summaryrefslogtreecommitdiff
path: root/provider_base
AgeCommit message (Collapse)Author
2014-12-10Fix internal domain name generation (#6477)varac
Before, under certain circumstances, the internal domain names were capped from i.e. 'dev.example.com' to 'dev.i' Change-Id: Ibd4998a7ba128dcbce5ccb9d0a52006ed4431f01
2014-12-09add 'local' contactgroup to local environmet monitoring nodevarac
Change-Id: I1618a8c7f2f7c905b354dbe363fc91b690725479
2014-12-02Change nagios mail To: Header to contain the actual platform environment's ↵Micah Anderson
contact email (Bug #6466) Change-Id: Ib86ae771e0ac3b6f329a517a8a31c9ec54d33a05
2014-11-25include a host information in ssh_config for ever possible host a given node ↵elijah
might communicate with. this includes port and host key algorithm. closes #6432
2014-11-24bind webapp to version/0.6 branchelijah
2014-11-24fixed bug when there is no vpn serviceelijah
2014-11-10change default openvpn fragment size back to 1500 so we don't break backward ↵elijah
compatibility with older clients
2014-11-10openvpn - support customizing --fragment, and set default to 1400elijah
2014-11-04tor - to activate hidden service, now set tor.hidden_service.active = trueelijah
2014-10-31add support for property tor.keyelijah
2014-10-29added webapp.forbidden_usernames property to allow configuration of ↵elijah
usernames to block.
2014-10-21update platform to take advantage of new platform.rb. requires leap_cli 1.6elijah
2014-10-20bumped default server certificate bit size to 4096elijah
2014-10-08every environment is defined as nagios hostsgroup (#5216)varac
Change-Id: I6508ce0d06b37a1c5601a0e981a59f7fda47f76a
2014-09-23couch: for neighbors, use 'couch.mode' instead of 'couch.master' (which ↵elijah
might be false even for multimaster). closes #6064
2014-08-26default to multimaster if no nodes are defined as masterelijah
2014-07-29fix haproxy_servers call with couchdb default portAzul
2014-07-29Merge remote-tracking branch 'fbernitt/issue_5217_allow_registration' into ↵Azul
develop
2014-07-16haproxy connects to a local couch if availableAzul
When running a service that requires couch (webapp or mx) on a node that also had couch running the haproxy was confused because it did not have an stunnel port for the local couch. Emit a more useful error and fixed this for webapp and mx
2014-07-11Added allow_registration to webapp config.yml.Folker Bernitt
- See issue #5217 - See companion change in leap_web
2014-07-01Use new macro pick_node to pick vpn gateway for obfsproxy.jsonirregulator
2014-07-01A vpn node picks its openvpn.gateway as obfsproxy gateway addressirregulator
2014-07-01Attach node's name to scramblesuit password and port secretsirregulator
This makes every node with obfsproxy service have unique port and password for scramblesuit pluggable transport.
2014-07-01Include obfsproxy descriptors in openvpn.jsonirregulator
This is needed so as obfsproxy service is automatically deployed along with eip service.
2014-07-01Use the try method to pick vpn gateway address in obfsproxy.jsonirregulator
2014-07-01Pick gateway address either from self or another openvpn nodeirregulator
2014-07-01Reflect change in leap_cli, use rand_range macroirregulator
2014-07-01Initial commit for obfsproxy server feature in platformirregulator
2014-06-27added error() macro.elijah
2014-06-26make try{} macro also catch ArgumentErrorselijah
2014-06-25hand replication credentials to tapiceroAzul
2014-06-25haproxy: support read only couchdb mirrorselijah
2014-06-25fix stunnel entries in mx.json and webapp.jsonelijah
2014-06-25moved json macros to provider_base/lib/macros. requires new unreleased leap_clielijah
2014-06-25add replication userAzul
2014-06-25tmp comment out error if no master nodes definedelijah
2014-06-25new generic system for stunnel: just `include site_stunnel` and stunnel + ↵elijah
needed shorewall will be automatically set up. requires new leap_cli
2014-06-25couchdb: generate hiera files suitable for plain couchdb + read-only mirrorselijah
2014-06-25fix commercial cert usage with mx and monitor nodes.elijah
2014-06-25more friendly error message in `leap compile` when commercial certificate is ↵elijah
missing.
2014-06-17allow webapp.json to configure what engines are enabledelijah
2014-06-02static site: gracefully handle static sites that are not configured.elijah
2014-06-02static site: added rack support, added custom apache configelijah
2014-06-02added support for /provider.json served from static site.elijah
2014-05-20add support for webapp on subdomainelijah
2014-05-20changed the default service levels to be more minimal, because it is ↵elijah
currently impossible to entirely overwrite the service.levels hash.
2014-05-17fix bug with empty tor familieselijah
2014-05-14use hash for provider service levelsAzul
We want to access service levels by means of the id stored in the user record. With a hash we don't have to loop through all elements to find the one with a given id and still can use arbitrary strings and do not rely on the order of the array. Also it's the format the webapp is expecting right now.
2014-05-13Revert "update cipher configuration for openvpn to use the IANA name"Micah Anderson
This reverts commit ae50675e9095750cee9810237fb6b9f60030dae4. Older openssl implementations (wheezy, android, others) aren't able to parse this newer string, so reverting to the deprecated name until we are sure the support is there
2014-05-06update cipher configuration for openvpn to use the IANA name, due toMicah Anderson
deprecation warning: 2014-05-06 18:10:23,594 - INFO - L#826 : leap.openvpn:outReceived() - Tue May 6 18:10:23 2014 Deprecated TLS cipher name 'DHE-RSA-AES128-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-128-CBC-SHA' Change-Id: I159b26604993d38806fcb7c2ed8f6de8138999f7
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 18:50:20 +0000