leap_platform.git - [leap

Age	Commit message (Collapse)	Author
2017-10-05	Feat: split tor service into three	elijah
	The 'tor' service is now three separate services, 'tor_exit', 'tor_relay', or 'hidden_service'.
2017-06-28	static - gracefully handle incorrect static site configs	elijah

2017-05-30	static - support for renewing certs with let's encrypt for static sites	elijah

2017-05-10	Nickserver direct access to couchdb on same node	varac
	Depending whether couchdb is running on the same node as nickserver, couchdb is available on localhost: - When couchdb is running on a different node: Via stunnel, which is bound to 4000. - When couchdb is running on the same node: On port 5984 Resolves: #8793
2017-04-27	Merge remote-tracking branch 'origin/merge-requests/77'	varac

2017-04-25	Add single-hop hidden service capability.	Micah Anderson
	This cuts the number of hops for a tor onion service from 6 to 3, speeding it up considerably. This removes the anonymity aspect of the service, so it must be enabled intentionally, knowing that the server's location no longer is hidden.
2017-03-22	webapp: add secret_key_base to config	Azul
	This replaces the secret_token from rails 4.1 on. Both are used for securing cookies in the browser. The secret_key_base will also encrypt the cookies while the token will only sign them. Keeping the token in there for now allows us to migrate existing sessions / cookies to the new secrets. We can remove it in the next version once all providers have run with secret_key_base for a while.
2017-03-15	Direct connection when couch runs locally	varac

2017-03-15	[8144] Remove Haproxy	varac
	We used haproxy because we had multiple bigcouch nodes but now with a single couchdb node this is not needed anymore. - Resolves: #8144
2016-12-22	bugfix: don't block commercial certs for mx servers	elijah

2016-12-19	bugfix: mx service does not require a commercial certificate	elijah

2016-10-20	[bug] properly set 'enrollment_policy' in provider.json	elijah

2016-10-04	[bug] fix Tor hidden service key generation	elijah

2016-04-08	tests: include _api_tester partial for couchdb nodes.	elijah

2016-04-08	partials - add support for leap_cli's inheritable service partials (requires ↵	elijah
	latest develop branch leap_cli)
2016-04-08	minor: remove _api_tester.json from soledad test.	elijah

2016-04-05	testing: adds mx delivery tests	elijah

2016-02-26	plain couchdb now required, bigcouch support disabled.	elijah

2016-02-23	allow legacy plain couchdb nodes to stay couchdb nodes, although issue a ↵	elijah
	warning.
2016-02-23	added templates for `leap node add`, so that new nodes can get default ↵	elijah
	values set in their initial .json file.
2016-02-23	default to plain couchdb, unless otherwise specified.	elijah
	# Conflicts: # puppet/modules/site_couchdb/manifests/plain.pp
2016-02-23	get dkim working, closes #5924	elijah

2016-02-10	resolves #7646: leap_cli should fail when soledad and couchdb service are ↵	elijah
	seperated
2015-10-27	[bug] Add leap_mx username to soledad.conf	varac
	- Tested: [unstable.pixelated-project.org] - Related: https://github.com/pixelated/pixelated-platform/issues/127
2015-10-13	add clamav filtering, with sanesecurity signature updating and provider ↵	Micah
	whitelisting (#3625) Change-Id: I15985ca00ee95bc62855f098a78e364ebbc32616
2015-10-06	[feat] Remove tapicero from more places	varac
	Remove from: - platform white-box tests (couchdb user ACLs, tapicero daemon test) - provider_base/ dir that handles the compilation of the hiera config file - Resolves: #7501
2015-09-24	added firewall information to nodes (needed for `leap compile firewall`)	elijah

2015-09-09	ensure that the webapp has the service levels config it requires.	elijah

2015-09-03	service definition .json files should not refer to properties inherited from ↵	elijah
	common.json. closes #7423
2015-08-31	mx: added mx.key_lookup_domain property	elijah

2015-08-19	allow ca_cert_uri to be configured	elijah

2015-08-03	webapp: add support for customizing locales	elijah

2015-07-28	Support RBL blocking of incoming mail (#5923)	Micah Anderson
	Set zen.spamhaus as the default rbl Change-Id: Ic3537d645c80ba42267bab370a1cf77730382158
2015-04-30	added a bunch more forbidden usernames0.7.0rc1	elijah

2015-04-21	block username 'vmail'	elijah

2015-03-30	added support for rotating couchdb databases.	elijah

2015-03-19	don't set a lower --fragment by default yet (not compatible with android client)	elijah

2015-03-05	change default MTU to 1400 (#6745)	Micah Anderson
	Change-Id: Ia4b93776c6ae316b47f6e0b8e2763aa6fa9cab92
2015-02-04	consolidate sources into common.json	elijah

2014-12-10	https://leap.se/code/issues/6477#note-11	varac
	Change-Id: I3094be3ef60108f4f2cad5239b0b2f288b39620d
2014-12-09	add 'local' contactgroup to local environmet monitoring node	varac
	Change-Id: I1618a8c7f2f7c905b354dbe363fc91b690725479
2014-12-02	Change nagios mail To: Header to contain the actual platform environment's ↵	Micah Anderson
	contact email (Bug #6466) Change-Id: Ib86ae771e0ac3b6f329a517a8a31c9ec54d33a05
2014-11-24	bind webapp to version/0.6 branch	elijah

2014-11-10	change default openvpn fragment size back to 1500 so we don't break backward ↵	elijah
	compatibility with older clients
2014-11-10	openvpn - support customizing --fragment, and set default to 1400	elijah

2014-11-04	tor - to activate hidden service, now set tor.hidden_service.active = true	elijah

2014-10-31	add support for property tor.key	elijah

2014-10-29	added webapp.forbidden_usernames property to allow configuration of ↵	elijah
	usernames to block.
2014-10-08	every environment is defined as nagios hostsgroup (#5216)	varac
	Change-Id: I6508ce0d06b37a1c5601a0e981a59f7fda47f76a
2014-09-23	couch: for neighbors, use 'couch.mode' instead of 'couch.master' (which ↵	elijah
	might be false even for multimaster). closes #6064