summaryrefslogtreecommitdiff
path: root/puppet/modules/site_couchdb/manifests
AgeCommit message (Collapse)Author
2013-09-24seperate cert and key deployment (#3918)varac
2013-09-19Depend services on deployment of default key, cert and ca (Feature #3838)varac
2013-09-19only deploy x509 stuff for nodes if it existes in hiera (Feature #3875)varac
2013-09-18Setup a class dependency for every tag 'leap_service' to make sure that ↵Micah Anderson
shorewall is setup before the service is setup. This is necessary due to the strict initial firewall that stops various service setup operations from happening, but is relaxed once shorewall is setup properly (#3782) Change-Id: Ia9640c4118aa0053cdb99e7bc11860fed5527501
2013-09-13setup stunnel config to use default x509 cert,key+ca (#3837)varac
* fix stunnel setups for couchdb, mx, webapp services
2013-09-13use define instead of class for site_stunnel::setup (#3817)varac
so it can be called multiple times
2013-09-02create all webapp databases so _security is set (fixes 3517)Azul
2013-08-30create sessions db with puppet (Bug #3597)varac
2013-08-27setup bigcouch logrotation (#3491)Micah Anderson
Change-Id: Ia35cf7a9fc1d0fad6a57bbae73968ab6b8f0c847
2013-08-14require that the couchdb::query::setup has been run before any attempts are ↵Micah Anderson
made to create databases or add users as these would fail otherwise. Closes: #3466 Change-Id: Ifa8b3da5858ce858fd319c4a659e70d20a65d3e0
2013-05-23include site_couchdb::bigcouch::add_nodes in site_couchdb/manifests/init.ppvarac
2013-04-24take out plain couchdb setup, always deploy bigcouch (Feature #2176)varac
2013-04-24Use pre-salted+hashed admin pw for couchdb (Feature #1941)varac
2013-04-24updated needed couchdb users and DBsvarac
2013-04-24Use pre-salted+hashed user pw for couchdb (Feature #2324)varac
2013-04-04pass $ca_name to stunnel::setup - this eliminates a dynamic scoped variable ↵Micah Anderson
lookup, and warning
2013-04-04add Erlang Distributed Node Protocol Port json entry under bigcouchMicah Anderson
setup ednp_server and ednp_client stunnels update couchdb puppet submodule to support configurable ednp_port parameter and general module cleanup pass ednp_port to couchdb setup so that it is configured in the vm.args template clarify in comments the difference between the epmd and ednp ports remove hard-coded erlang_vm_port variable and instead setup shorewall to allow for the stunnel connection only setup dnat rules for the ednp client connections
2013-04-04remove the apache_ssl_proxy cleanupMicah Anderson
2013-04-04rename the bigcouch_replication_[server,client] to be the more accurately, andMicah Anderson
shorter named epmd (erlang port mapper daemon)
2013-04-02switch to using stunnel_client and stunnel_server leap_cli macrosMicah Anderson
add bigcouch_replication_clients to couchdb.json change site_couchdb/manifests/stunnel to use stunnel_client and stunnel_server generated hiera values to setup the stunnels for the couch_server connections, and the bigcouch_replication_server and bigcouch_replication_clients tunnels instead of using hard-coded ips and ports. also change the pid names to be more consistent with what the tunnels are and are named
2013-04-02replace long-form variables with shorter onesMicah Anderson
remove unnecessary bigcouch_replication_client_default values (verify, rndfile, debuglevel)
2013-04-02remove duplicate 'include site_stunnel'Micah Anderson
this already exists in class site_stunnel::setup which is instantiated in this class
2013-04-02fix bigcouch stunnel pid namevarac
2013-04-02decrease stunnel debug levelvarac
2013-04-02couchdb hosts include site_shorewall::couchdb::bigcouchvarac
2013-04-02increase stunnel verbosity until everything is running smoothvarac
2013-04-02addded client side of bigcouch cluster protocol stunnel configvarac
2013-04-02added bigcouch.conf as incoming stunnel config for bigcouch clusteringvarac
2013-04-02working on stunnel for bigcouch clusteringvarac
2013-03-17fix webapp/couchdb stunnel certificate authorityMicah Anderson
2013-03-14add couchdb stunnel serverMicah Anderson
2013-03-14remove apache ssl proxy in preparation of replacing it with a stunnel setupMicah Anderson
This presents us with an interesting problem of deprecation. We need to manage the removal of something that we previously installed in any released code. How long we carry the puppet code that removes raises some interesting questions: do we require that someone who deployed version 1 (where the apache ssl proxy was deployed) of the platform upgrade first to version 2 (where we remove the apache ssl proxy) before they upgrade to version 3 (where the apache ssl proxy removal is no longer present) -- or do we allow people to skip versions?
2013-03-14include cloudant package repo for bigcouch servervarac
2013-03-10pass couchdb cookie to class couchdbvarac
2013-03-10use bigcouch in site_couchdbvarac
2013-03-10site_couchdb::configure moved to couchdbvarac
2013-03-09couchdb init file moved to couchdb modulevarac
2013-02-06include shorewall config for webapp and couchdbvarac
2013-01-31tag 'base' is a bad idea because it invokes apache::base as wellvarac
2013-01-31tag 'service' for all service classesvarac
2013-01-29eliminate dynamic lookup deprecation warnings for site_couchdb::apache_ssl_proxyMicah Anderson
2012-12-10couchdb: use x509 module to deploy certs (fixes #1063)varac
2012-12-07new names for couchdb DBsvarac
2012-12-07removed pinning couchdb to unstable because 1.2.0-3 is in wheezy, finallyvarac
2012-12-04remove no longer needed removal of the ports.conf fileMicah Anderson
2012-12-04alphabetize the apache modulesMicah Anderson
2012-12-04Stop the [warn] NameVirtualHost *:443 has no VirtualHosts errorsMicah Anderson
When we include apache::ssl it ships the ssl.conf file which sets up the NameVirtualHost *:443, so we just do what that class does fixes: https://leap.se/code/issues/944
2012-11-22call refresh_apt before installing couchdb, solves ↵varac
https://leap.se/code/issues/994
2012-11-08 = truevarac
2012-11-06adopt new hiera creditialsvarac