summaryrefslogtreecommitdiff
path: root/puppet/modules/site_webapp
AgeCommit message (Collapse)Author
2013-07-30webapp - use hiera config "webapp.admins" for the list of admin usernames, ↵elijah
default to empty list.
2013-07-30added webapp.secure flag (turns on secure cookies and HSTS)elijah
2013-07-30site_webapp - add support for haproxy weights and backup servers (resolves ↵elijah
#3278)
2013-07-29site_webapp bugfix - get compile_assets to run by ensuring .scss files are ↵elijah
created beforehand and have the correct permissions.
2013-07-23not need for file { '/srv/leap/webapp': }, we have vcsrepo { ↵varac
'/srv/leap/webapp': }
2013-07-23/srv/leap/webapp/public/img: require => Vcsrepo['/srv/leap/webapp']varac
2013-07-11changes to support restrictive permissions for /etc/leap. this is required ↵elijah
to work with the latest leap_cli.
2013-07-06site_webapp -- make bundler not install test-only or development-only gems.elijah
2013-05-23Merge branch 'feature/switch-webapp-location' into developMicah Anderson
Conflicts: puppet/modules/site_webapp/manifests/init.pp Resolved lint differences Change-Id: Ifbc535ec844222c9f6f0dd71ac12742230bb64ee
2013-05-22add missing require => on the vcsrepo which could cause these resources to failMicah Anderson
2013-05-22add requirements to the try::file resourcesMicah Anderson
normally a file resource would automatically require the parent directory first, but try::file doesn't do this so it has errors if /srv/leap/webapp doesn't exist yet: for example: - [web1] err: /Stage[main]/Site_webapp/Try::File[/srv/leap/webapp/public/img]/Exec[restore_/srv/leap/webapp/public/img]/returns: change from notrun to 0 failed: Working directory '/srv/leap/webapp/public' does not exist that was 'tried' before the vcsrepo was done which would have resolved that problem. This makes sure that the vcsrepo is done first
2013-05-22add force => true parameter to webapp vcsrepo checkoutMicah Anderson
this should have been added to d669a5fb56acf9101cf677ecbd30bcc47b092cd3 resolve #1722 after the vcsrepo module was updated to handle this, but it wasn't.
2013-05-22change paths for leap webapp to be under /srv/leap/webapp from /srv/leap-webappMicah Anderson
2013-05-18added module site_nickserverelijah
2013-05-14added smtp-service.json, requires latest leap_clielijah
2013-04-30added soledad-service.jsonelijah
2013-04-26Merge branch 'develop' of ssh://code.leap.se/leap_platform into developvarac
2013-04-26Revert "webapp: use admin creds for now, until we fixed couchdb user ↵varac
permissions" This reverts commit 830f2408fa210016fdef855da8b3fd28421bff32.
2013-04-24provider base - service definitions are now versioned (requires new leap_cli)elijah
2013-04-24user leap-webapp instead of leap_webappvarac
2013-04-24couchdb.yml.admin is changed on every puppetrun from leap-webapp to rootvarac
2013-04-23fix mode for webapp production.log (#2300)Micah Anderson
2013-04-22webapp -- fixed bug in configurationelijah
2013-04-18update apache module to take the 'ssl' parameter, and pass it to the class, thisMicah Anderson
eliminates a potential variable lookup ordering problem (#2273)
2013-04-17update apache module to new 2.7 styleMicah Anderson
2013-04-16move secret token into the config.yamlMicah Anderson
2013-04-11webapp: use admin creds for now, until we fixed couchdb user permissionsvarac
2013-04-09make sure the production environment is used for the migrationsMicah Anderson
2013-04-09add a httpchk line to haproxy to properly test if the couchdb is availableMicah Anderson
add the useful http-server-close option set check option on the servers, with a 3 second interval, a one second fastinter (for flapping) and a one second downinter. Set the number of checks for failure to be one (so it will take 3 seconds for a node to fail out) and 2 checks to come back
2013-04-04set permissions on the rails production.log, otherwise passenger complains ↵Micah Anderson
about this in the apache log file
2013-04-04fix typo in x509::variablesMicah Anderson
2013-04-04make sure the couchdb.yml permissions are set properlyMicah Anderson
2013-04-04fix missing commaMicah Anderson
2013-04-04pass $ca_name to stunnel::setup - this eliminates a dynamic scoped variable ↵Micah Anderson
lookup, and warning
2013-04-02refactor couch_client stunnel to use new stunnel_client leap_cli macroMicah Anderson
re-order variables to be more consistant
2013-04-02provide stunnel connect_port to site_webapp:couchdbvarac
2013-04-02moving generic stunnel config from site_webapp to site_stunnel now workingvarac
2013-04-02moved generic stunnel config from site_webapp to site_stunnelvarac
2013-03-28added stunnel_serverelijah
2013-03-19add webapp secret token that pulls from hiera a 'secret'Micah Anderson
2013-03-19cp instead of mv for the couchdb configuration fileMicah Anderson
if we move, then we need to re-create the file on the next deploy
2013-03-19create a separate couchdb.yml.admin that contains the couchdb admin ↵Micah Anderson
privileges, putting the unprivileged ones in as user webapp in couchdb.yml. This allows us to migrate the couchdb design docs on deployment, but use an unprivileged user the remainder of the time
2013-03-19fix spelling of 'command' parameterMicah Anderson
2013-03-19fix missing closing curly braceMicah Anderson
2013-03-19configure webapp haproxy couchdb connectionMicah Anderson
2013-03-19configure site_webapp::haproxy to ship a haproxy config::fragment to setup theMicah Anderson
haproxy listener 'bigcouch-in'. This haproxy listener is configured to listen on port 4096 (arbitrarily chosen) and balance across the locally configured stunnels to the bigcouch instances It may be that we will need some additional haproxy options for handling persistence, cookies, or other HTTP headers, I'm unsure as of this moment
2013-03-19Migrate the couchdb design documents during webapp deploy (#1976)Micah Anderson
2013-03-19turn off automatic updates of couchdb design docs (#1979)Micah Anderson
2013-03-18Webapp: Use stunnel localhost:5000 for couchdb connectionvarac
2013-03-17fix webapp/couchdb stunnel certificate authorityMicah Anderson