Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-02-25 | couchdb module uses pbkdf2 as default pwhash algor. now | varac | |
2016-02-25 | remove couchdb_pwhash_alg leftover | varac | |
2016-02-25 | remove wheezy support | varac | |
2016-02-25 | no build-essential packages needed for building leap_cli | varac | |
2016-02-24 | Merge branch 'develop' of ssh://leap.se/leap_platform into develop | elijah | |
2016-02-24 | [bug] Adopt ncli aliases to new version of icli | varac | |
- Resolves: #7887 | |||
2016-02-24 | fix logging error in puppet_command | elijah | |
2016-02-24 | fix time comparison bug in network test | elijah | |
2016-02-24 | check server cert expiry in tests, closes #7910 | elijah | |
2016-02-24 | fixed dkim zone entry, closes #7925 | elijah | |
2016-02-24 | Set couch.mode:plain until this will be the default | varac | |
2016-02-24 | [feat] Don't set couch.master anymore, defaults to plain couchdb | varac | |
2016-02-24 | Use site_couchdb::plain even when couch.master is set top "master" | varac | |
2016-02-24 | ensure remote_file_path macro works when file is not present (resolves #7926) | elijah | |
2016-02-24 | Update module stunnel | varac | |
2016-02-23 | Update opendkim platform pieces to match leap-cli. | Micah | |
Change-Id: I9c8f9c9c3ee7cd89f013cbb08397377522ed5a4a | |||
2016-02-23 | We are rotating the mx logs 5 times, but we originally thought we should | Micah | |
only have the following logfiles in that directory ever: mx.log, mx.log.[1-5], with an optional .gz suffix. However, we were wrong about the 'optional' part of the compression, we use the 'compress' option, so the logs will always be compressed. So there should never be the log files mx.log.1, mx.log.2, etc. This change adjusts the clean-up to deal with that. (#7058) https://github.com/leapcode/leap_platform/pull/97 Change-Id: I109d08ac063fe094c54e93be91893a67d7fbb51b | |||
2016-02-23 | use pbkdf2 pwhash for plain couch. | elijah | |
2016-02-23 | allow legacy plain couchdb nodes to stay couchdb nodes, although issue a ↵ | elijah | |
warning. | |||
2016-02-23 | added templates for `leap node add`, so that new nodes can get default ↵ | elijah | |
values set in their initial .json file. | |||
2016-02-23 | default to plain couchdb, unless otherwise specified. | elijah | |
# Conflicts: # puppet/modules/site_couchdb/manifests/plain.pp | |||
2016-02-23 | get dkim working, closes #5924 | elijah | |
2016-02-23 | Update submodule vcsrepo | varac | |
2016-02-23 | [feat] 'leap history --last' shows only last entry | varac | |
2016-02-23 | Add hiera.yaml so vagrant provision doesn't complain about it missing | varac | |
Warning: Config file /etc/puppet/hiera.yaml not found, using Hiera defaults | |||
2016-02-23 | Remove wheezy vagrant box | varac | |
2016-02-23 | Update submodule postfix | varac | |
2016-02-16 | remove pinning of openvpn package to backports | elijah | |
2016-02-16 | list the expiry time when warning about expiring certs | elijah | |
2016-02-16 | require jessie and created note_init script for node initialization | elijah | |
2016-02-12 | update postfix submodule for postscreen (Resolves: 2303)0.8.0rc1 | kwadronaut | |
2016-02-12 | add postscreen greeter (Resolves: 2303) | kwadronaut | |
Conflicts: puppet/modules/site_postfix/manifests/mx.pp | |||
2016-02-11 | started 0.8 CHANGES file. | elijah | |
2016-02-11 | Allow ecdsa hostkeys (#7642) until we can safely transition providers to | Micah | |
better key algorithm choices. Change-Id: I6b9ec83dbfbf15d1b65e14145bf625db6517f6b7 | |||
2016-02-11 | Disable journald in order to resolve IP logging subversion (#7863) | Micah | |
Change-Id: I9cee85c19d86dc7c8d70c4cdeb2e7426191b57a5 | |||
2016-02-11 | Due to the smtps transport specifying a header_check, the received_anon | Micah | |
replacement wasn't being done. (#7890) This moves that replacement into its own class, clears the old value and sets it properly in the smtps transport. Change-Id: I27c02730597df4943761d8bcb61014aeded9dc75 | |||
2016-02-10 | resolves #7646: leap_cli should fail when soledad and couchdb service are ↵ | elijah | |
seperated | |||
2016-02-10 | add postscreen greeter (Resolves: 2303) | kwadronaut | |
2016-02-09 | ensure that expired certs are updated *before* hiera compile. | elijah | |
2016-02-04 | fix postfix Received anonymizing header regexp to properly match Client | Micah | |
CN entries (#7867) Change-Id: Ie33277a62e90f9dc0602bb963dbb96a61cebed1d | |||
2016-02-03 | Exec overrides need to be referred by their name | varac | |
not with their alias. Resolves https://github.com/pixelated/puppet-pixelated/issues/8 | |||
2016-02-02 | Merge branch 'bugfix/mxlog' into develop | elijah | |
2016-02-02 | [bug] Add smtpd_relay_restrictions to postfix conf | varac | |
smtpd_relay_restrictions was added in postfix 2.10 (jessie has 2.11 atm). Without this, outbound mails are rejected to be relayed. from http://www.postfix.org/SMTPD_ACCESS_README.html: NOTE: Postfix versions before 2.10 did not have smtpd_relay_restrictions. They combined the mail relay and spam blocking policies, under smtpd_recipient_restrictions. This could lead to unexpected results. For example, a permissive spam blocking policy could unexpectedly result in a permissive mail relay policy. An example of this is documented under "Dangerous use of smtpd_recipient_restrictions". smtpd_relay_restrictions defaults to 'permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination' and is configured here to check for a valid client cert. see http://www.postfix.org/postconf.5.html#smtpd_relay_restrictions - Resolves: #7856 | |||
2016-02-02 | Merge branch 'develop' of code.leap.se:/leap_platform into develop | kwadronaut | |
2016-02-02 | [bug] Fix bigcouch spoolfile removal | varac | |
- Resolves: #7641 | |||
2016-02-02 | [refactor] Dont duplicate Package resource override | varac | |
`site_apt` aready ensures for installing packages after Exec[update_apt] is run, so we don't need to duplicate this in `site_config::default.pp`. | |||
2016-02-02 | [refactor] Use Exec[apt_updated] instead of Exec[refresh_apt] | varac | |
Because this is the recommended way of depnending in the apt README. | |||
2016-02-02 | [bug] Fix duplicate definition error for Class[Apt] | varac | |
We need to include class `site_config::default` in class `site_config::slow` so we don't get this duplicate definition: - [local1.bitmask.local] Error: Duplicate declaration: Class[Apt] is already declared; cannot redeclare at /srv/leap/puppet/modules/site_apt/manifests/init.pp:29 on node local1.bitmask.local To be honest, i didn't figuered out the real cause of this, but it works with this. | |||
2016-02-02 | [refactor] Remove atomic apt package dependecy | varac | |
`site_config::default.pp` takes care the all packages are installed before `Exec['refresh_apt']`, so we don't need to add it here for a single package. | |||
2016-02-02 | [refactor] Don't declare dependencies for apt resources | varac | |
The apt module now takes care of all the dependencies removed from `site_apt`. Also, the dependency to install the `lsb` package after `refresh_apt` is unnesseccary because lsb facts won't work anyway on the first run if `lsb` is not installed before, so we can safely remove it. |