|
@@ -851,6 +851,8 @@ Prosody is configured as follows:
|
|
|
* Self-registration is not allowed.
|
|
|
* TLS is configured. Legacy TLS is available on port 5223.
|
|
|
* Client-to-server communication requires encryption (TLS).
|
|
|
* Uses 2048-bit Diffie-Hellman parameters for relevant TLS ciphers for
|
|
|
incoming connections.
|
|
|
* Authentication is done via LDAP. For setting the LDAP TLS truststore, see
|
|
|
:ref:`LDAP Client <ldap_client>`.
|
|
|
* Internal storage is used.
|
|
@@ -1014,6 +1016,8 @@ Deployed services are configured as follows:
|
|
|
* Mail is stored in directory ``/var/MAIL_USER/DOMAIN/USER``, using ``Maildir``
|
|
|
format.
|
|
|
* TLS is required for user log-ins for both SMTP and IMAP.
|
|
|
* Uses 2048-bit Diffie-Hellman parameters for relevant TLS ciphers for
|
|
|
incoming connections.
|
|
|
* For user submission (SMTP), users must connect and authenticate over TCP
|
|
|
port 587.
|
|
|
* Configures TLS versions and ciphers supported by Dovecot.
|
|
@@ -1253,6 +1257,8 @@ Postfix is configured as follows:
|
|
|
* TLS is enforced for relaying mails, with configurable truststore for server
|
|
|
certificate verification if SMTP relay is used. If SMTP relay is not used
|
|
|
(configured), no certificate verification is done.
|
|
|
* Uses 2048-bit Diffie-Hellman parameters for relevant TLS ciphers for
|
|
|
incoming connections.
|
|
|
|
|
|
|
|
|
Role dependencies
|
|
@@ -1338,6 +1344,8 @@ The role implements the following:
|
|
|
index page.
|
|
|
* Deploys the HTTPS TLS private key and certificate (for default vhost).
|
|
|
* Configures TLS versions and ciphers supported by Nginx.
|
|
|
* Uses 2048-bit Diffie-Hellman parameters for relevant TLS ciphers for
|
|
|
incoming connections.
|
|
|
* Configures firewall to allow incoming connections to the web server.
|
|
|
* Installs and configures virtualenv and virtualenvwrapper as a common base for
|
|
|
Python apps.
|