Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-02-04 | consolidate sources into common.json | elijah | |
2014-12-10 | https://leap.se/code/issues/6477#note-11 | varac | |
Change-Id: I3094be3ef60108f4f2cad5239b0b2f288b39620d | |||
2014-12-09 | add 'local' contactgroup to local environmet monitoring node | varac | |
Change-Id: I1618a8c7f2f7c905b354dbe363fc91b690725479 | |||
2014-12-02 | Change nagios mail To: Header to contain the actual platform environment's ↵ | Micah Anderson | |
contact email (Bug #6466) Change-Id: Ib86ae771e0ac3b6f329a517a8a31c9ec54d33a05 | |||
2014-11-24 | bind webapp to version/0.6 branch | elijah | |
2014-11-10 | change default openvpn fragment size back to 1500 so we don't break backward ↵ | elijah | |
compatibility with older clients | |||
2014-11-10 | openvpn - support customizing --fragment, and set default to 1400 | elijah | |
2014-11-04 | tor - to activate hidden service, now set tor.hidden_service.active = true | elijah | |
2014-10-31 | add support for property tor.key | elijah | |
2014-10-29 | added webapp.forbidden_usernames property to allow configuration of ↵ | elijah | |
usernames to block. | |||
2014-10-08 | every environment is defined as nagios hostsgroup (#5216) | varac | |
Change-Id: I6508ce0d06b37a1c5601a0e981a59f7fda47f76a | |||
2014-09-23 | couch: for neighbors, use 'couch.mode' instead of 'couch.master' (which ↵ | elijah | |
might be false even for multimaster). closes #6064 | |||
2014-08-26 | default to multimaster if no nodes are defined as master | elijah | |
2014-07-29 | fix haproxy_servers call with couchdb default port | Azul | |
2014-07-29 | Merge remote-tracking branch 'fbernitt/issue_5217_allow_registration' into ↵ | Azul | |
develop | |||
2014-07-16 | haproxy connects to a local couch if available | Azul | |
When running a service that requires couch (webapp or mx) on a node that also had couch running the haproxy was confused because it did not have an stunnel port for the local couch. Emit a more useful error and fixed this for webapp and mx | |||
2014-07-11 | Added allow_registration to webapp config.yml. | Folker Bernitt | |
- See issue #5217 - See companion change in leap_web | |||
2014-07-01 | Use new macro pick_node to pick vpn gateway for obfsproxy.json | irregulator | |
2014-07-01 | A vpn node picks its openvpn.gateway as obfsproxy gateway address | irregulator | |
2014-07-01 | Attach node's name to scramblesuit password and port secrets | irregulator | |
This makes every node with obfsproxy service have unique port and password for scramblesuit pluggable transport. | |||
2014-07-01 | Include obfsproxy descriptors in openvpn.json | irregulator | |
This is needed so as obfsproxy service is automatically deployed along with eip service. | |||
2014-07-01 | Use the try method to pick vpn gateway address in obfsproxy.json | irregulator | |
2014-07-01 | Pick gateway address either from self or another openvpn node | irregulator | |
2014-07-01 | Reflect change in leap_cli, use rand_range macro | irregulator | |
2014-07-01 | Initial commit for obfsproxy server feature in platform | irregulator | |
2014-06-27 | added error() macro. | elijah | |
2014-06-25 | hand replication credentials to tapicero | Azul | |
2014-06-25 | fix stunnel entries in mx.json and webapp.json | elijah | |
2014-06-25 | add replication user | Azul | |
2014-06-25 | tmp comment out error if no master nodes defined | elijah | |
2014-06-25 | new generic system for stunnel: just `include site_stunnel` and stunnel + ↵ | elijah | |
needed shorewall will be automatically set up. requires new leap_cli | |||
2014-06-25 | couchdb: generate hiera files suitable for plain couchdb + read-only mirrors | elijah | |
2014-06-25 | more friendly error message in `leap compile` when commercial certificate is ↵ | elijah | |
missing. | |||
2014-06-17 | allow webapp.json to configure what engines are enabled | elijah | |
2014-06-02 | static site: gracefully handle static sites that are not configured. | elijah | |
2014-06-02 | static site: added rack support, added custom apache config | elijah | |
2014-06-02 | added support for /provider.json served from static site. | elijah | |
2014-05-20 | add support for webapp on subdomain | elijah | |
2014-05-17 | fix bug with empty tor families | elijah | |
2014-05-13 | Revert "update cipher configuration for openvpn to use the IANA name" | Micah Anderson | |
This reverts commit ae50675e9095750cee9810237fb6b9f60030dae4. Older openssl implementations (wheezy, android, others) aren't able to parse this newer string, so reverting to the deprecated name until we are sure the support is there | |||
2014-05-06 | update cipher configuration for openvpn to use the IANA name, due to | Micah Anderson | |
deprecation warning: 2014-05-06 18:10:23,594 - INFO - L#826 : leap.openvpn:outReceived() - Tue May 6 18:10:23 2014 Deprecated TLS cipher name 'DHE-RSA-AES128-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-128-CBC-SHA' Change-Id: I159b26604993d38806fcb7c2ed8f6de8138999f7 | |||
2014-05-06 | add the tun-ipv6 configuration to the eip-service (#4163) | Micah Anderson | |
Change-Id: I4781f0c3e1c74f5a45217a4d631603fa1a622fd6 | |||
2014-04-24 | bring service_levels into webapp config - #5527 | Azul | |
including the default_service_level | |||
2014-04-24 | tor: provide a default 'nickname' (something like | Micah Anderson | |
"rabbitLKJYW23695JGLKJ" where rabbit is the node name). Stop shipping a static 'family' and instead provide a comma separated list of node tor nicknames. (#5220) Change-Id: I479f460ab230ad440f72c78dc6362983387ce12a | |||
2014-04-05 | revert openvpn tls-cipher: closes https://leap.se/code/issues/5429 | elijah | |
2014-04-05 | openvpn: allow for configurable keepalive (aka ping & ping-restart) closes ↵ | elijah | |
https://leap.se/code/issues/4127 | |||
2014-04-04 | Merge branch '0.5' into develop | Micah Anderson | |
Conflicts: provider_base/services/tor.json Change-Id: I826579945a0d93c43384f0fd12c9833762b084cf | |||
2014-04-02 | Merge pull request #20 from elijh/feature/openvpn-config | varac | |
allow ability to customize openvpn security options | |||
2014-04-01 | Fix for Openstack/Amazon special case needing to allow ec2_public_ipv4 | Micah Anderson | |
in mynetworks (#5427) Change-Id: Iee954f8cacd852f8c7c598c68a8793a3523c0132 | |||
2014-04-01 | Include all the ips that are allowed to send mail through the relay in | Micah Anderson | |
the mynetworks parameter. Previously we only allowed other mx servers to relay to each other, but this prevents system mail from non-mx nodes from getting out. Fixes "Helo command rejected: You are not in domain bitmask.net (in reply to RCPT TO command))" (#5343) Change-Id: I5e204958cb235808eedc3a1724fb2dc6c7a5b73b |