Age | Commit message (Collapse) | Author | |
---|---|---|---|
2013-04-09 | make sure the production environment is used for the migrations | Micah Anderson | |
2013-04-09 | add a httpchk line to haproxy to properly test if the couchdb is available | Micah Anderson | |
add the useful http-server-close option set check option on the servers, with a 3 second interval, a one second fastinter (for flapping) and a one second downinter. Set the number of checks for failure to be one (so it will take 3 seconds for a node to fail out) and 2 checks to come back | |||
2013-04-09 | update deprecated haproxy configuration options, set values a little lower | Micah Anderson | |
2013-04-04 | set permissions on the rails production.log, otherwise passenger complains ↵ | Micah Anderson | |
about this in the apache log file | |||
2013-04-04 | fix typo in x509::variables | Micah Anderson | |
2013-04-04 | make sure the couchdb.yml permissions are set properly | Micah Anderson | |
2013-04-04 | fix missing comma | Micah Anderson | |
2013-04-04 | pass $ca_name to stunnel::setup - this eliminates a dynamic scoped variable ↵ | Micah Anderson | |
lookup, and warning | |||
2013-04-04 | update submodule to get fix for syntax error | Micah Anderson | |
2013-04-04 | add Erlang Distributed Node Protocol Port json entry under bigcouch | Micah Anderson | |
setup ednp_server and ednp_client stunnels update couchdb puppet submodule to support configurable ednp_port parameter and general module cleanup pass ednp_port to couchdb setup so that it is configured in the vm.args template clarify in comments the difference between the epmd and ednp ports remove hard-coded erlang_vm_port variable and instead setup shorewall to allow for the stunnel connection only setup dnat rules for the ednp client connections | |||
2013-04-04 | remove the apache_ssl_proxy cleanup | Micah Anderson | |
2013-04-04 | rename bigcouch.port to more accurate bigcouch.epmd_port | Micah Anderson | |
2013-04-04 | rename the bigcouch_replication_[server,client] to be the more accurately, and | Micah Anderson | |
shorter named epmd (erlang port mapper daemon) | |||
2013-04-03 | automatic update to stunnel module | Micah Anderson | |
2013-04-03 | switch stunnel module to our version which has been modified for 2.7 ↵ | Micah Anderson | |
parameterized classes and qualified variables update our stunnel class instantiation to be parameterized | |||
2013-04-02 | shorewall: re-order dnat rule variables to match configuration file order | Micah Anderson | |
2013-04-02 | replace hard-coded port number with hiera determined one, manipulated to ↵ | Micah Anderson | |
remove the 'ip:' from the beginning in bigcouch replication client stunnels | |||
2013-04-02 | firewall: remove no longer needed epmd port | Micah Anderson | |
2013-04-02 | fix variable curly braces | Micah Anderson | |
2013-04-02 | shorewall: | Micah Anderson | |
create a macro for the bigcouch replication server stunnel to enable these connections pulling bigcouch_replication_clients, bigcouch_replication_server_port from hiera create site_shorewall::couchdb::dnat and create_resources to properly setup DNAT for bigcouch_replication_clients | |||
2013-04-02 | switch to using stunnel_client and stunnel_server leap_cli macros | Micah Anderson | |
add bigcouch_replication_clients to couchdb.json change site_couchdb/manifests/stunnel to use stunnel_client and stunnel_server generated hiera values to setup the stunnels for the couch_server connections, and the bigcouch_replication_server and bigcouch_replication_clients tunnels instead of using hard-coded ips and ports. also change the pid names to be more consistent with what the tunnels are and are named | |||
2013-04-02 | replace long-form variables with shorter ones | Micah Anderson | |
remove unnecessary bigcouch_replication_client_default values (verify, rndfile, debuglevel) | |||
2013-04-02 | refactor couch_client stunnel to use new stunnel_client leap_cli macro | Micah Anderson | |
re-order variables to be more consistant | |||
2013-04-02 | remove unnecessary class inheritance | Micah Anderson | |
2013-04-02 | lint so default options are together | Micah Anderson | |
2013-04-02 | shorewall: add couch_server stunnel port to macro.leap_couchdb, this is ↵ | Micah Anderson | |
necessary for the stunnel to communicate | |||
2013-04-02 | remove duplicate 'include site_stunnel' | Micah Anderson | |
this already exists in class site_stunnel::setup which is instantiated in this class | |||
2013-04-02 | start erlang vm on dedicated port so firewalling is easier | varac | |
2013-04-02 | fix bigcouch stunnel pid name | varac | |
2013-04-02 | provide stunnel connect_port to site_webapp:couchdb | varac | |
2013-04-02 | decrease stunnel debug level | varac | |
2013-04-02 | couchdb hosts include site_shorewall::couchdb::bigcouch | varac | |
2013-04-02 | added site_shorewall::couchdb::bigcouch | varac | |
bigcouch cluster protocol communicate via the fqdn of the neighbor hosts. So we need to bend all requests to <fqdn>:4369 to localhost:400x (which is the entry of an stunnel connection to the other neighbor) | |||
2013-04-02 | added site_shorewall::dnat to configure DNAT rules | varac | |
2013-04-02 | increase stunnel verbosity until everything is running smooth | varac | |
2013-04-02 | addded client side of bigcouch cluster protocol stunnel config | varac | |
2013-04-02 | make site_stunnel::clients connect_port configurable | varac | |
2013-04-02 | added bigcouch.conf as incoming stunnel config for bigcouch clustering | varac | |
2013-04-02 | moving generic stunnel config from site_webapp to site_stunnel now working | varac | |
2013-04-02 | shorewall couchdb config: get open ports right | varac | |
2013-04-02 | moved generic stunnel config from site_webapp to site_stunnel | varac | |
2013-04-02 | working on stunnel for bigcouch clustering | varac | |
2013-04-01 | Merge branch 'develop' of ssh://leap.se/leap_platform into develop | elijah | |
2013-04-01 | added setup.pp | elijah | |
2013-03-31 | automatic update of submodule couchdb | Micah Anderson | |
2013-03-29 | fixed site_openvpn bug with redefined variable. | elijah | |
2013-03-28 | added stunnel_server | elijah | |
2013-03-19 | add webapp secret token that pulls from hiera a 'secret' | Micah Anderson | |
2013-03-19 | cp instead of mv for the couchdb configuration file | Micah Anderson | |
if we move, then we need to re-create the file on the next deploy | |||
2013-03-19 | create a separate couchdb.yml.admin that contains the couchdb admin ↵ | Micah Anderson | |
privileges, putting the unprivileged ones in as user webapp in couchdb.yml. This allows us to migrate the couchdb design docs on deployment, but use an unprivileged user the remainder of the time |