Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
the net zone so we dont lock ourselves out during deploy, but also are able to
access the internet
|
|
|
|
which interface has it (essentially the inverse of the ipaddress_${interface}
fact).
Switch the hiera lookups of the $interface, which was pulling from the .json to
pull instead from the above fact, see #1547 and #1548
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
sub-directories under /etc/unbound (#1412)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
include directives, so this commit works around this by doing something less
elegant than before. When we have the newer unbound available, we should switch
to that method instead.
|
|
|
|
that queries can be made from clients on the vpn
|
|
|
|
to do tor lookups over DNS on servers, if tor services are defined.
To do this, we remove the bind9 configurations from site_config::resolvconf.pp
and replace it with site_config::caching_resolver with a basic unbound
configuration that can be used everywhere. The unbound configuration enables a
/etc/unbound/conf.d directory for additional config snippits that can be dropped
in from other places. This will be used for setting up different interfaces in
the vpn gateway, for example.
There will be a set of transition package/file absent blocks to clean up
providers.
|
|
|
|
the openvpn gateway (see #1172)
|