Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-09-01 | added support for Let's Encrypt | elijah | |
2016-08-04 | switch to deb.d.o from httpredir.d.o (#8288). | Micah | |
The deb.debian.org method may be a better one than httpredir: . deb.debian.org is maintained much more reliably than httpredir . httpredir is backed by the mirror network; deb.d.o is by a CDN . httpredir redirects to the mirror network. deb.d.o is a cache that sits in front of ftp.d.o (and security, and debug, and ports) . one potential disadvantage: deb.d.o's CDN is a commercial service (fastly) that donates its traffic to debian . in stretch and later, apt uses the SRV records of deb.d.o to find places instead of HTTP redirects . local peering arrangements of fastly are likely to result in mirror choices that are more local (and thus faster) to the machine Peering arrangements for the deb.d.o CDN can be seen here: https://www.peeringdb.com/asn/54113 Change-Id: I4dee089a3b2f674860bfff21eb25a6e37c491d32 | |||
2016-04-10 | pin nickserver source to origin/version/0.8 | elijah | |
2016-01-26 | pin webapp to 0.8 | elijah | |
2015-12-10 | [bug] Configure default sources.platform.apt.basic | varac | |
Providing a custom sources.platform.apt.basic value worked with the last commit, but without that the platform would fail. So we provide a default value now in provider_base/common.json, which can get overridden. | |||
2015-10-06 | [feat] Remove tapicero from more places | varac | |
Remove from: - platform white-box tests (couchdb user ACLs, tapicero daemon test) - provider_base/ dir that handles the compilation of the hiera config file - Resolves: #7501 | |||
2015-09-24 | added firewall information to nodes (needed for `leap compile firewall`) | elijah | |
2015-09-10 | sshd: let nodes change default AllowTcpForwarding | elijah | |
2015-06-30 | pin leap_web to 0.7.1 | elijah | |
2015-05-06 | Merge branch '0.7.0' into develop | Micah Anderson | |
2015-05-06 | Change http.debian.net to now official name: httpredir.debian.org (#6932) | Micah Anderson | |
Change-Id: I1e411ef3ffa2ef7fdcae90081f530f44023a96b6 | |||
2015-05-05 | improved `leap cert csr` error message | elijah | |
2015-03-30 | set platform version 0.7 | elijah | |
2015-03-18 | pin webapp to version/0.6.1 | elijah | |
2015-02-04 | upgrade to tapicero 0.6.1, to remove auth in process list (closes #6697) | elijah | |
2015-02-04 | consolidate sources into common.json | elijah | |
2015-01-27 | provide way to customize all three apt sources urls (basic, security, backports) | varac | |
Change-Id: I5542b320bb1edb52c63350b5e4fd2af681991fb5 | |||
2015-01-27 | provide apt.url key that can be customized in provider.json | varac | |
Change-Id: Ic8bcca7fde25b4eb540aab8cc4114748b9b2cfd7 | |||
2014-10-21 | update platform to take advantage of new platform.rb. requires leap_cli 1.6 | elijah | |
2014-06-25 | new generic system for stunnel: just `include site_stunnel` and stunnel + ↵ | elijah | |
needed shorewall will be automatically set up. requires new leap_cli | |||
2014-06-25 | fix commercial cert usage with mx and monitor nodes. | elijah | |
2014-06-25 | more friendly error message in `leap compile` when commercial certificate is ↵ | elijah | |
missing. | |||
2014-03-14 | added support for environment specific providers (e.g. ↵ | elijah | |
provider.production.json). requires latest leap_cli. | |||
2014-02-09 | deploy a valid /etc/ssh/ssh_known_hosts for all nodes (requires new leap_cli) | elijah | |
2013-12-18 | set x509 use to true for all nodes, we need a cert for relaying using | Micah Anderson | |
TLS (#1910) Change-Id: I347178f2a172e4be6af8c0c76d801b3c769235cd | |||
2013-10-10 | added mail.smarthost variable to hiera | varac | |
2013-10-10 | provide global.provider.contacts.default on every node, no need to add in ↵ | varac | |
services/mx.json again | |||
2013-06-25 | add hash for authorized_keys to common.json | elijah | |
2013-05-30 | site_sshd -- added xterm title, optional support for mosh | elijah | |
2013-05-27 | common.json - default all nodes to be 'enabled' | elijah | |
2013-04-30 | added soledad-service.json | elijah | |
2013-03-08 | node environment: switch from production=true to environment=production. ↵ | elijah | |
requires latest leap_cli | |||
2013-02-08 | minor changes to default json: give common a name, add contacts.default | elijah | |
2013-02-08 | make monitor service include the nodes that are of a similar type (e.g. ↵ | elijah | |
production or local). | |||
2013-01-27 | added 'development' hiera hash to exclude certain class for better testing | varac | |
2013-01-26 | service_type: internal_service as default | varac | |
2012-12-08 | minor - fix hint. | elijah | |
2012-12-07 | added hostname tracking and late evaluation. new key "hosts" added, for ↵ | elijah | |
building /etc/hosts. also, now ssh.known_hosts only includes what is necessary. | |||
2012-11-27 | fix webapp: only list couchdb hosts that match node's 'local' value. | elijah | |
2012-11-24 | new leap_cli sets local tag automatically. | elijah | |
2012-11-21 | added x509.commercial_ca_cert. x509.ca_cert is now optional, except for webapp. | elijah | |
2012-11-20 | add ca_cert key because we will need to place the cert into the webroot on ↵ | Micah Anderson | |
the webapp | |||
2012-11-14 | added provider_base (latest leap_cli required) | elijah | |