summaryrefslogtreecommitdiff
path: root/provider_base/common.json
AgeCommit message (Collapse)Author
2016-09-01added support for Let's Encryptelijah
2016-08-04switch to deb.d.o from httpredir.d.o (#8288).Micah
The deb.debian.org method may be a better one than httpredir: . deb.debian.org is maintained much more reliably than httpredir . httpredir is backed by the mirror network; deb.d.o is by a CDN . httpredir redirects to the mirror network. deb.d.o is a cache that sits in front of ftp.d.o (and security, and debug, and ports) . one potential disadvantage: deb.d.o's CDN is a commercial service (fastly) that donates its traffic to debian . in stretch and later, apt uses the SRV records of deb.d.o to find places instead of HTTP redirects . local peering arrangements of fastly are likely to result in mirror choices that are more local (and thus faster) to the machine Peering arrangements for the deb.d.o CDN can be seen here: https://www.peeringdb.com/asn/54113 Change-Id: I4dee089a3b2f674860bfff21eb25a6e37c491d32
2016-04-10pin nickserver source to origin/version/0.8elijah
2016-01-26pin webapp to 0.8elijah
2015-12-10[bug] Configure default sources.platform.apt.basicvarac
Providing a custom sources.platform.apt.basic value worked with the last commit, but without that the platform would fail. So we provide a default value now in provider_base/common.json, which can get overridden.
2015-10-06[feat] Remove tapicero from more placesvarac
Remove from: - platform white-box tests (couchdb user ACLs, tapicero daemon test) - provider_base/ dir that handles the compilation of the hiera config file - Resolves: #7501
2015-09-24added firewall information to nodes (needed for `leap compile firewall`)elijah
2015-09-10sshd: let nodes change default AllowTcpForwardingelijah
2015-06-30pin leap_web to 0.7.1elijah
2015-05-06Merge branch '0.7.0' into developMicah Anderson
2015-05-06Change http.debian.net to now official name: httpredir.debian.org (#6932)Micah Anderson
Change-Id: I1e411ef3ffa2ef7fdcae90081f530f44023a96b6
2015-05-05improved `leap cert csr` error messageelijah
2015-03-30set platform version 0.7elijah
2015-03-18pin webapp to version/0.6.1elijah
2015-02-04upgrade to tapicero 0.6.1, to remove auth in process list (closes #6697)elijah
2015-02-04consolidate sources into common.jsonelijah
2015-01-27provide way to customize all three apt sources urls (basic, security, backports)varac
Change-Id: I5542b320bb1edb52c63350b5e4fd2af681991fb5
2015-01-27provide apt.url key that can be customized in provider.jsonvarac
Change-Id: Ic8bcca7fde25b4eb540aab8cc4114748b9b2cfd7
2014-10-21update platform to take advantage of new platform.rb. requires leap_cli 1.6elijah
2014-06-25new generic system for stunnel: just `include site_stunnel` and stunnel + ↵elijah
needed shorewall will be automatically set up. requires new leap_cli
2014-06-25fix commercial cert usage with mx and monitor nodes.elijah
2014-06-25more friendly error message in `leap compile` when commercial certificate is ↵elijah
missing.
2014-03-14added support for environment specific providers (e.g. ↵elijah
provider.production.json). requires latest leap_cli.
2014-02-09deploy a valid /etc/ssh/ssh_known_hosts for all nodes (requires new leap_cli)elijah
2013-12-18set x509 use to true for all nodes, we need a cert for relaying usingMicah Anderson
TLS (#1910) Change-Id: I347178f2a172e4be6af8c0c76d801b3c769235cd
2013-10-10added mail.smarthost variable to hieravarac
2013-10-10provide global.provider.contacts.default on every node, no need to add in ↵varac
services/mx.json again
2013-06-25add hash for authorized_keys to common.jsonelijah
2013-05-30site_sshd -- added xterm title, optional support for moshelijah
2013-05-27common.json - default all nodes to be 'enabled'elijah
2013-04-30added soledad-service.jsonelijah
2013-03-08node environment: switch from production=true to environment=production. ↵elijah
requires latest leap_cli
2013-02-08minor changes to default json: give common a name, add contacts.defaultelijah
2013-02-08make monitor service include the nodes that are of a similar type (e.g. ↵elijah
production or local).
2013-01-27added 'development' hiera hash to exclude certain class for better testingvarac
2013-01-26service_type: internal_service as defaultvarac
2012-12-08minor - fix hint.elijah
2012-12-07added hostname tracking and late evaluation. new key "hosts" added, for ↵elijah
building /etc/hosts. also, now ssh.known_hosts only includes what is necessary.
2012-11-27fix webapp: only list couchdb hosts that match node's 'local' value.elijah
2012-11-24new leap_cli sets local tag automatically.elijah
2012-11-21added x509.commercial_ca_cert. x509.ca_cert is now optional, except for webapp.elijah
2012-11-20add ca_cert key because we will need to place the cert into the webroot on ↵Micah Anderson
the webapp
2012-11-14added provider_base (latest leap_cli required)elijah