Commit graph

94 commits

Author SHA1 Message Date
6045debe9e
bundles/nginx: check ssl certificates
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-12-18 13:28:08 +01:00
4a57926577
bundles/icinga2: set some notification options for checks 2020-11-22 08:24:44 +01:00
5419bf31fb
bundles: fix some icinga checks 2020-11-21 10:30:05 +01:00
2d856a1e9a
bundles/nginx: add iptables rules
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-16 16:43:57 +01:00
df63f8c732
bundles/nginx: make sure /var/www exists 2020-11-13 13:35:02 +01:00
0749fc75c5
bundles: add backup paths 2020-11-13 12:37:26 +01:00
e5c12f0628
bundles/nginx: create webroot directories after bundle:zfs is done 2020-11-12 22:59:46 +01:00
11701a67c8
dns: deploy MTA-STS
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-11 11:41:06 +01:00
8cb997133a
bundles/nginx: add monitoring
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-11-10 10:57:04 +01:00
f8bc4b2ad9
bundles/php: introduce 2020-10-31 13:00:38 +01:00
e2d8923dee
bundles/nginx: use metadata reactor to determine index files 2020-10-31 10:41:48 +01:00
67c5c23194
bundles/nginx: support non-domain vhost names 2020-10-31 10:30:07 +01:00
113221a9b2
bundles/nginx: make sure we have dhparam.pem 2020-10-31 10:18:40 +01:00
8eeaabf615
bundles/nginx: use http 308 for https redirect
All checks were successful
bundlewrap/pipeline/head This commit looks good
basically "go away. nothing's here. use https forever."
2020-10-30 15:24:24 +01:00
48cc865892
bundles/nginx: make sure webroot directory exists
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-10-18 18:55:00 +02:00
366374b4e5
bundles/apt: handle unattended-upgrades ourselves 2020-10-18 15:33:41 +02:00
7ea85247e0
bundles/nginx: proxy is a dict now, add some more configuration options
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-09-22 18:39:38 +02:00
151d8e92c3
bundles/nginx: do not set X-Forwarded-Proto if https is disabled, do not use http2 without ssl 2020-09-20 15:46:39 +02:00
d6799088c4
bundles/nginx: add metadata option to disable https 2020-09-20 14:36:43 +02:00
ccd4a09183
bundles/apt: allow variables {os} and {os_release} in sources.list entries 2020-08-30 12:06:19 +02:00
77051c0a0e
bundles/nginx: clean up unmanaged nginx vhosts 2020-08-30 11:36:48 +02:00
b24253a64b
bundles/nginx: determine worker processes by cpu count by default 2020-08-30 10:32:29 +02:00
ad620396f5
bundles/apt: rework gpg key handling 2020-08-20 10:59:45 +02:00
8547948ce6
bundles/nginx: also set host header for proxy connections 2020-08-19 21:43:37 +02:00
5e2fea8497
update to bw4 2020-08-18 15:31:52 +02:00
d7862918a6
bundles/nginx: set default X-Frame-Options to SAMEORIGIN
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-18 15:07:43 +02:00
17828a29f8
bundles/nginx: fix hsts header
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-08-14 08:23:41 +02:00
7986f6ee7d
bundles/letsencrypt: remove ocsp stapling
All checks were successful
bundlewrap/pipeline/head This commit looks good
This causes problems with weechat and dovecot. Those certificates
are short-lived, so not having OCSP stapling is probably fine.
2020-07-26 18:48:37 +02:00
f7eb0cc150
bundles/{letsencrypt,nginx}: fix ocsp stapling
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-07-19 12:10:19 +02:00
de632a7725
htz.ex42-1048908: add missing domains
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-07-19 11:26:12 +02:00
94c2c644a6
bundles/nginx: support PHP 7.3 2020-07-19 11:09:53 +02:00
31a1a88d13
bundles/nginx: use DEFAULTS for letsencrypt 2020-07-19 10:58:54 +02:00
d1236d6e25
bundles/nginx: add stub_status
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-06-01 13:35:54 +02:00
5f804ca3be
bundles/letsencrypt: add metadata to reload certificates and services
All checks were successful
bundlewrap/pipeline/head This commit looks good
2020-06-01 12:33:25 +02:00
85b3adf671
add proxy feature to nginx 2020-06-01 11:31:13 +02:00
3523edbcb4
bundles/nginx: ensure we're doing letsencrypt, since we're enforcing ssl 2020-06-01 11:17:52 +02:00
36c8b90c4b
bundles/nginx: switch to TLS 1.2 and 1.3 only
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
2020-06-01 11:01:00 +02:00
c4330f866b
bundles/nginx: add deployment of vhost configs 2020-06-01 10:52:52 +02:00
dc9e8dc679
add letsencrypt bundle 2020-06-01 10:26:37 +02:00
86d88a4355
fix apt unattended-upgrades 2020-05-23 17:01:30 +02:00
ffb962b108
bundles/nginx: add nginx config 2020-04-13 09:52:26 +02:00
f1a693d0d6
bundles: only install apt packages via apt bundle to avoid double defining packages 2020-04-11 11:25:24 +02:00
a1e05108c1
bundles/apt: change origins to sites 2020-04-04 11:21:30 +02:00
9556e423bd
bundles/nginx: initial commit 2020-03-14 09:56:19 +00:00