Age | Commit message (Collapse) | Author |
|
This change will make sure that the user/group for leap-mx exist, and it
changes the mail location from /var/mail/vmail to the more helpful name
/var/mail/leap-mx.
This change requires:
https://github.com/leapcode/leap_mx/pull/78
and it would replace merge request:
https://github.com/leapcode/leap_mx/pull/65
and fix https://leap.se/code/issues/6936 and
https://leap.se/code/issues/7635
Change-Id: Idbe678dc999e394232c2eeef2b2018d39ab7cc3b
|
|
When mail comes in to the system, a lookup is done to see if it is a
valid leap user, if it is, leap_mx now returns something of the form:
uuid@deliver.local (see #5959). The virtual_mailbox_domains lists
deliver.local, so postfix choses to deliver to
virtual_mailbox_base (/var/mail/vmail) which has been hardcoded to the
'vmail' maildir and user.
We want leap related mail and leap aliases to go through the virtual
alias system, all the hard-coded universal aliases we want to go through
the local system and we dont want these separate. Known domains that are
considered 'virtual' will be forwarded or delivered to the vmail user,
the rest rejected as unknown recipient, instead of being handed off to
leap-mx.
Previously, the way this was done is we leaned (too heavily) on the
'luser_relay' postfix configuration which sent anything that wasn't
locally configured right to the leap_mx spool. That meant everything
went there, including addresses that didn't exist, and leap-mx would
then have to process those and bounce them. This removes the
'luser_relay' option, so any address that doesn't resolve properly to
either a local address/alias, or a leap address or alias (through
tcp lookups on 2424 and 4242) will get bounced as an unknown user.
Change-Id: I3c22e9383861b3794dd9adfd7aa6a0cf0a773a18
|
|
Webapp test: don't check in database if user was deleted.
|
|
we already check if the webapp returned success
when it deleted the user. If the webapp had failed
it would not have returned success.
leap_web has tests that prove this.
This fixes https://leap.se/code/issues/7625
|
|
Change-Id: I751985c0537d430b568a670a2f70d1906b0f0f35
|
|
This reverts commit 58c4e6878561dc9772070e3ca9b666b9e1abdc7a.
The test was fine. The assert_tmp_user was testing the
database without using credentials. will be fixed in next
commit
|
|
|
|
|
|
|
|
|
|
Change-Id: I77fa50990b5ae60074c54738e8c19929b486d1d0
|
|
Change-Id: I77fa50990b5ae60074c54738e8c19929b486d1d0
|
|
Change-Id: Iea1242b3c27d92cef7b217006211e57631fd7e62
|
|
This reverts commit 02b1b484ad9a5d065ceac72b8263b7bcc112c923.
Now that we have a proper couchdb jessie package we don't need to
install it from Debian unstable.
|
|
|
|
|
|
- Related: #7615
|
|
- resolves #7614
|
|
|
|
|
|
|
|
|
|
|
|
|
|
In order to switch to syslog for leap_mx, leap_mx needs to change to log
to syslog (#6307 and #6937), and we need to clean up the platform pieces
that set the non-syslog options, and rotated log
files (#6942). Hopefully, this will solve the leap_mx logrotation issue
at the same time (#7058)
Change-Id: If68f808a65c24c91231b88d15759809c9e379294
|
|
were logged before
Change-Id: Ief95f35ea52a189075c2eda28c00bcc567c464b2
|
|
Configure the apt class together with "use_next_release => true", so
pnp4nagios* packages can get installed from strech.
No other package will be upgraded as the apt module pins stretch very
low, so that only packages are installed if there are no other sources
available.
- Resolves: #7604
|
|
|
|
[bug] do not fail if no requests dep present
|
|
client_side_db helper has some extra functions that can be useful in the
future for further tests, but right now it shouldn't depend on requests,
since it already get all the relevant soledad info passed as arguments.
for the same reason, it doesn't need to depend on srp, since we pass the
token.
|
|
- Tested: [unstable.bitmask.net]
|
|
|
|
- #7591 Net::SSH::Exception: could not settle on kex algorithm
We need to disable the ssh hardened mode, because it will not work
together with the net-ssh gem leap_cli is pinned to.
All other options that would be included by this parameter are
included by '$::sshd::tail_additional_options'.
|
|
Puppet 3 shows now deprecation warnings if the "@" is missing.
see https://docs.puppetlabs.com/puppet/latest/reference/lang_template_erb.html#non-printing-tags#[bug|feat|docs|style|refactor|test|pkg|i18n]
|
|
- sshd
- haproxy
- unbound
|
|
- Resolves: #7574
|
|
Using $::apache_version won't work because the facts are
evaluated before compiling the catalog and with this, before
the installation of apache. so on an install from scratch, this
fact won't contain anything.
|
|
New soledad test
|
|
- Related: #6920
|
|
- Resolves: #7574
|
|
- Resolves: #7580
|
|
- Resolves: #7578
|
|
- Related: #6920
|
|
from https://docs.puppetlabs.com/puppet/latest/reference/lang_template_erb.html#calling-puppet-functions-from-templates:
"The arguments of the function must be provided as an array, even if
there is only one argument."
This is a hard requirement in puppet 3 now.
- Related: #6920
|
|
because ruby-1.9.3 is not available on jessie.
- Related: #6920
|
|
- Related: #6920
|
|
|
|
These packages are a dependency of build-essential and will
get installed anyway.
- Related: #6920
|
|
- Related: #6920
|
|
- Related: #6920
|