Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-06-28 | static - gracefully handle incorrect static site configs | elijah | |
2017-05-30 | static - support for renewing certs with let's encrypt for static sites | elijah | |
2017-05-10 | Nickserver direct access to couchdb on same node | varac | |
Depending whether couchdb is running on the same node as nickserver, couchdb is available on localhost: - When couchdb is running on a different node: Via stunnel, which is bound to 4000. - When couchdb is running on the same node: On port 5984 Resolves: #8793 | |||
2017-04-27 | Merge remote-tracking branch 'origin/merge-requests/77' | varac | |
2017-04-25 | Add single-hop hidden service capability. | Micah Anderson | |
This cuts the number of hops for a tor onion service from 6 to 3, speeding it up considerably. This removes the anonymity aspect of the service, so it must be enabled intentionally, knowing that the server's location no longer is hidden. | |||
2017-03-22 | webapp: add secret_key_base to config | Azul | |
This replaces the secret_token from rails 4.1 on. Both are used for securing cookies in the browser. The secret_key_base will also encrypt the cookies while the token will only sign them. Keeping the token in there for now allows us to migrate existing sessions / cookies to the new secrets. We can remove it in the next version once all providers have run with secret_key_base for a while. | |||
2017-03-15 | Direct connection when couch runs locally | varac | |
2017-03-15 | [8144] Remove Haproxy | varac | |
We used haproxy because we had multiple bigcouch nodes but now with a single couchdb node this is not needed anymore. - Resolves: #8144 | |||
2016-12-22 | bugfix: don't block commercial certs for mx servers | elijah | |
2016-12-19 | bugfix: mx service does not require a commercial certificate | elijah | |
2016-10-20 | [bug] properly set 'enrollment_policy' in provider.json | elijah | |
2016-10-04 | [bug] fix Tor hidden service key generation | elijah | |
2016-04-08 | tests: include _api_tester partial for couchdb nodes. | elijah | |
2016-04-08 | partials - add support for leap_cli's inheritable service partials (requires ↵ | elijah | |
latest develop branch leap_cli) | |||
2016-04-08 | minor: remove _api_tester.json from soledad test. | elijah | |
2016-04-05 | testing: adds mx delivery tests | elijah | |
2016-02-26 | plain couchdb now required, bigcouch support disabled. | elijah | |
2016-02-23 | allow legacy plain couchdb nodes to stay couchdb nodes, although issue a ↵ | elijah | |
warning. | |||
2016-02-23 | added templates for `leap node add`, so that new nodes can get default ↵ | elijah | |
values set in their initial .json file. | |||
2016-02-23 | default to plain couchdb, unless otherwise specified. | elijah | |
# Conflicts: # puppet/modules/site_couchdb/manifests/plain.pp | |||
2016-02-23 | get dkim working, closes #5924 | elijah | |
2016-02-10 | resolves #7646: leap_cli should fail when soledad and couchdb service are ↵ | elijah | |
seperated | |||
2015-10-27 | [bug] Add leap_mx username to soledad.conf | varac | |
- Tested: [unstable.pixelated-project.org] - Related: https://github.com/pixelated/pixelated-platform/issues/127 | |||
2015-10-13 | add clamav filtering, with sanesecurity signature updating and provider ↵ | Micah | |
whitelisting (#3625) Change-Id: I15985ca00ee95bc62855f098a78e364ebbc32616 | |||
2015-10-06 | [feat] Remove tapicero from more places | varac | |
Remove from: - platform white-box tests (couchdb user ACLs, tapicero daemon test) - provider_base/ dir that handles the compilation of the hiera config file - Resolves: #7501 | |||
2015-09-24 | added firewall information to nodes (needed for `leap compile firewall`) | elijah | |
2015-09-09 | ensure that the webapp has the service levels config it requires. | elijah | |
2015-09-03 | service definition .json files should not refer to properties inherited from ↵ | elijah | |
common.json. closes #7423 | |||
2015-08-31 | mx: added mx.key_lookup_domain property | elijah | |
2015-08-19 | allow ca_cert_uri to be configured | elijah | |
2015-08-03 | webapp: add support for customizing locales | elijah | |
2015-07-28 | Support RBL blocking of incoming mail (#5923) | Micah Anderson | |
Set zen.spamhaus as the default rbl Change-Id: Ic3537d645c80ba42267bab370a1cf77730382158 | |||
2015-04-30 | added a bunch more forbidden usernames0.7.0rc1 | elijah | |
2015-04-21 | block username 'vmail' | elijah | |
2015-03-30 | added support for rotating couchdb databases. | elijah | |
2015-03-19 | don't set a lower --fragment by default yet (not compatible with android client) | elijah | |
2015-03-05 | change default MTU to 1400 (#6745) | Micah Anderson | |
Change-Id: Ia4b93776c6ae316b47f6e0b8e2763aa6fa9cab92 | |||
2015-02-04 | consolidate sources into common.json | elijah | |
2014-12-10 | https://leap.se/code/issues/6477#note-11 | varac | |
Change-Id: I3094be3ef60108f4f2cad5239b0b2f288b39620d | |||
2014-12-09 | add 'local' contactgroup to local environmet monitoring node | varac | |
Change-Id: I1618a8c7f2f7c905b354dbe363fc91b690725479 | |||
2014-12-02 | Change nagios mail To: Header to contain the actual platform environment's ↵ | Micah Anderson | |
contact email (Bug #6466) Change-Id: Ib86ae771e0ac3b6f329a517a8a31c9ec54d33a05 | |||
2014-11-24 | bind webapp to version/0.6 branch | elijah | |
2014-11-10 | change default openvpn fragment size back to 1500 so we don't break backward ↵ | elijah | |
compatibility with older clients | |||
2014-11-10 | openvpn - support customizing --fragment, and set default to 1400 | elijah | |
2014-11-04 | tor - to activate hidden service, now set tor.hidden_service.active = true | elijah | |
2014-10-31 | add support for property tor.key | elijah | |
2014-10-29 | added webapp.forbidden_usernames property to allow configuration of ↵ | elijah | |
usernames to block. | |||
2014-10-08 | every environment is defined as nagios hostsgroup (#5216) | varac | |
Change-Id: I6508ce0d06b37a1c5601a0e981a59f7fda47f76a | |||
2014-09-23 | couch: for neighbors, use 'couch.mode' instead of 'couch.master' (which ↵ | elijah | |
might be false even for multimaster). closes #6064 | |||
2014-08-26 | default to multimaster if no nodes are defined as master | elijah | |