summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2013-12-29 22:16:03 -0800
committerelijah <elijah@riseup.net>2014-01-02 12:10:52 -0800
commitfefab2386f0fbd9f218dc0b361eb833875c27f56 (patch)
treea02c4a6759341a6a0fd162557b7a1dffaf3dcd92
parentc07e0f2f5ddd17c7d7bdb6a1afc4748b401f14ae (diff)
added support for minimum client version checking
-rw-r--r--provider_base/provider.json6
-rw-r--r--provider_base/services/webapp.json3
-rw-r--r--puppet/modules/site_webapp/manifests/init.pp11
-rw-r--r--puppet/modules/site_webapp/templates/config.yml.erb1
4 files changed, 18 insertions, 3 deletions
diff --git a/provider_base/provider.json b/provider_base/provider.json
index 5b335e8a..8864e24d 100644
--- a/provider_base/provider.json
+++ b/provider_base/provider.json
@@ -50,5 +50,9 @@
"unlimited_prefix": "UNLIMITED"
}
},
- "hiera_sync_destination": "/etc/leap"
+ "hiera_sync_destination": "/etc/leap",
+ "client_version": {
+ "min": "0.5",
+ "max": null
+ }
}
diff --git a/provider_base/services/webapp.json b/provider_base/services/webapp.json
index ca7e7309..08c7c5b0 100644
--- a/provider_base/services/webapp.json
+++ b/provider_base/services/webapp.json
@@ -14,7 +14,8 @@
"git": {
"source": "https://leap.se/git/leap_web",
"revision": "origin/master"
- }
+ },
+ "client_version": "= global.provider.client_version"
},
"stunnel": {
"couch_client": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.port)"
diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp
index ae644287..f8216aa4 100644
--- a/puppet/modules/site_webapp/manifests/init.pp
+++ b/puppet/modules/site_webapp/manifests/init.pp
@@ -80,11 +80,20 @@ class site_webapp {
}
file {
- '/srv/leap/webapp/public/provider.json':
+ '/srv/leap/webapp/config/provider':
+ ensure => directory,
+ require => Vcsrepo['/srv/leap/webapp'],
+ owner => leap-webapp, group => leap-webapp, mode => '0755';
+
+ '/srv/leap/webapp/config/provider/provider.json':
content => $provider,
require => Vcsrepo['/srv/leap/webapp'],
owner => leap-webapp, group => leap-webapp, mode => '0644';
+ # old provider.json location. this can be removed after everyone upgrades.
+ '/srv/leap/webapp/public/provider.json':
+ ensure => absent;
+
'/srv/leap/webapp/public/ca.crt':
ensure => link,
require => Vcsrepo['/srv/leap/webapp'],
diff --git a/puppet/modules/site_webapp/templates/config.yml.erb b/puppet/modules/site_webapp/templates/config.yml.erb
index 6b45abc2..98f8564e 100644
--- a/puppet/modules/site_webapp/templates/config.yml.erb
+++ b/puppet/modules/site_webapp/templates/config.yml.erb
@@ -14,3 +14,4 @@ production:
allow_anonymous_certs: <%= @webapp['allow_anonymous_certs'].inspect %>
limited_cert_prefix: "<%= cert_options['limited_prefix'] %>"
unlimited_cert_prefix: "<%= cert_options['unlimited_prefix'] %>"
+ minimum_client_version: "<%= @webapp['client_version']['min'] %>"