|
d98a1adfd9
|
bundles/ssl: support using a preexisting ssl certificate
|
2021-04-25 09:09:23 +02:00 |
|
|
a37d31973a
|
bundles: add some telegraf plugins
|
2021-04-24 09:14:25 +02:00 |
|
|
6a88040826
|
bundles/nginx: disable Federated Learning of Cohorts for all hosts
bundlewrap/pipeline/head This commit looks good
|
2021-04-16 18:36:50 +02:00 |
|
|
e36a352a42
|
bundles: fix usage of set() vs {}
bundlewrap/pipeline/head This commit looks good
|
2021-04-04 10:34:55 +02:00 |
|
|
b52a196c73
|
bundles/nginx: add configuration option for client_max_body_size
bundlewrap/pipeline/head This commit looks good
|
2021-03-30 21:26:25 +02:00 |
|
|
b943d2d465
|
rework iptables configuration
bundlewrap/pipeline/head This commit looks good
|
2021-03-21 10:30:04 +01:00 |
|
|
b470fddc12
|
bundles/nginx: add gdpr-compatible log format
|
2021-02-20 21:11:12 +01:00 |
|
|
74d81eb7ba
|
bundles/nginx: support disabling ssl for each vhost individually
bundlewrap/pipeline/head This commit looks good
|
2021-02-20 14:25:27 +01:00 |
|
|
228786f6aa
|
bundles/letsencrypt: generate a dummy certificate, if no certificate already exists
|
2021-02-20 13:52:40 +01:00 |
|
|
b06532241b
|
bundles: use metastack syntax for metadata.get()
bundlewrap/pipeline/head This commit looks good
|
2021-02-18 18:12:25 +01:00 |
|
|
fbb8840dff
|
add .editorconfig, format files correctly
bundlewrap/pipeline/head This commit looks good
|
2021-02-17 10:56:18 +01:00 |
|
|
5c1eba0d58
|
bundles: use a common metadata key for firewall restrictions, use repo.libs.tools.resolve_identifier()
bundlewrap/pipeline/head This commit looks good
|
2021-02-15 14:16:35 +01:00 |
|
|
f52df58517
|
bundles: code style improvements
bundlewrap/pipeline/head This commit looks good
|
2021-02-12 20:45:41 +01:00 |
|
|
2aaf7cf8f8
|
bundles/nginx: better ssl
|
2021-01-24 18:44:13 +01:00 |
|
|
2d42e5f7dd
|
update bw to 4.3, add .provides() to metadata reactors
bundlewrap/pipeline/head This commit looks good
|
2021-01-07 18:44:38 +01:00 |
|
|
03d3ab6e9d
|
bundles/{netdata,nginx,unbound}: fix iptables rules (should also create ip6tables rules)
bundlewrap/pipeline/head There was a failure building this commit
|
2021-01-02 16:19:55 +01:00 |
|
|
6045debe9e
|
bundles/nginx: check ssl certificates
bundlewrap/pipeline/head This commit looks good
|
2020-12-18 13:28:08 +01:00 |
|
|
4a57926577
|
bundles/icinga2: set some notification options for checks
|
2020-11-22 08:24:44 +01:00 |
|
|
5419bf31fb
|
bundles: fix some icinga checks
|
2020-11-21 10:30:05 +01:00 |
|
|
2d856a1e9a
|
bundles/nginx: add iptables rules
bundlewrap/pipeline/head This commit looks good
|
2020-11-16 16:43:57 +01:00 |
|
|
df63f8c732
|
bundles/nginx: make sure /var/www exists
|
2020-11-13 13:35:02 +01:00 |
|
|
0749fc75c5
|
bundles: add backup paths
|
2020-11-13 12:37:26 +01:00 |
|
|
e5c12f0628
|
bundles/nginx: create webroot directories after bundle:zfs is done
|
2020-11-12 22:59:46 +01:00 |
|
|
11701a67c8
|
dns: deploy MTA-STS
bundlewrap/pipeline/head This commit looks good
|
2020-11-11 11:41:06 +01:00 |
|
|
8cb997133a
|
bundles/nginx: add monitoring
bundlewrap/pipeline/head This commit looks good
|
2020-11-10 10:57:04 +01:00 |
|
|
f8bc4b2ad9
|
bundles/php: introduce
|
2020-10-31 13:00:38 +01:00 |
|
|
e2d8923dee
|
bundles/nginx: use metadata reactor to determine index files
|
2020-10-31 10:41:48 +01:00 |
|
|
67c5c23194
|
bundles/nginx: support non-domain vhost names
|
2020-10-31 10:30:07 +01:00 |
|
|
113221a9b2
|
bundles/nginx: make sure we have dhparam.pem
|
2020-10-31 10:18:40 +01:00 |
|
|
8eeaabf615
|
bundles/nginx: use http 308 for https redirect
bundlewrap/pipeline/head This commit looks good
basically "go away. nothing's here. use https forever."
|
2020-10-30 15:24:24 +01:00 |
|
|
48cc865892
|
bundles/nginx: make sure webroot directory exists
bundlewrap/pipeline/head This commit looks good
|
2020-10-18 18:55:00 +02:00 |
|
|
366374b4e5
|
bundles/apt: handle unattended-upgrades ourselves
|
2020-10-18 15:33:41 +02:00 |
|
|
7ea85247e0
|
bundles/nginx: proxy is a dict now, add some more configuration options
bundlewrap/pipeline/head This commit looks good
|
2020-09-22 18:39:38 +02:00 |
|
|
151d8e92c3
|
bundles/nginx: do not set X-Forwarded-Proto if https is disabled, do not use http2 without ssl
|
2020-09-20 15:46:39 +02:00 |
|
|
d6799088c4
|
bundles/nginx: add metadata option to disable https
|
2020-09-20 14:36:43 +02:00 |
|
|
ccd4a09183
|
bundles/apt: allow variables {os} and {os_release} in sources.list entries
|
2020-08-30 12:06:19 +02:00 |
|
|
77051c0a0e
|
bundles/nginx: clean up unmanaged nginx vhosts
|
2020-08-30 11:36:48 +02:00 |
|
|
b24253a64b
|
bundles/nginx: determine worker processes by cpu count by default
|
2020-08-30 10:32:29 +02:00 |
|
|
ad620396f5
|
bundles/apt: rework gpg key handling
|
2020-08-20 10:59:45 +02:00 |
|
|
8547948ce6
|
bundles/nginx: also set host header for proxy connections
|
2020-08-19 21:43:37 +02:00 |
|
|
5e2fea8497
|
update to bw4
|
2020-08-18 15:31:52 +02:00 |
|
|
d7862918a6
|
bundles/nginx: set default X-Frame-Options to SAMEORIGIN
bundlewrap/pipeline/head This commit looks good
|
2020-08-18 15:07:43 +02:00 |
|
|
17828a29f8
|
bundles/nginx: fix hsts header
bundlewrap/pipeline/head This commit looks good
|
2020-08-14 08:23:41 +02:00 |
|
|
7986f6ee7d
|
bundles/letsencrypt: remove ocsp stapling
bundlewrap/pipeline/head This commit looks good
This causes problems with weechat and dovecot. Those certificates
are short-lived, so not having OCSP stapling is probably fine.
|
2020-07-26 18:48:37 +02:00 |
|
|
f7eb0cc150
|
bundles/{letsencrypt,nginx}: fix ocsp stapling
bundlewrap/pipeline/head There was a failure building this commit
|
2020-07-19 12:10:19 +02:00 |
|
|
de632a7725
|
htz.ex42-1048908: add missing domains
bundlewrap/pipeline/head There was a failure building this commit
|
2020-07-19 11:26:12 +02:00 |
|
|
94c2c644a6
|
bundles/nginx: support PHP 7.3
|
2020-07-19 11:09:53 +02:00 |
|
|
31a1a88d13
|
bundles/nginx: use DEFAULTS for letsencrypt
|
2020-07-19 10:58:54 +02:00 |
|
|
d1236d6e25
|
bundles/nginx: add stub_status
bundlewrap/pipeline/head This commit looks good
|
2020-06-01 13:35:54 +02:00 |
|
|
5f804ca3be
|
bundles/letsencrypt: add metadata to reload certificates and services
bundlewrap/pipeline/head This commit looks good
|
2020-06-01 12:33:25 +02:00 |
|