Age | Commit message (Collapse) | Author |
|
Make the server-status information unavailable by putting the vhost on a
port that isn't configured as available to the tor hidden-service.
Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb
|
|
this tidy should only happen on webapp nodes
Change-Id: I56faac4fa28fde9dcad7ce9a6ed0d684630a556e
|
|
The configuration /etc/apache/sites-enabled/leap_webapp.conf was never
removed after 6255e58bf9ff3489bf2707bc2be9759ec5c7db68 made it obsolete,
and because it exists on older systems, it is being used instead of the
correct common.conf.
This removes it and reloads apache.
Change-Id: Ic4c9901f4bba869ecb3dfe5362dfd1971570f89a
|
|
|
|
|
|
Change-Id: I42a1ef661dc55fb8110e82e930f67679c3dff1f8
|
|
webapp user.
|
|
common.json. closes #7423
|
|
Change-Id: If92faee5f877301bf23564d5b6e71c4b1263de54
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Change-Id: Ib701886ad26c5e39ccd669fadca81404b5c0426a
|
|
Valid users submitting mail to be delivered should not be blocked by
configured RBLs.
Settings in main.cf are valid and used globally, unless they are
overridden in master.cf for specific Postfix daemons. We have set in
main.cf the smtp_client_restrictions parameter to check for configured
rbls, so we need to override that and empty it in order to allow valid
clients to send mail, even when their IP is listed in an RBL.
Note: most users will typically be connecting via VPN, so their IP would
typically be replaced by the VPN gateway one, but there are cases where
this is still useful.
Change-Id: Ie4171113c78ae2814402a1ed9b5343280cbf79d1
|
|
|
|
Sometimes only trivial things fail that doesn't affect basic
functionallity.
Change-Id: I9d9d1a531a11e6eeee6fd823a51bb02e99771ec2
|
|
version complain when called by root)
we don't need to enable ssh pw auth because we're now using the
vagrant user that has ssh key-based auth configured already.
Change-Id: I5e28e6f5c71724573ff11def5b96142e8eb8b185
|
|
Change-Id: I385f7877d0816456e7c57179511604645a4740bc
|
|
|
|
definition of 'domain' in provider.env.json.
|
|
The openpgp header added by the client is sometimes incorrect, because
the client doesn't actually know what the proper URL is for the
webapp. The server knows, however.
Change-Id: I2243b19a6337d8e0be97590e2ca9c9c0b0fffdac
|
|
webapp user.
|
|
common.json. closes #7423
|
|
|
|
|
|
Change-Id: Iae76f9ca03baf459ae8ea044ea6aecfc73a41b3a
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Change-Id: Ic9af9ef3602abbb51edf1c9d71d4d264b4ace714
|
|
The rationale here is:
- bigcouch/its included erlang version is incredibly noisy and spits out
warnings/error msgs all the time
- it uses the worst logging format i ever saw, multiple lines directly
to a file (couch 2.0 uses lager as logging backend which can log to
syslog)
- trying to sort out the false positives will take too much time,
and who knows which of them will be resolved in couch 1.6/2.0
Change-Id: Idbe6b37a19cd65ce31a50d4c28eedb4cf15ba3b5
|
|
|
|
|
|
|
|
|
|
Set zen.spamhaus as the default rbl
Change-Id: Ic3537d645c80ba42267bab370a1cf77730382158
|
|
Change-Id: I06e29515a28af8688d839fffa01a3dfe7fc8a2fc
|
|
Conflicts:
puppet/modules/site_static/manifests/init.pp
Change-Id: I090b1cb3cbe3c4d01a2c640ae3a370b17e722e12
|
|
Increase warning/critical thresholds for time between tapicero heartbeat
checks so it will emit less false positives
Change-Id: I0f97373d88658b7f17b2c4e8c1963198dc3f66ed
|
|
We don't want to try and create the log file, twistd will do that.
Don’t rename the log file from mx.log to mx.log.0, instead just copy it
to mx.log.1, and then clear out mx.log so it’s empty (this is needed
because leap-mx might assume that its file descriptor is still valid and
continue trying to write to it, without this, leap-mx might lose data
because it’ll assume the original log file is still around and continue
to write to it, even though it’s gone)It’s a little dangerous because
it’s possible that you might lose some logged data between the time that
logrotate copies the new log file and truncates the old file (Caveat
administrator).
Finally, we don't want logrotate to complain if it finds
mx.log, its ok if its there.
Change-Id: I9952627f4d47e7a89a2915f6b72d82f9e6ca0d8b
|
|
fix double quotes and indentation
Change-Id: I79c28159d17e6256db3094f413d61dcdc9520dc6
|