Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-07-01 | Make obfsproxy daemon bind to specific address rather than 0.0.0.0 | irregulator | |
If obfsproxy is spawned alongside eip service, make it listen to the gateway_adress IP. If obfsproxy is running standalone listen to ip_address. | |||
2014-07-01 | Remove initscript subscription to conf file | irregulator | |
2014-07-01 | Move log files to var/log instead of var/log/obfsproxy | irregulator | |
2014-07-01 | Subscribe obfsproxy service resource to conf file | irregulator | |
2014-07-01 | Simplify init script, let puppet service resource use init status | irregulator | |
2014-07-01 | Change logrotate's frequency and number of log files to keep | irregulator | |
2014-07-01 | Be able to specify log_level parameter for obfsproxy | irregulator | |
log_level sets minimum logging severity of obfsproxy daemon, can be error, warning, info, debug. Defaults to info. | |||
2014-07-01 | Address logging for obfsproxy daemon | irregulator | |
Create obfsproxy directory in /var/log, specify log file when obfsproxy is spawned by init script, create a logrotate configuration for obfsproxy's logs. | |||
2014-07-01 | Line up equal signs, change double to single quotes | irregulator | |
2014-07-01 | Remove commented lines from obfsproxy puppet module class | irregulator | |
2014-07-01 | Remove commented lines from init script status section | irregulator | |
2014-07-01 | Change exit status code if config file is missing | irregulator | |
2014-07-01 | Move obfsproxy_daemon to obfsproxy_init | irregulator | |
2014-07-01 | Add data directory to save scramblesuit's state. | irregulator | |
Also clean up a little the obfsproxy puppet class, create appropriate directories, restrict permissions. | |||
2014-07-01 | Make shorewall accept incoming traffic for obfsproxy server | irregulator | |
2014-07-01 | Initial commit for obfsproxy server feature in platform | irregulator | |
2014-06-26 | reorder /etc/hosts | Christoph | |
now "hostname -f" results in the correct hostname. Fixes #5835 | |||
2014-06-25 | lint site_couchdb | elijah | |
2014-06-25 | update couchdb submodule | elijah | |
2014-06-25 | create netrc files for all users with new puppet_couchdb | Azul | |
This only works with the latest patch to puppet_couchdb | |||
2014-06-25 | hand replication credentials to tapicero | Azul | |
2014-06-25 | minor: fix typo in replication user roles | Azul | |
2014-06-25 | haproxy: support read only couchdb mirrors | elijah | |
2014-06-25 | stunnel: make site_mx and site_webapp use new site_stunnel | elijah | |
2014-06-25 | add replication user | Azul | |
2014-06-25 | site_couchdb: support auto-stunnel setup, split master, bigcouch, and mirror ↵ | elijah | |
out into separate files. | |||
2014-06-25 | new generic system for stunnel: just `include site_stunnel` and stunnel + ↵ | elijah | |
needed shorewall will be automatically set up. requires new leap_cli | |||
2014-06-25 | first steps towards mirroring couch | Azul | |
2014-06-25 | set mirror option if we are on a couch mirror | Azul | |
2014-06-25 | separate bigcouch specifics from init.pp | Azul | |
2014-06-25 | split bigcouch stunnel from plain couch stunnel | Azul | |
2014-06-17 | allow webapp.json to configure what engines are enabled | elijah | |
2014-06-04 | clean up how /etc/hosts is generated so it doesn't require custom behavior ↵0.5.2 | elijah | |
depending on the services. | |||
2014-06-04 | bugfix: actually apply modules based on $services | elijah | |
2014-06-03 | move hiera from site.pp to site_config::setup | Christoph | |
the problem was following: if a host has the webapp service, the template for /etc/hosts adds some stuff. But setup.pp did not ask hiera about the services so "/srv/leap/bin/puppet_command set_hostname" always resets the hostname. Since that gets triggered every time you run "leap deploy" the hostname changes, some services restart, then the hostname changes back and the services restart again. The solution is to get the hiera data before every run. | |||
2014-06-02 | static site: better message for wrong location type. | elijah | |
2014-06-02 | remove superfluous RackBaseURI directive | elijah | |
2014-06-02 | work around hiera's inability to escape '%' by using ':percent:' | elijah | |
2014-06-02 | static site: added rack support, added custom apache config | elijah | |
2014-06-02 | added templatewlv function (allows passing local variables to templates) | elijah | |
2014-06-02 | added support for /provider.json served from static site. | elijah | |
2014-06-02 | fix unbound: configs in /etc/unbound/unbound.conf.d contained a syntax error ↵ | elijah | |
and were missing .conf suffix | |||
2014-05-27 | Add missing scope to top-level sshd class, passing necessary parameters | Micah Anderson | |
for configuration (#3108) Change-Id: I4f94a47d47a40bfc6835359e7781707f96e91db0 | |||
2014-05-27 | Update sshd submodule to get necessary fixes to enable us to change sshd port | Micah Anderson | |
Change-Id: I3b6a87c9d6a2c349392e5bc98a68b800645fde92 | |||
2014-05-27 | Switch away from site_config::sshd and instead just include site_sshd | Micah Anderson | |
The existing site_config::sshd had a non-functioning 'include sshd' line in it that was not doing what was expected (this was supposed to include the sshd module, but due to scoping was including itself). It seemed better to eliminate some of the unused pieces and consolidate into one config location. Change-Id: I79dd904e696ca646180a09abbb03b5361dfc8ab9 | |||
2014-05-27 | clarify comments in site_sshd::authorized_keys | Micah Anderson | |
Change-Id: I679dfe8dff90b7c86ab0ffff43e13958f1ec2c99 | |||
2014-05-24 | Merge remote-tracking branch 'cz8s/feature/allow_webapp_and_mx_on_one_host' ↵ | Micah Anderson | |
into develop | |||
2014-05-24 | move haproxy-template to modules/site_haproxy | Christoph | |
2014-05-24 | remove unused variable local_ports | Christoph | |
2014-05-22 | Implement #2328: unbound.conf: content changed on every puppetrun | Micah Anderson | |
This is done by using the include glob capability that is in the wheezy-backports and newer unbound to include the /etc/unbound/unbound.conf.d/* config files. To do this, we need to transition from our /etc/unbound/conf.d directory structure to use the one that the debian package uses. This allows us to clean up the rather ugly way we were configuring the resolver before. Change-Id: I68347922f265bbd0ddf11d59d8574a612a7bd82c |