Age | Commit message (Collapse) | Author |
|
In order to refactor the tor services, we need to split them out into three
different services. This adds the hidden service class that is necessary to
support the previous commits. Fixes #8864.
|
|
The 'tor' service is now three separate services, 'tor_exit', 'tor_relay', or 'hidden_service'.
|
|
This makes a more clear site_tor::relay class that the leap service
includes, and a more generic site_tor class that other classes can
depend on for setting up the initial install.
|
|
After including everything into a `node default` scope
in puppet/manifests/site.pp to make puppet-catalog-test happy
(see commit 62ea45d47), we get this error:
Error: member(): Requires array to work with at
/srv/leap/puppet/modules/site_obfsproxy/manifests/init.pp:14
Moving the `services` hiera avaluation out of the node scope back
to top level scope will solve this.
|
|
|
|
By default, Puppet installs recommended packages.
We turn this off for all apt Package resources.
|
|
This reverts commit 0aebb4c41f96f6ad7a7e8a3b07eaffa1f9075f51.
We enabled systemd as puppet service default provider, but this results
in these services falsely detected as not running, and restarted on
every deploy.
We need to indivually configure systemd as service provider only for
those services that ship a systed unit file.
see #7966 for details
|
|
Even when the service provider defaults to systemd in
latest puppet, it still defaults to 'debian' in puppet
3.7.2 (jessie version).
We dropped wheezy support so we should use the systemd provider
for now.
https://docs.puppetlabs.com/puppet/latest/reference/type.html#service-provider-systemd
|
|
This worked before, but somehow stopped working.
We need to include 'site_config::slow' top-level scope instead
of including it in 'site_config::default', because otherwise it
would get tagged with 'leap_base', and would be included always.
This way 'site_config::slow' gets included by default, but can be
excluded by using 'leap deploy --fast'.
See https://leap.se/en/docs/platform/details/under-the-hood#tags
- Resolves: #7844
|
|
service (Bug #6851)
Also, moved global Exec{} defaults to site.pp
Change-Id: I9ae91b77afde944d2f1312613b9d9030e32239dd
|
|
Soledad now creates user-dbs, which has been done by tapicero
in the past. we need to remove any leftovers from tapicero.
|
|
Change-Id: If99ae4036f9210516762f5cd7eb66744661a9665
|
|
Change-Id: Ib64c9a9d15eb6f276e7928e47e96cd44291583c9
|
|
|
|
|
|
|
|
the problem was following:
if a host has the webapp service, the template for /etc/hosts adds some stuff.
But setup.pp did not ask hiera about the services so
"/srv/leap/bin/puppet_command set_hostname" always resets the hostname.
Since that gets triggered every time you run "leap deploy" the
hostname changes, some services restart, then the hostname changes back and
the services restart again.
The solution is to get the hiera data before every run.
|
|
|
|
|
|
|
|
Change-Id: Ie53b09df0758ba01b30ed658bee04682bc180b01
|
|
|
|
took out the last remaining virtualbox references
|
|
(#3782)
in commit 338833, we established a relationship between all
resources that have a leap_service tag, that are called in site.pp.
But we had some resources as default on every node in site.pp
(apt::update, Package { require => Exec['apt_updated'] },
site_config::slow and stdlib), that were still lacking any
relationship to the leap_service tag.
By moving them into default.pp they automatically are executed
before resources with a leap_service tag.
|
|
during main puppetrun, even before shorewall is configured completly
|
|
|
|
cases when shorewall doesn't properly come up, ensuring that it fails safe (#3339)
Change-Id: Id4f0bf6cf25f420aa2ad67635b37ae95f54e3d38
|
|
squashed commits:
site_squid_deb_proxy::client: include shorewall::rules::mdns for avahi discovery
added submodule squid_deb_proxy from git://code.leap.se/puppet_squid_deb_proxy
updated submodule squid_deb_proxy
use squid_deb_proxy::client
|
|
|
|
Conflicts:
provider_base/services/mx.json
puppet/manifests/site.pp
puppet/modules/site_mx/manifests/init.pp
puppet/modules/site_postfix/manifests/mx.pp
Change-Id: Ib2952f6cb972c40a998f20d7bbdb23bb35bef419
|
|
Change-Id: I19e91887c3f8e90764b4baef8c5e29e25658e190
|
|
|
|
|
|
|
|
|
|
(#2984) and the custom_key_dir as a class parameter
remove the global variable from setup.pp and site.pp and instead pass it into the apt class declaration as a parameter
Change-Id: I24806f2fd22b5a066b951c5f76f3dd748481b5b6
|
|
|
|
piston cloud
This moves the apt configuration into the setup.pp run, so we can get the
backport source added early which will enable us to install the latest facter
from the backports repository.
Change-Id: I8ccf1a0445dea72f1b94be08484f33e648439ec1
|
|
good. If we search for the word 'tor' we will find it when the variable contains
"monitor".
This commit makes the regular expression more specific based on the word
boundaries.
Change-Id: I4dcd80db7322cabc3f71b77fabf7eacd83b4d572
|
|
Change-Id: I74dfe1941eb338a89be994ac9e1b61739601d9db
|
|
|
|
|
|
included in the web app (#1978)
remove site_ca_daemon module and configuration in site.pp as well as the provider_base/services/ca.json
|
|
|
|
|
|
|
|
directly
|
|
|
|
|
|
|