aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* web: Update acme.sh log rotation settingsAaron LI2019-10-031-1/+1
|
* security: Discard stderr output of pfctlAaron LI2019-10-031-1/+1
|
* git: Rework the post-preceive hook for cgit-static repoAaron LI2019-09-222-17/+14
|
* git: Some small updatesAaron LI2019-09-223-5/+9
|
* mail: Order several tasksAaron LI2019-09-221-23/+23
|
* mail: Use 'service' module instead of 'rcreload' commandAaron LI2019-09-221-3/+9
|
* mail: Update certificate deployment w.r.t. acme.shAaron LI2019-09-223-18/+7
|
* radicale: Delete the redundant 'service ... start' taskAaron LI2019-09-221-3/+0
|
* znc: Use multiple servers and enable SSLAaron LI2019-09-222-7/+18
| | | | | But accept all certificates, because most IRC servers use self-signed certificates.
* filter_plugins/passwd: Fix encode/decode for python3Aaron LI2019-09-221-3/+3
|
* znc: Update certificate deployment w.r.t. acme.shAaron LI2019-09-224-50/+43
|
* mail: Update certificate pathsAaron LI2019-09-222-4/+4
|
* web/handlers: Use 'service' moduleAaron LI2019-09-221-1/+3
|
* web/sites: Add 'w.233233.xyz'Aaron LI2019-09-221-0/+124
|
* web/sites: Update certificate pathsAaron LI2019-09-228-18/+18
|
* web: Remove obsolete 'acme-client' related codeAaron LI2019-09-226-199/+0
|
* web: Use 'acme.sh' to issue and renew certificatesAaron LI2019-09-225-75/+125
| | | | The 'acme-client' seems obsolete and is missing from DPorts.
* web: Add 'nginx' tagAaron LI2019-09-221-1/+11
|
* vars: Introduce 'web.acme_webroot'Aaron LI2019-09-222-1/+4
|
* web: Only create the basic site for ACMEAaron LI2019-09-211-2/+4
|
* security: Use cron to expire PF table instead of daily periodic taskAaron LI2019-09-212-42/+7
|
* security: Use 'service' module instead of rcrestart/rcreloadAaron LI2019-09-211-2/+6
|
* zones/liwt.net: Do not hardcode subdomainsAaron LI2019-09-211-6/+16
| | | | | Also reject the 'mail' subdomain from creating the CNAME record, because the 'mail' is used to create the MX record.
* zones/233233.xyz: Do not hardcode subdomainsAaron LI2019-09-211-1/+11
|
* vars: Delete the AXFR IPv6 address of afraid.orgAaron LI2019-09-211-1/+0
| | | | This IPv6 address is unreachable, according to the log emitted by NSD.
* dns/nsd: Add IPv6 AXFR address for ns2.afraid.orgAaron LI2019-09-212-4/+9
|
* basic: Add static IPv6 settingsAaron LI2019-09-211-0/+30
|
* vars: Update the static IPv6 addressAaron LI2019-09-211-1/+1
|
* vars: Add subdomain 'w' to '233233.xyz'Aaron LI2019-09-211-3/+4
|
* zones/aaronly.me: Remove "dorm-x42", "office", "cluster"Aaron LI2019-09-211-3/+0
|
* dns: Add tags "unbound" and "nsd"Aaron LI2019-09-211-3/+20
|
* dns: Fetch initial anchor for unboundAaron LI2019-09-211-0/+6
|
* dns: Use "service" module instead of rcrestart/rcreloadAaron LI2019-09-211-4/+12
|
* bootstrap: Use the 'service' module instead of ad-hoc commandAaron LI2019-09-191-1/+3
|
* shadowsocks: Use the 'service' module instead of ad-hoc commandAaron LI2019-09-192-2/+6
|
* shadowsocks: Minor tweaksAaron LI2019-09-192-2/+3
|
* group_vars/vault: Update passwords for shadowsocksAaron LI2019-09-191-73/+73
|
* bootstrap.sh: Do not generate SSH key if existsAaron LI2019-09-191-15/+13
| | | | Allow to bootstrap host again after reinstallation (for example).
* Update pkgng usage and fix package namesAaron LI2019-09-196-32/+26
| | | | | | Fix package names: * vim-lite => vim-console * uwsgi-py36 => uwsgi
* bootstrap: Disable password login for SSHAaron LI2019-09-191-0/+8
|
* host_vars: Use IP instead of domain name for SSHAaron LI2019-09-191-1/+1
|
* bootstrap: Install and use Python 3Aaron LI2019-09-192-3/+3
|
* dns: Update the IP of ns2.afraid.orgAaron LI2019-03-081-1/+1
|
* znc: Update the wiki URLAaron LI2018-12-201-1/+1
|
* README: Fix ansible playbook usageAaron LI2018-12-201-4/+4
|
* basic: Enable all.log and tweak syslogd flagsAaron LI2018-12-201-0/+23
|
* radicale: Do not bother to rotate the log fileAaron LI2018-12-201-6/+0
| | | | | | | | | | | Without running radicale in debug mode, the log file is quite small, so do not bother to rotate it. Actually, it's hard to configure uwsgi to properly rotate the log file: when the uwsgi worker accepts the 'HUP' signal and restart, it doesn't have priviledge to create the socket file and thus failed. If, on the other hand, the uwsgi isn't stopped properly, it will leave SysV semaphores in use, and finally exaust all semaphores.
* Fix uwsgi socket owner in rc.confAaron LI2018-12-202-0/+2
|
* Ignore two symlinksAaron LI2018-12-011-0/+4
|
* web/sites: Add 233233.d.conf to proxy to duckduckgo.comAaron LI2018-12-011-0/+78
|
Copyright © 2017-2018 Aaron LI. All Rights Reserved.