3d96c2ca70
Add dnssec validating recursive resolver and razorfy+rspamd users
2021-05-21 08:47:56 +02:00
5e7f385b06
Recurse pull php-gnupg submodules and remove unneeded systemd.service files
2021-04-08 18:31:02 +02:00
6f98c1b08b
Add PHP-8.0 and remove xmlrpc extension + PHP-7.2
2020-10-13 10:25:04 +02:00
14c50d7c1e
Allow nginx to write in postfix directory
2020-02-08 22:37:57 +01:00
1b28fcac95
Fix vsftpd not starting
2020-02-05 19:26:35 +01:00
e9c4b798d5
Update php systemd service files
2020-01-11 13:33:34 +01:00
709e4fd1c5
Reduce priority of background deletion task
2020-01-08 06:32:40 +01:00
930052fe1e
BindPaths -> ReadWritePaths for all systemd services
2020-01-05 19:31:52 +01:00
0b41932570
Use Dovecot SASL instead of running a seperate saslauthd
2019-12-16 22:25:30 +01:00
724ef98c9b
prevent deleting sockets of other php instances
2019-10-19 20:46:18 +02:00
9c04243f33
Simplify nginx systemd unit and add RuntimeDirectory option to php
2019-10-17 19:03:45 +02:00
b7be96b11f
Enable nginx and fix systemd service
2019-10-16 21:29:55 +02:00
6052e57112
Switch to custom compiled php
2019-10-15 19:37:51 +02:00
0b61a38c26
Replace debian stock nginx with custom optimized nginx
2019-09-02 19:49:41 +02:00
bdf26c8d00
Introduce CPU and Memory resource control for php and all child-processes
2019-01-22 21:12:50 +01:00
838b6c3b6f
disable systemd-resolver and tor@default apparmor profile
2019-01-06 20:35:04 +01:00
55bc8cd757
Introduce mysqld socket stream forwarding with nginx for chroot jails
2019-01-01 13:47:30 +01:00
0f38bd2449
Improved privilege separation
2019-01-01 02:24:22 +01:00
91167d1f45
Fix systemd namespace issues taking effect after reboot
2018-12-24 06:27:33 +01:00
11c055ebcf
Remove commeted options
2018-12-07 22:18:49 +01:00
4f6539b31d
Introduce systemd.exec restrictions for better security
2018-12-07 21:54:44 +01:00
4f059e66f7
Droped php7.2 systemd.service files
2018-12-04 13:29:17 +01:00
c651bb65c7
Add jounald.conf
2018-12-03 17:22:23 +01:00
9de11a9722
Dropped PHP7.1 support and install composer
2018-11-24 10:38:59 +01:00
41b33f2c51
Drop PHP7.0 support
2018-11-18 20:50:35 +01:00
9985ba4864
Add PHP7.3 support and let setup.php write initial config files
2018-10-24 19:59:02 +02:00
300cd647df
Increase limits and add putenv to disabled functions (vulerability)
...
Potential security vulnerability:
<?php
putenv("LD_PRELOAD=/home/site.onion/libtest.so");
mail("test@localhost","hacked","you");
2018-04-22 09:11:43 +02:00
c9487adb1a
MariaDB hit open_files_limit -> increase it
2018-03-12 06:47:18 +01:00
b2fab1ec53
Fix /var/run/nginx not being created on nginx start
2018-03-11 20:17:14 +01:00
7bd2e79f06
Separate nginx sockets for each site to make hoster identification harder
2018-03-08 20:57:42 +01:00
fa24bb61ec
Added PHP 7.2 support + minor bugfixes and performance tweaks
...
Note when applying this update you will have to update existing nginx vhosts to match new listening addresses (IPv6). Preferably you should update them to unix socket though and apply the changes to the tor hidden service config as well
2018-02-10 22:10:07 +01:00
88f6fa2e88
Log tor to default syslog
2017-05-10 18:55:02 +02:00
fa363efaec
Bugfixes
2017-05-06 18:29:19 +02:00
e0b35fb943
Initial commit
2017-04-30 19:32:42 +02:00
