summaryrefslogtreecommitdiff
path: root/provider_base/services
AgeCommit message (Collapse)Author
2013-04-02added password salt to services/couchdb.json (requires latest leap_cli)elijah
2013-03-28added stunnel_serverelijah
2013-03-19add webapp secret token that pulls from hiera a 'secret'Micah Anderson
2013-03-19create a separate couchdb.yml.admin that contains the couchdb admin ↵Micah Anderson
privileges, putting the unprivileged ones in as user webapp in couchdb.yml. This allows us to migrate the couchdb design docs on deployment, but use an unprivileged user the remainder of the time
2013-03-17added support for "limited" service levels (although vpn is not yet actually ↵elijah
rate limited).
2013-03-16the development tag now specifies an alternative provider domain. this ↵elijah
requires that we use domain.full_suffix instead of provider.domain, whenever possible.
2013-03-12Merge branch 'feature/bigcouch' into developvarac
Conflicts: provider_base/services/couchdb.json
2013-03-10added bigcouch:cookie to services/couchdb.jsonvarac
2013-03-08couch - explicitly configure couch portelijah
2013-03-08node environment: switch from production=true to environment=production. ↵elijah
requires latest leap_cli
2013-03-05change json comment to '//'elijah
2013-02-27openvpn -- added support for optional "free" rate-limited service via ↵elijah
special client certificates with the FREE prefix in the common name.
2013-02-12temporarily make the webapp use the admin couchdb user. waiting on ↵elijah
https://leap.se/code/issues/1163
2013-02-08changed contact_email to tor.contactselijah
2013-02-08make monitor service include the nodes that are of a similar type (e.g. ↵elijah
production or local).
2013-02-06tor service defaultsvarac
2013-01-28update services/monitoring.json to include openvpn_gateway_addressvarac
2013-01-28added 'monitor' service to provider_baseelijah
2013-01-21client ca -- configure the webapp with the client caelijah
2013-01-13added ability to customize the webapp appearanceelijah
2012-12-19webapp api now uses a customizable port (so that we don't try to rely on SNI ↵elijah
for hosting two TLS domains on one IP).
2012-12-18ca daemon -- ca daemon needs the x509 cert/key for the CA, not for the server.elijah
2012-12-07added hostname tracking and late evaluation. new key "hosts" added, for ↵elijah
building /etc/hosts. also, now ssh.known_hosts only includes what is necessary.
2012-12-07ca -> ca_daemon in site.pp and services/ca.jsonvarac
2012-12-07added couchdb hiera variables to services/ca.jsonvarac
2012-11-28updated service templates to reflect new command nameselijah
2012-11-27fix webapp: only list couchdb hosts that match node's 'local' value.elijah
2012-11-23get rid of paths in webapp.json, use symbolic filenames instead.elijah
2012-11-22clean up openvpn and x509 pathselijah
2012-11-21added x509.commercial_ca_cert. x509.ca_cert is now optional, except for webapp.elijah
2012-11-17added better warnings to openvpn service when files are missingelijah
2012-11-17added commercial_cert to webappelijah
2012-11-15added eip-service.jsonelijah
2012-11-14added provider_base (latest leap_cli required)elijah