Age | Commit message (Collapse) | Author | |
---|---|---|---|
2013-03-19 | create a separate couchdb.yml.admin that contains the couchdb admin ↵ | Micah Anderson | |
privileges, putting the unprivileged ones in as user webapp in couchdb.yml. This allows us to migrate the couchdb design docs on deployment, but use an unprivileged user the remainder of the time | |||
2013-03-19 | fix spelling of 'command' parameter | Micah Anderson | |
2013-03-19 | fix missing closing curly brace | Micah Anderson | |
2013-03-19 | configure webapp haproxy couchdb connection | Micah Anderson | |
2013-03-19 | configure site_webapp::haproxy to ship a haproxy config::fragment to setup the | Micah Anderson | |
haproxy listener 'bigcouch-in'. This haproxy listener is configured to listen on port 4096 (arbitrarily chosen) and balance across the locally configured stunnels to the bigcouch instances It may be that we will need some additional haproxy options for handling persistence, cookies, or other HTTP headers, I'm unsure as of this moment | |||
2013-03-19 | add some generic haproxy defaults | Micah Anderson | |
2013-03-19 | add haproxy submodule | Micah Anderson | |
2013-03-19 | Migrate the couchdb design documents during webapp deploy (#1976) | Micah Anderson | |
2013-03-19 | turn off automatic updates of couchdb design docs (#1979) | Micah Anderson | |
2013-03-18 | Webapp: Use stunnel localhost:5000 for couchdb connection | varac | |
2013-03-17 | fix webapp/couchdb stunnel certificate authority | Micah Anderson | |
2013-03-17 | added support for "limited" service levels (although vpn is not yet actually ↵ | elijah | |
rate limited). | |||
2013-03-16 | Merge branch 'stunnel_switch' into develop | varac | |
2013-03-16 | pick the first couchdb host for webapp couch config | varac | |
Until we have a proper load balancing setup (see https://leap.se/code/issues/1994) | |||
2013-03-15 | automatic update of submodule couchdb | varac | |
2013-03-15 | automatic update of submodule apt | varac | |
2013-03-15 | automatic update of submodule couchdb | varac | |
2013-03-14 | add couchdb stunnel clients | Micah Anderson | |
2013-03-14 | add couchdb stunnel server | Micah Anderson | |
2013-03-14 | add a basic site_stunnel that takes care of some generic functionality that ↵ | Micah Anderson | |
all stunnel client/servers will need handled (at least in debian and ubuntu) | |||
2013-03-14 | remove apache ssl proxy in preparation of replacing it with a stunnel setup | Micah Anderson | |
This presents us with an interesting problem of deprecation. We need to manage the removal of something that we previously installed in any released code. How long we carry the puppet code that removes raises some interesting questions: do we require that someone who deployed version 1 (where the apache ssl proxy was deployed) of the platform upgrade first to version 2 (where we remove the apache ssl proxy) before they upgrade to version 3 (where the apache ssl proxy removal is no longer present) -- or do we allow people to skip versions? | |||
2013-03-14 | add shared stunnel module | Micah Anderson | |
2013-03-14 | automatic update of submodule apt | varac | |
2013-03-14 | automatic update of submodule apt | varac | |
2013-03-14 | include cloudant package repo for bigcouch server | varac | |
2013-03-14 | pass template() to apt | varac | |
2013-03-14 | added apt preferences template that includes squeeze | varac | |
2013-03-14 | use custom preferences for couchdb host | varac | |
2013-03-14 | automatic update of submodule couchdb | varac | |
2013-03-14 | added cloudants apt key, FP: BAF9 B315 D438 5FB9 B5DE 334B 59E0 1FBD 15BE 8E26 | varac | |
2013-03-13 | automatic update of submodule couchdb | varac | |
2013-03-13 | install apt key before apt-get update | varac | |
2013-03-13 | automatic update of submodule couchdb | varac | |
2013-03-12 | enable leap deb package repository and leap apt key on all hosts | varac | |
2013-03-12 | automatic update of submodule couchdb | varac | |
2013-03-12 | automatic update of submodule couchdb | varac | |
2013-03-10 | pass couchdb cookie to class couchdb | varac | |
2013-03-10 | automatic update of submodule apache | varac | |
2013-03-10 | automatic update of submodule stdlib | varac | |
2013-03-10 | use bigcouch in site_couchdb | varac | |
2013-03-10 | site_couchdb::configure moved to couchdb | varac | |
2013-03-10 | futon is enabled by default on bigcouch in default.ini | varac | |
we need to find another way to disable futon, it won't work disabling it here | |||
2013-03-10 | increase timeout for initial_apt_update to 6 min | varac | |
2013-03-09 | couchdb init file moved to couchdb module | varac | |
2013-03-07 | increase Exec timeout for dist_upgrade | varac | |
2013-03-07 | automatic update of submodule couchdb | varac | |
2013-02-27 | openvpn -- added support for optional "free" rate-limited service via ↵ | elijah | |
special client certificates with the FREE prefix in the common name. | |||
2013-02-26 | require that the package unbound be installed before trying to write to its | Micah Anderson | |
configuration file, this addresses issue #1853 - [vpn1] err: /Stage[main]/Site_openvpn::Resolver/Line[add_tcp_resolver]/Exec[echo 'server: include: /etc/unbound/conf.d/vpn_tcp_resolver' >> '/etc/unbound/unbound.conf']/returns: change from notrun to 0 failed: echo 'server: include: /etc/unbound/conf.d/vpn_tcp_resolver' >> '/etc/unbound/unbound.conf' returned 2 instead of one of [0] at /srv/leap/puppet/modules/common/manifests/defines/line.pp:45 | |||
2013-02-26 | missed another require => Package['shorewall'] on the file resources in ↵ | Micah Anderson | |
site_shorewall | |||
2013-02-23 | adding angkat family | kwadronaut | |