summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-06-16make sure required x509 bits are there before stunnel is startedMicah
Change-Id: I772c3b6e489e3c1848c45c6bcaa240324fc88928
2016-06-16Ensure stunnel package, service and default ordering.Micah Anderson
2016-06-16update stunnel module for refresh_stunnel fixesMicah
Change-Id: I7675dbaba4d896a62dab9fcf4817092ea69f1298
2016-06-16refresh_stunnel sometimes doesn't run (#8168).Micah
It turns out that in some corner-cases, the script is not called: (1) start the deploy, create files in /var/lib/puppet/stunnel4/config (2) halt puppet before apply finishes (3) re-run deploy in this scenario, next time you run deploy, refresh_stunnel will never get called to populate /etc/stunnel, because the files in /var/lib/puppet/stunnel4/config haven't changed. This problem can be really confusing when it happens. To fix this, we just run refresh_stunnel every, it is pretty fast and the script has more complete logic for what to do than puppet, which has only an asymmetrical view on the situation. Change-Id: I9e5fad1d081c2fe07f3ac8f07cfb87d86b88f7c9
2016-06-16auto run bundler when needed for site_staticelijah
2016-06-16fix typo that prevented common.ENV.json from being loaded. closes #7697elijah
2016-06-16debian packages don't know AllowSupplementaryGroupsChristoph Kluenter
if this is set in the config, the deamons do not start anymore. From the debian changelog: clamav (0.99.2+dfsg-0+deb8u1) stable; urgency=medium * Import new Upstream. * Drop AllowSupplementaryGroups option which is default now (Closes: #822444).
2016-06-16Fix opendkim milter location (#8163).Micah
The unix socket method for connecting to the milter was incorrectly reverted, this puts it back to how it should be. Change-Id: Ifde669c920a249c782f577a112f4d45e60a889a2
2016-06-16ensure soledad server has access to x509::variableselijah
2016-06-16Disable puppet-agent daemon from running.Micah
The agent wakes up every two minutes and tries to connect to the default server, failing with a certificate warning. We don't use the agent, so we can safely disable it (#8032) Change-Id: I707f42b59205993325431aba283552b1b73a0ad1
2016-06-16Reduce check_mk timeouts (#7807).Micah
check_mk operations can take a long time (such as when doing a re-inventory using "check_mk -II") when multiple hosts are down. This decreases the connect timeout to 5 seconds. Change-Id: I1eac5f14bad2afc2ffc4cbf8c950c24b052a0d6e
2016-06-16disable rspec stage, add build stagevarac
2016-06-16fix tests/puppet/hiera.yaml for catalog testvarac
2016-06-14[bug] Fix site_obfsproxy services variable lookupvarac
After including everything into a `node default` scope in puppet/manifests/site.pp to make puppet-catalog-test happy (see commit 62ea45d47), we get this error: Error: member(): Requires array to work with at /srv/leap/puppet/modules/site_obfsproxy/manifests/init.pp:14 Moving the `services` hiera avaluation out of the node scope back to top level scope will solve this.
2016-06-14switch to two-space soft tabs to fix lint errorMicah
Change-Id: Ic12b243b195e40482a70dd70219212c3697899ba
2016-06-14make sure required x509 bits are there before stunnel is startedMicah
Change-Id: I772c3b6e489e3c1848c45c6bcaa240324fc88928
2016-06-14Ensure stunnel package, service and default ordering.Micah Anderson
2016-06-14update stunnel module for refresh_stunnel fixesMicah
Change-Id: I7675dbaba4d896a62dab9fcf4817092ea69f1298
2016-06-14added catalog test to .gitlab-ci.ymlvarac
2016-06-14squirrel fails on syntax:templatesvarac
2016-06-14Improved Rakefilevarac
2016-06-13Merge branch 'gitlab-ci' into developvarac
2016-06-12add initial .gitlab-ci.ymlvarac
2016-06-11Added rake task catalog:all to test catalog compilevarac
2016-06-11add test provider for catalog compile testvarac
2016-06-11Move custom functions to site_config modulevarac
2016-06-11use node default {} in site.pp for catalog testvarac
2016-06-07refresh_stunnel sometimes doesn't run (#8168).Micah
It turns out that in some corner-cases, the script is not called: (1) start the deploy, create files in /var/lib/puppet/stunnel4/config (2) halt puppet before apply finishes (3) re-run deploy in this scenario, next time you run deploy, refresh_stunnel will never get called to populate /etc/stunnel, because the files in /var/lib/puppet/stunnel4/config haven't changed. This problem can be really confusing when it happens. To fix this, we just run refresh_stunnel every, it is pretty fast and the script has more complete logic for what to do than puppet, which has only an asymmetrical view on the situation. Change-Id: I9e5fad1d081c2fe07f3ac8f07cfb87d86b88f7c9
2016-06-07push to execute post-receivekwadronaut
2016-06-07push to execute post-receivekwadronaut
2016-06-07Merge remote-tracking branch 'origin/0.8.x' into developvarac
2016-06-07Merge remote-tracking branch 'origin/0.8.x' into developvarac
2016-06-07Merge branch '0.8.x' into '0.8.x' Varac
Fix opendkim milter location (#8163). The unix socket method for connecting to the milter was incorrectly reverted, this puts it back to how it should be. Change-Id: Ifde669c920a249c782f577a112f4d45e60a889a2 See merge request !4
2016-06-06Merge pull request #106 from ↵varac
pixelated/AllowSupplementaryGroups_not_valid_anymore debian packages don't know AllowSupplementaryGroups
2016-06-06debian packages don't know AllowSupplementaryGroupsChristoph Kluenter
if this is set in the config, the deamons do not start anymore. From the debian changelog: clamav (0.99.2+dfsg-0+deb8u1) stable; urgency=medium * Import new Upstream. * Drop AllowSupplementaryGroups option which is default now (Closes: #822444).
2016-06-03auto run bundler when needed for site_staticelijah
2016-06-02Fix opendkim milter location (#8163).Micah
The unix socket method for connecting to the milter was incorrectly reverted, this puts it back to how it should be. Change-Id: Ifde669c920a249c782f577a112f4d45e60a889a2
2016-06-02ensure soledad server has access to x509::variableselijah
2016-06-01ensure soledad server has access to x509::variableselijah
2016-06-01Merge branch 'disable_agent' into '0.8.x' Varac
Disable puppet-agent daemon from running. The agent wakes up every two minutes and tries to connect to the default server, failing with a certificate warning. We don't use the agent, so we can safely disable it (#8032) Change-Id: I707f42b59205993325431aba283552b1b73a0ad1 See merge request !1
2016-06-01Merge branch 'timeout_7807' into '0.8.x' Varac
Reduce check_mk timeouts (#7807). check_mk operations can take a long time (such as when doing a re-inventory using "check_mk -II") when multiple hosts are down. This decreases the connect timeout to 5 seconds. Change-Id: I1eac5f14bad2afc2ffc4cbf8c950c24b052a0d6e See merge request !2
2016-05-31Reduce check_mk timeouts (#7807).Micah
check_mk operations can take a long time (such as when doing a re-inventory using "check_mk -II") when multiple hosts are down. This decreases the connect timeout to 5 seconds. Change-Id: I1eac5f14bad2afc2ffc4cbf8c950c24b052a0d6e
2016-05-31Disable puppet-agent daemon from running.Micah
The agent wakes up every two minutes and tries to connect to the default server, failing with a certificate warning. We don't use the agent, so we can safely disable it (#8032) Change-Id: I707f42b59205993325431aba283552b1b73a0ad1
2016-05-26fix typo that prevented common.ENV.json from being loaded. closes #7697elijah
2016-05-20[feat] Automatic couchdb db compactionvarac
Automatic background couchdb db compaction frees a huge amount of diskspace. - Resolves: #8118
2016-05-18Merge branch 'tests' into developvarac
2016-05-17update submodules so "rake test" doesnt complain anymorevarac
2016-05-17ignore Gemfile.lockvarac
2016-05-17[lint] make future parser happyvarac
2016-05-17Add syntaxcheck and lint rake tasks to platformvarac
`rake test` will run all puppet checks required for CI (syntax , validate, templates, spec, lint). We ignore lint checks for submodules for now because puppet-lint would complain a lot!