|
|
0b41932570
|
Use Dovecot SASL instead of running a seperate saslauthd
|
2019-12-16 22:25:30 +01:00 |
|
|
|
1f4c90edf7
|
image/x-icon (.ico files) can be compressed well
|
2019-11-10 20:55:54 +01:00 |
|
|
|
f857083765
|
Enable HPACK nginx module and aio
|
2019-11-01 20:45:21 +01:00 |
|
|
|
079b771717
|
Define disable_symlinks nginx config rule globally
|
2019-10-20 13:17:08 +02:00 |
|
|
|
724ef98c9b
|
prevent deleting sockets of other php instances
|
2019-10-19 20:46:18 +02:00 |
|
|
|
9c04243f33
|
Simplify nginx systemd unit and add RuntimeDirectory option to php
|
2019-10-17 19:03:45 +02:00 |
|
|
|
b7be96b11f
|
Enable nginx and fix systemd service
|
2019-10-16 21:29:55 +02:00 |
|
|
|
6052e57112
|
Switch to custom compiled php
|
2019-10-15 19:37:51 +02:00 |
|
|
|
f9824e45a8
|
We run less instances now for less memory usage
|
2019-09-22 22:17:11 +02:00 |
|
|
|
7ec0f76f35
|
Updated nginx logrotate
|
2019-09-07 12:21:00 +02:00 |
|
|
|
0b61a38c26
|
Replace debian stock nginx with custom optimized nginx
|
2019-09-02 19:49:41 +02:00 |
|
|
|
df4c4275c7
|
Added vm.overcommit_ratio=100 to sysctl to use full memory capacity
|
2019-08-30 20:19:43 +02:00 |
|
|
|
37cf037a6c
|
Added the new instances to rc.local and README
|
2019-07-21 12:43:56 +02:00 |
|
|
|
401b87d3ea
|
Add curve25519-sha256 to KexAlgorithms
|
2019-05-06 20:05:16 +02:00 |
|
|
|
c219b65b53
|
Some software requires an IPv4 address and can't handle unix: addresses...
|
2019-02-12 19:38:21 +01:00 |
|
|
|
bdf26c8d00
|
Introduce CPU and Memory resource control for php and all child-processes
|
2019-01-22 21:12:50 +01:00 |
|
|
|
11574e3e3f
|
nproc seems to be a global limit, not per session - increased accoringly
|
2019-01-08 18:20:24 +01:00 |
|
|
|
838b6c3b6f
|
disable systemd-resolver and tor@default apparmor profile
|
2019-01-06 20:35:04 +01:00 |
|
|
|
dfe7f7d9e7
|
when shell access is enabled, we shouldn't use force-command in sshd_config
|
2019-01-06 19:35:49 +01:00 |
|
|
|
09ca89029e
|
apply security restrictions in limits.conf
|
2019-01-06 19:33:12 +01:00 |
|
|
|
c46a2584fa
|
Add shell access and scp support
|
2019-01-06 18:20:02 +01:00 |
|
|
|
b5d8b79b8e
|
Disabled STRICT_TRANS_TABLES for compatibility
|
2019-01-05 12:15:56 +01:00 |
|
|
|
55bc8cd757
|
Introduce mysqld socket stream forwarding with nginx for chroot jails
|
2019-01-01 13:47:30 +01:00 |
|
|
|
0f38bd2449
|
Improved privilege separation
|
2019-01-01 02:24:22 +01:00 |
|
|
|
91167d1f45
|
Fix systemd namespace issues taking effect after reboot
|
2018-12-24 06:27:33 +01:00 |
|
|
|
e0bfc5e633
|
Our hidden service should run on v3 by default
|
2018-12-10 16:58:50 +01:00 |
|
|
|
11c055ebcf
|
Remove commeted options
|
2018-12-07 22:18:49 +01:00 |
|
|
|
4f6539b31d
|
Introduce systemd.exec restrictions for better security
|
2018-12-07 21:54:44 +01:00 |
|
|
|
8e155012a7
|
Suppress chatty dovecot messages
|
2018-12-07 21:48:22 +01:00 |
|
|
|
4b25310396
|
Simplified sshd_config
|
2018-12-07 13:25:30 +01:00 |
|
|
|
be005c3137
|
Renamed config file
|
2018-12-05 17:18:46 +01:00 |
|
|
|
aedd8a1e6a
|
Update to latest mariadb version
|
2018-12-05 17:18:11 +01:00 |
|
|
|
64163823a8
|
dnsmasq should only listen on lo interface
|
2018-12-05 07:59:46 +01:00 |
|
|
|
4f059e66f7
|
Droped php7.2 systemd.service files
|
2018-12-04 13:29:17 +01:00 |
|
|
|
c651bb65c7
|
Add jounald.conf
|
2018-12-03 17:22:23 +01:00 |
|
|
|
22066309d5
|
Add login.defs file
|
2018-12-02 21:41:31 +01:00 |
|
|
|
363d1b31ad
|
Debian sid dropped php7.2 support - move to 7.3 only
|
2018-12-02 21:17:11 +01:00 |
|
|
|
2e0e69d605
|
We don't need apt repository translations
|
2018-12-02 19:31:26 +01:00 |
|
|
|
7111fa3a65
|
Prevent httpoxy vulnerability in PHP applications
|
2018-11-29 20:56:39 +01:00 |
|
|
|
9de11a9722
|
Dropped PHP7.1 support and install composer
|
2018-11-24 10:38:59 +01:00 |
|
|
|
e4e59782ca
|
Disabled RSA host key type (because small keys are generated by default), as well as ECDSA (due to suspicions of NSA-compromised P-curves). Enabled only strong key exchange, cipher, and MAC algorithms. See https://www.sshaudit.com/ and https://github.com/arthepsy/ssh-audit.
|
2018-11-19 15:01:11 -05:00 |
|
|
|
41b33f2c51
|
Drop PHP7.0 support
|
2018-11-18 20:50:35 +01:00 |
|
|
|
f4ca23336b
|
Add clamav virus scan to mails
|
2018-11-11 11:17:20 +01:00 |
|
|
|
5f3dfefa02
|
Drop now redundant config
|
2018-10-28 09:07:20 +01:00 |
|
|
|
9985ba4864
|
Add PHP7.3 support and let setup.php write initial config files
|
2018-10-24 19:59:02 +02:00 |
|
|
|
b80f30ac03
|
Ignore insecure 777 permissions set by users on logrotate
|
2018-10-21 10:44:23 +02:00 |
|
|
|
2cee59dc6f
|
Structure changes for future features
|
2018-10-20 18:20:27 +02:00 |
|
|
|
81c2364b7b
|
Better load distribution on multiple relays
|
2018-09-23 20:09:04 +02:00 |
|
|
|
382ea73efb
|
Update firewall rules
|
2018-09-10 19:20:11 +02:00 |
|
|
|
2c634b889c
|
Add dnsmasq DNS caching and performance tune tor instances
|
2018-09-10 19:11:02 +02:00 |
|
