|
|
4ebebf6be5
|
Fix IPv6 SLAAC
|
2021-05-23 15:17:26 +02:00 |
|
|
|
f94c0b6b71
|
Add razorfy and bind config
|
2021-05-21 18:58:45 +02:00 |
|
|
|
a6fbf2423d
|
User is bind not bind9
|
2021-05-21 18:07:11 +02:00 |
|
|
|
3d96c2ca70
|
Add dnssec validating recursive resolver and razorfy+rspamd users
|
2021-05-21 08:47:56 +02:00 |
|
|
|
5e7f385b06
|
Recurse pull php-gnupg submodules and remove unneeded systemd.service files
|
2021-04-08 18:31:02 +02:00 |
|
|
|
6f98c1b08b
|
Add PHP-8.0 and remove xmlrpc extension + PHP-7.2
|
2020-10-13 10:25:04 +02:00 |
|
|
|
3b7818c738
|
disable auth penalty as everyone connects from the same IP
|
2020-08-04 21:48:07 +02:00 |
|
|
|
af0d5cf26a
|
Remove FTP support - SFTP is the future
|
2020-07-19 18:03:07 +02:00 |
|
|
|
825a2967e2
|
Build custom libssh2 and enable hmac-sha2-512 as best matching MAC
|
2020-07-19 13:33:53 +02:00 |
|
|
|
20759103b0
|
Add nginx lua module form openresty
|
2020-07-05 22:51:49 +02:00 |
|
|
|
6cd3146b29
|
Add $request_method to nginx cache key
|
2020-02-08 22:53:33 +01:00 |
|
|
|
14c50d7c1e
|
Allow nginx to write in postfix directory
|
2020-02-08 22:37:57 +01:00 |
|
|
|
1549b7cc09
|
vfemail.net took down their .onion server...
|
2020-02-07 20:10:26 +01:00 |
|
|
|
1b28fcac95
|
Fix vsftpd not starting
|
2020-02-05 19:26:35 +01:00 |
|
|
|
05cd5b0774
|
Rotate all php version logs
|
2020-02-05 17:59:34 +01:00 |
|
|
|
29b06199e6
|
Removed unused saslauthd config
|
2020-01-19 10:28:17 +01:00 |
|
|
|
739216f853
|
Tweaked nginx ressource limits
|
2020-01-16 06:22:35 +01:00 |
|
|
|
24692da470
|
Fixed cache injection vulnerability using faked headers
|
2020-01-14 06:45:56 +01:00 |
|
|
|
68b4458c88
|
Improve inode/dnode caching under memory pressure
|
2020-01-13 06:53:22 +01:00 |
|
|
|
e9c4b798d5
|
Update php systemd service files
|
2020-01-11 13:33:34 +01:00 |
|
|
|
a69714bce8
|
Enable hidden service intro DoS defense
|
2020-01-11 12:56:20 +01:00 |
|
|
|
709e4fd1c5
|
Reduce priority of background deletion task
|
2020-01-08 06:32:40 +01:00 |
|
|
|
930052fe1e
|
BindPaths -> ReadWritePaths for all systemd services
|
2020-01-05 19:31:52 +01:00 |
|
|
|
6d92ea99e0
|
Inreased mysql max_connections variable
|
2020-01-05 14:02:38 +01:00 |
|
|
|
0b41932570
|
Use Dovecot SASL instead of running a seperate saslauthd
|
2019-12-16 22:25:30 +01:00 |
|
|
|
1f4c90edf7
|
image/x-icon (.ico files) can be compressed well
|
2019-11-10 20:55:54 +01:00 |
|
|
|
f857083765
|
Enable HPACK nginx module and aio
|
2019-11-01 20:45:21 +01:00 |
|
|
|
079b771717
|
Define disable_symlinks nginx config rule globally
|
2019-10-20 13:17:08 +02:00 |
|
|
|
724ef98c9b
|
prevent deleting sockets of other php instances
|
2019-10-19 20:46:18 +02:00 |
|
|
|
9c04243f33
|
Simplify nginx systemd unit and add RuntimeDirectory option to php
|
2019-10-17 19:03:45 +02:00 |
|
|
|
b7be96b11f
|
Enable nginx and fix systemd service
|
2019-10-16 21:29:55 +02:00 |
|
|
|
6052e57112
|
Switch to custom compiled php
|
2019-10-15 19:37:51 +02:00 |
|
|
|
f9824e45a8
|
We run less instances now for less memory usage
|
2019-09-22 22:17:11 +02:00 |
|
|
|
7ec0f76f35
|
Updated nginx logrotate
|
2019-09-07 12:21:00 +02:00 |
|
|
|
0b61a38c26
|
Replace debian stock nginx with custom optimized nginx
|
2019-09-02 19:49:41 +02:00 |
|
|
|
df4c4275c7
|
Added vm.overcommit_ratio=100 to sysctl to use full memory capacity
|
2019-08-30 20:19:43 +02:00 |
|
|
|
37cf037a6c
|
Added the new instances to rc.local and README
|
2019-07-21 12:43:56 +02:00 |
|
|
|
401b87d3ea
|
Add curve25519-sha256 to KexAlgorithms
|
2019-05-06 20:05:16 +02:00 |
|
|
|
c219b65b53
|
Some software requires an IPv4 address and can't handle unix: addresses...
|
2019-02-12 19:38:21 +01:00 |
|
|
|
bdf26c8d00
|
Introduce CPU and Memory resource control for php and all child-processes
|
2019-01-22 21:12:50 +01:00 |
|
|
|
11574e3e3f
|
nproc seems to be a global limit, not per session - increased accoringly
|
2019-01-08 18:20:24 +01:00 |
|
|
|
838b6c3b6f
|
disable systemd-resolver and tor@default apparmor profile
|
2019-01-06 20:35:04 +01:00 |
|
|
|
dfe7f7d9e7
|
when shell access is enabled, we shouldn't use force-command in sshd_config
|
2019-01-06 19:35:49 +01:00 |
|
|
|
09ca89029e
|
apply security restrictions in limits.conf
|
2019-01-06 19:33:12 +01:00 |
|
|
|
c46a2584fa
|
Add shell access and scp support
|
2019-01-06 18:20:02 +01:00 |
|
|
|
b5d8b79b8e
|
Disabled STRICT_TRANS_TABLES for compatibility
|
2019-01-05 12:15:56 +01:00 |
|
|
|
55bc8cd757
|
Introduce mysqld socket stream forwarding with nginx for chroot jails
|
2019-01-01 13:47:30 +01:00 |
|
|
|
0f38bd2449
|
Improved privilege separation
|
2019-01-01 02:24:22 +01:00 |
|
|
|
91167d1f45
|
Fix systemd namespace issues taking effect after reboot
|
2018-12-24 06:27:33 +01:00 |
|
|
|
e0bfc5e633
|
Our hidden service should run on v3 by default
|
2018-12-10 16:58:50 +01:00 |
|
