Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-10-05 | Feat: Refactor tor services | Micah Anderson | |
In order to refactor the tor services, we need to split them out into three different services. This adds the hidden service class that is necessary to support the previous commits. Fixes #8864. | |||
2017-10-05 | Feat: split tor service into three | elijah | |
The 'tor' service is now three separate services, 'tor_exit', 'tor_relay', or 'hidden_service'. | |||
2017-06-28 | static - gracefully handle incorrect static site configs | elijah | |
2017-05-30 | static - support for renewing certs with let's encrypt for static sites | elijah | |
2017-05-10 | Nickserver direct access to couchdb on same node | varac | |
Depending whether couchdb is running on the same node as nickserver, couchdb is available on localhost: - When couchdb is running on a different node: Via stunnel, which is bound to 4000. - When couchdb is running on the same node: On port 5984 Resolves: #8793 | |||
2017-04-27 | Merge remote-tracking branch 'origin/merge-requests/77' | varac | |
2017-04-25 | Add single-hop hidden service capability. | Micah Anderson | |
This cuts the number of hops for a tor onion service from 6 to 3, speeding it up considerably. This removes the anonymity aspect of the service, so it must be enabled intentionally, knowing that the server's location no longer is hidden. | |||
2017-03-22 | webapp: add secret_key_base to config | Azul | |
This replaces the secret_token from rails 4.1 on. Both are used for securing cookies in the browser. The secret_key_base will also encrypt the cookies while the token will only sign them. Keeping the token in there for now allows us to migrate existing sessions / cookies to the new secrets. We can remove it in the next version once all providers have run with secret_key_base for a while. | |||
2017-03-15 | Direct connection when couch runs locally | varac | |
2017-03-15 | [8144] Remove Haproxy | varac | |
We used haproxy because we had multiple bigcouch nodes but now with a single couchdb node this is not needed anymore. - Resolves: #8144 | |||
2016-12-22 | bugfix: don't block commercial certs for mx servers | elijah | |
2016-12-19 | bugfix: mx service does not require a commercial certificate | elijah | |
2016-10-20 | [bug] properly set 'enrollment_policy' in provider.json | elijah | |
2016-10-04 | [bug] fix Tor hidden service key generation | elijah | |
2016-04-08 | tests: include _api_tester partial for couchdb nodes. | elijah | |
2016-04-08 | partials - add support for leap_cli's inheritable service partials (requires ↵ | elijah | |
latest develop branch leap_cli) | |||
2016-04-08 | minor: remove _api_tester.json from soledad test. | elijah | |
2016-04-05 | testing: adds mx delivery tests | elijah | |
2016-02-26 | plain couchdb now required, bigcouch support disabled. | elijah | |
2016-02-23 | allow legacy plain couchdb nodes to stay couchdb nodes, although issue a ↵ | elijah | |
warning. | |||
2016-02-23 | added templates for `leap node add`, so that new nodes can get default ↵ | elijah | |
values set in their initial .json file. | |||
2016-02-23 | default to plain couchdb, unless otherwise specified. | elijah | |
# Conflicts: # puppet/modules/site_couchdb/manifests/plain.pp | |||
2016-02-23 | get dkim working, closes #5924 | elijah | |
2016-02-10 | resolves #7646: leap_cli should fail when soledad and couchdb service are ↵ | elijah | |
seperated | |||
2015-10-27 | [bug] Add leap_mx username to soledad.conf | varac | |
- Tested: [unstable.pixelated-project.org] - Related: https://github.com/pixelated/pixelated-platform/issues/127 | |||
2015-10-13 | add clamav filtering, with sanesecurity signature updating and provider ↵ | Micah | |
whitelisting (#3625) Change-Id: I15985ca00ee95bc62855f098a78e364ebbc32616 | |||
2015-10-06 | [feat] Remove tapicero from more places | varac | |
Remove from: - platform white-box tests (couchdb user ACLs, tapicero daemon test) - provider_base/ dir that handles the compilation of the hiera config file - Resolves: #7501 | |||
2015-09-24 | added firewall information to nodes (needed for `leap compile firewall`) | elijah | |
2015-09-09 | ensure that the webapp has the service levels config it requires. | elijah | |
2015-09-03 | service definition .json files should not refer to properties inherited from ↵ | elijah | |
common.json. closes #7423 | |||
2015-08-31 | mx: added mx.key_lookup_domain property | elijah | |
2015-08-19 | allow ca_cert_uri to be configured | elijah | |
2015-08-03 | webapp: add support for customizing locales | elijah | |
2015-07-28 | Support RBL blocking of incoming mail (#5923) | Micah Anderson | |
Set zen.spamhaus as the default rbl Change-Id: Ic3537d645c80ba42267bab370a1cf77730382158 | |||
2015-04-30 | added a bunch more forbidden usernames0.7.0rc1 | elijah | |
2015-04-21 | block username 'vmail' | elijah | |
2015-03-30 | added support for rotating couchdb databases. | elijah | |
2015-03-19 | don't set a lower --fragment by default yet (not compatible with android client) | elijah | |
2015-03-05 | change default MTU to 1400 (#6745) | Micah Anderson | |
Change-Id: Ia4b93776c6ae316b47f6e0b8e2763aa6fa9cab92 | |||
2015-02-04 | consolidate sources into common.json | elijah | |
2014-12-10 | https://leap.se/code/issues/6477#note-11 | varac | |
Change-Id: I3094be3ef60108f4f2cad5239b0b2f288b39620d | |||
2014-12-09 | add 'local' contactgroup to local environmet monitoring node | varac | |
Change-Id: I1618a8c7f2f7c905b354dbe363fc91b690725479 | |||
2014-12-02 | Change nagios mail To: Header to contain the actual platform environment's ↵ | Micah Anderson | |
contact email (Bug #6466) Change-Id: Ib86ae771e0ac3b6f329a517a8a31c9ec54d33a05 | |||
2014-11-24 | bind webapp to version/0.6 branch | elijah | |
2014-11-10 | change default openvpn fragment size back to 1500 so we don't break backward ↵ | elijah | |
compatibility with older clients | |||
2014-11-10 | openvpn - support customizing --fragment, and set default to 1400 | elijah | |
2014-11-04 | tor - to activate hidden service, now set tor.hidden_service.active = true | elijah | |
2014-10-31 | add support for property tor.key | elijah | |
2014-10-29 | added webapp.forbidden_usernames property to allow configuration of ↵ | elijah | |
usernames to block. | |||
2014-10-08 | every environment is defined as nagios hostsgroup (#5216) | varac | |
Change-Id: I6508ce0d06b37a1c5601a0e981a59f7fda47f76a |