Git-Mirrors/graphene-os-server-infrastructure
1
0
Fork 0
mirror of https://github.com/GrapheneOS/infrastructure.git synced 2024-07-06 03:01:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
270 Commits 1 Branch 0 Tags 1.7 MiB
e1af23a478
Commit Graph

9 Commits

Author SHA1 Message Date
Daniel Micay
37bf4935f1 drop mail server specific certbot configuration 
The mail server is now using the webroot authentication method via nginx
due to moving the MTA-STS web service to the mail server.
 2023-06-30 15:47:33 -04:00
Daniel Micay
27aca7474c drop no-op RemoveIPC 2023-06-10 20:42:37 -04:00
Daniel Micay
dfd3fc861b avoid disallowing chown syscall for certbot-renew 2022-09-14 18:29:12 -04:00
Daniel Micay
ef1a26b68c certbot-renew: make nginx ocsp-cache dir optional 2022-08-28 15:46:33 -04:00
Daniel Micay
fd397326ec add chown to certbot syscall allowlist 2022-08-28 14:58:21 -04:00
Daniel Micay
8482ac5144 give certbot access to /etc/nginx/ocsp-cache 2022-08-27 17:22:23 -04:00
Daniel Micay
2cf0966847 properly override ExecStart 2022-08-27 17:19:42 -04:00
Daniel Micay
2a33c3b962 initial certbot-renew service hardening 
This doesn't switch to using a dedicated certbot user yet since the
hooks used across the services will all still need to work.
 2022-08-10 11:32:48 -04:00
Daniel Micay
5bbaecfce9 disable redundant random sleep for certbot renewal 2022-08-10 11:28:18 -04:00