Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-10-05 | Feat: Refactor tor services | Micah Anderson | |
In order to refactor the tor services, we need to split them out into three different services. This adds the hidden service class that is necessary to support the previous commits. Fixes #8864. | |||
2017-10-05 | Feat: split tor service into three | elijah | |
The 'tor' service is now three separate services, 'tor_exit', 'tor_relay', or 'hidden_service'. | |||
2017-03-22 | webapp: add secret_key_base to config | Azul | |
This replaces the secret_token from rails 4.1 on. Both are used for securing cookies in the browser. The secret_key_base will also encrypt the cookies while the token will only sign them. Keeping the token in there for now allows us to migrate existing sessions / cookies to the new secrets. We can remove it in the next version once all providers have run with secret_key_base for a while. | |||
2017-03-15 | [8144] Remove Haproxy | varac | |
We used haproxy because we had multiple bigcouch nodes but now with a single couchdb node this is not needed anymore. - Resolves: #8144 | |||
2016-08-30 | lint site_webapp/manifests/init.pp | varac | |
2016-08-30 | [feat] Use twisted 16.2 from jessie-backports | varac | |
New soledad packages now depend on Twisted 16.2.0 (see https://leap.se/code/issues/8412), so we need to pin twisted to get installed from jessie-backports. - Resolves: #8418 | |||
2016-02-02 | don't deploy bundler debug to servers | kwadronaut | |
2016-01-22 | restructured site.pp, now only one class gets included in site.pp per ↵ | varac | |
service (Bug #6851) Also, moved global Exec{} defaults to site.pp Change-Id: I9ae91b77afde944d2f1312613b9d9030e32239dd | |||
2015-10-30 | [feat] Add soledad::client class for soledad-sync | varac | |
- Restructure soledad class - Include soledad::client class on webapp nodes - Tested: [unstable.bitmask.net] - Related: #7523 | |||
2015-10-07 | [bug] Fix removal of webapp apache config file | varac | |
Done by including a service-dependend site_config::remove::webapp class. | |||
2015-04-16 | properly clean up unused files | elijah | |
2015-04-16 | clean up logging mess: add 'logfile' define, mv openvpn and stunnel logs to ↵ | elijah | |
their own files, fix mx logwatch path. | |||
2015-04-08 | move rotated db creation to site_couchdb and fix rotated db tests | elijah | |
2015-03-30 | added support for rotating couchdb databases. | elijah | |
2015-02-04 | consolidate sources into common.json | elijah | |
2014-12-09 | Soledad sync check needs python-u1db package installed (Bug #6520) | varac | |
Change-Id: I8a6c27434f548f24d9dba1a969699200ab307477 | |||
2014-11-07 | Better check for tor hidden service on a webapp node. | guido | |
Change-Id: I92f69b6fa30aae953243ae19096e2998810c9ac6 | |||
2014-11-04 | Adds support for Tor hidden service on webapp (Feature #6273) | guido | |
Change-Id: I56250e05e3a933deacd0b6e02192e712d3fd9fd5 | |||
2014-09-03 | Merge branch 'master' into develop | varac | |
Conflicts: platform.rb puppet/modules/site_config/manifests/hosts.pp | |||
2014-08-05 | Fixes: #5952 Webapp now logs to it's own file instead of syslog and user.log | guido | |
2014-06-17 | allow webapp.json to configure what engines are enabled | elijah | |
2014-05-22 | remove old classes | Christoph | |
site_mx::haproxy and site_webapp::haproxy only included site_haproxy. They didn't do anything else. So just include site_haproxy in manifests/init.pp and remove the unused classes | |||
2014-02-27 | check syslog for webapp errors | varac | |
2014-01-02 | added support for minimum client version checking | elijah | |
2013-11-28 | remove admin access from webapp | Micah Anderson | |
Change-Id: Ib2ce0d38a8e4dd30ae6842bfb5579d9c3dd10f18 | |||
2013-11-27 | add webapp cron entries to cleanup sessions and tokens (#4572) | Micah Anderson | |
Change-Id: Ic1ef7e25f07cbbbcea9bcc90248479009904303e | |||
2013-11-22 | improvements to webapp deployment: allow for greater customization, allow ↵ | elijah | |
for custom git source, improve apache config. | |||
2013-11-22 | added custom index.html | elijah | |
2013-10-11 | fixed issues from https://review.leap.se/r/98/ | varac | |
2013-10-11 | install ruby-dev for nickserver/webapp (#4079 + #4080) | varac | |
2013-09-24 | deploy client_ca on webapp node | varac | |
2013-09-24 | webapp leftover for seperate cert and key deployment (Feature #3918) | varac | |
2013-09-24 | https://bitmask.net/ca.crt gives 403 Forbidden (Bug #3919) | varac | |
2013-09-24 | seperate cert and key deployment (#3918) | varac | |
2013-09-19 | webapp: Depend services on deployment of default key, cert and ca (Feature ↵ | varac | |
#3838) | |||
2013-09-18 | Setup a class dependency for every tag 'leap_service' to make sure that ↵ | Micah Anderson | |
shorewall is setup before the service is setup. This is necessary due to the strict initial firewall that stops various service setup operations from happening, but is relaxed once shorewall is setup properly (#3782) Change-Id: Ia9640c4118aa0053cdb99e7bc11860fed5527501 | |||
2013-09-05 | require that shorewall is up before running bundler commands, it needs to ↵0.3.0rc1 | Micah Anderson | |
pull things from git (#3756) Change-Id: If404452c54dedb7a39a910994dc68309257d351d | |||
2013-09-04 | change git repository clone URIs from git:// to https:// (#3732) | Micah Anderson | |
Change-Id: Ic700fec9cfb8e8474fb65dbdd4a1a537bf586ec9 | |||
2013-09-02 | specify RAILS_ENV when calling bundle assets-precompile (fixes #3638) | Azul | |
We currently disable the billing gem in production while it's on in development and test. Therefore bundler will not install its dependencies - in particular the braintree gem when deploying. Since the RAILS_ENV was not specified rake was called with the default of 'development'. It therefore tried to load the development gems and failed when looking for 'braintree'. Specifying the production RAILS_ENV fixes this. It looks like we'll always need to specify RAILS_ENV when calling rake or we might want to export it to the environment in a separate task or the user config files such as .bashrc | |||
2013-08-28 | require VCS repo before git assume-unchanged (feature #1608) | Azul | |
2013-08-27 | move git::changes into git module, whitespace fix | Azul | |
2013-08-27 | specify cwd when using git:changes | Azul | |
2013-08-27 | git:changes expect changes to certain files | Azul | |
You can either ensure assume-unchanged or ensure those changes are tracked. Used to keep the git status clean. | |||
2013-08-27 | make git forget about the changes due to symlinking files | Azul | |
Git normally tracks the dummy files we replace with symlinks. So we tell it to ignore these changes on deploy. | |||
2013-07-29 | site_webapp bugfix - get compile_assets to run by ensuring .scss files are ↵ | elijah | |
created beforehand and have the correct permissions. | |||
2013-07-23 | not need for file { '/srv/leap/webapp': }, we have vcsrepo { ↵ | varac | |
'/srv/leap/webapp': } | |||
2013-07-23 | /srv/leap/webapp/public/img: require => Vcsrepo['/srv/leap/webapp'] | varac | |
2013-07-11 | changes to support restrictive permissions for /etc/leap. this is required ↵ | elijah | |
to work with the latest leap_cli. | |||
2013-07-06 | site_webapp -- make bundler not install test-only or development-only gems. | elijah | |
2013-05-23 | Merge branch 'feature/switch-webapp-location' into develop | Micah Anderson | |
Conflicts: puppet/modules/site_webapp/manifests/init.pp Resolved lint differences Change-Id: Ifbc535ec844222c9f6f0dd71ac12742230bb64ee |