Age | Commit message (Collapse) | Author |
|
whitelisting (#3625)
Change-Id: I15985ca00ee95bc62855f098a78e364ebbc32616
|
|
|
|
|
|
We need to remove local check-mk-agent checks on the tapicero
nodes, and want to notify the monitoring server to re-inventarize the
local checks.
This doesn't work when both services run on different hosts, it will
fail with:
Could not find dependent Exec[check_mk-refresh] for Tidy[checkmk_logwatch_spool]
So i remove the notifies, because we will re-inventarize of local checks
by a daily cronjob anyway, see #6873.
...
- Resolves: #XYZ
- Related: #XYZ
- Documentation: #XYZ
- Releases: XYZ
|
|
Done by including a service-dependend site_config::remove::webapp
class.
|
|
|
|
Remove from:
- platform white-box tests (couchdb user ACLs, tapicero daemon test)
- provider_base/ dir that handles the compilation of the hiera config
file
- Resolves: #7501
|
|
Soledad now creates user-dbs, which has been done by tapicero
in the past. we need to remove any leftovers from tapicero.
|
|
|
|
|
|
|
|
- create soledad-admin user
- deploy netrc file for userdb creation
- Move soledad-server.conf from /etc/leap to /etc/soledad
- make soledad-server.conf group-accessible for the soledad group, so
the soledad-admin user can read it
- Resolves: #7502
|
|
|
|
this tidy should only happen on webapp nodes
Change-Id: I56faac4fa28fde9dcad7ce9a6ed0d684630a556e
|
|
Make the server-status information unavailable by putting the vhost on a
port that isn't configured as available to the tor hidden-service.
Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb
|
|
|
|
Make the server-status information unavailable by putting the vhost on a
port that isn't configured as available to the tor hidden-service.
Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb
|
|
Fix server-status availability to tor hidden services (#7456)
Make the server-status information unavailable by putting the vhost on a
port that isn't configured as available to the tor hidden-service.
Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb
See merge request !73
|
|
fix missing service dependency error
this tidy should only happen on webapp nodes
Change-Id: I56faac4fa28fde9dcad7ce9a6ed0d684630a556e
See merge request !77
|
|
|
|
Modify config.yml.erb to include the invite code option
|
|
|
|
|
|
|
|
|
|
|
|
|
|
this tidy should only happen on webapp nodes
Change-Id: I56faac4fa28fde9dcad7ce9a6ed0d684630a556e
|
|
The configuration /etc/apache/sites-enabled/leap_webapp.conf was never
removed after 6255e58bf9ff3489bf2707bc2be9759ec5c7db68 made it obsolete,
and because it exists on older systems, it is being used instead of the
correct common.conf.
This removes it and reloads apache.
Change-Id: Ic4c9901f4bba869ecb3dfe5362dfd1971570f89a
|
|
|
|
|
|
Make the server-status information unavailable by putting the vhost on a
port that isn't configured as available to the tor hidden-service.
Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb
|
|
Change-Id: I42a1ef661dc55fb8110e82e930f67679c3dff1f8
|
|
webapp user.
|
|
common.json. closes #7423
|
|
Change-Id: If92faee5f877301bf23564d5b6e71c4b1263de54
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Change-Id: Ib701886ad26c5e39ccd669fadca81404b5c0426a
|
|
Valid users submitting mail to be delivered should not be blocked by
configured RBLs.
Settings in main.cf are valid and used globally, unless they are
overridden in master.cf for specific Postfix daemons. We have set in
main.cf the smtp_client_restrictions parameter to check for configured
rbls, so we need to override that and empty it in order to allow valid
clients to send mail, even when their IP is listed in an RBL.
Note: most users will typically be connecting via VPN, so their IP would
typically be replaced by the VPN gateway one, but there are cases where
this is still useful.
Change-Id: Ie4171113c78ae2814402a1ed9b5343280cbf79d1
|
|
|
|
Sometimes only trivial things fail that doesn't affect basic
functionallity.
Change-Id: I9d9d1a531a11e6eeee6fd823a51bb02e99771ec2
|
|
version complain when called by root)
we don't need to enable ssh pw auth because we're now using the
vagrant user that has ssh key-based auth configured already.
Change-Id: I5e28e6f5c71724573ff11def5b96142e8eb8b185
|
|
Change-Id: I385f7877d0816456e7c57179511604645a4740bc
|