leap_platform.git - [leap

Age	Commit message (Collapse)	Author
2013-08-29	Make TLS-required smtps (465) be port for sending SMTP. This is preferred ↵	Micah Anderson
	over 25 because that is typically blocked, and we cannot force TLS on that port due to other MTAs not being configured for this century. We don't use submission (568) because that uses STARTTLS, and the STARTTLS banner can easily be stripped by an adversary. (#3604) . enable smtps (port 465) for client submission over TLS, and require that TLS is enabled . add 465 to the allowed open ports in the firewall . change the smtp-service.json to use 465 instead of 25 note: I did not use the 'use_smtps' parameter that is available in the postfix class because it added some options that we do not want/need. Change-Id: I0040eb2dff6008a1c830d59df9963eb83dc9ea02
2013-08-15	Revert "temp hack: deploy the webapp as couch user 'admin'"	Micah Anderson
	This reverts commit 8c038fea91adc87adf9e408c16e2f0ec9838e3d2.
2013-08-01	run soledad daemon using the configured port.	elijah

2013-08-01	add a requirement to soledad.json that soledad service is found on a couchdb	Micah Anderson
	node, if it is not, it will fail to compile this requires a newer leap_cli, so I've bumped the compatibility requirement Change-Id: Ie1061798d058087126163793b216dd5938eb95a6
2013-08-01	fix #3291: set the soledad port properly in the json and as a temporary ↵	Micah Anderson
	work-around, use the couchdb admin/passwd Change-Id: Ibb1cd8416d00552f8ca1716e42a08137a4b461aa
2013-08-01	Merge branch 'feature/issue/3278' into develop	varac

2013-07-31	add haproxy servers to services/mx.json	varac

2013-07-31	fix /etc/leap/mx.conf doesn't contain any user credentials (Feature #3347)	varac

2013-07-30	webapp - use hiera config "webapp.admins" for the list of admin usernames, ↵	elijah
	default to empty list.
2013-07-30	added webapp.secure flag (turns on secure cookies and HSTS)	elijah

2013-07-26	Merge branch 'feature/mx' into develop	Micah Anderson

2013-07-26	Merge branch 'feature/soledad' into feature/leap_mx	Micah Anderson

2013-07-26	added haproxy weights to webapp hiera (at haproxy.servers)	elijah

2013-07-26	fix cert generation bug: was creating 2024 bit keys instead of 2048 bit keys ↵	elijah
	by default.
2013-07-25	initial soledad configuration	Micah Anderson
	Change-Id: I19e91887c3f8e90764b4baef8c5e29e25658e190
2013-07-25	fixed provider_base/services/mx.json syntax	varac

2013-07-25	initial mx couchdb stunnel configuration	Micah Anderson

2013-07-25	add necessary service type to the mx.json	Micah Anderson

2013-07-25	fixed provider_base/services/mx.json syntax	varac

2013-07-25	initial mx couchdb stunnel configuration	Micah Anderson

2013-07-25	hiera variable mx.contact -> postfix $root_mail_recipient	varac

2013-07-25	initial mx couchdb stunnel configuration	Micah Anderson

2013-07-25	added provider_base/services/mx.json	varac

2013-07-04	bugfix - properly generate provider.json file.	elijah

2013-07-04	make sure webapps have the full domain suffix as an alias (fixes problems ↵	elijah
	generating zone file).
2013-07-04	couchdb.json should not set service_type, since internal_service is the default.	elijah

2013-07-04	remove stupid bandwidth limit from default provider.json	elijah

2013-06-25	add hash for authorized_keys to common.json	elijah

2013-06-12	temp hack: deploy the webapp as couch user 'admin'	elijah

2013-06-04	add support for client-side collection of facter facts.	elijah

2013-05-30	site_sshd -- added xterm title, optional support for mosh	elijah

2013-05-27	common.json - default all nodes to be 'enabled'	elijah

2013-05-23	added couch.bigcouch.neighbors to provider_base/services/couchdb.json	varac

2013-05-21	only advertise services that are actually deployed (in public provider.json)	elijah

2013-05-18	added module site_nickserver	elijah

2013-05-17	minor - webapp api port should be integer, not string.	elijah

2013-05-14	added smtp-service.json, requires latest leap_cli	elijah

2013-04-30	added soledad-service.json	elijah

2013-04-24	provider base - service definitions are now versioned (requires new leap_cli)	elijah

2013-04-24	updated needed couchdb users and DBs	varac

2013-04-23	remove no longer used json key couchdb_hosts	Micah Anderson

2013-04-23	move generic couchdb host configuration from bitmask into the provider base ↵	Micah Anderson
	(#2016)
2013-04-18	provider.json 'domain' entry should match the domain suffix of the node.	elijah

2013-04-10	clean up ca_daemon things, it is not used any longer because it has been ↵	Micah Anderson
	included in the web app (#1978) remove site_ca_daemon module and configuration in site.pp as well as the provider_base/services/ca.json
2013-04-04	add Erlang Distributed Node Protocol Port json entry under bigcouch	Micah Anderson
	setup ednp_server and ednp_client stunnels update couchdb puppet submodule to support configurable ednp_port parameter and general module cleanup pass ednp_port to couchdb setup so that it is configured in the vm.args template clarify in comments the difference between the epmd and ednp ports remove hard-coded erlang_vm_port variable and instead setup shorewall to allow for the stunnel connection only setup dnat rules for the ednp client connections
2013-04-04	rename bigcouch.port to more accurate bigcouch.epmd_port	Micah Anderson

2013-04-04	rename the bigcouch_replication_[server,client] to be the more accurately, and	Micah Anderson
	shorter named epmd (erlang port mapper daemon)
2013-04-03	added contacts.english for when you need a descriptive contact rather than ↵	elijah
	an email address contact.
2013-04-02	Merge branch 'develop' of ssh://leap.se/leap_platform into develop	elijah

2013-04-02	added password salt to services/couchdb.json (requires latest leap_cli)	elijah