summaryrefslogtreecommitdiff
path: root/puppet/modules/site_webapp
AgeCommit message (Collapse)Author
2014-02-06move leap_webapp.conf template to common.conf which is included by the ↵varac
nagios and webapp node (#5096)
2014-01-22anonymize webapp ips (Bug #4896)varac
2014-01-08fix webapp couchdb.yml to be couchdb.yml not couchdb.yml.webappelijah
2014-01-02added support for minimum client version checkingelijah
2013-11-28fix cwd in webapp cronjobsMicah Anderson
Change-Id: I2e189bf5e209c731077539a57f9b334ac66cd25b
2013-11-28remove admin access from webappMicah Anderson
Change-Id: Ib2ce0d38a8e4dd30ae6842bfb5579d9c3dd10f18
2013-11-27add webapp cron entries to cleanup sessions and tokens (#4572)Micah Anderson
Change-Id: Ic1ef7e25f07cbbbcea9bcc90248479009904303e
2013-11-22improvements to webapp deployment: allow for greater customization, allow ↵elijah
for custom git source, improve apache config.
2013-11-22added custom index.htmlelijah
2013-10-11/etc/haproxy/haproxy.cfg changed randomly (Feature #4111)varac
2013-10-11fixed issues from https://review.leap.se/r/98/varac
2013-10-11install ruby-dev for nickserver/webapp (#4079 + #4080)varac
2013-09-24deploy client_ca on webapp nodevarac
2013-09-24webapp leftover for seperate cert and key deployment (Feature #3918)varac
2013-09-24added site_config::x509::client_ca::cert and ↵varac
site_config::x509::client_ca::key for client_ca deployment (#3917)
2013-09-24https://bitmask.net/ca.crt gives 403 Forbidden (Bug #3919)varac
2013-09-24move commercial x509 deployment to site_x509 (Feature #3889)varac
2013-09-24seperate cert and key deployment (#3918)varac
2013-09-22Merge branch 'api-crt-3384' into develop fixes #3384kwadronaut
2013-09-22adding fqdn as default servername and moving service.domain to ServerAlias ↵kwadronaut
(fixing #3384) node name and dns fqdn could be different Also note that on local deploys that warning from #3384 will continue to exist (because of dns)
2013-09-20use newer haproxy_servers macro in order to allow couchdb and webapp to be ↵elijah
on the same node (requires latest leap_cli)
2013-09-20fix whitespace issues from https://review.leap.se/r/82varac
2013-09-19fix x509 path in webapp config.yml.erb (#3894)varac
2013-09-19webapp: Depend services on deployment of default key, cert and ca (Feature ↵varac
#3838)
2013-09-19only deploy x509 stuff for nodes if it existes in hiera (Feature #3875)varac
2013-09-18Setup a class dependency for every tag 'leap_service' to make sure that ↵Micah Anderson
shorewall is setup before the service is setup. This is necessary due to the strict initial firewall that stops various service setup operations from happening, but is relaxed once shorewall is setup properly (#3782) Change-Id: Ia9640c4118aa0053cdb99e7bc11860fed5527501
2013-09-13setup stunnel config to use default x509 cert,key+ca (#3837)varac
* fix stunnel setups for couchdb, mx, webapp services
2013-09-13use define instead of class for site_stunnel::setup (#3817)varac
so it can be called multiple times
2013-09-05require that shorewall is up before running bundler commands, it needs to ↵0.3.0rc1Micah Anderson
pull things from git (#3756) Change-Id: If404452c54dedb7a39a910994dc68309257d351d
2013-09-04change git repository clone URIs from git:// to https:// (#3732)Micah Anderson
Change-Id: Ic700fec9cfb8e8474fb65dbdd4a1a537bf586ec9
2013-09-02specify RAILS_ENV when calling bundle assets-precompile (fixes #3638)Azul
We currently disable the billing gem in production while it's on in development and test. Therefore bundler will not install its dependencies - in particular the braintree gem when deploying. Since the RAILS_ENV was not specified rake was called with the default of 'development'. It therefore tried to load the development gems and failed when looking for 'braintree'. Specifying the production RAILS_ENV fixes this. It looks like we'll always need to specify RAILS_ENV when calling rake or we might want to export it to the environment in a separate task or the user config files such as .bashrc
2013-08-29create individual classes for the apache modules so they can be included ↵Micah Anderson
more than once in different locations, depending on what services are configured on a node (#3612) Change-Id: Iff064d3d67baa132fb5198fea741522ab4e71770
2013-08-28require VCS repo before git assume-unchanged (feature #1608)Azul
2013-08-27move git::changes into git module, whitespace fixAzul
2013-08-27specify cwd when using git:changesAzul
2013-08-27git:changes expect changes to certain filesAzul
You can either ensure assume-unchanged or ensure those changes are tracked. Used to keep the git status clean.
2013-08-27make git forget about the changes due to symlinking filesAzul
Git normally tracks the dummy files we replace with symlinks. So we tell it to ignore these changes on deploy.
2013-08-14Fix problem where webapp production.log had the wrong permissions - #3471Micah Anderson
Change-Id: I20a6ecc43e36fc1e8416c46f7e4d14726995d2f2
2013-07-30webapp - use hiera config "webapp.admins" for the list of admin usernames, ↵elijah
default to empty list.
2013-07-30added webapp.secure flag (turns on secure cookies and HSTS)elijah
2013-07-30site_webapp - add support for haproxy weights and backup servers (resolves ↵elijah
#3278)
2013-07-29site_webapp bugfix - get compile_assets to run by ensuring .scss files are ↵elijah
created beforehand and have the correct permissions.
2013-07-23not need for file { '/srv/leap/webapp': }, we have vcsrepo { ↵varac
'/srv/leap/webapp': }
2013-07-23/srv/leap/webapp/public/img: require => Vcsrepo['/srv/leap/webapp']varac
2013-07-11changes to support restrictive permissions for /etc/leap. this is required ↵elijah
to work with the latest leap_cli.
2013-07-06site_webapp -- make bundler not install test-only or development-only gems.elijah
2013-05-23Merge branch 'feature/switch-webapp-location' into developMicah Anderson
Conflicts: puppet/modules/site_webapp/manifests/init.pp Resolved lint differences Change-Id: Ifbc535ec844222c9f6f0dd71ac12742230bb64ee
2013-05-22add missing require => on the vcsrepo which could cause these resources to failMicah Anderson
2013-05-22add requirements to the try::file resourcesMicah Anderson
normally a file resource would automatically require the parent directory first, but try::file doesn't do this so it has errors if /srv/leap/webapp doesn't exist yet: for example: - [web1] err: /Stage[main]/Site_webapp/Try::File[/srv/leap/webapp/public/img]/Exec[restore_/srv/leap/webapp/public/img]/returns: change from notrun to 0 failed: Working directory '/srv/leap/webapp/public' does not exist that was 'tried' before the vcsrepo was done which would have resolved that problem. This makes sure that the vcsrepo is done first
2013-05-22add force => true parameter to webapp vcsrepo checkoutMicah Anderson
this should have been added to d669a5fb56acf9101cf677ecbd30bcc47b092cd3 resolve #1722 after the vcsrepo module was updated to handle this, but it wasn't.