Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-07-01 | Include obfsproxy descriptors in openvpn.json | irregulator | |
This is needed so as obfsproxy service is automatically deployed along with eip service. | |||
2014-07-01 | Use the try method to pick vpn gateway address in obfsproxy.json | irregulator | |
2014-07-01 | Pick gateway address either from self or another openvpn node | irregulator | |
2014-07-01 | Reflect change in leap_cli, use rand_range macro | irregulator | |
2014-07-01 | Initial commit for obfsproxy server feature in platform | irregulator | |
2014-06-27 | added error() macro. | elijah | |
2014-06-25 | hand replication credentials to tapicero | Azul | |
2014-06-25 | fix stunnel entries in mx.json and webapp.json | elijah | |
2014-06-25 | add replication user | Azul | |
2014-06-25 | tmp comment out error if no master nodes defined | elijah | |
2014-06-25 | new generic system for stunnel: just `include site_stunnel` and stunnel + ↵ | elijah | |
needed shorewall will be automatically set up. requires new leap_cli | |||
2014-06-25 | couchdb: generate hiera files suitable for plain couchdb + read-only mirrors | elijah | |
2014-06-25 | more friendly error message in `leap compile` when commercial certificate is ↵ | elijah | |
missing. | |||
2014-06-17 | allow webapp.json to configure what engines are enabled | elijah | |
2014-06-02 | static site: gracefully handle static sites that are not configured. | elijah | |
2014-06-02 | static site: added rack support, added custom apache config | elijah | |
2014-06-02 | added support for /provider.json served from static site. | elijah | |
2014-05-20 | add support for webapp on subdomain | elijah | |
2014-05-17 | fix bug with empty tor families | elijah | |
2014-05-13 | Revert "update cipher configuration for openvpn to use the IANA name" | Micah Anderson | |
This reverts commit ae50675e9095750cee9810237fb6b9f60030dae4. Older openssl implementations (wheezy, android, others) aren't able to parse this newer string, so reverting to the deprecated name until we are sure the support is there | |||
2014-05-06 | update cipher configuration for openvpn to use the IANA name, due to | Micah Anderson | |
deprecation warning: 2014-05-06 18:10:23,594 - INFO - L#826 : leap.openvpn:outReceived() - Tue May 6 18:10:23 2014 Deprecated TLS cipher name 'DHE-RSA-AES128-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-128-CBC-SHA' Change-Id: I159b26604993d38806fcb7c2ed8f6de8138999f7 | |||
2014-05-06 | add the tun-ipv6 configuration to the eip-service (#4163) | Micah Anderson | |
Change-Id: I4781f0c3e1c74f5a45217a4d631603fa1a622fd6 | |||
2014-04-24 | bring service_levels into webapp config - #5527 | Azul | |
including the default_service_level | |||
2014-04-24 | tor: provide a default 'nickname' (something like | Micah Anderson | |
"rabbitLKJYW23695JGLKJ" where rabbit is the node name). Stop shipping a static 'family' and instead provide a comma separated list of node tor nicknames. (#5220) Change-Id: I479f460ab230ad440f72c78dc6362983387ce12a | |||
2014-04-05 | revert openvpn tls-cipher: closes https://leap.se/code/issues/5429 | elijah | |
2014-04-05 | openvpn: allow for configurable keepalive (aka ping & ping-restart) closes ↵ | elijah | |
https://leap.se/code/issues/4127 | |||
2014-04-04 | Merge branch '0.5' into develop | Micah Anderson | |
Conflicts: provider_base/services/tor.json Change-Id: I826579945a0d93c43384f0fd12c9833762b084cf | |||
2014-04-02 | Merge pull request #20 from elijh/feature/openvpn-config | varac | |
allow ability to customize openvpn security options | |||
2014-04-01 | Fix for Openstack/Amazon special case needing to allow ec2_public_ipv4 | Micah Anderson | |
in mynetworks (#5427) Change-Id: Iee954f8cacd852f8c7c598c68a8793a3523c0132 | |||
2014-04-01 | Include all the ips that are allowed to send mail through the relay in | Micah Anderson | |
the mynetworks parameter. Previously we only allowed other mx servers to relay to each other, but this prevents system mail from non-mx nodes from getting out. Fixes "Helo command rejected: You are not in domain bitmask.net (in reply to RCPT TO command))" (#5343) Change-Id: I5e204958cb235808eedc3a1724fb2dc6c7a5b73b | |||
2014-03-26 | contacts.tor must be an array | elijah | |
2014-03-23 | modules/site_static: part 1 - amber | elijah | |
2014-03-20 | allow ability to customize openvpn security stuff: tls-cipher, auth, and ↵ | elijah | |
cipher config options. | |||
2014-03-14 | added support for environment specific providers (e.g. ↵ | elijah | |
provider.production.json). requires latest leap_cli. | |||
2014-02-27 | Merge branch 'webapp_check' into 0.6 | varac | |
2014-02-27 | Merge branch 'one_monitornode_rules_them_all' into 0.6 | varac | |
2014-02-27 | fixed more places where passwords were set to the wrong environment. | elijah | |
2014-02-27 | fixed more places where passwords were set to the wrong environment. | elijah | |
2014-02-27 | include nagios_test user credentials in webapp hiera files | varac | |
2014-02-27 | provide nagios_test_pw in hiera files | varac | |
2014-02-27 | new monitor hosts rule: local environment monitors just see local machines, ↵ | elijah | |
other monitors see the nodes from all environments (except local) | |||
2014-02-27 | fixed horrible bug that caused all environments to use the same couchdb ↵ | elijah | |
soledad password. | |||
2014-02-27 | fixed horrible bug that caused all environments to use the same couchdb ↵ | elijah | |
soledad password. | |||
2014-02-12 | include monitor node also into nagios hash so check-mk-agent can run on ↵ | varac | |
monitor host itself via ssh to localhost (requires latest leap_cli) | |||
2014-02-12 | include monitor node into hosts hash so check-mk-agent can run on monitor ↵ | varac | |
host itself via ssh to localhost (requires latest leap_cli) | |||
2014-02-10 | Merge remote-tracking branch 'elijah/feature/known_hosts' into 4982_check_mk | varac | |
Conflicts: platform.rb | |||
2014-02-09 | deploy a valid /etc/ssh/ssh_known_hosts for all nodes (requires new leap_cli) | elijah | |
2014-02-07 | Merge remote-tracking branch 'origin/develop' into 4982_check_mk | varac | |
Conflicts: platform.rb provider_base/services/monitor.json | |||
2014-02-07 | monitor nodes get all nodes listed in /etc/hosts | elijah | |
2014-02-06 | added support for monitor ssh keys (requires latest leap_cli) | elijah | |