summaryrefslogtreecommitdiff
path: root/provider_base/services
diff options
context:
space:
mode:
authorChristoph Kluenter <ckluente@thoughtworks.com>2014-12-04 12:09:10 +0100
committerChristoph Kluenter <ckluente@thoughtworks.com>2014-12-04 12:09:10 +0100
commitd063e35d3e29b3cedc810b8e5ca1855c841d8f9e (patch)
tree06e5110632156a35e6e879a9fa0455edf62f05bf /provider_base/services
parent664dca31dec0c7935ee96359209d9dcefc03e38c (diff)
parentde51b83384d97a67cdbdf1992ba9ad771a292c5d (diff)
Merge remote-tracking branch 'leap/develop' into check_dhcp
Diffstat (limited to 'provider_base/services')
-rw-r--r--provider_base/services/_couchdb_multimaster.json6
-rw-r--r--provider_base/services/monitor.json1
-rw-r--r--provider_base/services/openvpn.json3
-rw-r--r--provider_base/services/tor.json9
-rw-r--r--provider_base/services/webapp.json3
5 files changed, 16 insertions, 6 deletions
diff --git a/provider_base/services/_couchdb_multimaster.json b/provider_base/services/_couchdb_multimaster.json
index 8c433188..0f340e00 100644
--- a/provider_base/services/_couchdb_multimaster.json
+++ b/provider_base/services/_couchdb_multimaster.json
@@ -8,8 +8,8 @@
"ednp_server": "= stunnel_server(couch.bigcouch.ednp_port)"
},
"clients": {
- "epmd_clients": "= stunnel_client(nodes_like_me[:services => :couchdb], couch.bigcouch.epmd_port)",
- "ednp_clients": "= stunnel_client(nodes_like_me[:services => :couchdb], couch.bigcouch.ednp_port)"
+ "epmd_clients": "= stunnel_client(nodes_like_me['services' => 'couchdb']['couch.mode' => 'multimaster'], couch.bigcouch.epmd_port)",
+ "ednp_clients": "= stunnel_client(nodes_like_me['services' => 'couchdb']['couch.mode' => 'multimaster'], couch.bigcouch.ednp_port)"
}
},
"couch": {
@@ -18,7 +18,7 @@
"epmd_port": 4369,
"ednp_port": 9002,
"cookie": "= secret :bigcouch_cookie",
- "neighbors": "= nodes_like_me['services' => 'couchdb']['couch.master' => true].exclude(self).field('domain.full')"
+ "neighbors": "= nodes_like_me['services' => 'couchdb']['couch.mode' => 'multimaster'].exclude(self).field('domain.full')"
}
}
}
diff --git a/provider_base/services/monitor.json b/provider_base/services/monitor.json
index c24724bf..56ca015b 100644
--- a/provider_base/services/monitor.json
+++ b/provider_base/services/monitor.json
@@ -1,6 +1,7 @@
{
"nagios": {
"nagiosadmin_pw": "= secret :nagios_admin_password",
+ "domains_internal": "= global.tags.field('domain.internal_suffix').compact.uniq",
"hosts": "= (self.environment == 'local' ? nodes_like_me : nodes[:environment => '!local']).pick_fields('domain.internal', 'domain.full_suffix', 'ip_address', 'services', 'openvpn.gateway_address', 'ssh.port')"
},
"hosts": "= self.environment == 'local' ? hosts_file(nodes_like_me) : hosts_file(nodes[:environment => '!local'])",
diff --git a/provider_base/services/openvpn.json b/provider_base/services/openvpn.json
index 1906244c..11cb0dc2 100644
--- a/provider_base/services/openvpn.json
+++ b/provider_base/services/openvpn.json
@@ -24,7 +24,8 @@
"auth": "SHA1",
"cipher": "AES-128-CBC",
"keepalive": "10 30",
- "tun-ipv6": true
+ "tun-ipv6": true,
+ "fragment": 1500
}
},
"obfsproxy": {
diff --git a/provider_base/services/tor.json b/provider_base/services/tor.json
index fc365a19..55d3d2ee 100644
--- a/provider_base/services/tor.json
+++ b/provider_base/services/tor.json
@@ -3,6 +3,13 @@
"bandwidth_rate": 6550,
"contacts": "= [provider.contacts['tor'] || provider.contacts.default].flatten",
"nickname": "= (self.name + secret(:tor_family)).sub('_','')[0..18]",
- "family": "= nodes[:services => 'tor'][:environment => '!local'].field('tor.nickname').join(',')"
+ "family": "= nodes[:services => 'tor'][:environment => '!local'].field('tor.nickname').join(',')",
+ "hidden_service": {
+ "active": null,
+ "key_type": "RSA",
+ "public_key": "= tor_public_key_path(:node_tor_pub_key, tor.hidden_service.key_type) if tor.hidden_service.active",
+ "private_key": "= tor_private_key_path(:node_tor_priv_key, tor.hidden_service.key_type) if tor.hidden_service.active",
+ "address": "= onion_address(:node_tor_pub_key) if tor.hidden_service.active"
+ }
}
}
diff --git a/provider_base/services/webapp.json b/provider_base/services/webapp.json
index 3af0dade..67744f99 100644
--- a/provider_base/services/webapp.json
+++ b/provider_base/services/webapp.json
@@ -1,6 +1,7 @@
{
"webapp": {
"admins": [],
+ "forbidden_usernames": ["admin", "administrator", "arin-admin", "certmaster", "contact", "info", "maildrop", "postmaster", "ssladmin", "www-data"],
"domain": "= domain.full_suffix",
"modules": ["user", "billing", "help"],
"couchdb_webapp_user": {
@@ -21,7 +22,7 @@
"secure": false,
"git": {
"source": "https://leap.se/git/leap_web",
- "revision": "origin/master"
+ "revision": "origin/version/0.6"
},
"client_version": "= provider.client_version",
"nagios_test_user": {