Age | Commit message (Collapse) | Author | |
---|---|---|---|
2013-01-17 | fix typo in cidr variable name | Micah Anderson | |
2013-01-17 | change to using the CIDR notation for unbound access list | Micah Anderson | |
2013-01-17 | fully qualify the variables that are used in the vpn gateway resolver | Micah Anderson | |
2013-01-17 | unfortunately the version of unbound that is in wheezy does not support wildcard | Micah Anderson | |
include directives, so this commit works around this by doing something less elegant than before. When we have the newer unbound available, we should switch to that method instead. | |||
2013-01-17 | fix unbound access control | Micah Anderson | |
2013-01-16 | setup openvpn gateway resolver to listen on the udp/tcp virtual network ips so | Micah Anderson | |
that queries can be made from clients on the vpn | |||
2013-01-16 | update unbound submodule to fix infinite service restart problem | Micah Anderson | |
2013-01-16 | Swtich from bind9 as the local caching resolver to unbound. This will enable us | Micah Anderson | |
to do tor lookups over DNS on servers, if tor services are defined. To do this, we remove the bind9 configurations from site_config::resolvconf.pp and replace it with site_config::caching_resolver with a basic unbound configuration that can be used everywhere. The unbound configuration enables a /etc/unbound/conf.d directory for additional config snippits that can be dropped in from other places. This will be used for setting up different interfaces in the vpn gateway, for example. There will be a set of transition package/file absent blocks to clean up providers. | |||
2013-01-16 | fix syntax error | Micah Anderson | |
2013-01-16 | setup site_unbound with a basic caching-only configuration and include that on | Micah Anderson | |
the openvpn gateway (see #1172) | |||
2013-01-16 | remove unnecessary include that was left over from ↵ | Micah Anderson | |
c2d57624c15dfaff038f9991f04ade46b5ad1d40: | |||
2013-01-15 | add stdlib and unbound submodules | Micah Anderson | |
2013-01-13 | added ability to customize the webapp appearance | elijah | |
2013-01-11 | configure webapp with correct domain | elijah | |
2013-01-03 | using master branch for webapp now. | Azul | |
develop branch is no longer used in webapp dev and will be removed. | |||
2012-12-19 | webapp api now uses a customizable port (so that we don't try to rely on SNI ↵ | elijah | |
for hosting two TLS domains on one IP). | |||
2012-12-19 | automatic update of submodule puppet_apt | varac | |
2012-12-19 | added ca_daemon initscript for later | varac | |
2012-12-19 | move apt-get upgrade to inital stage | varac | |
2012-12-19 | automatic update of submodule puppet_apt | varac | |
2012-12-19 | Merge branch 'feature/dist_upgrade' into develop | varac | |
Conflicts: puppet/modules/site_apt/manifests/init.pp | |||
2012-12-18 | ca daemon -- ca daemon needs the x509 cert/key for the CA, not for the server. | elijah | |
2012-12-16 | named.options -> named.conf.options | varac | |
2012-12-16 | bind: use local, ipv4 only name-caching resolver (fixes #1171) | varac | |
2012-12-16 | /usr/local/bin/leap_ca_daemon symlink | varac | |
2012-12-16 | automatic update of submodule puppet_apt | varac | |
2012-12-16 | no need for custom 50unattended-upgrades with new unattended_upgrades class | varac | |
2012-12-14 | deploy custom unettended upgrade file | varac | |
2012-12-14 | leftover apt sources file, see commit febd45328 | varac | |
2012-12-14 | moved site_config::apt to site_apt | varac | |
2012-12-14 | Merge branch 'feature/openvpn_ip_forward' into develop | varac | |
2012-12-14 | no need for sections in shorewall rules | varac | |
from the shorewall-rules manpage: "If no Section Headers appear in the file then all rules are assumed to be in the NEW section." | |||
2012-12-11 | add prefix to couchdb.yaml | Micah Anderson | |
2012-12-11 | update shorewall submodule to fix the shorewall.conf problem | Micah Anderson | |
2012-12-11 | fix couchdb port | Micah Anderson | |
2012-12-11 | neglected to add the 'refreshonly' parameter to the exec in previous commit | Micah Anderson | |
2012-12-11 | change hostname exec to only apply when either the /etc/hostname or ↵ | Micah Anderson | |
/etc/hosts files are changed (otherwise it runs on every run) | |||
2012-12-11 | set up an 'initial' run stage to happen before the 'main' run stage and put the | Micah Anderson | |
site_config::hosts to be in the initial run stage to make sure the hostname is set before anything else. | |||
2012-12-11 | replace Documentroot path from - to _ | Micah Anderson | |
2012-12-11 | remove extra space in hostname exec | Micah Anderson | |
2012-12-11 | test to see if the hosts value is empty before trying to reference it in a ↵ | Micah Anderson | |
template also set the hostname to what the hiera 'name' is set to | |||
2012-12-11 | update augeas submodule to try and resolve unreferenced commit | Micah Anderson | |
2012-12-11 | setup /etc/hosts based on a template and the hiera value 'hosts' | Micah Anderson | |
This will replace the existing /etc/hosts, so we will want to make this more smart later | |||
2012-12-10 | openvpn: use x509 module to deploy certs (fixes #1064) | varac | |
2012-12-10 | couchdb: use x509 module to deploy certs (fixes #1063) | varac | |
2012-12-10 | also deploy ca_cert | varac | |
2012-12-10 | updated leap_ca_daemon config file, deploying x509 cert+key | varac | |
2012-12-10 | use leap_ca master branch | varac | |
2012-12-10 | include site_apt::dist_upgrade (fixes #1107) | varac | |
2012-12-07 | new names for couchdb DBs | varac | |