Age | Commit message (Collapse) | Author |
|
When mail comes in to the system, a lookup is done to see if it is a
valid leap user, if it is, leap_mx now returns something of the form:
uuid@deliver.local (see #5959). The virtual_mailbox_domains lists
deliver.local, so postfix choses to deliver to
virtual_mailbox_base (/var/mail/vmail) which has been hardcoded to the
'vmail' maildir and user.
We want leap related mail and leap aliases to go through the virtual
alias system, all the hard-coded universal aliases we want to go through
the local system and we dont want these separate. Known domains that are
considered 'virtual' will be forwarded or delivered to the vmail user,
the rest rejected as unknown recipient, instead of being handed off to
leap-mx.
Previously, the way this was done is we leaned (too heavily) on the
'luser_relay' postfix configuration which sent anything that wasn't
locally configured right to the leap_mx spool. That meant everything
went there, including addresses that didn't exist, and leap-mx would
then have to process those and bounce them. This removes the
'luser_relay' option, so any address that doesn't resolve properly to
either a local address/alias, or a leap address or alias (through
tcp lookups on 2424 and 4242) will get bounced as an unknown user.
Change-Id: I3c22e9383861b3794dd9adfd7aa6a0cf0a773a18
|
|
|
|
|
|
|
|
|
|
Change-Id: I77fa50990b5ae60074c54738e8c19929b486d1d0
|
|
Change-Id: I77fa50990b5ae60074c54738e8c19929b486d1d0
|
|
Change-Id: Iea1242b3c27d92cef7b217006211e57631fd7e62
|
|
This reverts commit 02b1b484ad9a5d065ceac72b8263b7bcc112c923.
Now that we have a proper couchdb jessie package we don't need to
install it from Debian unstable.
|
|
- Related: #7615
|
|
- resolves #7614
|
|
|
|
|
|
|
|
|
|
In order to switch to syslog for leap_mx, leap_mx needs to change to log
to syslog (#6307 and #6937), and we need to clean up the platform pieces
that set the non-syslog options, and rotated log
files (#6942). Hopefully, this will solve the leap_mx logrotation issue
at the same time (#7058)
Change-Id: If68f808a65c24c91231b88d15759809c9e379294
|
|
were logged before
Change-Id: Ief95f35ea52a189075c2eda28c00bcc567c464b2
|
|
Configure the apt class together with "use_next_release => true", so
pnp4nagios* packages can get installed from strech.
No other package will be upgraded as the apt module pins stretch very
low, so that only packages are installed if there are no other sources
available.
- Resolves: #7604
|
|
- Tested: [unstable.bitmask.net]
|
|
|
|
- #7591 Net::SSH::Exception: could not settle on kex algorithm
We need to disable the ssh hardened mode, because it will not work
together with the net-ssh gem leap_cli is pinned to.
All other options that would be included by this parameter are
included by '$::sshd::tail_additional_options'.
|
|
Puppet 3 shows now deprecation warnings if the "@" is missing.
see https://docs.puppetlabs.com/puppet/latest/reference/lang_template_erb.html#non-printing-tags#[bug|feat|docs|style|refactor|test|pkg|i18n]
|
|
- sshd
- haproxy
- unbound
|
|
Using $::apache_version won't work because the facts are
evaluated before compiling the catalog and with this, before
the installation of apache. so on an install from scratch, this
fact won't contain anything.
|
|
- Related: #6920
|
|
- Resolves: #7580
|
|
- Related: #6920
|
|
from https://docs.puppetlabs.com/puppet/latest/reference/lang_template_erb.html#calling-puppet-functions-from-templates:
"The arguments of the function must be provided as an array, even if
there is only one argument."
This is a hard requirement in puppet 3 now.
- Related: #6920
|
|
because ruby-1.9.3 is not available on jessie.
- Related: #6920
|
|
- Related: #6920
|
|
|
|
These packages are a dependency of build-essential and will
get installed anyway.
- Related: #6920
|
|
- Related: #6920
|
|
- Related: #6920
|
|
- sshd
- couchdb
- apache
- Related: #6920
|
|
leap_cli integrates a check for running mx procs already,
which is also integrated into nagios (called "Mx/Are_MX_daemons_running")
|
|
Change-Id: I8756c5c3212a3d7e3c44414fdf6bfff5cd29d70f
|
|
Change-Id: Ied475dd1d555a2388034012f5a799a202dcc6ee7
|
|
|
|
Change-Id: I6a6e68908b71d7499eb3ef3c7f0173b3d5b7baa2
|
|
issue #5924
Change-Id: I6aa1e7751633407d441cbc6436d8426d37dbbfa7
|
|
|
|
Duplicate declaration:
File[/srv/leap/nagios/plugins/check_unix_open_fds.pl] is already
declared in file
/srv/leap/puppet/modules/site_check_mk/manifests/agent/couchdb/bigcouch.pp
at line 44; cannot redeclare at
/srv/leap/puppet/modules/site_check_mk/manifests/agent/couchdb.pp:23 on
node rewdevcouch1.rewire.org
|
|
When migrating from bigcouch to couchdb, we need to remove leftover nagios
tests for bigcouch.
- Added new classes: site_check_mk::agent::couchdb::bigcouch and
site_check_mk::agent::couchdb::master
- Tested: unstable.pixelated-project.org
- Resolves: https://github.com/pixelated/pixelated-platform/issues/126
|
|
- Restructure soledad class
- Include soledad::client class on webapp nodes
- Tested: [unstable.bitmask.net]
- Related: #7523
|
|
- Tested: [unstable.pixelated-project.org]
- Related: https://github.com/pixelated/pixelated-platform/issues/127
|
|
|
|
Without this configuration, a very basic, and non-functional virtualhost
is created, making the hidden service not work
Change-Id: Ibe87c6acf5c21cff2388247c4ba320a5b6af7933
|
|
Redirect to webapp_domain instead of domain
This is needed for webapp when running on a subdomain.
See merge request !80
|
|
redirects (#7540)
Change-Id: Ic77c64c03a99dad951f42633de04c352bed17c1e
|