leap_platform.git - [leap

Age	Commit message (Collapse)	Author
2017-09-05	Bug: fix vpn network problem caused by vagrant fact	elijah
	Boolean facts must be escaped with str2bool. This commit includes new tests to catch VPN problems like this in the future.
2016-04-12	Put openvpn logs into leap directory (#8021)	Micah
	Have openvpn logs go to /var/log/leap/openvpn_$protocol, instead of to /var/log/daemon.log. Change-Id: I1fc33de660648ab0dba1ce98de2864649c104719
2016-03-08	[bug] Fix inline template with deprecated variable notation	varac
	- Resolves: #7948
2016-02-16	remove pinning of openvpn package to backports	elijah

2016-01-22	linted puppet/modules/site_openvpn/manifests/init.pp	varac

2016-01-22	restructured site.pp, now only one class gets included in site.pp per ↵	varac
	service (Bug #6851) Also, moved global Exec{} defaults to site.pp Change-Id: I9ae91b77afde944d2f1312613b9d9030e32239dd
2015-10-13	Make syslog stop logging the icmpv6_send: no reply to icmp error	Micah
	messages, these are spamming provider's logs and will continue to do so until we have ipv6 working for the VPN (#6540) Change-Id: I80673bb64d8239e478bc042794929640f7a7cc39
2015-04-16	clean up logging mess: add 'logfile' define, mv openvpn and stunnel logs to ↵	elijah
	their own files, fix mx logwatch path.
2014-11-23	fix dependency on x509 ca_bundle class (#6410)	Micah Anderson
	Change-Id: Ia1e7009240d61464d7ba45ad07291664f6a3b768
2014-11-20	Make sure openvpn is restarted when cert/key change (#6405)	Micah Anderson
	I reformatted the section below for consistency. Change-Id: I18f5e23850e0c1ab4b1f2ee467d5af54ae9ff303
2014-05-07	openvpn package resource needs to be ensure => latest to accommodate upgrades	Micah Anderson
	Change-Id: I8caad9b4ac15dcce8ab74ad6d22dd6ad9f6efb14
2014-05-06	install openvpn from wheezy-backports, this will bring in openvpn 2.3,	Micah Anderson
	which will provide us with proper ipv6 support Change-Id: I0188732aae6cbc64ab57e95bf805d6158fa17e07
2014-04-02	Merge pull request #20 from elijh/feature/openvpn-config	varac
	allow ability to customize openvpn security options
2014-03-25	ignore openvpn TLS initialization errors (Feature #5374)	varac

2014-03-20	allow ability to customize openvpn security stuff: tls-cipher, auth, and ↵	elijah
	cipher config options.
2013-10-15	puppet - openvpn gateway address is hard coded as a /24 network (Bug #1863)	varac

2013-09-25	openvpn is restarted before package is installed (Bug #3904)	varac

2013-09-24	seperate cert and key deployment (#3918)	varac

2013-09-19	Depend services on deployment of default key, cert and ca (Feature #3838)	varac

2013-09-19	tidy openvpn x509 definitions (#3831)	varac

2013-09-19	only deploy x509 stuff for nodes if it existes in hiera (Feature #3875)	varac

2013-09-18	Setup a class dependency for every tag 'leap_service' to make sure that ↵	Micah Anderson
	shorewall is setup before the service is setup. This is necessary due to the strict initial firewall that stops various service setup operations from happening, but is relaxed once shorewall is setup properly (#3782) Change-Id: Ia9640c4118aa0053cdb99e7bc11860fed5527501
2013-07-16	lint site_openvpn manifests	Micah Anderson
	Change-Id: I314031d93aa9f4a0f217680870678e39c096d46a
2013-07-04	more robust openvpn restarting	Micah Anderson
	this ensures that an actual restart is run on the service when config files are added or removed, instead of relying on the status parameter of the initscript, which can be confused if config files are removed out from under it Change-Id: I1c69fff26933338b707acf7dc4593547f32f92e3
2013-05-16	special casing for pistoncloud/openstack/ec2	Micah Anderson

2013-04-30	setup a site_config::params class that can be used to set some common ↵	Micah Anderson
	variables that are used in different places to start with we setup the $interface variable, based on logic as defined in #2213 change the various places that were looking up this value to use site_config::params::interface instead
2013-03-29	fixed site_openvpn bug with redefined variable.	elijah

2013-03-17	added support for "limited" service levels (although vpn is not yet actually ↵	elijah
	rate limited).
2013-02-27	openvpn -- added support for optional "free" rate-limited service via ↵	elijah
	special client certificates with the FREE prefix in the common name.
2013-02-21	linted	varac

2013-01-31	tag 'base' is a bad idea because it invokes apache::base as well	varac

2013-01-31	tag 'service' for all service classes	varac

2013-01-29	fix variable name for re-ordered fact	Micah Anderson

2013-01-29	fix variable scoping	Micah Anderson

2013-01-29	fix syntax error from enclosing variables in curly	Micah Anderson

2013-01-29	enclose the variables in curly braces, as recommended by puppet-lint	Micah Anderson

2013-01-29	add a new fact that provides a fact for each configured ip address, telling you	Micah Anderson
	which interface has it (essentially the inverse of the ipaddress_${interface} fact). Switch the hiera lookups of the $interface, which was pulling from the .json to pull instead from the above fact, see #1547 and #1548
2013-01-16	update unbound submodule to fix infinite service restart problem	Micah Anderson

2013-01-16	setup site_unbound with a basic caching-only configuration and include that on	Micah Anderson
	the openvpn gateway (see #1172)
2013-01-16	remove unnecessary include that was left over from ↵	Micah Anderson
	c2d57624c15dfaff038f9991f04ade46b5ad1d40:
2012-11-23	enable ip_forwarding #1029	varac

2012-11-22	deploy openvpn server.crt and server.key	varac

2012-11-21	move site_config::eip to site_openvpn (Feature #943)	varac

2012-10-04	cosmetics	varac

2012-09-21	basic configuration for openvpn server files	varac

2012-09-21	oved things around	root

2012-09-20	beginning of site_openvpn	varac