leap_platform.git - [leap

Age	Commit message (Collapse)	Author
2014-11-10	change default openvpn fragment size back to 1500 so we don't break backward ↵	elijah
	compatibility with older clients
2014-11-10	openvpn - support customizing --fragment, and set default to 1400	elijah

2014-11-04	tor - to activate hidden service, now set tor.hidden_service.active = true	elijah

2014-10-31	add support for property tor.key	elijah

2014-10-29	added webapp.forbidden_usernames property to allow configuration of ↵	elijah
	usernames to block.
2014-10-21	update platform to take advantage of new platform.rb. requires leap_cli 1.6	elijah

2014-10-20	bumped default server certificate bit size to 4096	elijah

2014-10-08	every environment is defined as nagios hostsgroup (#5216)	varac
	Change-Id: I6508ce0d06b37a1c5601a0e981a59f7fda47f76a
2014-09-23	couch: for neighbors, use 'couch.mode' instead of 'couch.master' (which ↵	elijah
	might be false even for multimaster). closes #6064
2014-08-26	default to multimaster if no nodes are defined as master	elijah

2014-07-29	fix haproxy_servers call with couchdb default port	Azul

2014-07-29	Merge remote-tracking branch 'fbernitt/issue_5217_allow_registration' into ↵	Azul
	develop
2014-07-16	haproxy connects to a local couch if available	Azul
	When running a service that requires couch (webapp or mx) on a node that also had couch running the haproxy was confused because it did not have an stunnel port for the local couch. Emit a more useful error and fixed this for webapp and mx
2014-07-11	Added allow_registration to webapp config.yml.	Folker Bernitt
	- See issue #5217 - See companion change in leap_web
2014-07-01	Use new macro pick_node to pick vpn gateway for obfsproxy.json	irregulator

2014-07-01	A vpn node picks its openvpn.gateway as obfsproxy gateway address	irregulator

2014-07-01	Attach node's name to scramblesuit password and port secrets	irregulator
	This makes every node with obfsproxy service have unique port and password for scramblesuit pluggable transport.
2014-07-01	Include obfsproxy descriptors in openvpn.json	irregulator
	This is needed so as obfsproxy service is automatically deployed along with eip service.
2014-07-01	Use the try method to pick vpn gateway address in obfsproxy.json	irregulator

2014-07-01	Pick gateway address either from self or another openvpn node	irregulator

2014-07-01	Reflect change in leap_cli, use rand_range macro	irregulator

2014-07-01	Initial commit for obfsproxy server feature in platform	irregulator

2014-06-27	added error() macro.	elijah

2014-06-26	make try{} macro also catch ArgumentErrors	elijah

2014-06-25	hand replication credentials to tapicero	Azul

2014-06-25	haproxy: support read only couchdb mirrors	elijah

2014-06-25	fix stunnel entries in mx.json and webapp.json	elijah

2014-06-25	moved json macros to provider_base/lib/macros. requires new unreleased leap_cli	elijah

2014-06-25	add replication user	Azul

2014-06-25	tmp comment out error if no master nodes defined	elijah

2014-06-25	new generic system for stunnel: just `include site_stunnel` and stunnel + ↵	elijah
	needed shorewall will be automatically set up. requires new leap_cli
2014-06-25	couchdb: generate hiera files suitable for plain couchdb + read-only mirrors	elijah

2014-06-25	fix commercial cert usage with mx and monitor nodes.	elijah

2014-06-25	more friendly error message in `leap compile` when commercial certificate is ↵	elijah
	missing.
2014-06-17	allow webapp.json to configure what engines are enabled	elijah

2014-06-02	static site: gracefully handle static sites that are not configured.	elijah

2014-06-02	static site: added rack support, added custom apache config	elijah

2014-06-02	added support for /provider.json served from static site.	elijah

2014-05-20	add support for webapp on subdomain	elijah

2014-05-20	changed the default service levels to be more minimal, because it is ↵	elijah
	currently impossible to entirely overwrite the service.levels hash.
2014-05-17	fix bug with empty tor families	elijah

2014-05-14	use hash for provider service levels	Azul
	We want to access service levels by means of the id stored in the user record. With a hash we don't have to loop through all elements to find the one with a given id and still can use arbitrary strings and do not rely on the order of the array. Also it's the format the webapp is expecting right now.
2014-05-13	Revert "update cipher configuration for openvpn to use the IANA name"	Micah Anderson
	This reverts commit ae50675e9095750cee9810237fb6b9f60030dae4. Older openssl implementations (wheezy, android, others) aren't able to parse this newer string, so reverting to the deprecated name until we are sure the support is there
2014-05-06	update cipher configuration for openvpn to use the IANA name, due to	Micah Anderson
	deprecation warning: 2014-05-06 18:10:23,594 - INFO - L#826 : leap.openvpn:outReceived() - Tue May 6 18:10:23 2014 Deprecated TLS cipher name 'DHE-RSA-AES128-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-128-CBC-SHA' Change-Id: I159b26604993d38806fcb7c2ed8f6de8138999f7
2014-05-06	add the tun-ipv6 configuration to the eip-service (#4163)	Micah Anderson
	Change-Id: I4781f0c3e1c74f5a45217a4d631603fa1a622fd6
2014-04-24	bring service_levels into webapp config - #5527	Azul
	including the default_service_level
2014-04-24	tor: provide a default 'nickname' (something like	Micah Anderson
	"rabbitLKJYW23695JGLKJ" where rabbit is the node name). Stop shipping a static 'family' and instead provide a comma separated list of node tor nicknames. (#5220) Change-Id: I479f460ab230ad440f72c78dc6362983387ce12a
2014-04-08	minor: allow manual override of 'services' in provider.json	elijah

2014-04-05	revert openvpn tls-cipher: closes https://leap.se/code/issues/5429	elijah

2014-04-05	openvpn: allow for configurable keepalive (aka ping & ping-restart) closes ↵	elijah
	https://leap.se/code/issues/4127