Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-01-02 | added support for minimum client version checking | elijah | |
2013-11-28 | remove admin access from webapp | Micah Anderson | |
Change-Id: Ib2ce0d38a8e4dd30ae6842bfb5579d9c3dd10f18 | |||
2013-10-11 | /etc/haproxy/haproxy.cfg changed randomly (Feature #4111) | varac | |
2013-09-24 | added site_config::x509::client_ca::cert and ↵ | varac | |
site_config::x509::client_ca::key for client_ca deployment (#3917) | |||
2013-09-20 | fix whitespace issues from https://review.leap.se/r/82 | varac | |
2013-09-19 | fix x509 path in webapp config.yml.erb (#3894) | varac | |
2013-07-30 | webapp - use hiera config "webapp.admins" for the list of admin usernames, ↵ | elijah | |
default to empty list. | |||
2013-07-30 | added webapp.secure flag (turns on secure cookies and HSTS) | elijah | |
2013-07-30 | site_webapp - add support for haproxy weights and backup servers (resolves ↵ | elijah | |
#3278) | |||
2013-04-22 | webapp -- fixed bug in configuration | elijah | |
2013-04-16 | move secret token into the config.yaml | Micah Anderson | |
2013-04-09 | add a httpchk line to haproxy to properly test if the couchdb is available | Micah Anderson | |
add the useful http-server-close option set check option on the servers, with a 3 second interval, a one second fastinter (for flapping) and a one second downinter. Set the number of checks for failure to be one (so it will take 3 seconds for a node to fail out) and 2 checks to come back | |||
2013-03-19 | create a separate couchdb.yml.admin that contains the couchdb admin ↵ | Micah Anderson | |
privileges, putting the unprivileged ones in as user webapp in couchdb.yml. This allows us to migrate the couchdb design docs on deployment, but use an unprivileged user the remainder of the time | |||
2013-03-19 | configure webapp haproxy couchdb connection | Micah Anderson | |
2013-03-19 | configure site_webapp::haproxy to ship a haproxy config::fragment to setup the | Micah Anderson | |
haproxy listener 'bigcouch-in'. This haproxy listener is configured to listen on port 4096 (arbitrarily chosen) and balance across the locally configured stunnels to the bigcouch instances It may be that we will need some additional haproxy options for handling persistence, cookies, or other HTTP headers, I'm unsure as of this moment | |||
2013-03-19 | turn off automatic updates of couchdb design docs (#1979) | Micah Anderson | |
2013-03-18 | Webapp: Use stunnel localhost:5000 for couchdb connection | varac | |
2013-03-17 | added support for "limited" service levels (although vpn is not yet actually ↵ | elijah | |
rate limited). | |||
2013-02-27 | openvpn -- added support for optional "free" rate-limited service via ↵ | elijah | |
special client certificates with the FREE prefix in the common name. | |||
2013-01-21 | client ca -- configure the webapp with the client ca | elijah | |
2013-01-11 | configure webapp with correct domain | elijah | |
2012-12-11 | add prefix to couchdb.yaml | Micah Anderson | |
2012-12-11 | fix couchdb port | Micah Anderson | |
2012-11-27 | fix name of couchdb.yml template | Micah Anderson | |
2012-11-27 | add the couchdb configuration template | Micah Anderson | |