Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-03-22 | webapp: add secret_key_base to config | Azul | |
This replaces the secret_token from rails 4.1 on. Both are used for securing cookies in the browser. The secret_key_base will also encrypt the cookies while the token will only sign them. Keeping the token in there for now allows us to migrate existing sessions / cookies to the new secrets. We can remove it in the next version once all providers have run with secret_key_base for a while. | |||
2016-04-05 | testing: adds mx delivery tests | elijah | |
2015-11-17 | [bug] [jessie] template functions need an array | varac | |
from https://docs.puppetlabs.com/puppet/latest/reference/lang_template_erb.html#calling-puppet-functions-from-templates: "The arguments of the function must be provided as an array, even if there is only one argument." This is a hard requirement in puppet 3 now. - Related: #6920 | |||
2015-09-28 | Modify config.yml.erb to include the invite code option | ankonym | |
2015-09-10 | fix various problems with webapp config generation | elijah | |
2015-08-03 | webapp: add support for customizing locales | elijah | |
2015-03-30 | added support for rotating couchdb databases. | elijah | |
2015-02-03 | Merge remote-tracking branch 'elijah/feature/expire' into develop | Micah Anderson | |
Conflicts: platform.rb Change-Id: Ifb1a7579e00b1ee2bdebe86671d5c2f1cac2a8dc | |||
2015-02-02 | added custom puppet function sorted_json(). closes #6389 | elijah | |
2015-01-28 | update default provider.json to use the (now) correct expiration time ↵ | elijah | |
format. requires new leap_cli. | |||
2014-10-29 | added webapp.forbidden_usernames property to allow configuration of ↵ | elijah | |
usernames to block. | |||
2014-08-01 | minor: fix typo in webapp config | Azul | |
@provider -> @webapp | |||
2014-07-11 | Added allow_registration to webapp config.yml. | Folker Bernitt | |
- See issue #5217 - See companion change in leap_web | |||
2014-06-17 | allow webapp.json to configure what engines are enabled | elijah | |
2014-05-24 | move haproxy-template to modules/site_haproxy | Christoph | |
2014-05-14 | revert accidental change to webapp config template | Azul | |
2014-05-14 | use hash for provider service levels | Azul | |
We want to access service levels by means of the id stored in the user record. With a hash we don't have to loop through all elements to find the one with a given id and still can use arbitrary strings and do not rely on the order of the array. Also it's the format the webapp is expecting right now. | |||
2014-04-29 | require json so we can use it to dumpt the service levels | Azul | |
2014-04-24 | bring service_levels into webapp config - #5527 | Azul | |
including the default_service_level | |||
2014-01-02 | added support for minimum client version checking | elijah | |
2013-11-28 | remove admin access from webapp | Micah Anderson | |
Change-Id: Ib2ce0d38a8e4dd30ae6842bfb5579d9c3dd10f18 | |||
2013-10-11 | /etc/haproxy/haproxy.cfg changed randomly (Feature #4111) | varac | |
2013-09-24 | added site_config::x509::client_ca::cert and ↵ | varac | |
site_config::x509::client_ca::key for client_ca deployment (#3917) | |||
2013-09-20 | fix whitespace issues from https://review.leap.se/r/82 | varac | |
2013-09-19 | fix x509 path in webapp config.yml.erb (#3894) | varac | |
2013-07-30 | webapp - use hiera config "webapp.admins" for the list of admin usernames, ↵ | elijah | |
default to empty list. | |||
2013-07-30 | added webapp.secure flag (turns on secure cookies and HSTS) | elijah | |
2013-07-30 | site_webapp - add support for haproxy weights and backup servers (resolves ↵ | elijah | |
#3278) | |||
2013-04-22 | webapp -- fixed bug in configuration | elijah | |
2013-04-16 | move secret token into the config.yaml | Micah Anderson | |
2013-04-09 | add a httpchk line to haproxy to properly test if the couchdb is available | Micah Anderson | |
add the useful http-server-close option set check option on the servers, with a 3 second interval, a one second fastinter (for flapping) and a one second downinter. Set the number of checks for failure to be one (so it will take 3 seconds for a node to fail out) and 2 checks to come back | |||
2013-03-19 | create a separate couchdb.yml.admin that contains the couchdb admin ↵ | Micah Anderson | |
privileges, putting the unprivileged ones in as user webapp in couchdb.yml. This allows us to migrate the couchdb design docs on deployment, but use an unprivileged user the remainder of the time | |||
2013-03-19 | configure webapp haproxy couchdb connection | Micah Anderson | |
2013-03-19 | configure site_webapp::haproxy to ship a haproxy config::fragment to setup the | Micah Anderson | |
haproxy listener 'bigcouch-in'. This haproxy listener is configured to listen on port 4096 (arbitrarily chosen) and balance across the locally configured stunnels to the bigcouch instances It may be that we will need some additional haproxy options for handling persistence, cookies, or other HTTP headers, I'm unsure as of this moment | |||
2013-03-19 | turn off automatic updates of couchdb design docs (#1979) | Micah Anderson | |
2013-03-18 | Webapp: Use stunnel localhost:5000 for couchdb connection | varac | |
2013-03-17 | added support for "limited" service levels (although vpn is not yet actually ↵ | elijah | |
rate limited). | |||
2013-02-27 | openvpn -- added support for optional "free" rate-limited service via ↵ | elijah | |
special client certificates with the FREE prefix in the common name. | |||
2013-01-21 | client ca -- configure the webapp with the client ca | elijah | |
2013-01-11 | configure webapp with correct domain | elijah | |
2012-12-11 | add prefix to couchdb.yaml | Micah Anderson | |
2012-12-11 | fix couchdb port | Micah Anderson | |
2012-11-27 | fix name of couchdb.yml template | Micah Anderson | |
2012-11-27 | add the couchdb configuration template | Micah Anderson | |