summaryrefslogtreecommitdiff
path: root/puppet
AgeCommit message (Collapse)Author
2016-04-27Fix shorewall not starting with systemd (#8044)Micah
Shorewall in jessie doesn't come with a proper unit file, and as a result, it doesn't properly start with systemd. To solve this, we provide the systemd unit file that comes with stretch, add a systemd submodule that provides the exec resources needed for when systemd units or configuration files are changed Change-Id: I861fa951835928b4741abfbf969adcee4b8f147b
2016-04-25Merge branch 'linting' into developvarac
2016-04-25[style] lint further morevarac
- ignore puppet lint error about inheriting from different namespace
2016-04-18Fix clamd start configuration (#8048)Micah
If clamd is not running, the helpful cronjob tries to start it again, but the way it is being started can only be run as root, and the cronjob is run as the clamav user, so you get an error on each cron run. This fixes that problem Change-Id: I4cdb29dc651bee8a2eef1655ad4748d885afae0f
2016-04-18[style] more manual linting for custom manifestsvarac
2016-04-18[style] lint some custom manifestsvarac
I used `puppet-lint -f FILE` to fix most issues, while finishing with manual intervention.
2016-04-12fix incorrect template nameMicah
Change-Id: I23d7fcea3755e9ecab561ecf69d8a6ecb8bdeca4
2016-04-12Put openvpn logs into leap directory (#8021)Micah
Have openvpn logs go to /var/log/leap/openvpn_$protocol, instead of to /var/log/daemon.log. Change-Id: I1fc33de660648ab0dba1ce98de2864649c104719
2016-04-12Log stunnel server logs same as client (#8021)Micah
stunnel server logs were not going to /var/log/stunnel4/*, but to /var/log/syslog instead. This was different from stunnel client logging, now its the same. Change-Id: I2dc2024b77dbb65554fc7865b0e46aedf930c6d8
2016-04-12Remove duplicate mail logging (#8021)Micah
Add a site_rsyslog config that removes duplicate mail logging. Previously mail logs would be copied to /var/log/syslog, mail.log, mail.err, mail.info, maillog and to the console. This removes those and only puts them in /var/log/mail.log. It also removes other superfluous configurations, either because they are commented out already, or because they are uucp or nntp. Change-Id: Ib05036787d2c818bf8802c22a4b8050f945a6e6d
2016-04-12Fix postfix connection to opendkim milter (#8020)Micah
In order for postfix to access the opendkim milter socket, we need to remove the chroot option for the cleanup service. See e97a9d3800b173375a630e18e4b1aa0894eb96e1 for opendkim implementation. Change-Id: I2742650965e61273fb804ebe9ce3f9bd38796582
2016-04-05testing: adds mx delivery testselijah
2016-04-03check_mk: monitor webapp log for response code 500Azul
2016-03-31[bug] Fix couch_stats scriptvarac
It failed to calculate the sessions and tokens db names. - Resolves: #7658
2016-03-31[feat] Dont install recommended packagesvarac
By default, Puppet installs recommended packages. We turn this off for all apt Package resources.
2016-03-21update submodule nagiosvarac
2016-03-18update submodule nagiosvarac
2016-03-17update nagios submodulevarac
2016-03-15Revert "[feat] Use systemd as service provider"varac
This reverts commit 0aebb4c41f96f6ad7a7e8a3b07eaffa1f9075f51. We enabled systemd as puppet service default provider, but this results in these services falsely detected as not running, and restarted on every deploy. We need to indivually configure systemd as service provider only for those services that ship a systed unit file. see #7966 for details
2016-03-14Merge branch '7716_remove_obsolete_backports_pinning' into developvarac
2016-03-13static site: don't call site_static::location unless locations are actually ↵elijah
defined.
2016-03-11update tor module to fix deprecated variable references (see ↵Micah
https://gitlab.com/shared-puppet-modules-group/tor/merge_requests/3) Change-Id: I7905bedc0256bc1c7b9d7316584c9622b92b7670
2016-03-11update backupninja to latest shared versionMicah
Change-Id: I886b104b1caf561477361e382dae54d718ea88c2
2016-03-11fix tor-related jessie deprecation problems (#7962)Micah
Change-Id: If493b8a1f06a786df36a28aa1fc592e270eba639
2016-03-11update tor submodule to latest, to adapt to new jessie puppet requirementsMicah
Change-Id: I0ed4827bc53da280d9ed62ea71382ca302ce6924
2016-03-11Set MUA required ciphers, tighten up the mandatory protocols (#4232)Micah
Change-Id: I328aa37b393817e1764ea7e635fcefc801adbbf4
2016-03-10[feat] add /etc/nagios3/conf.d/local as confdirvarac
- Related: #2327
2016-03-10[jessie] Remove obsolete backports pinningvarac
2016-03-10[bug] Remove stunnel leftovers from bigcouchvarac
- Resolves: #7785
2016-03-10Merge branch 'serviceprovider_systemd' into developvarac
2016-03-10Merge branch 'add_site_nagios_dependencies' into developvarac
2016-03-10Update submodule nagiosvarac
2016-03-10Add Dependencies to site_nagios resourcesvarac
2016-03-09[bug] Adopt new parameters from nagios and check_mk modulevarac
2016-03-09Merge branch '2327_dont_recreate_nagios_resources' into developvarac
2016-03-09Update submodule check_mkvarac
2016-03-09Update submoduls nagiosvarac
2016-03-08update copy of the archive signing keys, switching to the new namesMicah
Change-Id: I0305e33c743c15ec38abcf66979a1b2f582f693c
2016-03-08change name of leap-keyring package to leap-archive-keyring (#7950)Micah
Change-Id: I5f04e31e49642597c69895b5aca3ff5326dfd6ec
2016-03-08[feat] Use systemd as service providervarac
Even when the service provider defaults to systemd in latest puppet, it still defaults to 'debian' in puppet 3.7.2 (jessie version). We dropped wheezy support so we should use the systemd provider for now. https://docs.puppetlabs.com/puppet/latest/reference/type.html#service-provider-systemd
2016-03-08[bug] Fix inline template with deprecated variable notationvarac
- Resolves: #7948
2016-03-08updated submodule couchdbvarac
2016-03-04fix location of couchdb.admin.ymlelijah
2016-03-04ensure /var/leap/couchdb exists before creating files there.elijah
2016-03-04move the location of couchdb.admin.yml so that it does not need to have its ↵elijah
ownership reset on each deploy.
2016-03-04only not create soledad admin .netrc file if soledad is enabledelijah
2016-03-02Dont recreate nagios resources on every runvarac
Use purging of nagios resources in a way that not all resources are recreated on every puppetrun. Resolves: #2327
2016-02-26Update submodules apache and aptvarac
2016-02-26Merge branch 'develop' of ssh://leap.se/leap_platform into developelijah
2016-02-26plain couchdb now required, bigcouch support disabled.elijah