summaryrefslogtreecommitdiff
path: root/provider_base
AgeCommit message (Collapse)Author
2013-07-30added webapp.secure flag (turns on secure cookies and HSTS)elijah
2013-07-26Merge branch 'feature/mx' into developMicah Anderson
2013-07-26Merge branch 'feature/soledad' into feature/leap_mxMicah Anderson
2013-07-26added haproxy weights to webapp hiera (at haproxy.servers)elijah
2013-07-26fix cert generation bug: was creating 2024 bit keys instead of 2048 bit keys ↵elijah
by default.
2013-07-25initial soledad configurationMicah Anderson
Change-Id: I19e91887c3f8e90764b4baef8c5e29e25658e190
2013-07-25fixed provider_base/services/mx.json syntaxvarac
2013-07-25initial mx couchdb stunnel configurationMicah Anderson
2013-07-25add necessary service type to the mx.jsonMicah Anderson
2013-07-25fixed provider_base/services/mx.json syntaxvarac
2013-07-25initial mx couchdb stunnel configurationMicah Anderson
2013-07-25hiera variable mx.contact -> postfix $root_mail_recipientvarac
2013-07-25initial mx couchdb stunnel configurationMicah Anderson
2013-07-25added provider_base/services/mx.jsonvarac
2013-07-04bugfix - properly generate provider.json file.elijah
2013-07-04make sure webapps have the full domain suffix as an alias (fixes problems ↵elijah
generating zone file).
2013-07-04couchdb.json should not set service_type, since internal_service is the default.elijah
2013-07-04remove stupid bandwidth limit from default provider.jsonelijah
2013-06-25add hash for authorized_keys to common.jsonelijah
2013-06-12temp hack: deploy the webapp as couch user 'admin'elijah
2013-06-04add support for client-side collection of facter facts.elijah
2013-05-30site_sshd -- added xterm title, optional support for moshelijah
2013-05-27common.json - default all nodes to be 'enabled'elijah
2013-05-23added couch.bigcouch.neighbors to provider_base/services/couchdb.jsonvarac
2013-05-21only advertise services that are actually deployed (in public provider.json)elijah
2013-05-18added module site_nickserverelijah
2013-05-17minor - webapp api port should be integer, not string.elijah
2013-05-14added smtp-service.json, requires latest leap_clielijah
2013-04-30added soledad-service.jsonelijah
2013-04-24provider base - service definitions are now versioned (requires new leap_cli)elijah
2013-04-24updated needed couchdb users and DBsvarac
2013-04-23remove no longer used json key couchdb_hostsMicah Anderson
2013-04-23move generic couchdb host configuration from bitmask into the provider base ↵Micah Anderson
(#2016)
2013-04-18provider.json 'domain' entry should match the domain suffix of the node.elijah
2013-04-10clean up ca_daemon things, it is not used any longer because it has been ↵Micah Anderson
included in the web app (#1978) remove site_ca_daemon module and configuration in site.pp as well as the provider_base/services/ca.json
2013-04-04add Erlang Distributed Node Protocol Port json entry under bigcouchMicah Anderson
setup ednp_server and ednp_client stunnels update couchdb puppet submodule to support configurable ednp_port parameter and general module cleanup pass ednp_port to couchdb setup so that it is configured in the vm.args template clarify in comments the difference between the epmd and ednp ports remove hard-coded erlang_vm_port variable and instead setup shorewall to allow for the stunnel connection only setup dnat rules for the ednp client connections
2013-04-04rename bigcouch.port to more accurate bigcouch.epmd_portMicah Anderson
2013-04-04rename the bigcouch_replication_[server,client] to be the more accurately, andMicah Anderson
shorter named epmd (erlang port mapper daemon)
2013-04-03added contacts.english for when you need a descriptive contact rather than ↵elijah
an email address contact.
2013-04-02Merge branch 'develop' of ssh://leap.se/leap_platform into developelijah
2013-04-02added password salt to services/couchdb.json (requires latest leap_cli)elijah
2013-04-02switch to using stunnel_client and stunnel_server leap_cli macrosMicah Anderson
add bigcouch_replication_clients to couchdb.json change site_couchdb/manifests/stunnel to use stunnel_client and stunnel_server generated hiera values to setup the stunnels for the couch_server connections, and the bigcouch_replication_server and bigcouch_replication_clients tunnels instead of using hard-coded ips and ports. also change the pid names to be more consistent with what the tunnels are and are named
2013-04-02updated shorewall dnat hiera values for bigcouch cluster protocolvarac
2013-04-02add stunnel hiera values to provider_base/services/couchdb.json for bigcouch ↵varac
cluster protocol
2013-04-02added stunnel config for bigcouch communicationvarac
2013-03-28added stunnel_serverelijah
2013-03-19add webapp secret token that pulls from hiera a 'secret'Micah Anderson
2013-03-19create a separate couchdb.yml.admin that contains the couchdb admin ↵Micah Anderson
privileges, putting the unprivileged ones in as user webapp in couchdb.yml. This allows us to migrate the couchdb design docs on deployment, but use an unprivileged user the remainder of the time
2013-03-17added support for "limited" service levels (although vpn is not yet actually ↵elijah
rate limited).
2013-03-16the development tag now specifies an alternative provider domain. this ↵elijah
requires that we use domain.full_suffix instead of provider.domain, whenever possible.