diff options
| -rw-r--r-- | provider_base/provider.json | 6 | ||||
| -rw-r--r-- | provider_base/services/webapp.json | 3 | ||||
| -rw-r--r-- | puppet/modules/site_webapp/manifests/init.pp | 11 | ||||
| -rw-r--r-- | puppet/modules/site_webapp/templates/config.yml.erb | 1 |
4 files changed, 18 insertions, 3 deletions
diff --git a/provider_base/provider.json b/provider_base/provider.json index 5b335e8a..8864e24d 100644 --- a/provider_base/provider.json +++ b/provider_base/provider.json @@ -50,5 +50,9 @@ "unlimited_prefix": "UNLIMITED" } }, - "hiera_sync_destination": "/etc/leap" + "hiera_sync_destination": "/etc/leap", + "client_version": { + "min": "0.5", + "max": null + } } diff --git a/provider_base/services/webapp.json b/provider_base/services/webapp.json index ca7e7309..08c7c5b0 100644 --- a/provider_base/services/webapp.json +++ b/provider_base/services/webapp.json @@ -14,7 +14,8 @@ "git": { "source": "https://leap.se/git/leap_web", "revision": "origin/master" - } + }, + "client_version": "= global.provider.client_version" }, "stunnel": { "couch_client": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.port)" diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp index ae644287..f8216aa4 100644 --- a/puppet/modules/site_webapp/manifests/init.pp +++ b/puppet/modules/site_webapp/manifests/init.pp @@ -80,11 +80,20 @@ class site_webapp { } file { - '/srv/leap/webapp/public/provider.json': + '/srv/leap/webapp/config/provider': + ensure => directory, + require => Vcsrepo['/srv/leap/webapp'], + owner => leap-webapp, group => leap-webapp, mode => '0755'; + + '/srv/leap/webapp/config/provider/provider.json': content => $provider, require => Vcsrepo['/srv/leap/webapp'], owner => leap-webapp, group => leap-webapp, mode => '0644'; + # old provider.json location. this can be removed after everyone upgrades. + '/srv/leap/webapp/public/provider.json': + ensure => absent; + '/srv/leap/webapp/public/ca.crt': ensure => link, require => Vcsrepo['/srv/leap/webapp'], diff --git a/puppet/modules/site_webapp/templates/config.yml.erb b/puppet/modules/site_webapp/templates/config.yml.erb index 6b45abc2..98f8564e 100644 --- a/puppet/modules/site_webapp/templates/config.yml.erb +++ b/puppet/modules/site_webapp/templates/config.yml.erb @@ -14,3 +14,4 @@ production: allow_anonymous_certs: <%= @webapp['allow_anonymous_certs'].inspect %> limited_cert_prefix: "<%= cert_options['limited_prefix'] %>" unlimited_cert_prefix: "<%= cert_options['unlimited_prefix'] %>" + minimum_client_version: "<%= @webapp['client_version']['min'] %>" |