leap_platform.git - [leap

Age	Commit message (Collapse)	Author
2013-09-19	webapp: Depend services on deployment of default key, cert and ca (Feature ↵	varac
	#3838)
2013-09-19	tidy openvpn x509 definitions (#3831)	varac

2013-09-19	only deploy x509 stuff for nodes if it existes in hiera (Feature #3875)	varac

2013-09-18	deploy client_ca (#3833)	varac

2013-09-18	openvpn should use /usr/local/share/ca-certificates/leap_ca.crt (Feature #3831)	varac

2013-09-17	shorewall: #2399 blocks uplink (Bug #2866)	varac

2013-09-17	site_config::params::interface should contain eth1 for vagrant cause it's ↵	varac
	the main interface we use (#2399, #2401)
2013-09-17	Merge branch 'bug/3757' into develop	Micah Anderson

2013-09-14	ensure site_config::caching_resolver runs with tag leap_base (#3757)	Micah Anderson
	Change-Id: I593602ff9d3486dee39227673147e137045c55c5
2013-09-13	Deploy default x509 cert + key that services can use (Feature #3836)	varac

2013-09-13	deploy default x509::ca leap_ca in site_config::default (#3817)	varac

2013-09-04	fix initial firewall to allow outgoing lo traffic and outgoing port 443 (#3736)	Micah Anderson
	this allows nameserver queries to the local resolver to work and clones to the leap https repository to work Change-Id: I575d08405a0c28e12c8d201a8dbc79585a5a9a48
2013-09-04	need to test that /etc/init.d/shorewall exists before attempting to call it, ↵	Micah Anderson
	otherwise puppet complains (#3339) Change-Id: I7c8cc235817fe3d898157de4c4fdd8f1fe74f05a
2013-09-03	Work around for shorewall not being available at the site_config stage (#3339)	Micah Anderson
	Change-Id: Id3138cb967f76380b7f4e22ce862a099cb47669e
2013-09-03	require that shorewall has been installed before execs are run (#3339)	Micah Anderson
	Change-Id: Iae2b1cacd64565931cef77194a733aeae681efaf
2013-08-27	fix name of initial_firewall.pp file (#3339)	Micah Anderson
	Change-Id: I341628d0f36225ce49ae301246e7c152553efcae
2013-08-22	install a preliminary firewall that blocks everything, except ssh for the ↵	Micah Anderson
	cases when shorewall doesn't properly come up, ensuring that it fails safe (#3339) Change-Id: Id4f0bf6cf25f420aa2ad67635b37ae95f54e3d38
2013-08-14	vagrant: Install squid-deb-proxy on clients (optional) (Feature #3330)	varac
	squashed commits: site_squid_deb_proxy::client: include shorewall::rules::mdns for avahi discovery added submodule squid_deb_proxy from git://code.leap.se/puppet_squid_deb_proxy updated submodule squid_deb_proxy use squid_deb_proxy::client
2013-07-31	Revert "Site_webapp/Try::File: Could not find command 'git' (Bug #3202)"	varac
	This reverts commit 9e83de3497ec55f4910de099917387d500b8f4b4.
2013-07-31	Site_webapp/Try::File: Could not find command 'git' (Bug #3202)	varac

2013-07-17	default to false for $hosts	elijah

2013-07-11	changes to support restrictive permissions for /etc/leap. this is required ↵	elijah
	to work with the latest leap_cli.
2013-07-10	ensure that /etc/hosts is output deterministically, so that content does not ↵	elijah
	change each time you deploy.
2013-07-03	Merge branch 'bug/1983' into leap	Micah Anderson

2013-07-02	create a site_config subclass for package installation and removal add ↵	Micah Anderson
	packages that we want to make sure are installed remove packages that were found on vagrant and PC installations that have no business being there Change-Id: I4887a327ca89eb60945ad817a75ff199859824d3
2013-07-02	deleted bind9 purging, it was only needed for the transition from bind to ↵	varac
	unbound
2013-07-01	restart stunnels if /etc/hosts is changed (#3031)	Micah Anderson
	Due to the fact that /etc/hosts is modified in the early stage setup.pp run and the stunnel service is not deployed on an initial puppet run, we cannot simply override the Service['stunnel'] but instead need to trigger a restart through an exec calling the init script that first tests to see if it is present. Change-Id: I6bf5dfece9ecbdb8319747774185dec50d5a55f6
2013-06-30	Fix 'Failed to call refresh: /usr/local/sbin/reload_dhclient returned 2 instead	Micah Anderson
	of one of [0]' by putting in the missing closing single quote. Change-Id: I86feb5d06dd25e28ea67da0b5627e7be4174e01e
2013-06-30	modularize and standardize site_sshd:	Micah Anderson
	. move the setting of the xterm title to site_config::shell . change the xterm file resource to use standard source lines, switch to single quotes, quote mode, and line up parameters . move the mosh pieces into a site_ssh::mosh class and only include it if the right mosh variable is enabled, passing into the class the necessary hiera parameters . lint the site_ssh::mosh resources . change the authorized_keys class to accept the key parameter which is passed in from the main ssh class (but allow for out of scope variable lookup when the tag is passed) Change-Id: Ieec5a3932de9bad1b98633032b28f88e91e46604
2013-06-19	disable dhclient from modifying the /etc/resolv.conf file on ↵	Micah Anderson
	openstack/amazon instances The dhclient in these environments is quite aggressive and overwrites the nameservers we've deliberately chosen to use with google's nameservers. This commit attempts to fix that. The dhclient methodology for altering these things is particularly unpleasant. We effectively redefine the functions that mess with this file to be noops in the /etc/dhcp/dhclient-enter-hooks.d directory and then we are forced to restart dhclient by shipping a script that tries to determine the correct PID and arguments that it was running as before killing and restarting it with the same arguments. See debian bugs #681698, #712796 for further discussion about how to make this less difficult Change-Id: I51cf40cf98eaddcefd8180e157b6e3ca824173f0
2013-06-14	Merge branch 'develop' of git.codecoop.org:micah/leap_platform into develop	Micah Anderson

2013-06-12	Merge remote-tracking branch 'leap/develop' into develop	Micah Anderson

2013-06-11	/etc/hosts must not have commas!!	elijah

2013-06-11	use hiera hashes for source data for /etc/hosts	elijah

2013-06-11	add a class site_config::shell for shell-related configurations	Micah Anderson
	setup a /etc/profile.d configuration snippet to put /srv/leap/bin in the $PATH (#2122) Change-Id: I0afb5232375e6c6d9f692a97243023c710265d54
2013-06-11	lint hosts.pp	Micah Anderson
	Change-Id: If10470978ee31a398e0b88d8d98552c93d4706a2
2013-05-30	site_sshd -- added xterm title, optional support for mosh	elijah

2013-05-23	Install git before vcsrepo call (Feature #2510)	varac

2013-05-18	added module site_nickserver	elijah

2013-04-30	setup a site_config::params class that can be used to set some common ↵	Micah Anderson
	variables that are used in different places to start with we setup the $interface variable, based on logic as defined in #2213 change the various places that were looking up this value to use site_config::params::interface instead
2013-04-02	fix variable curly braces	Micah Anderson

2013-04-01	added setup.pp	elijah

2013-02-12	switch to using stdlib's standard stages	Micah Anderson

2013-02-06	site_config::default : include site_shorewall::defaults	varac

2013-02-01	moved concat::setup to site_config::default	varac
	Because in site.pp it didn't get the tag "leap_base" and would not be declared with leap cli's default puppet tags. Fixes: parent directory /var/lib/puppet/concat does not exist (Feature#1625)
2013-01-31	tag 'base' is a bad idea because it invokes apache::base as well	varac

2013-01-31	install etckeeper on all nodes	varac

2013-01-31	changed tag default to 'base'	varac

2013-01-31	puppet tags: site_config::default and site_config::slow	varac

2013-01-29	it seems facts cannot start with numbers	Micah Anderson