summaryrefslogtreecommitdiff
path: root/puppet/modules
AgeCommit message (Collapse)Author
2013-01-16update unbound submodule to fix infinite service restart problemMicah Anderson
2013-01-16Swtich from bind9 as the local caching resolver to unbound. This will enable usMicah Anderson
to do tor lookups over DNS on servers, if tor services are defined. To do this, we remove the bind9 configurations from site_config::resolvconf.pp and replace it with site_config::caching_resolver with a basic unbound configuration that can be used everywhere. The unbound configuration enables a /etc/unbound/conf.d directory for additional config snippits that can be dropped in from other places. This will be used for setting up different interfaces in the vpn gateway, for example. There will be a set of transition package/file absent blocks to clean up providers.
2013-01-16fix syntax errorMicah Anderson
2013-01-16setup site_unbound with a basic caching-only configuration and include that onMicah Anderson
the openvpn gateway (see #1172)
2013-01-16remove unnecessary include that was left over from ↵Micah Anderson
c2d57624c15dfaff038f9991f04ade46b5ad1d40:
2013-01-15add stdlib and unbound submodulesMicah Anderson
2013-01-13added ability to customize the webapp appearanceelijah
2013-01-11configure webapp with correct domainelijah
2013-01-03using master branch for webapp now.Azul
develop branch is no longer used in webapp dev and will be removed.
2012-12-19webapp api now uses a customizable port (so that we don't try to rely on SNI ↵elijah
for hosting two TLS domains on one IP).
2012-12-19automatic update of submodule puppet_aptvarac
2012-12-19added ca_daemon initscript for latervarac
2012-12-19move apt-get upgrade to inital stagevarac
2012-12-19automatic update of submodule puppet_aptvarac
2012-12-19Merge branch 'feature/dist_upgrade' into developvarac
Conflicts: puppet/modules/site_apt/manifests/init.pp
2012-12-18ca daemon -- ca daemon needs the x509 cert/key for the CA, not for the server.elijah
2012-12-16named.options -> named.conf.optionsvarac
2012-12-16bind: use local, ipv4 only name-caching resolver (fixes #1171)varac
2012-12-16/usr/local/bin/leap_ca_daemon symlinkvarac
2012-12-16automatic update of submodule puppet_aptvarac
2012-12-16no need for custom 50unattended-upgrades with new unattended_upgrades classvarac
2012-12-14deploy custom unettended upgrade filevarac
2012-12-14leftover apt sources file, see commit febd45328varac
2012-12-14moved site_config::apt to site_aptvarac
2012-12-14Merge branch 'feature/openvpn_ip_forward' into developvarac
2012-12-14no need for sections in shorewall rulesvarac
from the shorewall-rules manpage: "If no Section Headers appear in the file then all rules are assumed to be in the NEW section."
2012-12-11add prefix to couchdb.yamlMicah Anderson
2012-12-11update shorewall submodule to fix the shorewall.conf problemMicah Anderson
2012-12-11fix couchdb portMicah Anderson
2012-12-11neglected to add the 'refreshonly' parameter to the exec in previous commitMicah Anderson
2012-12-11change hostname exec to only apply when either the /etc/hostname or ↵Micah Anderson
/etc/hosts files are changed (otherwise it runs on every run)
2012-12-11set up an 'initial' run stage to happen before the 'main' run stage and put theMicah Anderson
site_config::hosts to be in the initial run stage to make sure the hostname is set before anything else.
2012-12-11replace Documentroot path from - to _Micah Anderson
2012-12-11remove extra space in hostname execMicah Anderson
2012-12-11test to see if the hosts value is empty before trying to reference it in a ↵Micah Anderson
template also set the hostname to what the hiera 'name' is set to
2012-12-11update augeas submodule to try and resolve unreferenced commitMicah Anderson
2012-12-11setup /etc/hosts based on a template and the hiera value 'hosts'Micah Anderson
This will replace the existing /etc/hosts, so we will want to make this more smart later
2012-12-10openvpn: use x509 module to deploy certs (fixes #1064)varac
2012-12-10couchdb: use x509 module to deploy certs (fixes #1063)varac
2012-12-10also deploy ca_certvarac
2012-12-10updated leap_ca_daemon config file, deploying x509 cert+keyvarac
2012-12-10use leap_ca master branchvarac
2012-12-10include site_apt::dist_upgrade (fixes #1107)varac
2012-12-07new names for couchdb DBsvarac
2012-12-07removed pinning couchdb to unstable because 1.2.0-3 is in wheezy, finallyvarac
2012-12-07Merge branch 'feature/ca' into developvarac
2012-12-07added module site_ca_daemonvarac
2012-12-04remove no longer needed removal of the ports.conf fileMicah Anderson
2012-12-04alphabetize the apache modulesMicah Anderson
2012-12-04Stop the [warn] NameVirtualHost *:443 has no VirtualHosts errorsMicah Anderson
When we include apache::ssl it ships the ssl.conf file which sets up the NameVirtualHost *:443, so we just do what that class does fixes: https://leap.se/code/issues/944