leap_platform.git - [leap

Age	Commit message (Collapse)	Author
2015-08-19	allow ca_cert_uri to be configured	elijah

2015-08-07	move 'enabled service' calculation to a macro.	elijah

2015-05-05	take advantage of improved environment binding in leap_cli (requires v 1.7.1)	elijah

2014-11-24	fixed bug when there is no vpn service	elijah

2014-11-10	openvpn - support customizing --fragment, and set default to 1400	elijah

2014-06-02	added support for /provider.json served from static site.	elijah

2014-05-20	add support for webapp on subdomain	elijah

2014-04-08	minor: allow manual override of 'services' in provider.json	elijah

2014-03-20	allow ability to customize openvpn security stuff: tls-cipher, auth, and ↵	elijah
	cipher config options.
2014-03-14	added support for environment specific providers (e.g. ↵	elijah
	provider.production.json). requires latest leap_cli.
2013-11-01	Change SMTP port to 465 in smtp-service.json (Feature #4339)	varac

2013-08-31	postfix enable submission port using starttls, so the client can transition ↵	Micah Anderson
	to the more restrictive TLS wrapper mode Change-Id: I2a1728788378d9a1b79155ddb9bb4b0464b16baa
2013-08-29	Make TLS-required smtps (465) be port for sending SMTP. This is preferred ↵	Micah Anderson
	over 25 because that is typically blocked, and we cannot force TLS on that port due to other MTAs not being configured for this century. We don't use submission (568) because that uses STARTTLS, and the STARTTLS banner can easily be stripped by an adversary. (#3604) . enable smtps (port 465) for client submission over TLS, and require that TLS is enabled . add 465 to the allowed open ports in the firewall . change the smtp-service.json to use 465 instead of 25 note: I did not use the 'use_smtps' parameter that is available in the postfix class because it added some options that we do not want/need. Change-Id: I0040eb2dff6008a1c830d59df9963eb83dc9ea02
2013-07-04	bugfix - properly generate provider.json file.	elijah

2013-06-04	add support for client-side collection of facter facts.	elijah

2013-05-21	only advertise services that are actually deployed (in public provider.json)	elijah

2013-05-17	minor - webapp api port should be integer, not string.	elijah

2013-05-14	added smtp-service.json, requires latest leap_cli	elijah

2013-04-30	added soledad-service.json	elijah

2013-04-24	provider base - service definitions are now versioned (requires new leap_cli)	elijah

2013-04-18	provider.json 'domain' entry should match the domain suffix of the node.	elijah

2013-03-17	added support for "limited" service levels (although vpn is not yet actually ↵	elijah
	rate limited).
2013-03-16	the development tag now specifies an alternative provider domain. this ↵	elijah
	requires that we use domain.full_suffix instead of provider.domain, whenever possible.
2013-02-27	openvpn -- added support for optional "free" rate-limited service via ↵	elijah
	special client certificates with the FREE prefix in the common name.
2013-01-13	added ability to customize the webapp appearance	elijah

2012-12-19	webapp api now uses a customizable port (so that we don't try to rely on SNI ↵	elijah
	for hosting two TLS domains on one IP).
2012-11-23	fix bugs in eip-service.json template	elijah

2012-11-17	added missing fingerprint of ca cert to provider definition	elijah

2012-11-15	added eip-service.json	elijah

2012-11-14	added provider_base (latest leap_cli required)	elijah