Age | Commit message (Collapse) | Author |
|
Change-Id: Iae2b1cacd64565931cef77194a733aeae681efaf
|
|
Change-Id: I341628d0f36225ce49ae301246e7c152553efcae
|
|
cases when shorewall doesn't properly come up, ensuring that it fails safe (#3339)
Change-Id: Id4f0bf6cf25f420aa2ad67635b37ae95f54e3d38
|
|
squashed commits:
site_squid_deb_proxy::client: include shorewall::rules::mdns for avahi discovery
added submodule squid_deb_proxy from git://code.leap.se/puppet_squid_deb_proxy
updated submodule squid_deb_proxy
use squid_deb_proxy::client
|
|
This reverts commit 9e83de3497ec55f4910de099917387d500b8f4b4.
|
|
|
|
|
|
to work with the latest leap_cli.
|
|
|
|
packages that we want to make sure are installed remove packages that were found on vagrant and PC installations that have no business being there
Change-Id: I4887a327ca89eb60945ad817a75ff199859824d3
|
|
unbound
|
|
Due to the fact that /etc/hosts is modified in the early stage setup.pp run and
the stunnel service is not deployed on an initial puppet run, we cannot simply
override the Service['stunnel'] but instead need to trigger a restart through
an exec calling the init script that first tests to see if it is present.
Change-Id: I6bf5dfece9ecbdb8319747774185dec50d5a55f6
|
|
. move the setting of the xterm title to site_config::shell
. change the xterm file resource to use standard source lines, switch to single
quotes, quote mode, and line up parameters
. move the mosh pieces into a site_ssh::mosh class and only include it if the
right mosh variable is enabled, passing into the class the necessary hiera parameters
. lint the site_ssh::mosh resources
. change the authorized_keys class to accept the key parameter which is passed
in from the main ssh class (but allow for out of scope variable lookup when the
tag is passed)
Change-Id: Ieec5a3932de9bad1b98633032b28f88e91e46604
|
|
openstack/amazon instances
The dhclient in these environments is quite aggressive and overwrites the
nameservers we've deliberately chosen to use with google's nameservers. This
commit attempts to fix that.
The dhclient methodology for altering these things is particularly
unpleasant. We effectively redefine the functions that mess with this file to be
noops in the /etc/dhcp/dhclient-enter-hooks.d directory and then we are forced
to restart dhclient by shipping a script that tries to determine the correct PID
and arguments that it was running as before killing and restarting it with the
same arguments.
See debian bugs #681698, #712796 for further discussion about how to make this
less difficult
Change-Id: I51cf40cf98eaddcefd8180e157b6e3ca824173f0
|
|
setup a /etc/profile.d configuration snippet to put /srv/leap/bin in the $PATH (#2122)
Change-Id: I0afb5232375e6c6d9f692a97243023c710265d54
|
|
Change-Id: If10470978ee31a398e0b88d8d98552c93d4706a2
|
|
|
|
|
|
|
|
variables that are used in different places
to start with we setup the $interface variable, based on logic as defined in #2213
change the various places that were looking up this value to use site_config::params::interface instead
|
|
|
|
|
|
|
|
|
|
Because in site.pp it didn't get the tag "leap_base"
and would not be declared with leap cli's default puppet
tags.
Fixes: parent directory /var/lib/puppet/concat
does not exist (Feature#1625)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
sub-directories under /etc/unbound (#1412)
|
|
|
|
|
|
include directives, so this commit works around this by doing something less
elegant than before. When we have the newer unbound available, we should switch
to that method instead.
|
|
to do tor lookups over DNS on servers, if tor services are defined.
To do this, we remove the bind9 configurations from site_config::resolvconf.pp
and replace it with site_config::caching_resolver with a basic unbound
configuration that can be used everywhere. The unbound configuration enables a
/etc/unbound/conf.d directory for additional config snippits that can be dropped
in from other places. This will be used for setting up different interfaces in
the vpn gateway, for example.
There will be a set of transition package/file absent blocks to clean up
providers.
|
|
|
|
|
|
|
|
|
|
|
|
/etc/hosts files are changed (otherwise it runs on every run)
|
|
site_config::hosts to be in the initial run stage to make sure the hostname is
set before anything else.
|
|
|
|
template
also set the hostname to what the hiera 'name' is set to
|
|
This will replace the existing /etc/hosts, so we will want to make this more smart later
|
|
|
|
|
|
|
|
|