summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-02-25couchdb module uses pbkdf2 as default pwhash algor. nowvarac
2016-02-25remove couchdb_pwhash_alg leftovervarac
2016-02-25remove wheezy supportvarac
2016-02-25no build-essential packages needed for building leap_clivarac
2016-02-24Merge branch 'develop' of ssh://leap.se/leap_platform into developelijah
2016-02-24[bug] Adopt ncli aliases to new version of iclivarac
- Resolves: #7887
2016-02-24fix logging error in puppet_commandelijah
2016-02-24fix time comparison bug in network testelijah
2016-02-24check server cert expiry in tests, closes #7910elijah
2016-02-24fixed dkim zone entry, closes #7925elijah
2016-02-24Set couch.mode:plain until this will be the defaultvarac
2016-02-24[feat] Don't set couch.master anymore, defaults to plain couchdbvarac
2016-02-24Use site_couchdb::plain even when couch.master is set top "master"varac
2016-02-24ensure remote_file_path macro works when file is not present (resolves #7926)elijah
2016-02-24Update module stunnelvarac
2016-02-23Update opendkim platform pieces to match leap-cli.Micah
Change-Id: I9c8f9c9c3ee7cd89f013cbb08397377522ed5a4a
2016-02-23We are rotating the mx logs 5 times, but we originally thought we shouldMicah
only have the following logfiles in that directory ever: mx.log, mx.log.[1-5], with an optional .gz suffix. However, we were wrong about the 'optional' part of the compression, we use the 'compress' option, so the logs will always be compressed. So there should never be the log files mx.log.1, mx.log.2, etc. This change adjusts the clean-up to deal with that. (#7058) https://github.com/leapcode/leap_platform/pull/97 Change-Id: I109d08ac063fe094c54e93be91893a67d7fbb51b
2016-02-23use pbkdf2 pwhash for plain couch.elijah
2016-02-23allow legacy plain couchdb nodes to stay couchdb nodes, although issue a ↵elijah
warning.
2016-02-23added templates for `leap node add`, so that new nodes can get default ↵elijah
values set in their initial .json file.
2016-02-23default to plain couchdb, unless otherwise specified.elijah
# Conflicts: # puppet/modules/site_couchdb/manifests/plain.pp
2016-02-23get dkim working, closes #5924elijah
2016-02-23Update submodule vcsrepovarac
2016-02-23[feat] 'leap history --last' shows only last entryvarac
2016-02-23Add hiera.yaml so vagrant provision doesn't complain about it missingvarac
Warning: Config file /etc/puppet/hiera.yaml not found, using Hiera defaults
2016-02-23Remove wheezy vagrant boxvarac
2016-02-23Update submodule postfixvarac
2016-02-16remove pinning of openvpn package to backportselijah
2016-02-16list the expiry time when warning about expiring certselijah
2016-02-16require jessie and created note_init script for node initializationelijah
2016-02-12update postfix submodule for postscreen (Resolves: 2303)0.8.0rc1kwadronaut
2016-02-12add postscreen greeter (Resolves: 2303)kwadronaut
Conflicts: puppet/modules/site_postfix/manifests/mx.pp
2016-02-11started 0.8 CHANGES file.elijah
2016-02-11Allow ecdsa hostkeys (#7642) until we can safely transition providers toMicah
better key algorithm choices. Change-Id: I6b9ec83dbfbf15d1b65e14145bf625db6517f6b7
2016-02-11Disable journald in order to resolve IP logging subversion (#7863)Micah
Change-Id: I9cee85c19d86dc7c8d70c4cdeb2e7426191b57a5
2016-02-11Due to the smtps transport specifying a header_check, the received_anonMicah
replacement wasn't being done. (#7890) This moves that replacement into its own class, clears the old value and sets it properly in the smtps transport. Change-Id: I27c02730597df4943761d8bcb61014aeded9dc75
2016-02-10resolves #7646: leap_cli should fail when soledad and couchdb service are ↵elijah
seperated
2016-02-10add postscreen greeter (Resolves: 2303)kwadronaut
2016-02-09ensure that expired certs are updated *before* hiera compile.elijah
2016-02-04fix postfix Received anonymizing header regexp to properly match ClientMicah
CN entries (#7867) Change-Id: Ie33277a62e90f9dc0602bb963dbb96a61cebed1d
2016-02-03Exec overrides need to be referred by their namevarac
not with their alias. Resolves https://github.com/pixelated/puppet-pixelated/issues/8
2016-02-02Merge branch 'bugfix/mxlog' into developelijah
2016-02-02[bug] Add smtpd_relay_restrictions to postfix confvarac
smtpd_relay_restrictions was added in postfix 2.10 (jessie has 2.11 atm). Without this, outbound mails are rejected to be relayed. from http://www.postfix.org/SMTPD_ACCESS_README.html: NOTE: Postfix versions before 2.10 did not have smtpd_relay_restrictions. They combined the mail relay and spam blocking policies, under smtpd_recipient_restrictions. This could lead to unexpected results. For example, a permissive spam blocking policy could unexpectedly result in a permissive mail relay policy. An example of this is documented under "Dangerous use of smtpd_recipient_restrictions". smtpd_relay_restrictions defaults to 'permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination' and is configured here to check for a valid client cert. see http://www.postfix.org/postconf.5.html#smtpd_relay_restrictions - Resolves: #7856
2016-02-02Merge branch 'develop' of code.leap.se:/leap_platform into developkwadronaut
2016-02-02[bug] Fix bigcouch spoolfile removalvarac
- Resolves: #7641
2016-02-02[refactor] Dont duplicate Package resource overridevarac
`site_apt` aready ensures for installing packages after Exec[update_apt] is run, so we don't need to duplicate this in `site_config::default.pp`.
2016-02-02[refactor] Use Exec[apt_updated] instead of Exec[refresh_apt]varac
Because this is the recommended way of depnending in the apt README.
2016-02-02[bug] Fix duplicate definition error for Class[Apt]varac
We need to include class `site_config::default` in class `site_config::slow` so we don't get this duplicate definition: - [local1.bitmask.local] Error: Duplicate declaration: Class[Apt] is already declared; cannot redeclare at /srv/leap/puppet/modules/site_apt/manifests/init.pp:29 on node local1.bitmask.local To be honest, i didn't figuered out the real cause of this, but it works with this.
2016-02-02[refactor] Remove atomic apt package dependecyvarac
`site_config::default.pp` takes care the all packages are installed before `Exec['refresh_apt']`, so we don't need to add it here for a single package.
2016-02-02[refactor] Don't declare dependencies for apt resourcesvarac
The apt module now takes care of all the dependencies removed from `site_apt`. Also, the dependency to install the `lsb` package after `refresh_apt` is unnesseccary because lsb facts won't work anyway on the first run if `lsb` is not installed before, so we can safely remove it.