| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2017-10-07 | feat: add v3 tor hidden service support | Micah Anderson | |
| Resolves: #8879 | |||
| 2017-10-05 | Feat: Refactor tor services | Micah Anderson | |
| In order to refactor the tor services, we need to split them out into three different services. This adds the hidden service class that is necessary to support the previous commits. Fixes #8864. | |||
| 2017-10-05 | Feat: split tor service into three | elijah | |
| The 'tor' service is now three separate services, 'tor_exit', 'tor_relay', or 'hidden_service'. | |||
| 2017-08-23 | Bug: fix hidden service for static | elijah | |
| hidden service should be activated iff tor is among the active services and tor.hidden_service.active == true | |||
| 2017-05-30 | static - support for renewing certs with let's encrypt for static sites | elijah | |
| 2017-05-06 | Restructure site_tor to be more clear and re-usable (fixes #8784). | Micah Anderson | |
| This makes a more clear site_tor::relay class that the leap service includes, and a more generic site_tor class that other classes can depend on for setting up the initial install. | |||
| 2017-04-25 | Add single-hop hidden service capability. | Micah Anderson | |
| This cuts the number of hops for a tor onion service from 6 to 3, speeding it up considerably. This removes the anonymity aspect of the service, so it must be enabled intentionally, knowing that the server's location no longer is hidden. | |||
| 2017-04-25 | Lint | Micah Anderson | |
| 2016-09-13 | [bugfix] static sites: only enable hidden service by default if one domain ↵ | elijah | |
| is configured The problem is that we have a single onion address per server, so if more than one domain is configured we need to make sure they don't both try to use the same onion address. | |||
| 2016-09-05 | [style] lint ::site_static class | varac | |
| 2016-07-21 | fix site_static's call to passenger | elijah | |
| 2016-06-30 | fix static site apache config | elijah | |
| 2016-06-28 | Fix for when tor is not an array. | Micah | |
| When tor is not configured, then its possible to get this error on deploy: Error: tor is not a hash or array when accessing it with hidden_service at /srv/leap/puppet/modules/site_static/manifests/init.pp:16 on node rewdevstatic1.rewire.org This commit only accesses the array when its enabled. Change-Id: Ia75ac7a51179da980966adba0cc614b9cd642b0c | |||
| 2016-06-28 | Make static tor hidden services work (#8212). | Micah | |
| When tor hidden services were enabled for static sites, only a very basic configuration was setup and it didn't take into account the different location configurations that can be configured for a static site. This commit resolves that by making a site_static::hidden_service class similar to the site_webapp::hidden_service class, and fixes up the apache vhost template to properly create the location blocks for the hidden service vhost. Change-Id: Ice3586f4173bd2d1bd3defca29d21c7403d5a03a | |||
| 2016-06-27 | Fix the permissions on the DOMAIN/provider.json file for static sites. | elijah | |
| 2016-06-03 | auto run bundler when needed for site_static | elijah | |
| 2016-05-03 | migrate from obsolete SSLCertificateChainFile apache option (#8055) | Micah | |
| Change-Id: I20a28ae77c98071aefc1933e0ea73e5f3b895acb | |||
| 2016-04-18 | [style] more manual linting for custom manifests | varac | |
| 2016-04-18 | [style] lint some custom manifests | varac | |
| I used `puppet-lint -f FILE` to fix most issues, while finishing with manual intervention. | |||
| 2016-03-13 | static site: don't call site_static::location unless locations are actually ↵ | elijah | |
| defined. | |||
| 2016-01-27 | [bug] [jessie] Fix apache 2.4 auth directives | varac | |
| - Resolves: #7853 | |||
| 2016-01-27 | [refactor] Optimize static apache vhost templates | varac | |
| - Related: #7853 | |||
| 2016-01-22 | restructured site.pp, now only one class gets included in site.pp per ↵ | varac | |
| service (Bug #6851) Also, moved global Exec{} defaults to site.pp Change-Id: I9ae91b77afde944d2f1312613b9d9030e32239dd | |||
| 2015-11-30 | fix missing apache modules (#7638) | Micah | |
| Change-Id: I77fa50990b5ae60074c54738e8c19929b486d1d0 | |||
| 2015-11-30 | fix site_apache module class names that were renamed (#7636) | Micah | |
| Change-Id: Iea1242b3c27d92cef7b217006211e57631fd7e62 | |||
| 2015-10-19 | change apache header set for HSTS to be always, otherwise it wont be set for ↵ | Micah | |
| redirects (#7540) Change-Id: Ic77c64c03a99dad951f42633de04c352bed17c1e | |||
| 2015-10-11 | russian text requires amber 0.3.8 | elijah | |
| 2015-09-30 | Fix server-status availability to tor hidden services (#7456) | Micah Anderson | |
| Make the server-status information unavailable by putting the vhost on a port that isn't configured as available to the tor hidden-service. Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb | |||
| 2015-07-21 | Merge remote-tracking branch 'kwadrolab/static-amber-7231' into develop | Micah Anderson | |
| Conflicts: puppet/modules/site_static/manifests/init.pp Change-Id: I090b1cb3cbe3c4d01a2c640ae3a370b17e722e12 | |||
| 2015-07-14 | bump amber version, taking care of puppet ordering with require. | kwadronaut | |
| 2015-07-09 | use latest amber for static nodes. | elijah | |
| 2015-07-05 | zlib1g-dev needed for amber gem fixes #7231 | kwadronaut | |
| 2015-06-24 | remove static site circular dependency (closes #7145) | elijah | |
| 2015-06-17 | bugfix: site_static module was not including ssl_common.inc | elijah | |
| 2015-05-26 | Implement weakdh recommendations for cipher suites (#7024) | Micah Anderson | |
| This is a first step mitigation until we can have a newer apache that will allow us to specify dh parameters other than the default. Change-Id: Ibfcee53b331e8919466027dde1a93117b5210d9d | |||
| 2015-04-02 | static: restart apache when tls certs change | elijah | |
| 2015-01-14 | static site service: pin amber gem to 0.3.4 | elijah | |
| 2014-12-19 | Add x509 files to static node allowing postfix to work (solves #6577) + ↵ | guido | |
| minor lint. https://leap.se/code/issues/6577 Change-Id: Iefefbf3e8fc5c13cdd7e302627504a76b856e725 | |||
| 2014-10-15 | Disable SSLv3, and RC4 ciphers | Micah Anderson | |
| Change-Id: I7214aa4334e3d817dd1b6d8dce43523e3d955b5d | |||
| 2014-06-02 | static site: better message for wrong location type. | elijah | |
| 2014-06-02 | remove superfluous RackBaseURI directive | elijah | |
| 2014-06-02 | work around hiera's inability to escape '%' by using ':percent:' | elijah | |
| 2014-06-02 | static site: added rack support, added custom apache config | elijah | |
| 2014-06-02 | added support for /provider.json served from static site. | elijah | |
| 2014-05-17 | static: pin amber version to 0.3.0 | elijah | |
| 2014-04-05 | update site_static to work with new amber and have better tls ciphers | elijah | |
| 2014-03-24 | modules/site_static: part 2 - apache | elijah | |
| 2014-03-23 | modules/site_static: part 1 - amber | elijah | |
 |
index : leap_platform.git | |
| [leap_platform] | git repository hosting |
| summaryrefslogtreecommitdiff |