summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-08-19automatically regenerate certs if the ca changeselijah
2015-08-19allow ca_cert_uri to be configuredelijah
2015-08-19fix vagrant key pathelijah
2015-08-19mv commands and macros to lib/leap_clielijah
2015-08-07move 'enabled service' calculation to a macro.elijah
2015-08-07set platform version 0.8, pin to leap_cli 1.8elijah
2015-08-03allow_registration should always be false if enrollment_policy is 'closed'elijah
2015-08-03webapp: add support for customizing localeselijah
2015-07-28Support RBL blocking of incoming mail (#5923)Micah Anderson
Set zen.spamhaus as the default rbl Change-Id: Ic3537d645c80ba42267bab370a1cf77730382158
2015-07-23update CHANGES.md for the latest set of information0.7.1Micah Anderson
Change-Id: I06e29515a28af8688d839fffa01a3dfe7fc8a2fc
2015-07-21Merge remote-tracking branch 'kwadrolab/static-amber-7231' into developMicah Anderson
Conflicts: puppet/modules/site_static/manifests/init.pp Change-Id: I090b1cb3cbe3c4d01a2c640ae3a370b17e722e12
2015-07-21Increase tapicero heatbeat nagios checks (#7275)Micah Anderson
Increase warning/critical thresholds for time between tapicero heartbeat checks so it will emit less false positives Change-Id: I0f97373d88658b7f17b2c4e8c1963198dc3f66ed
2015-07-21Fix leap-mx logrotation to work with twistd (#7058)Micah Anderson
We don't want to try and create the log file, twistd will do that. Don’t rename the log file from mx.log to mx.log.0, instead just copy it to mx.log.1, and then clear out mx.log so it’s empty (this is needed because leap-mx might assume that its file descriptor is still valid and continue trying to write to it, without this, leap-mx might lose data because it’ll assume the original log file is still around and continue to write to it, even though it’s gone)It’s a little dangerous because it’s possible that you might lose some logged data between the time that logrotate copies the new log file and truncates the old file (Caveat administrator). Finally, we don't want logrotate to complain if it finds mx.log, its ok if its there. Change-Id: I9952627f4d47e7a89a2915f6b72d82f9e6ca0d8b
2015-07-21minor lintingMicah Anderson
fix double quotes and indentation Change-Id: I79c28159d17e6256db3094f413d61dcdc9520dc6
2015-07-14bump amber version, taking care of puppet ordering with require.kwadronaut
2015-07-14Merge remote-tracking branch 'yuvipanda/vagrant-fixes' into developvarac
Conflicts: Vagrantfile Change-Id: I0500e0deb7697ff39a7856878c5e6e867c633469
2015-07-14vagrant: Fix variable shadowing in VagrantfileYuviPanda
I'm unsure if the two levels of config are actually required, but making the most minimal changes possible atm.
2015-07-14vagrant: Increase Memory to 1GBYuviPanda
leap_cli running puppet fails from lack of memory with the default amount of RAM
2015-07-12Add emacs/vim modelines to VagrantfileYuviPanda
Makes most editors recognize Vagrantfile as a ruby file and do appropriate syntax highlighting
2015-07-09Merge branch 'develop' of ssh://leap.se/leap_platform into developelijah
2015-07-09use latest amber for static nodes.elijah
2015-07-07Clean up left-over files from old way of leap-mx logging, this shouldMicah Anderson
stop the logrotate cron errors from happening. (#7058) Change-Id: Iceaeb8c17600fc23d2b1ca075546f8573c145760
2015-07-07check_mk should not falsely report multiple instances running (#6866)varac
Change-Id: Ie7943c9a541c3cd2feac7686ed1092aadc5a7c7a
2015-07-07Ignore openvpn logwatch warnings (#6867)varac
These are warnings that might have different origins, each of them we don't want to alarm the admin: - A bitmask client bug (user will poke the client devs if things break, and they will go after it) - A simple network failure, packets might get cut of - Malicious user tries to temper with TLS handshakes - this gets more interesting, but still (like ssh bruteforce attacs) an admin would not want to get annoyed by this by default, but they still have the option to use log analysers of their choice if they want to investigate this. Change-Id: I23ca3b700e41f22f34ad3346ed4e647b86000bb2
2015-07-07moved removal of leap_couch_stats.sh TMPFILE to end of script (#7217)varac
Change-Id: If844b95c44e697f480df8ee2ae6607709b9942f7
2015-07-07remove leap_couch_stats.sh TMPFILE so /tmp/ won't fill with tmp files (#7217)varac
Change-Id: I7b778e1e1af2784bd79840f20453ca8718927e25
2015-07-06Don't monitor disabled nodes (#7235)varac
Change-Id: I51ce8a9e8773d267c270a1725a497f9a43f2e9ff Sidenote: $nagios_hosts was never used
2015-07-05zlib1g-dev needed for amber gem fixes #7231kwadronaut
2015-07-02use hashicorp atlas for Vagrantbox downloadvarac
Change-Id: Ie7263c9442eb9bf8572d301f88bd38dbcce16846
2015-07-01Don't remove acpid and acpi-support-base packagesvarac
Those packages are needed by libvirt to reboot/shutdown a VM by the virsh command. Change-Id: I3eb7b113d11e3034f41d09d51c203b93275ae3c9
2015-06-30more verbose stunnel test errorselijah
2015-06-30pin leap_web to 0.7.1elijah
2015-06-29added 'root' to the list of platform-reserved usernames.elijah
2015-06-29updated submodule couchdb to remove debugging leftover notice()varac
Change-Id: I9c901a21c2ae3cd0164ca9bd3b4aab63d6a239c7
2015-06-24remove static site circular dependency (closes #7145)elijah
2015-06-23cleanup no longer used unbound conf.d pieces (#7187)Micah Anderson
Change-Id: Ie0b1f22c49462bd5c4ee3290f100e5d3e14ccb03
2015-06-23update unbound module to change hasstatus parameter to true (#6885)Micah Anderson
Change-Id: I532263ffe6679ff6c2249926086098dc8b4877f5
2015-06-23Remove old clean-up, this is no longer necessaryMicah Anderson
Change-Id: I4e8fe3355a2d55193ebf745de1f932a6dcd6121c
2015-06-22Merge branch '6067_plain_couchdb' into developvarac
2015-06-22Merge branch 'use_pbkdf2_for_newer_couchdb_versions' into developvarac
2015-06-21Support plain couchdb (#6067)varac
The bigcouch specific class ordering from site_couchdb::create_dbs needed to move to site_couchdb::bigcouch, otherwise a plain couchdb setup would try to include bigcouch classes and fail. Change-Id: I06742d4a12c5b40c9c9faa90441734e6926d422d
2015-06-21linted create_dbs.ppvarac
Change-Id: I9e46286c402adc06f3f815f8a1eea11fe82c7c39
2015-06-17Merge pull request #72 from cschmittiey/patch-1micah
add tags:production to single node email tutorial
2015-06-17added support for `leap compile provider.json` (platform version now 0.7.1)elijah
2015-06-17bugfix: site_static module was not including ssl_common.incelijah
2015-06-16add tags:production to single node email tutorialCaleb Smith
2015-06-11use couch.pwhash_alg hiera variable for hashing couchdb admin pwvarac
use this to run a single, plain couchdb node, using couchdb 1.6 from the leap repo: "couch": { "master": true, "pwhash_alg": "pbkdf2" } Change-Id: Ie4f34c2c5cb9feca7a10450bcf0bc260c8aa9d33
2015-06-11updated submodule couchdbvarac
Change-Id: Id5bc16d8466c3407e9f7c4015c1e3a96129daf0a
2015-06-11updated submodule couchdb (Couchdb >=1.3 uses pbkdf2 as pw hashing ↵varac
algorhythm, #7120) Change-Id: I97560f4134a700579d1523ddd8ba173bfb1f0659
2015-06-11Merge tag '0.7.0' into developMicah Anderson
Releasing 0.7.0