summaryrefslogtreecommitdiff
path: root/puppet
AgeCommit message (Collapse)Author
2016-07-12git subrepo clone https://leap.se/git/puppet_haproxy puppet/modules/haproxyMicah
subrepo: subdir: "puppet/modules/haproxy" merged: "af322a7" upstream: origin: "https://leap.se/git/puppet_haproxy" branch: "master" commit: "af322a7" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: Iabf2dd01dc00acd7d886420968bda9aab7190770
2016-07-12git subrepo clone https://leap.se/git/puppet_stunnel puppet/modules/stunnelMicah
subrepo: subdir: "puppet/modules/stunnel" merged: "523612f" upstream: origin: "https://leap.se/git/puppet_stunnel" branch: "master" commit: "523612f" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: If384c84c99d9cabc67d2b4b9d7d2fbfa4a47550a
2016-07-12git subrepo clone https://leap.se/git/puppet_tor puppet/modules/torMicah
subrepo: subdir: "puppet/modules/tor" merged: "9981a70" upstream: origin: "https://leap.se/git/puppet_tor" branch: "master" commit: "9981a70" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: I0a876a52bd83914cfd1e06abe9af208dd62e5683
2016-07-12git subrepo clone https://leap.se/git/puppet_nagios puppet/modules/nagiosMicah
subrepo: subdir: "puppet/modules/nagios" merged: "e6fee3c" upstream: origin: "https://leap.se/git/puppet_nagios" branch: "master" commit: "e6fee3c" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: Ib7105f359ea2c3ae6490bff4fcecbede2511eaf0
2016-07-12git subrepo clone https://leap.se/git/puppet_unbound puppet/modules/unboundMicah
subrepo: subdir: "puppet/modules/unbound" merged: "a26b91d" upstream: origin: "https://leap.se/git/puppet_unbound" branch: "master" commit: "a26b91d" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: I83719264de2c716035d34599d541cadd42319b74
2016-07-12git subrepo clone https://leap.se/git/puppet_stdlib puppet/modules/stdlibMicah
subrepo: subdir: "puppet/modules/stdlib" merged: "7112363" upstream: origin: "https://leap.se/git/puppet_stdlib" branch: "master" commit: "7112363" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: I032e3e7c2984bf53b717373df495c039bb6f41b3
2016-07-12git subrepo clone https://leap.se/git/puppet_augeas puppet/modules/augeasMicah
subrepo: subdir: "puppet/modules/augeas" merged: "27e3359" upstream: origin: "https://leap.se/git/puppet_augeas" branch: "master" commit: "27e3359" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: Ifa5c7daf3f1be1793c42f873a267b7498f5c6c0f
2016-07-12git subrepo clone https://leap.se/git/puppet_passenger puppet/modules/passengerMicah
subrepo: subdir: "puppet/modules/passenger" merged: "47fca11" upstream: origin: "https://leap.se/git/puppet_passenger" branch: "master" commit: "47fca11" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: Idba1129126ca0f13a4441e00d7b53e8b4f856825
2016-07-12git subrepo clone https://leap.se/git/puppet_x509 puppet/modules/x509Micah
subrepo: subdir: "puppet/modules/x509" merged: "19254a3" upstream: origin: "https://leap.se/git/puppet_x509" branch: "master" commit: "19254a3" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: Ia024613b147d34a7b4c888818da08152a2fa63dc
2016-07-12git subrepo clone https://leap.se/git/puppet_ruby puppet/modules/rubyMicah
subrepo: subdir: "puppet/modules/ruby" merged: "9ccd853" upstream: origin: "https://leap.se/git/puppet_ruby" branch: "master" commit: "9ccd853" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: I8f8437218403894682afbadd714f2e4efb72f018
2016-07-12git subrepo clone https://leap.se/git/puppet_rubygems puppet/modules/rubygemsMicah
subrepo: subdir: "puppet/modules/rubygems" merged: "510a369" upstream: origin: "https://leap.se/git/puppet_rubygems" branch: "master" commit: "510a369" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: Id2668c747e7d8b0a73415180baee9edece1017db
2016-07-12git subrepo clone https://leap.se/git/puppet_bundler puppet/modules/bundlerMicah
subrepo: subdir: "puppet/modules/bundler" merged: "bacec3e" upstream: origin: "https://leap.se/git/puppet_bundler" branch: "master" commit: "bacec3e" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: I7596e2c4abf326acbce2a01c363e9694626e230f
2016-07-12git subrepo clone https://leap.se/git/puppet_apache puppet/modules/apacheMicah
subrepo: subdir: "puppet/modules/apache" merged: "415e950" upstream: origin: "https://leap.se/git/puppet_apache" branch: "master" commit: "415e950" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: Iba7353669969a09c0b4bbd63add67e3245b05ede
2016-07-12git subrepo clone https://leap.se/git/puppet_couchdb puppet/modules/couchdbMicah
subrepo: subdir: "puppet/modules/couchdb" merged: "76ff149" upstream: origin: "https://leap.se/git/puppet_couchdb" branch: "master" commit: "76ff149" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: I9ccb1a9dfdaa083814ea395132c42a778052f59b
2016-07-12git subrepo clone https://leap.se/git/puppet_resolvconf ↵Micah
puppet/modules/resolvconf subrepo: subdir: "puppet/modules/resolvconf" merged: "c7eca07" upstream: origin: "https://leap.se/git/puppet_resolvconf" branch: "master" commit: "c7eca07" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: I41a76bde0943f76786b7a67c3b9ee4a6b4db7f28
2016-07-12git subrepo clone https://leap.se/git/puppet_shorewall puppet/modules/shorewallMicah
subrepo: subdir: "puppet/modules/shorewall" merged: "06e89ed" upstream: origin: "https://leap.se/git/puppet_shorewall" branch: "master" commit: "06e89ed" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: Ief531c1b951e9a1573d31bd9718cc5df11706af5
2016-07-12git subrepo clone https://leap.se/git/puppet_common puppet/modules/commonMicah
subrepo: subdir: "puppet/modules/common" merged: "ae14962" upstream: origin: "https://leap.se/git/puppet_common" branch: "master" commit: "ae14962" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: I82a15d5ab5c4e8f689f73de4e5ae97557f39b6fb
2016-07-12git subrepo clone https://leap.se/git/puppet_git puppet/modules/gitMicah
subrepo: subdir: "puppet/modules/git" merged: "ba5dd8d" upstream: origin: "https://leap.se/git/puppet_git" branch: "master" commit: "ba5dd8d" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: Ic7edc42aa0639e51cfa1873ec265e20e25f0a4f4
2016-07-12git subrepo clone https://leap.se/git/puppet_ntp puppet/modules/ntpMicah
subrepo: subdir: "puppet/modules/ntp" merged: "8a554ab" upstream: origin: "https://leap.se/git/puppet_ntp" branch: "master" commit: "8a554ab" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: I6132c417d321ed4f48cc3cd52d4050603fada61a
2016-07-12git subrepo clone https://leap.se/git/puppet_lsb puppet/modules/lsbMicah
subrepo: subdir: "puppet/modules/lsb" merged: "bac64e7" upstream: origin: "https://leap.se/git/puppet_lsb" branch: "master" commit: "bac64e7" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: Ia48799c5442c7b930952fdb822bd80d796eab321
2016-07-12git subrepo clone https://leap.se/git/puppet_apt puppet/modules/aptMicah
subrepo: subdir: "puppet/modules/apt" merged: "33c61e8" upstream: origin: "https://leap.se/git/puppet_apt" branch: "master" commit: "33c61e8" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: I6515ec49bbacdffd9f3729d486d2868162f9ac78
2016-07-12git subrepo clone https://leap.se/git/puppet_sshd puppet/modules/sshdMicah
subrepo: subdir: "puppet/modules/sshd" merged: "76f4f87" upstream: origin: "https://leap.se/git/puppet_sshd" branch: "master" commit: "76f4f87" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: Icf616796837cdbe40deb188d2b72f1c726c9e807
2016-07-12git subrepo clone https://leap.se/git/puppet_concat puppet/modules/concatMicah
subrepo: subdir: "puppet/modules/concat" merged: "abce128" upstream: origin: "https://leap.se/git/puppet_concat" branch: "master" commit: "abce128" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: Ic28e31bdc5b32fd6c55636bc35d9ca2967daf997
2016-07-12git subrepo clone https://leap.se/git/puppet_openvpn puppet/modules/openvpnMicah
subrepo: subdir: "puppet/modules/openvpn" merged: "26d4edc" upstream: origin: "https://leap.se/git/puppet_openvpn" branch: "master" commit: "26d4edc" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: I596766ccfb806b3ca2d1c755c4e24c5ad3d997f9
2016-07-12remove submodules in preparation for move to subreposMicah
Change-Id: Ia7655153b556337f676e3d909559c4a7306bedd6
2016-07-05Use DANE/TLSA validation in postfix (#8141).Micah
Configure DNSSEC validation for client verification, giving us a stronger form of opportunistic TLS Change-Id: Iab92d4f593c4a5a44e3b694295096b0d7f687a37
2016-07-05set domain-secure to internal domain.Micah
Without this set, dnssec will fail validation for internal domains, which should not be validated Change-Id: I8589332598fe97ad5218dd23825ac77af2d8def6
2016-07-05Enable DNSSEC validation in unbound (#8214).Micah
Change-Id: Ibdf39a721162b4a5663ef27c27b2db0261c6e8a5
2016-07-05Remove duplicate syslog entry (#8021).Micah
In an attempt to resolve #8021, a template error was made, causing duplicated entries to appear in the rsyslog template. Change-Id: Ic41d6ef9aec9865cf64312c1eb96e408b39d441c
2016-06-30fix static site apache configelijah
2016-06-30Make sure bind9 doesn't take over unbound (#8213).Micah
Change-Id: Icaab817870d005b7a854a3fb8c402705d0b2d77f
2016-06-30Remove bigcouch (#8056)Micah
Change-Id: I0c6e27298c63bd37de1410985d054799818c22a4
2016-06-28Fix for when tor is not an array.Micah
When tor is not configured, then its possible to get this error on deploy: Error: tor is not a hash or array when accessing it with hidden_service at /srv/leap/puppet/modules/site_static/manifests/init.pp:16 on node rewdevstatic1.rewire.org This commit only accesses the array when its enabled. Change-Id: Ia75ac7a51179da980966adba0cc614b9cd642b0c
2016-06-28Make static tor hidden services work (#8212).Micah
When tor hidden services were enabled for static sites, only a very basic configuration was setup and it didn't take into account the different location configurations that can be configured for a static site. This commit resolves that by making a site_static::hidden_service class similar to the site_webapp::hidden_service class, and fixes up the apache vhost template to properly create the location blocks for the hidden service vhost. Change-Id: Ice3586f4173bd2d1bd3defca29d21c7403d5a03a
2016-06-28Stop tor from restarting on every deploy (#8211).Micah
We were creating the hidden service name without a newline, and then tor would be restarted and change the hidden service hostname file to have a newline, which would then require that the next deploy would change that file to not have a newline again. This fixes that problem by making the hostname have a newline so it matches what tor wants. Change-Id: I38f450684d557cf943ec94f2f8e19cda3aefdf66
2016-06-28Reload tor if config or key is changed (#8210).Micah
Change-Id: I3d733b6645c804a5fb337ad4b8edc59a66ad50b5
2016-06-28Make sure bind9 doesn't take over unbound (#8213).Micah
Change-Id: Icaab817870d005b7a854a3fb8c402705d0b2d77f
2016-06-27Fix the permissions on the DOMAIN/provider.json file for static sites.elijah
2016-06-27Lint and Document site_webapp::hidden_servicevarac
2016-06-21Fix hidden service static template (#8203).Micah
Change-Id: Iab9597f5f0336f66df9b73fea9d79c789cbb8302
2016-06-16Disable the Trace method (#8195)Micah
The Trace method is enabled because of the Apache module, but it is not the default in Debian, and it should not be enabled, for more information see the following: https://www.kb.cert.org/vuls/id/867593 Change-Id: I06a06ae679dbf7049f26a017125b61e5e38f6268
2016-06-16Fix matching for cleanup check.Micah
The onlyif check was incorrectly specified in the original implementation in commit id: 15b83d88dcedab496a19cef57f11c5c8e091dd4a this inverts it so it is properly detected. Change-Id: I531e206fff1ca61780adcd195e1f917011e50fb4
2016-06-14[bug] Fix site_obfsproxy services variable lookupvarac
After including everything into a `node default` scope in puppet/manifests/site.pp to make puppet-catalog-test happy (see commit 62ea45d47), we get this error: Error: member(): Requires array to work with at /srv/leap/puppet/modules/site_obfsproxy/manifests/init.pp:14 Moving the `services` hiera avaluation out of the node scope back to top level scope will solve this.
2016-06-14switch to two-space soft tabs to fix lint errorMicah
Change-Id: Ic12b243b195e40482a70dd70219212c3697899ba
2016-06-14make sure required x509 bits are there before stunnel is startedMicah
Change-Id: I772c3b6e489e3c1848c45c6bcaa240324fc88928
2016-06-14Ensure stunnel package, service and default ordering.Micah Anderson
2016-06-14update stunnel module for refresh_stunnel fixesMicah
Change-Id: I7675dbaba4d896a62dab9fcf4817092ea69f1298
2016-06-11Move custom functions to site_config modulevarac
2016-06-11use node default {} in site.pp for catalog testvarac
2016-06-07refresh_stunnel sometimes doesn't run (#8168).Micah
It turns out that in some corner-cases, the script is not called: (1) start the deploy, create files in /var/lib/puppet/stunnel4/config (2) halt puppet before apply finishes (3) re-run deploy in this scenario, next time you run deploy, refresh_stunnel will never get called to populate /etc/stunnel, because the files in /var/lib/puppet/stunnel4/config haven't changed. This problem can be really confusing when it happens. To fix this, we just run refresh_stunnel every, it is pretty fast and the script has more complete logic for what to do than puppet, which has only an asymmetrical view on the situation. Change-Id: I9e5fad1d081c2fe07f3ac8f07cfb87d86b88f7c9
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 06:45:37 +0000