leap_platform.git - [leap

Age	Commit message (Collapse)	Author
2013-04-02	switch to using stunnel_client and stunnel_server leap_cli macros	Micah Anderson
	add bigcouch_replication_clients to couchdb.json change site_couchdb/manifests/stunnel to use stunnel_client and stunnel_server generated hiera values to setup the stunnels for the couch_server connections, and the bigcouch_replication_server and bigcouch_replication_clients tunnels instead of using hard-coded ips and ports. also change the pid names to be more consistent with what the tunnels are and are named
2013-04-02	updated shorewall dnat hiera values for bigcouch cluster protocol	varac

2013-04-02	add stunnel hiera values to provider_base/services/couchdb.json for bigcouch ↵	varac
	cluster protocol
2013-04-02	added stunnel config for bigcouch communication	varac

2013-03-28	added stunnel_server	elijah

2013-03-19	add webapp secret token that pulls from hiera a 'secret'	Micah Anderson

2013-03-19	create a separate couchdb.yml.admin that contains the couchdb admin ↵	Micah Anderson
	privileges, putting the unprivileged ones in as user webapp in couchdb.yml. This allows us to migrate the couchdb design docs on deployment, but use an unprivileged user the remainder of the time
2013-03-17	added support for "limited" service levels (although vpn is not yet actually ↵	elijah
	rate limited).
2013-03-16	the development tag now specifies an alternative provider domain. this ↵	elijah
	requires that we use domain.full_suffix instead of provider.domain, whenever possible.
2013-03-12	Merge branch 'feature/bigcouch' into develop	varac
	Conflicts: provider_base/services/couchdb.json
2013-03-10	added bigcouch:cookie to services/couchdb.json	varac

2013-03-08	couch - explicitly configure couch port	elijah

2013-03-08	node environment: switch from production=true to environment=production. ↵	elijah
	requires latest leap_cli
2013-03-05	change json comment to '//'	elijah

2013-02-27	openvpn -- added support for optional "free" rate-limited service via ↵	elijah
	special client certificates with the FREE prefix in the common name.
2013-02-12	temporarily make the webapp use the admin couchdb user. waiting on ↵	elijah
	https://leap.se/code/issues/1163
2013-02-10	vagrant configuration move to Leapfile	elijah

2013-02-08	changed contact_email to tor.contacts	elijah

2013-02-08	minor changes to default json: give common a name, add contacts.default	elijah

2013-02-08	make monitor service include the nodes that are of a similar type (e.g. ↵	elijah
	production or local).
2013-02-06	tor service defaults	varac

2013-01-31	added /etc/openvpn/ca_bundle.pem in order to allow multiple CA certs to be used.	elijah

2013-01-28	update services/monitoring.json to include openvpn_gateway_address	varac

2013-01-28	added 'monitor' service to provider_base	elijah

2013-01-27	added 'development' hiera hash to exclude certain class for better testing	varac

2013-01-26	service_type: internal_service as default	varac

2013-01-21	client ca -- configure the webapp with the client ca	elijah

2013-01-13	added ability to customize the webapp appearance	elijah

2012-12-19	webapp api now uses a customizable port (so that we don't try to rely on SNI ↵	elijah
	for hosting two TLS domains on one IP).
2012-12-18	ca daemon -- ca daemon needs the x509 cert/key for the CA, not for the server.	elijah

2012-12-08	minor - fix hint.	elijah

2012-12-07	added hostname tracking and late evaluation. new key "hosts" added, for ↵	elijah
	building /etc/hosts. also, now ssh.known_hosts only includes what is necessary.
2012-12-07	ca -> ca_daemon in site.pp and services/ca.json	varac

2012-12-07	added couchdb hiera variables to services/ca.json	varac

2012-11-28	updated service templates to reflect new command names	elijah

2012-11-27	fix webapp: only list couchdb hosts that match node's 'local' value.	elijah

2012-11-24	new leap_cli sets local tag automatically.	elijah

2012-11-23	get rid of paths in webapp.json, use symbolic filenames instead.	elijah

2012-11-23	added a template that is used to generate a client config file for openvpn ↵	elijah
	(to be used for testing).
2012-11-23	fix bugs in eip-service.json template	elijah

2012-11-22	clean up openvpn and x509 paths	elijah

2012-11-21	added x509.commercial_ca_cert. x509.ca_cert is now optional, except for webapp.	elijah

2012-11-20	add ca_cert key because we will need to place the cert into the webroot on ↵	Micah Anderson
	the webapp
2012-11-17	added missing fingerprint of ca cert to provider definition	elijah

2012-11-17	added better warnings to openvpn service when files are missing	elijah

2012-11-17	added commercial_cert to webapp	elijah

2012-11-16	added digest to provider.ca	elijah

2012-11-15	added eip-service.json	elijah

2012-11-14	added provider_base (latest leap_cli required)	elijah