Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-03-10 | Update submodule nagios | varac | |
2016-03-09 | [bug] Adopt new parameters from nagios and check_mk module | varac | |
2016-03-09 | Merge branch '2327_dont_recreate_nagios_resources' into develop | varac | |
2016-03-09 | Update submodule check_mk | varac | |
2016-03-09 | Update submoduls nagios | varac | |
2016-03-08 | update copy of the archive signing keys, switching to the new names | Micah | |
Change-Id: I0305e33c743c15ec38abcf66979a1b2f582f693c | |||
2016-03-08 | change name of leap-keyring package to leap-archive-keyring (#7950) | Micah | |
Change-Id: I5f04e31e49642597c69895b5aca3ff5326dfd6ec | |||
2016-03-08 | [bug] Fix inline template with deprecated variable notation | varac | |
- Resolves: #7948 | |||
2016-03-08 | updated submodule couchdb | varac | |
2016-03-04 | fix location of couchdb.admin.yml | elijah | |
2016-03-04 | ensure /var/leap/couchdb exists before creating files there. | elijah | |
2016-03-04 | move the location of couchdb.admin.yml so that it does not need to have its ↵ | elijah | |
ownership reset on each deploy. | |||
2016-03-04 | only not create soledad admin .netrc file if soledad is enabled | elijah | |
2016-03-02 | Dont recreate nagios resources on every run | varac | |
Use purging of nagios resources in a way that not all resources are recreated on every puppetrun. Resolves: #2327 | |||
2016-02-26 | Update submodules apache and apt | varac | |
2016-02-26 | Merge branch 'develop' of ssh://leap.se/leap_platform into develop | elijah | |
2016-02-26 | plain couchdb now required, bigcouch support disabled. | elijah | |
2016-02-25 | fix typo in last commit | varac | |
2016-02-25 | check-mk's mk_job depends on the time package | varac | |
2016-02-25 | couchdb module uses pbkdf2 as default pwhash algor. now | varac | |
2016-02-25 | remove couchdb_pwhash_alg leftover | varac | |
2016-02-25 | no build-essential packages needed for building leap_cli | varac | |
2016-02-24 | [bug] Adopt ncli aliases to new version of icli | varac | |
- Resolves: #7887 | |||
2016-02-24 | Use site_couchdb::plain even when couch.master is set top "master" | varac | |
2016-02-24 | Update module stunnel | varac | |
2016-02-23 | Update opendkim platform pieces to match leap-cli. | Micah | |
Change-Id: I9c8f9c9c3ee7cd89f013cbb08397377522ed5a4a | |||
2016-02-23 | We are rotating the mx logs 5 times, but we originally thought we should | Micah | |
only have the following logfiles in that directory ever: mx.log, mx.log.[1-5], with an optional .gz suffix. However, we were wrong about the 'optional' part of the compression, we use the 'compress' option, so the logs will always be compressed. So there should never be the log files mx.log.1, mx.log.2, etc. This change adjusts the clean-up to deal with that. (#7058) https://github.com/leapcode/leap_platform/pull/97 Change-Id: I109d08ac063fe094c54e93be91893a67d7fbb51b | |||
2016-02-23 | use pbkdf2 pwhash for plain couch. | elijah | |
2016-02-23 | default to plain couchdb, unless otherwise specified. | elijah | |
# Conflicts: # puppet/modules/site_couchdb/manifests/plain.pp | |||
2016-02-23 | get dkim working, closes #5924 | elijah | |
2016-02-23 | Update submodule vcsrepo | varac | |
2016-02-23 | Update submodule postfix | varac | |
2016-02-16 | remove pinning of openvpn package to backports | elijah | |
2016-02-12 | update postfix submodule for postscreen (Resolves: 2303)0.8.0rc1 | kwadronaut | |
2016-02-12 | add postscreen greeter (Resolves: 2303) | kwadronaut | |
Conflicts: puppet/modules/site_postfix/manifests/mx.pp | |||
2016-02-11 | Allow ecdsa hostkeys (#7642) until we can safely transition providers to | Micah | |
better key algorithm choices. Change-Id: I6b9ec83dbfbf15d1b65e14145bf625db6517f6b7 | |||
2016-02-11 | Disable journald in order to resolve IP logging subversion (#7863) | Micah | |
Change-Id: I9cee85c19d86dc7c8d70c4cdeb2e7426191b57a5 | |||
2016-02-11 | Due to the smtps transport specifying a header_check, the received_anon | Micah | |
replacement wasn't being done. (#7890) This moves that replacement into its own class, clears the old value and sets it properly in the smtps transport. Change-Id: I27c02730597df4943761d8bcb61014aeded9dc75 | |||
2016-02-10 | add postscreen greeter (Resolves: 2303) | kwadronaut | |
2016-02-04 | fix postfix Received anonymizing header regexp to properly match Client | Micah | |
CN entries (#7867) Change-Id: Ie33277a62e90f9dc0602bb963dbb96a61cebed1d | |||
2016-02-02 | Merge branch 'bugfix/mxlog' into develop | elijah | |
2016-02-02 | [bug] Add smtpd_relay_restrictions to postfix conf | varac | |
smtpd_relay_restrictions was added in postfix 2.10 (jessie has 2.11 atm). Without this, outbound mails are rejected to be relayed. from http://www.postfix.org/SMTPD_ACCESS_README.html: NOTE: Postfix versions before 2.10 did not have smtpd_relay_restrictions. They combined the mail relay and spam blocking policies, under smtpd_recipient_restrictions. This could lead to unexpected results. For example, a permissive spam blocking policy could unexpectedly result in a permissive mail relay policy. An example of this is documented under "Dangerous use of smtpd_recipient_restrictions". smtpd_relay_restrictions defaults to 'permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination' and is configured here to check for a valid client cert. see http://www.postfix.org/postconf.5.html#smtpd_relay_restrictions - Resolves: #7856 | |||
2016-02-02 | [bug] Fix bigcouch spoolfile removal | varac | |
- Resolves: #7641 | |||
2016-02-02 | [refactor] Dont duplicate Package resource override | varac | |
`site_apt` aready ensures for installing packages after Exec[update_apt] is run, so we don't need to duplicate this in `site_config::default.pp`. | |||
2016-02-02 | [refactor] Use Exec[apt_updated] instead of Exec[refresh_apt] | varac | |
Because this is the recommended way of depnending in the apt README. | |||
2016-02-02 | [bug] Fix duplicate definition error for Class[Apt] | varac | |
We need to include class `site_config::default` in class `site_config::slow` so we don't get this duplicate definition: - [local1.bitmask.local] Error: Duplicate declaration: Class[Apt] is already declared; cannot redeclare at /srv/leap/puppet/modules/site_apt/manifests/init.pp:29 on node local1.bitmask.local To be honest, i didn't figuered out the real cause of this, but it works with this. | |||
2016-02-02 | [refactor] Remove atomic apt package dependecy | varac | |
`site_config::default.pp` takes care the all packages are installed before `Exec['refresh_apt']`, so we don't need to add it here for a single package. | |||
2016-02-02 | [refactor] Don't declare dependencies for apt resources | varac | |
The apt module now takes care of all the dependencies removed from `site_apt`. Also, the dependency to install the `lsb` package after `refresh_apt` is unnesseccary because lsb facts won't work anyway on the first run if `lsb` is not installed before, so we can safely remove it. | |||
2016-02-02 | don't deploy bundler debug to servers | kwadronaut | |
2016-02-02 | finally fix leap-mx logging, for the last time, hopefully. | elijah | |