aboutsummaryrefslogtreecommitdiffstats
path: root/roles
Commit message (Collapse)AuthorAgeFilesLines
* web: Clean up nginx ssl.conf a bitHEADmasterAaron LI2019-10-031-10/+3
|
* web: Employ monthly periodic task to renew certificatesAaron LI2019-10-033-16/+59
|
* web: Update acme.sh log rotation settingsAaron LI2019-10-031-1/+1
|
* security: Discard stderr output of pfctlAaron LI2019-10-031-1/+1
|
* git: Rework the post-preceive hook for cgit-static repoAaron LI2019-09-222-17/+14
|
* git: Some small updatesAaron LI2019-09-223-5/+9
|
* mail: Order several tasksAaron LI2019-09-221-23/+23
|
* mail: Use 'service' module instead of 'rcreload' commandAaron LI2019-09-221-3/+9
|
* mail: Update certificate deployment w.r.t. acme.shAaron LI2019-09-223-18/+7
|
* radicale: Delete the redundant 'service ... start' taskAaron LI2019-09-221-3/+0
|
* znc: Use multiple servers and enable SSLAaron LI2019-09-221-4/+8
| | | | | But accept all certificates, because most IRC servers use self-signed certificates.
* znc: Update certificate deployment w.r.t. acme.shAaron LI2019-09-224-50/+43
|
* mail: Update certificate pathsAaron LI2019-09-222-4/+4
|
* web/handlers: Use 'service' moduleAaron LI2019-09-221-1/+3
|
* web/sites: Add 'w.233233.xyz'Aaron LI2019-09-221-0/+124
|
* web/sites: Update certificate pathsAaron LI2019-09-228-18/+18
|
* web: Remove obsolete 'acme-client' related codeAaron LI2019-09-226-199/+0
|
* web: Use 'acme.sh' to issue and renew certificatesAaron LI2019-09-224-75/+123
| | | | The 'acme-client' seems obsolete and is missing from DPorts.
* web: Add 'nginx' tagAaron LI2019-09-221-1/+11
|
* vars: Introduce 'web.acme_webroot'Aaron LI2019-09-221-1/+1
|
* web: Only create the basic site for ACMEAaron LI2019-09-211-2/+4
|
* security: Use cron to expire PF table instead of daily periodic taskAaron LI2019-09-212-42/+7
|
* security: Use 'service' module instead of rcrestart/rcreloadAaron LI2019-09-211-2/+6
|
* zones/liwt.net: Do not hardcode subdomainsAaron LI2019-09-211-6/+16
| | | | | Also reject the 'mail' subdomain from creating the CNAME record, because the 'mail' is used to create the MX record.
* zones/233233.xyz: Do not hardcode subdomainsAaron LI2019-09-211-1/+11
|
* dns/nsd: Add IPv6 AXFR address for ns2.afraid.orgAaron LI2019-09-211-2/+4
|
* basic: Add static IPv6 settingsAaron LI2019-09-211-0/+30
|
* zones/aaronly.me: Remove "dorm-x42", "office", "cluster"Aaron LI2019-09-211-3/+0
|
* dns: Add tags "unbound" and "nsd"Aaron LI2019-09-211-3/+20
|
* dns: Fetch initial anchor for unboundAaron LI2019-09-211-0/+6
|
* dns: Use "service" module instead of rcrestart/rcreloadAaron LI2019-09-211-4/+12
|
* bootstrap: Use the 'service' module instead of ad-hoc commandAaron LI2019-09-191-1/+3
|
* shadowsocks: Use the 'service' module instead of ad-hoc commandAaron LI2019-09-192-2/+6
|
* shadowsocks: Minor tweaksAaron LI2019-09-192-2/+3
|
* Update pkgng usage and fix package namesAaron LI2019-09-196-32/+26
| | | | | | Fix package names: * vim-lite => vim-console * uwsgi-py36 => uwsgi
* bootstrap: Disable password login for SSHAaron LI2019-09-191-0/+8
|
* znc: Update the wiki URLAaron LI2018-12-201-1/+1
|
* basic: Enable all.log and tweak syslogd flagsAaron LI2018-12-201-0/+23
|
* radicale: Do not bother to rotate the log fileAaron LI2018-12-201-6/+0
| | | | | | | | | | | Without running radicale in debug mode, the log file is quite small, so do not bother to rotate it. Actually, it's hard to configure uwsgi to properly rotate the log file: when the uwsgi worker accepts the 'HUP' signal and restart, it doesn't have priviledge to create the socket file and thus failed. If, on the other hand, the uwsgi isn't stopped properly, it will leave SysV semaphores in use, and finally exaust all semaphores.
* Fix uwsgi socket owner in rc.confAaron LI2018-12-202-0/+2
|
* web/sites: Add 233233.d.conf to proxy to duckduckgo.comAaron LI2018-12-011-0/+78
|
* dns: Add CNAME d.233233.xyzAaron LI2018-12-011-1/+1
|
* Port to Ansible 2.7Aaron LI2018-12-013-11/+21
|
* security/pf: Allow the ports of all shadowsocks instancesAaron LI2018-06-241-2/+3
|
* shadowsocks: Support multiple instances (share with others)Aaron LI2018-06-244-20/+139
| | | | | | | Add the "shadowsocks" rc script that allows multiple instances (based on the uwsgi rc script). Update the role and vars to setup two shadowsocks instances.
* git: remove obsolete git-shell-commands files and vars.conf.j2Aaron LI2018-05-1511-381/+0
|
* git: remove some obsolete settingsAaron LI2018-05-151-48/+34
|
* git: configure gitolite with cgitAaron LI2018-05-152-2/+5
|
* git/gitolite: update configAaron LI2018-05-151-2/+2
|
* git: update github keyname to be keyfile to the full path to the keyAaron LI2018-05-141-3/+3
|
Copyright © 2017-2018 Aaron LI. All Rights Reserved.