| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2013-09-20 | move all resources that are applied on every node into site_config::default ↵ | varac | |
| (#3782) in commit 338833, we established a relationship between all resources that have a leap_service tag, that are called in site.pp. But we had some resources as default on every node in site.pp (apt::update, Package { require => Exec['apt_updated'] }, site_config::slow and stdlib), that were still lacking any relationship to the leap_service tag. By moving them into default.pp they automatically are executed before resources with a leap_service tag. | |||
| 2013-09-19 | Merge branch 'develop' of ssh://code.leap.se/leap_platform into develop | varac | |
| 2013-09-19 | Merge branch 'feature/3832_Unify_x509_certs,_keys_and_ca' into develop | varac | |
| 2013-09-18 | Setup a class dependency for every tag 'leap_service' to make sure that ↵ | Micah Anderson | |
| shorewall is setup before the service is setup. This is necessary due to the strict initial firewall that stops various service setup operations from happening, but is relaxed once shorewall is setup properly (#3782) Change-Id: Ia9640c4118aa0053cdb99e7bc11860fed5527501 | |||
| 2013-09-18 | use x509 for postfix ca and fix names for cert+key (Feature #3833) | varac | |
| 2013-09-18 | deploy client_ca (#3833) | varac | |
| 2013-09-18 | Include content of client_ca.crt and client_ca.key in hiera (Feature #3874) | varac | |
| 2013-09-18 | openvpn should use /usr/local/share/ca-certificates/leap_ca.crt (Feature #3831) | varac | |
| 2013-09-18 | include shorewall::interface{eth0} in setup.pp so packages can be installed ↵ | varac | |
| during main puppetrun, even before shorewall is configured completly | |||
| 2013-09-17 | fix stunnel module so that code was not removed accidentally | Micah Anderson | |
| Change-Id: Ia236eb5b7609d9f96970230fce4d0051d832e3cb | |||
| 2013-09-17 | Merge branch 'feature/2399_shorewall_on_vagrant_fails' into develop | varac | |
| 2013-09-17 | shorewall: #2399 blocks uplink (Bug #2866) | varac | |
| 2013-09-17 | site_config::params::interface should contain eth1 for vagrant cause it's ↵ | varac | |
| the main interface we use (#2399, #2401) | |||
| 2013-09-17 | update stunnel submodule commit id to correct one for new repository | Micah Anderson | |
| Change-Id: I33292b9eb2a5553ac296857c99fdaf350ed52542 | |||
| 2013-09-17 | Merge branch 'bug/3757' into develop | Micah Anderson | |
| 2013-09-17 | updated submodule stunnel - include stunnel in stunnel::service ↵ | varac | |
| (https://leap.se/code/issues/3861) | |||
| 2013-09-17 | Merge branch 'feature/3817_3836_3837_Duplicate_declarations' into develop | varac | |
| 2013-09-14 | ensure site_config::caching_resolver runs with tag leap_base (#3757) | Micah Anderson | |
| Change-Id: I593602ff9d3486dee39227673147e137045c55c5 | |||
| 2013-09-14 | moved openvpn submodule back to 25f1fe8d8, like it was before | kwadronaut | |
| 2013-09-14 | Merge branch 'vcs_module' into develop | kwadronaut | |
| 2013-09-13 | change vcsrepo submodule url (bug #3139) | kwadronaut | |
| 2013-09-13 | change openvpn submodule url (bug #3139) | kwadronaut | |
| 2013-09-13 | setup stunnel config to use default x509 cert,key+ca (#3837) | varac | |
| * fix stunnel setups for couchdb, mx, webapp services | |||
| 2013-09-13 | Deploy default x509 cert + key that services can use (Feature #3836) | varac | |
| 2013-09-13 | remove x509::ca for leap_ca in site_openvpn::keys and site_stunnel::stunnel ↵ | varac | |
| (#3817) | |||
| 2013-09-13 | deploy default x509::ca leap_ca in site_config::default (#3817) | varac | |
| 2013-09-13 | use define instead of class for site_stunnel::setup (#3817) | varac | |
| so it can be called multiple times | |||
| 2013-09-05 | make sure we gather ec2_public_ipv4 fact. REQUIRES latest leap_cli (1.2.2) | elijah | |
| 2013-09-05 | require that shorewall is up before running bundler commands, it needs to ↵0.3.0rc1 | Micah Anderson | |
| pull things from git (#3756) Change-Id: If404452c54dedb7a39a910994dc68309257d351d | |||
| 2013-09-05 | updated submodule apt: unattended-upgrades package cannot be installed (Bug ↵ | varac | |
| #3098) | |||
| 2013-09-05 | Merge branch 'feature/3747_puppet_fails_if_no_services_are_configured' into ↵ | varac | |
| develop | |||
| 2013-09-05 | Some packages are installed before refresh_apt is called (Bug #2988) | varac | |
| 2013-09-05 | puppet fails if no services are configured (Bug #3747) | varac | |
| 2013-09-04 | fix initial firewall to allow outgoing lo traffic and outgoing port 443 (#3736) | Micah Anderson | |
| this allows nameserver queries to the local resolver to work and clones to the leap https repository to work Change-Id: I575d08405a0c28e12c8d201a8dbc79585a5a9a48 | |||
| 2013-09-04 | change git repository clone URIs from git:// to https:// (#3732) | Micah Anderson | |
| Change-Id: Ic700fec9cfb8e8474fb65dbdd4a1a537bf586ec9 | |||
| 2013-09-04 | need to test that /etc/init.d/shorewall exists before attempting to call it, ↵ | Micah Anderson | |
| otherwise puppet complains (#3339) Change-Id: I7c8cc235817fe3d898157de4c4fdd8f1fe74f05a | |||
| 2013-09-04 | updated couchdb submodule: bigcouch nodes doesn't get registered as cluster ↵ | varac | |
| members (Bug #3703) | |||
| 2013-09-04 | Merge branch 'bug/3339' into develop | Micah Anderson | |
| 2013-09-04 | fix soledad-server not being available before the leap repository has been ↵ | Micah Anderson | |
| configured (#3702) Change-Id: I8a86a241c52d88b4b681a800647d7c9c7c574b8e | |||
| 2013-09-04 | make sure that the shorewall package is installed before trying to change ↵ | Micah Anderson | |
| its configuration file (#3701) Change-Id: Ib2dad30d53e5bf7539762eb3683430b10eb875ed | |||
| 2013-09-04 | updated submodule couchdb: don't use couchdb::document for creating ↵ | varac | |
| _security, cause this special doc doesn't have and _id (#3706) | |||
| 2013-09-03 | Work around for shorewall not being available at the site_config stage (#3339) | Micah Anderson | |
| Change-Id: Id3138cb967f76380b7f4e22ce862a099cb47669e | |||
| 2013-09-03 | Merge branch ↵ | varac | |
| 'feature/3667_Sending_mail_fails_when_relaying_using_non-fully-qualified_hostname' into develop | |||
| 2013-09-03 | use check_helo_access hash:/helo_checks also for $submission_helo_restrictions | varac | |
| 2013-09-03 | fix $master_cf_tail format | varac | |
| 2013-09-03 | Sending mail fails when relaying using non-fully-qualified hostname (Feature ↵ | varac | |
| #3667) | |||
| 2013-09-03 | Merge branch 'feature/helo_access' into develop | Micah Anderson | |
| Conflicts: puppet/modules/site_postfix/manifests/mx/smtpd_checks.pp Change-Id: I51555935f9d9409e45809d6df021b10e926ea520 | |||
| 2013-09-03 | Merge branch 'bug/3339' into develop | Micah Anderson | |
| Conflicts: puppet/modules/site_config/manifests/initial_firewall.pp Change-Id: I794d057dc5d89133e552dd12939e8b9792cf1611 | |||
| 2013-09-03 | add /etc/postfix/checks directory and setup a check_helo_access that allows ↵ | Micah Anderson | |
| admins to have some control over problem clients connecting that present helo patterns that they wish to block (#3694) Change-Id: I159c29b6fe17e3d75b607d1a6fa82856b976c9b4 | |||
| 2013-09-03 | require that shorewall has been installed before execs are run (#3339) | Micah Anderson | |
| Change-Id: Iae2b1cacd64565931cef77194a733aeae681efaf | |||
 |
index : leap_platform.git | |
| [leap_platform] | git repository hosting |
| summaryrefslogtreecommitdiff |