summaryrefslogtreecommitdiff
path: root/puppet
AgeCommit message (Collapse)Author
2013-12-24move nickserver config to /etc/nickserver.yml (fixes #4843)elijah
2013-12-22Adopt tapicero config file to tapicero > 0.2.0Azul
In order to reuse the couch changes observer for key uploads I extracted it from tapicero and made the configuration more generic. This results in some changes to the config file format. When deploying tapicero >= 0.2.0 this config file format should be used instead. Also set log_level to debug by default. We can reduce this later but it might be useful for now.
2013-12-19Set mynetworks to include any mx server in the provider to allow them to0.5.0rc1Micah Anderson
Helo as the domain (#4495) Change-Id: I6c8ac28faceb8b0c6129a606ede04837efd3d261
2013-12-19Fix the location of the smtp/smtpd_tls_session_cache_database (#4813)Micah Anderson
Change-Id: I959fa40ff508bbeaf7baa0b6ba90c10c9e6b0ef7
2013-12-19Deploy /etc/leap/couchdb_scripts_defaults.conf so we can exclude some DBs, ↵varac
i.e. sessions + tokens (#4794)
2013-12-18Merge branch 'feature/4506' into developMicah Anderson
2013-12-18Fix for openvpn/unbound not starting at boot (#4506)Micah Anderson
This change sets the sysctl net.ipv4.ip_nonlocal_bind to allow applications to bind to an address, even when the link is down. This is necessary because applications like unbound and openvpn fail to start on boot in some situations because interfaces are not fully up (due to a combination of non-deterministic booting because of the likely potential setting of allow-hotplug in the interfaces file and the LSB boot dependency on $network not being sufficient. The only down-side to setting this is a daemon could bind to an incorrect ip and we wouldn't get an error, but this would be a configuration mistake, rather than a fatal condition. Change-Id: I5c03083e8c20bb25afad85a1230f4555808d341c
2013-12-18add a smtp_tls class and include that on both mx servers and satellitesMicah Anderson
Change-Id: I779ea60e6d726d042203fa0756d73b4af079d728
2013-12-18rename the tls.pp to be smtpd_tls.pp, this allows us to have a separateMicah Anderson
class for smtp vs. smtpd tls configurations Change-Id: Ic1cc560c76924fcbbc15e245bec7b78ac2de83d3
2013-12-17add a smtp_tls class and include that on both mx servers and satellitesMicah Anderson
Change-Id: I779ea60e6d726d042203fa0756d73b4af079d728
2013-12-17rename the tls.pp to be smtpd_tls.pp, this allows us to have a separateMicah Anderson
class for smtp vs. smtpd tls configurations Change-Id: Ic1cc560c76924fcbbc15e245bec7b78ac2de83d3
2013-12-17Merge branch 'develop' of ssh://code.leap.se/leap_platform into developvarac
2013-12-17updated submodule couchdbvarac
2013-12-17fix name of customers couchdb database (#4787)Micah Anderson
Change-Id: I704a1d46069f975711323ff8e6a634d06c267157
2013-12-17replace couch-doc-update with one that uses MultiJson instead, this could ↵Micah Anderson
prevent the outdated json errors (#4622) Change-Id: Ibd929045a28eef1e9262fad8953df8fd150c1966
2013-12-17restore missing couchdb_host variable for leap_mxMicah Anderson
Change-Id: I5b21471ab5de55b627a200b256168122f49c1e28
2013-12-17update couchdb::add_user to use couchdb::document (#4624)Micah Anderson
Change-Id: Ie7810d7e851f5023bc8970cccc888eccb8661856
2013-12-05updated sshd submodule, see #4423kwadronaut
2013-11-28fix soledad couchdb hiera variables, part iiMicah Anderson
Change-Id: Ie0028056767358c4fe6796edd5ba4435e86a0cb3
2013-11-28fix cwd in webapp cronjobsMicah Anderson
Change-Id: I2e189bf5e209c731077539a57f9b334ac66cd25b
2013-11-28fix soledad couchdb hiera variablesMicah Anderson
Change-Id: I0882fc993b407eddc40c03838050d42c0443bd3d
2013-11-28remove leap_mx admin user and fix leap_mx couchdb hiera variablesMicah Anderson
Change-Id: I052576279d8a47313cd99412fdd7b715daa73374
2013-11-28remove nickserver admin user, and fix nickserver couchdb hiera variablesMicah Anderson
Change-Id: I5bdb6b946becdc95cadc92651c06e66b826e2698
2013-11-28remove duplicate couchdb design document json filesMicah Anderson
Change-Id: I5b3d073aec0522cf464ff41905be1ee326f13197
2013-11-28remove admin access from nickserverMicah Anderson
Change-Id: If7fff4c2b839cef5807ee8cee1355aea4dc719a8
2013-11-28remove admin access from leap_mxMicah Anderson
Change-Id: I0bbe42677d7680c99bf205ed4f6080026b308d77
2013-11-28remove admin access from soledadMicah Anderson
Change-Id: I7c516c6a4ba26d2c5cebe19a9bff66eae3bd430f
2013-11-28remove unnecessary soledad/leap_mx hiera password variables from tapiceroMicah Anderson
Change-Id: I17827fb88db9de088f638899433f5df1be9c3615
2013-11-28remove admin access from webappMicah Anderson
Change-Id: Ib2ce0d38a8e4dd30ae6842bfb5579d9c3dd10f18
2013-11-28setup customer couchdb databaseMicah Anderson
Change-Id: Ic0e9f5f6a1f28d865d7757a9de0d9399a6a9a5e3 Conflicts: puppet/modules/site_couchdb/manifests/init.pp
2013-11-27add missing nickserver hiera value lookupMicah Anderson
Change-Id: I77061054f4768f0677ca9c498e6cd6d5df4ff806
2013-11-27add webapp cron entries to cleanup sessions and tokens (#4572)Micah Anderson
Change-Id: Ic1ef7e25f07cbbbcea9bcc90248479009904303e
2013-11-27add the tapicero couchdb user, and appropriate rolesMicah Anderson
Change-Id: I41e9a73c8d04d5a2d74b41c8e32aca9906f3a4cf
2013-11-27setup tokens couchdb role for the tokens database and give soledad and the ↵Micah Anderson
webapp access Change-Id: Ifc44d5775e37655240573ab01dd2ee2f794bd8f3
2013-11-27add shared couchdb database, giving soledad accessMicah Anderson
Change-Id: I743538f66e35f0fffaa0d07fb4ee44b810635aa3
2013-11-27add keycache couchdb database, and set appropriate rolesMicah Anderson
Change-Id: I492a8dfb42e92ced80fb09c2095fa1328e24346b
2013-11-27add comments with access informationMicah Anderson
Change-Id: I058ac1f061bca17736662f14826e99d32472739b
2013-11-27add nickserver couchdb user, set it to have 'identities' roleMicah Anderson
Change-Id: I06723ccf2ba040204e9fc5256c99a1faad6abb5f
2013-11-27add identities rolesMicah Anderson
Change-Id: I483509850bee448bb2ea39863c1e6a796e102c3c
2013-11-27add leap_mx couchdb user/passwordMicah Anderson
Change-Id: Ice83115e0feabddd40ad74c2a6e98e24da9b4c2f
2013-11-27pretty reformat couchdb.json and site_couchdb/manifests/init.pp, ↵Micah Anderson
alphabetizing couchdb users Change-Id: I88264d32e9381f826652d1631083ba371e2b1b54
2013-11-27explicitly set the admin user as having access to the per-user databases, ↵Micah Anderson
even though it is probably not needed Change-Id: I2f9e751570190f7358332404ae734ae850f92b9f
2013-11-27setup some common leap system directories: /var/lib/leap and /var/log/leapMicah Anderson
Change-Id: I18aa0ee635d7166676e4bb4384e2b517784a68b0
2013-11-27initial tapicero configurationMicah Anderson
Change-Id: Ie53b09df0758ba01b30ed658bee04682bc180b01
2013-11-27break out the database creation, user creation and design document loading ↵Micah Anderson
into different classes Change-Id: Idd126d69e1fbe9c9794ad50337307dcc5dd635f4
2013-11-27enable uploading a document to couch from a file (#4256)Micah Anderson
deploy design documents during couch deploy (#3771) Change-Id: I4679e066303ac9b02582214c48e2e7dcfe5bd651
2013-11-27make some more dependency chains explicitMicah Anderson
Change-Id: Ib9525c3a933041fa9b378e1869c0a866375bb509
2013-11-27disable starttls over submission for client connections, we are using TLS ↵Micah Anderson
wrapper mode on the smtps port 465 now (#4366) enable the missing smtpd_helo_restrictions for smtps Change-Id: Iac497369d65c5ad8fd7e93e6fcabb830b855b4f6
2013-11-25add new version of couchdb submodule0.3.0rc4Azul
This one reverts a buggy fix. Trying to push it out asap
2013-11-25fixed `diff` bug with try::file and directorieselijah
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 23:51:39 +0000