source: server/fedora/config/etc

Revision Log Mode:


Legend:

Added
Modified
Copied or renamed
Diff Rev Age Author Log Message
(edit) @886   14 years geofft sipb.mit.edu certificate
(edit) @885   14 years geofft and the vhosts they rode in on
(edit) @884   14 years geofft More noms.
(edit) @883   14 years geofft Re r882, make the resulting log zephyr public. (Thanks to price for ...
(edit) @879   14 years quentin Update nscd configuration to cache smarter
(edit) @878   14 years quentin Enable sshd verbose mode, so we can identify the public key used for login
(edit) @877   14 years quentin Provide commented-out non-nss_nonlocal region in nsswitch
(edit) @876   14 years quentin Uncommitted changes on b-k
(edit) @872   14 years geofft forgot to fix SSLVerifyclient on familynet
(edit) @870   14 years geofft yay SSL vhosts yay
(edit) @869   14 years geofft SSLVerifyClient optional on port 444. Oops. ^_^;;
(edit) @868   14 years quentin Ignore all partitions mounted under /mnt
(edit) @867   14 years quentin Update postfix configuration for version 2.5.1
(edit) @866   14 years quentin Use scripts yum repository (yay!)
(edit) @865   14 years quentin Use sudo to monitor hardware sensors for munin
(edit) @864   14 years quentin Ignore f7root partitions when checking disk space
(edit) @854   14 years geofft Add a script to convert LDAP vhosts into <VirtualHost> blocks, so it's ...
(edit) @853   14 years andersk Put the children out of their misery.
(edit) @847   14 years andersk Run munin as an unprivileged user with sudo for root access when necessary
(edit) @845   14 years andersk Use the local LDAP server (as is already the case on both servers).
(edit) @842   14 years andersk Run php directly from suexec, so php scripts don’t need to be executable.
(edit) @841   14 years geofft [help.mit.edu #694790]
(edit) @831   14 years andersk MaxRequestsPerChild < Ridiculous
(edit) @829   14 years geofft Debathena's reasoning seems sound enough. Add fuse_allow_other, which ...
(edit) @822   14 years geofft OM NOM NOM NOM CERTIFICATES
(edit) @821   14 years geofft I'm stupid.
(edit) @820   14 years geofft Add server certS for random-hall.mit.edu and mitsoc.mit.edu
(edit) @817   14 years geofft Added code to zephyr on OOM kills. Also commented out a change by ...
(edit) @814   14 years geofft As Anders would say...
(edit) @813   14 years geofft This looks useful too
(edit) @811   14 years quentin Add localhost to the list of scripts names
(edit) @808   14 years geofft Probably a useful file to have.
(edit) @807   14 years quentin Add routes for sql via eth1
(edit) @804   14 years andersk We don't actually have a deb.gif.
(edit) @802   14 years andersk Allow a directory index of /__scripts/icons.
(edit) @801   14 years geofft /etc: Add pki/tls/certs/*.pem to the repository.
(edit) @799   14 years geofft Uncommitted changes from o-f: reboot on kernel panic (do we actually ...
(edit) @794   14 years quentin Update sudoers based on F9 template
(edit) @792   14 years quentin We don't share /tmp (eeew)
(edit) @791   14 years quentin Add bees-knees and cats-whiskers to /etc/hosts
(edit) @790   14 years geofft Oops, missed scripts-test's IP.
(edit) @789   14 years geofft Update names for scripts[1-4]
(edit) @787   14 years geofft Fix some stuff about our iptables rules, including: - Remove ACCEPT ...
(edit) @784   14 years quentin Use explicit recipients for non-root log messages
(edit) @783   14 years geofft Make d_zroot.pl zephyr people in the .k5login in personals
(edit) @781   14 years quentin munin needs to start as root so it can setuid to run the script; it ...
(edit) @780   14 years geofft Munin should not run as root. Remove munin's htpasswd file, since it's ...
(edit) @779   14 years geofft mod_status is a serious privacy violation.
(edit) @778   14 years geofft This list is a little better
(edit) @777   14 years geofft Add more sysnames to differentiate between OS releases, and add the ...
(edit) @775   14 years geofft Version nscd.conf, and reduce the negative TTL to 5 seconds to solve ...
(edit) @770   14 years quentin Stop more spew; parse ssh keys and identify the used key when ...
(edit) @768   14 years geofft Commented out scripts-spew. It is inappropriate to send syslogs about ...
(edit) @759   15 years quentin Tweak httpd settings
(edit) @758   15 years quentin Avoid spew in cases of serious error
(edit) @757   15 years quentin Add AFS monitoring to Nagios
(edit) @755   15 years andersk Oops, missed a spot.
(edit) @754   15 years andersk Use the scripts private key for *.scripts as well (the previous ...
(edit) @751   15 years andersk Configure nsswitch.conf to use nss_nonlocal.
(edit) @749   15 years andersk Nope. Don't care.
(edit) @740   15 years andersk Update SSL configuration directives from Fedora's ssl.conf. Notably, ...
(edit) @739   15 years andersk spew--
(edit) @738   15 years andersk SHUT. THE. FUCK. UP.
(edit) @734   15 years andersk Turn on KeepAlive for SSL and increase timeouts, to avoid pathological ...
(edit) @715   15 years quentin Allow syn to access nrpe through iptables
(edit) @712   15 years quentin Allow syn to monitor scripts
(edit) @708   15 years geofft Add rebecca to sudoers.
(edit) @707   15 years andersk This sucker has had it coming for a long time.
(edit) @690   15 years quentin Ignore more syslog messages
(edit) @687   15 years andersk We might as well present the *.scripts.mit.edu certificate for ...
(edit) @682   15 years andersk Revert r681; this doesn't actually work.
(edit) @681   15 years andersk Drop to nobody in case of a terrible mod_vhost_ldap disaster.
(edit) @677   15 years andersk Remove hacks-old.
(edit) @671   15 years quentin Remove broken configuration for deprecated mime_magic module, as we ...
(edit) @669   15 years geofft disable X11 forwarding; allow forwarding $EDITOR and $VISUAL because ...
(edit) @668   15 years quentin Ignore more meaningless sshd logs
(edit) @667   15 years quentin Don't log logins from non-root users
(edit) @666   15 years quentin Change syslog zephyring to coalesce messages
(edit) @665   15 years quentin Make Zephyrs more useful and move to -c scripts-auto
(edit) @664   15 years andersk -c scripts -> -c scripts-auto.
(edit) @662   15 years quentin Save log and pid in the right places
(edit) @661   15 years quentin Run whoisd on startup
(edit) @657   15 years quentin Run if_ plugin as root so it can determine the interface speed
(edit) @656   15 years andersk And finally the vhosts directory is unused.
(edit) @653   15 years andersk Convert framewrapper vhosts to real vhosts in LDAP.
(edit) @649   15 years presbrey httpd.conf: configure SNI support for *:444
(edit) @648   15 years presbrey httpd.conf: configure SNI support
(edit) @646   15 years quentin Send to host-specific instance, and send for both root and logview
(edit) @645   15 years quentin syslog-ng configuration for zephyring when root logs in
(edit) @644   15 years quentin Remove overrides of session.save_path and include_path (old ...
(edit) @643   15 years quentin Commit outstanding change allowing ldap backups
(edit) @642   15 years andersk Only check .htaccess files inside web_scripts, thus eliminating a past ...
(edit) @635   15 years andersk Enable mod_expires.
(edit) @624   15 years quentin Allow monitoring by syn.mit.edu
(edit) @623   15 years quentin Move the heartbeat script to /__scripts/heartbeat so we can serve it ...
(edit) @607   15 years quentin Add a second NTP server, for good measure.
(edit) @605   15 years andersk blah blah APACHE HAS NO GODDAMN ABSTRACTION BARRIERS blah blah blah.
(edit) @604   15 years andersk Prevent vhost access controls from applying to /__scripts.
(edit) @603   15 years andersk Modularize the redirect-to-certs kludge so that users just need to say ...
(edit) @602   15 years andersk /icons -> /__scripts/icons to avoid shadowing vhost namespace.
Note: See TracRevisionLog for help on using the revision log.