Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-10-13 | Make syslog stop logging the icmpv6_send: no reply to icmp error | Micah | |
messages, these are spamming provider's logs and will continue to do so until we have ipv6 working for the VPN (#6540) Change-Id: I80673bb64d8239e478bc042794929640f7a7cc39 | |||
2015-10-13 | Merge branch 'bug/7527' into develop | Micah | |
2015-10-13 | Update resource_file to not include /private/ as this is not used | Micah | |
anymore by the nagios module, and our config template has drifted. Fixes: #7527 Change-Id: I56c3492056fcb95c499cf78b893249adcf0ae67f | |||
2015-10-13 | Merge branch '7514_remove_tapicero_couchdb_user' into 'develop' | Micah | |
7514 remove tapicero couchdb user - Resolves: #7514 this depends on this couchdb m.r.: https://gitlab.com/leap/couchdb/merge_requests/2 See merge request !78 | |||
2015-10-13 | add clamav filtering, with sanesecurity signature updating and provider ↵ | Micah | |
whitelisting (#3625) Change-Id: I15985ca00ee95bc62855f098a78e364ebbc32616 | |||
2015-10-12 | [feat] Remove tapicero couchdb user | varac | |
- Resolves: #7514 | |||
2015-10-08 | Update submodule couchdb | varac | |
2015-10-07 | added `leap db destroy --username USER` command. | elijah | |
2015-10-07 | [bug] Fix missing dependency (tapicero leftovers) | varac | |
We need to remove local check-mk-agent checks on the tapicero nodes, and want to notify the monitoring server to re-inventarize the local checks. This doesn't work when both services run on different hosts, it will fail with: Could not find dependent Exec[check_mk-refresh] for Tidy[checkmk_logwatch_spool] So i remove the notifies, because we will re-inventarize of local checks by a daily cronjob anyway, see #6873. ... - Resolves: #XYZ - Related: #XYZ - Documentation: #XYZ - Releases: XYZ | |||
2015-10-07 | [bug] Fix removal of webapp apache config file | varac | |
Done by including a service-dependend site_config::remove::webapp class. | |||
2015-10-07 | Merge branch 'develop' of gitlab.com:leap/platform into develop | varac | |
2015-10-06 | [feat] Remove tapicero from more places | varac | |
Remove from: - platform white-box tests (couchdb user ACLs, tapicero daemon test) - provider_base/ dir that handles the compilation of the hiera config file - Resolves: #7501 | |||
2015-10-06 | [feat] remove tapicero leftovers | varac | |
Soledad now creates user-dbs, which has been done by tapicero in the past. we need to remove any leftovers from tapicero. | |||
2015-10-05 | Merge branch 'bugfix/virtualaliases' into develop | elijah | |
2015-10-05 | Merge branch 'feature/firewall' into develop | elijah | |
2015-10-05 | Merge branch 'soledad_userdb_creation' into develop | varac | |
2015-10-05 | [feat] Create-user-db: use couchdb admin rights | varac | |
- create soledad-admin user - deploy netrc file for userdb creation - Move soledad-server.conf from /etc/leap to /etc/soledad - make soledad-server.conf group-accessible for the soledad group, so the soledad-admin user can read it - Resolves: #7502 | |||
2015-10-01 | Merge remote-tracking branch 'alster-hamburgers/invite_codes' into develop | varac | |
2015-09-30 | fix missing service dependency error | Micah | |
this tidy should only happen on webapp nodes Change-Id: I56faac4fa28fde9dcad7ce9a6ed0d684630a556e | |||
2015-09-30 | Fix server-status availability to tor hidden services (#7456) | Micah Anderson | |
Make the server-status information unavailable by putting the vhost on a port that isn't configured as available to the tor hidden-service. Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb | |||
2015-09-30 | Merge remote-tracking branch 'gitlab/develop' into develop | Micah | |
2015-09-30 | Fix server-status availability to tor hidden services (#7456) | Micah Anderson | |
Make the server-status information unavailable by putting the vhost on a port that isn't configured as available to the tor hidden-service. Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb | |||
2015-09-30 | Merge branch 'bug/server-status_7456' into 'develop' | varac | |
Fix server-status availability to tor hidden services (#7456) Make the server-status information unavailable by putting the vhost on a port that isn't configured as available to the tor hidden-service. Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb See merge request !73 | |||
2015-09-30 | Merge branch 'develop' into 'develop' | varac | |
fix missing service dependency error this tidy should only happen on webapp nodes Change-Id: I56faac4fa28fde9dcad7ce9a6ed0d684630a556e See merge request !77 | |||
2015-09-28 | Create invite code db and design docs | ankonym | |
2015-09-28 | Merge pull request #82 from Alster-Hamburgers/invite_codes | varac | |
Modify config.yml.erb to include the invite code option | |||
2015-09-28 | Modify config.yml.erb to include the invite code option | ankonym | |
2015-09-28 | [feat] Vagrant: forward leap_web ports 443 ad 80 | varac | |
2015-09-24 | add spf to compile zone, closes #5925 | elijah | |
2015-09-24 | do not remove /var/log/leap/mx.log.*, this is where leap_mx is logging. | elijah | |
2015-09-24 | allow certain aliases, like 'abuse', to be publicly forwardable. | elijah | |
2015-09-24 | added firewall information to nodes (needed for `leap compile firewall`) | elijah | |
2015-09-24 | fix missing service dependency error | Micah | |
this tidy should only happen on webapp nodes Change-Id: I56faac4fa28fde9dcad7ce9a6ed0d684630a556e | |||
2015-09-24 | Remove no longer used vhost for leap_webapp (#7475) | Micah | |
The configuration /etc/apache/sites-enabled/leap_webapp.conf was never removed after 6255e58bf9ff3489bf2707bc2be9759ec5c7db68 made it obsolete, and because it exists on older systems, it is being used instead of the correct common.conf. This removes it and reloads apache. Change-Id: Ic4c9901f4bba869ecb3dfe5362dfd1971570f89a | |||
2015-09-20 | automatic update of submodule apt | kwadronaut | |
2015-09-15 | fix vagrant ssh private key path | elijah | |
2015-09-15 | Fix server-status availability to tor hidden services (#7456) | Micah Anderson | |
Make the server-status information unavailable by putting the vhost on a port that isn't configured as available to the tor hidden-service. Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb | |||
2015-09-15 | Merge branch 'feature/rewrite_openpgp_header_7413' into develop | Micah Anderson | |
Change-Id: I42a1ef661dc55fb8110e82e930f67679c3dff1f8 | |||
2015-09-15 | make couchdb.admin.yml only readable by root, make non-admin cron run as ↵ | elijah | |
webapp user. | |||
2015-09-15 | service definition .json files should not refer to properties inherited from ↵ | elijah | |
common.json. closes #7423 | |||
2015-09-15 | minor linting | Micah Anderson | |
Change-Id: If92faee5f877301bf23564d5b6e71c4b1263de54 | |||
2015-09-15 | fix incorrect name for vagrant ssh public key file | elijah | |
2015-09-14 | Added help/warning if running tunnel command without TCP forwarding enabled. | elijah | |
2015-09-14 | Merge remote-tracking branch 'micah/hiera_defaults_7443' into develop | varac | |
2015-09-11 | Merge branch 'bugfix/mxaliases' into develop | elijah | |
2015-09-11 | switch aliases to use virtual_alias_maps | elijah | |
2015-09-11 | Merge remote-tracking branch 'elijah/feature/sshconfig' into develop | Micah Anderson | |
2015-09-10 | sshd: let nodes change default AllowTcpForwarding | elijah | |
2015-09-10 | fix various problems with webapp config generation | elijah | |
2015-09-10 | Make sure hiera values have valid defaults if they are not specified (#7443) | Micah Anderson | |
Change-Id: Ib701886ad26c5e39ccd669fadca81404b5c0426a |