leap_platform.git - [leap

Age	Commit message (Collapse)	Author
2017-10-07	feat: add v3 tor hidden service support	Micah Anderson
	Resolves: #8879
2017-10-05	Feat: Refactor tor services	Micah Anderson
	In order to refactor the tor services, we need to split them out into three different services. This adds the hidden service class that is necessary to support the previous commits. Fixes #8864.
2017-10-05	Feat: split tor service into three	elijah
	The 'tor' service is now three separate services, 'tor_exit', 'tor_relay', or 'hidden_service'.
2017-06-28	static - gracefully handle incorrect static site configs	elijah

2017-05-30	static - support for renewing certs with let's encrypt for static sites	elijah

2017-05-10	Nickserver direct access to couchdb on same node	varac
	Depending whether couchdb is running on the same node as nickserver, couchdb is available on localhost: - When couchdb is running on a different node: Via stunnel, which is bound to 4000. - When couchdb is running on the same node: On port 5984 Resolves: #8793
2017-04-27	Merge remote-tracking branch 'origin/merge-requests/77'	varac

2017-04-25	Add single-hop hidden service capability.	Micah Anderson
	This cuts the number of hops for a tor onion service from 6 to 3, speeding it up considerably. This removes the anonymity aspect of the service, so it must be enabled intentionally, knowing that the server's location no longer is hidden.
2017-03-22	webapp: add secret_key_base to config	Azul
	This replaces the secret_token from rails 4.1 on. Both are used for securing cookies in the browser. The secret_key_base will also encrypt the cookies while the token will only sign them. Keeping the token in there for now allows us to migrate existing sessions / cookies to the new secrets. We can remove it in the next version once all providers have run with secret_key_base for a while.
2017-03-15	Direct connection when couch runs locally	varac

2017-03-15	[8144] Remove Haproxy	varac
	We used haproxy because we had multiple bigcouch nodes but now with a single couchdb node this is not needed anymore. - Resolves: #8144
2016-12-22	bugfix: don't block commercial certs for mx servers	elijah

2016-12-19	bugfix: mx service does not require a commercial certificate	elijah

2016-10-20	[bug] properly set 'enrollment_policy' in provider.json	elijah

2016-10-04	[bug] fix Tor hidden service key generation	elijah

2016-04-08	tests: include _api_tester partial for couchdb nodes.	elijah

2016-04-08	partials - add support for leap_cli's inheritable service partials (requires ↵	elijah
	latest develop branch leap_cli)
2016-04-08	minor: remove _api_tester.json from soledad test.	elijah

2016-04-05	testing: adds mx delivery tests	elijah

2016-02-26	plain couchdb now required, bigcouch support disabled.	elijah

2016-02-23	allow legacy plain couchdb nodes to stay couchdb nodes, although issue a ↵	elijah
	warning.
2016-02-23	added templates for `leap node add`, so that new nodes can get default ↵	elijah
	values set in their initial .json file.
2016-02-23	default to plain couchdb, unless otherwise specified.	elijah
	# Conflicts: # puppet/modules/site_couchdb/manifests/plain.pp
2016-02-23	get dkim working, closes #5924	elijah

2016-02-10	resolves #7646: leap_cli should fail when soledad and couchdb service are ↵	elijah
	seperated
2015-10-27	[bug] Add leap_mx username to soledad.conf	varac
	- Tested: [unstable.pixelated-project.org] - Related: https://github.com/pixelated/pixelated-platform/issues/127
2015-10-13	add clamav filtering, with sanesecurity signature updating and provider ↵	Micah
	whitelisting (#3625) Change-Id: I15985ca00ee95bc62855f098a78e364ebbc32616
2015-10-06	[feat] Remove tapicero from more places	varac
	Remove from: - platform white-box tests (couchdb user ACLs, tapicero daemon test) - provider_base/ dir that handles the compilation of the hiera config file - Resolves: #7501
2015-09-24	added firewall information to nodes (needed for `leap compile firewall`)	elijah

2015-09-09	ensure that the webapp has the service levels config it requires.	elijah

2015-09-03	service definition .json files should not refer to properties inherited from ↵	elijah
	common.json. closes #7423
2015-08-31	mx: added mx.key_lookup_domain property	elijah

2015-08-19	allow ca_cert_uri to be configured	elijah

2015-08-03	webapp: add support for customizing locales	elijah

2015-07-28	Support RBL blocking of incoming mail (#5923)	Micah Anderson
	Set zen.spamhaus as the default rbl Change-Id: Ic3537d645c80ba42267bab370a1cf77730382158
2015-04-30	added a bunch more forbidden usernames0.7.0rc1	elijah

2015-04-21	block username 'vmail'	elijah

2015-03-30	added support for rotating couchdb databases.	elijah

2015-03-19	don't set a lower --fragment by default yet (not compatible with android client)	elijah

2015-03-05	change default MTU to 1400 (#6745)	Micah Anderson
	Change-Id: Ia4b93776c6ae316b47f6e0b8e2763aa6fa9cab92
2015-02-04	consolidate sources into common.json	elijah

2014-12-10	https://leap.se/code/issues/6477#note-11	varac
	Change-Id: I3094be3ef60108f4f2cad5239b0b2f288b39620d
2014-12-09	add 'local' contactgroup to local environmet monitoring node	varac
	Change-Id: I1618a8c7f2f7c905b354dbe363fc91b690725479
2014-12-02	Change nagios mail To: Header to contain the actual platform environment's ↵	Micah Anderson
	contact email (Bug #6466) Change-Id: Ib86ae771e0ac3b6f329a517a8a31c9ec54d33a05
2014-11-24	bind webapp to version/0.6 branch	elijah

2014-11-10	change default openvpn fragment size back to 1500 so we don't break backward ↵	elijah
	compatibility with older clients
2014-11-10	openvpn - support customizing --fragment, and set default to 1400	elijah

2014-11-04	tor - to activate hidden service, now set tor.hidden_service.active = true	elijah

2014-10-31	add support for property tor.key	elijah

2014-10-29	added webapp.forbidden_usernames property to allow configuration of ↵	elijah
	usernames to block.