diff options
author | Christoph Kluenter <ckluente@thoughtworks.com> | 2014-12-04 12:09:10 +0100 |
---|---|---|
committer | Christoph Kluenter <ckluente@thoughtworks.com> | 2014-12-04 12:09:10 +0100 |
commit | d063e35d3e29b3cedc810b8e5ca1855c841d8f9e (patch) | |
tree | 06e5110632156a35e6e879a9fa0455edf62f05bf /provider_base/services | |
parent | 664dca31dec0c7935ee96359209d9dcefc03e38c (diff) | |
parent | de51b83384d97a67cdbdf1992ba9ad771a292c5d (diff) |
Merge remote-tracking branch 'leap/develop' into check_dhcp
Diffstat (limited to 'provider_base/services')
-rw-r--r-- | provider_base/services/_couchdb_multimaster.json | 6 | ||||
-rw-r--r-- | provider_base/services/monitor.json | 1 | ||||
-rw-r--r-- | provider_base/services/openvpn.json | 3 | ||||
-rw-r--r-- | provider_base/services/tor.json | 9 | ||||
-rw-r--r-- | provider_base/services/webapp.json | 3 |
5 files changed, 16 insertions, 6 deletions
diff --git a/provider_base/services/_couchdb_multimaster.json b/provider_base/services/_couchdb_multimaster.json index 8c433188..0f340e00 100644 --- a/provider_base/services/_couchdb_multimaster.json +++ b/provider_base/services/_couchdb_multimaster.json @@ -8,8 +8,8 @@ "ednp_server": "= stunnel_server(couch.bigcouch.ednp_port)" }, "clients": { - "epmd_clients": "= stunnel_client(nodes_like_me[:services => :couchdb], couch.bigcouch.epmd_port)", - "ednp_clients": "= stunnel_client(nodes_like_me[:services => :couchdb], couch.bigcouch.ednp_port)" + "epmd_clients": "= stunnel_client(nodes_like_me['services' => 'couchdb']['couch.mode' => 'multimaster'], couch.bigcouch.epmd_port)", + "ednp_clients": "= stunnel_client(nodes_like_me['services' => 'couchdb']['couch.mode' => 'multimaster'], couch.bigcouch.ednp_port)" } }, "couch": { @@ -18,7 +18,7 @@ "epmd_port": 4369, "ednp_port": 9002, "cookie": "= secret :bigcouch_cookie", - "neighbors": "= nodes_like_me['services' => 'couchdb']['couch.master' => true].exclude(self).field('domain.full')" + "neighbors": "= nodes_like_me['services' => 'couchdb']['couch.mode' => 'multimaster'].exclude(self).field('domain.full')" } } } diff --git a/provider_base/services/monitor.json b/provider_base/services/monitor.json index c24724bf..56ca015b 100644 --- a/provider_base/services/monitor.json +++ b/provider_base/services/monitor.json @@ -1,6 +1,7 @@ { "nagios": { "nagiosadmin_pw": "= secret :nagios_admin_password", + "domains_internal": "= global.tags.field('domain.internal_suffix').compact.uniq", "hosts": "= (self.environment == 'local' ? nodes_like_me : nodes[:environment => '!local']).pick_fields('domain.internal', 'domain.full_suffix', 'ip_address', 'services', 'openvpn.gateway_address', 'ssh.port')" }, "hosts": "= self.environment == 'local' ? hosts_file(nodes_like_me) : hosts_file(nodes[:environment => '!local'])", diff --git a/provider_base/services/openvpn.json b/provider_base/services/openvpn.json index 1906244c..11cb0dc2 100644 --- a/provider_base/services/openvpn.json +++ b/provider_base/services/openvpn.json @@ -24,7 +24,8 @@ "auth": "SHA1", "cipher": "AES-128-CBC", "keepalive": "10 30", - "tun-ipv6": true + "tun-ipv6": true, + "fragment": 1500 } }, "obfsproxy": { diff --git a/provider_base/services/tor.json b/provider_base/services/tor.json index fc365a19..55d3d2ee 100644 --- a/provider_base/services/tor.json +++ b/provider_base/services/tor.json @@ -3,6 +3,13 @@ "bandwidth_rate": 6550, "contacts": "= [provider.contacts['tor'] || provider.contacts.default].flatten", "nickname": "= (self.name + secret(:tor_family)).sub('_','')[0..18]", - "family": "= nodes[:services => 'tor'][:environment => '!local'].field('tor.nickname').join(',')" + "family": "= nodes[:services => 'tor'][:environment => '!local'].field('tor.nickname').join(',')", + "hidden_service": { + "active": null, + "key_type": "RSA", + "public_key": "= tor_public_key_path(:node_tor_pub_key, tor.hidden_service.key_type) if tor.hidden_service.active", + "private_key": "= tor_private_key_path(:node_tor_priv_key, tor.hidden_service.key_type) if tor.hidden_service.active", + "address": "= onion_address(:node_tor_pub_key) if tor.hidden_service.active" + } } } diff --git a/provider_base/services/webapp.json b/provider_base/services/webapp.json index 3af0dade..67744f99 100644 --- a/provider_base/services/webapp.json +++ b/provider_base/services/webapp.json @@ -1,6 +1,7 @@ { "webapp": { "admins": [], + "forbidden_usernames": ["admin", "administrator", "arin-admin", "certmaster", "contact", "info", "maildrop", "postmaster", "ssladmin", "www-data"], "domain": "= domain.full_suffix", "modules": ["user", "billing", "help"], "couchdb_webapp_user": { @@ -21,7 +22,7 @@ "secure": false, "git": { "source": "https://leap.se/git/leap_web", - "revision": "origin/master" + "revision": "origin/version/0.6" }, "client_version": "= provider.client_version", "nagios_test_user": { |