liz's site
|
| Mon, 01 Dec 2014 20:27:38 +0000 |
IBBoard |
Update HTTP website manifest so that it works, since we're now hosting a HTTP site
|
| Sat, 08 Nov 2014 15:36:42 +0000 |
IBBoard |
Make sure that alternate TLDs get certificate chain flowed through, and fix key file check for redirects
|
| Sat, 08 Nov 2014 15:35:38 +0000 |
IBBoard |
Add missing php.conf and make html-php config try index.html first as index
|
| Mon, 27 Oct 2014 20:31:27 +0000 |
IBBoard |
Update mirror list to match one supplied by RPM
|
| Wed, 08 Oct 2014 19:45:54 +0000 |
IBBoard |
Lock down ownership and permissions on certificates
|
| Wed, 08 Oct 2014 19:45:21 +0000 |
IBBoard |
Disable slow query logging - it got quite large and needs looking at!
|
| Sun, 28 Sep 2014 08:03:46 +0000 |
IBBoard |
Add "Shellshock" exploit Fail2ban rule
|
| Sat, 30 Aug 2014 10:05:08 +0000 |
IBBoard |
Increase memory a bit more for optimisation
|
| Wed, 27 Aug 2014 13:46:07 +0000 |
IBBoard |
Fix "slow query" log - previously MySQL didn't have permission to write it
|
| Wed, 27 Aug 2014 12:57:47 +0000 |
IBBoard |
Give OpCache more memory and make sure that we refresh on config changes
|
