Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-07-07 | Ignore openvpn logwatch warnings (#6867) | varac | |
These are warnings that might have different origins, each of them we don't want to alarm the admin: - A bitmask client bug (user will poke the client devs if things break, and they will go after it) - A simple network failure, packets might get cut of - Malicious user tries to temper with TLS handshakes - this gets more interesting, but still (like ssh bruteforce attacs) an admin would not want to get annoyed by this by default, but they still have the option to use log analysers of their choice if they want to investigate this. Change-Id: I23ca3b700e41f22f34ad3346ed4e647b86000bb2 | |||
2015-07-07 | moved removal of leap_couch_stats.sh TMPFILE to end of script (#7217) | varac | |
Change-Id: If844b95c44e697f480df8ee2ae6607709b9942f7 | |||
2015-07-07 | remove leap_couch_stats.sh TMPFILE so /tmp/ won't fill with tmp files (#7217) | varac | |
Change-Id: I7b778e1e1af2784bd79840f20453ca8718927e25 | |||
2015-07-06 | Don't monitor disabled nodes (#7235) | varac | |
Change-Id: I51ce8a9e8773d267c270a1725a497f9a43f2e9ff Sidenote: $nagios_hosts was never used | |||
2015-07-05 | zlib1g-dev needed for amber gem fixes #7231 | kwadronaut | |
2015-07-01 | Don't remove acpid and acpi-support-base packages | varac | |
Those packages are needed by libvirt to reboot/shutdown a VM by the virsh command. Change-Id: I3eb7b113d11e3034f41d09d51c203b93275ae3c9 | |||
2015-06-29 | updated submodule couchdb to remove debugging leftover notice() | varac | |
Change-Id: I9c901a21c2ae3cd0164ca9bd3b4aab63d6a239c7 | |||
2015-06-24 | remove static site circular dependency (closes #7145) | elijah | |
2015-06-23 | cleanup no longer used unbound conf.d pieces (#7187) | Micah Anderson | |
Change-Id: Ie0b1f22c49462bd5c4ee3290f100e5d3e14ccb03 | |||
2015-06-23 | update unbound module to change hasstatus parameter to true (#6885) | Micah Anderson | |
Change-Id: I532263ffe6679ff6c2249926086098dc8b4877f5 | |||
2015-06-23 | Remove old clean-up, this is no longer necessary | Micah Anderson | |
Change-Id: I4e8fe3355a2d55193ebf745de1f932a6dcd6121c | |||
2015-06-22 | Merge branch '6067_plain_couchdb' into develop | varac | |
2015-06-22 | Merge branch 'use_pbkdf2_for_newer_couchdb_versions' into develop | varac | |
2015-06-21 | Support plain couchdb (#6067) | varac | |
The bigcouch specific class ordering from site_couchdb::create_dbs needed to move to site_couchdb::bigcouch, otherwise a plain couchdb setup would try to include bigcouch classes and fail. Change-Id: I06742d4a12c5b40c9c9faa90441734e6926d422d | |||
2015-06-21 | linted create_dbs.pp | varac | |
Change-Id: I9e46286c402adc06f3f815f8a1eea11fe82c7c39 | |||
2015-06-17 | bugfix: site_static module was not including ssl_common.inc | elijah | |
2015-06-11 | use couch.pwhash_alg hiera variable for hashing couchdb admin pw | varac | |
use this to run a single, plain couchdb node, using couchdb 1.6 from the leap repo: "couch": { "master": true, "pwhash_alg": "pbkdf2" } Change-Id: Ie4f34c2c5cb9feca7a10450bcf0bc260c8aa9d33 | |||
2015-06-11 | updated submodule couchdb | varac | |
Change-Id: Id5bc16d8466c3407e9f7c4015c1e3a96129daf0a | |||
2015-06-11 | updated submodule couchdb (Couchdb >=1.3 uses pbkdf2 as pw hashing ↵ | varac | |
algorhythm, #7120) Change-Id: I97560f4134a700579d1523ddd8ba173bfb1f0659 | |||
2015-06-09 | Merge branch '0.7.0' into develop | varac | |
2015-06-07 | deploy check_openvpn_server.pl after nagios-plugins-standard package is ↵0.7.0rc2 | varac | |
installed Change-Id: I272b30fd79e89ddf968c0a6e453d53a1f0540397 | |||
2015-06-06 | Configure apt preferences before installing any packages | varac | |
Change-Id: Iac4dc8428ff5e663870ed4dd6a2b840e0904e5be | |||
2015-06-04 | add preferences snippet for leap repository (#7090) | Micah Anderson | |
Change-Id: Ia7a35c8613350ad75ff1ebbdda0a09efa0960ba6 | |||
2015-06-02 | ensure the enterhooks directory is present | Christoph Kluenter | |
2015-05-27 | Merge remote-tracking branch 'gitlab/0.7.0' into 0.7.0 | Micah Anderson | |
2015-05-27 | leap_couch_stats.sh handles rotated dbs (#6987) | varac | |
Change-Id: I115ebdefd7365bf15a30c4a3ce7a4543ad757cec | |||
2015-05-26 | Implement weakdh recommendations for cipher suites (#7024) | Micah Anderson | |
This is a first step mitigation until we can have a newer apache that will allow us to specify dh parameters other than the default. Change-Id: Ibfcee53b331e8919466027dde1a93117b5210d9d | |||
2015-05-26 | Merge branch '6964_use_exec_to_remove_matching_fileline' into 0.7.0 | varac | |
2015-05-26 | updated couchdb submodule fix random couch_doc_update errors (#6850) | varac | |
Change-Id: I0d824e3f65ecfc9b6442b39003dacc35009fe10d | |||
2015-05-26 | check_mk complains about non-existing logfile (#6964) | varac | |
Change-Id: Ic58f9516854f812d46aa3a574628318951f99a95 | |||
2015-05-26 | Revert "remove old leap_mx logfile location from check_mk logwatch state ↵ | varac | |
file #6964" This reverts commit 984684f56f15d9d89ea78ffe6ed67dabf3d63208. Needed because: Augeas fails after upgrading augeas packages during same puppetrun, but only on first deploy - https://leap.se/code/issues/6997 | |||
2015-05-14 | remove old leap_mx logfile location from check_mk logwatch state file #6964 | varac | |
Change-Id: I385c639e5c096deef4f81691a85c1b83cbab9421 | |||
2015-05-06 | update postfix submodule to contain fix for non-existing fact ↵ | varac | |
operatingsystemmajrelease Change-Id: If29f562cb91354151147092b7ea7acc558f504cb | |||
2015-05-06 | update postfix submodule to latest shared, necessary to fix module_dir problem | Micah Anderson | |
Change-Id: I95e8eb0f4b2299aca0b70806d7aeac0e8714ab19 | |||
2015-05-06 | update common module to the latest | Micah Anderson | |
Change-Id: I0a52033bfafdb5f492fe21b0b33fe790a94212d5 | |||
2015-05-06 | fix unattended-upgrades now that jessie has been released | Micah Anderson | |
Change-Id: I69e6a0f8e676be72bce492af32fef76c9167f5ee | |||
2015-04-28 | Reject inbound mail to local system users that don't appear in | varac | |
/ect/aliases #6829 We began to recieve spam for vmail@DOMAIN. So we want to block inbound mail to local system users. However, users in the /etc/aliases file are still accepted on inbound mail - see https://leap.se/code/issues/6909 for a follow up. Change-Id: I03d3014984c4bd27f90147125fb037b68716624d | |||
2015-04-27 | Merge branch 'rsyslog_traditional_timestamps' into develop | varac | |
2015-04-26 | update couchdb submodule | elijah | |
2015-04-26 | Use rsyslog traditional timestamp format in custom logfiles #6886 | varac | |
Change-Id: I9e033f63e3b387e95f5bf1c3820e456f740d8180 | |||
2015-04-26 | run check_mk_agent every 4 instead of 10 minutes, useful for better graphs | varac | |
Change-Id: Ibefc6ce08cf714cf79a460a8b6eb32e2851ce22c | |||
2015-04-26 | Tapicero changed it's error message when uploading design doc fails in race ↵ | varac | |
condition with another tapicero instance #6534 Change-Id: Ie194a2983210601bd24aef5e74f8b7fa2b7c433f | |||
2015-04-26 | updated submodule nagios to improve readability of notification mails | varac | |
Change-Id: I518b2291317b81e915f7189f2a48110528e80e18 | |||
2015-04-17 | rename leap-mx logrotate file; minor style change. | elijah | |
2015-04-16 | keep five log files instead of seven. | elijah | |
2015-04-16 | stunnel shouldn't use syslog, and leap_mx can't. | elijah | |
2015-04-16 | properly clean up unused files | elijah | |
2015-04-16 | restore tapicero heartbeat. | elijah | |
2015-04-16 | clean up logging mess: add 'logfile' define, mv openvpn and stunnel logs to ↵ | elijah | |
their own files, fix mx logwatch path. | |||
2015-04-15 | fix tapicero & webapp logs: remove heartbeat log check, move to ↵ | elijah | |
/var/log/tapicero, fix webapp logwatch location. |