Age | Commit message (Collapse) | Author |
|
|
|
lookup, and warning
|
|
re-order variables to be more consistant
|
|
|
|
|
|
|
|
|
|
|
|
if we move, then we need to re-create the file on the next deploy
|
|
privileges, putting the unprivileged ones in as user webapp in couchdb.yml. This allows us to migrate the couchdb design docs on deployment, but use an unprivileged user the remainder of the time
|
|
|
|
|
|
|
|
haproxy listener 'bigcouch-in'. This haproxy listener is configured to listen on
port 4096 (arbitrarily chosen) and balance across the locally configured
stunnels to the bigcouch instances
It may be that we will need some additional haproxy options for handling
persistence, cookies, or other HTTP headers, I'm unsure as of this moment
|
|
|
|
|
|
|
|
|
|
rate limited).
|
|
|
|
Until we have a proper load balancing setup
(see https://leap.se/code/issues/1994)
|
|
|
|
special client certificates with the FREE prefix in the common name.
|
|
|
|
|
|
otherwise the generated files will be owned by root and the bundle will be inside roots /home/max
|
|
|
|
|
|
Exec[bundler_update] can take a really long time, increasing
timeout from 300s (default) to 600s
fixes Increase command timeout for Exec[bundler_update] (Feature #1643)
|
|
enhancement
put the leap-webapp user in the 'ssl-cert' group
pass group => 'leap-webapp' to the leap_client_ca.key so the application can access it
|
|
|
|
|
|
in the json is ~ (nil), which ends up being undef in puppet (closes #1575)
|
|
|
|
|
|
|
|
develop branch is no longer used in webapp dev and will be removed.
|
|
for hosting two TLS domains on one IP).
|
|
|
|
|
|
|
|
|
|
more obvious how it is operating
|
|
|
|
|
|
|
|
|
|
|
|
|
|
is provided there
|