Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
Conflicts:
puppet/modules/site_postfix/manifests/mx.pp
|
|
|
|
better key algorithm choices.
Change-Id: I6b9ec83dbfbf15d1b65e14145bf625db6517f6b7
|
|
Change-Id: I9cee85c19d86dc7c8d70c4cdeb2e7426191b57a5
|
|
replacement wasn't being done. (#7890)
This moves that replacement into its own class, clears the old value and
sets it properly in the smtps transport.
Change-Id: I27c02730597df4943761d8bcb61014aeded9dc75
|
|
seperated
|
|
|
|
|
|
CN entries (#7867)
Change-Id: Ie33277a62e90f9dc0602bb963dbb96a61cebed1d
|
|
not with their alias.
Resolves https://github.com/pixelated/puppet-pixelated/issues/8
|
|
|
|
smtpd_relay_restrictions was added in postfix 2.10 (jessie
has 2.11 atm). Without this, outbound mails are rejected to
be relayed.
from http://www.postfix.org/SMTPD_ACCESS_README.html:
NOTE: Postfix versions before 2.10 did not have
smtpd_relay_restrictions. They combined the mail relay and spam blocking
policies, under smtpd_recipient_restrictions. This could lead to
unexpected results. For example, a permissive spam blocking policy could
unexpectedly result in a permissive mail relay policy. An example of
this is documented under "Dangerous use of
smtpd_recipient_restrictions".
smtpd_relay_restrictions defaults to
'permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination'
and is configured here to check for a valid client cert.
see http://www.postfix.org/postconf.5.html#smtpd_relay_restrictions
- Resolves: #7856
|
|
|
|
- Resolves: #7641
|
|
`site_apt` aready ensures for installing packages after Exec[update_apt]
is run, so we don't need to duplicate this in `site_config::default.pp`.
|
|
Because this is the recommended way of depnending in the apt README.
|
|
We need to include class `site_config::default` in class
`site_config::slow` so we don't get this duplicate definition:
- [local1.bitmask.local] Error: Duplicate declaration: Class[Apt] is
already declared; cannot redeclare at
/srv/leap/puppet/modules/site_apt/manifests/init.pp:29 on node
local1.bitmask.local
To be honest, i didn't figuered out the real cause of this, but it works
with this.
|
|
`site_config::default.pp` takes care the all packages are
installed before `Exec['refresh_apt']`, so we don't need to
add it here for a single package.
|
|
The apt module now takes care of all the dependencies removed
from `site_apt`.
Also, the dependency to install the `lsb` package after
`refresh_apt` is unnesseccary because lsb facts won't work
anyway on the first run if `lsb` is not installed before, so
we can safely remove it.
|
|
|
|
|
|
- Resolves: #7641
|
|
|
|
`site_apt` aready ensures for installing packages after Exec[update_apt]
is run, so we don't need to duplicate this in `site_config::default.pp`.
|
|
Because this is the recommended way of depnending in the apt README.
|
|
We need to include class `site_config::default` in class
`site_config::slow` so we don't get this duplicate definition:
- [local1.bitmask.local] Error: Duplicate declaration: Class[Apt] is
already declared; cannot redeclare at
/srv/leap/puppet/modules/site_apt/manifests/init.pp:29 on node
local1.bitmask.local
To be honest, i didn't figuered out the real cause of this, but it works
with this.
|
|
`site_config::default.pp` takes care the all packages are
installed before `Exec['refresh_apt']`, so we don't need to
add it here for a single package.
|
|
The apt module now takes care of all the dependencies removed
from `site_apt`.
Also, the dependency to install the `lsb` package after
`refresh_apt` is unnesseccary because lsb facts won't work
anyway on the first run if `lsb` is not installed before, so
we can safely remove it.
|
|
fails after timeout is reached. closes #7806
|
|
|
|
This worked before, but somehow stopped working.
We need to include 'site_config::slow' top-level scope instead
of including it in 'site_config::default', because otherwise it
would get tagged with 'leap_base', and would be included always.
This way 'site_config::slow' gets included by default, but can be
excluded by using 'leap deploy --fast'.
See https://leap.se/en/docs/platform/details/under-the-hood#tags
- Resolves: #7844
|
|
The problem was that puppet tried to remove them on the couch node,
but they need to get removed on monitor node.
- Resolves: #7641
|
|
- Resolves: #7853
|
|
- Related: #7853
|
|
- Resolves: #7418
|
|
|
|
using older leap_cli.
|
|
|
|
- Resolves: #7823
|
|
- Resolves: #7842
|
|
- Resolves: #7629
|
|
We now include "site_config::remove::bigcouch" in class
"site_couchdb::master", which sets up plain couchdb.
|
|
Ruby itself is a parameterized class, and parameters cannot get
overridden (see https://projects.puppetlabs.com/issues/9259).
The webapp node didn't install the ruby-dev package (we never
noticed because our vagrant images as probably other debian images
had ruby-dev preinstalled).
We now use the ruby::devel class to install ruby-dev.
- Tested: [citest-jessie]
- Resolves: #7838
|
|
I merged immerda's changes to the `rubygems` module, which
remove the installation of the `rubygems` package from jessie
on, because it's a dependency of the `ruby2.1` package, which is
a dep of puppet, and therefore installed on every node.
- Tested: [local singlenode]
- Resolves: #7619
|
|
|
|
otherwise, machines will be out-of-mememory on deploy
|