Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-09-25 | allow all outgoing traffic | Christoph Kluenter | |
as discussed on #leap | |||
2014-09-17 | allow outgoing port 3142 for apt-cacher proxy | Christoph | |
2014-09-17 | update rsyslog module to fix #6019 | Micah Anderson | |
Change-Id: I8c64a0c530d44e55963060d52d31a0da1a88615c | |||
2014-09-17 | Increase wait-for-couch timeout (Bug #3735) | varac | |
Site_couchdb::Bigcouch::Settle_cluster/Exec[wait_for_couch_nodes] waits 60s for all nodes to be member of the cluster. Because we deploy to multiple nodes in parallel, not all nodes are ready at the same time, so we increased the timeout from 60s to 120s. | |||
2014-09-17 | disable ACL enforcement, because it's a known issue with bigcouch | varac | |
otherwise it will only confuse the user see https://leap.se/code/issues/6030 for more details | |||
2014-09-15 | Merge branch 'make_shorewall_optional' into develop | Micah Anderson | |
2014-09-15 | Merge branch 'add_ignore' into develop | Micah Anderson | |
2014-09-15 | tests: make shorewall optional | Micah Anderson | |
Change-Id: I1703ff7b3dafe5d0562a7c34c1851ebfedc569a8 | |||
2014-09-15 | tests: add 'ignore' command to tests | Micah Anderson | |
Change-Id: I8ac3b6edd6a0cf7eae5486d61d1680765a8fad13 | |||
2014-09-15 | tests: make warnings not produce a non-zero exit code | Micah Anderson | |
Change-Id: I60d51728128b95c77d52ab4e8c61966cfa59ff2f | |||
2014-09-03 | Merge branch 'master' into develop | varac | |
Conflicts: platform.rb puppet/modules/site_config/manifests/hosts.pp | |||
2014-09-02 | tests: make warnings not produce a non-zero exit code, add 'ignore' command ↵ | elijah | |
to tests, make shorewall optional. | |||
2014-08-28 | Merge tag '0.5.4.1' | Micah Anderson | |
Tag 0.5.4.1 hotfix release | |||
2014-08-28 | update version number for 0.5.4.1 hotfix release0.5.4.1 | Micah Anderson | |
Change-Id: I0d629c56b86cd4de5a6560d58715de7ec93dd4e3 | |||
2014-08-28 | syslog logs everything but webapp FIX #6020 | guido | |
2014-08-26 | default to multimaster if no nodes are defined as master | elijah | |
2014-08-26 | update version number for 0.5.4 hotfix release0.5.4 | Micah Anderson | |
Change-Id: Ia34388c5095301d3a72070737fdb9df758610581 | |||
2014-08-26 | Fix Tapicero not starting after first deploy (#6004) | varac | |
Added a dependency on the couchdb "tapicero" user to get created before starting the tapicero daemon. | |||
2014-08-22 | FQDN should come first in /etc/hosts | varac | |
fixes /etc/hosts: wrong order (Bug #5835) (now for real) before, /etc/hosts contained i.e. 127.0.1.1 plain1 plain1.bitmask.net plain1.bitmask.i which resulted in no fqdn reported both by "hostname -f" and "facter fqdn" this fix produces this order which is needed to report a fqdn: 127.0.1.1 plain1.bitmask.net plain1 plain1.bitmask.i | |||
2014-08-21 | Merge tag '0.5.3' | Micah Anderson | |
Tagging 0.5.3 release | |||
2014-08-21 | Fix starting tapicero when it is not running (#6004)0.5.3 | Micah Anderson | |
Due to how tapicero's initscript is made, it is not possible to check for a valid exit code for the status (it returns a zero when it is not running). So we disable the puppet 'hasstatus' parameter and instead puppet will look in the process table for 'tapicero' Change-Id: I9b017ea8055c0207e43876dd4e3bbc2619c0fd35 | |||
2014-08-21 | Merge remote-tracking branch 'varac/5998_fix_nagios_nodename' into 0.5.3 | Micah Anderson | |
2014-08-21 | Fix "Nagios ssh check is automatically added by the ssh module and cantains ↵ | varac | |
a wrong hostname on single node setup (Bug #5998)" before, the ssh module added this check, resulting in a wrong hostname and the port was always '22'. manage_nagios parameter is boolean, so we use false instead of 'no' manually add check_ssh to nagios (#5998) | |||
2014-08-20 | set the maximum leap cli version for this version of the platform | Micah Anderson | |
Change-Id: I6be37c3c65c47e650c0e67bd43df8e2b1ac40dd6 | |||
2014-08-19 | Update README to make note about known issues so version number does not ↵ | Micah Anderson | |
need to be bumped each release Change-Id: I3aabe1a713f4244cbbd607137e5d8e46d992a2bc | |||
2014-08-05 | Fixes: #5952 Webapp now logs to it's own file instead of syslog and user.log | guido | |
2014-08-01 | Merge branch 'feature/replication-in-tapicero-security' into develop | Azul | |
2014-08-01 | minor: fix typo in webapp config | Azul | |
@provider -> @webapp | |||
2014-07-30 | add replication role to user databases with tapicero | Azul | |
This way the replication has read access on the source and write access on the target. | |||
2014-07-29 | fix haproxy_servers call with couchdb default port | Azul | |
2014-07-29 | Merge remote-tracking branch 'fbernitt/issue_5217_allow_registration' into ↵ | Azul | |
develop | |||
2014-07-16 | haproxy connects to a local couch if available | Azul | |
When running a service that requires couch (webapp or mx) on a node that also had couch running the haproxy was confused because it did not have an stunnel port for the local couch. Emit a more useful error and fixed this for webapp and mx | |||
2014-07-15 | haproxy default to couch_write, couch_read on GET | Azul | |
METH_POST probably does not catch PUT, DESTROY etc. So instead we now use the master as the default and only use the replications for GET and HEAD requests. | |||
2014-07-15 | adopt webapp test to new hiera couch clients format | Azul | |
2014-07-14 | fix couch tests to use admin credentials | Azul | |
2014-07-14 | proper json for tapicero config | Azul | |
2014-07-14 | update couchdb puppet module | Azul | |
2014-07-11 | Added allow_registration to webapp config.yml. | Folker Bernitt | |
- See issue #5217 - See companion change in leap_web | |||
2014-07-01 | Merge branch 'obfsproxy' into develop | elijah | |
2014-07-01 | Use new macro pick_node to pick vpn gateway for obfsproxy.json | irregulator | |
2014-07-01 | Check appropriately if obfsproxy is included in services | irregulator | |
2014-07-01 | A vpn node picks its openvpn.gateway as obfsproxy gateway address | irregulator | |
2014-07-01 | Add apt preferences requirement for obfsproxy package resource | irregulator | |
2014-07-01 | Add User resource requirement for obfsproxy service, log, etc dir | irregulator | |
2014-07-01 | Remove unneeded newlines from obfsproxy.conf | irregulator | |
2014-07-01 | Explicitly set apt preferences for obfsproxy to wheezy-backports | irregulator | |
2014-07-01 | Attach node's name to scramblesuit password and port secrets | irregulator | |
This makes every node with obfsproxy service have unique port and password for scramblesuit pluggable transport. | |||
2014-07-01 | Make obfsproxy daemon bind to specific address rather than 0.0.0.0 | irregulator | |
If obfsproxy is spawned alongside eip service, make it listen to the gateway_adress IP. If obfsproxy is running standalone listen to ip_address. | |||
2014-07-01 | Include obfsproxy descriptors in openvpn.json | irregulator | |
This is needed so as obfsproxy service is automatically deployed along with eip service. | |||
2014-07-01 | Use the try method to pick vpn gateway address in obfsproxy.json | irregulator | |