summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-11-22Merge branch 'develop'Micah Anderson
Switching to using 'master' for development, the 'develop' branch will no longer receive commits, so we are merging what is in 'develop' into master.
2016-11-10Use webapp 0.9developvarac
2016-11-09Don't do strict checking for nickservervarac
Sometimes nickserver is listed with `ruby /usr/bin/nickserver start` in the process table, sometimes with `/usr/bin/ruby /usr/bin/nickserver start`. We should do proper checking with `systemctl status nickserver` to make sure the service is up though (https://leap.se/code/issues/8579). Meanwhile it's ok to not do strict checking.
2016-11-08New nickserver is using fully qualified ruby path nowvarac
2016-11-08Additional entries/updatesMicah Anderson
2016-11-04Merge branch 'develop'Micah Anderson
2016-11-04Additional entries/updates0.9.0Micah Anderson
2016-11-03refresh docs using ↵Micah Anderson
https://0xacab.org/leap/leap_se/blob/master/docs/README.md process
2016-11-01bugfix: allow 'leap facts update' to work again.elijah
2016-10-25Change CI build webapp source branch to master.Micah Anderson
The develop branch was removed, and current master is the same as develop was before.
2016-10-24Set X-XSS-Protection HTTP response header to '1'.Micah Anderson
This HTTP response header enables the Cross-site scripting (XSS) filter built into some modern web browsers. This header is usually enabled by default anyway, so the role of this header is to re-enable the filter if it was disabled maliciously, or by accident.
2016-10-24Set X-Content-Type-Options nosniff.Micah Anderson
Setting this header will prevent the browser from interpreting files as something else than declared by the content type in the HTTP headers. This will prevent the browser from MIME-sniffing a response away from the declared content-type. When this is not set, older versions of Internet Explorer and Chrome perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type.
2016-10-20[bug] properly set 'enrollment_policy' in provider.jsonelijah
2016-10-20Merge branch 'twisted_backports' into developvarac
2016-10-20Merge branch 'soledad_ordering' into developvarac
2016-10-20Merge branch 'upgrade/nickserver' into 'develop' Varac
upgrade: nickserver version 0.9.x See merge request !49
2016-10-20upgrade: nickserver version 0.9.xAzul
2016-10-18Setup couch for soledad before starting soledadvarac
When the soledad couch user is not present, soledad-server refuses to start, so we need to ensure that couch is setup correctly before starting soledad-server. see https://leap.se/code/issues/8535
2016-10-18Lint site_couchdb::setupvarac
2016-10-18[feat] Use twisted 16.2 from jessie-backportsvarac
New soledad packages now depend on Twisted 16.2.0 (see https://leap.se/code/issues/8412), so we need to pin twisted to get installed from jessie-backports. - Resolves: #8418
2016-10-18lint site_mx classvarac
2016-10-18Fix Are_daemons_running test for nickservervarac
2016-10-18Use docker for CI testingvarac
2016-10-18Use random vm name when running localvarac
when using gitlab-runner locally, CI_BUILD_ID is always 1 which will conflict with running/terminating AWS instances in subsequent runs therefore we pick a random number in this case
2016-10-18Use caching in setup.shvarac
2016-10-18Include secret variables from gitlab ci settingsvarac
- Assemble cloud.json from aws credential env vars - Deploy ssh private key from env var
2016-10-18Add public sshkey of gitlab-runner for platform buildsvarac
2016-10-18Checkin cloud.json template without credentialsvarac
2016-10-18Add timestamps to build outputvarac
2016-10-18Gitignore some files needed for cibuildsvarac
2016-10-18Use leap vm for ci buildsvarac
2016-10-18Dont track facts.json and users/gitlab-runnervarac
2016-10-18Dont track provider/files/ssh/known_hostsvarac
2016-10-18Lint ci-build.shvarac
2016-10-18Do a dist-upgrade in 'node init'.Micah Anderson
Starting with a recent debian stable point release update, it is possible that the system is in an inconsistent library state. For example, puppet could not be run because the libraries on the system were not the ones that the puppet package was built against. So that means that deploys could not happen until we've dont a dist-upgrade.
2016-10-11Use puppet-catalog-test from git to circumvent deprecation warnvarac
2016-10-11Add instructions for running testsvarac
2016-10-04generate utf8 locale solves #85110.9.0rc1kwadronaut
2016-10-04[bug] fix Tor hidden service key generationelijah
2016-09-15leap vm: grab ssh host key when adding a new vmelijah
2016-09-15leap vm: require 'fog/aws' instead of all of 'fog'elijah
2016-09-14refresh /docs/elijah
2016-09-14updated docselijah
2016-09-14[bugfix] leap vm: make the default instance type 't2.nano'elijah
2016-09-14leap vm: fix typo (closes #8468)elijah
2016-09-13[bugfix] static sites: only enable hidden service by default if one domain ↵elijah
is configured The problem is that we have a single onion address per server, so if more than one domain is configured we need to make sure they don't both try to use the same onion address.
2016-09-08Merge branch 'clamd_dependencies' into developvarac
2016-09-08Merge branch 'ensure_clamav_running' into developvarac
2016-09-08start clamav after definitions are downloadedChristoph Kluenter
freshclam might not be able to start clamav via the socket because the socket might not be there. This systemd unit watches for the definitions and then starts clamav. Resolves: #8431
2016-09-08Merge branch 'check_mk_add_services' into developvarac