| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2013-05-16 | special casing for pistoncloud/openstack/ec2 | Micah Anderson | |
| 2013-04-30 | setup a site_config::params class that can be used to set some common ↵ | Micah Anderson | |
| variables that are used in different places to start with we setup the $interface variable, based on logic as defined in #2213 change the various places that were looking up this value to use site_config::params::interface instead | |||
| 2013-03-29 | fixed site_openvpn bug with redefined variable. | elijah | |
| 2013-03-17 | added support for "limited" service levels (although vpn is not yet actually ↵ | elijah | |
| rate limited). | |||
| 2013-02-27 | openvpn -- added support for optional "free" rate-limited service via ↵ | elijah | |
| special client certificates with the FREE prefix in the common name. | |||
| 2013-02-26 | require that the package unbound be installed before trying to write to its | Micah Anderson | |
| configuration file, this addresses issue #1853 - [vpn1] err: /Stage[main]/Site_openvpn::Resolver/Line[add_tcp_resolver]/Exec[echo 'server: include: /etc/unbound/conf.d/vpn_tcp_resolver' >> '/etc/unbound/unbound.conf']/returns: change from notrun to 0 failed: echo 'server: include: /etc/unbound/conf.d/vpn_tcp_resolver' >> '/etc/unbound/unbound.conf' returned 2 instead of one of [0] at /srv/leap/puppet/modules/common/manifests/defines/line.pp:45 | |||
| 2013-02-21 | linted a bit | varac | |
| 2013-02-21 | linted | varac | |
| 2013-02-21 | linted | varac | |
| 2013-01-31 | tag 'base' is a bad idea because it invokes apache::base as well | varac | |
| 2013-01-31 | Merge branch 'develop' of ssh://leap.se/leap_platform into develop | elijah | |
| 2013-01-31 | added /etc/openvpn/ca_bundle.pem in order to allow multiple CA certs to be used. | elijah | |
| 2013-01-31 | tag 'service' for all service classes | varac | |
| 2013-01-30 | linted | varac | |
| 2013-01-29 | added support for client ca cert in site openvpn. | elijah | |
| 2013-01-29 | fix variable name for re-ordered fact | Micah Anderson | |
| 2013-01-29 | fix variable scoping | Micah Anderson | |
| 2013-01-29 | fix syntax error from enclosing variables in curly | Micah Anderson | |
| 2013-01-29 | enclose the variables in curly braces, as recommended by puppet-lint | Micah Anderson | |
| 2013-01-29 | add a new fact that provides a fact for each configured ip address, telling you | Micah Anderson | |
| which interface has it (essentially the inverse of the ipaddress_${interface} fact). Switch the hiera lookups of the $interface, which was pulling from the .json to pull instead from the above fact, see #1547 and #1548 | |||
| 2013-01-17 | notify unbound when these configuration files change | Micah Anderson | |
| 2013-01-17 | fix typo in cidr variable name | Micah Anderson | |
| 2013-01-17 | change to using the CIDR notation for unbound access list | Micah Anderson | |
| 2013-01-17 | fully qualify the variables that are used in the vpn gateway resolver | Micah Anderson | |
| 2013-01-17 | unfortunately the version of unbound that is in wheezy does not support wildcard | Micah Anderson | |
| include directives, so this commit works around this by doing something less elegant than before. When we have the newer unbound available, we should switch to that method instead. | |||
| 2013-01-17 | fix unbound access control | Micah Anderson | |
| 2013-01-16 | setup openvpn gateway resolver to listen on the udp/tcp virtual network ips so | Micah Anderson | |
| that queries can be made from clients on the vpn | |||
| 2013-01-16 | update unbound submodule to fix infinite service restart problem | Micah Anderson | |
| 2013-01-16 | setup site_unbound with a basic caching-only configuration and include that on | Micah Anderson | |
| the openvpn gateway (see #1172) | |||
| 2013-01-16 | remove unnecessary include that was left over from ↵ | Micah Anderson | |
| c2d57624c15dfaff038f9991f04ade46b5ad1d40: | |||
| 2012-12-10 | openvpn: use x509 module to deploy certs (fixes #1064) | varac | |
| 2012-11-23 | enable ip_forwarding #1029 | varac | |
| 2012-11-23 | openvpn -- enforce certain cipher choices on the server | elijah | |
| 2012-11-22 | clean up openvpn and x509 paths | elijah | |
| 2012-11-22 | deploy openvpn server.crt and server.key | varac | |
| 2012-11-21 | move site_config::eip to site_openvpn (Feature #943) | varac | |
| 2012-11-21 | hiera variable for openvpn dh parameters changed | varac | |
| 2012-10-30 | prettyfying | varac | |
| 2012-10-29 | no need for server-up.sh right now | varac | |
| 2012-10-11 | renamed hiera keys to work with leap_cli | varac | |
| 2012-10-04 | different parameter for each config | varac | |
| 2012-10-04 | dh1204.pem -> dh.pen | varac | |
| 2012-10-04 | finished site_openvpn::server_config | varac | |
| 2012-10-04 | adopted most static parameters | varac | |
| 2012-10-04 | include openvpn keys | varac | |
| 2012-10-04 | cosmetics | varac | |
| 2012-10-04 | + site_openvpn::keys | varac | |
| 2012-10-04 | cosmetics for server_config.pp | varac | |
| 2012-09-21 | basic configuration for openvpn server files | varac | |
| 2012-09-21 | oved things around | root | |
 |
index : leap_platform.git | |
| [leap_platform] | git repository hosting |
| summaryrefslogtreecommitdiff |