summaryrefslogtreecommitdiff
path: root/provider_base
AgeCommit message (Collapse)Author
2015-03-03pin client version to >=0.7 (#6743)Micah Anderson
Change-Id: I66f12a04bf92fbda77284665bc1186b10f4c2e15
2015-02-04upgrade to tapicero 0.6.1, to remove auth in process list (closes #6697)elijah
2015-02-04consolidate sources into common.jsonelijah
2015-01-28update default provider.json to use the (now) correct expiration time ↵elijah
format. requires new leap_cli.
2015-01-27provide way to customize all three apt sources urls (basic, security, backports)varac
Change-Id: I5542b320bb1edb52c63350b5e4fd2af681991fb5
2015-01-27provide apt.url key that can be customized in provider.jsonvarac
Change-Id: Ic8bcca7fde25b4eb540aab8cc4114748b9b2cfd7
2014-12-22Merge remote-tracking branch 'elijah/bugfix/multiplesshkeys' into developMicah Anderson
2014-12-21correctly generate .onion addresses. closes #6559elijah
2014-12-21fixed bug that prevented all users/*/*_ssh.pub keys from getting added to ↵elijah
authorized_keys
2014-12-10https://leap.se/code/issues/6477#note-11varac
Change-Id: I3094be3ef60108f4f2cad5239b0b2f288b39620d
2014-12-10Fix internal domain name generation (#6477)varac
Before, under certain circumstances, the internal domain names were capped from i.e. 'dev.example.com' to 'dev.i' Change-Id: Ibd4998a7ba128dcbce5ccb9d0a52006ed4431f01
2014-12-09add 'local' contactgroup to local environmet monitoring nodevarac
Change-Id: I1618a8c7f2f7c905b354dbe363fc91b690725479
2014-12-02Change nagios mail To: Header to contain the actual platform environment's ↵Micah Anderson
contact email (Bug #6466) Change-Id: Ib86ae771e0ac3b6f329a517a8a31c9ec54d33a05
2014-11-25include a host information in ssh_config for ever possible host a given node ↵elijah
might communicate with. this includes port and host key algorithm. closes #6432
2014-11-24bind webapp to version/0.6 branchelijah
2014-11-24fixed bug when there is no vpn serviceelijah
2014-11-10change default openvpn fragment size back to 1500 so we don't break backward ↵elijah
compatibility with older clients
2014-11-10openvpn - support customizing --fragment, and set default to 1400elijah
2014-11-04tor - to activate hidden service, now set tor.hidden_service.active = trueelijah
2014-10-31add support for property tor.keyelijah
2014-10-29added webapp.forbidden_usernames property to allow configuration of ↵elijah
usernames to block.
2014-10-21update platform to take advantage of new platform.rb. requires leap_cli 1.6elijah
2014-10-20bumped default server certificate bit size to 4096elijah
2014-10-08every environment is defined as nagios hostsgroup (#5216)varac
Change-Id: I6508ce0d06b37a1c5601a0e981a59f7fda47f76a
2014-09-23couch: for neighbors, use 'couch.mode' instead of 'couch.master' (which ↵elijah
might be false even for multimaster). closes #6064
2014-08-26default to multimaster if no nodes are defined as masterelijah
2014-07-29fix haproxy_servers call with couchdb default portAzul
2014-07-29Merge remote-tracking branch 'fbernitt/issue_5217_allow_registration' into ↵Azul
develop
2014-07-16haproxy connects to a local couch if availableAzul
When running a service that requires couch (webapp or mx) on a node that also had couch running the haproxy was confused because it did not have an stunnel port for the local couch. Emit a more useful error and fixed this for webapp and mx
2014-07-11Added allow_registration to webapp config.yml.Folker Bernitt
- See issue #5217 - See companion change in leap_web
2014-07-01Use new macro pick_node to pick vpn gateway for obfsproxy.jsonirregulator
2014-07-01A vpn node picks its openvpn.gateway as obfsproxy gateway addressirregulator
2014-07-01Attach node's name to scramblesuit password and port secretsirregulator
This makes every node with obfsproxy service have unique port and password for scramblesuit pluggable transport.
2014-07-01Include obfsproxy descriptors in openvpn.jsonirregulator
This is needed so as obfsproxy service is automatically deployed along with eip service.
2014-07-01Use the try method to pick vpn gateway address in obfsproxy.jsonirregulator
2014-07-01Pick gateway address either from self or another openvpn nodeirregulator
2014-07-01Reflect change in leap_cli, use rand_range macroirregulator
2014-07-01Initial commit for obfsproxy server feature in platformirregulator
2014-06-27added error() macro.elijah
2014-06-26make try{} macro also catch ArgumentErrorselijah
2014-06-25hand replication credentials to tapiceroAzul
2014-06-25haproxy: support read only couchdb mirrorselijah
2014-06-25fix stunnel entries in mx.json and webapp.jsonelijah
2014-06-25moved json macros to provider_base/lib/macros. requires new unreleased leap_clielijah
2014-06-25add replication userAzul
2014-06-25tmp comment out error if no master nodes definedelijah
2014-06-25new generic system for stunnel: just `include site_stunnel` and stunnel + ↵elijah
needed shorewall will be automatically set up. requires new leap_cli
2014-06-25couchdb: generate hiera files suitable for plain couchdb + read-only mirrorselijah
2014-06-25fix commercial cert usage with mx and monitor nodes.elijah
2014-06-25more friendly error message in `leap compile` when commercial certificate is ↵elijah
missing.