Age | Commit message (Collapse) | Author |
|
|
|
that queries can be made from clients on the vpn
|
|
|
|
to do tor lookups over DNS on servers, if tor services are defined.
To do this, we remove the bind9 configurations from site_config::resolvconf.pp
and replace it with site_config::caching_resolver with a basic unbound
configuration that can be used everywhere. The unbound configuration enables a
/etc/unbound/conf.d directory for additional config snippits that can be dropped
in from other places. This will be used for setting up different interfaces in
the vpn gateway, for example.
There will be a set of transition package/file absent blocks to clean up
providers.
|
|
|
|
the openvpn gateway (see #1172)
|
|
c2d57624c15dfaff038f9991f04ade46b5ad1d40:
|
|
|
|
|
|
|
|
develop branch is no longer used in webapp dev and will be removed.
|
|
for hosting two TLS domains on one IP).
|
|
|
|
|
|
|
|
|
|
Conflicts:
puppet/modules/site_apt/manifests/init.pp
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
from the shorewall-rules manpage:
"If no Section Headers appear in the file then all rules are assumed to be in the NEW section."
|
|
|
|
|
|
|
|
|
|
/etc/hosts files are changed (otherwise it runs on every run)
|
|
site_config::hosts to be in the initial run stage to make sure the hostname is
set before anything else.
|
|
|
|
|
|
template
also set the hostname to what the hiera 'name' is set to
|
|
|
|
This will replace the existing /etc/hosts, so we will want to make this more smart later
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
building /etc/hosts. also, now ssh.known_hosts only includes what is necessary.
|
|
|
|
|
|
|