Age | Commit message (Collapse) | Author |
|
`site_apt` aready ensures for installing packages after Exec[update_apt]
is run, so we don't need to duplicate this in `site_config::default.pp`.
|
|
Because this is the recommended way of depnending in the apt README.
|
|
We need to include class `site_config::default` in class
`site_config::slow` so we don't get this duplicate definition:
- [local1.bitmask.local] Error: Duplicate declaration: Class[Apt] is
already declared; cannot redeclare at
/srv/leap/puppet/modules/site_apt/manifests/init.pp:29 on node
local1.bitmask.local
To be honest, i didn't figuered out the real cause of this, but it works
with this.
|
|
`site_config::default.pp` takes care the all packages are
installed before `Exec['refresh_apt']`, so we don't need to
add it here for a single package.
|
|
The apt module now takes care of all the dependencies removed
from `site_apt`.
Also, the dependency to install the `lsb` package after
`refresh_apt` is unnesseccary because lsb facts won't work
anyway on the first run if `lsb` is not installed before, so
we can safely remove it.
|
|
|
|
This worked before, but somehow stopped working.
We need to include 'site_config::slow' top-level scope instead
of including it in 'site_config::default', because otherwise it
would get tagged with 'leap_base', and would be included always.
This way 'site_config::slow' gets included by default, but can be
excluded by using 'leap deploy --fast'.
See https://leap.se/en/docs/platform/details/under-the-hood#tags
- Resolves: #7844
|
|
The problem was that puppet tried to remove them on the couch node,
but they need to get removed on monitor node.
- Resolves: #7641
|
|
- Resolves: #7853
|
|
- Related: #7853
|
|
- Resolves: #7418
|
|
|
|
using older leap_cli.
|
|
|
|
- Resolves: #7823
|
|
- Resolves: #7842
|
|
- Resolves: #7629
|
|
We now include "site_config::remove::bigcouch" in class
"site_couchdb::master", which sets up plain couchdb.
|
|
Ruby itself is a parameterized class, and parameters cannot get
overridden (see https://projects.puppetlabs.com/issues/9259).
The webapp node didn't install the ruby-dev package (we never
noticed because our vagrant images as probably other debian images
had ruby-dev preinstalled).
We now use the ruby::devel class to install ruby-dev.
- Tested: [citest-jessie]
- Resolves: #7838
|
|
I merged immerda's changes to the `rubygems` module, which
remove the installation of the `rubygems` package from jessie
on, because it's a dependency of the `ruby2.1` package, which is
a dep of puppet, and therefore installed on every node.
- Tested: [local singlenode]
- Resolves: #7619
|
|
|
|
otherwise, machines will be out-of-mememory on deploy
|
|
Vagrant uses portmap and nfs-common for mounting shared folders using
nfs.
|
|
In certain node setups, the webapp gems cannot get built
because `build-essential` and dependent packages were not
present.
I refactored the `site_config::packages::build_essential` class,
which now inherits `site_config::packages`. The latter class removes
all unneccessary (development) packages, but when the
`site_config::packages::build_essential` class is included, some
dev packages are overridden to be installed.
- Tested: [local]
- Resolves: #7834
|
|
|
|
After restructuring site.pp to only include site_config::default and
the service-specific classes, we got this:
Duplicate declaration: X509::Cert[undef] is already declared in file
/srv/leap/puppet/modules/site_config/manifests/x509/commercial/cert.pp
at line 8; cannot redeclare at
/srv/leap/puppet/modules/site_config/manifests/x509/cert.pp:8 on node
rewcitestweb1.rewire.org
So i included site_config::params in all site_config::x509 clases.
Change-Id: Ib8387abfdc68b36c73a45fd2dd1f3a159eaec4a5
|
|
service (Bug #6851)
Also, moved global Exec{} defaults to site.pp
Change-Id: I9ae91b77afde944d2f1312613b9d9030e32239dd
|
|
ensuring the satellite hosts are setup properly (#7611)
Change-Id: I9dce57c305a6fd6a39596a941174fe1879af5e4f
|
|
forward port to pixelated
|
|
pixelated needs to be accessible when running inside vagrant
problem is, that we can't add the forwarding anywhere else because
vagrant always overwrites virtualbox settings.
|
|
leap redirects port 80 to an invalid url
|
|
on vagrant, we use example.org as domain and all
requests to http are redirected to https://example.org
thats why this does not work on vagrant. we connect to
localhost:8080 and get redirected to https://example.org
thats why we do not need this port forwarded
|
|
|
|
failed to parse template tor/torrc.exit_policy.erb, undefined method
`each' for "*:*":String
Change-Id: I2b7b444187376dbc2f3cc5095391ae54bf8321b3
|
|
|
|
|
|
This will output node debug information by calling the
bin/debug.sh script.
|
|
fall-back to an OpenNIC resolver that does not log (#7781)
Change-Id: I290321927c8188c82e95e2cd4b93cd01bd2258c2
|
|
|
|
without getting blocked by the rbl (#7819)
Change-Id: Ib7a00f810b6c49528e5f99a1d83296553a81e65e
|
|
Change-Id: Iedd464a397e9944159991241cd84caad6a2a40d6
|
|
otherwise, machines will be out-of-mememory on deploy
|
|
- Tested: [unstable.bitmask.net]
- Resolves: #7798
|
|
- Resolves: #7802
|
|
|
|
|
|
Run git as user, not root
|
|
|
|
Under jessie, leap-mx is started by systemd now, not as a forked
proc by twistd anymore. Therefore leap-mx (the user the mx proc runs
as) needs direct access to it's config file under /etc/leap/mx.conf.
Before, twistd would start as root, read the config and then fork an mx
proc as unprivileged leap-mx user.
- Tested: [quetzal]
- Resolves: #7782
|
|
|