Age | Commit message (Collapse) | Author |
|
|
|
|
|
Change-Id: I975e1bd480d756a85e556b440a0e28e3899c9af8
|
|
|
|
built in file resource of puppet can't be used for what we want, because if you specify $source, it always bombs out if it doesn't exist, regardless of dependencies.
|
|
|
|
Change-Id: I314031d93aa9f4a0f217680870678e39c096d46a
|
|
Change-Id: I03cdb5a6255d245cb1163a30b221b4c32dc4bef6
|
|
|
|
to work with the latest leap_cli.
|
|
change each time you deploy.
|
|
vpn_unlimited_tcp_resolver and vpn_unlimited_udp_resolver are included
|
|
|
|
this ensures that an actual restart is run on the service when config
files are added or removed, instead of relying on the status parameter
of the initscript, which can be confused if config files are removed
out from under it
Change-Id: I1c69fff26933338b707acf7dc4593547f32f92e3
|
|
|
|
Change-Id: I9ed218d9353c05b34d34c363a6a3f10d54b3a60a
|
|
packages that we want to make sure are installed remove packages that were found on vagrant and PC installations that have no business being there
Change-Id: I4887a327ca89eb60945ad817a75ff199859824d3
|
|
unbound
|
|
Due to the fact that /etc/hosts is modified in the early stage setup.pp run and
the stunnel service is not deployed on an initial puppet run, we cannot simply
override the Service['stunnel'] but instead need to trigger a restart through
an exec calling the init script that first tests to see if it is present.
Change-Id: I6bf5dfece9ecbdb8319747774185dec50d5a55f6
|
|
of one of [0]' by putting in the missing closing single quote.
Change-Id: I86feb5d06dd25e28ea67da0b5627e7be4174e01e
|
|
/home/git/repositories/micah/leap_platform into develop
|
|
The problem with puppet's built-in ssh_authorized_key is that you can
purge unmanaged keys in a authorized_keys file. see
https://leap.se/code/issues/3010 for details.
Conflicts:
puppet/modules/site_sshd/manifests/authorized_keys.pp
Change-Id: I640bf7ebc0f0f7fb19cc46feb4cb2702d6561a9b
|
|
. move the setting of the xterm title to site_config::shell
. change the xterm file resource to use standard source lines, switch to single
quotes, quote mode, and line up parameters
. move the mosh pieces into a site_ssh::mosh class and only include it if the
right mosh variable is enabled, passing into the class the necessary hiera parameters
. lint the site_ssh::mosh resources
. change the authorized_keys class to accept the key parameter which is passed
in from the main ssh class (but allow for out of scope variable lookup when the
tag is passed)
Change-Id: Ieec5a3932de9bad1b98633032b28f88e91e46604
|
|
|
|
|
|
(#2984) and the custom_key_dir as a class parameter
remove the global variable from setup.pp and site.pp and instead pass it into the apt class declaration as a parameter
Change-Id: I24806f2fd22b5a066b951c5f76f3dd748481b5b6
|
|
Change-Id: Ia6fc60c0c1fdfa50e1d6d981699c1d8010df63fc
|
|
|
|
Change-Id: I30ca424bd9b89b3e95532e325828982e8e513fc7
|
|
|
|
/etc/apt/preferences file in unattended_upgrades.pp
|
|
|
|
piston cloud
This moves the apt configuration into the setup.pp run, so we can get the
backport source added early which will enable us to install the latest facter
from the backports repository.
Change-Id: I8ccf1a0445dea72f1b94be08484f33e648439ec1
|
|
openstack/amazon instances
The dhclient in these environments is quite aggressive and overwrites the
nameservers we've deliberately chosen to use with google's nameservers. This
commit attempts to fix that.
The dhclient methodology for altering these things is particularly
unpleasant. We effectively redefine the functions that mess with this file to be
noops in the /etc/dhcp/dhclient-enter-hooks.d directory and then we are forced
to restart dhclient by shipping a script that tries to determine the correct PID
and arguments that it was running as before killing and restarting it with the
same arguments.
See debian bugs #681698, #712796 for further discussion about how to make this
less difficult
Change-Id: I51cf40cf98eaddcefd8180e157b6e3ca824173f0
|
|
good. If we search for the word 'tor' we will find it when the variable contains
"monitor".
This commit makes the regular expression more specific based on the word
boundaries.
Change-Id: I4dcd80db7322cabc3f71b77fabf7eacd83b4d572
|
|
|
|
|
|
Change-Id: Idda4e0301b3e349581fef36989706a487b05ecd8
|
|
|
|
/home/git/repositories/micah/leap_platform into develop
|
|
|
|
/home/git/repositories/micah/leap_platform into develop
|
|
and apt has been refreshed
Change-Id: I485420c4ea50f8c3f6699b9b8073dc6c67b7a353
|
|
|
|
accidentally reverted this change
Change-Id: Iebc041cf6fb54b79d75eeabd27410ad953b8e340
|
|
without this rule, one just gets a 'site is unavailable' result
Change-Id: I27b80a0044e9fe4e87e607412c8d0a089d4866a6
|
|
|
|
|
|
setup a /etc/profile.d configuration snippet to put /srv/leap/bin in the $PATH (#2122)
Change-Id: I0afb5232375e6c6d9f692a97243023c710265d54
|
|
Change-Id: If10470978ee31a398e0b88d8d98552c93d4706a2
|