Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-05-06 | Restructure site_tor to be more clear and re-usable (fixes #8784). | Micah Anderson | |
This makes a more clear site_tor::relay class that the leap service includes, and a more generic site_tor class that other classes can depend on for setting up the initial install. | |||
2017-04-27 | Merge remote-tracking branch 'origin/merge-requests/77' | varac | |
2017-04-25 | Add single-hop hidden service capability. | Micah Anderson | |
This cuts the number of hops for a tor onion service from 6 to 3, speeding it up considerably. This removes the anonymity aspect of the service, so it must be enabled intentionally, knowing that the server's location no longer is hidden. | |||
2017-04-25 | Lint | Micah Anderson | |
2017-03-22 | webapp: add secret_key_base to config | Azul | |
This replaces the secret_token from rails 4.1 on. Both are used for securing cookies in the browser. The secret_key_base will also encrypt the cookies while the token will only sign them. Keeping the token in there for now allows us to migrate existing sessions / cookies to the new secrets. We can remove it in the next version once all providers have run with secret_key_base for a while. | |||
2017-03-15 | Direct connection when couch runs locally | varac | |
2017-03-15 | [8144] Remove Haproxy | varac | |
We used haproxy because we had multiple bigcouch nodes but now with a single couchdb node this is not needed anymore. - Resolves: #8144 | |||
2017-03-15 | Linted couchdb.pp | varac | |
2016-08-30 | lint site_webapp/manifests/init.pp | varac | |
2016-08-30 | [feat] Use twisted 16.2 from jessie-backports | varac | |
New soledad packages now depend on Twisted 16.2.0 (see https://leap.se/code/issues/8412), so we need to pin twisted to get installed from jessie-backports. - Resolves: #8418 | |||
2016-07-13 | Newest passenger module dont manage munin by default | varac | |
2016-06-28 | Stop tor from restarting on every deploy (#8211). | Micah | |
We were creating the hidden service name without a newline, and then tor would be restarted and change the hidden service hostname file to have a newline, which would then require that the next deploy would change that file to not have a newline again. This fixes that problem by making the hostname have a newline so it matches what tor wants. Change-Id: I38f450684d557cf943ec94f2f8e19cda3aefdf66 | |||
2016-06-28 | Reload tor if config or key is changed (#8210). | Micah | |
Change-Id: I3d733b6645c804a5fb337ad4b8edc59a66ad50b5 | |||
2016-06-27 | Lint and Document site_webapp::hidden_service | varac | |
2016-04-18 | [style] more manual linting for custom manifests | varac | |
2016-04-05 | testing: adds mx delivery tests | elijah | |
2016-03-11 | fix tor-related jessie deprecation problems (#7962) | Micah | |
Change-Id: If493b8a1f06a786df36a28aa1fc592e270eba639 | |||
2016-03-04 | fix location of couchdb.admin.yml | elijah | |
2016-03-04 | ensure /var/leap/couchdb exists before creating files there. | elijah | |
2016-03-04 | move the location of couchdb.admin.yml so that it does not need to have its ↵ | elijah | |
ownership reset on each deploy. | |||
2016-02-02 | don't deploy bundler debug to servers | kwadronaut | |
2016-01-22 | restructured site.pp, now only one class gets included in site.pp per ↵ | varac | |
service (Bug #6851) Also, moved global Exec{} defaults to site.pp Change-Id: I9ae91b77afde944d2f1312613b9d9030e32239dd | |||
2016-01-04 | Fix status module invocation for hidden service enabled webapps (#7776) | Micah | |
Change-Id: I101e4c9791102123d4334e1b84a48dacea99ac52 | |||
2015-11-30 | fix missing apache status module (#7638) | Micah | |
Change-Id: I77fa50990b5ae60074c54738e8c19929b486d1d0 | |||
2015-11-17 | [bug] [jessie] Load needed modules for apache 2.4 | varac | |
- Related: #6920 | |||
2015-11-17 | [bug] [jessie] template functions need an array | varac | |
from https://docs.puppetlabs.com/puppet/latest/reference/lang_template_erb.html#calling-puppet-functions-from-templates: "The arguments of the function must be provided as an array, even if there is only one argument." This is a hard requirement in puppet 3 now. - Related: #6920 | |||
2015-10-30 | [feat] Add soledad::client class for soledad-sync | varac | |
- Restructure soledad class - Include soledad::client class on webapp nodes - Tested: [unstable.bitmask.net] - Related: #7523 | |||
2015-10-07 | [bug] Fix removal of webapp apache config file | varac | |
Done by including a service-dependend site_config::remove::webapp class. | |||
2015-09-30 | Fix server-status availability to tor hidden services (#7456) | Micah Anderson | |
Make the server-status information unavailable by putting the vhost on a port that isn't configured as available to the tor hidden-service. Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb | |||
2015-09-28 | Modify config.yml.erb to include the invite code option | ankonym | |
2015-09-10 | fix various problems with webapp config generation | elijah | |
2015-09-03 | make couchdb.admin.yml only readable by root, make non-admin cron run as ↵ | elijah | |
webapp user. | |||
2015-08-03 | webapp: add support for customizing locales | elijah | |
2015-04-16 | properly clean up unused files | elijah | |
2015-04-16 | clean up logging mess: add 'logfile' define, mv openvpn and stunnel logs to ↵ | elijah | |
their own files, fix mx logwatch path. | |||
2015-04-15 | disable 'rake cleanup:sessions' cron job. | elijah | |
2015-04-08 | move rotated db creation to site_couchdb and fix rotated db tests | elijah | |
2015-03-30 | added support for rotating couchdb databases. | elijah | |
2015-02-04 | consolidate sources into common.json | elijah | |
2015-02-03 | Merge remote-tracking branch 'elijah/feature/expire' into develop | Micah Anderson | |
Conflicts: platform.rb Change-Id: Ifb1a7579e00b1ee2bdebe86671d5c2f1cac2a8dc | |||
2015-02-02 | added custom puppet function sorted_json(). closes #6389 | elijah | |
2015-01-28 | update default provider.json to use the (now) correct expiration time ↵ | elijah | |
format. requires new leap_cli. | |||
2015-01-12 | Adds apache support for webapp.domain if defined. Fixes #6632 | guido | |
Change-Id: If63aac60e44c4a68f030f93e20e8dc071f9df610 | |||
2014-12-09 | Soledad sync check needs python-u1db package installed (Bug #6520) | varac | |
Change-Id: I8a6c27434f548f24d9dba1a969699200ab307477 | |||
2014-12-02 | Use $hostname to locate tor.key. Fixes #6478 | guido | |
Change-Id: Ibbe3687d5a773b444f6e9145bf235aaeea637e1d | |||
2014-11-07 | Better check for tor hidden service on a webapp node. | guido | |
Change-Id: I92f69b6fa30aae953243ae19096e2998810c9ac6 | |||
2014-11-04 | Adds support for Tor hidden service on webapp (Feature #6273) | guido | |
Change-Id: I56250e05e3a933deacd0b6e02192e712d3fd9fd5 | |||
2014-10-29 | added webapp.forbidden_usernames property to allow configuration of ↵ | elijah | |
usernames to block. | |||
2014-09-03 | Merge branch 'master' into develop | varac | |
Conflicts: platform.rb puppet/modules/site_config/manifests/hosts.pp | |||
2014-08-28 | syslog logs everything but webapp FIX #6020 | guido | |