summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-12-10[feat] Make leap apt sources url configurablevarac
So we can use the experimental-0.8 repo instead of 0.8 i.e. Use this to customize the main LEAP deb url: "sources": { "apt": { "leap": { "basic": "http://deb.leap.se/experimental-0.9" } } }
2015-12-10[feat] Add LEAP experimental apt signing keyvarac
so we can easily use the experimental-0.(8|9) deb repos, which are signed with this key
2015-12-10Merge pull request #92 from pixelated/add_custom_tests_directoryvarac
look for tests in custom directory
2015-12-10look for tests in custom directoryChristoph Kluenter
if 3rd parties want to add tests that get run by 'leap test' they can now just drop them in /srv/leap/tests_custom/ and they wil 'just work'
2015-12-09Use client cert fingerprint lookup to determine if the user is allowedMicah
to relay mail through us (#3634) Change-Id: I46cf3ffbef4261839c376f4c36a50d9c44eb1374
2015-12-09[feat] Remove puppet run stagesvarac
To reduce complexity, let's get rid of run stages. We used them earlier but they seem to have no purpose anymore. There was two stage leftovers: - `site_config::slow` did an `apt-get dist-upgrade` in the `setup` stage - `site_config::setup` did call the `site_config::hosts` class in the `setup` stage I checked for dependencies to to those resources, and it looks good, i tested by triggering a citest. From https://docs.puppetlabs.com/puppet/latest/reference/lang_run_stages.html#limitations-and-known-issues: ``` Due to these limitations, stages should only be used with the simplest of classes, and only when absolutely necessary. Mass dependencies like package repositories are effectively the only valid use case. ```
2015-12-08Manage the /var/mail/leap-mx directory to ensure it exists properly andMicah
has the right permissions (see #6936) Change-Id: Ib7b86d73197fecfd74b72fe5ff06d1a78d9d4432
2015-12-07Merge pull request #91 from pixelated/fix_mx_testvarac
tac file was renamed
2015-12-07tac file was renamedChristoph Kluenter
2015-12-07Update submoule aptvarac
2015-12-04[bug] Vagrant boxes need 1g of ramvarac
On ci builds we got out-of-memory errors using the default of 512mb.
2015-12-04[refactor] Drop Vagrant Support for versions < 1.1varac
2015-12-03Make sure /etc/default and config file are there before service is triggered ↵Micah
(#7618) Change-Id: Ib9fa598a94e8fd41329b1c9ed4bb52281bf04992
2015-12-03improve whitebox tests to match on more specific processes (#7655, #7676)Micah
Change-Id: I9f267ba38130ceb308d284c926b14d2cee9f87be
2015-12-02Merge pull request #90 from kalikaneko/bug/catch_401_for_user_db_created_checkvarac
[bug] catch 401 return code instead of 200 for user-db-created check
2015-12-02[bug] catch 401 return code instead of 200 for user-db-created checkKali Kaneko
2015-12-02[deprec] use @ in front of erb template tagsvarac
2015-12-02fix nickserver dependency for wheezyvarac
2015-12-02Update submodule postfixvarac
2015-12-01fix missing commaMicah
Change-Id: I6ab266ea4f74277f8262653c43f2b3a5a4254a79
2015-12-01Merge branch 'configure_vagrant_basebox' into developvarac
2015-12-01Update submodule postfixvarac
2015-12-01Switch from 'vmail' to leap-mx's user/group (#6936, #7639)Micah
This change will make sure that the user/group for leap-mx exist, and it changes the mail location from /var/mail/vmail to the more helpful name /var/mail/leap-mx. This change requires: https://github.com/leapcode/leap_mx/pull/78 and it would replace merge request: https://github.com/leapcode/leap_mx/pull/65 and fix https://leap.se/code/issues/6936 and https://leap.se/code/issues/7635 Change-Id: Idbe678dc999e394232c2eeef2b2018d39ab7cc3b
2015-12-01stop delivering non-existing local user mail to leap-mx (#5431)Micah
When mail comes in to the system, a lookup is done to see if it is a valid leap user, if it is, leap_mx now returns something of the form: uuid@deliver.local (see #5959). The virtual_mailbox_domains lists deliver.local, so postfix choses to deliver to virtual_mailbox_base (/var/mail/vmail) which has been hardcoded to the 'vmail' maildir and user. We want leap related mail and leap aliases to go through the virtual alias system, all the hard-coded universal aliases we want to go through the local system and we dont want these separate. Known domains that are considered 'virtual' will be forwarded or delivered to the vmail user, the rest rejected as unknown recipient, instead of being handed off to leap-mx. Previously, the way this was done is we leaned (too heavily) on the 'luser_relay' postfix configuration which sent anything that wasn't locally configured right to the leap_mx spool. That meant everything went there, including addresses that didn't exist, and leap-mx would then have to process those and bounce them. This removes the 'luser_relay' option, so any address that doesn't resolve properly to either a local address/alias, or a leap address or alias (through tcp lookups on 2424 and 4242) will get bounced as an unknown user. Change-Id: I3c22e9383861b3794dd9adfd7aa6a0cf0a773a18
2015-12-01Merge pull request #89 from pixelated/webapp_testvarac
Webapp test: don't check in database if user was deleted.
2015-12-01don't check in database if user was deleted.Christoph Kluenter
we already check if the webapp returned success when it deleted the user. If the webapp had failed it would not have returned success. leap_web has tests that prove this. This fixes https://leap.se/code/issues/7625
2015-12-01Check for clamav processes on mx nodes (#7648)Micah
Change-Id: I751985c0537d430b568a670a2f70d1906b0f0f35
2015-12-01Revert "Disable webapp usercreation and soledad sync test"Christoph Kluenter
This reverts commit 58c4e6878561dc9772070e3ca9b666b9e1abdc7a. The test was fine. The assert_tmp_user was testing the database without using credentials. will be fixed in next commit
2015-12-01Merge branch 'nickserver_jessie' into developvarac
2015-12-01Update submodule postfixvarac
2015-12-01[feat] Make vagrant basebox configurablevarac
reads @vagrant_basebox from Leapfile or ~/.leaprc, needs commit baaa21ca2 in leap_cli. - Resolves: #7657
2015-12-01Merge branch 'develop' of ssh://code.leap.se/leap_platform into developvarac
2015-12-01updated submodule couchdbvarac
2015-11-30fix missing apache modules (#7638)Micah
Change-Id: I77fa50990b5ae60074c54738e8c19929b486d1d0
2015-11-30fix missing apache status module (#7638)Micah
Change-Id: I77fa50990b5ae60074c54738e8c19929b486d1d0
2015-11-30fix site_apache module class names that were renamed (#7636)Micah
Change-Id: Iea1242b3c27d92cef7b217006211e57631fd7e62
2015-11-30Revert "[feat] install couchdb from unstable on jessie"varac
This reverts commit 02b1b484ad9a5d065ceac72b8263b7bcc112c923. Now that we have a proper couchdb jessie package we don't need to install it from Debian unstable.
2015-11-30Disable webapp usercreation and soledad sync testvarac
2015-11-29fix typo documentation leap-cli, closes mr88.kwadronaut
2015-11-28[bug] Don't enable storedconfig in sshd classvarac
- Related: #7615
2015-11-28[bug] [jessie] register nickserver at systemdvarac
- resolves #7614
2015-11-28updated submoule apachevarac
2015-11-27Merge remote-tracking branch 'azul/develop' into developvarac
2015-11-27Merge branch 'master' of github.com:leapcode/leap_platform into developvarac
2015-11-26updated submodule couchdbvarac
2015-11-26Merge branch 'postfwd_tests' into developvarac
2015-11-25added submodule couchdbvarac
2015-11-24Switch to syslog for leap_mx (#6942)Micah
In order to switch to syslog for leap_mx, leap_mx needs to change to log to syslog (#6307 and #6937), and we need to clean up the platform pieces that set the non-syslog options, and rotated log files (#6942). Hopefully, this will solve the leap_mx logrotation issue at the same time (#7058) Change-Id: If68f808a65c24c91231b88d15759809c9e379294
2015-11-24Cleanup old leap mx logs that may appear on some nodes due to how thingsMicah
were logged before Change-Id: Ief95f35ea52a189075c2eda28c00bcc567c464b2
2015-11-24[bug] [jessie] Install pnp4nagios deb from stretchvarac
Configure the apt class together with "use_next_release => true", so pnp4nagios* packages can get installed from strech. No other package will be upgraded as the apt module pins stretch very low, so that only packages are installed if there are no other sources available. - Resolves: #7604