Age | Commit message (Collapse) | Author | |
---|---|---|---|
2013-09-18 | Setup a class dependency for every tag 'leap_service' to make sure that ↵ | Micah Anderson | |
shorewall is setup before the service is setup. This is necessary due to the strict initial firewall that stops various service setup operations from happening, but is relaxed once shorewall is setup properly (#3782) Change-Id: Ia9640c4118aa0053cdb99e7bc11860fed5527501 | |||
2013-09-18 | include shorewall::interface{eth0} in setup.pp so packages can be installed ↵ | varac | |
during main puppetrun, even before shorewall is configured completly | |||
2013-09-17 | fix stunnel module so that code was not removed accidentally | Micah Anderson | |
Change-Id: Ia236eb5b7609d9f96970230fce4d0051d832e3cb | |||
2013-09-17 | Merge branch 'feature/2399_shorewall_on_vagrant_fails' into develop | varac | |
2013-09-17 | shorewall: #2399 blocks uplink (Bug #2866) | varac | |
2013-09-17 | site_config::params::interface should contain eth1 for vagrant cause it's ↵ | varac | |
the main interface we use (#2399, #2401) | |||
2013-09-17 | update stunnel submodule commit id to correct one for new repository | Micah Anderson | |
Change-Id: I33292b9eb2a5553ac296857c99fdaf350ed52542 | |||
2013-09-17 | Merge branch 'bug/3757' into develop | Micah Anderson | |
2013-09-17 | updated submodule stunnel - include stunnel in stunnel::service ↵ | varac | |
(https://leap.se/code/issues/3861) | |||
2013-09-17 | Merge branch 'feature/3817_3836_3837_Duplicate_declarations' into develop | varac | |
2013-09-14 | ensure site_config::caching_resolver runs with tag leap_base (#3757) | Micah Anderson | |
Change-Id: I593602ff9d3486dee39227673147e137045c55c5 | |||
2013-09-14 | moved openvpn submodule back to 25f1fe8d8, like it was before | kwadronaut | |
2013-09-14 | Merge branch 'vcs_module' into develop | kwadronaut | |
2013-09-13 | change vcsrepo submodule url (bug #3139) | kwadronaut | |
2013-09-13 | change openvpn submodule url (bug #3139) | kwadronaut | |
2013-09-13 | setup stunnel config to use default x509 cert,key+ca (#3837) | varac | |
* fix stunnel setups for couchdb, mx, webapp services | |||
2013-09-13 | Deploy default x509 cert + key that services can use (Feature #3836) | varac | |
2013-09-13 | remove x509::ca for leap_ca in site_openvpn::keys and site_stunnel::stunnel ↵ | varac | |
(#3817) | |||
2013-09-13 | deploy default x509::ca leap_ca in site_config::default (#3817) | varac | |
2013-09-13 | use define instead of class for site_stunnel::setup (#3817) | varac | |
so it can be called multiple times | |||
2013-09-05 | make sure we gather ec2_public_ipv4 fact. REQUIRES latest leap_cli (1.2.2) | elijah | |
2013-09-05 | require that shorewall is up before running bundler commands, it needs to ↵0.3.0rc1 | Micah Anderson | |
pull things from git (#3756) Change-Id: If404452c54dedb7a39a910994dc68309257d351d | |||
2013-09-05 | updated submodule apt: unattended-upgrades package cannot be installed (Bug ↵ | varac | |
#3098) | |||
2013-09-05 | Merge branch 'feature/3747_puppet_fails_if_no_services_are_configured' into ↵ | varac | |
develop | |||
2013-09-05 | Some packages are installed before refresh_apt is called (Bug #2988) | varac | |
2013-09-05 | puppet fails if no services are configured (Bug #3747) | varac | |
2013-09-04 | fix initial firewall to allow outgoing lo traffic and outgoing port 443 (#3736) | Micah Anderson | |
this allows nameserver queries to the local resolver to work and clones to the leap https repository to work Change-Id: I575d08405a0c28e12c8d201a8dbc79585a5a9a48 | |||
2013-09-04 | change git repository clone URIs from git:// to https:// (#3732) | Micah Anderson | |
Change-Id: Ic700fec9cfb8e8474fb65dbdd4a1a537bf586ec9 | |||
2013-09-04 | need to test that /etc/init.d/shorewall exists before attempting to call it, ↵ | Micah Anderson | |
otherwise puppet complains (#3339) Change-Id: I7c8cc235817fe3d898157de4c4fdd8f1fe74f05a | |||
2013-09-04 | updated couchdb submodule: bigcouch nodes doesn't get registered as cluster ↵ | varac | |
members (Bug #3703) | |||
2013-09-04 | Merge branch 'bug/3339' into develop | Micah Anderson | |
2013-09-04 | fix soledad-server not being available before the leap repository has been ↵ | Micah Anderson | |
configured (#3702) Change-Id: I8a86a241c52d88b4b681a800647d7c9c7c574b8e | |||
2013-09-04 | make sure that the shorewall package is installed before trying to change ↵ | Micah Anderson | |
its configuration file (#3701) Change-Id: Ib2dad30d53e5bf7539762eb3683430b10eb875ed | |||
2013-09-04 | updated submodule couchdb: don't use couchdb::document for creating ↵ | varac | |
_security, cause this special doc doesn't have and _id (#3706) | |||
2013-09-03 | Work around for shorewall not being available at the site_config stage (#3339) | Micah Anderson | |
Change-Id: Id3138cb967f76380b7f4e22ce862a099cb47669e | |||
2013-09-03 | Merge branch ↵ | varac | |
'feature/3667_Sending_mail_fails_when_relaying_using_non-fully-qualified_hostname' into develop | |||
2013-09-03 | use check_helo_access hash:/helo_checks also for $submission_helo_restrictions | varac | |
2013-09-03 | fix $master_cf_tail format | varac | |
2013-09-03 | Sending mail fails when relaying using non-fully-qualified hostname (Feature ↵ | varac | |
#3667) | |||
2013-09-03 | Merge branch 'feature/helo_access' into develop | Micah Anderson | |
Conflicts: puppet/modules/site_postfix/manifests/mx/smtpd_checks.pp Change-Id: I51555935f9d9409e45809d6df021b10e926ea520 | |||
2013-09-03 | Merge branch 'bug/3339' into develop | Micah Anderson | |
Conflicts: puppet/modules/site_config/manifests/initial_firewall.pp Change-Id: I794d057dc5d89133e552dd12939e8b9792cf1611 | |||
2013-09-03 | add /etc/postfix/checks directory and setup a check_helo_access that allows ↵ | Micah Anderson | |
admins to have some control over problem clients connecting that present helo patterns that they wish to block (#3694) Change-Id: I159c29b6fe17e3d75b607d1a6fa82856b976c9b4 | |||
2013-09-03 | require that shorewall has been installed before execs are run (#3339) | Micah Anderson | |
Change-Id: Iae2b1cacd64565931cef77194a733aeae681efaf | |||
2013-09-03 | require that shorewall has been installed before execs are run (#3339) | Micah Anderson | |
Change-Id: Iae2b1cacd64565931cef77194a733aeae681efaf | |||
2013-09-03 | Without smtpd_helo_required, the helo restrictions are easily bypassed by ↵ | Micah Anderson | |
not sending a HELO (#3693) Change-Id: I6a7338136a53e16962a070826493139fa3307df7 | |||
2013-09-02 | disable postfix debugging by default | varac | |
2013-09-02 | create all webapp databases so _security is set (fixes 3517) | Azul | |
2013-09-02 | Merge branch 'develop' of ssh://code.leap.se/leap_platform into develop | kwadronaut | |
2013-09-02 | specify RAILS_ENV when calling bundle assets-precompile (fixes #3638) | Azul | |
We currently disable the billing gem in production while it's on in development and test. Therefore bundler will not install its dependencies - in particular the braintree gem when deploying. Since the RAILS_ENV was not specified rake was called with the default of 'development'. It therefore tried to load the development gems and failed when looking for 'braintree'. Specifying the production RAILS_ENV fixes this. It looks like we'll always need to specify RAILS_ENV when calling rake or we might want to export it to the environment in a separate task or the user config files such as .bashrc | |||
2013-09-02 | changing urls of submodules to https://leap.se (#3252 and #3139 ) | kwadronaut | |