Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-07-12 | Merge branch 'fix_subrepo_behavior' of ↵ | elijah | |
https://github.com/pixelated/leap_platform into develop | |||
2016-07-12 | only update git submodules only if not subrepo | Christoph Kluenter | |
2016-07-05 | Use DANE/TLSA validation in postfix (#8141). | Micah | |
Configure DNSSEC validation for client verification, giving us a stronger form of opportunistic TLS Change-Id: Iab92d4f593c4a5a44e3b694295096b0d7f687a37 | |||
2016-07-05 | set domain-secure to internal domain. | Micah | |
Without this set, dnssec will fail validation for internal domains, which should not be validated Change-Id: I8589332598fe97ad5218dd23825ac77af2d8def6 | |||
2016-07-05 | Enable DNSSEC validation in unbound (#8214). | Micah | |
Change-Id: Ibdf39a721162b4a5663ef27c27b2db0261c6e8a5 | |||
2016-07-05 | Merge branch '8021_rsyslog' of https://0xacab.org/micah/platform into develop | elijah | |
2016-07-05 | Remove duplicate syslog entry (#8021). | Micah | |
In an attempt to resolve #8021, a template error was made, causing duplicated entries to appear in the rsyslog template. Change-Id: Ic41d6ef9aec9865cf64312c1eb96e408b39d441c | |||
2016-07-05 | Polish platform buils config file | varac | |
2016-07-05 | add gitlab-runners pubkey | varac | |
2016-07-05 | renenable global before_script in .gitlab-ci.yml | varac | |
2016-07-05 | Update .gitlab-ci.yml and build config for local builds | varac | |
2016-07-05 | remove private stuff from test provider dir | varac | |
2016-07-05 | prevent users from configuring a node and an environment with the same name | elijah | |
2016-07-05 | use single node with vagrant | varac | |
2016-07-05 | fix error caused by passing an empty option to net-ssh | elijah | |
2016-07-03 | bugfix: work-around for problem with upload file permissions (#8235) | elijah | |
2016-07-02 | [bug] fix typo in leap add-user | varac | |
2016-07-01 | fix access to vagrant key file | elijah | |
2016-07-01 | leap cli: move everything we can from leap_cli to leap_platform | elijah | |
2016-07-01 | leap cli: remove commands/util.rb (duplicate of common.rb) | elijah | |
2016-07-01 | ssh remote command: reraise unknown exceptions | elijah | |
2016-07-01 | ssh logging: set the correct host | elijah | |
2016-07-01 | print both sha1 and sha256 fingerprints for 'leap inspect' | elijah | |
2016-07-01 | migrate commands to use new ssh system: node init, test, add-user | elijah | |
2016-06-30 | fix static site apache config | elijah | |
2016-06-30 | directly call build-platform.sh in build job | varac | |
2016-06-30 | Make sure bind9 doesn't take over unbound (#8213). | Micah | |
Change-Id: Icaab817870d005b7a854a3fb8c402705d0b2d77f | |||
2016-06-30 | Remove bigcouch (#8056) | Micah | |
Change-Id: I0c6e27298c63bd37de1410985d054799818c22a4 | |||
2016-06-28 | Fix for when tor is not an array. | Micah | |
When tor is not configured, then its possible to get this error on deploy: Error: tor is not a hash or array when accessing it with hidden_service at /srv/leap/puppet/modules/site_static/manifests/init.pp:16 on node rewdevstatic1.rewire.org This commit only accesses the array when its enabled. Change-Id: Ia75ac7a51179da980966adba0cc614b9cd642b0c | |||
2016-06-28 | added command `leap open monitor` for handy access to nagios | elijah | |
2016-06-28 | Make static tor hidden services work (#8212). | Micah | |
When tor hidden services were enabled for static sites, only a very basic configuration was setup and it didn't take into account the different location configurations that can be configured for a static site. This commit resolves that by making a site_static::hidden_service class similar to the site_webapp::hidden_service class, and fixes up the apache vhost template to properly create the location blocks for the hidden service vhost. Change-Id: Ice3586f4173bd2d1bd3defca29d21c7403d5a03a | |||
2016-06-28 | Stop tor from restarting on every deploy (#8211). | Micah | |
We were creating the hidden service name without a newline, and then tor would be restarted and change the hidden service hostname file to have a newline, which would then require that the next deploy would change that file to not have a newline again. This fixes that problem by making the hostname have a newline so it matches what tor wants. Change-Id: I38f450684d557cf943ec94f2f8e19cda3aefdf66 | |||
2016-06-28 | Reload tor if config or key is changed (#8210). | Micah | |
Change-Id: I3d733b6645c804a5fb337ad4b8edc59a66ad50b5 | |||
2016-06-28 | Make sure bind9 doesn't take over unbound (#8213). | Micah | |
Change-Id: Icaab817870d005b7a854a3fb8c402705d0b2d77f | |||
2016-06-28 | dont run default before_script for build stage | varac | |
2016-06-27 | Fix the permissions on the DOMAIN/provider.json file for static sites. | elijah | |
2016-06-28 | Don't use docker for platform ci builds | varac | |
Will try later, but for now it fails with not finding bundle cmd. | |||
2016-06-28 | use leap_cli:develop gem in Gemfile | varac | |
2016-06-27 | Puppet-lint 2.0 release | varac | |
2016-06-27 | Lint and Document site_webapp::hidden_service | varac | |
2016-06-22 | set the platform version to be 0.9, require leap_cli 1.9 | elijah | |
2016-06-22 | leap_cli: removed dependency on gems 'paint' and 'command_line_reporter' | elijah | |
2016-06-21 | minor ruby linting | elijah | |
2016-06-21 | Fix hidden service static template (#8203). | Micah | |
Change-Id: Iab9597f5f0336f66df9b73fea9d79c789cbb8302 | |||
2016-06-17 | tests - default to admin access when testing existence of a db | elijah | |
2016-06-16 | New Build Badge from 0xacab.org | varac | |
2016-06-16 | Merge branch '0.8.1' into develop | Micah | |
2016-06-16 | Disable the Trace method (#8195)0.8.1 | Micah | |
The Trace method is enabled because of the Apache module, but it is not the default in Debian, and it should not be enabled, for more information see the following: https://www.kb.cert.org/vuls/id/867593 Change-Id: I06a06ae679dbf7049f26a017125b61e5e38f6268 | |||
2016-06-16 | Fix matching for cleanup check. | Micah | |
The onlyif check was incorrectly specified in the original implementation in commit id: 15b83d88dcedab496a19cef57f11c5c8e091dd4a this inverts it so it is properly detected. Change-Id: I531e206fff1ca61780adcd195e1f917011e50fb4 | |||
2016-06-16 | Disable the Trace method (#8195) | Micah | |
The Trace method is enabled because of the Apache module, but it is not the default in Debian, and it should not be enabled, for more information see the following: https://www.kb.cert.org/vuls/id/867593 Change-Id: I06a06ae679dbf7049f26a017125b61e5e38f6268 |